Community discussions

 
datajerk
newbie
Topic Author
Posts: 34
Joined: Sun Aug 28, 2016 1:02 am

CRS326 RouterOS VLAN translation

Mon Sep 04, 2017 11:26 pm

Hi,

The following works with my CRS125, but not CRS326:
/interface ethernet switch egress-vlan-translation add customer-vid=19 new-customer-vid=0 ports=ether16
/interface ethernet switch ingress-vlan-translation add customer-vid=0 new-customer-vid=19 ports=ether16
What is the equivalent for the 326 with RouterOS?

https://wiki.mikrotik.com/wiki/Manual:CRS_examples, does state This article applies to CRS1xx and CRS2xx series switches and not to CRS3xx series switches. So, where's the CRS3xx examples?

Thanks.
 
idlemind
Forum Guru
Forum Guru
Posts: 1102
Joined: Fri Mar 24, 2017 11:15 pm
Location: USA

Re: CRS326 RouterOS VLAN translation

Tue Sep 05, 2017 12:49 am

Switch to the 6.41rc code that contains the new VLAN aware and hw-offload bridge.

The configuration is a standardized one that is much simpler. It's the same across models.
 
datajerk
newbie
Topic Author
Posts: 34
Joined: Sun Aug 28, 2016 1:02 am

Re: CRS326 RouterOS VLAN translation

Tue Sep 05, 2017 3:23 am

Switch to the 6.41rc code that contains the new VLAN aware and hw-offload bridge.

The configuration is a standardized one that is much simpler. It's the same across models.
Hi, thanks. I should have mentioned that I am using 6.41rc. I am also not very familiar with how to do VLAN translation on the other models.

I managed to get it working by creating a 2nd bridge and putting the port and the target VLAN on the same bridge. However the performance is poor. When trying to push 1GE through, the CPU is at close to 100% and the throughput is ~850 mbit/s. I have hw-offload selected, but it shows as "not Hw, offload". Lastly there is no option in creating a bridge to specify that it is an hw-offload bridge. Anything on the first bridge is listed as hw-offload. Looking at an export of the config I cannot see much of a difference between the two bridges.

Thanks.

P.S. bridge ports:
14     ether15                      bridge20                  yes    1     0x80         10                 10       none
15 I H ether16                      bridge1                   yes    1     0x80         10                 10       none
16 I H ether17                      bridge1                   yes    1     0x80         10                 10       none
17 I H ether18                      bridge1                   yes    1     0x80         10                 10       none
18 I H ether19                      bridge1                   yes    1     0x80         10                 10       none
19 I H ether20                      bridge1                   yes    1     0x80         10                 10       none
20 I H ether21                      bridge1                   yes    1     0x80         10                 10       none
21 I H ether22                      bridge1                   yes    1     0x80         10                 10       none
22 I H ether23                      bridge1                   yes    1     0x80         10                 10       none
23 I H ether24                      bridge1                   yes    1     0x80         10                 10       none
24   H sfp-sfpplus1                 bridge1                   yes    1     0x80         10                 10       none
25 I H sfp-sfpplus2                 bridge1                   yes    1     0x80         10                 10       none
26     vlan20                       bridge20                  yes    1     0x80         10                 10       none
 
idlemind
Forum Guru
Forum Guru
Posts: 1102
Joined: Fri Mar 24, 2017 11:15 pm
Location: USA

Re: CRS326 RouterOS VLAN translation

Tue Sep 05, 2017 6:46 pm

The H on the left indicates HW offload is active for that port. You can toggle it on and off with the hw-offload=yes/no option. If you set hw-offload to yes RouterOS still makes a decision about whether or not your configuration is viable for hw-offlaod and that is represented by the H to the left.

An example, my RB750Gr3 has crap for a switch chip so even though I've set hw-offload=yes for my ports they largely indicate no acceleration because I have enabled MST and connected the ports to a Cisco switch (trunk links).

By separating ether15 out into another bridge it seems you've passed the conditions of hw-offload as indicated by your /interface bridge port print command. The last thing, regardless of old fashioned switch chip configuration or the new VLAN aware bridging any layer 3 (inter-VLAN) routing is always performed by the CPU and is therefore limited by the CPU.

Now your original post, is the question how to make a port an access port for a VLAN other than the bridge's PVID (untagged at the bridge)? If so, have a look at the example below. We'll create an environment with 3 VLANs, 1 will be used for untagged traffic on the bridge (default behavior, shouldn't be used for customer traffic per best practices), 11 will be for one building and 12 for a second building. VLAN11 will be 10.1.11.0/24 and VLAN12 will be 10.1.12.0/24. The ether2 interface will be an access port (untagged) for VLAN11, ether3 will be an access port (untagged) for VLAN12 and ether4 will be a trunk (Cisco) with VLAN1 as the untagged VLAN and VLANs 11 and 12 tagged.
/interface bridge add name=br1 igmp-snooping=no vlan-filtering=no

/interface bridge port add bridge=br1 hw=yes interface=ether2 pvid=11
/interface bridge port add bridge=br1 hw=yes interface=ether3 pvid=12
/interface bridge port add bridge=br1 hw=yes interface=ether4 pvid=1

/interface bridge vlan add bridge=br1 vlan-ids=1 untagged=br1,ether4
/interface bridge vlan add bridge=br1 vlan-ids=11 untagged=ether2 tagged=br1,ether4
/interface bridge vlan add bridge=br1 vlan-ids=12 untagged=ether3 tagged=br1,ether4

/interface vlan add interface=br1 vlan-id=11 name=br1-vlan11
/interface vlan add interface=br1 vlan-id=12 name=br1-vlan12

/ip address add interface=br1-vlan11 address=10.1.11.254/24
/ip address add interface=br1-vlan12 address=10.1.12.254/24

/interface bridge set br1 vlan-filtering=yes
In other words, you really only need 1 bridge with multiple VLANs not a VLAN per bridge. Their was a legacy way to do software only VLANs by having a bridge for each VLAN but that is long dead with the 6.41rc+ bridges thankfully.
 
datajerk
newbie
Topic Author
Posts: 34
Joined: Sun Aug 28, 2016 1:02 am

Re: CRS326 RouterOS VLAN translation

Tue Sep 05, 2017 11:53 pm

Thanks. Got it working. The only difference in my config is vlan-filtering=yes.

I used the following:

https://wiki.mikrotik.com/wiki/Manual:I ... _Filtering

Thanks again.
 
idlemind
Forum Guru
Forum Guru
Posts: 1102
Joined: Fri Mar 24, 2017 11:15 pm
Location: USA

Re: CRS326 RouterOS VLAN translation

Wed Sep 06, 2017 12:08 am

Yup, you'll see I toggle it to no first then to yes when I have the rest of the configuration ready. Glad to hear you got your setup working!

Who is online

Users browsing this forum: MSN [Bot] and 91 guests