Community discussions

 
marklodge
Member Candidate
Member Candidate
Topic Author
Posts: 198
Joined: Sun Jun 21, 2009 6:15 pm

bridge1 dynamically being added as an untagged port.

Sat Oct 12, 2019 2:29 pm

I am following this: https://wiki.mikrotik.com/wiki/Manual:Bridge_VLAN_Table

It states that:
Note: When frame-type=admit-only-vlan-tagged is used on a port, then the port is not dynamically added as untagged port for the PVID.
But i am still getting it added as an untagged port. What am I missing?
Full export and print below:
# jan/02/1970 00:38:01 by RouterOS 6.44.5

/interface bridge
add frame-types=admit-only-vlan-tagged ingress-filtering=yes name=bridge1 vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] comment=Trunk
set [ find default-name=ether2 ] comment=Sector1-VLAN101
set [ find default-name=ether3 ] comment=Sector2-VLAN102
set [ find default-name=ether4 ] comment=Sector3-VLAN103
set [ find default-name=ether5 ] comment=Sector4-VLAN104
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
/interface vlan
add interface=bridge1 name=vlan99 vlan-id=99
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether4 pvid=103
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether2 pvid=101 tag-stacking=yes
add bridge=bridge1 frame-types=admit-only-vlan-tagged ingress-filtering=yes interface=ether1
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether5 pvid=104
/interface bridge vlan
add bridge=bridge1 tagged=ether1 untagged=ether2 vlan-ids=101
add bridge=bridge1 tagged=ether1 untagged=ether3 vlan-ids=102
add bridge=bridge1 tagged=ether1 untagged=ether4 vlan-ids=103
add bridge=bridge1 tagged=ether1 untagged=ether5 vlan-ids=104
add bridge=bridge1 tagged=ether1,bridge1 vlan-ids=99
/ip address
add address=192.168.99.2/24 interface=vlan99 network=192.168.99.0
/system identity
set name=RB3011-SW
/tool romon
set enabled=yes
/tool romon port
set [ find default=yes ] forbid=yes
add disabled=no interface=vlan99
[admin@RB3011-SW] > interface bridge       
calea  filter  host  mdb  msti  nat  port  settings  vlan  add  comment  disable  edit  enable  export  find  monitor  print  remove  set
[admin@RB3011-SW] > interface bridge port print 
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload 
 #     INTERFACE                                        BRIDGE                                       HW  PVID PRIORITY  PATH-COST INTERNAL-PATH-COST    HORIZON
 0 I   ether4                                           bridge1                                      yes  103     0x80         10                 10       none
 1     ether2                                           bridge1                                      yes  101     0x80         10                 10       none
 2     ether1                                           bridge1                                      yes    1     0x80         10                 10       none
 3     ether5                                           bridge1                                      yes  104     0x80         10                 10       none
[admin@RB3011-SW] > /interface bridge vlan print 
Flags: X - disabled, D - dynamic 
 #   BRIDGE                                     VLAN-IDS  CURRENT-TAGGED                                    CURRENT-UNTAGGED                                   
 0   bridge1                                    101       ether1                                            ether2                                             
 1   bridge1                                    102       ether1                                           
 2   bridge1                                    103       ether1                                           
 3   bridge1                                    104       ether1                                            ether5                                             
 4   bridge1                                    99        bridge1                                          
                                                          ether1                                           
[size=150][b] 5 D bridge1                                    1                                                           bridge1                         [/b][/size]                   
[admin@RB3011-SW] > 
 
mkx
Forum Guru
Forum Guru
Posts: 2948
Joined: Thu Mar 03, 2016 10:23 pm

Re: bridge1 dynamically being added as an untagged port.

Sat Oct 12, 2019 6:25 pm

Bridge interface, which gets created implicitly for any bridge bridge, is implicitly created as untagged member of VLAN with VID=1 (which makes using VLAN VID=1 in the rest of config so exciting). You can change that if you set pvid on bridge interface to something else ... but you can not make bridge interface tagged-only ...

Bridge, having split personallity (it is both interface and switch-like creature), is a constant source of confusion ... because the fact that it is also an interface is not widely advertised. And the interface personallity is created implicitly with some defaults hence most administrators get confused about when they're configuring interface and when they're configuring switch-like part. And they get confused because the defaults are not clearly observable.
BR,
Metod
 
anav
Forum Guru
Forum Guru
Posts: 2968
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: bridge1 dynamically being added as an untagged port.

Sun Oct 13, 2019 3:03 am

In other words, its normal behaviour.
Good idea to let vlan1 and its defaults to remain as things just work well.
Also helps when connecting to other vlan capable devices, switches capac etc, that also have vlan1 defaults.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
marklodge
Member Candidate
Member Candidate
Topic Author
Posts: 198
Joined: Sun Jun 21, 2009 6:15 pm

Re: bridge1 dynamically being added as an untagged port.

Sun Oct 13, 2019 5:19 pm

Bridge interface, which gets created implicitly for any bridge bridge, is implicitly created as untagged member of VLAN with VID=1 (which makes using VLAN VID=1 in the rest of config so exciting). You can change that if you set pvid on bridge interface to something else ... but you can not make bridge interface tagged-only ...

Bridge, having split personallity (it is both interface and switch-like creature), is a constant source of confusion ... because the fact that it is also an interface is not widely advertised. And the interface personallity is created implicitly with some defaults hence most administrators get confused about when they're configuring interface and when they're configuring switch-like part. And they get confused because the defaults are not clearly observable.
Does this mean the wiki is incorrect?
 
mkx
Forum Guru
Forum Guru
Posts: 2948
Joined: Thu Mar 03, 2016 10:23 pm

Re: bridge1 dynamically being added as an untagged port.

Sun Oct 13, 2019 6:30 pm

Does this mean the wiki is incorrect?
Which part of which document do you have in mind?
BR,
Metod
 
marklodge
Member Candidate
Member Candidate
Topic Author
Posts: 198
Joined: Sun Jun 21, 2009 6:15 pm

Re: bridge1 dynamically being added as an untagged port.

Sun Oct 13, 2019 6:55 pm

Does this mean the wiki is incorrect?
Which part of which document do you have in mind?
Please refer to attached pic
You do not have the required permissions to view the files attached to this post.
 
mkx
Forum Guru
Forum Guru
Posts: 2948
Joined: Thu Mar 03, 2016 10:23 pm

Re: bridge1 dynamically being added as an untagged port.

Sun Oct 13, 2019 9:13 pm

As it turns out my belief was inacurate. If I changed setting on bridge to frame-types=admit-only-vlan-tagged then the implicitly set vlan (implicit pvid=1 setting on bridge) disapears from output of command /interface bridge vlan print. Which means wiki is right and I was wrong, one can create tagged-only bridge interface.

Note that I executed set [ find bridge=bridge ] frame-types=admit-only-vlan-tagged after bridge was all set up. Could be that setting the same at bridge creation time triggers some bug in ROS? If you believe you found a bug, report it to support@mikrotik.com ...
BR,
Metod

Who is online

Users browsing this forum: MSN [Bot] and 10 guests