Community discussions

MikroTik App
 
exit174
just joined
Topic Author
Posts: 3
Joined: Tue Apr 21, 2020 3:19 pm

DHCP Server Problem with VLANs and Bridge

Thu May 21, 2020 7:36 pm

New to Mikrotik and I am trying to mock up a DHCP scenario on an RB750Gr3 (6.46.6), starting from a default configuration. My intention in this mock-up is for Eth1 to be the WAN port (not currently connected), Eth2 to be a routed LAN port (not in a bridge) and Eth3, Eth4 and Eth5 to be in a bridge with VLAN 101 on Eth3 and VLAN 102 on Eth4 and Eth5.

When I plug a client device into Eth2, I get a 192.168.88.x IP leased, as expected. However, I do not get leases on the VLAN 101 or 102 ports. VLAN 101 is to use a private subnet and VLAN 102 is to use a public subnet (call it 11.11.11.xxx). I am sure it is something simple preventing this, but I am not seeing it.

Relevant configuration:
/interface bridge
add admin-mac=nn:nn:nn:nn:nn:nn auto-mac=no comment=defconf name=bridge
/interface vlan
add interface=bridge name=vlan101 vlan-id=101
add interface=bridge name=vlan102 vlan-id=102
/interface bridge port
add bridge=bridge comment=defconf interface=ether3 pvid=101
add bridge=bridge comment=defconf interface=ether4 pvid=102
add bridge=bridge comment=defconf interface=ether5 pvid=102
/interface bridge vlan
add bridge=bridge untagged=ether3 vlan-ids=101
add bridge=bridge untagged=ether4,ether5 vlan-ids=102
#
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2 network=192.168.88.0
add address=11.11.11.193/26 interface=vlan102 network=11.11.11.192
add address=172.16.2.1/24 interface=vlan101 network=172.16.2.0
/ip pool
add name=defconf ranges=192.168.88.10-192.168.88.254
add name=VLAN102_pool ranges=11.11.11.250-11.11.11.254
add name=VLAN101_pool ranges=172.16.2.10-172.16.2.254
/ip dhcp-server
add address-pool=defconf disabled=no interface=ether2 lease-time=30m name=defconf_DHCP
add address-pool=VLAN102_pool bootp-support=none disabled=no interface=vlan102 lease-time=30m name=VLAN102_DHCP
add address-pool=VLAN101_pool bootp-support=none disabled=no interface=vlan101 lease-time=30m name=VLAN101_DHCP
/ip dhcp-client
add comment=defconf disabled=no interface=ether1
/ip dhcp-server network
add address=172.16.2.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=172.16.2.1 netmask=24
add address=11.11.11.192/26 dns-server=8.8.8.8,8.8.4.4 gateway=11.11.11.193 netmask=26
add address=192.168.88.0/24 comment=defconf dns-server=8.8.8.8,8.8.4.4 gateway=192.168.88.1 netmask=24

Thanks for any help.
 
anav
Forum Guru
Forum Guru
Posts: 4261
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: DHCP Server Problem with VLANs and Bridge  [SOLVED]

Sun May 24, 2020 12:30 am

In summary, (1) should fix your issues.
Items 2, is good practice
item 3, is probably not necessary and should only be done if (1) above does not fix the issue.
If Item 3 does not fix it either then go back to the original setting (without tagged bridge).

(1) When finished the vlan configuration you need to add vlan filtering
/interface bridge
add admin-mac=nn:nn:nn:nn:nn:nn auto-mac=no comment=defconf name=bridge vlan-filtering=yes

(2) Good to add this for connections to devices that cannot read vlan tags......
/interface bridge port
add bridge=bridge comment=defconf interface=ether3 pvid=101 frame-types=admit-only-untagged-and-priority-tagged
add bridge=bridge comment=defconf interface=ether4 pvid=102 frame-types=admit-only-untagged-and-priority-tagged
add bridge=bridge comment=defconf interface=ether5 pvid=102 frame-types=admit-only-untagged-and-priority-tagged

(3) Not sure if its necessary so try the above and if it works to your satisfaction, may not need this.

/interface bridge vlan
add bridge=bridge tagged=bridge? untagged=ether3 vlan-ids=101
add bridge=bridge tagged=bridge? untagged=ether4,ether5 vlan-ids=102

(4) I dont see any firewall rules and thus any issue there will remain invisible.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
exit174
just joined
Topic Author
Posts: 3
Joined: Tue Apr 21, 2020 3:19 pm

Re: DHCP Server Problem with VLANs and Bridge

Sun May 24, 2020 4:37 pm

Thank-you anav. I will try your suggestions when I get back into the office on Tuesday. I did not include the firewall rules, since this is a mock-up configuration and I am only testing activity on the LAN side of the network, as the WAN is not connected. The firewall rules in place are only the default configuration ones.
 
exit174
just joined
Topic Author
Posts: 3
Joined: Tue Apr 21, 2020 3:19 pm

Re: DHCP Server Problem with VLANs and Bridge

Tue May 26, 2020 11:58 pm

@anav: Actually your item (3) is required in this scenario. I turned on VLAN Filtering first, but it still didn't work. When I added the bridge as tagged to the bridge vlan(s), it started working. Thanks very much for your help.

Who is online

Users browsing this forum: Jovan5, solar77 and 33 guests