Sun Oct 17, 2021 4:42 pm
Without knowing the full config I would hedge my bets but in general you can combine vlan-ids IF and only IF the ports are identical for all vlans.
Since these are trunk ports, this is a very real possibility.
both config are wrong anyway
Version 1:
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1,sfp1 vlan-ids=100
add bridge=bridge1 tagged=bridge1,ether1,sfp1 vlan-ids=200
Version 2:
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1,sfp1 vlan-ids=100,200
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Lets say ether1 also carried vlan 30
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1,sfp1 vlan-ids=100,200
add bridge=bridge1 tagged=bridge1,ether1 vlan-ids=30
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Now lets add in the bridge ports to the discussion
add bridge=bridge1 interface=ether1 ingress-filtering=yes frame-types=admit-only-vlan-tagged {trunk port}
add bridge=bridge1 interface=sfp1 ingress-filtering=yes frame-types=admit-only-vlan-tagged {trunk port}
add bridge=bridge1 interface=wlan1 pvid=100 ingress-filtering=yes frame-types=admit-only-priority-and-untagged
add bridge=bridge1 interface=wlan2 pvid=200 ingress-filtering=yes frame-types=admit-only-priority-and-untagged
Now its clear that the ports for the two VLANS differ vlan100 doenst just go through ether1 and sfp1 but also through wlan1
and similarly vlan200 goes through ether1,sfp1 and also through wlan2. Thus clearly method 2 will NOT work here.
Thus this is how I normally write my rules:
/interface bridge vlan
add bridge=bridge1 tagged=bridge1ether1,sfp1 untagged=wlan1 vlan-ids=100
add bridge=bridge1 tagged=bridge1,ether1,sfp1 untagged=wlan2 vlan-ids=200
However, since the router dynamically creates the untagged part of that rules due to the bridge port construction the rule can look like so
/interface bridge vlan
add bridge=bridge1 tagged=bridge1ether1,sfp1 vlan-ids=100
add bridge=bridge1 tagged=bridge1,ether1,sfp1 vlan-ids=200
I personally dont write it like this as I like to write it out manually and that way its clearer to me when I cross check against my bridge ports and reading other peoples configs.
In this case you are asking the question probably because you were not aware of these facts............
So now you know, you can combine vlan ids for trunk ports but as soon as a vlanid also hits an access port, then you have to separate out the bridge vlan config.