Hi
I am still new to MikroTik Routers and Switches
I have an Mikrtik RB4011 Router and MikroTik CSS326-24G-2S+RM Switch and a TP-Link TL-SG105PE Switch
normally I would create all the VLANs on a particular port on the Mikrotik RB4011 for example Port 3
And the cable from spf port on Mikrotik RB4011 to a port on the switch and then if I had a second switch I would plug into port on first switch
I am wanting to change this and have for example Port 5 and 10 on the MikroTik RB4011 setup with all the VLANs on both and each of those ports plugs into each of the switches
Reason for this is if one switch goes down the other one is still working.
How would I go about doing this?
Also is their is specific setup for the CSS326-24G-2S+RM in terms of creating a Trunk Port and the ports I want to have on particular VLANs
-
-
ConnyMercier
Forum Veteran
- Posts: 725
- Joined:
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
Solution A:
You can simply create a bridge for each VLAN and
assign the VLAN-Interfaces to them.
For exemple :
The only problem with Solution A is that,
everything has to go thru the CPU of the RB4011.
For some small application that usually no problem.
In your case with a RB4011 take advantage of the Hardware and
use Solution B.
Solution B:
The RB4011 has a switch Chip and can do Bridge Hardware Offloading.
It's a bit more complicated, but all L2-Funktion will be handel from the switch-Chip
So the CPU is free to handel other tasks like Firewall, QoS, Routing, ...
If you need help with the config of Solution B,
we are going to need an Export of you config (/export hide-sensitive file=anynameyouwish)
Some Reading Material :
VLAN bible: viewtopic.php?t=143620
HW-Offload: https://help.mikrotik.com/docs/display/ ... p+Features
Wiki bridge-vlan: https://help.mikrotik.com/docs/display/ ... VLAN+Table
You can simply create a bridge for each VLAN and
assign the VLAN-Interfaces to them.
For exemple :
Code: Select all
/interface bridge
add name=bridge_vlan100
add name=bridge_vlan200
/interface bridge port
add bridge=bridge_vlan100 interface=ether5_vlan100
add bridge=bridge_vlan100 interface=ether10_vlan100
add bridge=bridge_vlan200 interface=ether5_vlan200
add bridge=bridge_vlan200 interface=ether10_vlan200everything has to go thru the CPU of the RB4011.
For some small application that usually no problem.
In your case with a RB4011 take advantage of the Hardware and
use Solution B.
Solution B:
The RB4011 has a switch Chip and can do Bridge Hardware Offloading.
It's a bit more complicated, but all L2-Funktion will be handel from the switch-Chip
So the CPU is free to handel other tasks like Firewall, QoS, Routing, ...
If you need help with the config of Solution B,
we are going to need an Export of you config (/export hide-sensitive file=anynameyouwish)
Some Reading Material :
VLAN bible: viewtopic.php?t=143620
HW-Offload: https://help.mikrotik.com/docs/display/ ... p+Features
Wiki bridge-vlan: https://help.mikrotik.com/docs/display/ ... VLAN+Table
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
Hi
Solution B sounds like what I need
I don't have anything really configured on the RB4011 as I have just go it and playing around
I was looking at having the following VLANs setup
MGMT - 10.1.8.0/24 - IP 192.168.100.254 (Router and Switches and Access Points would get IP from this range then I would statically assign IP for these devices.
LAN - VLAN 100 10.8.100.0/24 - IP 10.8.100.254
Guest Wifi - VLAN 110 10.8.110.0/24 IP 10.8.110.254
Server VLAN 200 10.200.0.0/24 IP 10.200.0.254
Each VLAN would have its own DHCP configured.
Any help would be apricated to get started.
Regards
Matthew
Solution B sounds like what I need
I don't have anything really configured on the RB4011 as I have just go it and playing around
I was looking at having the following VLANs setup
MGMT - 10.1.8.0/24 - IP 192.168.100.254 (Router and Switches and Access Points would get IP from this range then I would statically assign IP for these devices.
LAN - VLAN 100 10.8.100.0/24 - IP 10.8.100.254
Guest Wifi - VLAN 110 10.8.110.0/24 IP 10.8.110.254
Server VLAN 200 10.200.0.0/24 IP 10.200.0.254
Each VLAN would have its own DHCP configured.
Any help would be apricated to get started.
Regards
Matthew
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
The vlan bible is where I would go above.
No sure about HW offload but since one switchchip on the router is on ports 10-5 and the other switchchip is ports 6-10,
perhaps consider two bridges
2-5 and 6-10.
Grouping the managed switches off these ports such that the majority of traffic is
First on the same managed switch (majority of traffic within the vlan)
Second majority of traffic on managed switches on the same Bridge (same router switch chip). So in otherwords majority of vlan crosstalk is on same bridge.
This is my simple stupid attempt to maximize efficiency.
No sure about HW offload but since one switchchip on the router is on ports 10-5 and the other switchchip is ports 6-10,
perhaps consider two bridges
2-5 and 6-10.
Grouping the managed switches off these ports such that the majority of traffic is
First on the same managed switch (majority of traffic within the vlan)
Second majority of traffic on managed switches on the same Bridge (same router switch chip). So in otherwords majority of vlan crosstalk is on same bridge.
This is my simple stupid attempt to maximize efficiency.
-
-
ConnyMercier
Forum Veteran
- Posts: 725
- Joined:
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
I hope this helps ...
Step 1: Create Bridge
Step 2: Create VLAN-Interfaces
Step 3: Assign IP-Addresses on Interfaces
Step 4: Create DHCP-Server
Step 5: Bridge VLAN-Filtering
Step 6: Assign Interface to Bridge
Step 1: Create Bridge
Code: Select all
/interface bridge
add name=bridge1 vlan-filtering=yesCode: Select all
/interface vlan
add comment="LAN" interface=bridge1 name=bridge1_vlan100 vlan-id=100
add comment="Guest Wifi" interface=bridge1 name=bridge1_vlan110 vlan-id=110
add comment="Server" interface=bridge1 name=bridge1_vlan200 vlan-id=200Code: Select all
/ip address
add address=10.8.100.254/24 comment="LAN (vlan100)" interface=bridge1_vlan100 network=10.8.100.0
add address=10.8.110.254/24 comment="Guest Wifi (vlan110)" interface=bridge1_vlan110 network=10.8.110.0
add address=10.200.0.254/24 comment="Server (vlan200)" interface=bridge1_vlan200 network=10.200.0.0
add address=192.168.100.254/24 comment=MGMT interface=bridge1 network=192.168.100.0Code: Select all
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge1 name=dhcp1
add address-pool=dhcp_pool1 disabled=no interface=bridge1_vlan100 name=dhcp2
add address-pool=dhcp_pool2 disabled=no interface=bridge1_vlan110 name=dhcp3
add address-pool=dhcp_pool3 disabled=no interface=bridge1_vlan200 name=dhcp4
/ip dhcp-server network
add address=10.8.100.0/24 dns-server=10.8.100.254 gateway=10.8.100.254
add address=10.8.110.0/24 dns-server=10.8.110.254 gateway=10.8.110.254
add address=10.200.0.0/24 dns-server=10.200.0.254 gateway=10.200.0.254
add address=192.168.100.0/24 dns-server=192.168.100.254 gateway=192.168.100.254Code: Select all
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether6,ether7,ether8,ether9,ether10 vlan-ids=100
add bridge=bridge1 tagged=bridge1,ether6,ether7,ether8,ether9,ether10 vlan-ids=110
add bridge=bridge1 tagged=bridge1,ether6,ether7,ether8,ether9,ether10 vlan-ids=200Code: Select all
/interface bridge port
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8
add bridge=bridge1 interface=ether9
add bridge=bridge1 interface=ether10
Last edited by ConnyMercier on Fri Oct 29, 2021 4:44 am, edited 2 times in total.
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
Solution B:
The RB4011 has a switch Chip and can do Bridge Hardware Offloading.
I'm all for solution B. And I'd dare to use single bridge for all ports (governed by both switch chips).
Two gotchas: HW offload is only available in ROS v7.1rc and I'd be a bit careful running it right now. But by all means do it if you like to be on cutting edge. The second gotcha: running single bridge over multiple switch chips means traffic between the two port groups will be handled by CPU. But then RB4011 has quite some oomph so if one connects devices wisely, the slowdown should not be noticeable. In ROS v6 when running VLANs all the bridging is done by CPU and it ain't slow either.
-
-
ConnyMercier
Forum Veteran
- Posts: 725
- Joined:
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
Oh man, sorry ! :(
Forgot the RB40011 has 2 Switch-Chips
RTL8367 (ether1-ether5) and RTL8367 (ether6-ether10)
@mkx :
I though L2-Hardware offloading was posible in ROS6.X
Did i missunderstand the Wiki?
(https://help.mikrotik.com/docs/display/ ... p+Features)
Forgot the RB40011 has 2 Switch-Chips
RTL8367 (ether1-ether5) and RTL8367 (ether6-ether10)
@mkx :
I though L2-Hardware offloading was posible in ROS6.X
Did i missunderstand the Wiki?
(https://help.mikrotik.com/docs/display/ ... p+Features)
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
Thank you all for your recommendations and config I will try it later today
Regarding the comment that the RB4011 has two switch chips should I assume its best to plug in the two switches for example in Port 4 and 5? So they are on the same switch chip?
Regards
Matthew
Regarding the comment that the RB4011 has two switch chips should I assume its best to plug in the two switches for example in Port 4 and 5? So they are on the same switch chip?
Regards
Matthew
-
-
ConnyMercier
Forum Veteran
- Posts: 725
- Joined:
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
Good Morning,
So i corrected my Forum-Post #5 to only use one Switch-Chip.
ether-6 thru ether10 are assigned the bridge
Use ether1 thru ether5 for WAN, MNGT and co.
So i corrected my Forum-Post #5 to only use one Switch-Chip.
ether-6 thru ether10 are assigned the bridge
Use ether1 thru ether5 for WAN, MNGT and co.
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
No, under ROSv6 the RTL8367 switch chip in RB4011 is treated as being dumb a$$ ... it's not even possible to configure VLANs directly in /interface ethernet switch submenu, similar to what's possible with switch chips from Qualcomm (varous AR chips). And a comment below the table on wiki page does mention 7.1rc2 (or some such, at this moment wiki is malfunctioning and I can't verify exact version) as version introducing L2 HW offload on this device. [*]I though L2-Hardware offloading was posible in ROS6.X
Did i missunderstand the Wiki?
(https://help.mikrotik.com/docs/display/ ... p+Features)
But anyway, if @OP proceds configuring his device with single bridge and VLAN filtering, then performance will sky-rocket after upgrade to v7 without need to change anything else.
[*] Edit: wiki started to work, so I could verify: note 3 says bridge VLAN HW offload was introduced in v7.1rc1 for RTL switch chip. Sonehow understatement because it lacks noticing that HW VLAN support was not available before that.
Last edited by mkx on Fri Oct 29, 2021 8:38 pm, edited 2 times in total.
-
-
ConnyMercier
Forum Veteran
- Posts: 725
- Joined:
Re: Setting up VLANs on RB4011 on Multiple Ports for Switches
@mkx:
Thanks again for the clarification
I adjusted my Exemple to use only one bridge and VLAN filtering!
Now we just have to way for v7 to be released as Stable =)
Thanks again for the clarification
I adjusted my Exemple to use only one bridge and VLAN filtering!
Now we just have to way for v7 to be released as Stable =)
Who is online
Users browsing this forum: Google [Bot], jh1 and 75 guests