I have a RB450Gx4 (AR8327 switch) with ROS v7.2.1 . I use a similar switch/VLAN/bridge configuration: Basic VLAN switching: Other devices with a built-in switch chip.
My ISP's ONT is connected to an access port, so the switch chip should tag incoming frames before forwarding them to the CPU. The packet sniffer reveals that it tags most of them, except PPPoED (EtherType 0x8863). Thus PPPoE connections are impossible to set up.
A workaround I found is to diverge from the above-mentioned configuration and use a VLAN filtered bridge. With that (and frame-types=admit-all) I can add the missing tag in software.
Once the PPPoE connection is running, I can change the bridge port to frame-types=admit-only-vlan-tagged and the connection keeps working. Which confirms that the ether types the switch chip does not tag are only needed for the PPPoE setup phase.
Things I have also checked:
- The ONT only sends untagged frames
- The switch chip correctly tags frames with EtherType: IPv4, IPv6, ARP, PPPoE Session