The main purpose is to let Client A connect to Client B through high speed connection (FO) when using specific IP
This is the topology Note :
- VLAN 100 are for internet
- VLAN 300 are network device management port
- VLAN 131 are high speed switch (FO)
- All network device use Mikrotik CHR-6.48.5
The Client A and Client B using static ip for both VLAN 100 and VLAN 131 under single port
Client A cannot ping to INTERSWITCH (192.168.130.1)
Client B can ping to INTERSWITCH (192.168.130.1)
If I remove the connection either SITE1-SWITCH to INETSWITCH or SITE2-SWITCH to INETSWITCH
then both Client A and Client B can communicate to each other using VLAN 131, but at the cost of Client A cannot connect to the internet ( VLAN 100 )
It seems like there is a loop somewhere. But I'm unable to find the problem.
This is the configuration
ROUTER
Code: Select all
/interface bridge
add ingress-filtering=yes name=bridge vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no
set [ find default-name=ether2 ] disable-running-check=no
/interface vlan
add interface=bridge name=vlan-100 vlan-id=100
add interface=bridge name=vlan-300 vlan-id=300
/ip pool
add name=pool0 ranges=172.16.1.2-172.16.1.100
/ip dhcp-server
add address-pool=pool0 disabled=no interface=vlan-100 name=dhcp-compute
/interface bridge port
add bridge=bridge interface=ether2 pvid=300
/interface bridge vlan
add bridge=bridge tagged=bridge,ether2 vlan-ids=100,300
/ip address
add address=192.168.88.1/24 interface=vlan-300 network=192.168.88.0
add address=172.16.1.1/24 interface=vlan-100 network=172.16.1.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=172.16.1.0/24 gateway=172.16.1.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
INETSWITCH
Code: Select all
/interface bridge
add ingress-filtering=yes name=bridge vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no
set [ find default-name=ether2 ] disable-running-check=no
set [ find default-name=ether3 ] disable-running-check=no
/interface vlan
add interface=bridge name=vlan-100 vlan-id=100
add interface=bridge name=vlan-300 vlan-id=300
/interface bridge port
add bridge=bridge interface=ether1 pvid=300
add bridge=bridge interface=ether2 pvid=300
add bridge=bridge interface=ether3 pvid=300
/interface bridge vlan
add bridge=bridge tagged=bridge,ether1,ether2,ether3 vlan-ids=131,100,300
/ip address
add address=192.168.88.100/24 interface=vlan-300 network=192.168.88.0
SITE1-SWITCH
Code: Select all
/interface bridge
add ingress-filtering=yes name=bridge vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no
set [ find default-name=ether2 ] disable-running-check=no
set [ find default-name=ether3 ] disable-running-check=no
set [ find default-name=ether4 ] disable-running-check=no
/interface vlan
add interface=bridge loop-protect=on name=vlan-100 vlan-id=100
add interface=bridge loop-protect=on name=vlan-131 vlan-id=131
add interface=bridge loop-protect=on name=vlan-300 vlan-id=300
/interface bridge port
add bridge=bridge interface=ether1 pvid=300
add bridge=bridge interface=ether2 pvid=100
add bridge=bridge interface=ether3 pvid=100
add bridge=bridge interface=ether4 pvid=131
/interface bridge vlan
add bridge=bridge tagged=bridge,ether2,ether3,ether4 vlan-ids=131
add bridge=bridge tagged=bridge,ether1,ether2,ether3 vlan-ids=100
add bridge=bridge tagged=bridge,ether1 vlan-ids=300
/ip address
add address=192.168.88.101/24 interface=vlan-300 network=192.168.88.0
SITE2-SWITCH
Code: Select all
/interface bridge
add ingress-filtering=yes name=bridge vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no
set [ find default-name=ether2 ] disable-running-check=no
set [ find default-name=ether3 ] disable-running-check=no
set [ find default-name=ether4 ] disable-running-check=no
/interface vlan
add interface=bridge loop-protect=on name=vlan-100 vlan-id=100
add interface=bridge loop-protect=on name=vlan-131 vlan-id=131
add interface=bridge loop-protect=on name=vlan-300 vlan-id=300
/interface bridge port
add bridge=bridge interface=ether1 pvid=300
add bridge=bridge interface=ether2 pvid=100
add bridge=bridge interface=ether3 pvid=100
add bridge=bridge interface=ether4 pvid=131
/interface bridge vlan
add bridge=bridge tagged=bridge,ether1 vlan-ids=300
add bridge=bridge tagged=bridge,ether1,ether2,ether3 vlan-ids=100
add bridge=bridge tagged=bridge,ether2,ether3,ether4 vlan-ids=131
/ip address
add address=192.168.88.102/24 interface=vlan-300 network=192.168.88.0
INTERSWITCH
Code: Select all
/interface bridge
add ingress-filtering=yes name=bridge vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no
set [ find default-name=ether2 ] disable-running-check=no
/interface vlan
add interface=bridge name=vlan-131 vlan-id=131
/interface bridge port
add bridge=bridge interface=ether1 pvid=131
add bridge=bridge interface=ether2 pvid=131
/interface bridge vlan
add bridge=bridge tagged=bridge,ether1,ether2 vlan-ids=131
/ip address
add address=192.168.130.1/23 interface=vlan-131 network=192.168.130.0