Community discussions

MikroTik App
  4. RouterOS
  5. General

Completely failing at the terminal  [SOLVED]

Post Reply
 
joshhboss
Member Candidate
Member Candidate
Topic Author
Posts: 274
Joined: Thu Aug 01, 2019 2:13 pm

Completely failing at the terminal

Sat Jun 11, 2022 5:09 am

I am just trying to practice with the terminal in the event that I get locked out and at the very least id like to be able to quickly change a port to be an access point for the management vlan. but when I try and edit the port it asks me for numbers or values and I totally dont know where to go next. I even do an export and just and edit the config to apply to the port I want and it fails.
add bridge=bridge comment=defconf frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether6 pvid=200
when trying to just change a port to be on the vlan I need and I get this
[admin@24PortPoeMikroTik] /interface bridge port> add bridge=bridge comment=defconf frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=ether6 pvid=20
0
failure: device already added as bridge port
[admin@24PortPoeMikroTik] /interface bridge port>
Ive tried playing with the edits and I get nothing. helpppp
Top
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: Completely failing at the terminal  [SOLVED]

Sat Jun 11, 2022 8:29 am

edit is used to interactively change the value of a single column of a configuration row; it is useful to change e.g. scripts or user passwords.
add is used to create a new configuration row
set is used to change column values on an existing configuration row
remove is used to remove a configuration row

To indicate an existing configuration row for a change, you can use two ways:
  • a "human" one - first, use /interface bridge port print to show a numbered list of the rows; the row numbers are assigned dynamically at each print and they are only valid in the scope of the terminal session where you've printed them and only remain valid until you print the same configuration table in the same terminal session again. They are aliases to internal IDs which are static. If the row number shown for ether6 is, say, 4, use /interface bridge port set 4 pvid=20 to change the pvid value on that row
  • a "machine" one - use the find function to match a row by value(s) of its columns: /interface bridge port set [find where interface=ether6 and bridge=bridge] pvid=20 (the keyword where is not always mandatory, and is the default logical operator between the search term primitives - you can use other logical operators and parentheses to construct more complex search terms).

    You can use regular expression pattern matching for find - interface~"her6" would match ether6, ether6x, ether6xx, other6 ...; you can change multiple rows using a single set command, as the numbers parameter of the set (and remove) commands can be a list. find always returns a list, but it may be empty or contain just a single element.

    You can use the same set command to change value of multiple columns at a time.

    When manipulating rows whose order matters (like firewall rules, IPsec policies, routing rules), you can use move to move a list of rows in their original mutual order before another row specified as destination.
Top
 
joshhboss
Member Candidate
Member Candidate
Topic Author
Posts: 274
Joined: Thu Aug 01, 2019 2:13 pm

Re: Completely failing at the terminal

Sat Jun 11, 2022 10:36 pm

@sindy

That worked perfectly. Wonder if you could help me with one more thing. Im trying to lets say remove a vlan from being tagged on multiple interfaces at the same time. is there some sort of way to do that.. something like I dunno..

/interface bridge vlan> remove 1,2,3,4,5 tagged=140

?
Top
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: Completely failing at the terminal

Sat Jun 11, 2022 11:04 pm

remove works on whole rows, not on items on a list in a column. Also, there are no VLAN IDs in the tagged list on /interface bridge vlan rows, and each VLAN ID can appear on at most one row for the same bridge.

So post the output of /interface bridge vlan print to show what's your actual configuration.
Top
 
joshhboss
Member Candidate
Member Candidate
Topic Author
Posts: 274
Joined: Thu Aug 01, 2019 2:13 pm

Re: Completely failing at the terminal

Sun Jun 12, 2022 2:18 am

@sindy
So for example I have the first few ports on my CRS317-16S+ acting as access ports.. just accepting internet and then give them to my routers on vlan 600 like
add bridge=bridge comment=defconf edge=yes frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=Hotwire-sfpplus1 pvid=600
add bridge=bridge comment=defconf frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=sfp-sfpplus2 pvid=600
add bridge=bridge comment=defconf frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=sfp-sfpplus3 pvid=600
add bridge=bridge comment=defconf frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=sfp-sfpplus4 pvid=600
add bridge=bridge comment=defconf frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=sfp-sfpplus5 pvid=600
but I just noticed that those interfaces have vlans tagged on them and there are few.. I was just wondering if there was a way to remove all the tags, I want to stay with good practice and if a port doesnt need a tag, then I wont use. (unless it doesnt matter) but ive been told it does. below are how some of the vlan tags look
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=30
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=40
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=50
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=60
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=69
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=70
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=79
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=80
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=90
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=100
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=110
add bridge=bridge tagged="Hotwire-sfpplus1,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,Mikr\
otik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" untagged=sfp-sfpplus2 vlan-ids=130
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=140
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=150
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=160
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=169
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=170
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=179
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=180
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=190
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=210
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=230
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sf\
pplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16" vlan-ids=240
add bridge=bridge disabled=yes tagged="Hotwire-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,sfp-sfpplus5,sfp-sfpplus
wasn't a complete copy of the export but I think you'd get the idea. lol

Thank you
Top
 
sindy
Forum Guru
Forum Guru
Posts: 10206
Joined: Mon Dec 04, 2017 9:19 pm

Re: Completely failing at the terminal

Sun Jun 12, 2022 9:31 am

I want to stay with good practice and if a port doesnt need a tag, then I wont use. (unless it doesnt matter) but ive been told it does.
Of course excluding ports from VLANs matters for security and for traffic conservation (you don't broadcast traffic of VLANs that are not necessary on the port).

It is relatively simple to remove ports from VLANs if the list of ports for each VLAN ID is the same, like it seems to be in your case, as you can replace the tagged list on all the rows with a new one:
Code: Select all
/interface bridge vlan set [find] tagged="sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus10,sfp-sfpplus11,sfp-sfpplus12,Mikrotik24p-sfp+13,PFWan-SFP+14,Er6-WAN-sfp+15,ER4Wan-SFP+16"
It is still relatively simple if you want to add a single port (or group of ports) to several VLANs whose current tagged lists differ:
Code: Select all
/interface bridge vlan {
  :foreach vlanRow in=[find where vlan-ids~"^(69|70)\$"] do={
    set $vlanRow tagged=([get $vlanRow tagged],"sfp-sfpplus2","sfp-sfpplus3")
  }
}
But if you wanted to remove some ports from tagged lists that are not the same, you'd need another inner cycle for list processing (string manipulation using find and pick would work too as the conversion between lists and strings is fluid in this particular case, but the list processing approach seems easier to understand to me):
Code: Select all
/interface bridge vlan {
  :foreach vlanRow in=[find where vlan-ids~"^(69|70)\$"] do={
    :local newList [:toarray ""]
    :foreach ifName in=[get $vlanRow tagged] do={
      :if (!($ifName~"^(sfp-sfpplus2|sfp-sfpplus3)\$")) do={
        :set newList ($newList,$ifName)
      }
    }
    set $vlanRow tagged=$newList
  }
}
Top
Post Reply

Who is online

Users browsing this forum: fhuladaq, Kanzler and 47 guests
  4. RouterOS
  5. General