Community discussions

MikroTik App
 
sami935
just joined
Topic Author
Posts: 6
Joined: Thu Aug 25, 2022 4:49 pm

mikrotik CRS305-1G-4S+ and 8+

Fri Aug 26, 2022 6:49 pm

Greetings,

I am an intern and the company sent me to get some users vlans on their network ,
the problem is they are using mirotik CRS305-1G-4S+ and 8+ and I found it very difficult to find where to assign the vlan ports and where to make the tag and untagged ports
any help will be appreciated
.
the topology is like this :

pfsense --> mikrotik 8+ -->mikrotik 4+ -->then to the computers.

i am trying to get the vlans ex:10,50 on the mikrotik 4+ but as I mentioned I didn't the ports to assign the vlans to them and I didn't find where to make the mikrotik 8+ tagged port so it can send the vlans to the second switch

again this is the topology used :

pfsense --> mikrotik 8+ -->mikrotik 4+ -->then to the computers.

and the used OS is windows .

thanks in advance for your help or advice.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: mikrotik CRS305-1G-4S+ and 8+

Fri Aug 26, 2022 6:53 pm

Just search on forum, are FULL of topic and guides about that.
 
sami935
just joined
Topic Author
Posts: 6
Joined: Thu Aug 25, 2022 4:49 pm

Re: mikrotik CRS305-1G-4S+ and 8+

Fri Aug 26, 2022 7:18 pm

Just search on forum, are FULL of topic and guides about that.
can you please share some I searched and didn't find any.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: mikrotik CRS305-1G-4S+ and 8+

Fri Aug 26, 2022 7:24 pm

There's big thread Using RouterOS to VLAN your network. Also manual, which people seem to underestimate, has some nice and I'd say easy to understand examples.
 
sami935
just joined
Topic Author
Posts: 6
Joined: Thu Aug 25, 2022 4:49 pm

Re: mikrotik CRS305-1G-4S+ and 8+

Fri Aug 26, 2022 7:31 pm

thank you for reply I already went through these tutorials but i find it very difficult to implement since I am still learning can you please make it easier to understand and implement and thank you
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: mikrotik CRS305-1G-4S+ and 8+

Fri Aug 26, 2022 7:37 pm

... can you please make it easier to understand and implement ...
It is time for you to take courses,
if you are an intern there in the company,
what does the internship base it on, if they ask you to do something that you still don't know how to do?
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: mikrotik CRS305-1G-4S+ and 8+

Fri Aug 26, 2022 10:06 pm

Just try a bit harder, it's not difficult. If you have basic idea about VLANs (what it is, tagged, untagged), then:

1) If there's only one physical interface involved, then all you need to do is e.g:
/interface vlan
add interface=ether1 name=vlan10 vlan-id=10
and you'll have tagged VLAN 10 on top of ether1 and interface named vlan10 to access it. Now forget about this for a moment.

2) If you need to use more than one physical interface, you need bridge to put them together:
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
This step is intentionally incomplete. When doing it for real, remember that wrong (or incomplete/unfinished) config can easily lock you out, so it's best to configure bridge when you're not connected to one of its ports.

3) Then define what VLANs you want, where you want them, and in what form:
/interface bridge vlan
add bridge=bridge1 vlan-ids=10 tagged=ether1 untagged=ether2
add bridge=bridge1 vlan-ids=11 tagged=ether1 untagged=ether3
Simple, right?

4) To slightly complicate it (I don't want to, but unfortunately it's like that), untagged VLANs are not defined exactly as shown in step 3. You can keep it like that (it may be good idea, to clearly show your intentions), but you also need to define untagged VLAN assignment for each port using its pvid parameter like this (it completes step 2):
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2 pvid=10
add bridge=bridge1 interface=ether3 pvid=11
If omitted, pvid defaults to 1.

5) Configuration so far (steps 2-3) was only for router itself not participating in those VLANs, i.e. it acts only as managed switch. Sometimes it's enough. If you want router to participate (e.g. for routing between VLANs), you need VLAN interfaces, same as in step 1. But where to put them? On bridge interface of course, because it also acts as another port:
/interface vlan
add interface=bridge1 name=vlan10 vlan-id=10
add interface=bridge1 name=vlan11 vlan-id=11
But it won't work. You may notice that bridge also has pvid parameter, same as its ports. Which means that by default, bridge interface is untagged access port for VLAN 1 and there are no other VLANs available on it. Which can be fixed by slight modification of config from step 3:
/interface bridge vlan
add bridge=bridge1 vlan-ids=10 tagged=bridge1,ether1 untagged=ether2
add bridge=bridge1 vlan-ids=11 tagged=bridge1,ether1 untagged=ether3
Now you have interface bridge1 with tagged VLANs 10 and 11 (and unused untagged VLAN 1), and interfaces vlan10 and vlan11 to access those VLANs.

6) That's it for basics, THE (happy) END.

Who is online

Users browsing this forum: BioMax, cdblue, PeterWiebing and 52 guests