First-time MikroTik user here.
I am running a CRS310-1G-5S-4S+IN (hereon I'll just call it "CRS310") on RouterOS 7.7 and am trying to configure so that I have a pair of 10G trunks sending traffic to the core switch and a single trunk that receives traffic from an "upstream" edge switch that collects its own traffic and sends traffic to CRS310. I'd like the CRS310 to send traffic collected from its own access ports to the core swtich over the same pair of 10G trunks that I'd be sending over the traffic from the upstream edge switch. I was hoping to use one bridge to do this (in order to leverage HW offloading and do the inter-VLAN routing at wire speed) but I am getting an error {{failure: vlan already added}}.
Here is a sketch of how I'd like this to work:
Code: Select all
Switch A --- {VLANs: 30, 40, 100, 210, 240} ----> CRS310 ---- {VLANs: 50} ------------- SFP+ ----------------------> Dell 8024F
CRS310 ---- {VLANs: 60, 30, 40, 100, 210, 240} ------ SFP+ ------> Dell 8024F
access ----- {VLAN: 50} ---------- SFP+ --------- CRS310
access ----- {VLAN: 60} ---------- SFP+ --------- CRS310
Switch A is a Netgear unit that simply collects other traffic that I'd like to keep isolated between each other and the iSCSI traffic. If I had a third link available, I'd use that one to directly connect Swtich A to Dell 8024F but, alas, I only have two fibre links available.
As mentioned above, I need this to happen at wire speed so given the hardware limitations of the CRS310, I hoped to use only one HW-offloaded bridge route the traffic as above but I am not sure how to do this.
Here is the script I have so far - what I am doing wrong? What don't I know?
Thanks.
Code: Select all
# disable L3 hw offloading so that L2 and L3 are kept in sync during config and we don't lock ourselves as we're chaging stuff
interface ethernet switch set 0 l3-hw-offloading=no
# remove any existing bridges
# create a new bridge with disabled VLAN filtering, again to prevent lockouts during config changes
interface bridge add name=bridge-hw vlan-filtering=no
# remove all bridge port associations
interface bridge port remove numbers=0,1,2,3,4,5,6,7,8,9
# add trunk port interfaces to the bridge
interface bridge port add bridge=bridge-hw interface=sfp-sfpplus3 frame-types=admit-only-vlan-tagged # VLANs: 50;
interface bridge port add bridge=bridge-hw interface=sfp-sfpplus4 frame-types=admit-only-vlan-tagged # VLANs: 60;30,40,100,210,240 --> towards Dell 8024F
interface bridge port add bridge=bridge-hw interface=sfp5 frame-types=admit-only-vlan-tagged # VLANs: 30,40,100,210,240 --> towards Dell N3024
# add access port interfaces to the bridge
interface bridge port add bridge=bridge-hw interface=sfp-sfpplus1 pvid=50 # STORAGE A traffic
interface bridge port add bridge=bridge-hw interface=sfp-sfpplus2 pvid=60 # STORAGE B traffic
# assign trunk port VLANs
interface bridge vlan add bridge=bridge-hw tagged=sfp-sfpplus3 vlan-ids=50 --> Dell 8024F -> Gamma VLAN 50
interface bridge vlan add bridge=bridge-hw tagged=sfp-sfpplus4 vlan-ids=60 --> Dell 8024F -> Gamma VLAN 60
interface bridge vlan add bridge=bridge-hw tagged=sfp5,sfp-sfpplus4 vlan-ids=30,40,100,210,240 --> Dell 8024F -> Dell N3024 (trunk)
# assign remaining ports as access to VLAN1
interface bridge port add bridge=bridge-hw interface=ether1 pvid=1
interface bridge port add bridge=bridge-hw interface=sfp1 pvid=1
interface bridge port add bridge=bridge-hw interface=sfp2 pvid=1
interface bridge port add bridge=bridge-hw interface=sfp3 pvid=1
interface bridge port add bridge=bridge-hw interface=sfp4 pvid=1
# enable bridge VLAN filtering
interface bridge set bridge-hw vlan-filtering=yes
# enable L3 HW offloading
interface ethernet switch set 0 l3-hw-offloading=yes
EDIT: I might have gotten it - will have to test it, but this doesn't fail. So it looks like the {{sfp-sfpplus4}} needs to be a hybrid port?
Code: Select all
....
# assign trunk port VLANs
...
interface bridge vlan add bridge=bridge-hw tagged=sfp-sfpplus4, sfp5 vlan-ids=30,40,100,210,240 # Dell 8024F -> Netgear traffic
interface bridge vlan add bridge=bridge-hw tagged=sfp-sfpplus4 vlan-ids=60 # Dell 8024F -> iSCSI traffic
....