Community discussions

MikroTik App
 
DragonQ
just joined
Topic Author
Posts: 20
Joined: Tue Apr 13, 2021 1:44 pm

Transmit broadcast and WoL packets across VLANs?

Wed Mar 22, 2023 3:27 pm

I have an EdgeRouter-X and a Mikrotik CRS328 switch. I am thinking about replacing the EdgeRouter-X with a Mikrotik RB5009UG+S+IN to take advantage of my symmetric gigabit internet connection. I assume all of the basic stuff can be replicated on this device (e.g. VLANs, firewall rules, etc.) but there are two mildly unusual functions my current router does that I am not sure if the RB5009UG+S+IN supports:

1) I use "bcast-relay" to route broadcast packets on specific ports across VLANs. The reason for this is that I have devices that can only be discovered by their apps via broadcast packets, but those devices are on a separate VLAN with no internet access. Example:
service {
    bcast-relay {
        id 1 {
            interface switch0.300
            interface switch0.100
            port 30050
        }
    }
}
This allows devices on VLAN 100 (trusted LAN) to send broadcast packets on port 30050 to devices on VLAN 300.

2) I use a static ARP to re-transmit wake-on-LAN packets across VLANs for similar reasons:
protocols {
    static {
        arp 192.168.3.13 {
            hwaddr ff:ff:ff:ff:ff:ff
        }
    }
}
This allows me to wake devices on the 192.168.3.0/28 network by sending a wake-on-LAN packet to 192.168.3.13 with the MAC address set to the device's MAC.

Can I do both of these things on a Mikrotik RB5009UG+S+IN? Thanks for any help.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19105
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Transmit broadcast and WoL packets across VLANs?

Wed Mar 22, 2023 4:51 pm

Not sure how this would be done as the same commands dont translate directly but there are ways to achieve almost anything.
Zerotier functionality would create it such that you could put any two vlans on the same virtual switch to achieve the same effect I believe.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3253
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: Transmit broadcast and WoL packets across VLANs?

Wed Mar 22, 2023 5:56 pm

I think it from this GitHub project: https://github.com/britannic/ubnt-bcast-relay . So it's actually L3 broadcast messages, on a specific port, that it need to forward. Not multicast packets.

So what need to be replicated is if a packet is sent to 255.255.255.255:30050 on a VLAN/subnet (pvid=300), it's gets COPIED also to another VLAN/subnet (pvid=100). And vise versa. I'm not so sure that's so easy in RouterOS (and not a built-in feature on UBNT either it seems).

Broadcast scope is kinda what makes a L3 subnet a subnet, so we're well outside the standards here. The firewall can't manufacture new broadcast packets.... While I suppose bridging via ZeroTier with a flow rule to limit only this specific broadcast would work...but now you've introduced ZeroTier machinery to copy just a few packets.

But if you relaying broadcasts, it may time to ask if the things that need this really need to be in a separate VLAN... and if bridge filtering accomplish the purpose as a VLAN so you can have common subnet for your VLAN 100 and 300 and thus avoid "bcast-relay" need.
 
wiseroute
Member
Member
Posts: 352
Joined: Sun Feb 05, 2023 11:06 am

Re: Transmit broadcast and WoL packets across VLANs?

Wed Mar 22, 2023 6:13 pm

hello.

@dragonq.

afaik, both edgerouter and mt they have different underlying systems. the first being freebsd xorp vyatta like system, and the other one is linux iptables like system.

so, mt as a second language has its own implementation.

as far as service broadcast relay concerned,
i think it should be similar to those dhcp or smb relay. so i maybe it is doable.

input or prerouting interface, output or postrouting Interface, forward chain, proto tcp udp port, accept.

mikrotik have /tool wol on help page. so maybe you can check it out for your requirement.

hope this helps.
 
DragonQ
just joined
Topic Author
Posts: 20
Joined: Tue Apr 13, 2021 1:44 pm

Re: Transmit broadcast and WoL packets across VLANs?

Wed Mar 22, 2023 6:29 pm

But if you relaying broadcasts, it may time to ask if the things that need this really need to be in a separate VLAN... and if bridge filtering accomplish the purpose as a VLAN so you can have common subnet for your VLAN 100 and 300 and thus avoid "bcast-relay" need.
Never heard of having common subnets for different VLANs. It seems more complicated to me to put the devices onto the trusted VLAN and create firewall rules to lock them down specifically than to just put them on a separate VLAN (which already has those lockdowns) and use a broadcast relay to get around the crappy design of the associated app.
 
DragonQ
just joined
Topic Author
Posts: 20
Joined: Tue Apr 13, 2021 1:44 pm

Re: Transmit broadcast and WoL packets across VLANs?

Wed Mar 22, 2023 6:53 pm

mikrotik have /tool wol on help page. so maybe you can check it out for your requirement
If this can be initiated via an ssh command to the Mikrotik router, and the router can send WoL packets to any VLAN/subnet then I think that might work, thanks.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3253
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: Transmit broadcast and WoL packets across VLANs?

Wed Mar 22, 2023 7:01 pm

Get your need. More I dunno how you'd do this without some complexity I think is my larger point. Perhaps a container would work since we're talking about RB5009, but even with only one interface to containers, means the container needs to be configured with your VLANs too.

Since there is no mDNS or SSDP proxy builtin either (which are actually a UBNT built-in feature), this proxy'ing discovery across VLAN has come up before. Mikrotik's response is typically:
Yes, the question is, why separate the IoT, if you don't really need to separate ?
With his colleague @raimondsp adding:
By the looks of it, L2 segregation for the mentioned above cases is an illusion of safety.
(full quote: viewtopic.php?p=866449&hilit=mdns+illusion#p866383)

So easy to imagine a broadcast proxy may not be in the cards as a supported feature. But I'm pretty sure a container could fill in this need, at least on the RB5009 – which is a nice router & supports containers.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3253
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: Transmit broadcast and WoL packets across VLANs?

Wed Mar 22, 2023 7:03 pm

mikrotik have /tool wol on help page. so maybe you can check it out for your requirement
If this can be initiated via an ssh command to the Mikrotik router, and the router can send WoL packets to any VLAN/subnet then I think that might work, thanks.
I think your ARP trick may work too, dunno for sure. But yes you can send WOL via SSH to RouterOS to do that:
/tool/wol interface=bridge mac=XXXXXXXXXXXX

Who is online

Users browsing this forum: EmuAGR, truefriendcz and 77 guests