Community discussions

MikroTik App
 
Steven18343
just joined
Topic Author
Posts: 7
Joined: Mon May 15, 2023 10:55 pm

Tag to untagged simple: RB2011UiAS FW7.6

Mon May 15, 2023 11:03 pm

Hello,

I have RB2011UiAS with FW7.6
I simply want to split a port that receives multiple VLANs (tagged) to other ports (untagged). Preferably not through the CPU, but simply through the switch chip. No firewall......

( port1:vl4, vl6, vl10, v12 --> port2:vl4, port3:vl6, port4:vl10 and port5:vl12 )
Or need I also add some bridges (I think that are CPU that's will used CPU power)

Thanks
Steven
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18959
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Tag to untagged simple: RB2011UiAS FW7.6

Wed May 17, 2023 2:06 am

So it works using bridge and vlans for you, but its too slow?
 
User avatar
Buckeye
Forum Veteran
Forum Veteran
Posts: 883
Joined: Tue Sep 11, 2018 2:03 am
Location: Ohio, USA

Re: Tag to untagged simple: RB2011UiAS FW7.6

Wed May 17, 2023 3:46 am

Almost like you want, you need to move the trunk to ether1 and add ether2 as an access port. And adjust the vlans to the vlans you want. You should be able to figure it out from that example.
VLAN Example 1 (Trunk and Access Ports)
 
Forneirdis69
just joined
Posts: 1
Joined: Wed May 17, 2023 6:33 am

Re: Tag to untagged simple: RB2011UiAS FW7.6

Wed May 17, 2023 6:38 am

basket random
Hello,

I have RB2011UiAS with FW7.6
I simply want to split a port that receives multiple VLANs (tagged) to other ports (untagged). Preferably not through the CPU, but simply through the switch chip. No firewall......

( port1:vl4, vl6, vl10, v12 --> port2:vl4, port3:vl6, port4:vl10 and port5:vl12 )
Or need I also add some bridges (I think that are CPU that's will used CPU power)

Thanks
Steven
To split a port that receives multiple tagged VLANs to other ports as untagged VLANs on the RB2011UiAS router with Firmware 7.6, you can achieve this by configuring VLAN interfaces and bridge settings.
 
Steven18343
just joined
Topic Author
Posts: 7
Joined: Mon May 15, 2023 10:55 pm

Re: Tag to untagged simple: RB2011UiAS FW7.6

Wed May 17, 2023 11:38 pm

Yes that's, thanks (both). It seems to work...... a bit :-(

I have multiply camera, three are connected through a RB2011 (see config) and the rest directly to the RB5009. Only the video of the part that connected to the RB2011 freeze some times (every 5 a 10 seconds)
The CPU on the RB2011 if not loaded very much (this time), so that would not the bottleneck (this time) the config of the RB2011 (fw 6.49.7).

* When I connect (old config) all devices (nas and camera;s) directly to the RB2011all streams where smooth :-)

( O sorry I have two RB2011, FW 6.49.7 and FW7.6)
/interface bridge
# add arp=local-proxy-arp fast-forward=no name=the_bridge_01
add arp=local-proxy-arp fast-forward=no name=the_bridge_02

/interface ethernet switch port
# set 1 vlan-header=add-if-missing vlan-mode=secure
# set 2 default-vlan-id=4 vlan-header=always-strip vlan-mode=secure
# set 4 default-vlan-id=17 vlan-header=always-strip vlan-mode=secure
# set 5 default-vlan-id=12 vlan-header=always-strip vlan-mode=secure
set 6 vlan-header=add-if-missing vlan-mode=secure
set 7 default-vlan-id=200 vlan-header=always-strip vlan-mode=secure
set 8 default-vlan-id=100vlan-header=always-strip vlan-mode=secure
set 9 default-vlan-id=100 vlan-header=always-strip vlan-mode=secure
set 10 default-vlan-id=100vlan-header=always-strip vlan-mode=secure


/interface bridge port
# add bridge=the_bridge_01 ingress-filtering=yes interface=ether1
# add bridge=the_bridge_01 ingress-filtering=yes interface=ether2
# add bridge=the_bridge_01 ingress-filtering=yes interface=ether3
# add bridge=the_bridge_01 ingress-filtering=yes interface=ether4
# add bridge=the_bridge_01 ingress-filtering=yes interface=ether5
add bridge=the_bridge_02 ingress-filtering=yes interface=ether6
add bridge=the_bridge_02 ingress-filtering=yes interface=ether7
add bridge=the_bridge_02 ingress-filtering=yes interface=ether8
add bridge=the_bridge_02 ingress-filtering=yes interface=ether9
add bridge=the_bridge_02 ingress-filtering=yes interface=ether10

/ip settings
set max-neighbor-entries=4096

/interface ethernet switch vlan
# add independent-learning=no ports=ether1,ether5 switch=switch1 vlan-id=12
# add independent-learning=no ports=ether1,ether2 switch=switch1 vlan-id=4
# add independent-learning=no ports=ether1,ether4 switch=switch1 vlan-id=17
add ports=ether6,ether7 switch=switch2 vlan-id=200
add ports=ether6,ether10,ether9,ether8 switch=switch2 vlan-id=100
Last edited by Steven18343 on Thu May 18, 2023 11:00 am, edited 1 time in total.
 
User avatar
Buckeye
Forum Veteran
Forum Veteran
Posts: 883
Joined: Tue Sep 11, 2018 2:03 am
Location: Ohio, USA

Re: Tag to untagged simple: RB2011UiAS FW7.6

Thu May 18, 2023 12:25 am

Here's the "universal" way, but won't be done in the switch chip on the RB2011

VLAN Example - Trunk and Access Ports

How is the RB5009 connected to the RB2011? Is it connected to the same switch as the cameras?

You wrote "I have multiply camera, three are connected through a RB2011 (see config) and the rest directly to the RB5009." but it isn't obvious to me what ports the camera or the RB5009 are connected through.

And the config seems to have nothing in common with your original post "( port1:vl4, vl6, vl10, v12 --> port2:vl4, port3:vl6, port4:vl10 and port5:vl12 )"

If you want help, try to make it easier to help you. Providing a diagram and complete (sanitized) configs of the RB2011 and the RB5009 would be a good start.
 
Steven18343
just joined
Topic Author
Posts: 7
Joined: Mon May 15, 2023 10:55 pm

Re: Tag to untagged simple: RB2011UiAS FW7.6

Thu May 18, 2023 10:52 am


If you want help, try to make it easier to help you. Providing a diagram and complete (sanitized) configs of the RB2011 and the RB5009 would be a good start.

I had already put everything in a textual scheme for myself, but here as a picture.
Before I used the RB5009, the cameras were also connected to the RB2011(no interruptions). The RB2011 had the role of the RB5009.

Only the image(stream) from cameras 2,3 and 4 falter with this setting. The bandwidth on the RB2011 is sufficient when I run a speed test via VL200 I see there's enough left.

network-example._02.JPG
You do not have the required permissions to view the files attached to this post.
 
Steven18343
just joined
Topic Author
Posts: 7
Joined: Mon May 15, 2023 10:55 pm

Re: Tag to untagged simple: RB2011UiAS FW7.6

Thu May 18, 2023 3:02 pm

Update.

I have replaced the RB2011 with a TL-SG105E and the stream is smooth :-)

I can't imagine the RB2011 couldn't handle this data-streams and the SG105E could. (there for in the old setup the RB2011 works fine) I want to use the RB2011 as a simple managed switch, so I don't have to throw them away.
 
Steven18343
just joined
Topic Author
Posts: 7
Joined: Mon May 15, 2023 10:55 pm

Re: Tag to untagged simple: RB2011UiAS FW7.6

Thu May 18, 2023 5:25 pm

update2

this is 10x better than with the CPU/Switch/VLAN setup, but why?
/interface bridge
add fast-forward=no name=bridge_vlan200
add name=bridge_vlan100
/interface vlan
add interface=ether6 name=vlan200 vlan-id=200
add interface=ether6 name=vlan100 vlan-id=100 interface bridge port
add bridge=bridge_vlan100 interface=ether9
add bridge=bridge_vlan100 interface=ether8
add bridge=bridge_vlan100 interface=vlan100
add bridge=bridge_vlan100 interface=ether10
add bridge=bridge_vlan200 interface=ether7
add bridge=bridge_vlan200 interface=vlan200

But not the best. With some other (test) data streams through VLAN200, the three camera streams are buggy ( does not continue ) again.

(interface list) VLAN overview:
vlan100 TX between 7 and 10 Mbps, RX max 1Mbps
vlan200 TX max 5Mbps, RX max 95Mbps

Max total 111Mbps, is that maybe the limit for the RB2011 (on the 100Mb ports)?
testresults_rb2011.jpg
You do not have the required permissions to view the files attached to this post.
 
User avatar
Buckeye
Forum Veteran
Forum Veteran
Posts: 883
Joined: Tue Sep 11, 2018 2:03 am
Location: Ohio, USA

Re: Tag to untagged simple: RB2011UiAS FW7.6

Thu May 18, 2023 9:27 pm

I can't imagine the RB2011 couldn't handle this data-streams and the SG105E could. (there for in the old setup the RB2011 works fine) I want to use the RB2011 as a simple managed switch, so I don't have to throw them away.
Why are you using the 100Mbps ports on the RB2011 instead of the 1Gbps ether1-ether5 as you stated in the original post?

How are you testing?

The diagram helps us understand what your layout is, but tells us nothing about your test points, or how the RB5009 is configured. But since you said that an SG105E "smart" switch worked well, the RB5009 is probably configured in a way that works with it.

The only MikroTik routers I own both have a single switch chip (RB760iGS (hEX S), and the RB5009), so any info I give you about the RB2011 is not first hand, it is only from reading. But my understanding is that you should not use more bridges than switches if you want hardware switching to occur. And all ports connected to a vlan must be on the same switch (in other words their must be a direct path between the all ports in a vlan on the same switch in the router, i.e. "through the CPU" will kill the ability to handle in the switch ASIC). By introducing a second bridge on the same switch ASIC you are forcing the CPU to be involved. For routed traffic, that makes little difference, because the CPU will already be involved, but for switched layers 2 traffic, the traffic never needs to go through the CPU, and forcing it through the CPU will slow things down.

I know what I would do in your situation. I would buy another switch (but probably an 8 port, since they are only a few dollars more). And I would use the RB2011 as a lab router/backup router. Or sell it. But you should be able to get it to work as two independent switches, one 5 port GB switch and one 5 port 100Mbs switch, and they should perform ok.

RB2011 series Atheros8327 (ether1-ether5+sfp1); Atheros8227 (ether6-ether10) from Switch Chip Features - Introduction

The Atheros switch ASICS have some quirks and at least some of the 100Mb ASICs have problems with hybrid trunks (where one vlan is untagged on the "trunk" link and also on another access port). And there is this warning in the Host Table section.
bridging all HW or None.png
Also read the CPU Flow Control section. If you used the 1Gb switch (ether1-ether5) the need for any pause frames would be reduced. But I would really only expect those to show up when downloading a file from the NAS to the PC connected to the RB2011.
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: No registered users and 33 guests