I have a RoaS (MT router, switch some better L3 TP-link) and I'm trying to set up some basic VLANs. I followed the procedure on our goldstandard see viewtopic.php?f=13&t=143620
a) one "base_vlan" which has .1 on the router and .2 on the switches to communicate with each other on L3. The rest of the VLANs are simply over L2.
b) I have all the ports except the WAN on one bridge.
c) In "/interface bridge vlan" I have all VLANs tagged on the selected trunk ports and bridge.
d) The bridge is on "admit only tagged" and VLAN Filtering is enabled.
Now to the problem. As long as I only have one trunk port active (either physically connected UTP or disabled ifc on the router), everything works as I would expect. But when I turn on the other trunk port, the ping starts to double and after a few minutes, errors start popping up in the log for both trunks
"ether10: bridge port received packet with own address as source address (e4:8d:8c:a9:3a:e5), probably loop".
Before I started using VLAN filtering, turning on the second trunk kicked me off the router completely.
I know that I could get by with one trunk with such a small network, but my point is that I'm obviously setting something wrong and it can lead to other problems, so I want to fix it...plus it's making me angry
The config is exported in a defective state and only the most basic stuff is in it.
Code: Select all
/interface bridge
add admin-mac=E4:8D:8C:A9:3A:E5 auto-mac=no comment=defconf frame-types=admit-only-vlan-tagged name=\
bridge vlan-filtering=yes
/interface vlan
add interface=bridge name=vlan5 vlan-id=5
add interface=bridge name=vlan99 vlan-id=99
add interface=bridge name=vlan200 vlan-id=200
/ip pool
add name=dhcp_pool0 ranges=192.168.5.100-192.168.5.254
add name=dhcp_pool1 ranges=192.168.99.100-192.168.99.254
add name=dhcp_pool2 ranges=192.168.20.100-192.168.20.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=vlan5 name=dhcp1
add address-pool=dhcp_pool1 disabled=no interface=vlan99 name=dhcp2
add address-pool=dhcp_pool2 disabled=no interface=vlan200 name=dhcp3
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf frame-types=admit-only-vlan-tagged interface=ether10 trusted=yes
add bridge=bridge comment=defconf interface=ether11
add bridge=bridge comment=defconf interface=ether12
add bridge=bridge comment=defconf interface=ether13
add bridge=bridge comment=defconf interface=ether14
add bridge=bridge comment=defconf interface=ether15
add bridge=bridge comment=defconf interface=ether16
add bridge=bridge comment=defconf interface=ether17
add bridge=bridge comment=defconf interface=ether18
add bridge=bridge comment=defconf interface=ether19
add bridge=bridge comment=defconf interface=ether20
add bridge=bridge comment=defconf interface=ether21
add bridge=bridge comment=defconf interface=ether22
add bridge=bridge comment=defconf interface=ether23
add bridge=bridge comment=defconf interface=ether24
add bridge=bridge comment=defconf frame-types=admit-only-vlan-tagged interface=sfp1 trusted=yes
/interface bridge vlan
add bridge=bridge tagged=ether10,sfp1,bridge vlan-ids=5
add bridge=bridge tagged=ether10,sfp1,bridge vlan-ids=99
add bridge=bridge tagged=ether10,sfp1,bridge vlan-ids=200
/ip address
add address=192.168.5.1/24 interface=vlan5 network=192.168.5.0
add address=192.168.99.1/24 interface=vlan99 network=192.168.99.0
add address=192.168.20.1/24 interface=vlan200 network=192.168.20.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.5.0/24 gateway=192.168.5.1
add address=192.168.20.0/24 gateway=192.168.20.1
add address=192.168.99.0/24 gateway=192.168.99.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock