Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » router » mikrotik_vlan
Trace:
networking:router:mikrotik_vlan

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
networking:router:mikrotik_vlan [2013/10/13 15:30]
gcooper 		networking:router:mikrotik_vlan [2014/12/16 14:06] (current)
gcooper
Line 1: Line 1:
-====== Mikrotik VLAN ======+====== MikroTik VLAN ======
  
-**VLAN = Broadcast Domain**+**Metro Ethernet Notes**: http://www.experts-exchange.com/Hardware/Networking_Hardware/Routers/Q_23688899.html
  
-http://wiki.mikrotik.com/wiki/Vlans_on_Mikrotik_environment+**Example with Wireless**: http://mum.mikrotik.com/presentations/CZ09/VLAN-Workshop-Prague-final.pdf 
 + 
 +**Great examples with CoS**: http://wiki.mikrotik.com/wiki/Vlans_on_Mikrotik_environment 
 + 
 +  * VLAN = Broadcast Domain 
 +  * VLAN interfaces on MikroTik devices are "add tag on egress / remove tag from ingress" 
 +  * To be able to forward packets from access-ports to VLANs, we need bridges 
 +  * Ethernet MTU will increase up to 1522 bytes because of the added tag 
 +    * The normal Ethernet MTU is up to 1518 bytes 
 + 
 +===== Switch Ports ===== 
 + 
 +  * **Access** 
 +    * An access port should be used only with untagged packets. 
 +    * This kind of port is used to connect PCs to the switch. 
 +  * **Trunk** 
 +    * A trunk port is capable of receiving and forwarding packets from multiple vlans. 
 +    * This type of port is used to interconnect switches.  
 +  * **Hybrid** 
 +    * A hybrid port is a special mode that allow untagged and tagged packets on the same port. 
 +    * For example, you have a VoIP desk phone and you connect your PC to the phone and the phone to the switch. 
 +    * We will have a VLAN for VoIP and untagged data for the PC. 
 +    * http://forum.mikrotik.com/viewtopic.php?f=13&t=87537 
 + 
 +===== Create VLANs ===== 
 + 
 +  * Create VLAN sub-interfaces on physical interfaces 
 +  * Bridge the sub-interfaces 
 +    * To forward packets from access-ports to VLANs we need bridges 
 +  * IP addresses are then configured on the respective bridges 
 +  * Treat EoIP tunnel interfaces like physical interfaces 
 +  * If you are not stripping tags, you don't need to configure the VLAN interfaces, at least on physical trunk ports 
 + 
 +  - Configure VLANs on trunk interface ports 
 +    * <file>/interface vlan add name=vlan-10 vlan-id=10 interface=ether5 disabled=no</file> 
 +  - Create bridges for the VLANs 
 +    * <file>/interface bridge add name=br-vlan10 disabled=no</file> 
 +  - Add access-ports to the bridges 
 +    * <file>/interface bridge port add interface="vlan-10" bridge="br-vlan10" disabled=no 
 +/interface bridge port add interface="ether1" bridge="br-vlan10" disabled=no</file>
  
 ===== VLAN Tagging ===== ===== VLAN Tagging =====
Line 24: Line 63:
  
 https://vanachterberg.org/2011/09/per-vlan-pptp-with-routeros-and-mikrotik/ https://vanachterberg.org/2011/09/per-vlan-pptp-with-routeros-and-mikrotik/
 +
 +====== Notes From Others ======
 +
 +Create vlan interfaces to the physical interface connected to the Cisco interface which in trunking mode (I don't like Ciscos naming, a trunk is bundled ports).
 +Then if you want to have ports in the MT to be "untagged" (Cisco: access mode). create a bridge for every VLAN that you put in the Cisco "trunk".
 +Put the VLAN interfaces of the physical port and the ports you want to be left untagged into the bridge.
 +
 +Untagged traffic on the "trunk" port is the physical interface traffic ie ether1.
 +
 +Example of MT interfaces:
 +
 +<file>
 +ether1 (this is the port connected to the Cisco "trunk" port)
 +ether1-vl100 (VLAN interface)
 +ether1-vl200
 +ether1-vl300
 +
 +br-vl100 (Bridge for vlan ID 100)
 +ether1-vl100 (VLAN interface)
 +ether2 (physical interface untagged traffic)
 +
 +br-vl200 (Bridge for vlan ID 200)
 +ether1-vl200 (VLAN interface)
 +ether3 (physical interface untagged traffic)
 +
 +br-vl300 (Bridge for vlan ID 300)
 +ether1-vl300 (VLAN interface)
 +ether4 (physical interface untagged traffic)
 +wds-1-vl300 (VLAN interface on the wds-1 interface)
 +eoip-1 (Ethernet over IP interface in the same Layer2 network)
 +
 +</file>
 +Summary:
 +create VLAN interfaces in physical interfaces or WDS interfaces.
 +create a bridge for each VLAN
 +I hope this clarify how to do VLAN and bridging in ROS.
 +
 +I'm not a writer so for you you need some references if you want to read more:
 +http://gentoo-wiki.com/HOWTO_setup_a_gentoo_bridge
 +http://www.pixelchaos.net/2008/07/16/vl ... ing-in-xen
 +http://mum.mikrotik.com/presentations/2 ... ngwire.pdf
networking/router/mikrotik_vlan.1381699804.txt.gz · Last modified: 2013/10/13 15:30 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki