Virtual Architects Support Wiki

User Tools

Site Tools

You are here: start » networking » router » mikrotik_vlan
Trace:
networking:router:mikrotik_vlan

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
networking:router:mikrotik_vlan [2013/10/13 15:40]
gcooper 		networking:router:mikrotik_vlan [2014/12/16 14:06] (current)
gcooper
Line 1: Line 1:
-====== Mikrotik VLAN ======+====== MikroTik VLAN ======
  
-**VLAN = Broadcast Domain**+**Metro Ethernet Notes**: http://www.experts-exchange.com/Hardware/Networking_Hardware/Routers/Q_23688899.html 
 + 
 +**Example with Wireless**: http://mum.mikrotik.com/presentations/CZ09/VLAN-Workshop-Prague-final.pdf
  
 **Great examples with CoS**: http://wiki.mikrotik.com/wiki/Vlans_on_Mikrotik_environment **Great examples with CoS**: http://wiki.mikrotik.com/wiki/Vlans_on_Mikrotik_environment
 +
 +  * VLAN = Broadcast Domain
 +  * VLAN interfaces on MikroTik devices are "add tag on egress / remove tag from ingress"
 +  * To be able to forward packets from access-ports to VLANs, we need bridges
 +  * Ethernet MTU will increase up to 1522 bytes because of the added tag
 +    * The normal Ethernet MTU is up to 1518 bytes
 +
 +===== Switch Ports =====
 +
 +  * **Access**
 +    * An access port should be used only with untagged packets.
 +    * This kind of port is used to connect PCs to the switch.
 +  * **Trunk**
 +    * A trunk port is capable of receiving and forwarding packets from multiple vlans.
 +    * This type of port is used to interconnect switches. 
 +  * **Hybrid**
 +    * A hybrid port is a special mode that allow untagged and tagged packets on the same port.
 +    * For example, you have a VoIP desk phone and you connect your PC to the phone and the phone to the switch.
 +    * We will have a VLAN for VoIP and untagged data for the PC.
 +    * http://forum.mikrotik.com/viewtopic.php?f=13&t=87537
 +
 +===== Create VLANs =====
 +
 +  * Create VLAN sub-interfaces on physical interfaces
 +  * Bridge the sub-interfaces
 +    * To forward packets from access-ports to VLANs we need bridges
 +  * IP addresses are then configured on the respective bridges
 +  * Treat EoIP tunnel interfaces like physical interfaces
 +  * If you are not stripping tags, you don't need to configure the VLAN interfaces, at least on physical trunk ports
 +
 +  - Configure VLANs on trunk interface ports
 +    * <file>/interface vlan add name=vlan-10 vlan-id=10 interface=ether5 disabled=no</file>
 +  - Create bridges for the VLANs
 +    * <file>/interface bridge add name=br-vlan10 disabled=no</file>
 +  - Add access-ports to the bridges
 +    * <file>/interface bridge port add interface="vlan-10" bridge="br-vlan10" disabled=no
 +/interface bridge port add interface="ether1" bridge="br-vlan10" disabled=no</file>
  
 ===== VLAN Tagging ===== ===== VLAN Tagging =====
Line 24: Line 63:
  
 https://vanachterberg.org/2011/09/per-vlan-pptp-with-routeros-and-mikrotik/ https://vanachterberg.org/2011/09/per-vlan-pptp-with-routeros-and-mikrotik/
 +
 +====== Notes From Others ======
 +
 +Create vlan interfaces to the physical interface connected to the Cisco interface which in trunking mode (I don't like Ciscos naming, a trunk is bundled ports).
 +Then if you want to have ports in the MT to be "untagged" (Cisco: access mode). create a bridge for every VLAN that you put in the Cisco "trunk".
 +Put the VLAN interfaces of the physical port and the ports you want to be left untagged into the bridge.
 +
 +Untagged traffic on the "trunk" port is the physical interface traffic ie ether1.
 +
 +Example of MT interfaces:
 +
 +<file>
 +ether1 (this is the port connected to the Cisco "trunk" port)
 +ether1-vl100 (VLAN interface)
 +ether1-vl200
 +ether1-vl300
 +
 +br-vl100 (Bridge for vlan ID 100)
 +ether1-vl100 (VLAN interface)
 +ether2 (physical interface untagged traffic)
 +
 +br-vl200 (Bridge for vlan ID 200)
 +ether1-vl200 (VLAN interface)
 +ether3 (physical interface untagged traffic)
 +
 +br-vl300 (Bridge for vlan ID 300)
 +ether1-vl300 (VLAN interface)
 +ether4 (physical interface untagged traffic)
 +wds-1-vl300 (VLAN interface on the wds-1 interface)
 +eoip-1 (Ethernet over IP interface in the same Layer2 network)
 +
 +</file>
 +Summary:
 +create VLAN interfaces in physical interfaces or WDS interfaces.
 +create a bridge for each VLAN
 +I hope this clarify how to do VLAN and bridging in ROS.
 +
 +I'm not a writer so for you you need some references if you want to read more:
 +http://gentoo-wiki.com/HOWTO_setup_a_gentoo_bridge
 +http://www.pixelchaos.net/2008/07/16/vl ... ing-in-xen
 +http://mum.mikrotik.com/presentations/2 ... ngwire.pdf
networking/router/mikrotik_vlan.1381700422.txt.gz · Last modified: 2013/10/13 15:40 by gcooper

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki