VLAN tagging with Mikrotik RB750

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › VLAN tagging with Mikrotik RB750

oktobot

4 posts

Wannabe Geek

#136810 9-Dec-2013 16:33

Hi Guys,

Our organisation has just had UFB installed which is great, except the PPPoe connection requires a VLAN tag of 10.

Our Netgear UTM9s does not support VLAN tagging on the WAN interface.

So I purchased a Mikrotik RB750 which I thought could do the tagging for me.

However I have no idea how to get the UTM9s' WAN port to talk to the Mikrotik. I can get the Mikrotik to connect to the ISP via PPPoe, But what I really need from the Mikrotik is to just out bound tagging allowing the UTM9s do the PPPoe connection.

Any assistance would be greatly appreciated.

Thanks

sbiddle

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#948210 9-Dec-2013 16:38

You simply create a VLAN10 on the interface you're using for WAN and then use the VLAN10 as your external interface.

oktobot

4 posts

Wannabe Geek

#948214 9-Dec-2013 16:46

Thanks for your speedy reply.

I think I understand what your saying. I have created on the Mikrotik VLAN10 on eth0(default WAN port) and assigned VLAN10 my static IP.

The bit I dont understand is getting the UTM9s' WAN2 port to talk to the eth1 port on the Mikrotik - I see no traffic on the eth1 interface.

Do I need to NAT, Port forward, etc

Thanks again for the help.

LennonNZ

2459 posts

Uber Geek
+1 received by user: 411

ID Verified

Trusted

#948215 9-Dec-2013 16:49

You can do it a couple of ways..

You can create a bridge interface and link the VLAN 10 on the Tagged Port 1 with the Untagged Port 2

See: http://ferdi.blog.unas.ac.id/pengenalan-dasar/transparent-bridge-with-mikrotik/ (its not the same but you'll get the idea)

or you can do it in the Switch config of the router.

See: http://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features

oktobot

4 posts

Wannabe Geek

#948225 9-Dec-2013 17:05

Again thanks for the speedy reply.

If I was to go with the bridging option I believe my config would look something like,

interface bridge add name=bridge1 disabled=no arp=enabled - in order to create a bridge
interface bridge port set ether0 bridge=bridge1 priority=128 path-cost=10 - To add the physical eth0(WAN cable from UFB) interface to the bridge.
interface bridge port set ether2 bridge=bridge1 priority=128 path-cost=10 - to add the physical eth1(Cable connecting UTM9s and Mikrotik) to the bridge.
interface bridge port set VLAN10 bridge=bridge1 priority=128 path-cost=10 - to add the VLAN interface (required tagging) to the bridge.

Does this look correct?

Is there maybe a better way?

sbiddle

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#948227 9-Dec-2013 17:11

You won't want the port with the VLAN also included in the bridge - this will fail (can't bridge both together)

You just want to bridge the VLAN and the port used for the connecton to the other router.

oktobot

4 posts

Wannabe Geek

#948229 9-Dec-2013 17:14

Okay great I will give this a try, and let everyone know if it works out.

Thank you

AliExpress

Shop now on AliExpress (affiliate link).

WickedWings

7 posts

Wannabe Geek

#962420 7-Jan-2014 13:24

Hi oktobot,

How did it go with your bridge setup. I have the exact setup as yours, using a UTM9s now trying to connect to UFB. Getting myself a RB750 for bridge setup as well. Just want to know did you got your working? If so, what was your final configuration?

Thanks.

Zeon

3926 posts

Uber Geek
+1 received by user: 759

Trusted

#962421 7-Jan-2014 13:27

Is that mikrotik model cheaper than a layer2 switch?

Speedtest 2019-10-14

Ragnor

8279 posts

Uber Geek
+1 received by user: 585

Trusted

#962559 7-Jan-2014 16:21

Zeon: Is that mikrotik model cheaper than a layer2 switch?

Pretty cheap at retail
http://www.gowifi.co.nz/ethernet-adsl/mikrotik-routerboard-rb750-five-port-router.html

ZSasha

18 posts

Geek
+1 received by user: 1

#1268886 27-Mar-2015 10:32

Hello,

could anyone help me with configuring trunk ports on Mikrotik device please?

I have three eth interfaces - eth1, eth2, eth3
I am expecting to receive FIVE VLANs (VLAN1-5) on port eth1
Now I want to pass
VLAN1,VLAN2 and VLAN5 through port eth2
and
VLAN3, VLAN4 and VLAN5 through port eth3

Simple, isn't it?

In Cisco I would do this like
interface eth1
switchport mode trunk
interface eth2
switchport mode trunk
switchport trunk allowed vlan 1,2,5
interface eth3
switchport mode trunk
switchport trunk allowed vlan 3,4,5

DONE!

I am going to band my head against the wall but I can't figure out how to such a simplest thing on Mikrotik.

LennonNZ

2459 posts

Uber Geek
+1 received by user: 411

ID Verified

Trusted

#1268906 27-Mar-2015 10:46

You have a Router, not a Switch so VLANS are unique between interfaces. You have to bridge the vlans together via a bridge.

Add VLAN 10 on eth1 (say call this eth1.10)
Add VLAN 10 on eth2 (say call this eth2.10)
add Bridge and add these 2 VLANS (eth1.10 and eth2.10) to the bridge

There is a different way to do this on the switch interface http://www.breekeenbeen.nl/2014/12/11/mikrotik-vlan-switching-without-bridging

This is the same with a Cisco (Router). VLANS on a physical interface are unique and you have to use a bridge (if needed) to connect them together.
You are just used to a Cisco (switch) not a cisco (router)

AliExpress

Shop now on AliExpress (affiliate link).

ZSasha

18 posts

Geek
+1 received by user: 1

#1268937 27-Mar-2015 11:22

Hi LennonNZ,

thank you very much for your prompt response.

If I understood you correctly - it mean that I need to create a lot of separate VLAN interfaces - one vlan-interface per port and as many bridges as many VLANs I have (five in my case) ?

Like in my case I would need to create these interfaces:
vlan1.eth1 (means vlan1 attached to port eth1 etc)
vlan2.eth1
vlan3.eth1
vlan4.eth1
vlan5.eth1
^^^^^^^ - for eth1 trunk port - so we kind of define each and every vlan we are expecting to see on port eth1
then
vlan1.eth2
vlan2.eth2
vlan5.eth2
^^^^^^^ - the samefor eth2 trunk port
and
vlan3.eth3
vlan4.eth3
vlan5.eth3
^^^^^^^ - for eth3 trunk port.

and then bridges (one bridge per vlan):
BR1-BR5
and
bridge those vlan-interfaces together like
BR1: vlan1.eth1 & vlan1.eth2
BR2: vlan2.eth1 & vlan2.eth2
BR3: vlan3.eth1 & vlan3.eth3
BR4: vlan4.eth1 & vlan4.eth3
and finally
BR5: vlan5.eth1 & vlan5.eth2 & vlan5.eth3

Ok now (when I finished this post) I think I got that.
My confusion came from my experience working with Mikrotik that had switch integrated but this particular model (CCR) is a router, not a switch.
Once you start thinking about that device as a router - it makes sense now.
Just wondering what it the CPU overload will be in that case?

Thank you A LOT for your help!!

LennonNZ

2459 posts

Uber Geek
+1 received by user: 411

ID Verified

Trusted

#1268944 27-Mar-2015 11:35

You _can_ do it in a Switch way (see my link) and treat the Router as a Switch but start off this way first and then you can play with the switch interface later.

CPU will not be a problem at all either way and all this switching is done via Hardware anyway.. just a couple of ways of programming the chips inside it.

deadlyllama

1283 posts

Uber Geek
+1 received by user: 476

Trusted

#1268989 27-Mar-2015 12:24

sbiddle wrote a comprehensive blog post on using a Mikrotik router for UFB VLAN10 802.1Q tagging which is exactly what you want to do.

drpaulmartin

11 posts

Geek
+1 received by user: 1

#1287521 20-Apr-2015 09:22

Can you use the mikrotik for dhcp and switch as well. I am trying to replace orcon genius (don't care about the phone line). But don't just want to bridge as my wifi ap is elsewhere, and ideally just want one box there not bridge and router. Thanks