I have a CCR2004-1G-12S+2XS. I am going to use this in my lab to connect all my Mikrotik devices via fiber SFP+ modules. I have 109 Mikrotik devices to connect on seperate vlans to individual SFP+ ports on the CCR. I assume I will need to setup 10 VLANS, 1 per port. Port 11 will be spare and port 12 will be my fiber connection from my ISP. I will use the Management port for out of band management.
Can anyone help me get started with the proper setup of all the VLANS? This is a new adventure on my part so I don't have a config to post yet.
Here is my equipment list.
CCR2004-1G-2s+2XS
BRIDGE PORTS 1 through 11
SFP+1 VLAN 100 CSS318-16G Switch 1 176.100.10.1/24
SFP+2 VLAN 200 CSS318-16G Switch 2 10.10.20.1/24
SFP+3 VLAN 300 Phone Sys 172.16.30.1/24
SFP+4 VLAN 400 CRS 317-1G-16S+RM 225.40.40.1/24
SFP+5 VLAN 500 CSS810-8P-2S+RM 125.50.50.1/24
SFP+6 VLAN 600 CRS326-24G-2S+RM 125125.60.60.1/24
SFP+7 VLAN 700 CSS326-24G-2S+RM 125.70.70.1/24
SFP+8 VLAN 800 RB3011-UI-AS-RM 125.80.80.1/24
SFP+9 VLAN 900 HAP ax3 Wireless 125.90.90.1/24
SFP+10 VLAN 1000 CSS326-24G-2S+ RM 125.100.100.1/24
SFP+11 VLAN 1100 SPARE 125.110.110.1/24
SFP+12 WAN Static Address 192.168.1.100
ETH 1 Management Port 10.0.0.99/27
SFP+28 Ports 1&2 Not Used at This Time
-
-
JazzMaster
Member Candidate
- Posts: 131
- Joined:
- Location: Evansville, Indiana , USA
Re: Question
The device doesn't have a switch chip so using bridge based VLANs will end up going through the CPU.
I'm open to correction on this but I think it's probably best not to bridge any ports at all and instead assign an IP address relevant to each port. That is to say L3 routing only and no VLANs on the CCR.
For example SFP+1 with IP address 176.100.10.1/24 is connected to a port on a switch that is tagged for VLAN 100 and so on. SFP+2 with IP 10.10.20.1/24 is connected to a switch port that is tagged for VLAN 200 and so on for the others.
Your CCR is just a router and doesn't need to be configured for tagging and can do what it was designed for and just route.
I'm open to correction on this but I think it's probably best not to bridge any ports at all and instead assign an IP address relevant to each port. That is to say L3 routing only and no VLANs on the CCR.
For example SFP+1 with IP address 176.100.10.1/24 is connected to a port on a switch that is tagged for VLAN 100 and so on. SFP+2 with IP 10.10.20.1/24 is connected to a switch port that is tagged for VLAN 200 and so on for the others.
Your CCR is just a router and doesn't need to be configured for tagging and can do what it was designed for and just route.
Re: Question VLAN Setup
As @elobob2002 said, it's not clear why you want vlans. Your description is that all devices connected though any specific SFP will all be using the same subnet, and no two CCR SFP ports will have the same subnet, so no need for a bridge either.
I wouldn't have used @elobob2002's terminology for the switch connection, I would have used "access port for vlan X".
But there other "oddities" in the proposal, for example "I assume I will need to setup 10 VLANS, 1 per port". Also it isn't clear how you are going to connect the hAP ax3 to the SPF+ with a fiber connection. "connect all my Mikrotik devices via fiber SFP+ modules. I have 109 Mikrotik devices to connect on seperate vlans"
There isn't much point in making suggestions until you understand what you really want to do. But for a non-vendor specific description of what vlans are and when they are a good solution, see Virtual Local Area Networks (VLANs) by Ed Harmoush.
I wouldn't have used @elobob2002's terminology for the switch connection, I would have used "access port for vlan X".
But there other "oddities" in the proposal, for example "I assume I will need to setup 10 VLANS, 1 per port". Also it isn't clear how you are going to connect the hAP ax3 to the SPF+ with a fiber connection. "connect all my Mikrotik devices via fiber SFP+ modules. I have 109 Mikrotik devices to connect on seperate vlans"
There isn't much point in making suggestions until you understand what you really want to do. But for a non-vendor specific description of what vlans are and when they are a good solution, see Virtual Local Area Networks (VLANs) by Ed Harmoush.
Re: Question VLAN Setup
A good network diagram will help planning as well....
-
-
JazzMaster
Member Candidate
- Posts: 131
- Joined:
- Location: Evansville, Indiana , USA
Re: Question VLAN Setup
Thanks to you all. I am going to just apply seperate IP addresses to each port and elimate the bridge thought. I will design a network per ANAV. As I tried to state this is a task that I have taken on because I have all this Mikrotik equipment and would like to see if I can accomplish this.
I will post a network design as soon as I get the bugs worked out. This is why I love the forum for eye opening answers.
I will post a network design as soon as I get the bugs worked out. This is why I love the forum for eye opening answers.
-
-
JazzMaster
Member Candidate
- Posts: 131
- Joined:
- Location: Evansville, Indiana , USA
Re: Question VLAN Setup
Here is the Port assignment for my CCR setup. I am just starting the configuration of the CCR. I hope I get the Addresses setup correctly using VLANS.
You do not have the required permissions to view the files attached to this post.
Re: Question VLAN Setup
Are you stating that there is no port with more than one vlan going through it???
At a minimum there should be two vlans per port if all are trunk ports going to smart devices, one being the management vlan which all smart devices should get their IP address from.
At a minimum there should be two vlans per port if all are trunk ports going to smart devices, one being the management vlan which all smart devices should get their IP address from.
-
-
JazzMaster
Member Candidate
- Posts: 131
- Joined:
- Location: Evansville, Indiana , USA
Re: Question VLAN Setup
Would one just assign addresses to each port with a DNS server for each address or use VLANS for each port?