Greetings,

here the situation:


There are 500 - 3000 Clients in our network (no wireless), each client should get its own vlan.
Ip and MAC are not static, so a client can interchange to other.
No client should be able to communicate with others without passing the gateway. (mac-communication should be only able to Gateway, no others)

the process:
1. the client send a dhcp-discover in its own vlan
2. the gateway dhcp-server gives an direct internet-ip from pool to client (no masquerading)
3. the gateway should pass-through the traffic form vlanX to internet and backwards

1.-2. can solved by setting a DHCP-Server-Interface to every vlan (maybe someone get a better solution)

My question is:
How can i pass-trough (route) the traffic from 10.10.0.3 to 10.10.1.1 and backwards.
I know the packet have to mangle and set to IP->Routes. But i don't how and it should work for every vlan separately.

MFG NukeLE

EDIT: There are a RouterOS (x86) L4, L6 and a RouterBOARD 750 available. There is no Cloud-Router available.

I would use a CRS for VLANs and a "router on a stick" to route your VLANs traffic and do the filtering.

cheers

Thanks for your advice semakka, but are there other ways?
Currently there are only a RouterOS (x86) L4 , L6 and an RouterBoard 750 available.

Thanks for your advice semakka, but are there other ways?
Currently there are only a RouterOS (x86) L4 , L6 and an RouterBoard 750 available.

Well, depends on the setup but you will need more gear and more than anything capable gear. running 500 to 3000 VLANs you might end up having MTU problems. What you have here it's a real challenge considering the equipment available!

check this... it might help you planning.
http://wiki.mikrotik.com/wiki/Manual:Ma ... uterBoards
http://wiki.mikrotik.com/wiki/Manual:Sw ... p_Features

please tell me your RB 750 is a RB750G....

cheers

No , its just a RouterBOARD 750.
Are there other Solutions, preferably for x86 ? Because there have more power than cloud-core-routers.

MfG

No , its just a RouterBOARD 750.
Are there other Solutions, preferably for x86 ? Because there have more power than cloud-core-routers.

MfG

I'm not sure what is the maximum l2mtu on x86 platforms...

regarding power..... I won't be so sure. x86 CPUs are designed to do everything. The CCR have network CPUs... designed to do only networking and do it well!

The l2mtu will be automatically reduct.
VLAN only need 4 byte at all. So theres no problem whit the mtu.
I prefer a solution for x86 RouterOS. Maybe if there is no, i will look for a cloud router.

MfG NukeLE

Whatever you might think is best.
My personal opinion: talking about VLANS on MKTK and the amount you want... on a double thought I wouldn't really go for MKTK gear.... you'll grow old configuring VLANS, trunks and access ports

Anyway, in networking there are many solutions for a problem and they all work... depends on each administrator what considers best to pick.

cheers and good luck