Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Two CRS125-25G-1S-2HnD Mac based VLAN help

Locked
 
lilmansplace
just joined
Topic Author
Posts: 10
Joined: Wed Jul 04, 2007 11:57 pm
Location: Utah
Contact:
Contact lilmansplace

Two CRS125-25G-1S-2HnD Mac based VLAN help

Fri Dec 29, 2017 10:50 am

So I have two CRS125-25G-1S-2HnD devices running v6.41
To keep this easy to understand i'll refer to them as follows
CRS-Downstairs
CRS-Upstairs

CRS-Downstairs has:
ether1 - Comcast CPE (internet)
ether2 through 23 - Various ethernet devices throughout my home
ether24 connected to ether1 on CRS-Upstairs


CRS-Upstairs has:
ether1 connected to ether24 on CSR-Downstairs
ether2 through 24 - Various ethernet devices throughout the upstairs

I have four VLANs
10 - Management
20 - Infrastructure / Servers
30 - Known Users
40 - Guests

Each has their own subnet that correspond
192.168.10.0/24 - VLAN10
192.168.20.0/24 - VLAN20
192.168.30.0/24 - VLAN30
192.168.40.0/24 - VLAN40

I want unknown MAC addresses to default to the Guest VLAN40
Known User MAC addresses to land on VLAN30
Known servers MAC addresses to land on VLAN20
Known machines / devices MAC addresses that can manage the network to land on VLAN10

I've gotten this to work on the CRS-Downstairs
I added a DHCP Client to ether1
Created masterport bridge and added ether2-24 into it with the "Hardware Offload" option set
On the switch VLAN section (/interface ethernet switch egress-vlan-tag) I added an entry for each VLAN ID 10,20,30,40 to ethernet 2 through 24 so the ports had access to these VLANs
On the switch PORTS section (/interface ethernet switch port) I enabled MAC Based VLAN Translate to ethernet 2 through 24

Added my firewall rule to masquerade the traffic from each subnet out the internet gateway.
Went crazy adding all of my MAC addresses into the right vlan in the MAC Based VLAN section (/interface ethernet switch mac-based-vlan)

I was then able to see each ethernet device get tagged with the proper VLAN and assigned the proper DHCP IP address from the corresponding pool
So YAY me! I got it to work.

Now where i'm getting confused.
How to I configure the CRS-Upstairs?

I want it to extend the CRS-Downstairs and continue the MAC based VLAN capabilities on it's ethernet and wifi interface.
Do I need to switch the ethernet 24 port on the CRS-Downstairs and the ethernet 1 port on the CRS-Upstairs to a trunking type port?
Then configure port 2-24 on the CRS-Upstairs to be same as I configured them on the CRS-Downstairs?

I hope you much smarter people here can see what i'm trying to do and clear up why I can't wrap my brain around this configuration.
Top
Locked
  4. RouterOS
  5. Beginner Basics