MikroTik

Posted: **Sun Oct 25, 2015 2:49 am**

My ISP is sending my main internet untagged and my IPTV connection tagged with VLAN 845.
This is all incoming on ether1 and I would like to split it up.

I would like the VLAN 845 to be switched/stripped to ether2, so that the TV-box will use the ISP DHCP-Server and get the VLAN 845 traffic untagged.

And the incoming untagged connections should go to the MikroTik router and ether3-10 and wlan1 using the MikroTik DHCP-Server.

I have a 2011UiAS-2HnD with 3.22 firmware running RouterOS 6.27.

I have no idea how to do this and have been told the MikroTik can't really solve this.
Is that information correct or can someone help me on how to set this up?
Have tried a few guides and bridged me out of my own router and already have had to make two factory resets. :/

Posted: **Tue Oct 27, 2015 7:01 pm**

My ISP is sending my main internet untagged and my IPTV connection tagged with VLAN 845.
This is all incoming on ether1 and I would like to split it up.

I would like the VLAN 845 to be switched/stripped to ether2, so that the TV-box will use the ISP DHCP-Server and get the VLAN 845 traffic untagged.

And the incoming untagged connections should go to the MikroTik router and ether3-10 and wlan1 using the MikroTik DHCP-Server.

I have a 2011UiAS-2HnD with 3.22 firmware running RouterOS 6.27.

I have no idea how to do this and have been told the MikroTik can't really solve this.
Is that information correct or can someone help me on how to set this up?
Have tried a few guides and bridged me out of my own router and already have had to make two factory resets. :/

Hi,

The easiest way to do this is to create a bridge interface then add the VLAN interface from ether 1 and ether2, this will bridge those 2 interfaces directly too each other.

For the rest of your internet, either configure ether1 with a dhcp-client or statically assign it an IP.
Create a new bridge for your other interfaces and masquerade all traffic that goes out of ether 1.

At work, when I get chance I'll post the terminal commands.

EDIT:
OK here is the list of terminal commands:
Add the VLAN to ether1:

interface vlan add name=iptv-vlan vlan-id=845 interface=ether1 comment="ISP IPTV VLAN"

Create a bridge for the IPTV connection and add both the vlan and ether2 to it:

interface bridge add name=bridge-iptv comment="Bridge for IPTV"
interface bridge port add interface=iptv-vlan bridge=bridge-iptv 
interface bridge port add interface=ether2 bridge=bridge-iptv

So now we have the IPTV vlan and ether2 on the same L2 network, you should be able to connect your tv box to ether2 now and it will work.

For the internet you need give ether1 an IP address, if you have a static from your ISP you need to input it manual like this:

ip address add interface=ether1-gateway address=1.1.1.1/1

Then an IP route:

ip route add dst-address=0.0.0.0/0 gateway=1.1.1.2

(Replace the 1.1.1.x IP addresses with your correct IP information.)

If your IP is given via DHCP then do this:

ip dhcp-client add interface=ether1

This will automatically add an ip route as well as the address to ether1.

Now all you need to do is create a new bridge for the LAN and add all your remaining interfaces to it.
The process for this is the same as for the IPTV bridge above:

interface bridge add name=bridge-lan comment="local lan"
interface bridge port add interface=ether3 bridge=bridge-lan
interface bridge port add interface=ether4 bridge=bridge-lan
interface bridge port add interface=ether5 bridge=bridge-lan
interface bridge port add interface=ether6 bridge=bridge-lan
interface bridge port add interface=ether7 bridge=bridge-lan
interface bridge port add interface=ether8 bridge=bridge-lan
interface bridge port add interface=ether9 bridge=bridge-lan
interface bridge port add interface=ether10 bridge=bridge-lan
interface bridge port add interface=wlan1 bridge=bridge-lan

Add an IP to your LAN bridge, this will be you router's LAN IP:

ip address add interface=bridge-lan address=192.168.1.1/24

And finally we need to masquerade traffic from the LAN to the WAN:

ip firewall nat add out-interface=ether1 action=masquerade

This will give you what you need.
I'm not going to go into DHCP server setup, there's plenty of posts on how to do that.

Posted: **Wed Nov 04, 2015 9:48 pm**

Sorry for the late reply, but thank you tslytsly, whis worked perfect.

Since I already had a setup with DHCP-server and all that I tried to implement this into my setup.

What I had to do was:

Add VLAN interface iptv-vlan on interface ether1 with VLAN ID 845
Add bridge bridge-iptv
Create bridge port for iptv-vlan and ether2 on bridge-iptv

As soon as I connected the IPTV-box to ether2 everything was awesome.

Now I have high hopes that the continuation of this setup will be just as easy.

I got another MikroTik device (RB951G-2HnD) and was hoping that I could wirelessly get the VLAN 845 signals into an interface on that one.
The problem is that I want the IPTV-box in another room and was hoping I didn't have to use any cables.

Device #1 (2011UiAS-2HnD)
I have created two VirtualAP on my default wireless interface. One wlan-local is in my bridge-local and is the one my phones and wireless devices are using. The other one is wlan-iptv that is in the bridge-iptv (the one we created earlier) and the one I was hoping of using.

I tried with another router (Linksys E3000 running DD-WRT) and got some problems with multicast errors on my IPTV.

I would like to connect my IPTV in ether5 of my second MikroTik device and get the bridge-iptv data from my first device wirelessly there, anyone got any ideas?

Posted: **Fri Nov 06, 2015 10:19 am**

Sorry for the late reply, but thank you tslytsly, whis worked perfect.

Since I already had a setup with DHCP-server and all that I tried to implement this into my setup.

What I had to do was:

Add VLAN interface iptv-vlan on interface ether1 with VLAN ID 845

Add bridge bridge-iptv

Create bridge port for iptv-vlan and ether2 on bridge-iptv
As soon as I connected the IPTV-box to ether2 everything was awesome.

Now I have high hopes that the continuation of this setup will be just as easy.

I got another MikroTik device (RB951G-2HnD) and was hoping that I could wirelessly get the VLAN 845 signals into an interface on that one.
The problem is that I want the IPTV-box in another room and was hoping I didn't have to use any cables.

Device #1 (2011UiAS-2HnD)
I have created two VirtualAP on my default wireless interface. One wlan-local is in my bridge-local and is the one my phones and wireless devices are using. The other one is wlan-iptv that is in the bridge-iptv (the one we created earlier) and the one I was hoping of using.

I tried with another router (Linksys E3000 running DD-WRT) and got some problems with multicast errors on my IPTV.

I would like to connect my IPTV in ether5 of my second MikroTik device and get the bridge-iptv data from my first device wirelessly there, anyone got any ideas?

Glad I could help.

I'm no expert with the WIFI side of things on RouterOS, but you should be able to do a very similar setup on your 2nd device: Create a bridge for the IPTV and add the IPTV WLAN and ether5 to it.

Not sure of the correct settings for the WIFI link between your original router and this new device.

MikroTik

Splitting ISP connection base on tagged/untagged VLAN

Splitting ISP connection base on tagged/untagged VLAN

Re: Splitting ISP connection base on tagged/untagged VLAN

Re: Splitting ISP connection base on tagged/untagged VLAN

Re: Splitting ISP connection base on tagged/untagged VLAN