MikroTik

Hi,
I'm asking about your help for a little problem that I've found today.. little but I cannot understand why

I've a bridge with 2 ether ports inside (one to the switch port set in ACCESS mode on VLAN 101, one to grant access to the VLAN 101 to one PC directly connect to this RB1100 port)
I put an address of VLAN 101 on bridge1
And the ping between RB and CISCO switch works well (CISCO has 192.168.101.1/24 on VLAN 101)

Then..... for a joke, I've rebooted the RB and... communication between CISCO and RB was lost.. no ping reply, ARP like 00:00:00:00:00:00 in MK ARP TABLE for the switch IP address and I cannot see any MAC on ARP table of CISCO switch

Then, I removed the bridge and moved IP address from bridge1 to ether1.. everything works well ; otherwise, If i make a switch using ether1 as master port and ether2 as slave, everything works well but, If I re-enabled the bridge and add these 2 ports inside of them.. anytihing works again..

Then, I think the issue is using the bridge in this config, but I don't understand why! All ethernet frames that come from/to CISCO switch are untagged, then there is any additional config to do into RB1100.

I've already update to 6.36 without any improvement

Are you confusing IP subnet, and VLANs?

A VLAN has no relation to an IP address or IP subnet...it has no "address" as you stated below.

Hi freakneck,
sorry but I think there is a misunderstanding.

VLAN interface on Mikotik is a virtual LAN interface, and as a physical interface, it can have an IP address and services, like DHCP client or server.

Also switch can have a management VLAN different that the ID=1 standard, the you can assign an IP for management on this VLAN.

You are writing that on Cisco you have VLAN 101 but on MikroTik you mention no VLAN at all.
This is only going to work when on the port on the Cisco that VLAN is configured as
"switchport access vlan 101" or "switchport trunk native vlan 101".
(i.e. the VLAN 101 is untagged on that port)

When you want to use tagged vlan 101 you need to configure a VLAN interface in the MikroTik
or you need to configure the MikroTik internal switch to do the tagging.

You should not use the switch chip function and a bridge on the same two ports, otherwise you will be creating a loop because you will have packets bridged twice (once via bridge, once via switch port master/slave function, so all sent frames would be duplicated). Spanning tree would probably then kick in to shut down the port.

If you need a bridge in addition to switching, connect just the master port to the bridge.

Hi pe1chl and mducharme,
thanks for your support.

The port on CISCO is set as "switchport access vlan 101" then I don't need to declare VLAN on the bridge Mikrotik's side.

About mducharme suggestion, I know that isn't possible to use port as bridge member and as switch toghether; when I put ports on bridge, master/slave port switch is disabled, but when I set as master/slave I've to put them out of bridge (Mikrotik will give me an error about it).

I think so that is a problem like STP or similar on CISCO switch, 'cause I cannot reproduce this issue using a different switch with the same config.

Hi pe1chl and mducharme,
thanks for your support.

The port on CISCO is set as "switchport access vlan 101" then I don't need to declare VLAN on the bridge Mikrotik's side.

About mducharme suggestion, I know that isn't possible to use port as bridge member and as switch toghether; when I put ports on bridge, master/slave port switch is disabled, but when I set as master/slave I've to put them out of bridge (Mikrotik will give me an error about it).

I think so that is a problem like STP or similar on CISCO switch, 'cause I cannot reproduce this issue using a different switch with the same config.

Hi, this is probably caused by the spanning tree priority setting, or by Cisco's proprietary implementation of spanning tree.

You can correct this by issuing "spanning-tree bpdufilter enable" on the access port on the Cisco switch that connects to the Mikrotik.

I think so that is a problem like STP or similar on CISCO switch, 'cause I cannot reproduce this issue using a different switch with the same config.

Of course you can always disable STP on the MikroTik bridge (protocol-mode none) and see if that resolves it.

HI pe1chl,
thanks for your suggestions

I'm not really expert about CISCO and your guidelines help me a lot! I will follow them and keep you updated!

Spannng tree disabled on mikrotik port but still mikrotik does not see other mikrotik devices at the other edge of cisco.Before or after spanning tree no other devices on discovery.


Any update?