MikroTik

Hi all.
Is it possible to create bridge for communication between wireless clients and internet and leave all wired communications via switch (master port)?
Because as far as i see if i configure master port in switch and created bridge with this master port and wireless interfaces all traffic routed via this bridge.
So what the sense to use switch with bridge?
P.S. HW - hap ac lite.

The sense of that is to have everything (wired and wireless) as one big network segment.

Ok. But it's possible to make separate wired and wireless subnets and not use bridge for wired?


Отправлено с моего iPhone используя Tapatalk

Of course, you can have almost anything you want. Some crazy ideas may not be possible, but all the basic stuff is. Separate subnets for wired and wireless, both wireless interfaces together or separate, virtual APs with different SSIDs, either separate or together with some wired ports, VLANs, ... Make a plan and go for it.

Ok. But it's possible to make separate wired and wireless subnets and not use bridge for wired?


Отправлено с моего iPhone используя Tapatalk

the bridge is needed only if you want put wlanX and etherX together.

On some rb you can put on switch ether2 (master) + 3, 4 and 5 as slave of master port ether2
For add ether1 on same group you must bridge ether1 and ether2


On other you can put on switch from ether1 to ether5 without use any bridge.

So how to achieve this?
ether1 - wan
ether25 - lan
wlan12 - wifi.
Create bridge between ether1 & wlan12 (without lan access?), leave ether25 in normal switch mode without bridging?
I tried to remove ether25 from bridge and leave there ether1 and wlan12 but it didn't works.
Any help please.
TIA.

So how to achieve this?
ether1 - wan
ether25 - lan
wlan12 - wifi.
Create bridge between ether1 & wlan12 (without lan access?), leave ether25 in normal switch mode without bridging?
I tried to remove ether25 from bridge and leave there ether1 and wlan12 but it didn't works.
Any help please.
TIA.

Don't bridge ether1 since it is your WAN.
If you definately would like to separate wifi and wired, create a bridge for your wlan interfaces (I assume wlan12 is wlan1 and wlan2)
keep in mind that you need a dedicated IP segment / address for your wifi network and wired.
Also applies for DHCP.

But I'm looking for the real reason why not bridge ether2 (master of 3-5) and wifi interfaces.
Any traffic between eterh2-5 will go via the switch chip and bypasses the CPU.

Everything is possible to your scenario, but keep in mind that bridging + acl is not a good idea since it uses your equipment processing power (sometimes, a LOT). I bet that you can use filters in your bridge setup (put everything together) and isolate them. But if you want to just isolate them, why not using two separate subnets, one address for each interface and you're good to go? For now I can't really understand your scenario, but if you draw it and post it maybe we can understand more clearly.

Regards,

Regarding wiki I need to bridge wireless interfaces and switch master port. In this configuration, when I'm running speedtest wired, I see up to 60% CPU usage.
When I removed bridge, created new one only with wireless interfaces, running dhcp on it. On master switch port second dhcp server. Then when I run speedtest agin I see 10-20% CPU usage.
But wiki says to bridge wlan and master port...

Regarding wiki I need to bridge wireless interfaces and switch master port. In this configuration, when I'm running speedtest wired, I see up to 60% CPU usage.
When I removed bridge, created new one only with wireless interfaces, running dhcp on it. On master switch port second dhcp server. Then when I run speedtest agin I see 10-20% CPU usage.
But wiki says to bridge wlan and master port...

I guess there is a discrepancy in CPU usage because you have different firewall rules in both scenario.
How are your firewall rules set up?

Firewall rules are the same in both scenarios. Default raw and mangle with fasttrack enabled, 10-15 filter and 10-15 nat rules. Can share them later.


Отправлено с моего iPhone используя Tapatalk

I have the exactly same setup, and how i done it is very simple.
PORT1 = WAN connected to my provider ADSL modem
PORT2 = -> Connected to switch and gives internet output to rest of the network
PORT3= bridged wth WLAN interface on router and also this PORT3 is connected to same switch.

I have the exactly same setup, and how i done it is very simple.
PORT1 = WAN connected to my provider ADSL modem
PORT2 = -> Connected to switch and gives internet output to rest of the network
PORT3= bridged wth WLAN interface on router and also this PORT3 is connected to same switch.

Does you have dhcp server for wlan or only one subnet? What is your addressing?

I have the exactly same setup, and how i done it is very simple.
PORT1 = WAN connected to my provider ADSL modem
PORT2 = -> Connected to switch and gives internet output to rest of the network
PORT3= bridged wth WLAN interface on router and also this PORT3 is connected to same switch.

Does you have dhcp server for wlan or only one subnet? What is your addressing?

You can have DHCP anywhere you want, it doesnt matter, mine is on PORT2 which i mentioned above, you could create it also on bridge which bridges PORT3 and WLAN.

Your port3 isn't a slave of master port right? I'm trying to understand your config. Can you share you interfaces and addresses config export?


Отправлено с моего iPhone используя Tapatalk