Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Correct configuration for a VLAN trunk port? [solved]

Locked
 
plum
just joined
Topic Author
Posts: 13
Joined: Mon May 22, 2017 3:40 pm

Correct configuration for a VLAN trunk port? [solved]

Fri Jun 16, 2017 1:37 am

Hi guys

I have an RB2011U (which is not a CRS device) as router, which has a netgear GS108T switch and an hAPlite (acting as a switch) connected.
There are two VLAN 40 and 80 on the router, they work just fine on the access ports of this router.


However, when I try to connect the hAPlite or the netgear switch to a trunk-port (aka a port with multiple VLANs configured) configured, it fails to get any connection. I can get it working by connecting them to an access port - which of course limits that switch to a single vlan.

So, is there some special configuration needed on the main (RB2011) router for these trunk ports?
I figured this setup should be really easy and not need any configuration besides the switch vlan configuration (right???) or do I actually have to setup /interface ethernet vlan on these trunk-ports and add them to a bridge or something??

My current configuration is below, all 3 devices use the same settings. Only exception is the router, which has two of those trunk ports - one for each of the two "slave" switches
Code: Select all
/interface ethernet switch port print
2   ether02-trunk1-master                             switch1                                             secure    add-if-missing               0

/interface ethernet switch vlan print
0   switch1                                                                  40 ether02-trunk1-master                                             
                                                                                 ether03                                                           
                                                                                 ether04                                                                                                                      
                                                                                 switch1-cpu
1   switch1                                                                  80 ether02-trunk1-master                                             
                                                                                 ether05
                                                                                 switch1-cpu
Last edited by plum on Sun Jun 18, 2017 10:03 pm, edited 1 time in total.
Top
 
gerakon
Member Candidate
Member Candidate
Posts: 105
Joined: Sat May 24, 2014 8:14 am

Re: Correct configuration for a VLAN trunk port?

Sun Jun 18, 2017 7:21 am

I couldn't tell from your description, but you need to configure the trunk port on both the 2011, the HAP Lite and the Netgear.

Here's the Wiki for the HAP Lite and the 2011.
https://wiki.mikrotik.com/wiki/Manual:S ... s_Ports.29
Top
 
plum
just joined
Topic Author
Posts: 13
Joined: Mon May 22, 2017 3:40 pm

Re: Correct configuration for a VLAN trunk port?

Sun Jun 18, 2017 10:02 pm

Thanks. I have seen the wiki, but the examples there are incomplete and don't work without additional configurations (e.g. IPs or trunk bridge, if you have more than one switch chip). This is really annoying for beginners.
However, I recreated the configuration on the "main router" and now it works. It's ridiculous how straight forward the final configuration is :)

If somebody ever stumbles over this thread and is looking for a vlan configuration which is not based on "bridges, bridges, bridges" and actually uses the switch chip, here it is.
This is example is for an RB2011U, which has two switch chips (and therefore two master ports). It's based on the "home AP" default config.
Code: Select all
# make ports slaves. The default configuration probably already has this.
/interface ethernet
set [ find default-name=ether1 ] name=eth01-outside
set [ find default-name=ether2 ] name=eth02-master
set [ find default-name=ether3 ] master-port=eth02-master name=eth03
set [ find default-name=ether4 ] master-port=eth02-master name=eth04
set [ find default-name=ether5 ] master-port=eth02-master name=eth05
set [ find default-name=ether6 ] name=eth06-master
set [ find default-name=ether7 ] master-port=eth06-master name=eth07
set [ find default-name=ether8 ] master-port=eth06-master name=eth08
set [ find default-name=ether9 ] master-port=eth06-master name=eth09
set [ find default-name=ether10 ] master-port=eth06-master name=eth10

# trunk bridge, probably already exists
/interface bridge add comment=defconf name=bridge

# the master ports are probably already member of that bridge
/interface bridge port add bridge=bridge comment=defconf interface=eth02-master
/interface bridge port add bridge=bridge interface=eth06-master

# now, let's create the vlans on the bridge
/interface vlan add interface=bridge name=vlan-guest-200 vlan-id=200
/interface vlan add interface=bridge name=vlan-int-100 vlan-id=100

# vlan port config on the switch
/interface ethernet switch vlan add ports=eth02-master,eth03,eth04,eth05,switch1-cpu switch=switch1 vlan-id=100 independent-learning=no
/interface ethernet switch vlan add ports=eth02-master,switch1-cpu switch=switch1 vlan-id=200 independent-learning=no

# if you have a device (like the RB2011U) with 2 switch chips, you need an additional switch config for the second switch:
/interface ethernet switch vlan add ports=eth06-master,eth07,eth08,eth09,switch2-cpu switch=switch2 vlan-id=100
/interface ethernet switch vlan add ports=eth06-master,eth07,eth10,switch2-cpu switch=switch2 vlan-id=200

# define the adresses of your vlans
/ip address add address=10.10.100.1/24 interface=bridge-vlan-int-100 network=10.10.100.0
/ip address add address=10.10.200.1/24 interface=bridge-vlan-guest-200 network=10.10.200.0

# you might want to create a dhcp on each vlan, I'll skip that here.
For trunk ports, we do
Code: Select all
/interface ethernet switch port set 2 default-vlan-id=1 vlan-header=add-if-missing vlan-mode=secure
Now for every access port:
Code: Select all
/interface ethernet switch port set 3 default-vlan-id=100 vlan-header=always-strip vlan-mode=secure
If there are wifi AP stations on a vlan, we can define a bridge for said vlan and just add the wifi to it:
Code: Select all
# create a bridge for each vlan you need
/interface bridge add name=bridge-vlan-guest-200

# add the vlan and wifi to the bridge
/interface bridge port add bridge=bridge-vlan-guest-200 interface=vlan-guest-200
/interface bridge port add bridge=bridge-vlan-guest-200 interface=wifi-guest-200
Top
Locked
  4. RouterOS
  5. Beginner Basics