Page 1 of 1
PVID for BGP VPLS interface on a bridge
Posted: Mon Jul 20, 2020 9:11 am
by Erayd
Given that the
"VLAN on a bridge in a bridge" model is
explicitly advised against, what is the recommended method of tagging traffic to / from a BGP signalled VPLS interface in a bridge?
There is no PVID option under
/interface vpls bgp-vpls, and I cannot find any other way of setting this.
Re: PVID for BGP VPLS interface on a bridge
Posted: Tue Feb 23, 2021 11:02 am
by Erayd
Bumping this - seven months later, and I've still not been able to locate an answer to this question, nor was the local mikrotik distributor & trainer able to answer this.
Would appreciate any ideas, as I'm currently stuck doing something that the documentation explicitly advises is a bad idea.
Re: PVID for BGP VPLS interface on a bridge
Posted: Tue Feb 23, 2021 5:24 pm
by sindy
I'm afraid you have to open a ticket with support directly (via
support@mikrotik.com or, better, via the
servicedesk web interface. The statement regarding availability of direct support only within 14 days from purchase is there mostly to avoid hundreds of newbie questions per day; on the other hand, the local distributor and trainer should have raised your question with Mikrotik and have it answered for you - the idea is that they can answer newbie questions on their own and only forward the negligible amount of more complex ones to Riga.
When the BGP VPLS interface in question is active, can you see a corresponding item in the
/interface bridge port table or not?
Re: PVID for BGP VPLS interface on a bridge
Posted: Wed Feb 24, 2021 3:11 am
by Erayd
I'm afraid you have to open a ticket with support directly (via
support@mikrotik.com or, better, via the
servicedesk web interface. The statement regarding availability of direct support only within 14 days from purchase is there mostly to avoid hundreds of newbie questions per day; on the other hand, the local distributor and trainer should have raised your question with Mikrotik and have it answered for you - the idea is that they can answer newbie questions on their own and only forward the negligible amount of more complex ones to Riga.
Gotcha - thanks; I will log a ticket if this thread doesn't look like finding a solution, and post the outcome here.
When the BGP VPLS interface in question is active, can you see a corresponding item in the /interface bridge port table or not?
Yes. A dynamic entry for the VPLS interface is added here.
Re: PVID for BGP VPLS interface on a bridge
Posted: Wed Feb 24, 2021 10:08 am
by CZFan
Off the bat, have not tested it, etc. possible solutions might be:
1. Assign Vlans to a VRF and use the VRF, or maybe
2. In bridge port, you can select interface called "dynamic" and assign pvid there
Re: PVID for BGP VPLS interface on a bridge
Posted: Wed Feb 24, 2021 1:09 pm
by sindy
I'm afraid it came to nobody's mind that a single bridge could host multiple customers' bgp-vpls tunnels and hence VLAN tag manipulation would be required on the port of the bridge to which the tunnel is connected, hence the pvid is not part of the /interface vpls bgp configuration. The designers probably expected VLAN tag manipulation to happen at edge ports, not tunnel ones.
So as you apparently cannot accommodate to that concept, try to unset the bridge item on the /interface vpls bgp row, which will make that dynamic entry disappear. Then, add an /interface bridge port row manually, with the pvid you need. It may not be possible at all - the name of the tunnel may not be offered as an interface name to add as a bridge port. Even if it is possible, I'd assume that once the tunnel disappears and re-appears, the /interface bridge port row will say interface=*some-hex-number and the traffic will not flow to/from the tunnel, so you would need a script tracking the changes and updating the /interface bridge port list accordingly. But first check that it actually works - PPP BCP adds L2 tunnels as bridge ports dynamically as well, but vlan-filtering doesn't work at all on these ports (I don't remember whether it's just that tagged frames are not received from the tunnels or something worse).
If the bgp vpls tunnel cannot be added as a bridge port this way, you have to keep using your interconnected bridges, and maybe use /interface bridge filter rules to prevent the bad things listed at the "don't do this" page from happening (e.g. not allow STP BPDUs to leak through the /interface vlan to the main bridge). And convince the developers that your use case is so common that it makes sense to implement the corresponding handling.
Re: PVID for BGP VPLS interface on a bridge
Posted: Fri Apr 08, 2022 8:42 pm
by clambert
Has anyone been able to find a solution to this problem?