CRS switch egress-vlan-tag command
Posted: Fri Dec 12, 2014 7:54 pm
Hello,
what is the use of this command ? It seems that adding or removing it has no effect on the packets flow in my CRS125-24G-1S (test setup), RouterOS 6.20 .
Here is the scenario (mimic of real production environment):
It just does packet switching and VLAN translation, nothing else. It does not even require an IP address.
With the config mentionned above, it works.
If I understand correctly the wiki page (http://wiki.mikrotik.com/wiki/Manual:CR ... Based_VLAN), I should add the following commands:
But it works without those commands. I see packets from the correct hosts on the correct ports with the correct vlan ids, and I don't see any incorrect association.
Can someone explain this black magic ?
I don't want to put something I don't understand in production if possible
what is the use of this command ? It seems that adding or removing it has no effect on the packets flow in my CRS125-24G-1S (test setup), RouterOS 6.20 .
Here is the scenario (mimic of real production environment):
- ports 1 and 2 are connected to our core router, with our well defined internal VLAN IDs:
- Customer X uses VLAN ID 1 untagged
- Customer Y uses VLAN ID 2 tagged
- Customer Z uses VLAN ID 3 tagged
- port 7 is connected to a server of customer X, vlan id 1 untagged
- port 8 is connected to a server of customer Y, vlan id 2 untagged
- port 9 is connected to a server of customer Z, vlan id 3 untagged
- port 3 is connected to provider A which collects ethernet links at customers X, Y and Z offices. Unfortunately, provider A does not use the same VLAN IDs as we do. No QinQ visible, on this link the vlan ids are:
- Customer X VID = 101
- Customer Y VID = 102
- Customer Z VID = 103
Code: Select all
/interface ethernet
set [ find default-name=ether2 ] master-port=ether1
set [ find default-name=ether3 ] master-port=ether1
set [ find default-name=ether7 ] master-port=ether1
set [ find default-name=ether8 ] master-port=ether1
set [ find default-name=ether9 ] master-port=ether1
/interface ethernet switch
set drop-if-invalid-or-src-port-not-member-of-vlan-on-ports=ether1,ether2,ether3,ether7,ether8,ether9 forward-unknown-vlan=no
/interface ethernet switch trunk
add member-ports=ether1,ether2 name=trunk-router
/interface ethernet switch egress-vlan-translation
add customer-vid=1 new-customer-vid=101 ports=ether3
add customer-vid=2 new-customer-vid=102 ports=ether3
add customer-vid=3 new-customer-vid=103 ports=ether3
/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=1 ports=ether7 sa-learning=yes
add customer-vid=0 new-customer-vid=2 ports=ether8 sa-learning=yes
add customer-vid=0 new-customer-vid=3 ports=ether9 sa-learning=yes
add customer-vid=0 new-customer-vid=1 ports=trunk-router sa-learning=yes
add customer-vid=101 new-customer-vid=1 ports=ether3 sa-learning=yes
add customer-vid=102 new-customer-vid=2 ports=ether3 sa-learning=yes
add customer-vid=103 new-customer-vid=3 ports=ether3 sa-learning=yes
/interface ethernet switch vlan
add ports=trunk-router,ether3,ether7 vlan-id=1
add ports=trunk-router,ether3,ether8 vlan-id=2
add ports=trunk-router,ether3,ether9 vlan-id=3
With the config mentionned above, it works.
If I understand correctly the wiki page (http://wiki.mikrotik.com/wiki/Manual:CR ... Based_VLAN), I should add the following commands:
Code: Select all
/interface ethernet switch egress-vlan-tag
add tagged-ports=trunk-internal vlan-id=2
add tagged-ports=trunk-internal vlan-id=3
add tagged-ports=ether3 vlan-id=101
add tagged-ports=ether3 vlan-id=102
add tagged-ports=ether3 vlan-id=103
Can someone explain this black magic ?
I don't want to put something I don't understand in production if possible