Anda di halaman 1dari 13

Hi all

I am lost on CCR1036-G-4S and VLAN.


I have a TRUNK coming from CISCO 2960 to SPF 1 on the CCR
The trunk I have 4 deferent VLAN EX. 2 3 4 5.
Then I need to crate VLAN 2 on port 1 VLAN 3 on port 2,3,4,5,6 VLAN 4 on 7,8,9,10 and VLAN 5 on port
11 and 12.
SPF2,3,4 has to be trunk to other CISCO 2960 where I have the same VLAN in them.
Can anyone guide me here, cuss I cant get it to work. (winbox is a good tool but maybe hardcode is
better on mikrotik like cisco?)
PS. I am new to routerboard.
Cheers
Jimmy
LCPL J.Hahn

Rudios
Forum Veteran

Posts: 897
Joined: Mon Mar 11, 2013 1:58 pm
Reputation: 2
Location: The Netherlands

Tue Aug 20, 2013 11:07 pm


First create a VLAN interface on the trunk ports with the correct vlan id.

ros code
/interface vlan
add name=vlan2-sfp1
add name=vlan3-sfp1
add name=vlan4-sfp1
add name=vlan5-sfp1

interface=sfp1
interface=sfp1
interface=sfp1
interface=sfp1

vlan-id=2
vlan-id=3
vlan-id=4
vlan-id=5

add
add
add
add

name=vlan2-sfp2
name=vlan3-sfp2
name=vlan4-sfp2
name=vlan5-sfp2

interface=sfp2
interface=sfp2
interface=sfp2
interface=sfp2

vlan-id=2
vlan-id=3
vlan-id=4
vlan-id=5

add
add
add
add

name=vlan2-sfp3
name=vlan3-sfp3
name=vlan4-sfp3
name=vlan5-sfp3

interface=sfp3
interface=sfp3
interface=sfp3
interface=sfp3

vlan-id=2
vlan-id=3
vlan-id=4
vlan-id=5

add
add
add
add

name=vlan2-sfp4
name=vlan3-sfp4
name=vlan4-sfp4
name=vlan5-sfp4

interface=sfp4
interface=sfp4
interface=sfp4
interface=sfp4

vlan-id=2
vlan-id=3
vlan-id=4
vlan-id=5

Then create a bridge for each vlan.

ros code
/interface brige
add name=bridge-vlan2
add name=bridge-vlan3
add name=bridge-vlan4
add name=bridge-vlan5

#2

and add the appropriate ports to each bridge

ros code
/interface bridge port
add bridge=bridge-vlan2
add bridge=bridge-vlan2
add bridge=bridge-vlan2
add bridge=bridge-vlan2
add bridge=bridge-vlan2

interface=vlan2-sfp1
interface=vlan2-sfp2
interface=vlan2-sfp3
interface=vlan2-sfp4
interface=ether1

add
add
add
add
add
add
add
add
add

bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3

interface=vlan3-sfp1
interface=vlan3-sfp2
interface=vlan3-sfp3
interface=vlan3-sfp4
interface=ether2
interface=ether3
interface=ether4
interface=ether5
interface=ether6

add
add
add
add
add
add
add
add

bridge=bridge-vlan4
bridge=bridge-vlan4
bridge=bridge-vlan4
bridge=bridge-vlan4
bridge=bridge-vlan4
bridge=bridge-vlan4
bridge=bridge-vlan4
bridge=bridge-vlan4

interface=vlan4-sfp1
interface=vlan4-sfp2
interface=vlan4-sfp3
interface=vlan4-sfp4
interface=ether7
interface=ether8
interface=ether9
interface=ether10

add
add
add
add
add
add

bridge=bridge-vlan5
bridge=bridge-vlan5
bridge=bridge-vlan5
bridge=bridge-vlan5
bridge=bridge-vlan5
bridge=bridge-vlan5

interface=vlan5-sfp1
interface=vlan5-sfp2
interface=vlan5-sfp3
interface=vlan5-sfp4
interface=ether11
interface=ether12

----------------What you also could do is create a bridge an put all the trunk ports in it

ros code
/interface bridge
add name=bridge-trunk
/interface bridge port
add bridge=bridge-trunk
add bridge=bridge-trunk
add bridge=bridge-trunk
add bridge=bridge-trunk

interface=sfp1
interface=sfp2
interface=sfp3
interface=sfp4

Then create the 4 vlan interfaces on the trunk bridge

ros code
/interface vlan
add name=vlan2-tr
add name=vlan3-tr
add name=vlan4-tr
add name=vlan5-tr

interface=bridge-trunk
interface=bridge-trunk
interface=bridge-trunk
interface=bridge-trunk

vlan-id=2
vlan-id=3
vlan-id=4
vlan-id=5

And then create additional bridges for the ether ports to bridge and put the respective vlan interface into
that same bridge

ros code
/interface bridge
add name=bridge-vlan2
add name=bridge-vlan3
add name=bridge-vlan4
add name=bridge-vlan5
/interface bridge port
add bridge=bridge-vlan2 interface=ether2
add bridge=bridge-vlan2 interface=vlan2-tr
add
add
add
add
add

bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3
bridge=bridge-vlan3

interface=ether3
interface=ether4
interface=ether5
interface=ether6
interface=vlan3-tr

add
add
add
add
add

bridge=bridge-vlan4
bridge=bridge-vlan4
bridge=bridge-vlan4
bridge=bridge-vlan4
bridge=bridge-vlan4

interface=ether7
interface=ether8
interface=ether9
interface=ether10
interface=vlan4-tr

add bridge=bridge-vlan5 interface=ether11


add bridge=bridge-vlan5 interface=ether12
add bridge=bridge-vlan5 interface=vlan5-tr

Testing setup with: 2 x RB750UP | 2 x RB750GL | 1 x RB951G-2HnD | 1 x RB2011UiAS-IN

Jimmy
newbie
Topic Author

Posts: 45
Joined: Thu Sep 29, 2011 11:42 pm
Reputation: 0

Wed Aug 21, 2013 12:26 am

#3

Hi Rudios
Damm I love a good support forum, I will try this first thing in the morning.
THX for quick reply.
Cheers
Jimmy
LCPL J.Hahn

Jimmy
newbie
Topic Author

Posts: 45
Joined: Thu Sep 29, 2011 11:42 pm
Reputation: 0

#4

Wed Aug 21, 2013 11:48 pm


Hi all
I am still working on a test setup with these settings, but now i have more Q ?
On Cisco i have IP on vlan2, where do i set it on th CCR? do i need to set it on a interface, cuss it will not
Work on VLAN2?
Cheers
Jimmy
LCPL J.Hahn

ivtts

just joined
Posts: 8
Joined: Tue Aug 20, 2013 12:47 pm
Reputation: 0
Location: Russia

#5

Thu Aug 22, 2013 12:08 am


You can assign the address to the interface in such a way, e.g.:

ros code
/ip addresses
add address=10.0.0.1/24 interface=bridge-vlan2

Similary in Winbox (IP -> Addresses, then "+").


To access to your mikrotik device over this interface check your firewall settings (IP->Firewall) and routing
table (IP->Routes).
// Sorry for my English.

Rudios
Forum Veteran

Posts: 897
Joined: Mon Mar 11, 2013 1:58 pm
Reputation: 2
Location: The Netherlands

Thu Aug 22, 2013 12:56 am

#6

It depends. If you want the routerboard to route traffic, add an IP address to the vlan bridges. If you only
want to split out the VLAN's brought to the routerboard via the trunk, IP addresses are not needed. Maybe
only one for management, but still it needs to be on the bridge.
Testing setup with: 2 x RB750UP | 2 x RB750GL | 1 x RB951G-2HnD | 1 x RB2011UiAS-IN

Jimmy
newbie
Topic Author

Posts: 45
Joined: Thu Sep 29, 2011 11:42 pm
Reputation: 0

#7

Thu Aug 22, 2013 7:04 pm


Hmm the trunk is working but any of the vlan is not working? Wen i conect a pc to any of the port i do not
get any ip. All my lan have a dhcp server but no ip on any port of the ccr.
I can see both tx and rx on the trunk but not on any interface ?
Are we sure the ccr can See the vlans from Cisco?
Plz help
Cheers jimmy
Send from mobile phone
LCPL J.Hahn

ivtts

just joined
Posts: 8
Joined: Tue Aug 20, 2013 12:47 pm
Reputation: 0
Location: Russia

#8

Thu Aug 22, 2013 9:16 pm


I did not check the work of mikrotik and isco together, so I can only assume.
You can see the traffic on each interface in its properties (in Winbox choose "Interfaces" and then doubleclick on the desired interface to the last tab will be traffic statistics through this interface). Or in the context
menu for desired interface select "Torch".
The work of DHCP, you can check that. Suppose the network vlan2 you have a DHCP server. Then you
can create a DHCP client on CCR interface in the same vlan (e.g., bridge-vlan2). In Winbox select "IP->
DHCP Client", and then click the "+" and add a "DHCP client" for interface bridge-vlan2. In the same
place you can see what address was received.
You can also manually assign an IP address and try to ping the DHCP server. So you can be sure that the
DHCP server is available (if your dhcp server can answer on ping requests)....
In Winbox choose "New Terminal" and enter the following command (e.g. DHCP server is 192.168.0.1):

ros code
ping 192.168.0.1

Hmm no ping
I can ping the ccr there is connect from trunk so again no problem on the trunk, and i can See all in the
dude too, so it have to Be the vlan, but the Big Q WHY cuss if the trunk is working then the ccr can filter
the trunk?
Cheers
jimmy
Send from mobile phone