CRS Basic Vlan Configuration

hardware, software, , , , , , , , , , , , ,

I’ve been playing around with v6.13rc12 over the last week on a CRS125-24G-1S and have put together a an example script for provisioning the unit with a user-vlan and an admin-vlan that are trunked back via the SFP port.

I’ve been waiting for a long time to have a usable and readable switch chip config on the CRS platform, so I hope this is useful for some of you guys too.

CRS125-24G-1S-RM

In the config:

  • vlan20 is the user facing vlan (untagged on ether1-24, tagged on sfp1)
  • vlan10 is the admin vlan (tagged on sfp1)
  • vlan10 is attached to the router cpu
  • 10.0.0.2/24 is assigned to vlan10
  • 10.0.0.1 is set as the default gateway
/interface vlan
add interface=sfp1 l2mtu=1584 name=vlan10 vlan-id=10
/interface ethernet
set [ find default-name=ether1 ] master-port=sfp1
set [ find default-name=ether2 ] master-port=sfp1
set [ find default-name=ether3 ] master-port=sfp1
set [ find default-name=ether4 ] master-port=sfp1
set [ find default-name=ether5 ] master-port=sfp1
set [ find default-name=ether6 ] master-port=sfp1
set [ find default-name=ether7 ] master-port=sfp1
set [ find default-name=ether8 ] master-port=sfp1
set [ find default-name=ether9 ] master-port=sfp1
set [ find default-name=ether10 ] master-port=sfp1
set [ find default-name=ether11 ] master-port=sfp1
set [ find default-name=ether12 ] master-port=sfp1
set [ find default-name=ether13 ] master-port=sfp1
set [ find default-name=ether14 ] master-port=sfp1
set [ find default-name=ether15 ] master-port=sfp1
set [ find default-name=ether16 ] master-port=sfp1
set [ find default-name=ether17 ] master-port=sfp1
set [ find default-name=ether18 ] master-port=sfp1
set [ find default-name=ether19 ] master-port=sfp1
set [ find default-name=ether20 ] master-port=sfp1
set [ find default-name=ether21 ] master-port=sfp1
set [ find default-name=ether22 ] master-port=sfp1
set [ find default-name=ether23 ] master-port=sfp1
set [ find default-name=ether24 ] master-port=sfp1
/interface ethernet switch egress-vlan-tag
add tagged-ports=sfp1 vlan-id=20
add tagged-ports=sfp1,switch1-cpu vlan-id=10
/interface ethernet switch ingress-vlan-translation
add new-customer-vid=20 ports=ether1 sa-learning=yes
add new-customer-vid=20 ports=ether2 sa-learning=yes
add new-customer-vid=20 ports=ether3 sa-learning=yes
add new-customer-vid=20 ports=ether4 sa-learning=yes
add new-customer-vid=20 ports=ether5 sa-learning=yes
add new-customer-vid=20 ports=ether6 sa-learning=yes
add new-customer-vid=20 ports=ether7 sa-learning=yes
add new-customer-vid=20 ports=ether8 sa-learning=yes
add new-customer-vid=20 ports=ether9 sa-learning=yes
add new-customer-vid=20 ports=ether10 sa-learning=yes
add new-customer-vid=20 ports=ether11 sa-learning=yes
add new-customer-vid=20 ports=ether12 sa-learning=yes
add new-customer-vid=20 ports=ether13 sa-learning=yes
add new-customer-vid=20 ports=ether14 sa-learning=yes
add new-customer-vid=20 ports=ether15 sa-learning=yes
add new-customer-vid=20 ports=ether16 sa-learning=yes
add new-customer-vid=20 ports=ether17 sa-learning=yes
add new-customer-vid=20 ports=ether18 sa-learning=yes
add new-customer-vid=20 ports=ether19 sa-learning=yes
add new-customer-vid=20 ports=ether20 sa-learning=yes
add new-customer-vid=20 ports=ether21 sa-learning=yes
add new-customer-vid=20 ports=ether22 sa-learning=yes
add new-customer-vid=20 ports=ether23 sa-learning=yes
add new-customer-vid=20 ports=ether24 sa-learning=yes
/ip address
add address=10.0.0.2/24 interface=vlan10 network=10.0.0.0
/ip route
add dst-address=0.0.0.0/0 gateway=10.0.0.1
Advertisement

7 thoughts on “CRS Basic Vlan Configuration

  1. Very handy thanks! Routerboards are great, but a simple VLAN switch config has been so complicated to date!

  2. Seems handy, but could you please add more details and description to all required steps, especially when someone like me would like to add additional vlans.

    Thanks!

  3. Hi,
    I have tried this config example, and it works, but what about spanning-tree support in this case? I have gone through one test – attached directly two ports which are in the same VLAN and, as I expected, got broadcast storm. But, unfortunatelly, I can not find a solution to this. Only way is to use bridges, but that is not the same case as the one you posted…

    Any thoughts on this?

    Kind regards,
    Jovana

  4. Hi Jovana,

    It is correct that this does not use RSTP/STP on the MikroTIk itself at the moment however this may be supported in a future release, at the moment it is only possible via the bridge.

    Cheers,
    Omega-00

  5. Hi Omega-00,

    thanks for confirmation. Any information on when can we expect STP support on MikroTik, any planned date of new release with this support?
    This is quite cruical functionality…

    Thanks.
    Kind regards,
    Jovana

  6. Hi Thanks, thats very handy.
    One question came up, why the script not add the Ports to VLAN Membership in the /interface ehternet switch vlan ?

    Or is it just need if i have more than one VLAN ?

    Thanks,
    regards
    Marcus

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.