Hey everyone,
First time poster here and brand new to Mikrotik. I’m attempting to set myself up for nice home-lab capabilities as I grow into this equipment and more in order to learn along with it. I have great respect for this community and know that someone sharp out there can catch what I am not seeing or perhaps not understanding. Here’s my current setup (with explanation below):
Picture of topology: https://ibb.co/x1jv1t2
"Core Switch" SW-GR config:
VLAN configuration:
VLAN 25: Management (172.16.25.0/28)
VLAN 50: Wireless (192.168.50.0/24)
VLAN 60: Wired (192.168.60.0/24)
VLAN 70: WAN (192.168.70.0/24 – changed from /30 to /24 for troubleshooting purposes)
My major problem is that InterVLAN routing is not functioning properly. As far as I can tell, Layer 2 connectivity and INTRAsubnet communication works (devices on same VLAN/subnet connected to different switches/wireless APs are pinging each other, and smart devices are all working on the wireless network). Any Layer 3 routing seems nonexistent. Many traceroutes would show that when a device in one VLAN would try and send a ping to another, it would get as far as the appropriate default gateway on SW-GR and go no further. Interestingly, I can still connect to the internet (well enough to connect to Mikrotik Forum and make this post![:P]( "Razz")
) which tells me that my default route is working, but any routes that are learned dynamically via my InterVLAN routes are no good. This is as of yet unsolved.
Topology pic as well as all the switch config files are attached as well. They are all the same CRS310-8G+2S+IN model.
I appreciate help from any willing participants and am looking forward to talking about it!
Thanks everyone,
cjseagraves
First time poster here and brand new to Mikrotik. I’m attempting to set myself up for nice home-lab capabilities as I grow into this equipment and more in order to learn along with it. I have great respect for this community and know that someone sharp out there can catch what I am not seeing or perhaps not understanding. Here’s my current setup (with explanation below):
Picture of topology: https://ibb.co/x1jv1t2
"Core Switch" SW-GR config:
Code:
# 2024-04-03 16:46:39 by RouterOS 7.14.1# software id = **ELIDED**## model = CRS310-8G+2S+# serial number = **ELIDED**/interface bridgeadd admin-mac= **ELIDED** auto-mac=no comment=defconf frame-types=\ admit-only-vlan-tagged name=bridge port-cost-mode=short vlan-filtering=\ yes/interface vlanadd comment="MANAGEMENT SVI" interface=bridge name=VLAN25 vlan-id=25add comment="WLAN SVI" interface=bridge name=VLAN50 vlan-id=50add comment="LAN SVI" interface=bridge name=VLAN60 vlan-id=60add comment="WAN SVI" interface=bridge name=VLAN70 vlan-id=70/interface listadd comment="Wired list VLAN 60" name=Wiredadd comment="WAN list VLAN 70" name=WANadd comment="Trunk list" name=TRUNKadd comment="Management list VLAN 25" name=MANAGEMENTadd comment="Wireless list VLAN 50" name=Wireless/ip hotspot profileset [ find default=yes ] html-directory=hotspot/ip pooladd name=dhcp_pool_VLAN50 ranges=192.168.50.50-192.168.50.254add name=dhcp_pool_VLAN60 ranges=192.168.60.50-192.168.60.254/ip dhcp-serveradd address-pool=dhcp_pool_VLAN50 interface=VLAN50 lease-time=1h name=\ "WLAN DHCP"add address-pool=dhcp_pool_VLAN60 interface=VLAN60 lease-time=1h name=\ "LAN DHCP"/interface bridge portadd bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \ interface=MANAGEMENT pvid=25add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \ interface=Wired pvid=60add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \ interface=Wireless pvid=50add bridge=bridge frame-types=admit-only-vlan-tagged interface=TRUNKadd bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \ interface=WAN pvid=70/interface bridge settingsset allow-fast-path=no/ip firewall connection trackingset udp-timeout=10s/interface bridge vlanadd bridge=bridge comment="Management VLAN" tagged=\ sfp-sfpplus1,sfp-sfpplus2,bridge untagged=ether8 vlan-ids=25add bridge=bridge comment="WLAN VLAN" tagged=sfp-sfpplus1,sfp-sfpplus2,bridge \ vlan-ids=50add bridge=bridge comment="LAN VLAN" tagged=sfp-sfpplus1,sfp-sfpplus2,bridge \ untagged=ether3,ether4,ether5,ether6,ether1,ether2,ether7 vlan-ids=60add bridge=bridge comment="WAN VLAN" tagged=bridge,sfp-sfpplus1,sfp-sfpplus2 \ vlan-ids=70/interface list memberadd interface=ether3 list=Wiredadd interface=ether4 list=Wiredadd interface=ether5 list=Wiredadd interface=ether8 list=MANAGEMENTadd interface=sfp-sfpplus1 list=TRUNKadd interface=sfp-sfpplus2 list=TRUNKadd interface=ether1 list=Wiredadd interface=ether2 list=Wiredadd interface=ether6 list=Wiredadd interface=ether7 list=Wired/ip addressadd address=172.16.25.1/28 interface=VLAN25 network=172.16.25.0add address=192.168.50.1/24 interface=VLAN50 network=192.168.50.0add address=192.168.60.1/24 interface=VLAN60 network=192.168.60.0add address=192.168.70.1/24 interface=VLAN70 network=192.168.70.0/ip dhcp-server networkadd address=192.168.50.0/24 dns-server=192.168.70.2,8.8.8.8 gateway=\ 192.168.50.1add address=192.168.60.0/24 dns-server=192.168.70.2,8.8.8.8 gateway=\ 192.168.60.1/ip firewall filteradd action=accept chain=forward comment="For intervlan troubleshooting, PFSens\ e is my actual firewall for internet" dst-address=0.0.0.0 \ in-interface-list=all out-interface-list=all src-address=0.0.0.0/ip routeadd comment="All non-LAN traffic sent to PFSense router" disabled=no \ distance=1 dst-address=0.0.0.0/0 gateway=192.168.70.2 pref-src="" \ routing-table=main scope=30 suppress-hw-offload=no target-scope=10/system clockset time-zone-name=US/Eastern/system identityset name=SW-GR/system noteset show-at-login=no/system ntp clientset enabled=yes/system ntp client serversadd address=192.168.70.2add address=time-b-g.nist.govadd address=time-a-g.nist.gov/system routerboard settingsset boot-os=router-osVLAN configuration:
VLAN 25: Management (172.16.25.0/28)
VLAN 50: Wireless (192.168.50.0/24)
VLAN 60: Wired (192.168.60.0/24)
VLAN 70: WAN (192.168.70.0/24 – changed from /30 to /24 for troubleshooting purposes)
My major problem is that InterVLAN routing is not functioning properly. As far as I can tell, Layer 2 connectivity and INTRAsubnet communication works (devices on same VLAN/subnet connected to different switches/wireless APs are pinging each other, and smart devices are all working on the wireless network). Any Layer 3 routing seems nonexistent. Many traceroutes would show that when a device in one VLAN would try and send a ping to another, it would get as far as the appropriate default gateway on SW-GR and go no further. Interestingly, I can still connect to the internet (well enough to connect to Mikrotik Forum and make this post
) which tells me that my default route is working, but any routes that are learned dynamically via my InterVLAN routes are no good. This is as of yet unsolved. Topology pic as well as all the switch config files are attached as well. They are all the same CRS310-8G+2S+IN model.
I appreciate help from any willing participants and am looking forward to talking about it!
Thanks everyone,
cjseagraves
Statistics: Posted by cjseagraves — Thu Apr 04, 2024 12:41 am