Hello, I am not an expert at VLANS, but have used Mikrotik for upwards of 8 years, and have not seen an issue like this. Please consider the following network diagram:
(if the mail server or your email server kills the PNG, please look at http://files (dot) bayelec (dot) com/net.png ) The problem we are seeing involves the D Mikrotik Switch, the two green microwave radios, and the rest of the network. We are sharing microwave bandwidth with another entity on this leg, and were assigned the VLAN 1001 for that network segment. The rest of the network is not tagged. So, in order for network traffic to traverse that red/orange network hop is to have a tag of 1001. The tagging happens at the Mikrotik Switches… the microwave simply passes or rejects. We are using Mikrotik CRS125-24G-1S switches, running RouterOS 6.20 Site B Mikrotik Switch has the following command to setup the VLAN Tagging: /interface ethernet switch egress-vlan-tag Add tagged-ports=ether4-slave-local vlan-id=1001 Site D has the following command to setup: /interface ethernet switch egress-vlan-tag Add tagged-ports=ether2-master-local vlan-id=1001 ********************* We have suffered two failures this year involving Site D where traffic leaves site D to the rest of the network just fine, but people at B, C, or A could not reach D. Thus, D's mikrotik is not aware that there is a problem, as D pinging anything works. But B,C, and A cannot ping D. A power cycle does not fix the problem. The solution was to go into the Mikrotik on Site D, and using Winbox, re-apply the VLAN setting. The other solution was to disable the VLAN setting, and then re-enable. ********************** My questions: 1) Am I setting up the VLAN properly? Is there a better/different way to make sure the ports on the switches are tagging properly? 2) At Site D, we are using the ether2-master-local port. Should this be a slave instead? Would the IP of the switch be causing a problem being set on that port? 3) I looked in the change logs of RouterOS, and did not see tagging addressed. We can certainly upgrade RouterOS to the latest version, but I didn't want to just do that as a feel good measure. 4) Is there a way I can script the Mikrotik at D to check if VLAN tagging is working properly, and if not, reset the port like we did manually? Fortunately, this doesn't happen regularly. Thanks, Christian -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20150901/a3709a71/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: net.png Type: image/png Size: 86733 bytes Desc: not available URL: <http://mail.butchevans.com/pipermail/mikrotik/attachments/20150901/a3709a71/attachment.png> _______________________________________________ Mikrotik mailing list [email protected] http://mail.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
