sat-fan
08.02.2025, aktualisiert um 23:24:59 Uhr
view158
view1
0
Goto Top

Vlan-Bridge-switch problem

FrageRouter, Routing
Hallo,

hänge leider mal wieder. Nach hervorragender Hilfe vom MT Support, wurde mir zuletzt angeraten die VLAN-id=1 nicht zu verwenden.
Dazu wurde mir folgender Eintrag empfolen:
/interface vlan
add comment=MGNT/dont_use_1_for_tag interface=br name=vlan1 vlan-id=99


Nach Überarbeitung habe ich wohl irgendeinen Fehler darin, oder in dem Setup des switches. Denke mal es ist was an der bridge config falsch jetzt.
Bisher war es so das die vlan-Id-1 das dhcp Netz 10.0.0.1/24 nutzte.
Somit konnte ich vlan1 am switch untagged an Endgeräte schicken. Das funktioniert bedauerlicherweise jetzt nicht. Bekomme kein Routing mehr hin. Habe auch probiert ein vlan99 am switch einzurichten, was aber auch nichts bringt. Der Router, die cAPs und der switch haben feste Ips im 10.0.0.1/24 Netz. Bekomme aber keine Routing zwischen meinen hAP AX2 und dem Router hin.
Danke für eure Hilfe.
screenshot 2025-02-08 192647
/interface bridge
add frame-types=admit-only-vlan-tagged name=br vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] name=e1-to-modem
set [ find default-name=ether4 ] name=e4-to-cap
set [ find default-name=ether5 ] name=e5-to-switch



/interface vlan
add comment=MGNT/dont_use_1_for_tag interface=br name=vlan1 vlan-id=99
add comment=GAST interface=br name=vlan10 vlan-id=10
add comment=IoT interface=br name=vlan20 vlan-id=20
add comment=PRIVAT interface=br name=vlan100 vlan-id=100
add comment=SIP interface=br name=vlan111 vlan-id=111

/interface list
add name=LAN
add name=WAN

/interface wifi channel
add band=2ghz-ax comment=2.4ghz-AX disabled=no name=2G-AX skip-dfs-channels=\
    all width=20/40mhz-Ce
add band=5ghz-ax comment="5ghz - AX" disabled=no name=5G-AX \  
    skip-dfs-channels=all width=20/40/80mhz
add band=2ghz-n comment="2.4ghz -AC" disabled=no frequency=2412,2432,2462 \  
    name=2.4ghz-AC skip-dfs-channels=all width=20mhz
add band=5ghz-ac comment="5ghz -AC" disabled=no frequency=5180,5260,5500 \  
    name=5ghz-AC skip-dfs-channels=all width=20/40/80mhz

/interface wifi datapath
add bridge=br comment=it_for_AC disabled=no name=DP_AC
add bridge=br comment=it_for_AX disabled=no name=GAST vlan-id=10
add bridge=br comment=it_for_AX disabled=no name=IoT vlan-id=20
add bridge=br comment=it_for_AX disabled=no name=PRIVAT vlan-id=100

/interface wifi security
add authentication-types=wpa2-psk,wpa3-psk disabled=no ft=yes ft-over-ds=yes \
    name=sec_IoT passphrase=xxxxxxxxxxx
add authentication-types=wpa2-psk,wpa3-psk disabled=no ft=yes ft-over-ds=yes \
    name=sec_Gast passphrase=xxxxxxxxx
add authentication-types=wpa2-psk,wpa3-psk disabled=no ft=yes ft-over-ds=yes \
    name=sec_PRIVATE passphrase=xxxxxxxx

/interface wifi configuration
add channel=5ghz-AC comment=it_for_AC datapath=DP_AC disabled=no mode=ap \
    name=GAST-5-AC security=sec_Gast ssid=GAST
add channel=2.4ghz-AC comment=it_for_AC datapath=DP_AC disabled=no mode=ap \
    name=GAST-2.4-AC security=sec_Gast ssid=GAST
add channel=2.4ghz-AC comment=it_for_AC datapath=DP_AC disabled=no mode=ap \
    name=IoT-2.4-AC security=sec_IoT ssid=Cisco-IoT
add channel=2.4ghz-AC comment=it_for_AC datapath=DP_AC disabled=no mode=ap \
    name=PRIVAT-2.4-AC security=sec_PRIVATE ssid=PRIVAT
add channel=5ghz-AC comment=it_for_AC datapath=DP_AC disabled=no mode=ap \
    name=IoT-5-AC security=sec_IoT ssid=Cisco-IoT
add channel=5ghz-AC comment=it_for_AC datapath=DP_AC disabled=no mode=ap \
    name=PRIVAT-5-AC security=sec_PRIVATE ssid=PRIVAT
add channel=2G-AX comment=it_for_2.4AX datapath=GAST disabled=no mode=ap \
    name=GAST-2.4-AX security=sec_Gast ssid=GAST
add channel=2G-AX comment=it_for_2.4AX datapath=IoT disabled=no mode=ap name=\
    IoT-2.4-AX security=sec_IoT ssid=Cisco-IoT
add channel=2G-AX comment=it_for_2.4AX datapath=PRIVAT disabled=no mode=ap \
    name=PRIVAT-2.4-AX security=sec_PRIVATE ssid=PRIVAT
add channel=5G-AX comment=it_for_5AX datapath=GAST disabled=no mode=ap name=\
    GAST-5-AX security=sec_Gast ssid=GAST
add channel=5G-AX comment=it_for_5AX datapath=IoT disabled=no mode=ap name=\
    IoT-5-AX security=sec_IoT ssid=Cisco-IoT
add channel=5G-AX comment=it_for_5AX datapath=PRIVAT disabled=no mode=ap \
    name=PRIVAT-5-AX security=sec_PRIVATE ssid=PRIVAT
/interface wifi
set [ find default-name=wifi2 ] configuration=PRIVAT-2.4-AX \
    configuration.manager=local .mode=ap .ssid=PRIVAT-R2 disabled=no name=\
    Router-2G-Private
set [ find default-name=wifi1 ] configuration=PRIVAT-5-AX \
    configuration.manager=local .mode=ap .ssid=PRIVAT-R5 disabled=no name=\
    Router-5G-Private security.ft=no .ft-over-ds=no
add configuration=GAST-2.4-AC configuration.hide-ssid=no .mode=ap disabled=no \
    name=cAP-AC-2G-Gast radio-mac=74:4D:28:4C:02:A4 \
    security.connect-priority=0/1
add channel.frequency=2412,2432,2462 configuration=IoT-2.4-AC \
    configuration.mode=ap disabled=no mac-address=76:4D:28:4C:02:A4 \
    master-interface=cAP-AC-2G-Gast mtu=1500 name=cAP-AC-2G-IoT \
    security.connect-priority=0/1
add channel.frequency=2412,2432,2462 configuration=PRIVAT-2.4-AC \
    configuration.mode=ap disabled=no mac-address=76:4D:28:4C:02:A9 \
    master-interface=cAP-AC-2G-Gast name=cAP-AC-2G-Private \
    security.connect-priority=0/1
add configuration=GAST-5-AC configuration.hide-ssid=no .mode=ap disabled=no \
    name=cAP-AC-5G-Gast radio-mac=74:4D:28:4C:02:A5 \
    security.connect-priority=0/1
add channel.frequency=5180,5260,5500 configuration=IoT-5-AC \
    configuration.mode=ap disabled=no mac-address=76:4D:28:4C:02:A5 \
    master-interface=cAP-AC-5G-Gast name=cAP-AC-5G-IoT \
    security.connect-priority=0/1
add channel.frequency=5180,5260,5500 configuration=PRIVAT-5-AC \
    configuration.mode=ap disabled=no mac-address=76:4D:28:4C:02:A7 \
    master-interface=cAP-AC-5G-Gast name=cAP-AC-5G-Private \
    security.connect-priority=0/1
add configuration=PRIVAT-2.4-AX configuration.mode=ap .ssid=PRIVAT-X2 \
    disabled=no name=cAP-AX-2G-Private radio-mac=D4:01:C3:00:06:42
add configuration=PRIVAT-5-AX configuration.mode=ap .ssid=PRIVAT-X5 disabled=\
    no name=cAP-AX-5G-Private radio-mac=D4:01:C3:00:06:41
add configuration=PRIVAT-2.4-AX configuration.mode=ap .ssid=PRIVAT-W2 \
    disabled=no name=wAP-AX-2G-Private radio-mac=F4:1E:57:60:D3:60
add configuration=PRIVAT-5-AX configuration.mode=ap .ssid=PRIVAT-W5 disabled=\
    no name=wAP-AX-5G-Private radio-mac=F4:1E:57:60:D3:61
add channel.frequency=2412,2432,2462 configuration=GAST-2.4-AX \
    configuration.mode=ap .ssid=GAST-R2 disabled=no mac-address=\
    4A:A9:8A:D3:A5:85 master-interface=Router-2G-Private name=Router-2G-Gast \
    security.ft=no .ft-over-ds=no
add channel.frequency=2412,2432,2462 configuration=IoT-2.4-AX \
    configuration.hide-ssid=no .mode=ap disabled=no mac-address=\
    4A:A9:8A:D3:A5:86 master-interface=Router-2G-Private mtu=1500 name=\
    Router-2G-IoT security.ft=no .ft-over-ds=no
add channel.frequency=5180,5260,5500 configuration=GAST-5-AX \
    configuration.mode=ap disabled=no mac-address=4A:A9:8A:D3:A5:84 \
    master-interface=Router-5G-Private name=Router-5G-Gast security.ft=no \
    .ft-over-ds=no
add channel.frequency=5180,5260,5500 configuration=IoT-5-AX \
    configuration.mode=ap .ssid=Cisco-IoT-R5 disabled=no mac-address=\
    4A:A9:8A:D3:A5:87 master-interface=Router-5G-Private name=Router-5G-IoT
add channel.frequency=2412,2432,2462 configuration=GAST-2.4-AX \
    configuration.mode=ap .ssid=GAST-X2 disabled=no mac-address=\
    D6:01:C3:00:06:42 master-interface=cAP-AX-2G-Private name=cAP-AX-2G-Gast
add channel.frequency=2412,2432,2462 configuration=IoT-2.4-AX \
    configuration.mode=ap .ssid=Cisco-IoT-X2 disabled=no mac-address=\
    D6:01:C3:00:06:43 master-interface=cAP-AX-2G-Private mtu=1500 name=\
    cAP-AX-2G-IoT security.connect-priority=0/1
add channel.frequency=5180,5260,5500 configuration=GAST-5-AX \
    configuration.mode=ap .ssid=GAST-X5 disabled=no mac-address=\
    D6:01:C3:00:06:41 master-interface=cAP-AX-5G-Private name=cAP-AX-5G-Gast
add configuration=IoT-5-AX configuration.mode=ap .ssid=Cisco-IoT-X5 disabled=\
    no mac-address=D6:01:C3:00:06:44 master-interface=cAP-AX-5G-Private name=\
    cAP-AX-5G-IoT
add configuration=GAST-2.4-AX configuration.mode=ap .ssid=GAST-W2 disabled=no \
    mac-address=F6:1E:57:60:D3:61 master-interface=wAP-AX-2G-Private name=\
    wAP-AX-2G-Gast
add configuration=IoT-2.4-AX configuration.mode=ap .ssid=Cisco-IoT-W2 \
    disabled=no mac-address=F6:1E:57:60:D3:60 master-interface=\
    wAP-AX-2G-Private name=wAP-AX-2G-IoT
add configuration=GAST-5-AX configuration.mode=ap .ssid=GAST-W5 disabled=no \
    mac-address=F6:1E:57:60:D3:63 master-interface=wAP-AX-5G-Private name=\
    wAP-AX-5G-Gast
add configuration=IoT-5-AX configuration.mode=ap .ssid=Cisco-IoT-W5 disabled=\
    no mac-address=F6:1E:57:60:D3:62 master-interface=wAP-AX-5G-Private name=\
    wAP-AX-5G-IoT

/ip pool
add name=dhcp_pool-GUEST ranges=192.168.10.10-192.168.10.254
add name=dhcp_pool-IoT ranges=192.168.20.10-192.168.20.254
add name=dhcp_pool-Privat ranges=192.168.100.10-192.168.100.254
add name=dhcp_pool-SIP ranges=192.168.111.10-192.168.111.254
add name=dhcp_pool-MGMT ranges=10.0.0.60-10.0.0.254

/ip dhcp-server
add address-pool=dhcp_pool-GUEST interface=vlan10 lease-time=1d name=\
    dhcp-guest
add address-pool=dhcp_pool-IoT interface=vlan20 lease-time=1d name=dhcp-IoT
add address-pool=dhcp_pool-MGMT interface=vlan1 lease-time=1d name=dhcp-mgmt
add address-pool=dhcp_pool-Privat interface=vlan100 lease-time=1d name=\
    dhcp-private
add address-pool=dhcp_pool-SIP interface=vlan111 lease-time=1d name=dhcp-sip

/interface bridge port
add bridge=br frame-types=admit-only-untagged-and-priority-tagged \
    ingress-filtering=no interface=Router-5G-Private pvid=100
add bridge=br frame-types=admit-only-untagged-and-priority-tagged \
    ingress-filtering=no interface=Router-2G-Private pvid=100
add bridge=br frame-types=admit-only-untagged-and-priority-tagged \
    ingress-filtering=no interface=Router-2G-Gast pvid=10
add bridge=br frame-types=admit-only-untagged-and-priority-tagged \
    ingress-filtering=no interface=Router-5G-IoT pvid=20
add bridge=br interface=ether3 pvid=99
add bridge=br frame-types=admit-only-vlan-tagged interface=e5-to-switch pvid=\
    99
add bridge=br frame-types=admit-only-vlan-tagged interface=ether2 pvid=99
add bridge=br interface=e4-to-cap

/ip neighbor discovery-settings
set discover-interface-list=all

/interface bridge vlan
add bridge=br tagged=br,e4-to-cap untagged=e5-to-switch vlan-ids=99
add bridge=br comment="for ax board" tagged=br,e4-to-cap,e5-to-switch \  
    vlan-ids=10
add bridge=br comment="for ax board" tagged=br,e4-to-cap,e5-to-switch \  
    vlan-ids=100
add bridge=br comment="for ax board" tagged=br,e4-to-cap,e5-to-switch \  
    vlan-ids=20
add bridge=br tagged=br,e4-to-cap,e5-to-switch vlan-ids=111

/interface list member
add interface=br list=LAN
add interface=vlan10 list=LAN
add interface=vlan20 list=LAN
add interface=pppoe-out1 list=WAN
add interface=e1-to-modem list=WAN
add interface=vlan100 list=LAN
add interface=vlan1 list=LAN


/interface wifi cap
set certificate=none enabled=yes

/interface wifi capsman
set ca-certificate=auto enabled=yes interfaces=vlan1 package-path="" \  
    require-peer-certificate=no upgrade-policy=none

/interface wifi provisioning
add action=create-dynamic-enabled comment=for_2.4AX disabled=no \
    master-configuration=PRIVAT-2.4-AX slave-configurations=\
    IoT-2.4-AX,GAST-2.4-AX supported-bands=2ghz-ax
add action=create-dynamic-enabled comment=for_5AX disabled=no \
    master-configuration=PRIVAT-5-AX slave-configurations=GAST-5-AX,IoT-5-AX \
    supported-bands=5ghz-ax
add action=create-dynamic-enabled comment=for_5AC disabled=no \
    master-configuration=PRIVAT-5-AC slave-configurations=GAST-5-AC,IoT-5-AC \
    supported-bands=5ghz-ac
add action=create-dynamic-enabled comment=for_2.4AC disabled=no \
    master-configuration=PRIVAT-2.4-AC slave-configurations=\
    GAST-2.4-AC,IoT-2.4-AC supported-bands=2ghz-n

/ip address
add address=192.168.10.1/24 interface=vlan10 network=192.168.10.0
add address=192.168.20.1/24 interface=vlan20 network=192.168.20.0
add address=192.168.111.1/24 interface=vlan111 network=192.168.111.0
add address=192.168.100.1/24 interface=vlan100 network=192.168.100.0
add address=10.0.0.1/24 interface=vlan1 network=10.0.0.0

/ip dhcp-server network
add address=10.0.0.0/24 dns-server=10.0.0.150,10.0.0.151 gateway=10.0.0.1 ntp-server=10.0.0.1
add address=192.168.10.0/24 dns-server=10.0.0.150 gateway=192.168.10.1 ntp-server=10.0.0.1
add address=192.168.20.0/24 dns-server=10.0.0.150 gateway=192.168.20.1 ntp-server=10.0.0.1
add address=192.168.100.0/24 dns-server=10.0.0.150 gateway=192.168.100.1 ntp-server=10.0.0.1
add address=192.168.111.0/24 dns-server=10.0.0.150 gateway=192.168.111.1 ntp-server=10.0.0.1

/ip dns
set allow-remote-requests=yes servers=8.8.8.8
ShareTeilen
Auf Facebook teilen Auf Twitter teilen Auf Reddit teilen Auf Linkedin teilen

Content-ID: 671228

Url: https://administrator.de/forum/vlan-bridge-switch-problem-671228.html

Ausgedruckt am: 09.02.2025 um 01:02 Uhr

1 Kommentar
Goto Top
Spirit-of-Eli
Spirit-of-Eli 08.02.2025 um 23:58:39 Uhr
Goto Top
Moin,

wie sieht denn die "Überarbeitung" der Zeile aus?
In deiner Konfig hast du alles, was vorher an vlan1 mit ID "1" hing jetzt auf ID "99" gehängt.
Existiert das Netz denn an allen gewünschten Ports?

Welchen Teil der Zeile verstehst du gerade nicht? Ich denke da sollten wir ansetzen, denn eigentlich ist offensichtlich was bei deiner Änderung passiert ist.

Gruß
Spirit
FrageRouter, Routing
Mehr von sat-fansat-fanDyn Namensänderung an Capsman client (cAP-AC) -vlan zuweisungsat-fan - 4 Kommentaresat-fanWlan Abbrüche - Channel Konfiguration für mehrere APs und Vlanssat-fan - 50 Kommentaresat-fanVlan-id configured, but interface does not support assigning vlanssat-fan - 2 Kommentaresat-fanWifi Name für Cap-AX im UI ändernsat-fan - 5 Kommentare
Heiß diskutiert
MysticFoxDEX - Elon Musk - Klage gegen Lego Pinterest und Nestlé und Co wegen WerbeboykottMysticFoxDE - 63 KommentareLLL0rdStromführende Netzwerkkabel, Cat5 + GlasLLL0rd - 47 KommentareRamboNo5Kein DHCP außerhalb von VMsRamboNo5 - 45 KommentareYan2021Hilfe beim Kauf eines Mini-PCsYan2021 - 32 KommentareAndi-75Virtuelle Maschine auf WinServer22 Standard für einen UserAndi-75 - 23 KommentareLochkartenstanzer120GB-SD-Karte nur noch 30MB(!) groß?Lochkartenstanzer - 21 KommentaregruenhornAuswahl von AP und manged Switch für Heim Anwendung OPNsensegruenhorn - 21 Kommentareqwertzy0815Tool zum automatisierten Finden ähnlicher PDFs gesuchtqwertzy0815 - 21 KommentareCleanairsSupportende: Wann Win10 auf Win11 Umzug durchführen?Cleanairs - 20 KommentareMainSELRAM Fehler - Correctable ECC - other Memory errorMainSEL - 20 KommentareNastyNaseWindows RDS Aufgabenplanung startet nicht mehrNastyNase - 19 KommentarestaybbNetzwerkerneuerung - Cisco Switches wie dimensionierenstaybb - 17 Kommentare