Hi
On one of our sites, we're looking to replace a Cisco SG-300 which handles our VLAN's and trunking with a Netonix WS-12-250A.
Hoping someone can cast their eye over my configuration.
This is our current VLAN config on the Cisco.
Ports 1-5 are for customer access.
Port 7 is our backhaul - SIAE AlfoPlus 17GHz.
Ports 8 and 9 go to our router - RB1100AHx2.
Have tried this configuration on the Netonix.
Port 1 for SIAE powered up at 48VH.
Ports 2-9 for customer access.
Ports 10 and 11 to the Mikrotik router.
I've tried this with trunking enabled on ports 1, 10 and 11 and also without but didn't work either way.
Seemed to work and traffic built but then died off and no access to customer radios.
This is the interface setup on the Mikrotik:
Anyone able to cast their eye on this and tell me where I'm going wrong?
Probably something simple but I've been looking at it too long now.
Thanks
Colin
VLAN configuration
- colinhowlin
- Member
- Posts: 46
- Joined: Wed Feb 17, 2016 10:00 am
- Location: Ireland
- Has thanked: 2 times
- Been thanked: 2 times
-
Eric Stern - Employee
- Posts: 532
- Joined: Wed Apr 09, 2014 9:41 pm
- Location: Toronto, Ontario
- Has thanked: 0 time
- Been thanked: 130 times
-
Eric Stern - Employee
- Posts: 532
- Joined: Wed Apr 09, 2014 9:41 pm
- Location: Toronto, Ontario
- Has thanked: 0 time
- Been thanked: 130 times
Re: VLAN configuration
Also, the way this is configured all frames going to the Mikrotik will be untagged (because of the U's on ports 10 and 11), so the VLAN configuration on the mikrotik will be useless.
- colinhowlin
- Member
- Posts: 46
- Joined: Wed Feb 17, 2016 10:00 am
- Location: Ireland
- Has thanked: 2 times
- Been thanked: 2 times
Re: VLAN configuration
Hi Eric
Thanks for the reply.
Yes, STP enabled on all ports.
With regards to the Mikrotik, are you saying VLAN23 and 230 configured on ether 1 and 11 don't need to be there?
Thanks
Colin
Thanks for the reply.
Yes, STP enabled on all ports.
With regards to the Mikrotik, are you saying VLAN23 and 230 configured on ether 1 and 11 don't need to be there?
Thanks
Colin
-
Eric Stern - Employee
- Posts: 532
- Joined: Wed Apr 09, 2014 9:41 pm
- Location: Toronto, Ontario
- Has thanked: 0 time
- Been thanked: 130 times
Re: VLAN configuration
colinhowlin wrote:Yes, STP enabled on all ports.
Thats probably at least part of the problem. STP/RSTP is not VLAN aware, so having both ports 9 and 10 going to the mikrotik will cause the switch to detect a loop and it will disable one of the ports. If STP is also enabled on the Mikrotik that is.
colinhowlin wrote:With regards to the Mikrotik, are you saying VLAN23 and 230 configured on ether 1 and 11 don't need to be there?
Correct, as the Mikrotik will never get tagged frames. Unless its supposed to be getting tagged frames, in which case you'll need to change the VLAN configuration.
- colinhowlin
- Member
- Posts: 46
- Joined: Wed Feb 17, 2016 10:00 am
- Location: Ireland
- Has thanked: 2 times
- Been thanked: 2 times
Re: VLAN configuration
Thanks for your replies Eric.
The Cisco in place at the minute also has STP enabled on all ports including those going to the Mikrotik.
It works fine like this - are you saying it shouldn't in this configuration?
Could I just have one link to the Mikrotik and eliminate STP on this network segment?
There are no other loops. There's just the switch, router and a number of AP's.
The Cisco in place at the minute also has STP enabled on all ports including those going to the Mikrotik.
It works fine like this - are you saying it shouldn't in this configuration?
Could I just have one link to the Mikrotik and eliminate STP on this network segment?
There are no other loops. There's just the switch, router and a number of AP's.
-
Eric Stern - Employee
- Posts: 532
- Joined: Wed Apr 09, 2014 9:41 pm
- Location: Toronto, Ontario
- Has thanked: 0 time
- Been thanked: 130 times
Re: VLAN configuration
Cisco's have a proprietary extension to STP called PVST (Per VLAN Spanning Tree). If that is enabled that could be why it is working.
I don't think you need two links to the Mikrotik. I'm guessing a little here, but this might be the configuration you want.
- disconnect port 11, set it to E on all 3 VLANs
- U on port 10 for VLAN 1
- T on port 10 for VLAN 23
- T on port 10 for VLAN 230
- you may need to reconfigure the Mikrotik to expect both VLAN 23 and 230 on port 10
Traffic for VLAN 1 can arrive untagged on ports 1,12,13,14 and go out untagged on port 10
Traffic for VLAN 23 can arrive tagged on port 1 and go out tagged on port 10
Traffic for VLAN 230 can arrive tagged on port 1 or untagged on ports 2-9 and will go out tagged on port 10
I don't think you need two links to the Mikrotik. I'm guessing a little here, but this might be the configuration you want.
- disconnect port 11, set it to E on all 3 VLANs
- U on port 10 for VLAN 1
- T on port 10 for VLAN 23
- T on port 10 for VLAN 230
- you may need to reconfigure the Mikrotik to expect both VLAN 23 and 230 on port 10
Traffic for VLAN 1 can arrive untagged on ports 1,12,13,14 and go out untagged on port 10
Traffic for VLAN 23 can arrive tagged on port 1 and go out tagged on port 10
Traffic for VLAN 230 can arrive tagged on port 1 or untagged on ports 2-9 and will go out tagged on port 10
-
sirhc - Employee
- Posts: 7421
- Joined: Tue Apr 08, 2014 3:48 pm
- Location: Lancaster, PA
- Has thanked: 1609 times
- Been thanked: 1326 times
Re: VLAN configuration
Eric Stern wrote:Cisco's have a proprietary extension to STP called PVST (Per VLAN Spanning Tree). If that is enabled that could be why it is working.
I don't think you need two links to the Mikrotik. I'm guessing a little here, but this might be the configuration you want.
- disconnect port 11, set it to E on all 3 VLANs
- U on port 10 for VLAN 1
- T on port 10 for VLAN 23
- T on port 10 for VLAN 230
- you may need to reconfigure the Mikrotik to expect both VLAN 23 and 230 on port 10
Traffic for VLAN 1 can arrive untagged on ports 1,12,13,14 and go out untagged on port 10
Traffic for VLAN 23 can arrive tagged on port 1 and go out tagged on port 10
Traffic for VLAN 230 can arrive tagged on port 1 or untagged on ports 2-9 and will go out tagged on port 10
The reason he probably wants 2 links (LAG) to the router that feeds the local radios on the towers is to split the Pause Frames up across 2 interfaces which causes less of an impact on the tower when a pause frame is sent. I do this with my towers, I have a LAG between the switch and the router for the VLANs that handle the local radios that way the Pause frames have less of an impact on the tower traffic as seen below in my VLAN configuration.
I also make sure no back-haul links are going through those interfaces so local Pause Frames have no affect on traffic coming through this tower to the next tower.
Support is handled on the Forums not in Emails and PMs.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.
- colinhowlin
- Member
- Posts: 46
- Joined: Wed Feb 17, 2016 10:00 am
- Location: Ireland
- Has thanked: 2 times
- Been thanked: 2 times
Re: VLAN configuration
The SG300 doesn't actually support PVST as far as I'm aware.
If we set up with just one link to Mikrotik, do you foresee pause frames becoming a problem?
We're not currently seeing any pause frames on the links between Cisco and Mikrotik.
If we set up with just one link to Mikrotik, do you foresee pause frames becoming a problem?
We're not currently seeing any pause frames on the links between Cisco and Mikrotik.
-
sirhc - Employee
- Posts: 7421
- Joined: Tue Apr 08, 2014 3:48 pm
- Location: Lancaster, PA
- Has thanked: 1609 times
- Been thanked: 1326 times
Re: VLAN configuration
colinhowlin wrote:
If we set up with just one link to Mikrotik, do you foresee pause frames becoming a problem?
We're not currently seeing any pause frames on the links between Cisco and Mikrotik.
No, was just guessing what your logic was?
Support is handled on the Forums not in Emails and PMs.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.
Before you ask a question use the Search function to see it has been answered before.
To do an Advanced Search click the magnifying glass in the Search Box.
To upload pictures click the Upload attachment link below the BLUE SUBMIT BUTTON.
10 posts
Page 1 of 1
Who is online
Users browsing this forum: No registered users and 113 guests