MikroTik Bridge – Interface Lists as bridge ports and bridge VLANs

Jono 2 days ago News Leave a comment 94 Views

MikroTik RouterOS is ever evolving and adding new features. One such useful feature which has been added in RouterOS 7.17beta2 is:

*) bridge - added interface-list support for VLANs;

Why might this be useful? Consider for example a switch which is powering a number of Access Points and you are running an 802.1x wireless network with many vlans. This new feature now allows the creation of one interface list for all the access points and then only the interface list needs be added as a tagged interface in each vlan. This simplifies the configuration and also makes it easier when an additional access point is added and an extra port is needed to be tagged in many vlans.

This example below shows 10 vlans (100-110) which are tagged on interfaces ether1 though to ether10.

Prior to RouterOS 7.17 the following configuration would be required:

/interface bridge
add frame-types=admit-only-vlan-tagged name=bridge1 vlan-filtering=yes
/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether1
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether2
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether3
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether4
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether5
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether6
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether7
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether8
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether9
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether10
/interface bridge vlan
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=100
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=101
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=102
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=103
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=104
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=105
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=106
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=107
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=108
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=109
add bridge=bridge1 tagged=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 vlan-ids=110

 

This configuration can now be done using an interface list as shown below

/interface bridge
add frame-types=admit-only-vlan-tagged name=bridge1 vlan-filtering=yes
/interface list
add name=AccessPoints
/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=AccessPoints
/interface bridge vlan
add bridge=bridge1 tagged=AccessPoints vlan-ids=100
add bridge=bridge1 tagged=AccessPoints vlan-ids=101
add bridge=bridge1 tagged=AccessPoints vlan-ids=102
add bridge=bridge1 tagged=AccessPoints vlan-ids=103
add bridge=bridge1 tagged=AccessPoints vlan-ids=104
add bridge=bridge1 tagged=AccessPoints vlan-ids=105
add bridge=bridge1 tagged=AccessPoints vlan-ids=106
add bridge=bridge1 tagged=AccessPoints vlan-ids=107
add bridge=bridge1 tagged=AccessPoints vlan-ids=108
add bridge=bridge1 tagged=AccessPoints vlan-ids=109
add bridge=bridge1 tagged=AccessPoints vlan-ids=110
/interface list member
add interface=ether1 list=AccessPoints
add interface=ether2 list=AccessPoints
add interface=ether3 list=AccessPoints
add interface=ether4 list=AccessPoints
add interface=ether5 list=AccessPoints
add interface=ether6 list=AccessPoints
add interface=ether7 list=AccessPoints
add interface=ether8 list=AccessPoints
add interface=ether9 list=AccessPoints
add interface=ether10 list=AccessPoints

 

If you want to know more about MikroTik bridges, Layer2 and Bridge VLAN filtering then come on our MTCSWE training course.

If you require any further information please call our team of experts on 01449 888000 or email shop@linitx.com

About Jono

Check Also

MikroTik Professionals Conference (MTPC) – 7-8th March 2024 – Presentation Videos available

The MikroTik Professionals Conference (MTPC) held in March 2024 was a great success. The conference …

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by LinITX.com | Designed by Multithread
Copyright © 2003 - 2025. All Rights Reserved Multithread Consultants Ltd.