[AusNOG] Fwd: Re: 12V Gigabit Switch suggestions

Greg McLennan mclennan at internode.on.net
Sat Feb 9 14:34:04 EST 2013


     There are two ways to do VLAN tagging in the mikrotik router, one 
is via the switch chip(hardware dependent) and the other is more 
commonly seen done in RouterOS(In the CPU). Not many people take 
advantage of the switch-chip method as there is little proper 
documentation on it and it doesn't work on ALL mikrotik devices(chipset 
dependant).

That said, for those that do have programmable switch chips in there 
mikrotik router device. Then tagging at switch chip level is fast and 
doesn't require CPU % cycles to do it, and it will do INGRESS and EGRESS 
tagging and TRUNKING nicely. There is also some nice coding available if 
you want to apply logic rules to tagging. Ow and the switch chip menu is 
where you can do port mirroring if you need to packet capture a port for 
things like full packet capture for auditing purposes!!

     If you do VLAN work in the CPU/RouterOS rather than at switch chip 
level then it will eat a small amount of CPU resources, always better to 
offload to a wirespeed hardware chip when latency of traffic is critical.

http://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features

Regards All
Greg McLennan
-------------------------------------------------------------------------------------------

On 9/02/2013 12:02 PM, Paul Gear wrote:
> On 02/08/2013 09:11 AM, Thomas Jackson wrote:
>> I've seen you mention VLAN tagging on Mikrotik several times, and I'm not
>> sure where you have been stuck on this.
>>
>> 	/interface vlan add interface=ether1 name=my-vlan vlan-id=100
>>
>> Creates a virtual interface called my-vlan, primary interface ether1, VLAN
>> ID 100. From there, it is treated like another interface in the rest of the
>> system (routing, firewall etc). If you want to use VLANs on a switch group,
>> define your switch group by defining the master-port on each slave port,
>> then use the above command with your master port.
>
> Here's the configuration tutorial i started with:
> http://wiki.mikrotik.com/wiki/Vlans_on_Mikrotik_environment
>
> As it stands, it works.  Now take the configuration they outline 
> there, and produce an equivalent config to this one from a Cisco 2950:
>
> int f0/1
>     switchport mode trunk
>     switchport trunk native vlan 10
>     switchport trunk allowed vlan 20
> int f0/2
>     switchport mode trunk
>     switchport trunk native vlan 20
>     switchport trunk allowed vlan 30
> int f0/3
>     switchport mode trunk
>     switchport trunk native vlan 30
>     switchport trunk allowed vlan 10
> int f0/4
>     description Uplink
>     switchport mode trunk
>     switchport trunk allowed vlan 10,20,30
>
> Or, even simpler and clearer on a ProCurve:
>
> vlan 10
>     untagged 1
>     tagged 3-4
> vlan 20
>     untagged 2
>     tagged 1,4
> vlan 30
>     untagged 3
>     tagged 2,4
>
> To do this with the Mikrotik we need to:
>
>   * Add another VLAN with an access port.  Pretty straightforward.
>   * Add a tagged VLAN to each access port (it could be for voice,
>     servers, or whatever).  Not hard, but this definitely produces a
>     configuration which is a whole lot more complex than the sample on
>     the wiki.
>
> Now do it on the switch chip.  This is my lay-down misère.  When you 
> go here, you end up dealing with stuff that is (as far as i can work 
> out) just a thin CLI wrapper around the switch chip's TCAM API.  (It 
> turns a 2-minute job into a 2-hour job for me.  I'm sure others who 
> are more skilled and practiced with RouterOS could get it down to 20 
> minutes or so.)
>
> Those working in service provider environments may not mess around 
> with VLAN tagging much, but for me these are everyday tasks, and i 
> don't have that kind of time to spend on it.
>
>> Obviously Mikrotik isn't going to suit everything (and I don't think it is
>> quite the right fit for this use), but they are great when used in the right
>> place like any tool. Comparing a routing platform that can do some switching
>> (Mikrotik) to switching platforms (Netgear GS108T or ProCurve 1810G) isn't
>> quite a direct comparison either.
>
> This did start as a thread about suitable 12V switches... :-)
>
>> To tenuously get back to topic, the GS108T
>> is powered from a wall-wart if my memory is right, so may actually suit this
>> use-case. I would rather saw my arm off than use a Netgear GS108T after some
>> previous bad experiences, but that is a story for a different day!
>
> That was my point - i feel the same way about Netgear GS108Ts and 
> ProCurve 1810s. ;-)
>
> Paul
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130209/241e1bb9/attachment.html>


More information about the AusNOG mailing list