[RouterOS] 實作 VLAN Trunk 讓 MOD 流量通過 Switch 並隔離其他上網流量

發表於 更新於 分類於 閱讀次數: Disqus: 文章字數: 263 所需閱讀時間 ≈ 1 分鐘

架構圖

說明

  • Home Gateway 到 MOD 只有一條線,想要在那條線後接除了 MOD 外的設備
  • 將 RB750GL 當成網管型 Switch 使用
  • MOD 為 VLAN 100,其餘設備皆為 VLAN 1

操作

MikroTik hEX

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
/interface ethernet
set [ find default-name=ether1 ] master-port=none name=ether1-gateway
set [ find default-name=ether2 ] master-port=none name=ether2-master-local
set [ find default-name=ether3 ] master-port=ether2-master-local name=ether3-slave-local
set [ find default-name=ether4 ] master-port=ether2-master-local name=ether4-slave-local
set [ find default-name=ether5 ] master-port=none name=ether5-Hinet-MOD

/interface ethernet switch port
set 0 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 1 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 2 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 3 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 4 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 5 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 

/interface vlan
add interface=ether5-Hinet-MOD name=eth5_vlan100_MOD vlan-id=100
add interface=ether5-Hinet-MOD name=eth5_vlan1_LAN vlan-id=1

/interface bridge
add name=bridge_vlan1
add name=bridge_vlan100

/interface bridge port
add bridge=bridge_vlan1 interface=ether2-master-local
add bridge=bridge_vlan1 interface=eth5_vlan1_LAN
add bridge=bridge_vlan100 interface=eth5_vlan100_MOD
add bridge=bridge_vlan100 interface=ether1-gateway
  • PPPoE 撥號介面請改為 bridge_vlan100
  • DHCP Server / IPv4 Address 介面請改為 bridge_vlan1

MikroTik RB750GL

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
/interface ethernet switch port
set 0 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 1 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 2 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 3 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 4 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 
set 5 vlan-mode=disabled vlan-header=leave-as-is default-vlan-id=auto 

/interface ethernet
set [ find default-name=ether2 ] master-port=none name=ether2-RPI
set [ find default-name=ether3 ] master-port=none name=ether3-1043ND
set [ find default-name=ether4 ] master-port=none name=ether4-MOD
set [ find default-name=ether5 ] master-port=none name=ether5-hEX

/interface vlan
add interface=ether5-hEX name=eth5_vlan100_MOD vlan-id=100
add interface=ether5-hEX name=eth5_vlan1_LAN vlan-id=1

/interface bridge
add name=bridge_vlan1
add name=bridge_vlan100

/interface bridge port
add bridge=bridge_vlan100 interface=eth5_vlan100_MOD
add bridge=bridge_vlan100 interface=ether4-mod
add bridge=bridge_vlan1 interface=eth5_vlan1_LAN
add bridge=bridge_vlan1 interface=ether1
add bridge=bridge_vlan1 interface=ether2-RPI
add bridge=bridge_vlan1 interface=ether3-1043ND

參考資料