Hello,
Happy New Year to all!
I have been trying to configure my Internet connection to go via an aggregation switch since my ISP is offering better than Gigabit speeds. In order to achieve this setup, I have connected the devices as shown in the diagram below:
![Image]()
In terms of configuration in the CCR-2004, this is what I have setup so far (limiting the config export to the relevant portions):
The basis for the recursive routing script from this awesome post by anav.
If I change to be enabled, then the DHCP client linked to will get an IP address from the ISP.
However, at the same time my log will start to fill up with messages such as:The MAC Address is one of the VRRP interfaces listed above.
I'm clearly doing something wrong as indicated by the, but I will confess I'm not sure how to segregate traffic from the ISP modem terminating at the USW-Aggregation switch without assigning that port a VLAN ID. Extending that further, if I don't add the same VLAN ID to the bridge then the DHCP client does not get an IP address.
Any advice on what I'm doing wrong would be very welcome!
Happy New Year to all!
I have been trying to configure my Internet connection to go via an aggregation switch since my ISP is offering better than Gigabit speeds. In order to achieve this setup, I have connected the devices as shown in the diagram below:
In terms of configuration in the CCR-2004, this is what I have setup so far (limiting the config export to the relevant portions):
Code:
/interface bridgeadd admin-mac=6E:D0:A9:F3:E1:35 auto-mac=no name="All Ports Bridge" \ vlan-filtering=yes/interface ethernet<snip>set [ find default-name=sfp-sfpplus1 ] comment=\ "USW-Aggregation Uplink (Port 1)"set [ find default-name=sfp-sfpplus2 ] comment=\ "USW-Aggregation Uplink (Port 2)"/interface vlanadd comment="Server Network" interface="All Ports Bridge" name=wan1-net \ vlan-id=200add comment="Client Network" interface="All Ports Bridge" name=wan1-net \ vlan-id=100add comment="WAN" interface="All Ports Bridge" name=wan1-net \ vlan-id=1000/interface vrrpadd authentication=ah interface=server-net name=server-net-vrrp \ priority=250 version=2 vrid=200add authentication=ah interface=trusted-clients-net name=trusted-clients-vrrp \ priority=250 version=2 vrid=100/interface bondingadd comment="USW-Aggregation Trunk Ports" mode=802.3ad name=\ bond_sfpplus1-sfpplus2 slaves=sfp-sfpplus1,sfp-sfpplus2/interface bridge portadd bridge="All Ports Bridge" interface=ether1add bridge="All Ports Bridge" interface=ether2<snip>add bridge="All Ports Bridge" interface=ether15add bridge="All Ports Bridge" interface=bond_sfpplus1-sfpplus2/interface bridge vlanadd bridge="All Ports Bridge" comment="Client network" tagged=\ ether15,bond_sfpplus1-sfpplus2 vlan-ids=100add bridge="All Ports Bridge" comment="Server network" tagged=\ ether15,bond_sfpplus1-sfpplus2 vlan-ids=200add bridge="All Ports Bridge" tagged=bond_sfpplus1-sfpplus2 disabled=yes vlan-ids=1000/ip dhcp-clientadd add-default-route=no interface=wan1-net script=":local rmark \"WAN1\"\r\ \n:local count [/ip route print count-only where comment=\"WAN1\"]\r\ \n:if (\$bound=1) do={\r\ \n :if (\$count = 0) do={\r\ \n # /ip route add gateway=\$\"gateway-address\" comment=\"WAN1\" r\ outing-mark=\$rmark\r\ \n :log info \"Trying to add routes\"\r\ \n /ip route add dst-address=0.0.0.0/0 check-gateway=ping distance=\ 2 gateway=8.8.8.8 routing-table=main scope=10 target-scope=12 comme\ nt=\"\$rmark - MyRepublic Default route with recursive next-hop search\"\r\ \n /ip route add dst-address=8.8.8.8/32 distance=2 gateway=\ \$\"gateway-address\" routing-table=main scope=10 target-scope=11 comment=\ \"\$rmark - Google DNS route via MyRepublic gateway\"\r\ \n } else={\r\ \n :if (\$count = 1) do={\r\ \n :local test [/ip route find where comment=\"WAN1\"]\r\ \n :if ([/ip route get \$test gateway] != \$\"gateway-address\"\ ) do={\r\ \n /ip route set \$test gateway=\$\"gateway-address\"\r\ \n }\r\ \n } else={\r\ \n :error \"Multiple routes found\"\r\ \n }\r\ \n }\r\ \n} else={\r\ \n /ip route remove [find comment~\"WAN1\"]\r\ \n}" use-peer-dns=no use-peer-ntp=noadd interface=ether16-gateway use-peer-dns=no use-peer-ntp=noIf I change
Code:
/interface bridge vlan add bridge="All Ports Bridge" tagged=bond_sfpplus1-sfpplus2 disabled=yes vlan-ids=1000Code:
wan1-netHowever, at the same time my log will start to fill up with messages such as:
Code:
bond_sfpplus1-sfpplus2: bridge RX looped packet - MAC 00:00:5e:00:01:30 -> 6e:d0:a9:f3:e1:35 VID 1000 ETHERTYPE 0x0800 IP PROTO 1 150.5.254.1 -> <DHCP IP from ISP>Code:
00:00:5e:00:01:30I'm clearly doing something wrong as indicated by the
Code:
bridge RX looped packetAny advice on what I'm doing wrong would be very welcome!
Statistics: Posted by avggeek — Wed Jan 01, 2025 3:01 pm