Which specific bit are you having an issue with?
You have said what you want to do, and that you need help, but what bit is not working?
I would start by simplifying it and first make sure everything can talk on the correct ports with tagged and untagged packets.
Then optimize performance and split into separate bridges if you want
Then apply firewall rules, and other settings like frame types etc.
Start with this where it is all in a single bridge and go from there.
You have said what you want to do, and that you need help, but what bit is not working?
I would start by simplifying it and first make sure everything can talk on the correct ports with tagged and untagged packets.
Then optimize performance and split into separate bridges if you want
Then apply firewall rules, and other settings like frame types etc.
Start with this where it is all in a single bridge and go from there.
Code:
/interface bridgeadd name=BR vlan-filtering=yes/interface vlanadd interface=BR name=vlan10 vlan-id=10add interface=BR name=vlan11 vlan-id=11add interface=BR name=vlan19 vlan-id=19add interface=BR name=vlan20 vlan-id=20add interface=BR name=vlan21 vlan-id=21add interface=BR name=vlan29 vlan-id=29/interface bridge portadd bridge=BR interface=ether7-access-vlan20 pvid=20add bridge=BR interface=ether5--access-vlan11 pvid=11add bridge=BR interface="ether2 - TRUNK3"add bridge=BR interface=ether4-access-vlan10 pvid=10add bridge=BR interface=ether8-access-vlan21 pvid=21add bridge=BR interface="sfp-sfpplus2 - TRUNK1"add bridge=BR interface="sfp-sfpplus3 - TRUNK2"/interface bridge vlanadd bridge=BR tagged="sfp-sfpplus2 - TRUNK1,BR" untagged=ether7-access-vlan20 vlan-ids=20add bridge=BR tagged="sfp-sfpplus2 - TRUNK1,BR" untagged=ether8-access-vlan21 vlan-ids=21add bridge=BR tagged="sfp-sfpplus3 - TRUNK2,BR" untagged=ether4-access-vlan10 vlan-ids=10add bridge=BR tagged="sfp-sfpplus3 - TRUNK2,BR" untagged=ether5--access-vlan11 vlan-ids=11add bridge=BR tagged="ether2 - TRUNK3,BR" vlan-ids=19add bridge=BR tagged="ether2 - TRUNK3,BR" vlan-ids=29#### Sometimes adding a DHCP Server is useful for testing./ip addressadd address=192.168.10.1/24 interface=vlan10 network=192.168.10.0add address=10.0.11.1/24 interface=vlan11 network=10.0.11.0add address=192.168.125.1/24 interface=vlan20 network=192.168.125.0add address=10.0.21.1/24 interface=vlan21 network=10.0.21.0add address=192.168.126.1/24 interface=vlan19 network=192.168.126.0add address=192.168.129.1/24 interface=vlan29 network=192.168.129.0/ip pooladd name=dhcp_pool0 ranges=192.168.10.2-192.168.10.254add name=dhcp_pool1 ranges=10.0.11.2-10.0.11.254add name=dhcp_pool2 ranges=192.168.126.2-192.168.126.254add name=dhcp_pool3 ranges=192.168.125.2-192.168.125.254add name=dhcp_pool4 ranges=10.0.21.2-10.0.21.254add name=dhcp_pool5 ranges=192.168.129.2-192.168.129.254/ip dhcp-serveradd address-pool=dhcp_pool0 interface=vlan10 name=dhcp1add address-pool=dhcp_pool1 interface=vlan11 name=dhcp2add address-pool=dhcp_pool2 interface=vlan19 name=dhcp3add address-pool=dhcp_pool3 interface=vlan20 name=dhcp4add address-pool=dhcp_pool4 interface=vlan21 name=dhcp5add address-pool=dhcp_pool5 interface=vlan29 name=dhcp6/ip dhcp-server networkadd address=10.0.11.0/24 dns-server=1.1.1.1 domain=vlan11.lan gateway=10.0.11.1add address=10.0.21.0/24 dns-server=1.1.1.1 domain=vlan21.lan gateway=10.0.21.1add address=192.168.10.0/24 dns-server=1.1.1.1 domain=vlan10.lan gateway=192.168.10.1add address=192.168.125.0/24 dns-server=1.1.1.1 domain=vlan20.lan gateway=192.168.125.1add address=192.168.126.0/24 dns-server=1.1.1.1 domain=vlan19.lan gateway=192.168.126.1add address=192.168.129.0/24 dns-server=1.1.1.1 domain=vlan29.lan gateway=192.168.129.1Statistics: Posted by aoakeley — Sat Jan 20, 2024 4:08 pm