| | |  | | | 
16-07-2007, 15:14
| | Baru Gabung | | Join Date: Jul 2007
Posts: 5
iTrader: ( 0)
Thanks: 0
Thanked 0 Times in 0 Posts
| | | Inter-VLAN Routing
Disini ada yang tau gimana cara membuat inter VLAN routing menggunakan mikrotik router OS?
Cantumkan syntax / command nya ya...
Thanks....
Regards,
Peter James
System Administrator
BINUS Center Syahdan
|
16-07-2007, 16:12
| ![[a]'s Avatar](http://www.forummikrotik.com/customavatars/avatar1_2.gif) | Forum Advisor | | Join Date: Jun 2007 Location: Jakarta
Posts: 1,690
iTrader: ( 1)
Thanks: 311
Thanked 962 Times in 243 Posts
| |
hai...
maaf yah, saya pindah threadnya dari scripting ke general, karena kayanya lebih appropriate disini...
mengenai masalah intervlan routing, so far blum pernah pake jadi ga bgitu ngerti konsepnya....mungkin klo lo bisa berbaik hati, justru bisa tolong dishare konsep dari intervlan routing atau bridging deh ke kita2 yang belum ngerti ini.. 
klo untuk intervlan bridging ada nih di forum.mikrotik.com Quote: Quote:
I have tried:
1) assigning an IP address 192.168.1.2 to ether1, creating 2 VLANS 101 and 102 under ether1, creating a bridge, bridge1, and then adding the two vlans to the bridge ports
| Bridging VLANs that reside on the same parent interface is usually a bad idea.
Many devices will get quite confused if they see a packet with a given source MAC address returning on the same physical port they sent it on (even with a different VLAN tag), if those devices keep only a single learn table, as most do.
If what you are trying to do is prevent hosts within the same subnet from communicating, then it can work.
The VLANs will need to be sub-interfaces of the ethernet port, and members of the bridge. You will need to assign the IP address to the bridge interface, and add a bridge firewall rule that drops everything in the forward chain for that bridge. This can produce a reasonable wired ethernet approximation of a "station-isolate" wireless network, or a PtMP ATM cloud.
For example: Code: /int vlan add name=V101 interface=ether1 disabled=no
/int vlan add name=V102 interface=ether1 disabled=no
/int bridge add name=bridge1 disabled=no
/int bridge filter add chain=forward in-bridge=bridge1 out-bridge=bridge1 action=drop
/int bridge port add interface=V101 bridge=bridge1
/int bridge port add interface=V102 bridge=bridge1
/ip address add address=192.168.1.2/24 interface=bridge1 There are still a number of things that can go wrong however, so be very careful.
Quote: |
Originally Posted by noakley 2) assigning an IP address 192.168.1.2 to ether1, creating a bridge, bridge1, creating 2 VLAN's 101 and 102 under the bridge, also tried it with them added and not added as bridge ports
| Unless the VLANs are created on the physical interface, or the ethernet port is a member of the bridge, there is nothing to associate the VLANs with the physical port. In addition, putting the VLANs on the bridge (assuming that the ethernet port is a member of the bridge) does nothing but abstract the interface back a level. There is rarely a use for a bridge interface with a single member port.
Also, using a VLAN as both a member of a bridge, and as sub-interface of that bridge, will create a recursive interface situation (VLAN->bridge->VLAN->bridge->etc...) which is a very bad thing.
Quote: |
Originally Posted by noakley 3) same as 2 but no IP address on ether1 and assigning the IP address to the bridge
| Same problems as number 2, excpet that you got the IP on the right interface.
Quote: |
Originally Posted by noakley I always get the same result can't access MT management and won't pass packets.
I have successfully tried adding the VLAN's to ether1 assigning them IP subnets and routing them
Thanks | I would suggest rethinking what you are trying to do here, bridging together VLANs on the same physical interface is an unusual configuration, and will rarely work correctly.
The only reason I have had to use such a setup, is to simulate a "partial mesh"-like network using ethernet, for testing OSPF PtMP mode. It works, but it is weird.
It is much easier to use distinct broadcast domains for each VLAN, with a separate subnet for each, and just route between them.
Good luck,
--Eric
|
source Code: http://forum.mikrotik.com/viewtopic.php?f=2&t=11583&p=54120&hilit=intervlan#p54120
|
16-07-2007, 17:23
|  | Forum Guru | | Join Date: Jul 2007 Location: Bdg, Id.
Posts: 1,073
iTrader: ( 0)
Thanks: 87
Thanked 107 Times in 87 Posts
| | |
vlan itu buat apa sih ?
kayak vpn atau gmn ?
|
16-07-2007, 17:30
| | Forum Advisor | | Join Date: Jun 2007 Location: Jakarta
Posts: 1,690
iTrader: ( 1)
Thanks: 311
Thanked 962 Times in 243 Posts
| | Quote:
A virtual LAN, commonly known as a vLAN or as a VLAN, is a method of creating independent logical networks within a physical network. Several VLANs can co-exist within such a network. This helps in reducing the broadcast domain and aids in network administration by separating logical segments of a LAN (like company departments) that should not exchange data using a LAN (they still can exchange data by routing).
A VLAN consists of a network of computers that behave as if connected to the same link layer network - even though they may actually be physically connected to different segments of a LAN. Network administrators configure VLANs through software rather than hardware, which makes them extremely flexible. One of the biggest advantages of VLANs emerges when physically moving a computer to another location: it can stay on the same VLAN without the need for any hardware reconfiguration.
| more at Code: http://en.wikipedia.org/wiki/Vlan
|
16-07-2007, 20:37
|  | Member | | Join Date: Jul 2007
Posts: 258
iTrader: ( 0)
Thanks: 4
Thanked 71 Times in 33 Posts
| | Quote:
Originally Posted by [a] 
mengenai masalah intervlan routing, so far blum pernah pake jadi ga bgitu ngerti konsepnya....mungkin klo lo bisa berbaik hati, justru bisa tolong dishare konsep dari intervlan routing atau bridging deh ke kita2 yang belum ngerti ini.. | orang nanya malah dibalik tanya.. Quote:
Originally Posted by c0nf vlan itu buat apa sih ?
kayak vpn atau gmn ? | ini juga...
btw, aku juga gak pernah denger intervlan, bener baru pertama ini...
bung upe jelasin konsepnya dong...
|
16-07-2007, 21:46
| | Forum Advisor | | Join Date: Jun 2007 Location: Jakarta
Posts: 1,690
iTrader: ( 1)
Thanks: 311
Thanked 962 Times in 243 Posts
| |
|
16-07-2007, 23:43
|  | VIP Member | | Join Date: Jul 2007 Location: di alam baka
Posts: 982
iTrader: ( 0)
Thanks: 49
Thanked 391 Times in 150 Posts
| |
biasanya sih klo orang nanya trus balik nanya karena yang nanya ngasih informasi nya kurang....
dukun aja pasti nanya tanggal lahir... pasaran hari lahir.... hari lahir... nama ibu dll dst..........
apa lagi kita bukan dukun........ wajar2 aja klo nannya lagi.........
jarang sih yang nanya dengan permasalahan yang jelas apa lagi menyertakan konfigurasi....
jaraaaaaaang banget..................... yang ada sih nannya nya model kek gini........
gw ada masalah ini pemecahannya gmn ya ??
ahahahahhaha
kan lebih enak klo nannya nya gini.... gw ada permasalahan seperti ini... dengan konfigurasi seperti ini, gambar jaringan kira2 seperti ini, yang udah di coba seperti ini.. kok masih ga bisa ya... apa ada yang salah ?
kan klo gitu enak 
Last edited by d3v4 : 16-07-2007 at 23:45.
|
16-07-2007, 23:57
| | Forum Advisor | | Join Date: Jun 2007 Location: Jakarta
Posts: 1,690
iTrader: ( 1)
Thanks: 311
Thanked 962 Times in 243 Posts
| |
|
17-07-2007, 13:06
| | Forum Guru | | Join Date: Jul 2007 Location: Bdg, Id.
Posts: 1,073
iTrader: ( 0)
Thanks: 87
Thanked 107 Times in 87 Posts
| |
setubuh bro
heheheh
cuman ya itu masalahnya
udah kita sendiri lagi bingung
apa yg mau ditanyain juga ngga jelas
jadinya semua pada ngga ngerti 
|
17-07-2007, 13:10
| | VIP Member | | Join Date: Jul 2007 Location: di alam baka
Posts: 982
iTrader: ( 0)
Thanks: 49
Thanked 391 Times in 150 Posts
| |
^
ahahahahahah betul broo..
yang paling penting kita saling analisa dan saling bantu... 
|
17-07-2007, 13:13
| | Forum Guru | | Join Date: Jul 2007 Location: Bdg, Id.
Posts: 1,073
iTrader: ( 0)
Thanks: 87
Thanked 107 Times in 87 Posts
| |
iya
mangkanya kita saling sharing ilmu
biar jadi bertambah pengetahuan kita
kalo disimpen terus, lama2 juga busuk 
|
17-07-2007, 23:08
| | VIP Member | | Join Date: Jul 2007 Location: di alam baka
Posts: 982
iTrader: ( 0)
Thanks: 49
Thanked 391 Times in 150 Posts
| |
bukan busuk kli brooo tapi "lupa" 
|
18-07-2007, 20:17
| | Member | | Join Date: Jul 2007
Posts: 258
iTrader: ( 0)
Thanks: 4
Thanked 71 Times in 33 Posts
| |
kok jadi pada curhat... 
|
18-07-2007, 20:19
| | Forum Guru | | Join Date: Jul 2007 Location: Bdg, Id.
Posts: 1,073
iTrader: ( 0)
Thanks: 87
Thanked 107 Times in 87 Posts
| | |
maklum bro
nyari ilmu kalo di sekolahan mahal
lha
koq jadi beneran curhat yak
|
19-07-2007, 01:05
| | VIP Member | | Join Date: Jul 2007 Location: di alam baka
Posts: 982
iTrader: ( 0)
Thanks: 49
Thanked 391 Times in 150 Posts
| |
TS nya menghilang.. theread nya jadi tempat curhat
| |
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | | | 
Posting Rules
| You may not post new threads You may not post replies You may not post attachments You may not edit your posts
HTML code is Off | | | |
Official Board Announcements 
![[a] has disabled reputation](http://www.forummikrotik.com/images/reputation/reputation_off.gif)
![Send a message via Yahoo to [a]](http://www.forummikrotik.com/images/misc/im_yahoo.gif)
