well, yes. I expect basic routing capabilities and stable.
This is non working config
# 2024-03-10 23:35:14 by RouterOS 7.14
# software id = 2XQ4-E7TP
#
# model = CRS326-24G-2S+
# serial number = HES09ERQ493
/interface bridge
add mtu=1500 name=localNet
/interface ethernet
set [ find default-name=ether22 ] name=apObyvak
set [ find default-name=ether16 ] name=desktopTM
set [ find default-name=ether1 ] comment=WAN
set [ find default-name=ether10 ] name=homeAssistant
set [ find default-name=ether20 ] name=rekuperace
set [ find default-name=ether18 ] name=tepelneCerpadlo
set [ find default-name=ether12 ] name=wifiApRouter
/interface ethernet switch
set 0 l3-hw-offloading=yes
/interface list
add name=WAN
add name=LAN
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp ranges=192.168.88.2-192.168.88.255
add name=dhcp-pool ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp bootp-support=dynamic interface=localNet lease-time=10s \
name=dhcp1
/port
set 0 name=serial0
/interface bridge port
add bridge=localNet interface=ether2 trusted=yes
add bridge=localNet interface=ether3 trusted=yes
add bridge=localNet interface=ether4 trusted=yes
add bridge=localNet interface=ether5 trusted=yes
add bridge=localNet interface=ether6 trusted=yes
add bridge=localNet interface=ether7 trusted=yes
add bridge=localNet interface=ether8 trusted=yes
add bridge=localNet interface=ether9 trusted=yes
add bridge=localNet interface=homeAssistant trusted=yes
add bridge=localNet interface=ether11 trusted=yes
add bridge=localNet interface=wifiApRouter trusted=yes
add bridge=localNet interface=ether13 trusted=yes
add bridge=localNet interface=ether14 trusted=yes
add bridge=localNet interface=ether15 trusted=yes
add bridge=localNet interface=desktopTM trusted=yes
add bridge=localNet interface=ether17 trusted=yes
add bridge=localNet interface=tepelneCerpadlo trusted=yes
add bridge=localNet interface=ether19 trusted=yes
add bridge=localNet interface=rekuperace trusted=yes
add bridge=localNet interface=ether21 trusted=yes
add bridge=localNet interface=apObyvak trusted=yes
add bridge=localNet interface=ether23 trusted=yes
add bridge=localNet interface=ether24 trusted=yes
add bridge=localNet interface=sfp-sfpplus1
add bridge=localNet interface=sfp-sfpplus2
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface detect-internet
set detect-interface-list=all lan-interface-list=all
/interface list member
add interface=ether1 list=WAN
add interface=localNet list=LAN
/ip address
add address=192.168.88.0/24 comment=LAN interface=localNet network=\
192.168.88.0
/ip dhcp-client
add interface=ether1
/ip dhcp-server lease
add address=192.168.88.253 client-id=1:20:f8:3b:0:10:56 mac-address=\
20:F8:3B:00:10:56 server=dhcp1
add address=192.168.88.250 mac-address=60:8A:10:8D:BE:78 server=dhcp1
add address=192.168.88.252 mac-address=28:D1:27:70:2F:A5 server=dhcp1
/ip dhcp-server network
add address=192.168.88.0/24 dns-server=192.168.88.1 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall filter
add action=log chain=forward dst-address=8.8.8.8 protocol=icmp src-address=\
192.168.88.254
add action=accept chain=input connection-state=established,related
add action=accept chain=input src-address=192.168.88.0/24
add action=drop chain=input in-interface=ether1
add action=accept chain=input port=67,68 protocol=udp
add action=accept chain=forward comment="allow established and related" \
connection-state=established,related
add action=drop chain=forward comment="drop invalid connection" \
connection-state=invalid
add action=accept chain=forward src-address=192.168.88.0/24
add action=drop chain=forward
/ip firewall nat
add action=masquerade chain=srcnat log=yes out-interface-list=WAN
/system clock
set time-zone-name=Europe/Prague
/system note
set show-at-login=no
/system routerboard settings
set boot-os=router-os
/tool sniffer
set file-name=test filter-interface=localNet
this is mostly working including wifi AP subnet
# 2024-03-11 11:25:08 by RouterOS 7.14
# software id = 2XQ4-E7TP
#
# model = CRS326-24G-2S+
# serial number = HES09ERQ493
/interface bridge
add name=bridge1
/interface list
add name=WAN
add name=LAN
add name=listBridge
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp-pool ranges=192.168.50.10-192.168.50.254
/ip dhcp-server
add address-pool=dhcp-pool interface=bridge1 name=dhcp1
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8
add bridge=bridge1 interface=ether9
add bridge=bridge1 interface=ether10
add bridge=bridge1 interface=ether11
add bridge=bridge1 interface=ether12
add bridge=bridge1 interface=ether13
add bridge=bridge1 interface=ether14
add bridge=bridge1 interface=ether15
add bridge=bridge1 interface=ether16
add bridge=bridge1 interface=ether17
add bridge=bridge1 interface=ether18
add bridge=bridge1 interface=ether19
add bridge=bridge1 interface=ether20
add bridge=bridge1 interface=ether21
add bridge=bridge1 interface=ether22
add bridge=bridge1 interface=ether23
add bridge=bridge1 interface=ether24
add bridge=bridge1 interface=sfp-sfpplus1
add bridge=bridge1 interface=sfp-sfpplus2
/ip neighbor discovery-settings
set discover-interface-list=all
/interface list member
add interface=ether1 list=WAN
add interface=bridge1 list=LAN
/ip address
add address=192.168.31.0/24 interface=bridge1 network=192.168.31.0
add address=192.168.50.1/24 interface=bridge1 network=192.168.50.0
/ip cloud
set update-time=no
/ip dhcp-client
add interface=ether1
/ip dhcp-server network
add address=0.0.0.0/24 dns-server=0.0.0.0 gateway=0.0.0.0 netmask=24
add address=100.64.0.0/10 gateway=100.85.202.158
add address=192.168.50.0/24 dns-server=192.168.31.0 gateway=192.168.50.1 \
netmask=24
/ip dns
set allow-remote-requests=yes
/ip firewall filter
add action=accept chain=input comment="accept established,related" \
connection-state=established,related
add action=drop chain=input comment="drop invalid" connection-state=invalid
add action=accept chain=input comment="allow ICMP" in-interface=ether1 \
protocol=icmp
add action=accept chain=input comment="allow Winbox" in-interface=ether1 \
port=8291 protocol=tcp
add action=accept chain=input comment="allow SSH" in-interface=ether1 port=22 \
protocol=tcp
add action=drop chain=input comment="block everything else" in-interface=\
ether1
add action=accept chain=forward comment=\
"accept established,related for forwarding" connection-state=\
established,related
add action=drop chain=forward comment="drop invalid packets for forwarding" \
connection-state=invalid
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=masquerade chain=srcnat disabled=yes out-interface-list=WAN
add action=masquerade chain=srcnat out-interface=bridge1 src-address=\
192.168.28.0/24
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh port=2200
set api disabled=yes
set winbox address=192.168.88.0/24
/ip ssh
set strong-crypto=yes
/system clock
set time-zone-name=Europe/Prague
/system identity
set name=u-potokaMainRouter
/system note
set show-at-login=no
/system routerboard settings
set boot-os=router-os
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=listBridge
/tool mac-server mac-winbox
set allowed-interface-list=LAN
Which router would you recommend, if this should have problem with 2 appartment traffic?
Basic control and little traffic - thats load for this switch.