Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

VLAN on mikrotik

8,158 views

Published on

in this webinar, we will discuss about the fundamental concept of VLAN, and how it is implemented on Mikrotik devices (Routerboard router and Cloud Router Switch - CRS). instructor will do a demo and QA session

Published in: Technology
  • A professional Paper writing services can alleviate your stress in writing a successful paper and take the pressure off you to hand it in on time. Check out, please HelpWriting.net
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • How to cure your gout in 7 days. GUARANTEED! ▲▲▲ http://t.cn/A67DoaUo
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Sex in your area is here: ❤❤❤ http://bit.ly/369VOVb ❤❤❤
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Follow the link, new dating source: ♥♥♥ http://bit.ly/369VOVb ♥♥♥
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

VLAN on mikrotik

  1. 1. www.glcnetworks.com VLAN on Mikrotik GLC webinar, 8 september 2016 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia
  2. 2. www.glcnetworks.com Agenda ● Introduction ● VLAN ● VLAN on mikrotik ● Demo ● Q & A
  3. 3. www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● An Indonesian company ● Located in Bandung ● Areas: Training, IT Consulting ● Mikrotik Certified Training Partner ● Mikrotik Certified Consultant ● Mikrotik distributor 3
  4. 4. www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since ’99 ● Certified Trainer (MTCNA/RE/WE/UME/INE/TCE) ● Mikrotik Certified Consultant ● Work: Telco engineer, Sysadmin, PHP programmer, and Lecturer ● Personal website: http://achmad.glcnetworks.com ● More info: http://au.linkedin.com/in/achmadmardiansyah 4
  5. 5. www.glcnetworks.com Please introduce yourself ● Your name ● Your company/university? ● Your networking experience? ● Your mikrotik experience? ● Your expectation from this course? 5
  6. 6. www.glcnetworks.com What is Mikrotik? ● Name of a company ● A brand ● A program (e.g. mikrotik academy) ● Headquarter: Riga, Latvia 6
  7. 7. www.glcnetworks.com What are mikrotik products? ● Router OS ○ The OS. Specialized for networking ○ Website: www.mikrotik.com/download ● RouterBoard ○ The hardware ○ RouterOS installed ○ Website: www.routerboard.com 7
  8. 8. www.glcnetworks.com What Router OS can do? ● Go to www.mikrotik.com ○ Download: what_is_routeros.pdf ○ Download: product catalog ○ Download: newsletter 8
  9. 9. www.glcnetworks.com What are Mikrotik training & certifications? 9 Certificate validity is 3 years
  10. 10. www.glcnetworks.com VLAN (Virtual LAN)
  11. 11. www.glcnetworks.com Typical network, no internet ● All computers just connect to one switch (concentrator) ● One network segment SITE A
  12. 12. www.glcnetworks.com Typical network, more switches, no internet ● Network segment is extended ● Still one network segment, single broadcast domain SITE A SITE B
  13. 13. www.glcnetworks.com Typical network, with internet ● Need a router to connect to other network (internet is a collection of networks) ISP SITE A SITE B
  14. 14. www.glcnetworks.com Typical network, with segmentation and internet ● A router is used to connect between networks ISP SITE A SITE B
  15. 15. www.glcnetworks.com What VLAN offers? ● VLAN: a feature on layer 2 device (switch) which offers virtual segmentation on physical switch ● The segmentation can be extended to other switch using “trunk” link. Borrowed from telco terms “trunk”, a link to connects 2 telco exchanges ● Port type: ○ Access port -> to connect to end-devices ○ Trunk port -> to connect to other VLAN switch access port trunk port trunk port VLAN 10 VLAN 20 VLAN 10 VLAN 20 SITE A SITE B trunk line
  16. 16. www.glcnetworks.com Without and with VLAN trunk link VLAN 10 VLAN 20 VLAN 10 VLAN 20 SITE A SITE B
  17. 17. www.glcnetworks.com How the trunk works? ● Layer-2-header of outgoing packets at trunk port will be modified ● The switch will add VLAN tag on the header access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20
  18. 18. www.glcnetworks.com Inter-VLAN communication ● 1 VLAN = 1 network segment = 1 network ID = 1 broadcast domain ● Meaning: we need a router to route packets between VLAN ● IP address on router’s interfaces will become the gateway access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20 access port access port
  19. 19. www.glcnetworks.com What If the router supports VLAN tag (trunk)? ● VLAN routing can be done using only 1 port (1 cable) ● We need to assign IP address on VLAN interface at the router access port trunk port trunk port SITE A SITE B trunk port: VLAN 10, 20 VLAN 10 VLAN 20 VLAN 10 VLAN 20
  20. 20. www.glcnetworks.com What if the switch is a layer-3 switch? ● Meaning: we dont need router to do inter-VLAN routing ● Routing function can be done internally on switch. Meaning: the switch is a router. ● Layer-3 switch is more expensive -> note this!! access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20
  21. 21. www.glcnetworks.com A (very funny) story... ● A client using layer-3-switches to build their internal network, and use Mikrotik router to do inter-VLAN routing. whoops…!! ● Question: why do you buy a layer-3 switches then? ● Congratulations to sales team… ;-) well done..!! access port trunk port trunk port SITE A SITE B VLAN 10 VLAN 20 VLAN 10 VLAN 20
  22. 22. www.glcnetworks.com VLAN on Mikrotik
  23. 23. www.glcnetworks.com VLAN on Mikrotik router ● By default configuration, mikrotik is a router (layer 3 device) ● Mikrotik can do inter-VLAN routing ○ Without trunk ○ With trunk ● Mikrotik can be configured to become a layer 2 devices ● There is a vlan facility on interface menu for trunk port
  24. 24. www.glcnetworks.com VLAN on Clour Router Switch (CRS) ● Fully compatible with IEEE802.1Q and IEEE802.1ad VLAN ● 4k active VLANs ● From any to any VLAN translation and swapping ● 1:1 VLAN switching - VLAN to port mapping ● VLAN filtering ● Flexible VLAN assignment: ○ Port based VLAN ○ Protocol based VLAN ○ MAC based VLAN
  25. 25. www.glcnetworks.com Demo
  26. 26. www.glcnetworks.com VLAN on Mikrotik router Ether5 is used to route vlan 10 and 20: ● /interface vlan add name=vlan10 vlan-id=10 interface=ether5 ● /interface vlan add name=vlan20 vlan-id=20 interface=ether5
  27. 27. www.glcnetworks.com VLAN on CRS (port based vlan) Configuration Ether1: access port vlan10 -> slave port Ether2: access port vlan20 -> slave port Ether3: trunk port that allows vlan 10 and 20 -> master port #setup VLAN group /interface ethernet set ether1 master-port=ether3 /interface ethernet set ether2 master-port=ether3 #setup access port /interface ethernet switch ingress-vlan-translation add ports=ether1 new-customer-vid=10 sa-learning=yes /interface ethernet switch ingress-vlan-translation add ports=ether2 new-customer-vid=20 sa-learning=yes #setup trunk port /interface ethernet switch egress-vlan-tag add tagged-ports=ether3 vlan-id=10 /interface ethernet switch egress-vlan-tag add tagged-ports=ether3 vlan-id=20 #setup VLAN membership /interface ethernet switch vlan add ports=ether3,ether1 vlan-id=10 learn=yes /interface ethernet switch vlan add ports=ether3,ether2 vlan-id=20 learn=yes
  28. 28. www.glcnetworks.com VLAN on CRS
  29. 29. www.glcnetworks.com QA
  30. 30. www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Like our facebook page: “GLC networks” ● Stay tune with our schedule

×