Manual:CRS1xx/2xx series switches

From MikroTik Wiki
Revision as of 09:19, 29 January 2014 by Becs (talk | contribs) (CRS switch chip features)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Applies to RouterOS: v6.8 +


Summary

The Cloud Router Switch series are highly integrated switches with high performance MIPS CPU and feature-rich packet processor. The CRS switches can be designed into various Ethernet applications including unmanaged switch, Layer 2 managed switch, carrier switch and wireless/wired unified packet processing.

Abbreviations and Explanations

CVID - Customer VLAN id: inner VLAN tag id of the IEEE 802.1ad frame

SVID - Service VLAN id: outer VLAN tag id of the IEEE 802.1ad frame

IVL - Independent VLAN learning - learning/lookup is based on both MAC addresses and VLAN IDs.

SVL - Shared VLAN learning - learning/lookup is based on MAC addresses - not on VLAN IDs.

TPID - Tag Protocol Identifier

PCP - Priority Code Point: a 3-bit field which refers to the IEEE 802.1p priority

DEI - Drop Eligible Indicator

DSCP - Differentiated services Code Point

Drop precedence - internal CRS switch QoS attribute used for packet enqueuing or dropping.

Generic Configuration

Sub-menu: /interface ethernet switch


CRS switch chip is configurable from the /interface ethernet switch console menu.

Property Description
bridge-type (customer-vlan-bridge | service-vlan-bridge; Default: service-vlan-bridge) Bridge type defines which VLAN tag is used as Lookup-VID. Lookup-VID serves as the VLAN key for all VLAN-based lookup.
bypass-l2-security-check-filter-for (protocols; Default: none) Protocols which are excluded from Policy rule security check. (arp, dhcpv4, dhcpv6, eapol, igmp, mld, nd, pppoe-discovery, ripv1)
bypass-vlan-ingress-filter-for (protocols; Default: none) Protocols which are excluded from Ingress VLAN filtering. These

protocols are not dropped if they have invalid VLAN. (arp, dhcpv4, dhcpv6,

eapol, igmp, mld, nd, pppoe-discovery, ripv1)
drop-if-invalid-or-src-port-

-not-member-of-vlan-on-ports

(ports; Default: none)		 Ports which drop invalid and other port VLAN id frames.
drop-if-no-vlan-assignment-on-ports (ports; Default: none) Ports which drop frames if no VLAN assignment is applied.
egress-mirror-ratio (1/32768..1/1; Default: 1/1) Proportion of egress mirrored packets compared to all packets.
egress-mirror0-enable (yes | no; Default: yes) Enables or disables egress mirroring on Mirror0 port.
egress-mirror0-format (analyzer-configured | modified | original; Default: modified)
  • analyzer-configured - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the analyzer port.
  • modified - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the egress port.
  • original - Traffic is mirrored without any change to the original incoming packet format. But service VLAN tag is stripped in edge port.
egress-mirror0-port (port; Default: switch1-cpu) The first egress mirroring analyzer port.
egress-mirror1-enable (yes | no; Default: yes) Enables or disables egress mirroring on Mirror1 port.
egress-mirror1-format (analyzer-configured | modified | original; Default: modified)
  • analyzer-configured - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the analyzer port.
  • modified - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the egress port.
  • original - Traffic is mirrored without any change to the original incoming packet format. But service VLAN tag is stripped in edge port.
egress-mirror1-port (port; Default: switch1-cpu) The second egress mirroring analyzer port.
egress-sampling-ratio (1/32768..1/1; Default: 1/1)
fdb-uses (mirror0 | mirror1; Default: mirror0) Analyzer port used for FDB-based mirroring.
forward-invalid-vlan (yes | no; Default: yes) Whether to allow forwarding VLANs which are not members of VLAN table.
ingress-mirror-ratio (1/32768..1/1; Default: 1/1) Proportion of ingress mirrored packets compared to all packets.
ingress-mirror0-enable (yes | no; Default: yes) Enables or disables ingress mirroring on Mirror0 port.
ingress-mirror0-format (analyzer-configured | modified | original; Default: modified)
  • analyzer-configured - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the analyzer port.
  • modified - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the egress port.
  • original - Traffic is mirrored without any change to the original incoming packet format. But service VLAN tag is stripped in edge port.
ingress-mirror0-port (port; Default: switch1-cpu) The first ingress mirroring analyzer port.
ingress-mirror1-enable (yes | no; Default: yes) Enables or disables ingress mirroring on Mirror1 port.
ingress-mirror1-format (analyzer-configured | modified | original; Default: modified)
  • analyzer-configured - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the analyzer port.
  • modified - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the egress port.
  • original - Traffic is mirrored without any change to the original incoming packet format. But service VLAN tag is stripped in edge port.
ingress-mirror1-port (port; Default: switch1-cpu) The second ingress mirroring analyzer port.
invalid-vlan-lookup-mode (ivl | svl; Default: ivl) Lookup and learning mode for packets with invalid VLAN.
ipv4-multicast-lookup-mode

(dst-ip-and-vid-for-ipv4 | dst-mac-and-vid-always; Default:

dst-mac-and-vid-always)		 Lookup mode for IPv4 multicast bridging.
  • dst-mac-and-vid-always - For all packet types lookup key is destination MAC and VLAN id.
  • dst-ip-and-vid-for-ipv4 - For IPv4 packets lookup key is destination IP and VLAN id. For other packet types lookup key is destination MAC and VLAN id.
mac-level-isolation (yes | no; Default: no) Enables or disables MAC level isolation.
mirror-egress-if-ingress-mirrored (yes | no; Default: no) When packet is applied to both ingress and egress mirroring, if this

setting is disabled, only ingress mirroring is performed on the packet; if this

setting is enabled both mirroring types are applied.
mirror-tx-on-mirror-port (yes | no; Default: no)
mirrored-packet-drop-precedence (drop | green | red | yellow; Default: green) Remarked drop precedence in mirrored packets. This QoS attribute is used for mirrored packet enqueuing or dropping.
mirrored-packet-qos-priority (0..7; Default: 0) Remarked priority in mirrored packets.
name (string value; Default: switch1) Name of the switch.
override-existing-when-ufdb-full (yes | no; Default: no) Enable or disable to override existing entry which has the lowest aging value when UFDB is full.
unicast-fdb-timeout (time interval; Default: 5m) Timeout for Unicast FDB entries.
use-cvid-in-one2one-vlan-lookup (yes | no; Default: yes) Whether to use customer VLAN id for 1:1 VLAN switching lookup.
use-svid-in-one2one-vlan-lookup (yes | no; Default: no) Whether to use service VLAN id for 1:1 VLAN switching lookup.
vlan-level-isolation (yes | no; Default: no) Enables or disables VLAN level isolation.
vlan-uses (mirror0 | mirror1; Default: mirror0) Analyzer port used for VLAN-based mirroring.

Retrieved from "https://wiki.mikrotik.com/index.php?title=Manual:CRS1xx/2xx_series_switches&oldid=26015"