Manual:CRS1xx/2xx series switches

From MikroTik Wiki
Revision as of 07:19, 29 January 2014 by Becs (talk | contribs) (CRS switch chip features)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Version.png

Applies to RouterOS: v6.8 +


Summary

The Cloud Router Switch series are highly integrated switches with high performance MIPS CPU and feature-rich packet processor. The CRS switches can be designed into various Ethernet applications including unmanaged switch, Layer 2 managed switch, carrier switch and wireless/wired unified packet processing.

Abbreviations and Explanations

CVID - Customer VLAN id: inner VLAN tag id of the IEEE 802.1ad frame

SVID - Service VLAN id: outer VLAN tag id of the IEEE 802.1ad frame

IVL - Independent VLAN learning - learning/lookup is based on both MAC addresses and VLAN IDs.

SVL - Shared VLAN learning - learning/lookup is based on MAC addresses - not on VLAN IDs.

TPID - Tag Protocol Identifier

PCP - Priority Code Point: a 3-bit field which refers to the IEEE 802.1p priority

DEI - Drop Eligible Indicator

DSCP - Differentiated services Code Point

Drop precedence - internal CRS switch QoS attribute used for packet enqueuing or dropping.

Generic Configuration

Sub-menu: /interface ethernet switch


CRS switch chip is configurable from the /interface ethernet switch console menu.

Property Description
bridge-type (customer-vlan-bridge | service-vlan-bridge; Default: service-vlan-bridge) Bridge type defines which VLAN tag is used as Lookup-VID. Lookup-VID serves as the VLAN key for all VLAN-based lookup.
bypass-l2-security-check-filter-for (protocols; Default: none) Protocols which are excluded from Policy rule security check. (arp, dhcpv4, dhcpv6, eapol, igmp, mld, nd, pppoe-discovery, ripv1)
bypass-vlan-ingress-filter-for (protocols; Default: none) Protocols which are excluded from Ingress VLAN filtering. These

protocols are not dropped if they have invalid VLAN. (arp, dhcpv4, dhcpv6,

eapol, igmp, mld, nd, pppoe-discovery, ripv1)
drop-if-invalid-or-src-port-

-not-member-of-vlan-on-ports

(ports; Default: none)		 Ports which drop invalid and other port VLAN id frames.
drop-if-no-vlan-assignment-on-ports (ports; Default: none) Ports which drop frames if no VLAN assignment is applied.
egress-mirror-ratio (1/32768..1/1; Default: 1/1) Proportion of egress mirrored packets compared to all packets.
egress-mirror0-enable (yes | no; Default: yes) Enables or disables egress mirroring on Mirror0 port.
egress-mirror0-format (analyzer-configured | modified | original; Default: modified)
  • analyzer-configured - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the analyzer port.
  • modified - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the egress port.
  • original - Traffic is mirrored without any change to the original incoming packet format. But service VLAN tag is stripped in edge port.
egress-mirror0-port (port; Default: switch1-cpu) The first egress mirroring analyzer port.
egress-mirror1-enable (yes | no; Default: yes) Enables or disables egress mirroring on Mirror1 port.
egress-mirror1-format (analyzer-configured | modified | original; Default: modified)
  • analyzer-configured - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the analyzer port.
  • modified - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the egress port.
  • original - Traffic is mirrored without any change to the original incoming packet format. But service VLAN tag is stripped in edge port.
egress-mirror1-port (port; Default: switch1-cpu) The second egress mirroring analyzer port.
egress-sampling-ratio (1/32768..1/1; Default: 1/1)
fdb-uses (mirror0 | mirror1; Default: mirror0) Analyzer port used for FDB-based mirroring.
forward-invalid-vlan (yes | no; Default: yes) Whether to allow forwarding VLANs which are not members of VLAN table.
ingress-mirror-ratio (1/32768..1/1; Default: 1/1) Proportion of ingress mirrored packets compared to all packets.
ingress-mirror0-enable (yes | no; Default: yes) Enables or disables ingress mirroring on Mirror0 port.
ingress-mirror0-format (analyzer-configured | modified | original; Default: modified)
  • analyzer-configured - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the analyzer port.
  • modified - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the egress port.
  • original - Traffic is mirrored without any change to the original incoming packet format. But service VLAN tag is stripped in edge port.
ingress-mirror0-port (port; Default: switch1-cpu) The first ingress mirroring analyzer port.
ingress-mirror1-enable (yes | no; Default: yes) Enables or disables ingress mirroring on Mirror1 port.
ingress-mirror1-format (analyzer-configured | modified | original; Default: modified)
  • analyzer-configured - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the analyzer port.
  • modified - The packet is same as the packet to destination. VLAN format is modified based on the VLAN configurations of the egress port.
  • original - Traffic is mirrored without any change to the original incoming packet format. But service VLAN tag is stripped in edge port.
ingress-mirror1-port (port; Default: switch1-cpu) The second ingress mirroring analyzer port.
invalid-vlan-lookup-mode (ivl | svl; Default: ivl) Lookup and learning mode for packets with invalid VLAN.
ipv4-multicast-lookup-mode

(dst-ip-and-vid-for-ipv4 | dst-mac-and-vid-always; Default:

dst-mac-and-vid-always)		 Lookup mode for IPv4 multicast bridging.
  • dst-mac-and-vid-always - For all packet types lookup key is destination MAC and VLAN id.
  • dst-ip-and-vid-for-ipv4 - For IPv4 packets lookup key is destination IP and VLAN id. For other packet types lookup key is destination MAC and VLAN id.
mac-level-isolation (yes | no; Default: no) Enables or disables MAC level isolation.
mirror-egress-if-ingress-mirrored (yes | no; Default: no) When packet is applied to both ingress and egress mirroring, if this

setting is disabled, only ingress mirroring is performed on the packet; if this

setting is enabled both mirroring types are applied.
mirror-tx-on-mirror-port (yes | no; Default: no)
mirrored-packet-drop-precedence (drop | green | red | yellow; Default: green) Remarked drop precedence in mirrored packets. This QoS attribute is used for mirrored packet enqueuing or dropping.
mirrored-packet-qos-priority (0..7; Default: 0) Remarked priority in mirrored packets.
name (string value; Default: switch1) Name of the switch.
override-existing-when-ufdb-full (yes | no; Default: no) Enable or disable to override existing entry which has the lowest aging value when UFDB is full.
unicast-fdb-timeout (time interval; Default: 5m) Timeout for Unicast FDB entries.
use-cvid-in-one2one-vlan-lookup (yes | no; Default: yes) Whether to use customer VLAN id for 1:1 VLAN switching lookup.
use-svid-in-one2one-vlan-lookup (yes | no; Default: no) Whether to use service VLAN id for 1:1 VLAN switching lookup.
vlan-level-isolation (yes | no; Default: no) Enables or disables VLAN level isolation.
vlan-uses (mirror0 | mirror1; Default: mirror0) Analyzer port used for VLAN-based mirroring.

Retrieved from "https://wiki.mikrotik.com/index.php?title=Manual:CRS1xx/2xx_series_switches&oldid=26015"