User talk:Sudiptakp

From MikroTik Wiki
Revision as of 07:30, 18 January 2010 by Sudiptakp (talk | contribs) (added topics)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

802.1q Trunk extension over Wireless P2P Link

Introduction

It is very common practice to isolate group of users in a network using VLANs. In wired

Networks we use lot of Trunk links to carry and extend VLANs from one switch to the other.

Sometimes it becomes necessary to plan redundant parallel network links for these trunk

links. Now building a trunk link using wi-fi network is little tricky.

Let us assume the Scenario as following.

  • A network is having three VLANs with IDs -10,20,30
  • A Mikrotik P2P link is being configured as trunk for carrying these three VLANs.
  • Eth1 of the wireless routers are connected to the switches.



Vlan.jpg



A. Create VLAN interfaces for your vlans

You need to create as many VLAN interfaces as the total no. of VLANs being forwarded through

the trunk link. Here in this example I have maintained symmetry between VLAN ID and the name

of the corresponding VLAN interface.

/interface vlan
add arp=enabled comment="" disabled=no interface=ether1 mtu=1500 name=vlan10 \
    vlan-id=10
add arp=enabled comment="" disabled=no interface=ether1 mtu=1500 name=vlan20 \
    vlan-id=20
add arp=enabled comment="" disabled=no interface=ether1 mtu=1500 name=vlan30 \
    vlan-id=30


Interfaces.skp.jpg



B. Create bridges - one per vlan

One has to create as many bridges as the number of the vlan interfaces. This will run

isolated Spanning Tree instances for the individual VLANs.

/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
    comment="" disabled=no forward-delay=15s max-message-age=20s mtu=1500 \
    name=bridge_VLAN_10 priority=0x8000 protocol-mode=stp \
    transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
    comment="" disabled=no forward-delay=15s max-message-age=20s mtu=1500 \
    name=bridge_VLAN_20 priority=0x8000 protocol-mode=stp \
    transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
    comment="" disabled=no forward-delay=15s max-message-age=20s mtu=1500 \
    name=bridge_VLAN_30 priority=0x8000 protocol-mode=stp \
    transmit-hold-count=6



Bridge.skp.jpg



C. Add vlan interfaces to the corresponding bridge

After the creation of the bridges, vlan interfaces need to be assigned to the corresponding

bridges. This is to note that no primary interface like ether1 or wlan1 is assigned to the

bridges. If this is done by mistake, the whole system might stop forrwarding frames.


/interface bridge port
add bridge=bridge_VLAN_10 comment="" disabled=no edge=auto external-fdb=auto \
    horizon=none interface=vlan10 path-cost=10 point-to-point=auto priority=\
    0x80
add bridge=bridge_VLAN_20 comment="" disabled=no edge=auto external-fdb=auto \
    horizon=none interface=vlan20 path-cost=10 point-to-point=auto priority=\
    0x80
add bridge=bridge_VLAN_30 comment="" disabled=no edge=auto external-fdb=auto \
    horizon=none interface=vlan30 path-cost=10 point-to-point=auto priority=\
    0x80


Bridge ports.skp.jpg


D. Create Virtual APs - one per vlan

  • The Primary interface, wlan1 in this case will be in ap-bride mode and will not have any

SSID associated with it.

  • The virtual APs will have hidden SSIDs. While creating virtual APs put 00:00:00:00:00:00

as MAC address. RouterOS will dynamically assign a MAC address to these.

  • In VAPs enable WDS in dynamic mode and select the corresponding VLAN bridge created

earlier.

/interface wireless
set 0 ack-timeout=dynamic adaptive-noise-immunity=none allow-sharedkey=no \
    antenna-gain=0 antenna-mode=ant-a area="" arp=enabled band=2.4ghz-b \
    basic-rates-a/g=6Mbps basic-rates-b=1Mbps burst-time=disabled comment="" \
    compression=no country=no_country_set default-ap-tx-limit=0 \
    default-authentication=yes default-client-tx-limit=0 default-forwarding=\
    yes dfs-mode=none disable-running-check=no disabled=no \
    disconnect-timeout=3s frame-lifetime=0 frequency=2412 frequency-mode=\
    manual-txpower hide-ssid=no hw-retries=4 mac-address=00:80:48:60:6B:91 \
    max-station-count=2007 mode=ap-bridge mtu=1500 name=wlan1 \
    noise-floor-threshold=default on-fail-retry-time=100ms \
    periodic-calibration=default periodic-calibration-interval=60 \
    preamble-mode=both proprietary-extensions=post-2.9.25 radio-name=\
    008048606B91 rate-set=default scan-list=default security-profile=default \
    ssid="" station-bridge-clone-mac=00:00:00:00:00:00 supported-rates-a/g=\
    6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=\
    1Mbps,2Mbps,5.5Mbps,11Mbps tx-power-mode=default update-stats-interval=\
    disabled wds-cost-range=50-150 wds-default-bridge=none wds-default-cost=\
    100 wds-ignore-ssid=no wds-mode=disabled wmm-support=disabled


Main wlan.skp.jpg


Here in this example we have created three virtual APS associated with three different

bridges through three separate WDS.


add area="" arp=enabled comment="" default-ap-tx-limit=0 \
    default-authentication=yes default-client-tx-limit=0 default-forwarding=\
    yes disable-running-check=no disabled=no hide-ssid=yes mac-address=\
    02:80:48:60:6B:91 master-interface=wlan1 max-station-count=2007 mtu=1500 \
    name=wlan_VAP_10 proprietary-extensions=post-2.9.25 security-profile=\
    default ssid=CISCO_V_10 update-stats-interval=disabled wds-cost-range=0 \
    wds-default-bridge=bridge_VLAN_10 wds-default-cost=0 wds-ignore-ssid=no \
    wds-mode=dynamic wmm-support=disabled
add area="" arp=enabled comment="" default-ap-tx-limit=0 \
    default-authentication=yes default-client-tx-limit=0 default-forwarding=\
    yes disable-running-check=no disabled=no hide-ssid=yes mac-address=\
    02:80:48:60:6B:92 master-interface=wlan1 max-station-count=2007 mtu=1500 \
    name=wlan_VAP_20 proprietary-extensions=post-2.9.25 security-profile=\
    default ssid=CISCO_V_20 update-stats-interval=disabled wds-cost-range=0 \
    wds-default-bridge=bridge_VLAN_20 wds-default-cost=0 wds-ignore-ssid=no \
    wds-mode=dynamic wmm-support=disabled
add area="" arp=enabled comment="" default-ap-tx-limit=0 \
    default-authentication=yes default-client-tx-limit=0 default-forwarding=\
    yes disable-running-check=no disabled=no hide-ssid=yes mac-address=\
    02:80:48:60:6B:93 master-interface=wlan1 max-station-count=2007 mtu=1500 \
    name=wlan_VAP_30 proprietary-extensions=post-2.9.25 security-profile=\
    default ssid=CISCO_V_30 update-stats-interval=disabled wds-cost-range=0 \
    wds-default-bridge=bridge_VLAN_30 wds-default-cost=0 wds-ignore-ssid=no \
    wds-mode=dynamic wmm-support=disabled

VAP General TAB: Assign a meaningful name to the Virtual AP.

Vap-0.skp.jpg



VAP Wireless TAB: Create a meningful SSID. It is advisable to hide SSID.

Vap-1.skp.jpg



VAP WDS TAB: Turn on WDS in Dynamic mode and select the appropriate bridge.

Vap-2.skp.jpg


Limitations

  • The Agregate Throuput of the trunk link will never be more that 22-23 Mbps. I have tested

this on 5.8 GHz 802.11a only. I need to test the same on 802.11n also. I will also test

NStreme.

  • Since one can create 128 no. of Virtual APs, total no. of VLANs that this wireless link

would be able to carry is 128 at maximum. In last 10 years I have not encountered a

situation where a trunk was carrying those many VLANs.

  • This trunking will only work with 802.1q protocol. It is incompatible with ISL.

--Sudiptakp 18:30, 17 January 2010 (UTC)Topics:Wireless