The Mikrotik switch product line can be configured to function as an enterprise managed switch with data and management vlans, default gateway, management IP, and tagged and untagged ports. You can pretty much use a Mikrotik Cloud smart switch such as the CSS326-24G-2S+RM to accomplish most of the functions of a high-end Catalyst switch without emptying your purse.
With the Mikrotik CSS product line, you get the benefits of 10/25/40/100Gbps port speed, routing, mpls, ipv6, vpn, and much more, all in one box at a price far lesser than what you pay for lower-grade devices from other OEMs. While it is easy to gravitate towards OEMs like Cisco, Juniper and the likes, the truth is that Mikrotik has come to stay and the one of the reasons people shy away from it is the lack of technical skills required to implement advance solutions on it. With what has been achieved with the RouterOS, it is only a matter of time before the Mikrotik SwitchOS becomes a household name.
I have written a post on vlan implementation using a Mikrotik router and a Cisco switch. Please read here. This post is on how to implement inter-vlan routing using a Cisco router and a Mikrotik Cloud smart switch. The main focus will be on the step-by-step configuration of the Mikrotik cloud smart switch for vlan segmentation and out-of-bound management.
Mikrotik Switch Vlan configuration
The first step is to create a bridge, add all your used ports to the bridge, and define port vlan membership. It is a best practice to turn off all unused ports.
interface bridge/ add name=bridge1 vlan-filtering=yes interface bridge port/ add bridge=bridge1 interface=ether1 pvid=1 add bridge=bridge1 interface=ether2 pvid=10 add bridge=bridge1 interface=ether3 pvid=20 add bridge=bridge1 interface=ether4 pvid=30
Define port type: access and trunk ports
Just like it is done on Cisco routers, you need to define your trunk and access ports. Mikrotik adopted the industry naming convention, hence the use of tagged and untagged ports. Tagged ports are trunks while untagged ports are access ports; don’t get confused. I am using vlan99 for management. This explains why it has no untagged (access) ports assigned. To configure your mikrotik tagged and untagged ports, please see commands in the textbox below for guide.
interface bridge vlan add bridge=bridge1 vlan-ids=10 tagged=ether1 untagged=ether2 add bridge=bridge1 vlan-ids=20 tagged=ether1 untagged=ether3 add bridge=bridge1 vlan-ids=30 tagged=ether1 untagged=ether4 add bridge=bridge1 vlan-ids=99 tagged=ether1,bridge1
Mikrotik switch Management vlan, IP and default gateway
Here, I will create a the management vlan 99, assign a management IP address, and of course, a default gateway for out-of-bound management. See commands below.
interface vlan add name Vlan99 vlan-id=99 / ip add add add=192.168.99.2/24 interface=vlan99 ip route add dst-address=0.0.0.0/0 gateway=192.168.99.1
Cisco router on a stick configuration.
The final step is the configuration of sub-interface IP addresses and dhcp servers on your Cisco router. These steps are relatively easy and straight forward. If you have any difficulty with doing this, please check out my post on how to implement multiple dhcp services in a multi-vlan environment. Please visit the Mikrotik official hardware page for the latest on Mikrotik switchOS.
Here is the video on my Youtube channel on hwo to achieve the same task through the GUI using Winbox:.
If you enjoyed this tutorial, please subscribe to this blog to receive my posts via email. Also subscribe to my YouTube channel, like my Facebook page and follow me on Twitter.