Setting Bridge VLAN Trunking MikroTik – GNS3 Lab68

Setting Bridge VLAN Trunking MikroTik – GNS3 Lab68

  • MikroTik-Router ether1: internet (dhcp)
  • MikroTik-Router ether2 vlan10: 192.168.10.1/24
  • MikroTik-Router ether2 vlan20: 192.168.20.1/24
  • MikroTik-Router ether2 vlan30: 192.168.30.1/24
  • MikroTik-Router VLAN ID: 10, 20, 30
  • CRS-1 bridge1: ether1 PVID 1
  • CRS-1 bridge1: ether2 PVID 1
  • CRS-1 bridge1: ether3 PVID 10
  • CRS-1 bridge1: ether4 PVID 10
  • CRS-1 bridge1: ether5 PVID 10
  • CRS-1 bridge1: ether6 PVID 20
  • CRS-1 bridge1: ether7 PVID 20
  • CRS-1 bridge1: ether8 PVID 20
  • CRS-1 VLAN ID 1: dynamic
  • CRS-1 VLAN ID 10: Tagged ether1, ether2 > Untagged ether3, ether4, ether5
  • CRS-1 VLAN ID 20: Tagged ether1, ether2 > Untagged ether6, ether7, ether8
  • CRS-1 VLAN ID 30: Tagged ether1, ether2
  • CRS-2 bridge1: ether1 PVID 1
  • CRS-2 bridge1: ether2 PVID 1
  • CRS-2 bridge1: ether3 PVID 10
  • CRS-2 bridge1: ether4 PVID 10
  • CRS-2 bridge1: ether5 PVID 10
  • CRS-2 bridge1: ether6 PVID 20
  • CRS-2 bridge1: ether7 PVID 20
  • CRS-2 bridge1: ether8 PVID 20
  • CRS-2 bridge1: ether9 PVID 30
  • CRS-2 VLAN ID 1: dynamic
  • CRS-2 VLAN ID 10: Tagged ether1, ether2 > Untagged ether3, ether4, ether5
  • CRS-2 VLAN ID 20: Tagged ether1, ether2 > Untagged ether6, ether7, ether8
  • CRS-2 VLAN ID 30: Tagged ether1, ether2 > Untagged ether9
  • Tagged = Trunk Mode > digunakan untuk mendistribusikan beberapa VLAN ID, biasanya langsung mengarah ke device switch L3
  • Untagged = Access Mode > digunakan untuk mendistribusikan hanya satu VLAN ID, biasanya langsung mengarah ke device end user

MikroTik-Router

  • Setting VLAN, IP Address, DHCP, NAT
  • Tambahkan interface VLAN untuk VLAN ID 10, 20, 30 pada ether2
/interface ethernet
set ether1 name=ether1-wan
set ether2 name=ether2-lan

/interface vlan
add interface=ether2-lan name=vlan10 vlan-id=10
add interface=ether2-lan name=vlan20 vlan-id=20
add interface=ether2-lan name=vlan30 vlan-id=30

/ip address
add address=192.168.10.1/24 interface=vlan10 network=192.168.10.0
add address=192.168.20.1/24 interface=vlan20 network=192.168.20.0
add address=192.168.30.1/24 interface=vlan30 network=192.168.30.0

/ip pool
add name=dhcp_pool0 ranges=192.168.10.2-192.168.10.254
add name=dhcp_pool1 ranges=192.168.20.2-192.168.20.254
add name=dhcp_pool2 ranges=192.168.30.2-192.168.30.254

/ip dhcp-server
add address-pool=dhcp_pool0 interface=vlan10 lease-time=10h30m name=dhcp1
add address-pool=dhcp_pool1 interface=vlan20 lease-time=10h30m name=dhcp2
add address-pool=dhcp_pool2 interface=vlan30 lease-time=10h30m name=dhcp3

/ip dhcp-server network
add address=192.168.10.0/24 dns-server=8.8.8.8 gateway=192.168.10.1
add address=192.168.20.0/24 dns-server=8.8.8.8 gateway=192.168.20.1
add address=192.168.30.0/24 dns-server=8.8.8.8 gateway=192.168.30.1

/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-wan

CRS-1

  • Setting Bridge VLAN Trunking
  • Tambahkan interface bridge dengan mengaktifkan vlan-filtering pada CRS-1
  • Tambahkan bridge port untuk interface ether1, ether2 dengan pvid 1
  • Tambahkan bridge port untuk interface ether3, ether4, ether5 dengan pvid 10
  • Tambahkan bridge port untuk interface ether6, ether7, ether8 dengan pvid 20
  • Tambahkan bridge vlan dengan vlan id 10 tagged ether1, ether2 dan untagged ether3, ether4, ether5 (vlan id 10 akan dilewatkan pada ether1 dan ether2 dari MikroTik-Router ether2 yang selanjutnya bisa diteruskan ke device end user (Untagged) pada ether3, ether4, ether5)
  • Tambahkan bridge vlan dengan vlan id 20 tagged ether1, ether2 dan untagged ether6, ether7, ether8 (vlan id 10 akan dilewatkan pada ether1 dan ether2 dari MikroTik-Router ether 2 yang selanjutnya bisa diteruskan ke device end user (Untagged) pada ether6, ether7, ether8)
  • Tambahkan bridge vlan dengan vlan id 30 tagged ether1, ether2 (vlan id 30 akan dilewatkan pada ether1 dan ether2 dari MikroTik-Router ether 2)
/interface bridge
add ingress-filtering=no name=bridge1 vlan-filtering=yes

/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3 pvid=10
add bridge=bridge1 interface=ether4 pvid=10
add bridge=bridge1 interface=ether5 pvid=10
add bridge=bridge1 interface=ether6 pvid=20
add bridge=bridge1 interface=ether7 pvid=20
add bridge=bridge1 interface=ether8 pvid=20

/interface bridge vlan
add bridge=bridge1 tagged=ether1,ether2 untagged=ether3,ether4,ether5 vlan-ids=10
add bridge=bridge1 tagged=ether1,ether2 untagged=ether6,ether7,ether8 vlan-ids=20
add bridge=bridge1 tagged=ether1,ether2 vlan-ids=30

CRS-2

  • Setting Bridge VLAN Trunking
  • Tambahkan interface bridge dengan mengaktifkan vlan-filtering pada CRS-2
  • Tambahkan bridge port untuk interface ether1, ether2 dengan pvid 1
  • Tambahkan bridge port untuk interface ether3, ether4, ether5 dengan pvid 10
  • Tambahkan bridge port untuk interface ether6, ether7, ether8 dengan pvid 20
  • Tambahkan bridge vlan dengan vlan id 10 tagged ether1, ether2 dan untagged ether3, ether4, ether5 (vlan id 10 akan dilewatkan pada ether1 dan ether2 dari MikroTik-Router ether2 yang selanjutnya bisa diteruskan ke device end user (Untagged) pada ether3, ether4, ether5)
  • Tambahkan bridge vlan dengan vlan id 20 tagged ether1, ether2 dan untagged ether6, ether7, ether8 (vlan id 10 akan dilewatkan pada ether1 dan ether2 dari MikroTik-Router ether 2 yang selanjutnya bisa diteruskan ke device end user (Untagged) pada ether6, ether7, ether8)
  • Tambahkan bridge vlan dengan vlan id 30 tagged ether1, ether2 (vlan id 30 akan dilewatkan pada ether1 dan ether2 dari MikroTik-Router ether 2 yang selanjutnya bisa diteruskan ke device end user (Untagged) pada ether9)
/interface bridge
add ingress-filtering=no name=bridge1 vlan-filtering=yes

/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3 pvid=10
add bridge=bridge1 interface=ether4 pvid=10
add bridge=bridge1 interface=ether5 pvid=10
add bridge=bridge1 interface=ether6 pvid=20
add bridge=bridge1 interface=ether7 pvid=20
add bridge=bridge1 interface=ether8 pvid=20
add bridge=bridge1 interface=ether9 pvid=30

/interface bridge vlan
add bridge=bridge1 tagged=ether1,ether2 untagged=ether3,ether4,ether5 vlan-ids=10
add bridge=bridge1 tagged=ether1,ether2 untagged=ether6,ether7,ether8 vlan-ids=20
add bridge=bridge1 tagged=ether1,ether2 untagged=ether9 vlan-ids=30

Pengujian

  • Cek IP dhcp client pada semua device PC
  • Test Ping dari PC1 yang berada di vlan id 10 ke IP address vlan 10, 20, 30 dan PC yang berada di vlan id 20 dan 30
--------------------------------------------------------------------------
PC1> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC1    192.168.10.254/24    192.168.10.1      00:50:79:66:68:02  8.8.8.8
--------------------------------------------------------------------------
PC2> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC2    192.168.10.253/24    192.168.10.1      00:50:79:66:68:03  8.8.8.8
--------------------------------------------------------------------------
PC3> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC3    192.168.10.252/24    192.168.10.1      00:50:79:66:68:01  8.8.8.8
--------------------------------------------------------------------------
PC4> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC4    192.168.10.251/24    192.168.10.1      00:50:79:66:68:04  8.8.8.8
--------------------------------------------------------------------------
PC6> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC6    192.168.20.254/24    192.168.20.1      00:50:79:66:68:05  8.8.8.8
--------------------------------------------------------------------------
PC7> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC7    192.168.20.253/24    192.168.20.1      00:50:79:66:68:06  8.8.8.8
--------------------------------------------------------------------------
PC8> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC8    192.168.20.252/24    192.168.20.1      00:50:79:66:68:07  8.8.8.8
--------------------------------------------------------------------------
PC9> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC9    192.168.20.251/24    192.168.20.1      00:50:79:66:68:08  8.8.8.8
--------------------------------------------------------------------------
PC5> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC5    192.168.30.254/24    192.168.30.1      00:50:79:66:68:00  8.8.8.8
--------------------------------------------------------------------------
PC10> show ip all

NAME   IP/MASK              GATEWAY           MAC                DNS
PC10   192.168.30.253/24    192.168.30.1      00:50:79:66:68:09  8.8.8.8
--------------------------------------------------------------------------
PC1> ping 192.168.10.1

84 bytes from 192.168.10.1 icmp_seq=1 ttl=64 time=1.087 ms
84 bytes from 192.168.10.1 icmp_seq=2 ttl=64 time=1.244 ms
84 bytes from 192.168.10.1 icmp_seq=3 ttl=64 time=1.510 ms
84 bytes from 192.168.10.1 icmp_seq=4 ttl=64 time=1.691 ms
84 bytes from 192.168.10.1 icmp_seq=5 ttl=64 time=1.484 ms
--------------------------------------------------------------------------
PC1> ping 192.168.20.1

84 bytes from 192.168.20.1 icmp_seq=1 ttl=64 time=1.447 ms
84 bytes from 192.168.20.1 icmp_seq=2 ttl=64 time=1.626 ms
84 bytes from 192.168.20.1 icmp_seq=3 ttl=64 time=1.344 ms
84 bytes from 192.168.20.1 icmp_seq=4 ttl=64 time=1.571 ms
84 bytes from 192.168.20.1 icmp_seq=5 ttl=64 time=1.501 ms
--------------------------------------------------------------------------
PC1> ping 192.168.30.1

84 bytes from 192.168.30.1 icmp_seq=1 ttl=64 time=1.502 ms
84 bytes from 192.168.30.1 icmp_seq=2 ttl=64 time=1.244 ms
84 bytes from 192.168.30.1 icmp_seq=3 ttl=64 time=1.463 ms
84 bytes from 192.168.30.1 icmp_seq=4 ttl=64 time=1.320 ms
84 bytes from 192.168.30.1 icmp_seq=5 ttl=64 time=1.368 ms
--------------------------------------------------------------------------
PC1> ping 192.168.20.254

84 bytes from 192.168.20.254 icmp_seq=1 ttl=63 time=4.732 ms
84 bytes from 192.168.20.254 icmp_seq=2 ttl=63 time=2.636 ms
84 bytes from 192.168.20.254 icmp_seq=3 ttl=63 time=2.625 ms
84 bytes from 192.168.20.254 icmp_seq=4 ttl=63 time=2.584 ms
84 bytes from 192.168.20.254 icmp_seq=5 ttl=63 time=2.462 ms
--------------------------------------------------------------------------
PC1> ping 192.168.30.254

84 bytes from 192.168.30.254 icmp_seq=1 ttl=63 time=5.533 ms
84 bytes from 192.168.30.254 icmp_seq=2 ttl=63 time=2.834 ms
84 bytes from 192.168.30.254 icmp_seq=3 ttl=63 time=2.836 ms
84 bytes from 192.168.30.254 icmp_seq=4 ttl=63 time=3.078 ms
84 bytes from 192.168.30.254 icmp_seq=5 ttl=63 time=3.198 ms
--------------------------------------------------------------------------
PC1> ping 8.8.8.8

84 bytes from 8.8.8.8 icmp_seq=1 ttl=126 time=51.327 ms
84 bytes from 8.8.8.8 icmp_seq=2 ttl=126 time=47.235 ms
84 bytes from 8.8.8.8 icmp_seq=3 ttl=126 time=40.741 ms
84 bytes from 8.8.8.8 icmp_seq=4 ttl=126 time=55.070 ms
84 bytes from 8.8.8.8 icmp_seq=5 ttl=126 time=43.599 ms
--------------------------------------------------------------------------

herdiana3389

A system administrator with skills in system administration, virtualization, linux, windows, networking, cloud computing, container, etc.