InterVLAN routing MikroTik

InterVLAN routing MikroTik

   MikroTik    2020  |  0

If separate VLANs are implemented on a switch, then a router is required to provide communication between VLANs. Switch works at OSI layer 2 so it uses only Ethernet header to forward and does not check IP header. For this reason we must use the router that is working as a gateway for each VLAN. Without a router, a host is unable to communicate outside of its own VLAN. Routing process between VLANs described above is called inter-VLAN communication.

To illustrate inter-VLAN communication, we will create a trunk that will carry traffic from three VLANs (VLAN2 and VLAN3, VLAN4) across a single link between a Mikrotik router and a manageable switch that supports VLAN trunking.

Image12005

Each VLAN has its own separate subnet (broadcast domain) as we see in figure above:

  • VLAN 2 – 10.10.20.0/24;
  • VLAN 3 – 10.10.30.0/24;
  • VLAN 4 – 10.10.40.0./24.

VLAN configuration on most switches is straightforward, basically we need to define which ports are members of the VLANs and define a ’trunk’ port that can carry tagged frames between the switch and the router.

“Configuration example on MikroTik router:”

“Create VLAN interfaces:”

/interface vlan
add name=VLAN2 vlan-id=2 interface=ether1 disabled=no
add name=VLAN3 vlan-id=3 interface=ether1 disabled=no
add name=VLAN4 vlan-id=4 interface=ether1 disabled=no

“Add IP addresses to VLANs:”

/ip address 
add address=10.10.20.1/24 interface=VLAN2
add address=10.10.30.1/24 interface=VLAN3
add address=10.10.40.1/24 interface=VLAN4

RouterOS /32 and IP unnumbered addresses

In RouterOS, to create a point-to-point tunnel with addresses you have to use address with a network mask of ‘/32’ that effectively brings you the same features as some vendors unnumbered IP address.

There are 2 routers RouterA and RouterB where each is part of networks 10.22.0.0/24 and 10.23.0.0/24 respectively and to connect these routers using VLANs as a carrier with the following configuration:

Slash32

RouterA:

 /ip address add address=10.22.0.1/24 interface=ether1
 /interface vlan add interface=ether2 vlan-id=1 name=vlan1
 /ip address add address=10.22.0.1/32 interface=vlan1 network=10.23.0.1
 /ip route add gateway=10.23.0.1 dst-address=10.23.0.0/24

RouterB:

 /ip address add address=10.23.0.1/24 interface=ether1
 /interface vlan add interface=ether2 vlan-id=1 name=vlan1
 /ip address add address=10.23.0.1/32 interface=vlan1 network=10.22.0.1
 /ip route add gateway=10.22.0.1 dst-address=10.22.0.0/24

 

Schrijf je in voor de nieuwsbrief

Links

  • MikroTik scripts
  • Wat is mijn IP
  • Speedtest
  • IP subnet
  • Waar ligt glasvezel?

    • Contact

    WifiNederland
    info@wifinederland.nl
    Tel: 085-7602711
    KvK: 76802671
    Btw: NL003137656B03

    © 2025 WifiNederland.