Getting Started: MikroTik VLAN Configuration

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hey everybody it's the networkberg here hope you've been doing well so this video is going to be something that is actually not covered by my critique in the mtcna which is the entry-level certification from mikrotik but me i feel this is vital to understand especially in the beginning of your networking career and that is vlans if you don't understand how vlans work if you don't understand how to set them up you are going to have a difficult experience when you are trying to administer a network that is running networks because most networks these days will use vlans it's it's a given if you are working in a wisp like a wireless rsp you're going to be dealing with so many vlans so it's good for you to get the principle of vlans in the beginning instead of later on like in the mtcre where i'll also be giving you some more advanced things regarding vlans when we get to that point but you need to understand how vlans work and how to configure them and that's what this video is for so like i said if you look at the outline on my critique's site for the mtcna vlans aren't covered at all and i'll be trying to give you a base explanation how to set them up on the device and i'm also going to put a link in this video that you can follow that gives you an explanation on how vlans work so i hope you have fun with this i do hope you learn a bit about vlans because i know that when i started in networking vlans and subnetting those were things that seemed so above me and it took me a while to get it but once i got it super easy but you need to start somewhere and you need to work on it so i'm gonna get into the video now hope you enjoy all right so this is the like eighth time i'm making the video because every time something happens which is unfortunate so let's try this again welcome to setting up a vlan on my critique so i've set up a very basic lab here which i think a lot of people can relate to and that is maybe spanning vlans for small office networks or it could be a a big company but they just don't really work much with vlans and on the topology we've just added a switch and then probably like a user like a computer and a phone so that's something you'll typically see is a business will have a requirement to have a phone and land network on different vlans and you always want to make sure your vlans are separated because you don't want one big flat network because it can cause a lot of broadcast overhead and it's also very easy then to cause um malicious intent on that network if everything's just running on the same range so we want to secure our network and we want to use vlans so let's set up a vlan on the tick i've already done the configuration on the switch i'll run through the configuration on the switch it's a cisco switch even though i probably shouldn't be talking about cisco when i'm showcasing um my critique stuff it's it's still something that you need to see and understand so let's just jump onto our microtech router and i can see i've got ethernet 2 which is going to be running to our switch now let's be on the micro tick let's navigate to our interfaces and from the interfaces there's two places you can add vlans you can either go to the vlan tab we can click on the plus symbol and then click on vlan i typically just go to the vlan tab because it will give you additional information on what's happening with the vlans and then from here we can just click on the plus brings up a new box now we can give our vlan a name so i'm just going to call this lan then we've got mtu i'll go more into mtu in a later video when we start doing stuff for like mtcre but mtu by default will be 1500 that is pretty much industry standard but there are uses in dropping it or making it bigger but we're not going to do that here we're going to leave everything default now the big important part your vlan id this is very important you need to make sure your vlan id corresponds with whatever is running through the whole network through your switches up to the end point which would be the computer or the phone or the cctv camera etc so this vlan id i'm going to make vlan 10 because that's what i've assigned to our data network already next important bit which interface are you tagging this on so in our example it's on ether 2 so i'm going to leave it on e32 because that's the cable that's running to the switch if we look there again ether2 goes to our switch now i'm going to apply this and we will see here is our vlan it's been created and it gives us all this handy information like there's the vlan id here's the interface if we click on it we can see the status when the link came up how much traffic is passing through it even though it isn't passing anything right now because we haven't really connected anything yet and then there's all these other cool things we can do like torched interface but we won't jump into that i've got a separate video about torch anyways so we've created a vlan for the lan now so let's also just create a vlan for the voice for the phones so i might call this voice i'll leave the mtu again and the vlan id that i've assigned is 20 and i'm going to use ether2 again because it's on the same uplink cable so that's also the nice thing about vlans you can use the same interface to span many different vlans many different networks so you don't need a bunch of different ports to span the networks across so i'm going to apply this now i've got a voice and a lan if i go back to my interfaces you'll see that the lan and voice is now under the ethernet 2 interface and if i jump onto our topology the vpc3 which is the pc which is the data network i've already spanned this across in order to get onto that vlan so it's part of that network so i'm just going to jump onto this pc give it an ip address let's just make sure what that ip is because i'm not sure i've actually assigned the range yet so let's go into our ip addresses all right i haven't assigned an ip address range yet so let's add one let's make it like 192 168 zero dot one slash twenty four on lan now let's get back on to that virtual pc and the ip i'm gonna give this is one nine two one six eight zero dot fifty slash 24 and 192.1680.1 will be the gateway so that is the mikrotik router now let's quickly see do we have columns can i ping 192.1680.1 yes i can so i'm actually now getting to this vlan interface across the lan network so i'm not going to ethernet 2 directly i'm actually accessing a vlan now let's do the same for the phones so on the phone network i'm just going to add another address let's make me make it like 172.1 20.20.1 28 and i'm going to assign that onto the voice vlan now let's jump back onto our topology on eve and for this computer i'm going to give it the ipad 172 [Music] 20.20.5 28 and then 172 2020.1 is the gateway so i'm quickly going to see can i ping 172 2021 and i can so now i can get to my voice network which is brilliant so i've actually spanned a vlan the vlans are on ethernet 2 and it's going to our switch and then from the switch it's segregating or separating the networks i'm going to get into the cisco switch not that um i'm trying to force cisco on you but mikrotik only gives us the cloud hosted routers as a virtual option so it's not like i could show you what this looks like on their switches even though it's very similar to working on the on the ros on on that gui um but on a switch perspective i'm just going to show you the vlans so i have vlan 10 that i created on the switch i have vlan 20 that i've created on the switch as well so on a switch perspective vlan 10 i have untagged on gi 0 1 vlan 20 which is the voice i have untagged on gi zero slash two and then we have a trunk interface which basically spans all the vlans to the micro tick so think of vlans almost as it is it's not a sub interface because you get things called sub interfaces but think of it kind of as a sub interface it's something that you put inside your interface with that dot one q tag 802.1q order to tag the packet with a vlan so that it knows which part of the network it is reason this is useful is whenever broadcast traffic or any type of traffic goes out let's say this computer sends out an arp message it's doing a lookup the phone network will never receive that arp message it will stay inside its own vlan which is way more secure and it's going to be something that you need to do so that covers how to set up vlan on a lan level and there's so many different ways that we can we can get into this um i mean i'd actually like to show you how to just do this quickly between two micro tick routers as well so i'm i'm going to add a another micro tick router let's just give this a nice little icon and there we go so that's now another mikritic router i'm going to connect this maybe onto ether 4 for both devices just because so you could almost think of this if you were like a wisp maybe and this is your cpa at the client side and this is actually like your high side or your connecting site where your other router is it doesn't need to be that type of situation it it could really be anything but this is now just going to be straight between two micro tick routers so i'm just going to start up this new micro tech router and a lot of the actual vlans on this new router i'm going to do through the command line hang on i need to just kill that quickly sorry because this is a version seven uh micro tick that i just brought up which is not going to run very nice because it's it's still in beta version 7 isn't out yet hopefully it's out soon but we'll play around with what we currently have version 6. alright so adding another router starting it up and it's it's actually going to be quite similar to what you saw now when we expand vlans across the lan right and but now you could almost say that you're going to do this on a link basis so each customer would probably have their own vlan for each link so that they could use the same physical wire or radio frequency but they'd be on different vlans so i'm going to jump into this microchip admin blank no and it looks like googly garb but just because i logged in i might have to restart that micro tick yes i do which is unfortunate okay micro tick you should be behaving now admin blank okay so we don't have any eyepiece we don't have any vlans all that stuff so what we're going to do is we know on ether 4 we've patched that cable i think it could even be a wlan okay so we'll be just adding a vlan and let's just call this customer one link and i might make the vlan like one one eight nine or something i'm gonna put that on ether four so that's what ether for now i'm going to do the same from the cli for this new mikrotik so interface add interface vlan add the vlan id which i already forgot so let's just quickly get it one one eight nine one one eight nine interface was ether four and the name customer one link all right great so what i'm going to do is i'm also just going to add an ip address quickly so ip address add 10 10 dot 10.44.2 30. and we'll put this on the customer one link vlan now let's just do the same on our main router and i'm going to add 10 10 i'm gonna make it 10 10 44. dot one slash 30 and let's put that on customer one link so if i go into my ip neighbors there's all kinds of neighbors that i'm picking up but the one i'm interested in is this customer one link it's got the ip address now it's got the mac address i'm learning so i can see it over this new vlan that we created if i also go into a terminal maybe i could also ping this 1010 44.2 address and that's over the vlan so there's so much more we can do with vlans but this is just a base understanding on how to set up a vlan on mikrotik and how to span it between two different devices just so that you can set up that ip communication on vlans so i hope the video has helped you maybe you've learned something new if you did please subscribe to the channel like it share it i do appreciate it and i'll catch you in the next video bye
Info
Channel: The Network Berg
Views: 39,319
Rating: undefined out of 5
Keywords: Router, RouterOS, MikroTik, MTCNA, VLAN, MTCRE, Switch, Networking
Id: pdpFAxwocTo
Channel Id: undefined
Length: 15min 45sec (945 seconds)
Published: Fri Aug 14 2020
Related Videos
Configuring VLAN's on MikroTik RouterBoard using the Switch Chip
MAICT Consult
39K
Common MikroTik WiFi mistakes and how to avoid them
MikroTik
82K
IEEE 802 1Q: Tagging and Trunking 101
Sunny Classroom
141K
VLAN Explained
PowerCert Animated Videos
976K
Mikrotik VLANs - CRS3XX Step by Step - Mikrotik Tutorial
The Network Trip
25K
Optimising Your MikroTik Layer2 configuration
MikroTik
10K
Getting Started: MikroTik Firewall
The Network Berg
24K
TOP 10 RouterOS Configuration Mistakes
MikroTik
119K
How To Setup VLANS With pfsense & UniFI. Also how to build for firewall rules for VLANS in pfsense
Lawrence Systems
336K
MikroTips: managing many access points with CAPsMAN
MikroTik
25K
Getting Started: MikroTik basic setup
The Network Berg
16K
MikroTik - 7 Things you need to know!
The Network Berg
36K
Playing with RouterOS's VLANs
MikroTik
14K
đź“—MikroTik MTCNA - Route Configuration
The Network Berg
982
MikroTik CRS305-1G-4S+IN 10G Switch Setup Review With VLANS
Lawrence Systems
115K
Mikrotik VLANs - CRS1xx & CRS2xx - Mikrotik Tutorial
The Network Trip
5.2K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.