massimo nuvoli - mikrotikmum.mikrotik.com/presentations/eu16/presentation_2984_1457014058.pdf · if...
TRANSCRIPT
![Page 1: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/1.jpg)
Switching on Mikrotik DevicesMassimo Nuvoli
TRAINER #TR0368 (here in Lubiana)
MUM Europe 2016
![Page 2: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/2.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 2
Thank you...
Davide and FrancescaIl Vito, Elisa, Monet and Federica
and all my friends
![Page 3: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/3.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 3
Massimo Nuvoli (maxnuv)
● Owner of Progetto Archivio SRL● System Engineer● Deep knowledge in network and system
design with performance goal● Hardware specialist● Reworking and renew specialist● Please, call me Max!
![Page 4: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/4.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 4
Objectives
● Know about switching in Mikrotik devices● Know where is, and what to do with● How to use CRS125 switch to build a
vmware 2 nodes cluster● Bounty
![Page 5: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/5.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 5
Some question
● How much VLAN it is possible to make on a single L2 connection (standard)?
● 4094● 16760836
![Page 6: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/6.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 6
Some question
● How much VLAN it is possible to make on a single L2 connection (standard)?
● 4094● 16760836
the right answer is the second that is
4094*4094 SVID and CVID for QinQ
![Page 7: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/7.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 7
Some question
● Bridge speed and switch speed are the same
● YES● NO
![Page 8: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/8.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 8
Some question
● Bridge speed and switch speed are the same
● YES● NO
the right answer is NO, the bridge is inside the core of the Routerboard, so software device, the switch do all the job in hardware
![Page 9: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/9.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 9
Why you need serial port?● Working with switching is sometime dangerous● If the device has a serial port better● If the device has a usb port then connect
supported ethernet adapter● If the device has wireless interface then
configure for access● Losing the device mean loss of configuration
![Page 10: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/10.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 10
Some Switching Theory
● Switch is a “simple” device that connects at least two network physical link (L1) doing its job at L2
● And, with VLAN and QinQ CHECK MTU size, each VLAN header is 4 bytes!
● Missing on all (hardware) switch from Mikrotik– Spanning Tree
– Dynamic trunking
Hey! We need them!
![Page 11: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/11.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 11
Mikrotik Switch Concept
● Switch is a fully independent device that communicate with only one (ethernet) port with the router
switch chip n ports
n-1 ports
cpu port
![Page 12: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/12.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 12
Mikrotik Switch Mixed Device● Block diagram of a RB951G-2HnD device
![Page 13: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/13.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 13
Mikrotik Switch CRS125
● Block diagram of CRS125 device
![Page 14: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/14.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 14
Mikrotik CCR
● Block diagram
of CCR 1036
![Page 15: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/15.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 15
Mikrotik Switch Concept
● Ports can be “switched” or grouped only if belonging to the same hardware switch
● A switch is defined by choosing a “master” interface and a number of “slave” interfaces
● The “master” interface is the only that can be used as “interface” with the core router
● A “slave” interface can be managed but it's impossible to see the traffic flowing trough
![Page 16: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/16.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 16
Mikrotik Switch Concept
Small devices can define only one switch per chip
Bigger devices can have more than one master-slave group
Using more than one master-slave setup and vlan is “not good”
It is better a VLAN only setup.
![Page 17: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/17.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 17
Mikrotik devices differences● Small and simpler devices can have no switch● More mixed devices have a switch chip, basic
functions, only one master/slave● CRS devices are multi master/slave● Most CCR devices have NO switch and can
do only bridging● CHECK BEFORE BUY!!!!
![Page 18: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/18.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 18
Mikrotik VLAN management● Vlan can be managed
– from the core only
– from the core and the switch
– from the switch only
● Then YOU NEED A SCHEMA of the network
![Page 19: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/19.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 19
Mikrotik VLAN management● Device view
![Page 20: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/20.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 20
Simple Vmware setup
● CRS125● One or more port group for data● One or more port group for storage (iscsi)● No need to use VLAN!
● Very important add firewall rule → no storage/server traffic on the CPU, only at switch level
● And max MTU is? 4000!
![Page 21: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/21.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 21
NOT OK why?
CRS125GROUPA (data)
GROUPB (iscsi)
GROUPC (iscsi)
management
Server A Server B Storage
LAN
![Page 22: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/22.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 22
OK spanning-tree switch!
CRS125GROUPA (data)
GROUPB (iscsi)
GROUPC (iscsi)
management
Server A Server B Storage
LANManaged
Switch
![Page 23: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/23.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 23
Trunking example
● Trunking on CRS side (hardware)/interface ethernet switch trunk add name=trunk1 member-ports=ether1,ether2
● Trunking on ROUTEROS side (software)/interface bonding add name=bonding1 slaves=ether1,ether2 mode=balance-xor transmit-hash-policy=layer-2-and-3 link-monitoring=mii mii-interval=100ms
![Page 24: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/24.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 24
CRS power!
● Bandwidth limiting one single port, job done at switch level (no cpu involved) works only on CRS
● We must use both “Ingress Port policer” and “Shaper”
● Ingress Port Policer set RX limit:/interface ethernet switch ingress-port-policer add port=etherX meter-unit=bit rate=20M
● Shaper set TX limit:/interface ethernet switch shaper add port=etherX meter-unit=bit rate=20M
![Page 25: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/25.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 25
Behind the switch
● How is possible to address each single port on Mikrotik devices?
Port0 vlan A
Port1 vlan B
Port2 vlan C
Port3 vlan D
Port4 vlan E
VlanABCDE
ethernet0 vlan A
ethernet1 vlan B
ethernet3 vlan D
ethernet2 vlan C
ethernet4 vlan Eswitch cpu
ethernetcpu
![Page 26: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/26.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 26
Behind the switch
● How is possible to address each single port on Mikrotik devices?
Port0 vlan A
Port1 vlan A
Port2 vlan C
Port3 vlan D
Port4 vlan E
VlanABCDE
ethernet0 vlan A
ethernet1 vlan B
ethernet3 vlan D
ethernet2 vlan C
ethernet4 vlan Eswitch cpu
ethernetcpu
![Page 27: Massimo Nuvoli - MikroTikmum.mikrotik.com/presentations/EU16/presentation_2984_1457014058.pdf · If the device has a serial port better If the device has a usb port then connect supported](https://reader030.vdocuments.us/reader030/viewer/2022041203/5d50e15688c993cb6f8b69d2/html5/thumbnails/27.jpg)
MUM EUROPE 2016 Switching on Mikrotik Devices - (c) Massimo Nuvoli 27
Questions?