Ahoj vsem,
potrebuju poradit jakym zpusobem upravit nasaveni, aby nebylo vytizene CPU. CRS mam nastavene jako jeden bridge, jednotlive vlany jsou naparovany na bridge. zasilam i konfiguraci portu, nektere porty jsou oznacene, jine access. Problem s vykonem CPU nastava, pokud pres SFP+, ktere je access na VLAN 100 chci pristupovat na internet, ktery je na Vlan 1, dojde k prenosu ktery prochazi pres CPU. Vsecny porty na crs jsou HW offload. Pripojeni do internetu je na eth1, ktery je access pro vlan 1 a spojen s ccr1016. Bohuzel zatim nemohu hybat s nastaveni ccr, ale chtel bych crs mit jako core. Vlany jsou 97 - wifi, 99-mgmt, 100-server, 150-administrativa, 200-ucebny, 210-guest. Port 48 je trunk do jineho prvku a jsou tam dalsi 4 porty pro trunk na prepinace na wifi. To vsechno funguje, i pokud jsou wifi pres jine vlan, tak cpu je do max 5%. Jakmile chci ale pres prepinac crs ze site 100, pristoupit na 1 do internetu, okamzite jde cpu do kopru. Diky za pomoc.
jul/06/2020 23:08:37 by RouterOS 6.47
software id = 24CP-2X0D
model = CRS354-48G-4S+2Q+
serial number = xxxxxx
/interface bridge
add fast-forward=no frame-types=admit-only-vlan-tagged name=VLAN \
protocol-mode=none pvid=99 vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] loop-protect=off
set [ find default-name=ether2 ] loop-protect=on
set [ find default-name=ether3 ] loop-protect=on
set [ find default-name=ether4 ] loop-protect=on
set [ find default-name=ether5 ] loop-protect=on
set [ find default-name=ether6 ] loop-protect=on
set [ find default-name=ether7 ] loop-protect=on
set [ find default-name=ether8 ] comment="switch 1 dlink" disabled=yes \
loop-protect=on
set [ find default-name=ether9 ] loop-protect=on
set [ find default-name=ether10 ] loop-protect=on
set [ find default-name=ether11 ] loop-protect=on
set [ find default-name=ether12 ] loop-protect=on
set [ find default-name=ether13 ] loop-protect=on
set [ find default-name=ether14 ] loop-protect=on
set [ find default-name=ether15 ] loop-protect=on
set [ find default-name=ether16 ] comment="xxx switch" loop-protect=on
set [ find default-name=ether17 ] loop-protect=on
set [ find default-name=ether18 ] loop-protect=on
set [ find default-name=ether19 ] loop-protect=on
set [ find default-name=ether20 ] loop-protect=on
set [ find default-name=ether21 ] loop-protect=on
set [ find default-name=ether22 ] comment=Server
set [ find default-name=ether23 ] loop-protect=on
set [ find default-name=ether24 ] loop-protect=on
set [ find default-name=ether25 ] loop-protect=on
set [ find default-name=ether26 ] loop-protect=on
set [ find default-name=ether27 ] loop-protect=on
set [ find default-name=ether28 ] loop-protect=on
set [ find default-name=ether29 ] loop-protect=on
set [ find default-name=ether30 ] loop-protect=on
set [ find default-name=ether31 ] loop-protect=on
set [ find default-name=ether32 ] comment="LAN server 1Gbps - nouzove" \
disabled=yes loop-protect=on
set [ find default-name=ether33 ] comment="mgmt server" loop-protect=on
set [ find default-name=ether34 ] comment="mgmt server" loop-protect=on
set [ find default-name=ether35 ] loop-protect=on
set [ find default-name=ether36 ] loop-protect=on
set [ find default-name=ether37 ] loop-protect=on
set [ find default-name=ether38 ] loop-protect=on
set [ find default-name=ether39 ] loop-protect=on
set [ find default-name=ether40 ] loop-protect=on
set [ find default-name=ether41 ] loop-protect=on
set [ find default-name=ether42 ] loop-protect=on
set [ find default-name=ether43 ] loop-protect=on
set [ find default-name=ether44 ] loop-protect=on
set [ find default-name=ether45 ] loop-protect=on
set [ find default-name=ether46 ] comment=wi-fi loop-protect=on
set [ find default-name=ether47 ] comment="switch - 28" loop-protect=on
set [ find default-name=ether48 ] loop-protect=off
set [ find default-name=qsfpplus1-1 ] disabled=yes
set [ find default-name=qsfpplus1-2 ] disabled=yes
set [ find default-name=qsfpplus1-3 ] disabled=yes
set [ find default-name=qsfpplus1-4 ] disabled=yes
set [ find default-name=qsfpplus2-1 ] disabled=yes
set [ find default-name=qsfpplus2-2 ] disabled=yes
set [ find default-name=qsfpplus2-3 ] disabled=yes
set [ find default-name=qsfpplus2-4 ] disabled=yes
set [ find default-name=sfp-sfpplus1 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full,10000M-full \
loop-protect=off
set [ find default-name=sfp-sfpplus2 ] loop-protect=on
set [ find default-name=sfp-sfpplus3 ] loop-protect=on
set [ find default-name=sfp-sfpplus4 ] loop-protect=on
/interface vlan
add interface=VLAN name=vlan1-old_school vlan-id=1
add interface=VLAN name=vlan50-dmz vlan-id=50
add interface=VLAN loop-protect=on name=vlan97-wi-fi vlan-id=97
add interface=VLAN loop-protect=on name=vlan99-mgmt vlan-id=99
add interface=VLAN loop-protect=on name=vlan100-servers vlan-id=100
add interface=VLAN name=vlan150-administration vlan-id=150
add interface=VLAN name=vlan200-students vlan-id=200
add interface=VLAN loop-protect=on name=vlan220-dm vlan-id=220
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp_pool0 ranges=192.168.97.42-192.168.97.62
/ip dhcp-server
add address-pool=dhcp_pool0 lease-time=1w10m name=dhcp1
/interface bridge port
add bridge=VLAN frame-types=admit-only-vlan-tagged interface=ether48 pvid=99
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether45
add bridge=VLAN interface=ether1
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether2
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether3
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether4
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether5
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether6
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether7
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether8
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether9
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether10
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether11
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether12
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether13
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether14
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether15
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether16
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether17
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether18
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether19
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether20
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether21
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether23
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether24
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether25
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether26
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether27
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether28
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether29
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether30
add bridge=VLAN frame-types=admit-only-vlan-tagged interface=ether44 pvid=99
add bridge=VLAN frame-types=admit-only-vlan-tagged interface=ether43 pvid=99
add bridge=VLAN frame-types=admit-only-vlan-tagged interface=ether42 pvid=99
add bridge=VLAN frame-types=admit-only-vlan-tagged interface=ether41 pvid=99
add bridge=VLAN frame-types=admit-only-vlan-tagged interface=ether38 pvid=99
add bridge=VLAN frame-types=admit-only-vlan-tagged interface=ether37 pvid=99
add bridge=VLAN frame-types=admit-only-vlan-tagged interface=ether36 pvid=99
add bridge=VLAN frame-types=admit-only-vlan-tagged interface=ether35 pvid=99
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether46 pvid=220
add bridge=VLAN interface=ether47 pvid=99
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether22
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=sfp-sfpplus1 pvid=100
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether33 pvid=99
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether34 pvid=99
add bridge=VLAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether32 pvid=100
/interface bridge vlan
add bridge=VLAN tagged="ether48,ether35,ether36,ether37,ether38,ether41,ether4\
2,ether43,ether44,VLAN" untagged="ether1,ether2,ether3,ether4,ether5,ether\
6,ether7,ether8,ether9,ether10,ether11,ether12,ether13,ether14,ether15,eth\
er16,ether17,ether18,ether19,ether20,ether21,ether22,ether23,ether24,ether\
25,ether26,ether27,ether28,ether29,ether30,ether45" vlan-ids=1
add bridge=VLAN tagged="ether48,ether35,ether36,ether37,ether38,ether41,ether4\
2,ether43,ether44,VLAN" untagged=ether32,ether33,ether34,ether47 \
vlan-ids=99
add bridge=VLAN tagged="ether48,ether35,ether36,ether37,ether38,ether41,ether4\
2,ether43,ether44,VLAN" vlan-ids=97
add bridge=VLAN tagged=VLAN,ether48,ether35,ether36,ether37,ether38 untagged=\
ether32,sfp-sfpplus1 vlan-ids=100
add bridge=VLAN tagged=ether48,ether35,ether36,ether37,ether38,VLAN vlan-ids=\
150
add bridge=VLAN tagged=ether48,ether35,ether36,ether37,ether38,VLAN vlan-ids=\
200
add bridge=VLAN tagged="ether48,ether35,ether36,ether37,ether38,ether41,ether4\
2,ether43,ether44,VLAN" untagged=ether46 vlan-ids=220
add bridge=VLAN tagged=ether48,ether35,ether36,ether37,ether38,VLAN vlan-ids=\
50
/ip address
add address=192.168.99.1/24 interface=vlan99-mgmt network=192.168.99.0
add address=192.168.97.1/26 interface=vlan97-wi-fi network=192.168.97.0
add address=192.168.100.1/24 interface=vlan100-servers network=192.168.100.0
add address=192.168.150.1/24 interface=vlan150-administration network=\
192.168.150.0
add address=192.168.200.1/24 interface=vlan200-students network=192.168.200.0
add address=192.168.1.1/24 interface=vlan1-old_school network=192.168.1.0
/ip dhcp-server network
add address=192.168.97.0/26 gateway=192.168.97.1
/ip dns
set servers=193.17.47.1,185.43.135.1
/ip route
add distance=1 gateway=192.168.1.245
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
/system clock
set time-zone-name=Europe/Prague
/system routerboard settings
set boot-os=router-os
#error exporting /system swos
