You need 24 ethernet ports: why 24 ports?? Fast ethernet ports? Gigabit ethernet ports?? What kind and amount of traffic you need to pass across this interfaces??you need bonding: why?? To another router?? To another switch??you need NAT: why??
Jump to Port switching - All switches in this setup require that all used ports are switched together (except for ports that are going to be part of a bonding. How to configure Interface Bonding in Mikrotik. Hub, Switch, & Router Explained - What's the.
Is this a border router??Thanks chechito, your post is very informative. To answer your questions:. 24 ports because I will have up to 24 general-purpose Linux machines generating data each to a local disk (cache) before transferring to longer term storage system (over NFS). Gigabit ethernet ports.
LACP across 2 SPF+ ports to support data transfer from each of the 24 devices. NATing is required because the longer term storage won't be in the same ethernet.Could the CCR1072-1G-8+S be used to do the NATing in conjunction with the CRS226-24G-2S+IN I already have?
I'm guessing bonding (LACP) the SFP+ ports on the CRS226-24G-2S+IN would be a bad move for the reasons described in your post. What would be the recommend topology/configuration between the CCR and the CRS to achieve a 20Gbps link given the CCR limitations? For crying out loud! There is no such thing as a small (cheap) switch with big performance.It is some time since the CRS model are out, but most still don't get it that these are managed SWITCHES, not routers.The ROS interface is there for management purposes, the low performance routing capabilities being a side effect of that.Letting bonding aside (which is a big miss on the CRS), the moment you fiddle with IPs (like NAT), its a routing job, and the CRSs are not intended for that.Get a router for that stuff, and if you need the advanced features get a CCR and use that as a switch, not the other way around. 24 ports because I will have up to 24 general-purpose Linux machines generating data each to a local disk (cache) before transferring to longer term storage system (over NFS). Gigabit ethernet ports. LACP across 2 SPF+ ports to support data transfer from each of the 24 devices.
![Bonding Bonding](/uploads/1/2/5/4/125470254/522237806.jpg)
NATing is required because the longer term storage won't be in the same ethernet.Could the CCR1072-1G-8+S be used to do the NATing in conjunction with the CRS226-24G-2S+IN I already have? I'm guessing bonding (LACP) the SFP+ ports on the CRS226-24G-2S+IN would be a bad move for the reasons described in your post. What would be the recommend topology/configuration between the CCR and the CRS to achieve a 20Gbps link given the CCR limitations?Why NAT? Just use a static route from the storage, to reach the machines. Can You do it?
It would save a lot of CPU. Come to think of it: do You really need a router? I have no idea about the topology of your network. Wouldn't be easier to just stick a 24G + 2SFP+ switch? With VLANs You could do some traffic separation, if needed.
I don't understand. You want a switch, but you want to use NAT? So you really want a router, not a switch?I don't have control over the host network hence I need (I think I need) NATing.
I now understand (thanks to the members of this forum) that I need a router.I am not a network engineer, the devices I have connected to my CRS226-24G-2S+IN are very small, in fact the whole unit including the switch is encased in a portable chassis. I want the ability to plug my device into any host network, receive a single address over DHCP and be able to offloaded data via NFS. As portability is a factor the size of the networking device(s) is something I was looking to minimise.
I am not a network engineer, the devices I have connected to my CRS226-24G-2S+IN are very small, in fact the whole unit including the switch is encased in a portable chassis. I want the ability to plug my device into any host network, receive a single address over DHCP and be able to offloaded data via NFS. As portability is a factor the size of the networking device(s) is something I was looking to minimise.Well, in order to work this way You really need NAT.
What, in turn, means You really need a router. This 24 clients of yours: do they speak to each other? Or just to the remote storage? If You don't need them to broadcast one another, there's no need to worry about bonding the two 10Gb interfaces. Just break the switch in two VLANs, each with half the Gb ports and one 10Gb.Each 10Gb interface would connect to your router, and be a independent network.
Let's say 10.x.0.0/24 and 10.y.0.0/24. The router would use bonding on the 2 WAN interfaces.Just noticed: You said to have no control over the external network. Bonding is not a good idea, then. It needs support on both sides - and since You don't control the other LAN.If You can live with just 10Gb, the setup is much easier.1) Plug every client on the CRS.2) Connect one 10Gb port of the CRS to one 10Gb port of the router. Forget about VLANs and whatnot.3) Connect one 10Gb port of the router to the network of the storage.
Done.I can't speak about the NAT speed of the CCRs, so have no idea about which one You need. To use bonding, it would have to be the CCR1072-1G-8S+. Not much choice here, since it's the only one with 4 10Gb port available. By the way: the 10Gb ports are SFP, and they use fiber.
Keep it in mind when planning the connection to your client.
Note: For this network topology we will be using two CRS326-24G-2S+, one CRS317-1G-16S+ and one CCR1072-1G-8S+, but same principles can be applied to any CRS3xx series devices and a router.In this setup SwitchA and SwitchC will tag all traffic from ports ether1-ether8 to VLAN ID 10, ether9-ether16 to VLAN ID 20, ether17-ether24 to VLAN ID 30. Management will only be possible if user is connecting with tagged traffic with VLAN ID 99 from ether1 on SwitchA or SwitchB, connecting to all devices will also be possible from the router using tagged traffic with VLAN ID 99. SFP+ ports in this setup are going to be used as VLAN trunk ports while being in a bond to create a LAG interface.Port switchingAll switches in this setup require that all used ports are switched together (except for ports that are going to be part of a bonding interface). Warning: In this setup vlan-filtering is required, but it should be disabled while you are setting up the device. If you create a bridge with vlan-filtering enabled at the beginning, then you might loose access to the switch while you are configuring it. It is recommended to enable vlan-filtering only when management port and bridge VLAN table is configured.BondingBonding interfaces are used when a larger amount of bandwidth is required, this is done by creating a link aggregation group, which also provides hardware automatic failover and load balancing for CRS3xx series switches.
By adding two 10Gbps interfaces to a bonding, you can increase the theoretical bandwidth limit to 20Gbps. Make sure that all bonded interfaces are linked to the same speed rates. Note: Interface bonding does not create a interface with a larger link speed. Interface bonding creates a virtual interface that can load balance traffic over multiple interfaces. More details can be found in the page.Management IPIt is very useful to create a management interface and assign an IP address to it in order to preserve access to the switch. This is also very useful when updating your switches since such traffic to the switch will be blocked when enabling invalid VLAN filtering.Create a VLAN interface on SwitchA, SwitchB and SwitchC:/interface vlanadd interface=bridge name=MGMT vlan-id=99The Router needs the VLAN interface to be created on the bonding interface, use these commands to create a VLAN interface on Router':/interface vlanadd interface=bond1-2-3-4 name=MGMT vlan-id=99.
Warning: Double check if port based VLANs are set up properly. If a mistake was made, you might loose access to the switch and it can only be regained by resetting the configuration or by using the serial console.InterVLAN routingTo create InterVLAN routing, VLAN interface for each customer VLAN ID must be created on the router and must have an IP address assigned to it. The VLAN interface must be created on the bonding interface created previously.Use these commands on the Router:/interface vlanadd interface=bond1-2-3-4 name=VLAN10 vlan-id=10add interface=bond1-2-3-4 name=VLAN20 vlan-id=20add interface=bond1-2-3-4 name=VLAN30 vlan-id=30/ip addressadd address=192.168.10.1/24 interface=VLAN10add address=192.168.20.1/24 interface=VLAN20add address=192.168.30.1/24 interface=VLAN30.
Note: These commands are required for DHCP-Server. In case interVLAN routing is not desired but a DHCP-Server on a single router is required, then use to block access between different subnets.DHCP-ServerTo get the DHCP-Server working for each VLAN ID, the server must be set up on the previously created VLAN interfaces (one server for each VLAN ID). Preferably each VLAN ID should have its own subnet and its own IP pool. Warning: Make sure to secure your local DNS Server with Firewall from the outside when using allow-remote-requests set to yes since your DNS Server can be used for DDoS attacks if it is accessible from the Internet by anyone.Don't forget to create NAT, assuming that sfp-sfpplus8 is used as WAN port, use these commands on the Router:/ip firewall natadd action=masquerade chain=srcnat out-interface=sfp-sfpplus8Jumbo framesOne can increase the total throughput in such a setup by enabling jumbo frames. This reduces the packet overhead by increasing the Maximum Transmission Unit (MTU).
![Mikrotik switch rule Mikrotik switch rule](/uploads/1/2/5/4/125470254/629572711.jpg)
If a device in your network does not support jumbo frames, then it will not benefit from a larger MTU. Usually the whole network does not support jumbo frames, but you can still benefit when sending data between devices that support jumbo frames, including all switches in the path.In this case, if clients behind SwitchA and client behind SwitchC supports jumbo frames, then enabling jumbo frames will be beneficial. Before enabling jumbo frames, determine the MAX-L2MTU by using this command:admin@MikroTik /interface printFlags: D - dynamic, X - disabled, R - running, S - slave# NAME TYPE ACTUAL-MTU L2MTU MAX-L2MTU0 R ether1 ether 1500 1580 4064.