Quick post as i have seen questions asked on the Mikrotik forums on this subject before.
The aim was to segregate devices on my LAN. This would confine the number of broadcast domains on my network and would allow me to better administrate my home network as predominantly all devices have been on the 192.168.1.0/24 network.
My home network was broken into smaller LAN segments.
In this scenarios my Mikrotik Routerboard is acting as a PPPoE server as well as a DHCP server currently only issuing ip addresses in the 192.168.1.0/24 range. Creating VLANs will enable us to isolate different networks by breaking them into smaller segments, each segment will belong to a different ip range issued from the DHCP server running on the MikroTik.
In this example following ports are used for
- Mikrotik = eth8 = TRUNK PORT to CISCO 3560
Create VLAN interfaces
add interface=LAN l2mtu=1594 name=VLAN_Lab vlan-id=2
add interface=LAN l2mtu=1594 name=VLAN_Homeautomation vlan-id=3
Assign IP addresses to VLAN interfaces
add address=10.66.10.1/24 interface=VLAN_Lab network=10.66.10.0
add address=10.65.9.1/24 interface=VLAN_Homeautomation network=10.65.9.0
Create DCHP pool and associate with created VLAN interfaces
add address-pool=VLAN_lab-POOL disabled=no interface=VLAN_Lab lease-time=2h name=dhcp_lab
add address-pool=VLAN_homeautomation disabled=no interface=VLAN_Homeautomation lease-time=2h name=dhcp_homeautomation
Create DCHP pool and Gateways
/ip dhcp-server network
add address=10.66.10.0/24 dns-server=10.66.10.1 gateway=10.66.10.1
add address=10.65.9.0/24 dns-server=10.65.9.1 gateway=10.65.9.1
CISCO 3560 Configuration
I have eth8 connected to fa0/1 on my cisco switch we need to configure a trunk on the switch.
Creating Trunk From Switch To Router
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast trunk
Assign switch ports to created VLANS
switchport mode access
switchport access vlan 2
switchport mode access
switchport access vlan 3
Ports can be extended in this example one port has been configured for each vlan
Save the configuration using Copy running-config startup-config
If you plug a device into fa0/12 an address in the
10.66.10.24 range will be issued via the dhcp server, as seen below with my raspberry pi docker stack.