¹ÌÅ©·Îƽ ¶ó¿ìÅÍ¿¡¼­ VLAN ÀÎÅÍÆäÀ̽º ¼³Á¤ ¹æ¹ý ¹®Àǵ帳´Ï´Ù.

   Á¶È¸ 7461   Ãßõ 0    

다음 그림과 같이 미크로틱 라우터 1대와 미크로틱 스위치 2대를 사용하여 VLAN을 구성하려고 합니다.


라우터 (CCR1009)에 스위치 1대 (CRS326-1)를 연결하는 경우의 VLAN 인터페이스 설정하는 방법은 이해를 했는데요,


윗 그림과 같이, 라우터 (CCR1009)에 스위치 2대 (CRS326-1, CRS326-2)를 연결하는 경우의 VLAN 인터페이스 설정하는 방법은 잘 모르겠습니다.


라우터와 스위치 CCR326-1간은 ether2~ether1 연결이구요

라우터와 스위치 CCR326-2간에는 sfp+1~sfp+1 연결입니다.


어쩌다보니 네트웍 전문지식 없이 업무를 맡게돼서 많이 헤메고 있습니다.

어떻게 해결할 수 있는지 도움 부탁드립니다.


고맙습니다.

¹Ú°Ç 2022-07
1´ë°£ ¿¬°á¿¡ ¼º°øÇϼ̴ٸé, 1´ë¸¦ ¸¸µé¶§ÀÇ CCR1009ÀÇ Æ®··Å©Æ÷Æ®(ether1)¸¦ ¸¸µå´Â ¿ä·ÉÀ¸·Î sfp+1¿¡µµ °°Àº ÀÛ¾÷À» ÇØÁÖ½Ã¸é µÇ°ÚÁö¿ä.
¶°ºí·ù 2022-07
Á¶¾ð °¨»çµå¸³´Ï´Ù.

¸»¾¸ÁֽŴë·Î, ½ºÀ§Ä¡ 1´ë (CRS326-1) ÀÖÀ»°æ¿ìÀÇ VLAN ÀÎÅÍÆäÀ̽º ¼³Á¤Çϴ¹æ¹ýÀ¸·Î, ½ºÀ§Ä¡ CRS326-2ÀÇ VLANÀÎÅÍÆäÀ̽º ¼³Á¤À» ½ÃµµÇß½À´Ï´Ù¸¸,,, Áö½ÄÀÌ Âª¾Æ¼­ ¿©±â¼­ ¸·Çû½À´Ï´Ù. ¤Ð¤Ð

Á¦°¡ ¸·Èù ºÎºÐÀ» ±¸Ã¼ÀûÀ¸·Î ¸»¾¸µå¸®¸é;

Winbox¸¦ ÀÌ¿ëÇß½À´Ï´Ù

½ºÀ§Ä¡ 1´ë (CRS326-1) ¿¬°áÇÏ´Â °æ¿ìÀÇ VLANÀÎÅÍÆäÀÕ ¼³Á¤

¶ó¿ìÅÍ CCR1009 OS¿¡¼­
¸Þ´º¿¡¼­ interface > Interface ListâÀÌ ¿­¸² > VLANÅÇ ¿¡¼­
+¹öÆ° > New InterfaceâÀÌ ¿­¸²
  Name : vlan-10 ÀÔ·Â
  VLAN ID : 10 ÀÔ·Â
  Interface: ether2 ¼±Åà (Æ®··Å©Æ÷Æ®)
  Apply, OK ¹öÆ° ´©¸§

+¹öÆ° > New InterfaceâÀÌ ¿­¸²
  Name : vlan-20 ÀÔ·Â
  VLAN ID : 20 ÀÔ·Â
  Interface: ether2 ¼±Åà (Æ®··Å©Æ÷Æ®)
  Apply, OK ¹öÆ° ´©¸§

+¹öÆ° > New InterfaceâÀÌ ¿­¸²
  Name : vlan-99 ÀÔ·Â
  VLAN ID : 99 ÀÔ·Â
  Interface: ether2 ¼±Åà (Æ®··Å©Æ÷Æ®)
  Apply, OK¹öÆ° ´©¸§

½ºÀ§Ä¡ 1´ë (CRS326-2)¸¦ Ãß°¡ ¿¬°áÇÏ´Â °æ¿ìÀÇ VLAN ÀÎÅÍÆäÀÕ ¼³Á¤

¶ó¿ìÅÍCCR1009 OS¿¡¼­
¸Þ´º¿¡¼­ interface > Interface ListâÀÌ ¿­¸² > VLANÅÇ ¿¡¼­
+¹öÆ° > New InterfaceâÀÌ ¿­¸²
  Name : vlan-10 ÀÔ·Â
  VLAN ID : 10 ÀÔ·Â
  Interface: sfp+1 ¼±Åà (Æ®··Å©Æ÷Æ®)
  Apply, OK¹öÆ° ´©¸§

¿©±â¼­ Name: Vlan-10 ÀÌ Áߺ¹µÅ¼­ »ç¿ëÇÒ ¼ö ¾ø´Ù´Â ¿¡·¯°¡ ¹ß»ýÇÕ´Ï´Ù.

±×·¡¼­ À̸§À» ´Ù¸£°Ô º¯°æ Çß´õ´Ï (´Ù¸¥°ÍÀº µ¿ÀÏ) ÁøÇàÀº µË´Ï´Ù.
  Name : vlan-10-1ÀÔ·Â
  VLAN ID : 10 ÀÔ·Â
  Interface: sfp+1 ¼±Åà (Æ®··Å©Æ÷Æ®)
  Apply, OK¹öÆ° ´©¸§

NameÀº ´Ù¸£°í, VLAN ID´Â µ¿ÀÏÇѵ¥, ÀÌ°Ô ¸Â´Â°ÍÀÎÁö Àß ¸ð¸£°Ú½À´Ï´Ù.

¸ñÀûÀº °Ç¹° À§Ä¡¿Í »ó°ü¾øÀÌ °°Àº ºÎ¼­ (VlanÀ̸§ÀÌ °°Àº)³¢¸® Åë½ÅÇÏÀڴ°ÍÀÔ´Ï´Ù.

¾î¶»°Ô ÇØ¾ß ÇÏ´ÂÁö µµ¿ò ºÎŹ µå¸³´Ï´Ù.

°í¸¿½À´Ï´Ù.
¹Ú¹®Çü 2022-07
http://www.mikrotik.co.kr/tn/wp-content/uploads/2020/12/%EB%AF%B8%ED%81%AC%EB%A1%9C%ED%8B%B1_%EC%9E%85%EB%AC%B8%EC%9E%90%EB%A9%94%EB%89%B4%EC%96%BC.pdf

ÀÌ°Í º¸½Ã°í ¼³Á¤°ªÀ» ÅýºÆ®·Î ¹Þ¾Æ¼­ ¿Ã·ÁÁֽøé È®ÀÎÀÌ ÈξÀ ¼ö¿ùÇÒ °ÍÀÔ´Ï´Ù..
¹Ú°Ç 2022-07
¹ÌÅ©·Îƽ¿¡¼­ VLAN ÀÎÅÍÆäÀ̽º´Â L3Åë½Å À§Çؼ­ ¸¸µé¾î ÁÖ´Â °ÍÀÌ°í(vlan10¿¡ ´ëÇÑ ÀÎÅÍÆäÀ̽ºµµ Çϳª¸¸ ÀÖÀ¸¸é µË´Ï´Ù.), VLANÀÚü´Â bridge¿¡¼­ ¸¸µé¾î¾ß ÇÕ´Ï´Ù.

https://wiki.mikrotik.com/wiki/Manual:Basic_VLAN_switching
https://help.mikrotik.com/docs/display/ROS/VLAN#VLAN-Layer3VLANexamples
     
¶°ºí·ù 2022-07
³×. Á¶¾ð °¨»çÇÕ´Ï´Ù.

±×·¯¸é,
½ºÀ§Ä¡ CRS326-2 ¸¦ ¶ó¿ìÅÍ¿¡¼­ ¶¼¾î ³»¼­ ½ºÀ§Ä¡CRS326-1¿¡ ¿¬°áÇÏ°í,
½ºÀ§Ä¡ CRS326-1 À» ÅëÇØ ¶ó¿ìÅÍ¿¡ Á¢¼ÓµÇ°Ô Ç϶ó´Â ¸»¾¸À¸·Î ÀÌÇØÇÏ¸é µÇ°Ú´ÂÁö?
          
¹Ú°Ç 2022-07
¶ó¿ìÅÍ¿¡ Æ®··Å©Æ÷Æ®¸¦ µÎ °³ ¸¸µé¾î¼­ °¢°¢ ¿¬°áÇÏ¸é µË´Ï´Ù.
               
¶°ºí·ù 2022-07
³×. °¨»çÇÕ´Ï´Ù.

ÁֽŠÁ¶¾ðÀ» ´ÙÀ½°ú °°Àº ¹æ¹ýÀ¸·Î ÀÌÇØ Çß½À´Ï´Ù¸¸, ¸ÂÀº ¹æ¹ýÀÎÁö È®ÀÎ ºÎŹµå¸³´Ï´Ù.

1. ¶ó¿ìÅÍ¿¡¼­ ºê¸´Áö »ý¼º (À̸§: bridge_trunk)
2. bridge_trunk¿¡ Æ÷Æ® Ãß°¡: ether2 (CRS326-1¿ë), sfp+ (CRS326-2¿ë)
3. Vlan interface ¼³Á¤ â¿¡¼­,
    name: vlan-10
    VLANID: 10
    interface: bridge_trunk

¸Â´Â ¹æ¹ýÀϱî¿ä?
                    
¹Ú°Ç 2022-07
ºê¸®Áö¿¡¼­ vlanÀ» ÁöÁ¤ÇÏ´Â °úÁ¤ÀÌ ºüÁ³½À´Ï´Ù.
¸¶Áö¸·¿¡´Â VLAN20¿¡ ´ëÇÑ ÀÎÅÍÆäÀ̽ºµµ ¸¸µé¾îÁÖ¼¼¿ä.
¹Ú°Ç 2022-07
°£´ÜÇÑ ¿¹Á¦¸¦ ¸¸µé¾î ºÃÀ¸´Ï Âü°íÇϼ¼¿ä.

#Router¿¡ ´ëÇÑ VLAN, inter-VLAN ¶ó¿ìÆà ¿¹Á¦
#ether1¿¡ ÀÎÅÍ³Ý ¿¬°á(dhcp-client)
#ether2´Â VLAN10¿¡ ´ëÇØ untagµÈ access port
#ether3Àº VLAN20¿¡ ´ëÇØ untagµÈ access port
#VLAN99´Â management¿ë, ½ÇÁ¦ Æ÷Æ®´Â »ç¿ëÇÏÁö ¾ÊÀ½
#ether4,ether5´Â VLAN10, 20, 99¿¡ ´ëÇÑ trunk port
#bridge1»ó¿¡ VLAN¼³Á¤, VLAN10, VLAN20, VLAN99¿¡ ´ëÇÑ ÀÎÅÍÆäÀ̽º ÀÛ¼º
#VLAN10 ÀÎÅÍÆäÀ̽ºÀÇ IP : 192.168.10.1/24
#VLAN20 ÀÎÅÍÆäÀ̽ºÀÇ IP : 192.168.20.1/24
#VLAN99 ÀÎÅÍÆäÀ̽ºÀÇ IP : 192.168.99.1/24
#192.168.10.0/24, 192.168.20.0/24, 192.168.99.0/24 À» intenalÀ̶ó´Â ±×·ìÀ¸·Î ¹­¾î¼­ NATÀÇ masquerade¿¡ È°¿ë

#ºê¸®ÁöÀÛ¼º, ¼¼ÆÃÁß¿¡´Â VLAN ÇÊÅ͸µ ÇÏÁö ¾Ê´Â °ÍÀ» ±ÇÀå
/interface bridge
add ingress-filtering=no name=bridge1 vlan-filtering=no
#ºê¸®Áö¿¡ ether2~5 Æ÷Æ®¸¦ Ãß°¡, access port·Î »ç¿ëÇÒ Æ÷Æ®´Â pvid¿¡ untagÇÒ VID¸¦ ¸í±â
/interface bridge port
add bridge=bridge1 interface=ether2 pvid=10
add bridge=bridge1 interface=ether3 pvid=20
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
#ºê¸®Áö VLANÅ×À̺í ÀÛ¼º
#VLAN10¿¡ ´ëÇؼ­´Â ether2¿¡¼­¸¸ untag, ether3~5, bridge1¿¡ ´ëÇؼ­´Â tag
#VLAN20¿¡ ´ëÇؼ­´Â ether3¿¡¼­¸¸ untag, ether2,ether4~5, bridge1¿¡ ´ëÇؼ­´Â tag
#VLAN99¿¡ ´ëÇؼ­´Â ether2~5, bridge1¿¡ ´ëÇؼ­ tag
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether2,ether4,ether5 untagged=ether3 vlan-ids=20
add bridge=bridge1 tagged=bridge1,ether3,ether4,ether5 untagged=ether2 vlan-ids=10
add bridge=bridge1 tagged=bridge1,ether2,ether3,ether4,ether5 vlan-ids=99
#°¢ VLAN ÀÎÅÍÆäÀ̽º ÀÛ¼º
/interface vlan
add interface=bridge1 name=vlan10 vlan-id=10
add interface=bridge1 name=vlan20 vlan-id=20
add interface=bridge1 name=vlan99 vlan-id=99
#°¢ VLAN ÀÎÅÍÆäÀ̽º¿¡ ÁÖ¼Ò ºÎ¿©
/ip address
add address=192.168.10.1/24 interface=vlan10 network=192.168.10.0
add address=192.168.20.1/24 interface=vlan20 network=192.168.20.0
add address=192.168.99.1/24 interface=vlan99 network=192.168.99.0
#°¢ VLAN ÀÎÅÍÆäÀ̽º¸¦ ¹Ù¶óº¸´Â DHCP ¼­¹ö ÀÛ¼º, 99´Â ÀÛ¼ºÇÏÁö ¾ÊÀ½
/ip pool
add name=dhcp_pool0 ranges=192.168.10.2-192.168.10.254
add name=dhcp_pool1 ranges=192.168.20.2-192.168.20.254
/ip dhcp-server
add address-pool=dhcp_pool0 interface=vlan10 name=dhcp1
add address-pool=dhcp_pool1 interface=vlan20 name=dhcp2
/ip dhcp-server network
add address=192.168.10.0/24 dns-server=8.8.8.8 gateway=192.168.10.1
add address=192.168.20.0/24 dns-server=8.8.8.8 gateway=192.168.20.1
#192.168.10.0/24, 192.168.20.0/24À» intenalÀ̶ó´Â ±×·ìÀ¸·Î ¹­±â
/ip firewall address-list
add address=192.168.10.0/24 list=internal
add address=192.168.20.0/24 list=internal
add address=192.168.99.0/24 list=internal
#srcÁÖ¼Ò¸®½ºÆ®°¡ internalÀÌ°í, ¿ÜºÎ·Î ³ª°¡´Â Æ®·¡ÇÈ¿¡ ´ëÇÏ¿© NATó¸®
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1 src-address-list=internal
#¿ÜºÎÁÖ¼Ò´Â DHCP Ŭ¶óÀ̾ðÆ® ¼³Á¤
/ip dhcp-client
add interface=ether1
#ºê¸®Áö VLAN ÇÊÅ͸µ È°¼ºÈ­
/interface bridge
set bridge1 vlan-filtering=yes


#½ºÀ§Ä¡¼³Á¤

#Router¿¡ ´ëÇÑ VLAN, inter-VLAN ¶ó¿ìÆà ¿¹Á¦
#ether1Àº VLAN10, 20, 99¿¡ ´ëÇÑ trunk port
#ether2, ether3Àº VLAN10¿¡ ´ëÇØ untagµÈ access port
#ether4, ether5Àº VLAN20¿¡ ´ëÇØ untagµÈ access port
#VLAN99´Â management¿ë, ½ÇÁ¦ Æ÷Æ®´Â »ç¿ëÇÏÁö ¾ÊÀ½
#bridge1»ó¿¡ VLAN¼³Á¤, VLAN10, VLAN20, VLAN99¿¡ ´ëÇÑ ÀÎÅÍÆäÀ̽º ÀÛ¼º
#VLAN99 ÀÎÅÍÆäÀ̽ºÀÇ IP : 192.168.99.2/24

#ºê¸®ÁöÀÛ¼º, ¼¼ÆÃÁß¿¡´Â VLAN ÇÊÅ͸µ ÇÏÁö ¾Ê´Â °ÍÀ» ±ÇÀå
/interface bridge
add ingress-filtering=no name=bridge1 vlan-filtering=no
#ºê¸®Áö¿¡ ether1~5 Æ÷Æ®¸¦ Ãß°¡, access port·Î »ç¿ëÇÒ Æ÷Æ®´Â pvid¿¡ untagÇÒ VID¸¦ ¸í±â
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2 pvid=10
add bridge=bridge1 interface=ether3 pvid=10
add bridge=bridge1 interface=ether4 pvid=20
add bridge=bridge1 interface=ether5 pvid=20
#ºê¸®Áö VLANÅ×À̺í ÀÛ¼º
#VLAN10¿¡ ´ëÇؼ­´Â ether2,3¿¡¼­¸¸ untag, ether1, ether4~5, bridge1¿¡ ´ëÇؼ­´Â tag
#VLAN20¿¡ ´ëÇؼ­´Â ether4,5¿¡¼­¸¸ untag, ether1~3, bridge1¿¡ ´ëÇؼ­´Â tag
#VLAN99¿¡ ´ëÇؼ­´Â ether1~5, bridge1¿¡ ´ëÇؼ­ tag
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1,ether4,ether5 untagged=ether2,ether3 vlan-ids=10
add bridge=bridge1 tagged=bridge1,ether1,ether2,ether3 untagged=ether4,ether5 vlan-ids=20
add bridge=bridge1 tagged=bridge1,ether1,ether2,ether3,ether4,ether5 vlan-ids=99
#VLAN99 ÀÎÅÍÆäÀ̽º ÀÛ¼º
/interface vlan
add interface=bridge1 name=vlan99 vlan-id=99
#VLAN99 ÀÎÅÍÆäÀ̽º¿¡ ÁÖ¼Ò ºÎ¿©
/ip address
add address=192.168.99.2/24 interface=vlan99 network=192.168.99.0
#°ÔÀÌÆ®¿þÀÌ ÀÔ·Â
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.99.1
#DNS¼­¹ö ÀÔ·Â
/ip dns
set servers=8.8.8.8
#ºê¸®Áö VLAN ÇÊÅ͸µ È°¼ºÈ­
/interface bridge
set bridge1 vlan-filtering=yes
     
¶°ºí·ù 2022-07
ÀÌ·¸°Ô ÀÚ¼¼È÷ µµ¿òÀ» ÁֽôٴÏ
¿Í~ °¨µ¿ÀÔ´Ï´Ù!

¸¹Àº µµ¿òÀÌ µÉ °Í °°½À´Ï´Ù
´õºÒ¾î ¸¹Àº °Í ¹è¿ó´Ï´Ù.

°¨»çÇÕ´Ï´Ù.


óÀ½À¸·Î (237,862)
Á¦¸ñ
. (1)
2CPU : ÆǸŠ08-30   222   ÁعÙÀÌ
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 08-30   345   ±è¿µ±â´ëÀü
, (1)
2CPU : ÆǸŠ08-30   263   ÁعÙÀÌ
, (1)
2CPU : ÆǸŠ08-30   160   ÁعÙÀÌ
2CPU : ÆǸŠ08-30   128   ´ÙÅ©Àå¹Ì
2CPU : QnA 08-30   1487   Âî·Ï
2CPU : UnBoxing 08-30   4152   ocarina
2CPU : ±¸¸Å 08-30   195   Andrew
2CPU : ÆǸŠ08-30   167   ¿ùµå¯
2CPU : ÆǸŠ08-30   157   HSIJ
2CPU : ÆǸŠ08-30   157   crow
¿Ï·á (1)
2CPU : ÆǸŠ08-30   151   36¼ö»ö
2CPU : ÆǸŠ08-30   153   ±Þ¿©ÀÏ¿¡¸¸¡¦
2CPU : ÀÚÀ¯°Ô½ÃÆÇ 08-30   516   Noobmaster69
¿Ï·á (1)
2CPU : ÆǸŠ08-30   165   ºÒŸ´Â±èC