RB450是MikroTik公司出品的基于RouterOS的三层路由器,提供了丰富的功能:动态路由协议(OSPF、BGP)、802.1q、QoS(单IP限速)、netflow exporter、NTP、OpenVPN、PPPoE、radius等。今天我主要用它来创建36个vlan,每个vlan都分配一个网关IP,接着通过一个以太口与一台二层交换机的vlan trunk相连,实现了这36个vlan的互访。

以下是相关配置:

/interface vlan
add arp=enabled comment="" disabled=no interface=ether1 l2mtu=1522 mtu=1500 \
    name=vlan5 use-service-tag=no vlan-id=5
add arp=enabled comment="" disabled=no interface=ether1 l2mtu=1522 mtu=1500 \
    name=vlan2 use-service-tag=no vlan-id=2
add arp=enabled comment="" disabled=no interface=ether1 l2mtu=1522 mtu=1500 \
    name=vlan41 use-service-tag=no vlan-id=41
...
/ip address
add address=172.16.60.254/24 broadcast=172.16.60.255 comment="" disabled=no \
    interface=vlan41 network=172.16.60.0
add address=192.168.100.254/24 broadcast=192.168.100.255 comment="" disabled=\
    no interface=vlan100 network=192.168.100.0
add address=172.16.59.254/24 broadcast=172.16.59.255 comment="" disabled=no \
    interface=vlan2 network=172.16.59.0
add address=172.16.58.254/24 broadcast=172.16.58.255 comment="" disabled=no \
    interface=vlan5 network=172.16.58.0
…

这就实现了vlan trunk的功能,非常简单,但是RouterOS毕竟是linux,所以它与实际的交换机还是有一些区别的,譬如不能在一个vlan trunk中支持untag的vlan,亦即native vlan,不知道换了交换芯片atheros8316的RB450G功能会不会更强大一些,详见官方wiki