I'm having a little trouble wrapping my head around how to assign VLAN IDs when using inband management. What is the best approach?
Does every radio in our network need a unique mgmt VLAN ID? Or if we have 2 PTP links connected to a Mikrotik router at a tower, could they use VLANs 1 and 2, and then the next tower could also use 1 and 2? If the MGMT VLAN is connected to ETH1 and also the RF pipe, that would extend it to the next tower, right? So now would the next tower have to be something like 3 and 4? And given the possibility of adding more PTP links in the future between towers, wouldn't this prevent reuse of VLAN IDs anywhere in your network?
Or is it OK to just let the mgmt VLAN span several towers, as long as each radio has a unique IP address?
What is best practice for this?
Note that I'm also scared of losing track of what the mgmt VLAN is on some radio and not being able to get into it, if we're not cabling the MGMT port down the tower.
Is there any reason why you can't keep it simple?
(I might be missing something...)
Why not use one VLAN ID for network managment and one for the rest of your data? (If you have different data types, say voice and video, perhaps each of those data types should get their own VLAN.)
The reason you need to use VLANs is to separate the management traffic from the data traffic. This keeps the data traffic from overwhelming the Management Ethernet Service, which can only support Fast Ethernet (100 Mbps).
Please let me know if I've missed something.
Actually my plan is for the data to be untagged, only the mgmt traffic will be tagged.
My question is how people are choosing the VLAN ID for each radio. Let's assume I have 4 towers in a line connected by 3 PTP820 links, with a router at each tower.
The way I configured the radios, I believe the mgmt VLAN is connected to both the POE port ETH1 and over the RF link. So do I use VLAN ID = 1 on both radios at every tower in my network? Doesn't this potentially end up creating a massive layer 2 network between all my towers?
Or is the normal approach to assign a unique VLAN ID for every tower or even for every radio?
I'm not sure this will be helpful but this is what I am doing for data & management:
I used VLAN 10 for in-band management on my 820s 2+0 deployment. I use VLAN 10 for management as a rule across all devices when using a management VLAN. I have a string of multiple of these radios configured the same in regards to data & management interfaces.
See the screenshot below where I am bonding untagged traffic from Ether1 and Ether2 (data) and I have VLAN 10 on Ether1 and Ether2 for independent management of each side with unique subnets. I don't know if you are familiar with or using MikroTik but the VLAN 10 on Ether1 is independent of the VLAN 10 on Ether2 because these aren't bridged, switched or bonded in my use case.
Thanks. I now have it set up that way and it is working.
Somehow I had convinced myself that I couldn't create a subinterface with VLAN tagging, and then assign an IP address to that subinterface.
Probably because in the past when I used VLANs on Mikrotik, it was more of a VLAN switch application, running multiple VLANs across the one available cable between buildings. The procedure usually involved adding the VLAN and some physical ports to a bridge, and then putting an IP address on the bridge.
But this is exactly what I wanted to do. Hybrid port, untagged data + tagged mgmt, with a VLAN subinterface. Named something like ether1:10 where the VLAN ID is 10.