Recently I started converting my MikroTik routers to use VLAN's instead of each switch being on a single subnet. Below are some things I discovered.
1. MikroTik devices are a bit more complicated to setup VLAN's on versus other vendors such as Ubiquiti. Some of this is because different models have different procedures.
2. At least on a CRS112, every VLAN must have a Trunk port. I tried several different trunkless configurations and I was unable to get the switch to route between ports on a trunkless VLAN.
3. On a Hybrid port (a port that has both tagged and untagged VLAN traffic on the same port) when you set the ingress-vlan-translation for the untagged VLAN, make sure to include customer-vid=0 when setting the new-customer-vid. If you don't include this condition then tagged traffic will get accidentally routed to the untagged VLAN. I was at first surprised by this but this makes sense the more I think about it.
