Mikrotik

How to Forward VLAN from one Mikrotik RB951 interface to another?

There is a Mikrotik RB951G-2HnD. On the ether5 of the block, two VLAN networks come from the block that provides access to the Internet. On the same block, a DHCP server, filtering and limiting the access rate for users, etc. are implemented. Network #1 has ID=10 and is called VLAN10, network #2 has ID=20 and is called VLAN20. The remaining ether1-ether4 outputs each have 2 VLANs combined into 2 bridges over the corresponding VLANs. Those. VLAN10 of the ether1 exit, together with the rest of the VLAN10 of other ether2-ether4 exits, is combined into a Br_VLAN10 bridge, and VLAN20 of the ether1 exit with other VLAN 20 is combined into a Br_VLAN20 bridge. Now what is the actual problem. The RB951 block on the Br_VLAN20 bridge forms a Hotspot network with its own DHCP, DNS is working fine, everything is configured. But the Br_VLAN10 bridge must receive IP addresses and all information through the ether5 output VLAN10 from the Internet control access block. In other words, the Br_VLAN10 bridge computer packets must pass through RB951 to VLAN10 of the ether5 exit without being processed in any way. And in the same way, packets from VLAN10 of the ether5 exit should also go to the computers of the Br_VLAN10 bridge without processing. This is especially true for broadcast DHCP requests, which should be processed only by the Internet access block. And this is where I got stuck. I tried stupidly to unite all VLAN10 into one bridge - it doesn't work, computers don't receive IP from the server. Tried to do Fasttrack - similarly. When building dstnat and scrnat chains, the block swears that it cannot build a chain, because you see, ether5 cannot participate in prerouting and forward chains. Is there an easy way to solve my problem? Br_VLAN10 bridge computer packets must pass through RB951 to VLAN10 of ether5 exit without being processed in any way. And in the same way, packets from VLAN10 of the ether5 exit should also go to the computers of the Br_VLAN10 bridge without processing. This is especially true for broadcast DHCP requests, which should be processed only by the Internet access block. And this is where I got stuck. I tried stupidly to unite all VLAN10 into one bridge - it doesn't work, computers don't receive IP from the server. Tried to do Fasttrack - similarly. When building dstnat and scrnat chains, the block swears that it cannot build a chain, because you see, ether5 cannot participate in prerouting and forward chains. Is there an easy way to solve my problem? Br_VLAN10 bridge computer packets must pass through RB951 to VLAN10 of ether5 exit without being processed in any way. And in the same way, packets from VLAN10 of the ether5 exit should also go to the computers of the Br_VLAN10 bridge without processing. This is especially true for broadcast DHCP requests, which should be processed only by the Internet access block. And this is where I got stuck. I tried stupidly to unite all VLAN10 into one bridge - it doesn't work, computers don't receive IP from the server. Tried to do Fasttrack - similarly. When building dstnat and scrnat chains, the block swears that it cannot build a chain, because you see, ether5 cannot participate in prerouting and forward chains. Is there an easy way to solve my problem? And in the same way, packets from VLAN10 of the ether5 exit should also go to the computers of the Br_VLAN10 bridge without processing. This is especially true for broadcast DHCP requests, which should be processed only by the Internet access block. And this is where I got stuck. I tried stupidly to unite all VLAN10 into one bridge - it doesn't work, computers don't receive IP from the server. Tried to do Fasttrack - similarly. When building dstnat and scrnat chains, the block swears that it cannot build a chain, because you see, ether5 cannot participate in prerouting and forward chains. Is there an easy way to solve my problem? And in the same way, packets from VLAN10 of the ether5 exit should also go to the computers of the Br_VLAN10 bridge without processing. This is especially true for broadcast DHCP requests, which should be processed only by the Internet access block. And this is where I got stuck. I tried stupidly to unite all VLAN10 into one bridge - it doesn't work, computers don't receive IP from the server. Tried to do Fasttrack - similarly. When building dstnat and scrnat chains, the block swears that it cannot build a chain, because you see, ether5 cannot participate in prerouting and forward chains. Is there an easy way to solve my problem? I tried stupidly to unite all VLAN10 into one bridge - it doesn't work, computers don't receive IP from the server. Tried to do Fasttrack - similarly. When building dstnat and scrnat chains, the block swears that it cannot build a chain, because you see, ether5 cannot participate in prerouting and forward chains. Is there an easy way to solve my problem? I tried stupidly to unite all VLAN10 into one bridge - it doesn't work, computers don't receive IP from the server. Tried to do Fasttrack - similarly. When building dstnat and scrnat chains, the block swears that it cannot build a chain, because you see, ether5 cannot participate in prerouting and forward chains. Is there an easy way to solve my problem?