Community discussions

MikroTik App
 
doman
just joined
Topic Author
Posts: 16
Joined: Mon Apr 06, 2020 8:19 pm
Location: Wisconsin

VPNv4 Routing Issues

Fri Mar 25, 2022 12:27 am

My current core network is Cisco based running MP-BGP. We have used MT routers in the past (V6.x) with limited success due to limitations around certain services not being VRF aware, but otherwise worked as expected. Now that V7 is here some of those service are now VRF aware and we are wanting to use MT routers in some locations within the network. I have a RB3011 setup as a test rig. OSPF routing is working as with all the routes I expect, LDP session is active and receiving labels and BGP is active and receiving routes for the VRFs. The issue I am running into now is I cannot pass any traffic through the VRF from one PE to another. I have a Loopback address and vlan on the same VRF with a PC and can pass traffic between them but no traffic will traverse to another PC (Same VRF) on a different PE. I can pass traffic on the global routing table from other PE's to the MT and viscera.

Anyone have ideas? Config is attached
Here
. Note: I am using a bridge interface simply due to only having the option of a single uplink to the core. The VRF in question is bw-mgmt
You do not have the required permissions to view the files attached to this post.
 
doman
just joined
Topic Author
Posts: 16
Joined: Mon Apr 06, 2020 8:19 pm
Location: Wisconsin

Re: VPNv4 Routing Issues

Sun Apr 17, 2022 10:28 pm

Anyone have thoughts on this?
 
User avatar
clambert
Frequent Visitor
Frequent Visitor
Posts: 62
Joined: Wed Jun 12, 2019 5:04 am

Re: VPNv4 Routing Issues

Mon Apr 18, 2022 4:40 am

I have not even succeeded in propagating routes within vpnv4 on ROSv7.
 
doman
just joined
Topic Author
Posts: 16
Joined: Mon Apr 06, 2020 8:19 pm
Location: Wisconsin

Re: VPNv4 Routing Issues

Mon Apr 18, 2022 4:29 pm

I can see all the routes including the default routes. They show up for the correct routing table, with MPLS Labels. One thing that seems wrong to me is they show up as belonging to "Copy" - DAy in the route list.
 
doman
just joined
Topic Author
Posts: 16
Joined: Mon Apr 06, 2020 8:19 pm
Location: Wisconsin

Re: VPNv4 Routing Issues

Tue Apr 19, 2022 3:28 am

Well I kind of feel like dumb! I found an issue in the Mikrotik config. I found that I needed under the MPLS interface the "Input" selection set to "Yes" - This has now fixed a portion of the issues I was having. I can now Reach the VRF loopback interface and vlan interface of the MT through other PE's and from the MT I can reach the internet. However, my test PC that on the previously mentioned VLAN interface cannot pass traffic outside of the MT. I can still reach the VRF loopback within the unit.
 
doman
just joined
Topic Author
Posts: 16
Joined: Mon Apr 06, 2020 8:19 pm
Location: Wisconsin

Re: VPNv4 Routing Issues

Tue Apr 19, 2022 3:52 am

Alright another update. I was curious so I ran Wireshark on that test PC. Pings from my VPN headend are making it to the PC, but the Reply's are not. So the next thing I did was pull up Torch for that VLAN interface and as soon as I did that the Pings started working. As another test I rebooted the MT and once back up the same issue happened until I opened Torch on the Vlan interface. Now here is another weird thing - Once I stop torch the traffic stops also. Now I am assuming this is a bug in ROSv7 - How would I go about reporting this? Running Version 7.2.1 (ARM)
 
User avatar
clambert
Frequent Visitor
Frequent Visitor
Posts: 62
Joined: Wed Jun 12, 2019 5:04 am

Re: VPNv4 Routing Issues

Tue Apr 19, 2022 4:04 am

You should send an email to support@mikrotik.com detailing the behavior you have observed.
 
User avatar
clambert
Frequent Visitor
Frequent Visitor
Posts: 62
Joined: Wed Jun 12, 2019 5:04 am

Re: VPNv4 Routing Issues

Wed Apr 20, 2022 8:58 pm

@doman, did you contact support about the inconvenience you are having? I was able to reproduce exactly the problem you are describing.
 
doman
just joined
Topic Author
Posts: 16
Joined: Mon Apr 06, 2020 8:19 pm
Location: Wisconsin

Re: VPNv4 Routing Issues

Wed Apr 20, 2022 9:10 pm

Yes, I sent an email off yesterday. I have not yet received a reply aside from the automated response.
 
User avatar
clambert
Frequent Visitor
Frequent Visitor
Posts: 62
Joined: Wed Jun 12, 2019 5:04 am

Re: VPNv4 Routing Issues

Tue Apr 26, 2022 8:28 pm

@doman, I contacted support and they assisted me with the solution. In ROS v7 fastpath is not automatically disabled in the presence of configuration associated with VRF. This is why it works while torch is running.
 
doman
just joined
Topic Author
Posts: 16
Joined: Mon Apr 06, 2020 8:19 pm
Location: Wisconsin

Re: VPNv4 Routing Issues

Tue Apr 26, 2022 9:10 pm

@clambert - Thanks for the update. I did disable fastpath and that solved the issue. I don't know all the quirks to MT devices, but I hope this doesn't have a big impact on performance.

Who is online

Users browsing this forum: Largelos and 3 guests