Community discussions

MikroTik App
 
thefriendlyguy
just joined
Topic Author
Posts: 12
Joined: Fri Jul 01, 2016 10:50 am

CCR2004 RouterOS 6.49.6 - VLAN Interface not reachable in 2nd VRF

Sun Oct 16, 2022 7:00 pm

Hi Gents!
I am having issues with my network config. I am new to the Concept of VRFs so, please bare with me ;)
I use VRFs to split my EDGE Router into two virtual routers as i don't want it to route between specific VLANs / Networks.
One VRF(main) is for Internet / DMZ Routing one i called "vrf_internal" for InterVLAN routing. There is a "Security Gateway" that connects to each and its the default gateway in "vrf_internal".
I don't think its of particular relevance for my question so ill skip over that.

I have a LACP-Trunk on the CCR where several VLAN Interfaces are "attached" to. I can reach them directly (no hops) just fine UNTIL i assign them to the new VRF.
So, example:
Client1 is on VLAN1 in Subnet 192.168.1.0 its default gateway is 192.168.1.254.
CCR has a VLAN Interface (on the LACP-Trunk) in VLAN1 with the IP-Address 192.168.1.254.
Client1 can ping the default gateway just fine.
But as soon as i add the VLAN1 Interface to the 2nd VRF its no longer pingable.
Saldy i have to admit: I don't understand why.
Can somebody help me understand that?

Kind regards
 
thefriendlyguy
just joined
Topic Author
Posts: 12
Joined: Fri Jul 01, 2016 10:50 am

Re: CCR2004 RouterOS 6.49.6 - VLAN Interface not reachable in 2nd VRF

Mon Oct 17, 2022 12:43 pm

Morning Gents!
I figured out that RouterOS didn't lookup in the right VRF.
I falsely assumed that it would lookup in the VRF where an Interface is attached to, but thats not the case.
I had tro create Rules for that, like:
/ip route rule
add src-address=192.168.1.0/24 table=vrf_Internal
Kind regards

Who is online

Users browsing this forum: No registered users and 27 guests