Community discussions

MikroTik App
 
DerSeekin
just joined
Topic Author
Posts: 2
Joined: Thu May 05, 2022 11:54 am

BGP ignoring Local Pref and choosing wrong path

Mon Sep 19, 2022 10:01 am

Hello,

i have an setup here, where a Mikrotik Router connects to 2 different wireguard tunnels via 2 different interfaces. Then over each of these interfaces i connect via bgp with a different router. These different routers share an ibgp and they are announcing the same routes to the Mikrotik Router.

On the Mikrotik Router i set Local Preference of BGP 1 to 500 and of BGP 2 to 100. This should force Traffic to get routed via BGP 1. But no matter what i am trying, the traffic gets routed via BGP 2.

Can somebody give me a hint what i am doing wrong? The same setup on other Routers (Cisco etc.) works perfectly as intended.

Here is my config:
/interface bridge
add name=bridge1

/interface wireguard
add listen-port=13231 mtu=1420 name=wireguard1
add listen-port=13232 mtu=1420 name=wireguard2

/interface bridge port
add bridge=bridge1 ingress-filtering=no interface=ether2
add bridge=bridge1 ingress-filtering=no interface=ether3
add bridge=bridge1 ingress-filtering=no interface=ether4
add bridge=bridge1 ingress-filtering=no interface=ether5

/routing bgp template

set default disabled=no output.network=bgp-networks
/interface wireguard peers
add allowed-address=0.0.0.0/0 comment=rz-1 endpoint-address=vpn-1.example.com endpoint-port=51820 interface=wireguard1 persistent-keepalive=25s public-key="XXX"
add allowed-address=0.0.0.0/0 comment=rz-2 endpoint-address=vpn-2.example.com endpoint-port=51821 interface=wireguard2 persistent-keepalive=25s public-key="XXX"

/ip address
add address=10.253.87.1/24 comment=LAN-Static interface=bridge1 network=10.253.87.0
add address=10.254.10.89/24 interface=wireguard1 network=10.254.10.0
add address=10.254.20.89/24 interface=wireguard2 network=10.254.20.0

/ip firewall address-list
add address=10.253.87.0/24 list=BGP-Announce


/routing bgp connection
add address-families=ip as=65187 disabled=no input.filter=in-main local.address=10.254.10.89 .role=ebgp name=bgp-1 output.default-originate=never .filter-chain=out .network=BGP-Announce remote.address=10.254.10.1/32 .as=65499 router-id=10.254.10.89 routing-table=main
add address-families=ip as=65187 disabled=no input.filter=in-back local.address=10.254.20.89 .role=ebgp name=bgp-2 output.default-originate=never .filter-chain=out .network=BGP-Announce remote.address=10.254.20.1/32 .as=65499 router-id=10.254.20.89 routing-table=main

/routing filter rule
add chain=in-back disabled=no rule="if ( afi ipv4 ) { set bgp-local-pref 100; accept }"
add chain=out disabled=no rule="if ( afi ipv4 && dst ==10.253.87.0/24 ) { accept }"
add chain=in-main disabled=no rule="if ( afi ipv4 ) { set bgp-local-pref 500; accept }"
And here is my routing table:
Flags: D - dynamic; X - disabled, I - inactive, A - active; c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - modem, y - copy; H - hw-offloaded; + - ecmp
DAd dst-address=0.0.0.0/0 routing-table=main pref-src="" gateway=100.64.0.1 immediate-gw=100.64.0.1%ether1 distance=1 scope=30 target-scope=10 vrf-interface=ether1 suppress-hw-offload=no
DAc dst-address=10.253.87.0/24 routing-table=main gateway=bridge1 immediate-gw=bridge1 distance=0 scope=10 suppress-hw-offload=no local-address=10.253.87.1%bridge1
DAc dst-address=10.254.10.0/24 routing-table=main gateway=wireguard1 immediate-gw=wireguard1 distance=0 scope=10 suppress-hw-offload=no local-address=10.254.10.89%wireguard1
DAc dst-address=10.254.20.0/24 routing-table=main gateway=wireguard2 immediate-gw=wireguard2 distance=0 scope=10 suppress-hw-offload=no local-address=10.254.20.89%wireguard2
DAc dst-address=100.64.0.0/10 routing-table=main gateway=ether1 immediate-gw=ether1 distance=0 scope=10 suppress-hw-offload=no local-address=100.109.74.232%ether1
DAb + dst-address=172.17.1.36/32 routing-table=main gateway=10.254.20.1 immediate-gw=10.254.20.1%wireguard2 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.36/32 routing-table=main gateway=10.254.10.1 immediate-gw=10.254.10.1%wireguard1 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.39/32 routing-table=main gateway=10.254.20.1 immediate-gw=10.254.20.1%wireguard2 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.39/32 routing-table=main gateway=10.254.10.1 immediate-gw=10.254.10.1%wireguard1 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.46/32 routing-table=main gateway=10.254.20.1 immediate-gw=10.254.20.1%wireguard2 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.46/32 routing-table=main gateway=10.254.10.1 immediate-gw=10.254.10.1%wireguard1 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.57/32 routing-table=main gateway=10.254.20.1 immediate-gw=10.254.20.1%wireguard2 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.57/32 routing-table=main gateway=10.254.10.1 immediate-gw=10.254.10.1%wireguard1 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.60/32 routing-table=main gateway=10.254.20.1 immediate-gw=10.254.20.1%wireguard2 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.60/32 routing-table=main gateway=10.254.10.1 immediate-gw=10.254.10.1%wireguard1 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.124/32 routing-table=main gateway=10.254.20.1 immediate-gw=10.254.20.1%wireguard2 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.124/32 routing-table=main gateway=10.254.10.1 immediate-gw=10.254.10.1%wireguard1 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.133/32 routing-table=main gateway=10.254.20.1 immediate-gw=10.254.20.1%wireguard2 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
DAb + dst-address=172.17.1.133/32 routing-table=main gateway=10.254.10.1 immediate-gw=10.254.10.1%wireguard1 distance=20 scope=40 target-scope=10 suppress-hw-offload=no
The Routes from the 10.254.10.1 show BGP Local Pref 500 and from 20.1 show 100. But this does not seem to have any effect.

Help is really appreciated!

Best Regards
 
connected2122
just joined
Posts: 4
Joined: Fri Oct 21, 2022 10:54 pm

Re: BGP ignoring Local Pref and choosing wrong path

Sat Oct 22, 2022 12:23 am

I am facing the exact same issue. Only my route with local pref 80 is being preferred over route with local pref 120.

I have created another post earlier, I'll let you know if I get a fix.

Who is online

Users browsing this forum: No registered users and 6 guests