Community discussions

MikroTik App

Search found 21 matches

by AdrianT88
Wed Feb 07, 2024 11:36 pm
Forum: Forwarding Protocols
Topic: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]
Replies: 7
Views: 5377

Re: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED] [SOLVED]

Posting an update on this lab since I finally got it to work! Key Takeaways: I did not need to configure the "BGP-VRF" on the "CE", just the vrf-instance for vrf-marked traffic and the default-instance for "internet" or all non vrf-marked traffic. The "PE" rou...
by AdrianT88
Fri Dec 15, 2023 7:35 pm
Forum: Forwarding Protocols
Topic: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]
Replies: 7
Views: 5377

Re: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]

I've been working on my "PE02-CE02" setup this morning where I have two VRF peerings instead of 1 VRF and 1 DIA peering. Same result unfortunately.
by AdrianT88
Tue Dec 12, 2023 5:29 pm
Forum: Forwarding Protocols
Topic: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]
Replies: 7
Views: 5377

Re: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]

I have disabled the following route rules and now I can only ping across with the vrf mark applied. PE: [atetu@mpls-lab-pe03] > ip route rule print Flags: X - disabled, I - inactive 0 src-address=10.88.123.1/32 dst-address=10.88.123.2/32 action=lookup table=vrf-green CE: [atetu@mpls-lab-ce03] > ip r...
by AdrianT88
Mon Dec 11, 2023 8:15 pm
Forum: Forwarding Protocols
Topic: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]
Replies: 7
Views: 5377

Re: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]

I am using the default BGP instance in all peering at the moment with the BGP VRF enabled. I disabled the "VRF-Green" instance to simplify the design. I believe the separate instance is required only when there is no BGP VRF configured. Is this statement not valid? I have enabled the IP/VP...
by AdrianT88
Fri Dec 08, 2023 10:55 pm
Forum: Forwarding Protocols
Topic: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]
Replies: 7
Views: 5377

Re: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]

Hi clambert, thanks your reply. PE03: # RouterOS 6.48.6 # model = CCR2004-1G-12S+2XS # serial number = D4F10DC99677 /routing bgp instance set default as=65088 router-id=100.64.88.5 add as=65088 disabled=yes name=VRF-Green router-id=10.88.123.1 routing-table=vrf-green /routing bgp instance vrf add re...
by AdrianT88
Thu Dec 07, 2023 6:55 pm
Forum: Forwarding Protocols
Topic: ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]
Replies: 7
Views: 5377

ROS6 MPLS L3VPN Lab - Multihop Required between PE-CE [SOLVED]

Hi all, I am trying to configure a lab simulating a "3-branch" setup where two of the CE's receive a DIA/Internet [100.64.88.0/24] network with one VRF, and the third CE receives/announces just the VRF routes. I attached a diagram illustrating the physical setup. I am having trouble establ...
by AdrianT88
Fri Feb 25, 2022 5:34 pm
Forum: Forwarding Protocols
Topic: eBGP routes are not advertised to all neighbors
Replies: 0
Views: 561

eBGP routes are not advertised to all neighbors

Hi all, I have a ring network built for redundancy amongst 4 Towers. Tower1 and Tower4 have a direct PtP fiber backhaul to the core network and mmWave PtP to their neighboring towers. I am running eBGP between all the peers and there are no local preferences or weights attached to manually influence...
by AdrianT88
Mon Mar 01, 2021 8:48 pm
Forum: Forwarding Protocols
Topic: Default Route advertisement eBGP failover
Replies: 9
Views: 2220

Re: Default Route advertisement eBGP failover

IPANetEngineer, On a high level, that is the design implemented. I just changed Tower2's default originate from "if-installed" to "always" and the the default is now being advertised to Tower1. Tower2 learns its active default from Tower1 and backup default from Tower3. The issue...
by AdrianT88
Mon Mar 01, 2021 6:48 pm
Forum: Forwarding Protocols
Topic: Default Route advertisement eBGP failover
Replies: 9
Views: 2220

Re: Default Route advertisement eBGP failover

IPANetEngineer, That is correct, every tower is a separate ASN. I excluded the 0.0.0.0/0 from the "eBGP Core Allow-Out" chain because I didn't want Tower1 advertising a default towards the core. Tower1 and Tower4 learn the default from the core and then I wanted the default to propagate am...
by AdrianT88
Mon Mar 01, 2021 6:22 pm
Forum: Forwarding Protocols
Topic: Default Route advertisement eBGP failover
Replies: 9
Views: 2220

Re: Default Route advertisement eBGP failover

Hi joegoldman,

I would really appreciate it if you can make the time to remote in and take a look. Please let me know what days/time work best for you.

-AT
by AdrianT88
Fri Feb 26, 2021 6:43 pm
Forum: Forwarding Protocols
Topic: Default Route advertisement eBGP failover
Replies: 9
Views: 2220

Re: Default Route advertisement eBGP failover

Below are the advertisements from Tower2 towards Tower1. The default is not being advertised. I have tried to set the "Default Originate - always, from if installed" and the result is the same after clearing the BGP peering and rebooting the box. [atetu@empcle.cedar.ccr1036] > routing bgp ...
by AdrianT88
Fri Feb 26, 2021 6:23 pm
Forum: Forwarding Protocols
Topic: Default Route advertisement eBGP failover
Replies: 9
Views: 2220

Re: Default Route advertisement eBGP failover

Thanks for your reply joegoldman. I attached my filters from Towers 1, 2, and 3. Tower1: 0 ;;; eBGP Core-QFX Allow-In chain=ebgp-core-qfx5100-accept prefix=0.0.0.0/0 prefix-length=0 invert-match=no action=accept set-bgp-prepend-path="" 1 chain=ebgp-core-qfx5100-accept invert-match=no actio...
by AdrianT88
Thu Feb 25, 2021 10:06 pm
Forum: Forwarding Protocols
Topic: Default Route advertisement eBGP failover
Replies: 9
Views: 2220

Default Route advertisement eBGP failover

Hi all, I am having some issues with my default route propagation between my towers during a failover scenario. I attached a high level diagram that goes over the setup which can be summarized below when all the circuits are up and running. Tower1 receives default from Core and advertises to Tower2 ...
by AdrianT88
Wed Dec 02, 2020 9:23 pm
Forum: General
Topic: CCR1036 and CCR1072 unresponsive after power outage
Replies: 1
Views: 1106

CCR1036 and CCR1072 unresponsive after power outage

Hello all, I am running into some odd power related issues with my RouterOS units whenever there's power outage at the local sites. Our CCR1036 and CCR1072 lost power a couple days ago and they were both unresponsive as a result. We sent someone on site and they only LEDs that were "ON", w...
by AdrianT88
Fri Oct 16, 2020 7:45 pm
Forum: Forwarding Protocols
Topic: Default Route forwarding via eBGP
Replies: 4
Views: 1381

Re: Default Route forwarding via eBGP

Thanks IPANetEngineer. I actually came across that presentation as I started working with Mikrotik devices. At the time, I didn't think using bgp communities would enable my network to have the most efficient traffic engineering and redundancy. I currently have 7 active buildings that have a direct ...
by AdrianT88
Fri Oct 16, 2020 6:56 pm
Forum: Forwarding Protocols
Topic: Default Route forwarding via eBGP
Replies: 4
Views: 1381

Re: Default Route forwarding via eBGP

Default route is special case, you will need to enable default-originate on all routers along the path to advertise default route. Thanks for your reply mrz. After running some more tests, I would have to agree that default originate has to be enabled on all the routers. Is there anything else I ne...
by AdrianT88
Wed Oct 14, 2020 6:05 pm
Forum: Forwarding Protocols
Topic: Default Route forwarding via eBGP
Replies: 4
Views: 1381

Default Route forwarding via eBGP

Hi all, We operate a small WISP environment where each tower/bldg. rooftop utilizes a CCR1036. Some towers have fiber PtP towards to the core, and the towers without fiber access utilize mmWave PtPs to the nearest fiber lit buildings as the next hop. I am running eBGP towards the core and between al...
by AdrianT88
Fri Jun 19, 2020 6:59 pm
Forum: Forwarding Protocols
Topic: BGP routes won't get installed on CCR1072 [SOLVED]
Replies: 2
Views: 2870

Re: BGP routes won't get installed on CCR1072 [SOLVED]

Hi pwuk,

I have identified the issue. The Juniper runs eBGP to my tower networks and iBGP to the edge-CCR1072. I forgot to enable "next-hop self" on the Juniper peering towards the CCR1072. The routes are now propagating as expected after I made that change.

-AT
by AdrianT88
Wed Jun 17, 2020 4:58 pm
Forum: Forwarding Protocols
Topic: BGP routes won't get installed on CCR1072 [SOLVED]
Replies: 2
Views: 2870

BGP routes won't get installed on CCR1072 [SOLVED]

Hello all, Can someone help me identify why my Mikrotik won't utilize the BGP learned routes? I have a CCR1072 that runs iBGP with a Juniper QFX5100. The CCR1072 receives all the required routes from the Juniper, but it doesn't install them inside the routing table. I currently have static routes fo...
by AdrianT88
Thu Mar 05, 2020 10:35 pm
Forum: General
Topic: Route Access failing beyond IPSec [SOLVED]
Replies: 1
Views: 4574

Re: Route Access failing beyond IPSec [SOLVED]

Hi all, It looks like I found the fix and everything is working as expected. I changed policies' level to "unique" from "required". [ xyz ] > ip ipsec policy print Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default 0 A src-address=10.10.100.0/24 ...
by AdrianT88
Thu Mar 05, 2020 6:45 pm
Forum: General
Topic: Route Access failing beyond IPSec [SOLVED]
Replies: 1
Views: 4574

Route Access failing beyond IPSec [SOLVED]

Hello all, I am running into an issue with route access beyond an IPSec tunnel that I am hoping you can point in the right direction for. The tunnel is established and working between my office Palo Alto firewall and terminates on a CCR1009 that is located inside a datacenter. I can access the Mgmt....