I have two Mikrotik routers, each has their own 1GB WAN, a 1GB cross-connect, and each has their own AWS VPN tunnel, all with BGP sessions. When I first set this up, I put the BGP routes from our WAN provider into a separate route table and the routes from the cross-connect into that route table as well. This was fine because it’s a 0.0.0.0/0 route and I really didn’t need their customer’s IP since I don’t have a second WAN. Now with adding the AWS VPN, I’m wondering if I’ve made a mistake. Does everyone use one main route table for everything? Is it common to protect routes using allow list route filters or assumed you won’t get a faulty route from an upstream? I’ve found a lot of setup articles while not anything on the day to day management and all the common bgp issues that can trip up the route tables or cause a lose of connectivity. I’m on v7 if that changes the answer or suggestions.
It really depends on what you want to accomplish with a separate routing table from a design perspective.
In general, VRF/routing marks are used for:
- Multitenancy
- Security Zones
- Route and subnet overlap
- Separating management and OOB networks
- Policy based routing (in MikroTik and Linux anyway)
They do come with some technical debt so you want to make sure you’ve got a clear use case before putting everything in its own routing table