Do route-marked packets see any other routes on the router?

eugenevdm · October 31, 2005, 9:45am

I tried upgrading from 2.8 to 2.9 and some of my policy routing stopped working as it did in version 2.8.

My question is do route-marked packets see any other routes on the router such as the static and dynamic routes in what used to be called the “main table”?

Before in 2.8 the “main table” had dynamic and static routes which were honored before the policy routes. Now it appears as if though “mark routing” on the “pre-routing chain” in order to do policy routing bypasses these dynamic and static routes.

I have already examined this diagram but I can’t see how it’s different:
http://www.mikrotik.com/docs/ros/2.9/ip/flow

If it has changed what would be the workaround? Do I potentially have to recreate all the static routes and additional policy routes?

SteveD mentions a similar problem in this forum, quote: “One other thing you should be aware of is the route-marked packets will not see any other routes in your router either.”
http://forum.mikrotik.com//viewtopic.php?t=3122&highlight=

I would really like a workaround.

Eugene · October 31, 2005, 12:19pm

Nexthops for the route-marked traffic are looked up using ‘main’ table only if no match is found in the mark-specific table.

eugenevdm · October 31, 2005, 9:45pm

In other words this different from 2.8 because in 2.8 you could have:

0.0.0.0/0 lookup main (default router) table containing static and dynamic routes
any number of policy routes
if any of the above fails catch-all route to desired location

In 2.9 as you route-mark traffic for policy routing you are always skipping the main table, and only if the route is not found in your policy routing it will transverse the main table thereafter. Thus:

mangle pre-routing chain for source / dest pair with action mark-routing
if this fails lookup main table

No more control to check main table first because all traffic will always be routed using your poilcy route first, and only if the policy route fails it will goto the main table?

This limits me to getting to routes on the router itself if this makes any sense. I can provide a clearer example if need be.

butche · November 1, 2005, 5:52am

It certainly doesn’t make sense to me.

In 2.8, if a policy rule did not match, the main table is used. In 2.9, if your policy rules (routing marks) do not match, then main table (non-policy based) routes are used.

eugenevdm · November 1, 2005, 6:30am

What I’m trying to say, in 2.8, you could look up the main table FIRST, then do policy routing, and then do catchall routes.

In 2.9 you can’t look up the main table first, and only if your policy routes fails it will look up the main table. One less step that was possible in 2.8. I will post routing tables here to make this more clear. It would be really wonderfull if someone from Mikrotik could also contribute.

normis · November 1, 2005, 6:54am

in 2.9.7 you will have more policy routing features, you will be able to do everything you could in 2.8 plus all that you can in 2.9

Eugene · November 1, 2005, 9:24am

2.9.7 will give you many new exciting ways to create routing loops, so to say

HarvSki · November 1, 2005, 10:27am

Cynic

Serverwinkel.nl · November 2, 2005, 10:13pm

eugenevdm has a good point, I have this problem too.
When you use the route mark, and make a route to 0.0.0.0 for a certain mark, it skips the local routes.
So local traffic gets send to the gateway for 0.0.0.0 and effectively gets lost because the gateway doesn’t know what to do with it.
This only starts to be a problem when you have more then one uplink and more then one downlink on your router… throw in some VPN connections to make it a real headache.

So thanks very much for version 2.9.7, it solves many problems

changeip · November 3, 2005, 12:48am

Mikrotik rocks! : )

Sam