I have some older Mikrotik devices such as the RB750GL. When i upgraded the OS, my TCP connections stopped working and I noticed FastTrack was causing this, which i turned off. My CPu does tend to spike a bit, and i am wondering if there is a way for me to get it working.
The purpose of the Mikrotik router is to do VRF routing for our guest traffic. I have some sites which do not have a VRF capable switch to completely segregate guest traffic and the Mikrotik’s seem perfect for this.
here is my setup.
I am using the master eth2 switch port.
I created the Guest VRF
I created the Wifi vlan 3020 with an IP address, tagged this as the vrf
Created the vlan 3021 for the uplink over the mpls with an ip address and tagged thisa s the vrf
created another vlan 22 for management traffic on winbox. I added an IP address and did no vrf tagging.
I added some default rotues for the mgmt traffic and an ospf setup for the vrf (adding a second mpls link soon.
The traffic flow goes like this. WIFI-Vlan-3020 >>> MPLS-VLAN-3020. I will add another MPLS as a possible exit point soon.
These sites are only going to be getting 50Mbps. I just want to get them passing as much traffic as possible.
In the future, the MPLs vlans will connect directly to the Mikrotik on seperate ports instead of doing router & stick approach.
It seems like fasttrack was more designed for LAN > WAN and I am doing LAN > LAN.
What version are you using? I also had several issues with fasttrack starting with version 6.39.
This turned out to be dynamic MAC on my bonded interfaces. I added forced mac on the bonded interface and it solved all issues. In rc release they have fixed this issue.
If you have virtual interfaces, like I have with bonding, try to add static MAC or try out latest RC release as this will fix issue with dynamic MAC and fasttrack or wait for 6.39.3 which should solve this as well.
VRF assignment is bypassed if you use FastTrack:
“Note that not all packets in a connection can be fasttracked, so it is likely to see some packets going through slow path even though connection is marked for fasttrack. This is the reason why fasttrack-connection is usually followed by identical action=accept rule. Fasttracked packets bypass firewall, connection tracking, simple queues, queue tree with parent=global, ip traffic-flow(restriction removed in 6.33), IP accounting, IPSec, hotspot universal client, VRF assignment, so it is up to administrator to make sure fasttrack does not interfere with other configuration;”
