Hi Everybody.
I’m a newbie with Mikrotik RouterBoard. I’ve just brought my first RouterBoard 1 week ago and I don’t know if it is the right place for my post.
I don’t know if I found a bug on RouterOS 5.8 or I have done something wrong, but something goes wrong with a certain configuration…
Hardware : RB1100AH, Firmware 2.8, RouterOS 5.8 (L6).
Cabling : ether13 is connected to a server that run a DHCP-Server and provide IP address for the router. DHCP-Client is running on ether13 which is in a dedicated VRF.
Logical : ether12 is configured as a 802.1Q port with 1 vlan (Vlan #100). This vlan is connected to a bridge and a VRRP interface. All these interfaces are in a dedicated VRF.
Note : ether12 and ether13 will be in the same IP scope but in 2 different VRF.
First, start from scratch (/system reset-configuration & reboot) and delete the default configuration when the router comes up.
Ok, here it is the configuration lines (in sequence) :
/interface bridge add name=BR-VL-100 protocol-mode=rstp
/interface vrrp add name=VRRP-VL-100 interface=BR-VL-100
/ip route vrf add routing-mark=VRF-100 route-distinguisher=65535:1 import-route-targets=65535:1 export-route-targets=65535:1 interfaces=BR-VL-100,VRRP-VL-100
/ip route vrf add routing-mark=VRF-ADMIN route-distinguisher=65535:2 import-route-targets=65535:2 export-route-targets=65535:2 interfaces=ether13
/ip dhcp-client add add-default-route=yes ipv4=yes interface=ether13 disabled=no
Ok. At this point, you can ping from the server the dynamic IP address learned by ether13.
Let it run and add the following lines :
/interface vlan add name=VL-100-E12 interface=ether12 use-service-tag=yes vlan-id=100
/interface bridge port add bridge=BR-VL-100 interface=VL-100 disabled=no path-cost=100
/ip address add interface=BR-VL-100 address=10.255.255.29/27 disabled=no
/ip address add interface=VRRP-VL-100 address=10.255.255.30/32 disabled=no
Ok. Ping still working fine.
And now, enter :
/ip route vrf set route-distinguisher=65535:4 export-route-targets=65535:4 import-route-targets=65535:4 disabled=no 1
And the router will loose all L3 “connectivity” 
even if you try to go back :
/ip route vrf set route-distinguisher=65535:2 export-route-targets=65535:2 import-route-targets=65535:2 disabled=no 1
Still loosing L3 packets… but L2 seems to work (ARP).
Did I done something wrong ? or is it a bug ?
Thanks.