VRF Interface Limit

Splash · September 21, 2016, 8:43am

It seems the limit imposed by Mikrotik for the number of interfaces which can be added to a VRF is set to 30. Through winbox, one is only able to add 30 interfaces before the interface stops allowing you to add more. This limit seems not to exist on the CLI as one can easy exceed this limit, however it seems things do not work as they should. When viewing the interface list in winbox when the number exceeds 30, the active interface (vlan in this case) is displayed in red. As soon as one reduces the number of interfaces to a total of 30, the active interface turns black.

Initial reports from Mikrotik Support suggest that you can have up to 125 interfaces attached to a VRF, however this doesn’t seem to be the case.

I would prefer not to implement a device per customer when they have more than 30 GRE tunnels terminating in to their VRF…

nz_monkey · September 21, 2016, 9:12am

It sounds like this is a WinBox UI bug rather than a bug in RouterOS.

Have Mikrotik support confirmed this as a known issue ?

Splash · September 21, 2016, 12:22pm

I am busy working with the Mikrotik Support, but it seems that even though you can add them on the CLI, it doesnt work… something breaks

nz_monkey · September 21, 2016, 11:07pm

Great, keep us updated.

I thought I would have hit this bug by now, but when I checked we are at max 28 interfaces per VRF on a bunch of our routers, I guess we have been lucky that we terminate customer interfaces across multiple PE routers !

It is only a matter of time before we will hit the same problem as you..

Hyperactif77 · September 23, 2016, 6:31am

We have a client with more than 50 interfaces on a vrf without problem. We use CLI for do that

nz_monkey · September 23, 2016, 7:13am

Adding interfaces to a VRF from the CLI is horrific on RouterOS (Sorry guys, but it is).

There badly needs to be an append operator !

Splash · September 23, 2016, 12:47pm

Yeah! I agree. I did post a feature request and MT support provided a post with an alternative.

http://forum.mikrotik.com/t/feature-request-append-values-to-configuration/101729/1

Splash · September 23, 2016, 12:55pm

We have 4 devices in multiple locations that terminate the tunnels based on the best local routes available and act as fail-over for the other locations. Sort of n+4 redundancy. For this reason I provision every customers tunnel on all 4 devices, which in turn easily exceeds the limit set in winbox for example .

The next option is to provide a dedicated router for our customers with a large number of sites so that we don’t use VRFs, removing this limitation.

Splash · September 23, 2016, 12:56pm

Cool, so we could say then that 50 interfaces is still ok?

When I ran in to this issue, we had attached about 80 interfaces (not all active) and found that the active sites suddenly became isolated.

bradnz · November 21, 2018, 7:58am

Hi

Old post, but what was the final outcome of this?

Brad

nz_monkey · November 21, 2018, 10:13am

The same as anything to do with routing in RouterOS v6, “Fixed in v7”… Since 2013

StrataNet · July 29, 2020, 9:52pm

Have also just discovered this issue… the hard way. Does anyone have any updates on this?

Agreed that the CLI side of this definitely needs to be better - everything on our routers is scripted except for having to manually enter VRF!

mrz · July 30, 2020, 5:59am

v7beta does not have this limit.

StubArea51 · July 30, 2020, 2:12pm

So if I understand this answer correctly, VRFs are limited to system resources available? Which should mean that several thousand is realistically possible

mrz · July 30, 2020, 2:17pm

Not really but almost. Total amount of tables is limited to 65k (this is including policy routing tables and vrfs in total).