WG-BGP

RouterOS Beginner Basics
1

does anyone know if it is correct and if it is possible to pass bgp through wireguard to two remote mikrotiks. could i have any example so i can try it ?

2

Yes it’s possible. It’s no different than running BGP over any other point-to-point link between two routers.

First, get the routers pinging each other via Wireguard. Then configure BGP using the Wireguard IP addresses.

Both kinds of examples are available on MikroTik’s help pages, as well as throughout the forum.

3

I had the devices ping each other over wireguard on 7.9 but now on 7.10 I can’t do that.
Is there any know issue with that?

EDIT

OK SO I found out what was the problem in my config on RouterOS.
I tried to understand what’s wrong and eventually looked at:
https://markeclaudio.github.io/mikrotik-wireguard-config-generator/

which generated for me a set of configurations.
For example:

/interface wireguard
add listen-port=13231 mtu=1420 name=wg0 private-key="GDVFiBwfUaZWwWmNK3fiqfBs8ipOrgHJ0XCysM07AHE="

/ip firewall filter
add action=accept chain=input comment="Allow Wireguard from All" dst-port=13231 protocol=udp

/ip address
add address=172.22.0.1/24 comment="Wireguard Interface" interface=wg0 network=172.22.0.0

/interface wireguard peers

add allowed-address=172.22.0.2/32 comment="Client_2" endpoint-address=172.22.0.2 interface=wg0 public-key="Tuai6kXV1a/q9ZY4OPHwb0p/WUkPpOQEePbc9XZj9kw="

add allowed-address=172.22.0.3/32 comment="Client_3" endpoint-address=172.22.0.3 interface=wg0 public-key="aWGPG3x+TnivOjyAg6HEmtL/c5NJ/ZcBl/fqnsdTbVI="

add allowed-address=172.22.0.4/32 comment="Client_4" endpoint-address=172.22.0.4 interface=wg0 public-key="4nlmTSs+Y7DJJq6TUXHCOkjJAG6R2B6bYb+n28aoTFA="`

And what I noticed that there is an endpoint-address defined per client.
Which… I have not used in my 7.9.2 and worked fine.
When I am adding the endpoint-address of the peer it works as expected and I can ping each end and also can use the endpoint address for routing and other things.

I remember that in 7.9.2 it worked so it’s worth testing and add it to the change log and documentation.