Community discussions

MikroTik App
 
Cablenut9
Long time Member
Long time Member
Topic Author
Posts: 542
Joined: Fri Jan 08, 2021 5:30 am

Multiple packet marks?

Fri Apr 09, 2021 6:11 am

I'm going to have a setup where I have a split-tunnel VPN and a queue tree. The split-tunnel will use mangle rules to mark packets that should get sent through the VPN, but the problem is that the queue tree also uses packet marks for QoS. Is there a way to add multiple marks to a packet/connection or will I have to add a VPN route for each kind of packet mark used for the queue?
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: Multiple packet marks?

Fri Apr 09, 2021 6:19 am

I'm going to have a setup where I have a split-tunnel VPN and a queue tree. The split-tunnel will use mangle rules to mark packets that should get sent through the VPN, but the problem is that the queue tree also uses packet marks for QoS. Is there a way to add multiple marks to a packet/connection or will I have to add a VPN route for each kind of packet mark used for the queue?
Mark the connection instead for the connections that should be sent through the VPN. It is separate from a packet mark and will be applied to all packets that are part of the connection. I can't think of a scenario where you would want to send some packets for a specific connection over a VPN, but not others.
 
Cablenut9
Long time Member
Long time Member
Topic Author
Posts: 542
Joined: Fri Jan 08, 2021 5:30 am

Re: Multiple packet marks?

Fri Apr 09, 2021 6:40 am

Would the "mark routing" feature work for this as well? The Mik router has some webservers behind it so I need to be able to differentiate between traffic destined toward regular website visitors and outbound traffic that's supposed to go through the VPN.
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: Multiple packet marks?

Fri Apr 09, 2021 7:07 am

Would the "mark routing" feature work for this as well? The Mik router has some webservers behind it so I need to be able to differentiate between traffic destined toward regular website visitors and outbound traffic that's supposed to go through the VPN.
You have to use mark routing for that, yes, but you can mark routing based on the connection-mark as a matching criteria. I assumed you meant that you currently had a mark-routing rule using the packet-mark as a matching criteria and I was just letting you know that you can use connection-mark instead for that purpose.

Who is online

Users browsing this forum: anav, Andrey05, Bing [Bot] and 86 guests