Community discussions

 
hedele
Member
Member
Topic Author
Posts: 338
Joined: Tue Feb 24, 2009 11:23 pm

Make ROS services VRF-aware

Mon Mar 21, 2011 8:43 am

Hi all,

I recently tried to make ROS work with two VRFs, which by itself worked fine.
However, I have a problem with the router accessing services within the VRFs.

I have two VRFs, RED and BLUE.
Both RED and BLUE are using the 10.0.0.0/24 subnet.
RED is on interface ether4, BLUE on interface ether5.
Both interfaces are given the IP 10.0.0.1/24.

Now I need to connect to 10.0.0.254 in both VRFs using PPTP.
The only problem being - PPTP client is not VRF-aware. It's not possible to enter the remote address in "10.0.0.254@RED" or "10.0.0.254%ether5" format.
While trying to figure stuff out, I noticed that pretty much nothing (EoIP, IPIP, ...) is VRF-aware in ROS, except for the ping tool.
This is true for both ROS 5.0rc11 and 4.17
Please note that for operational reasons, it is not possible to change the IP 10.0.0.254 in either VRF. That would in theory
allow me to inject /32 routes into the main routing table, pointing to the respective VRF, but still is a kludge.

To get this working, I now had to build a massive kludge involving two metarouters on the Routerboard I am going to use.
Is there another way, or is that simply a feature request to make all services in ROS VRF aware?
 
bda
Member Candidate
Member Candidate
Posts: 126
Joined: Fri Sep 03, 2010 11:07 am
Location: Russia,Moscow

Re: Make ROS services VRF-aware

Mon Mar 21, 2011 12:23 pm

Hi all,

I recently tried to make ROS work with two VRFs, which by itself worked fine.
However, I have a problem with the router accessing services within the VRFs.

I have two VRFs, RED and BLUE.
Both RED and BLUE are using the 10.0.0.0/24 subnet.
RED is on interface ether4, BLUE on interface ether5.
Both interfaces are given the IP 10.0.0.1/24.

Now I need to connect to 10.0.0.254 in both VRFs using PPTP.
The only problem being - PPTP client is not VRF-aware. It's not possible to enter the remote address in "10.0.0.254@RED" or "10.0.0.254%ether5" format.
While trying to figure stuff out, I noticed that pretty much nothing (EoIP, IPIP, ...) is VRF-aware in ROS, except for the ping tool.
This is true for both ROS 5.0rc11 and 4.17
Please note that for operational reasons, it is not possible to change the IP 10.0.0.254 in either VRF. That would in theory
allow me to inject /32 routes into the main routing table, pointing to the respective VRF, but still is a kludge.

To get this working, I now had to build a massive kludge involving two metarouters on the Routerboard I am going to use.
Is there another way, or is that simply a feature request to make all services in ROS VRF aware?
Very interesting... Is it possible to run metarouter on x86 platform? Does it consume addition license?
God bless UNIX!
 
hedele
Member
Member
Topic Author
Posts: 338
Joined: Tue Feb 24, 2009 11:23 pm

Re: Make ROS services VRF-aware

Tue Mar 22, 2011 12:40 am

It does not consume an additional license, and i think virtualization is implemented in x86 using KVM. I never tried it though :)
 
oeyre
Member Candidate
Member Candidate
Posts: 118
Joined: Wed May 27, 2009 12:48 pm

Re: Make ROS services VRF-aware

Tue Mar 22, 2011 6:44 am

If you add this to the feature request wiki I will vote for it.
 
User avatar
janisk
MikroTik Support
MikroTik Support
Posts: 6283
Joined: Tue Feb 14, 2006 9:46 am
Location: Riga, Latvia

Re: Make ROS services VRF-aware

Tue Mar 22, 2011 2:33 pm

x86 uses KVM to provide virtualization. Metarouter will not be ported to x86. It has very similar configuration options if compared to Metarouter.

Differences are - no hardware can be assigned to guest, guest resides in image, that can be moved to other RouterOS x86 router, with tweaking and license it can be brought to KVM in any linux distribution, RouterOS version can be different from host system (for best results, same version should be used)

and DHCP-server is VRF aware..
 
hedele
Member
Member
Topic Author
Posts: 338
Joined: Tue Feb 24, 2009 11:23 pm

Re: Make ROS services VRF-aware

Tue Mar 22, 2011 8:24 pm

and DHCP-server is VRF aware..
Well thanks for pointing that out :)
Are there any plans of bringing VRF awareness at least the other key services like PPP?
 
bda
Member Candidate
Member Candidate
Posts: 126
Joined: Fri Sep 03, 2010 11:07 am
Location: Russia,Moscow

Re: Make ROS services VRF-aware

Wed Mar 23, 2011 9:11 am

and DHCP-server is VRF aware..
Well thanks for pointing that out :)
Are there any plans of bringing VRF awareness at least the other key services like PPP?
Yes, we also need vrf-aware for pptp/pppoe!
God bless UNIX!
 
oeyre
Member Candidate
Member Candidate
Posts: 118
Joined: Wed May 27, 2009 12:48 pm

Re: Make ROS services VRF-aware

Thu Mar 24, 2011 2:53 am

and DHCP-server is VRF aware..
But not btest...
 
bda
Member Candidate
Member Candidate
Posts: 126
Joined: Fri Sep 03, 2010 11:07 am
Location: Russia,Moscow

Re: Make ROS services VRF-aware

Wed Mar 30, 2011 4:36 pm

and DHCP-server is VRF aware..
But not btest...
Do anybody know, how to put pppoe\ppptp dynamic interfaces to vrf, and not to main routing table? Is it possible?
God bless UNIX!

Who is online

Users browsing this forum: No registered users and 112 guests