Community discussions

MikroTik App
 
shukalo83
just joined
Topic Author
Posts: 2
Joined: Fri May 13, 2011 9:39 am

Policy routing

Tue May 17, 2011 12:52 pm

Hello

I'm trying to setup policy for all packet destined for ftp on server 1.1.1.99 to go on wan2 interface (I have a dual wan setup and ether3-local-master is default gw for LAN)
4   chain=prerouting action=mark-connection new-connection-mark=ftpbg passthrough=no dst-address=1.1.1.99 in-interface=ether3-local-master 
     connection-mark=ftpbg 

5   chain=prerouting action=mark-routing new-routing-mark=to_ftpbg passthrough=no connection-mark=ftpbg
But when I check stats:
 4   prerouting                                                                                      mark-connection         9569527         6623           
 5   prerouting                                                                                      mark-routing            0               0 
It seams that packets are not checked for mark-routing action while in the same time they are checked with mark-connection.

Am I doing something wrong here?
 
User avatar
greencomputing
Frequent Visitor
Frequent Visitor
Posts: 95
Joined: Wed Jun 23, 2010 1:12 pm
Location: Italy

Re: Policy routing

Tue May 17, 2011 5:07 pm

Hi there
may you change rule #4 removing the connection-mark=ftpbg setting?
I mean that rule 4 needs to appear as :
 4   chain=prerouting action=mark-connection new-connection-mark=ftpbg passthrough=no dst-address=1.1.1.99 in-interface=ether3-local-master

Ciao
If answer was helpful to you why to not plan to... give me karma :)
greencomputing

--------------------
MTCNA / MTCRE certified Senior Mikrotik Consultant
 
duvi
Frequent Visitor
Frequent Visitor
Posts: 70
Joined: Fri Jun 05, 2009 12:32 pm
Contact:

Re: Policy routing

Tue May 17, 2011 6:11 pm



4 chain=prerouting action=mark-connection new-connection-mark=ftpbg passthrough=no dst-address=1.1.1.99 in-interface=ether3-local-master
connection-mark=ftpbg
passthrough=no is the key, it doesn't reach #5 because of it. Set it to passthrough=yes
 
shukalo83
just joined
Topic Author
Posts: 2
Joined: Fri May 13, 2011 9:39 am

Re: Policy routing

Wed May 18, 2011 1:04 am

Greencomputing was right. connection-mark was unnecessary.

On the other hand, passthrough=no was necessary.

Thank You all.

Who is online

Users browsing this forum: Hinata001, kiank7 and 95 guests