Hello,
How can I make routes to appear in multiple tables? Or, alternatively, how can I make sure that a newly created table contains all the routes from the main table?
What I actually want is to override the existing default route if and only if a package has source address from 233.252.0.0/24.
If I use "routing-mark" (either via "ip route rule" or "firewall mangle"), a new, empty table is created with my updated default route. I could manually copy all the routes from the main table but this is very messy and error prone. Even if I wanted, the Dynamic routes are automatically created.
Re: How can I change the default route for a packet (or put routes into multiple tables)?
I do not understand how you think,
instead of mark all and have the need of duplicate "main" table,
Simply mark only, checking source and destination, when the packet must follow another path...
Or better do not use firewall for do routing, instead use... Routing for do routing... use Route Rules with src-address
On the example below 233.252.0.0/24 must reach 192.168.0.0/16 from main route table and the rest from table "table-233-252"
The rules are applied on order, this mean that if dst is one IP inside 192.168.0.0/16, main table is used, else the table "table-233-252"
instead of mark all and have the need of duplicate "main" table,
Simply mark only, checking source and destination, when the packet must follow another path...
Or better do not use firewall for do routing, instead use... Routing for do routing... use Route Rules with src-address
On the example below 233.252.0.0/24 must reach 192.168.0.0/16 from main route table and the rest from table "table-233-252"
The rules are applied on order, this mean that if dst is one IP inside 192.168.0.0/16, main table is used, else the table "table-233-252"
Code: Select all
/ip route
add distance=1 gateway=7.8.9.10 routing-mark=table-233-252
/ip route rule
add action=lookup-only-in-table src-address=233.252.0.0/24 dst-address=192.168.0.0/16 table=main
add action=lookup-only-in-table src-address=233.252.0.0/24 table=table-233-252
Re: How can I change the default route for a packet (or put routes into multiple tables)?
Hi,
I think this was pretty much what I was saying ("either via "ip route rule"). My problem is a different one: I want to replace the default route only.
Currently my main routing table is big...and it has a default route, say via 193.0.0.169.
If the source address is from net 233.252.0.0/24, it should traverse the routing table exactly as normal but if it reaches the default route, it should instead use a different one (say, 7.8.9.10 via a different interface).
In your example, if the router receives a packet from 233.252.0.0/24, it looks up table-233-252 only. And this table does not contain anything but "add distance=1 gateway=7.8.9.10 routing-mark=table-233-252". So yes, the desired default route works. But it lacks all the routes of the main table. If a packet with such destination comes across, it would be routed over 7.8.9.10.
Your first rule avoids that but for this I would need to know all possible destinations from the main table. In other words, I would need to replicate it.
Does this make sense?
I think this was pretty much what I was saying ("either via "ip route rule"). My problem is a different one: I want to replace the default route only.
Currently my main routing table is big...and it has a default route, say via 193.0.0.169.
If the source address is from net 233.252.0.0/24, it should traverse the routing table exactly as normal but if it reaches the default route, it should instead use a different one (say, 7.8.9.10 via a different interface).
In your example, if the router receives a packet from 233.252.0.0/24, it looks up table-233-252 only. And this table does not contain anything but "add distance=1 gateway=7.8.9.10 routing-mark=table-233-252". So yes, the desired default route works. But it lacks all the routes of the main table. If a packet with such destination comes across, it would be routed over 7.8.9.10.
Your first rule avoids that but for this I would need to know all possible destinations from the main table. In other words, I would need to replicate it.
Does this make sense?
Re: How can I change the default route for a packet (or put routes into multiple tables)?
Yes, the routes on main table are set manually or by BGP?
Re: How can I change the default route for a packet (or put routes into multiple tables)?
Right now manually as well as automatically (the automatic ones are for the various interfaces. Turns out without these not even simple forwarding from one interface to the other works). There are a few tens of entries right now.Yes, the routes on main table are set manually or by BGP?
However, I want to deploy OSPF (maybe iBGP) since all the static routes get out of hand.
Re: How can I change the default route for a packet (or put routes into multiple tables)?
On future keep one eye on VRF...
Actually with all "manual" only, can be doed by scripting, copyng all, except 0.0.0.0/0 from main to alternate table
Actually with all "manual" only, can be doed by scripting, copyng all, except 0.0.0.0/0 from main to alternate table
Re: How can I change the default route for a packet (or put routes into multiple tables)?
I have briefly looked into this but I have trouble understanding.On future keep one eye on VRF...
I also played around briefly but lost connection to the router. Gave up because I am not on-site (Safe Mode to the rescue!!)
Would you be willing to give a brief example using the numbers above? Interfaces:
- 193.0.0.170/29. Normal WAN interface. Default route via 193.0.0.169.
- 192.168.200.1/24. LAN interface
- 233.252.0.0/24. Second WAN interface
- 7.8.9.1/24. Interface linking 233.252.0.0/24. Should be the default route if source address 233.252.0.0/24
Re: How can I change the default route for a packet (or put routes into multiple tables)?
Ok for the rest of the world, after banging my head on this for the last two days I finally got it working.
There can be multiple rules and multiple rules can jump to different tables. Key observation is (and unfortunately Mikrotiks documentation is totally lacking here) that if a rule is applied and no matching route is found in the table, it jumps back and tries the next matching rule.
With this in mind, I removed the default route from the main table, and created two tables containing only the two different default routes. The rules look like:
There can be multiple rules and multiple rules can jump to different tables. Key observation is (and unfortunately Mikrotiks documentation is totally lacking here) that if a rule is applied and no matching route is found in the table, it jumps back and tries the next matching rule.
With this in mind, I removed the default route from the main table, and created two tables containing only the two different default routes. The rules look like:
Code: Select all
[admin@ugate] /ip route rule> print
Flags: X - disabled, I - inactive
0 src-address=233.252.0.0/24 dst-address=0.0.0.0/0 action=lookup table=main
1 src-address=233.252.0.0/24 dst-address=0.0.0.0/0 action=lookup table=default_net233
2 dst-address=0.0.0.0/0 action=lookup table=main
3 dst-address=0.0.0.0/0 action=lookup table=default_lan
Re: How can I change the default route for a packet (or put routes into multiple tables)?
Ok for the rest of the world, after banging my head on this for the last two days I finally got it working.
With this in mind, I removed the default route from the main table, and created two tables containing only the two different default routes.
And (also for the rest of the word) if you want to accomplish the same thing with DHCP routes then use the DHCP Clinet Lease scrpt example https://wiki.mikrotik.com/wiki/Manual:I ... pt_example
Code: Select all
:local rmark "WAN1"
:local count [/ip route print count-only where comment="$mark"]
:if ($bound=1) do={
:if ($count = 0) do={
/ip route add gateway=$"gateway-address" comment="$mark" routing-mark=$rmark
} else={
:if ($count = 1) do={
:local test [/ip route find where comment="$mark"]
:if ([/ip route get $test gateway] != $"gateway-address") do={
/ip route set $test gateway=$"gateway-address"
}
} else={
:error "Multiple routes found"
}
}
} else={
/ip route remove [find comment="$mark"]
}Who is online
Users browsing this forum: Bing [Bot] and 103 guests