Community discussions

MikroTik App
 
tiernano
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 85
Joined: Fri Jul 20, 2012 1:51 pm

BGP, Routing Tables and Router OS 7

Thu Dec 30, 2021 10:23 pm

Morning all.

Not sure what i am doing wrong, but I will explain, and hopefully someone can help.

* RB5007 with a main internet connection. Full routing via Cable modem
* connects over Wireguard (or Zerotier, tried both) to some servers upstream (VPS and Dedicated) that have full BGP feeds (and connected to IXes)
* BGP connection to upstream servers and get the routes down
* LAN port connected to machines and allow routing to the internet over BGP and my own V4/V6 space

Mostly works, but every now and again, something goes wonkey and traffic from the route to the VPS boxes is trying to use my own V4/V6 space, and then Zerotier/Wireguard disconnects and a reboot is the only thing that fixes it...

So, I have static routes to the dedicated IPs, and i have a mangle rule to those dedicated IPs to set a connection mark. Then in NAT, if its that connection mark, i set it to use my public IP from the cable modem... that seems to be hit and miss... I also have a NAT rule for any traffic coming from given internal IPs get SRC Natted with one of my public IPs from my own V4/V6 space...

All in all, things get messy... So, what i am trying to figure out what to do is the following:

* When BGP routes come in, the router directly should not be effected by them, essentially it should still use my cable modem (or backup LTE link... thats a nice to have but not required...)
* one of the ports on the router should have an IP from my V4/V6 space (a /28 or /29) and then anything behind that port can get a full public IP with no NAT or the like...

First, does that make sense? And second, How do i do that? I cant seem to find much on how to do it in 7... Any ideas?

Thanks.
 
tiernano
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 85
Joined: Fri Jul 20, 2012 1:51 pm

Re: BGP, Routing Tables and Router OS 7

Fri Dec 31, 2021 12:34 am

Right... i have done some fiddling with configs, and so far i have a port on the router setup with an IP out of my range (185.xx.xx.33/28) and then set an IP on something connected to that (185.xx.xx.35/28 with a gateway of 33) and it is working... i now just need to figure out how to tell router OS not to use the routes it learns from BGP for its own routing, but while still allowing the routing from that port out to the internet...
 
tiernano
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 85
Joined: Fri Jul 20, 2012 1:51 pm

Re: BGP, Routing Tables and Router OS 7

Mon Jan 03, 2022 5:50 pm

Right... More digging has been done, but still not fully getting there... I have a port set up with my internal IP (185.xxx.xxx.33/28) and put a box (UDM Pro) behind with a public ip of 35. I have set all my BGP connections to use a new routing table, and made sure my internal /28 i was announcing to my upstream boxes was in there (that was one of the issues i had previously!). then, i have a policy routing rule set that any traffic from that internal network port lookup from that routing table... It works, mostly, but every now and again, the mikrotik gets confused and is trying to route traffic over the wrong IPs... Or at least i think thats what happening... Both the ZeroTier and WireGuard connections fail... what do i need to put into the NAT rules to make sure traffic FROM the router goes out over a given IP/Interface? I seem to be missing that part...

Who is online

Users browsing this forum: nichky and 18 guests