Community discussions

MikroTik App
 
vaizki
newbie
Topic Author
Posts: 32
Joined: Wed Mar 23, 2011 3:44 pm
Location: Finland

Exchanging routes locally between VRFs on 7.2.1

Thu Apr 28, 2022 9:54 am

I have a few 7.2.1 routers with iBGP and multiple VRFs, trying to figure out how to leak routes between VRFs.

Static routes work ok (route + 2x routing rules with lookup in another table) but the wiki says:
"In general it is recommended that all routes between VRF should be exchanged using BGP local import and export functionality."

How exactly would this be achieved? I can figure out a few overly complicated hacks to do it (including a cable from one port to another) but not the clean way.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7042
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Exchanging routes locally between VRFs on 7.2.1

Thu Apr 28, 2022 10:02 am

At the moment there is no easy mechanism to do this. What may work is setting two BGP instances, one per VRF, and making a BGP session internally between vrfs.
 
vaizki
newbie
Topic Author
Posts: 32
Joined: Wed Mar 23, 2011 3:44 pm
Location: Finland

Re: Exchanging routes locally between VRFs on 7.2.1

Thu Apr 28, 2022 10:08 am

Thanks for the lightning fast response!
So would this be best practice then?
  • Create loopback bridge in both VRFs
  • Leak routes (static route + rules) to loopbacks between VRFs
  • Setup BGP between loopbacks
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7042
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Exchanging routes locally between VRFs on 7.2.1

Thu Apr 28, 2022 10:10 am

It's not like best practice, but rather a workaround that might work.
 
vaizki
newbie
Topic Author
Posts: 32
Joined: Wed Mar 23, 2011 3:44 pm
Location: Finland

Re: Exchanging routes locally between VRFs on 7.2.1

Thu Apr 28, 2022 10:11 am

Ok, just for reference how does this work on v6 then?
 
EvilBart
just joined
Posts: 3
Joined: Thu Apr 27, 2023 10:12 am
Location: Warsaw/Poland

Re: Exchanging routes locally between VRFs on 7.2.1

Thu Apr 27, 2023 10:26 am

I've been able to export and router from vrf and import it to another vrf.
However the route is not working.

absolute minimal config to reproduce:
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip vrf
add interfaces=ether2 name=Cust1
/port
set 0 name=serial0
/ip address
add address=10.0.0.1/24 interface=ether1 network=10.0.0.0
add address=192.168.0.1/24 interface=ether2 network=192.168.0.0
/ip dhcp-client
add interface=ether1
/ip route
add gateway=10.0.0.2
/routing bgp vpn
add export-filter=select-only-default export-route-targets=1000:1 import-route-targets=1000:1 \
    label-allocation-policy=per-vrf route-distinguisher=1000:1 vrf=main
add export-route-targets=2000:1 import-filter="" import-route-targets=2000:1,1000:1 label-allocation-policy=per-vrf \
    route-distinguisher=2000:1 vrf=Cust1
/routing filter rule
add chain=select-only-default rule="if (dst in 0.0.0.0/0 && dst-len == 0) { accept;}"
/routing filter select-rule
add chain=select-only-default disabled=no do-where=select-only-default
It seens like it almost works. The route is where it should be but there is no immediate gateway resolved in the imported route.
[admin@MikroTik] /routing/bgp/vpn> /ip/route/print detail
Flags: D - dynamic; X - disabled, I - inactive, A - active;
c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - modem, y - copy; H - hw-offloaded;
+ - ecmp
 0  As   dst-address=0.0.0.0/0 routing-table=main pref-src="" gateway=10.0.0.2 immediate-gw=10.0.0.2%ether1 distance=1
         scope=30 target-scope=10 suppress-hw-offload=no

   DAc   dst-address=10.0.0.0/24 routing-table=main gateway=ether1 immediate-gw=ether1 distance=0 scope=10
         suppress-hw-offload=no local-address=10.0.0.1%ether1

   DAyH  dst-address=0.0.0.0/0 routing-table=Cust1 gateway=10.0.0.2 distance=0 scope=30 target-scope=10
         suppress-hw-offload=no

   DAc   dst-address=192.168.0.0/24 routing-table=Cust1 gateway=ether2@Cust1 immediate-gw=ether2 distance=0 scope=10
         suppress-hw-offload=no local-address=192.168.0.1%ether2@Cust1
[admin@MikroTik] /routing/bgp/vpn> /ping 8.8.8.8 vrf=Cust1
  SEQ HOST                                     SIZE TTL TIME       STATUS
    0                                                              22 (Invalid argument)
    1                                                              22 (Invalid argument)
    sent=2 received=0 packet-loss=100%

However if i replace the imported route by a static one and disable the import/export:
/routing/bgp/vpn/disable 0
/routing/bgp/vpn/disable 1

[admin@MikroTik] /ip/route> /ip/route/add dst-address=0.0.0.0/0 routing-table=Cust1 gateway=10.0.0.2@main
[admin@MikroTik] /ip/route> print detail
Flags: D - dynamic; X - disabled, I - inactive, A - active;
c - connect, s - static, r - rip, b - bgp, o - ospf, d - dhcp, v - vpn, m - modem, y - copy; H - hw-offloaded;
+ - ecmp
 0  As   dst-address=0.0.0.0/0 routing-table=main pref-src="" gateway=10.0.0.2 immediate-gw=10.0.0.2%ether1 distance=1
         scope=30 target-scope=10 suppress-hw-offload=no

   DAc   dst-address=10.0.0.0/24 routing-table=main gateway=ether1 immediate-gw=ether1 distance=0 scope=10
         suppress-hw-offload=no local-address=10.0.0.1%ether1

 1  As   dst-address=0.0.0.0/0 routing-table=Cust1 pref-src="" gateway=10.0.0.2 immediate-gw=10.0.0.2%ether1 distance=1
         scope=30 target-scope=10 suppress-hw-offload=no

   DAc   dst-address=192.168.0.0/24 routing-table=Cust1 gateway=ether2@Cust1 immediate-gw=ether2 distance=0 scope=10
         suppress-hw-offload=no local-address=192.168.0.1%ether2@Cust1
static works fine ! but export/import does not !

Anyone has been able to make it work with import/export?

Who is online

Users browsing this forum: No registered users and 23 guests