Community discussions

MikroTik App
 
User avatar
genesispro
Member Candidate
Member Candidate
Topic Author
Posts: 283
Joined: Fri Mar 14, 2014 12:33 pm

ROS7 and mark routing issue

Sat Nov 19, 2022 12:26 am

I am trying to do PCC in ros7 but it won't work for some reason. It seams to break the moment I mark packets with routing marks.
I tried to simplify it and see if the simple approach works but nothing.
So my latest config is a new routing table, one rule to mark routing to that routing table and one route to 0.0.0.0/0 with that routing table and it won't work.
The same route works if I add a route policy rule and force the packet to that routing table without marking the packet.
Some parts of the configuration follows
/routing table
add disabled=no fib name=home5g
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address-list=!RFC new-connection-mark=CM-HOME passthrough=yes src-address-list=RFC
add action=mark-routing chain=prerouting connection-mark=CM-HOME new-routing-mark=home5g passthrough=yes
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.255.254.1 pref-src="" routing-table=home5g scope=10 suppress-hw-offload=no target-scope=10
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: ROS7 and mark routing issue

Sat Nov 19, 2022 2:17 pm

You mark routing based only on connection mark => you mark packets in both directions => you're sending incoming packets from internet back to internet. It might have worked in v6 if you had routing rule for local subnest, but not anymore: viewtopic.php?p=956630#p956630

It would be also good idea to add connection-state=new to connection marking rule, no need to mark it over and over again.

Who is online

Users browsing this forum: No registered users and 74 guests