I'm trying to route traffic to some resources through a VPN, but I'm having trouble marking connections with fasttrack enabled.
I'm sure this question has already been asked, but I couldn't find a solution on the forum, sorry.
At the moment I have an additional routing table (RM-VPN):
Code: Select all
/routing table
add disabled=no fib name=RM-VPN
And the VPN route that redirects the traffic:
Code: Select all
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=wireguard routing-table=RM-VPN suppress-hw-offload=no
And also the mangle rules:
Code: Select all
/ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=no-mark new-connection-mark=CM-VPN passthrough=yes
add action=add-dst-to-address-list address-list=VPN-list address-list-timeout=none-dynamic chain=prerouting connection-mark=\
CM-VPN log=yes protocol=tcp tls-host=whatismyipaddress.com
add action=mark-routing chain=prerouting dst-address-list=VPN-list new-routing-mark=RM-VPN passthrough=no
add action=mark-connection chain=prerouting connection-mark=CM-VPN new-connection-mark=no-mark passthrough=yes
The problem is that I want to keep the fasttrack for traffic that is not routed through the VPN in order to reduce the load on the router, and also use mangle marking.
With the fasttrack turned off, this works fine, but with it - incorrectly.
Can you tell me if it's possible to achieve what I want? Thanks in advance.