MikroTik

mrz

Add path parameter does nothing and you see two active routes because you have incorrect configuration (each receiving peer is running in its own bgp instance).

mrz

This is by OSPF design. An area where the prefix originated is more preferred.

mrz

None of the reported BGP problems are BFD-related or specific to v7.19beta.
One is caused by BGP connection flap with configured input filters other is related to large address lists to be loaded by routing protocols.

mrz

You can match all prefixes in one chain and match against that chain, which works equivalent to prefix lists.

mrz

No, you are not required to build full mesh, you just need to establish iBGP session to route reflector. Reflections are being done on the reflector not the client.

mrz

RFC8950 - Advertising IPv4 Network Layer Reachability Information (NLRI) with an IPv6 Next Hop As of today 2025-03-13 in 7.18.2 it is not possible to route IPv4 over an IPv6 BGP connection. Routes will be displayed on each other router, but is unreachable because of lack of routing via inet6. In Li...

mrz

to send rip metric for redistributed routes "set rip-ext-metric 200;"
but rip metric is not distance anyway.

mrz

Of course, you cannot change distance on remote machines. Distance is a local parameter.

mrz

Not directly. There is an option to use BFD as a gateway check for static routes but it is not yet implemented fully. It does not create BFD session, it can use only existing BFD sessions created by other routing protocols.

mrz

For best path selection to work routes must be received from peers belonging to the same instance:
https://help.mikrotik.com/docs/spaces/R ... hSelection

mrz

@MikroTik i have one request Can the new feature random-source-port be moved ar the server (l2tp-server)? That is really what we need, so we can get multiple VPNs, win & phones, ect. It would be GREAT to have such a feature! :) We are also looking forward to this ... for a very long time... Yes...

mrz

LDP signaled VPLS works
BGP signaled VPLS works
VPNv6 works

either misconfiguration or very specific setup.

mrz

You can monitor OSPF states via API.

mrz

Pls read the forum, not just posting. https://forum.mikrotik.com/viewtopic.php?p=1122915#p1122915 hi oreggin it's seem that you also got U = unreachable status for vpnv6 next-hop any trick to make it active? Currently IPv4 mapped gateways cannot be resolved. You have to change the gateway to valid ...

mrz

In Cisco there is "vrf upgrade cli multi af mode common policies" Seems that the equivalent to that is missing in RouterOS. Today, in RouterOS v7, exists the objects: /ip/vrf/ /routing/table/ /routing/bgp/vpn/ The meaning of all those has some intersection, but only /routing/bgp/vpn/ allo...

mrz

In /mpls/settings you can disable/enable mpls fast path. You cannot disable/enable it only for VPLS tunnels.

mrz

Yes, a single connection matcher to match multiple incoming session connections is the way. It was designed for such scenarios.

mrz

There is no such thing as a point to multipoint BGP. A session is unicast from one single point to another single point. By configuring the network in connection settings you just allowed listening for incoming connections coming from the specified subnet (a convenient way to have less static config).

mrz

Address lists are designed to match host addresses in subnets, for firewall and other similar places. So yes, currently it is a side-effect when using address lists to match only subnets.

mrz

/32 routes?

mrz

For ROS v7 you can set /ip settings set icmp-errors-use-inbound-interface-address=yes

mrz

That rule is wrong if you want only default route. That rule will accept all ipv4 routes. Correct rule would be "if (dst == 0.0.0.0/0) { accept } else { reject }" But keep in mind that it will still install routes in the routing table as filtered, to save resources it is better to use inpu...

mrz

To simplify things you can just as your isp to send only a default route.

mrz

OSPF prefers routing within the area even if metrics are lower for the path over the backbone.

mrz

You cannot manipulate p-bit but on the area border router in input chain you can drop any unwanted route from NSSA

mrz

All API supported queries are described in the manual:
https://help.mikrotik.com/docs/spaces/R ... PI-Queries

mrz

Currently, MRT loader is not publicly available.

mrz

It is not a reflector if it has only one BGP peer, where do routes that supposedly should be reflected come from?

mrz

show your bgp connections configuration.

mrz

IPv6 reflector works as expected, it does not change nexthop to itself.
I guess that there are link local gateways in which case changing nexthop is expected behavior.

mrz

Currently answers are No and No.

mrz

If you actually read OP you will see that it has nothing to do with label distribution protocols, there is zero need of such protocols in particular setup. Also, there are no known problems with LDP interoperability with Cisco or other vendors. LDP is implemented according to RFC the same way as for...

mrz

RFC 3021 compliance dictates that assigning the broadcast address of a /31 is not problematic.

OP clearly hows that broadcast address of /30 is used, it has nothing to do with /31

mrz

that is networking basics

mrz

You must not assign subnets broadcast address to host.

mrz

There was a problem with resolving BGP gateways. Next beta version will have the fix.

mrz

Gateway must be resolvable in that particular vrf. If it can't be resolved then there will be empty immediate gateay and route will not be active.

mrz

You don't need BGP session between VRFs, VPN import is done without active session. See the manual:
https://help.mikrotik.com/docs/spaces/R ... uteleaking

mrz

DNS in a VRF still doesn't work... 7.17rc2

As explained already before, setting VRF parameter allows to listen for DNS queries in a VRF. Feature to connect to remote DNS servers via VRF does not exist yet.

mrz

One disabled ovpn-server was/is always there - even if you do not use ovpn server at all.

Configuration is upgraded and new server is created only if in older version at leat one parameter in server configuration was set by you to non-default value.

mrz

You cannot set tables for individual routes but, you can set "routing-table" in BGP connection config. It will add all routes in a specified table.

mrz

Just generate self signed cert on the router itself
All the info is in the manual
https://help.mikrotik.com/docs/spaces/R ... rtificates

mrz

In perfect conditions less than a minute

mrz

I would suggest to look at the packets sniffer before trying to match anything.
If you look at DNS query you will see that what you think is a dot is not a dot. Separator is non-printable character and cannot be matched with "content" parameter.

mrz

And additionally what pe1chl mentioned it is strange that you see this only after upgrade, such behaviour existed for years.

mrz

But how should i sell my colleagues and boss a Solution which is completely randomly deciding to focus on NAS Features when things like HW-accel or proper HA are nothing near ready? If you read this forum then you will notice statements that more than one developer is working on ROS. Adding NAS fea...

mrz

Start by basics, read what is iBGP what is eBGP, and in which case what ASNs should be used.
There are a lot of articles and examples out on the internet, very very basic stuff is also in the manual:
https://help.mikrotik.com/docs/spaces/R ... -BGPBasics

mrz

I do not understand the point you are trying to make from these posts. OP stated that the device is passed, but not recognized correctly by ROS. So you can already assume that all drivers and config for passthrough is set up correctly on the host system. Right? Right. ROS now has enabled the cxgb4vf...

mrz

Yes, passthrough requires a driver on the guest OS, and yes we have added cxgb4vf driver in our latest development branch. v7.17 will have this driver enabled.

mrz

https://help.mikrotik.com/docs/spaces/R ... ientConfig

mrz

container and run whatever you like.

mrz

Yes, route needs to be found before it can be disabled, and it is done by the console script, which adds to computing time even more.
v7 has faster lookup done directly by routing process, but with v6 there is nothing much you can do except reducing amount of routes.

mrz

There is no "discard" in filters, but it I am not sure how it is even related to L3-HW, because only "active" route can be sent to HW.

mrz

use bgp-path-len
list of all the routing filter parameters is in the manual:
https://help.mikrotik.com/docs/display/ ... nd+Filters

mrz

No, it is not 7.17 related at all.
Its a winbox issue, currently use CLI to add path.

mrz

TE is not an interface that you can use for forwarding manually.
TE tunnel is used automatically, for example, on VPLS when src/dst addresses of the vpls tunnel match te tunnel ones.

mrz

Well of course, but for that you need to use the correct names, as I mentioned previously.

mrz

It is not working probably because marks "to_ISPX" are not the same "ISPX"

mrz

Yes, currently it is made as you say, 0=/=3

mrz

Kernel version have been discussed many times before and like it was mentioned before it is being patched, so you cannot say that it is 5.6.3 in the form as it came out in 2020. Kernel version is updated when it is absolutely necessary or the actual gains are worth the effort.

mrz

routing filters

mrz

Send to support packet sniffs of the BGP session form both last working version and from non working version.

mrz

default originate feature for bgp vpn does not exist yet.

mrz

BGP still missing ibgp-rr-client local.role since 7.16

It will be missing because ibgp-rr-client had no special meaning, it is the same as ibgp.

mrz

See documentation when parameters are applied:
https://help.mikrotik.com/docs/display/ ... Rules(ACL)

mrz

it seems vrf-routing is trouble, coming from 7.15.3 static vrf routes were marked inactive and we found no way to get those active, neither deleting, adding new ones, basically all vrf-routes are inactive and show things like: 4 IsH dst-address=0.0.0.0/0 routing-table=main gateway=10.100.6.5 immedi...

mrz

7.16 to 7.16.1 is a minor change.
7.16 to 7.17 is a mayor change.

industry standard MAJOR.MINOR.PATCH

mrz

I don't think that you will see such fundamental rework in any minor release. RouterOS logging has list of topics, there are no strict separation in "severity", "module", "info" etc. List of topics can contain * "module" and/or "sub-module" topics * ...

mrz

Like I already said it is in a todo list.

mrz

Yes, it is like in any other configuration with vrf parameter.

mrz

v7.16rc4 - DNS VRF does not work. When setting: /ip dns set vrf=mgmtvrf the system always sends DNS queries via the main vrf, regardless of this setting. issued SUP-160816 on 2024-07-31 with not a single reaction had the same idea with a mgmt vrf where i needed DNS resolution ... went the "mai...

mrz

And you could use simpler rule:
"if (dst == 0.0.0.0/0) { reject }"

mrz

Even if Google specifies GR as a requirement, it will not change anything you will still be able to establish session. ROS is advertising GR capability.

mrz

Only OSPF and RIP routes can have tags.

mrz

/31 is not supported, use /32

mrz

The detached window feature would make sense if there is only one Winbox instance running at a time. Since mostly several Winbox instances are running, detaching windows would create even more usability issues.

mrz

Not working on windows 7 (still on all my windows machines). Win 7 mainstream support dropped almost 10years ago. Noone in their right mind will deliberately compile their software with old libraries (potentially buggy and most likely breaking experience for newer OS users). If you are not willing ...

mrz

Routing table is 2.5 mill currently. I get 51 routes after 20 seconds, 61 after 25, 74 after 30.. Super slow.. Not to mention ridiculousness of monitoring 2.5 M routes in winbox, winbox 4 is not slower than winbox 3 (loads 400k routes in few minutes on a router with 5.5 M routes). So for the bottle...

mrz

Like the error says, "." is a control character. "\\x2e" is ASCII "."
Instead of "\\x2e" write "\\."

mrz

First of all filters are local to the router, they cannot work differently depending on what vendor is the remote peer.

Second, in your config snipet you are not even using chains where you have added the rules. So if there are no rules in DC-SDWAN-OUT chain everything is rejected by default.

mrz

It appears to be 8year old problem on ubnt
https://community.ui.com/questions/BGP- ... b960b2c617
Maybe it is time to change remote peer to something that actually works correctly.

mrz

Solution for what exactly?

mrz

Filters cannot delete or modify aggregator attribute, but you can filter by atomic-aggregate
"if (bgp-atomic-aggregate) {reject}"

mrz

https://docs.kernel.org/networking/scaling.html

mrz

The first example is used when one hop along the path, not controlled by you, has a lower MTU and path MTU discovery is blocked.
The second example can be used on the router, controlled by you, that is at the edge of the path with the lower MTU.

mrz

Mangle is for marking not for changing source addresses, for that, you have to use srcnat or masquerade on out interface.

mrz

Rn packet sniffer on that session and send pcap file and supout file to support.

mrz

Those routes are completely unnecessary if you do not use VRFs.
But if you use VRFs then here is an example how to properly do it
https://help.mikrotik.com/docs/pages/vi ... uteleaking

mrz

In OP example they are not the same, what is intended is to try to install forwarding path over ether1 twice and through ether2 once, leading to forwarding where ether1 is chosen twice as much as ether2. This is not going to work in v7, because, like I said previously, equal gateways are installed i...

mrz

And if we return to OP, if gateways are equal ROSv7 adds it only once.
So ECMP with gateway x1,x1,x2 will be added as x1,x2 in the FIB.

mrz

However, I could not find where it states explicitly the hashing is used to choose the active route in the case of ECMP. Hashing is not used to select active routes, it is used to select forwarding path of the packet. Selection process of active routes is described here: https://help.mikrotik.com/d...

mrz

Yes, it won't as it was already mentioned before here and in the documentation, because of the reasons I pointed out in my previous posts.
So setting a blackhole route on the edge router is a good practice.

mrz

If you set a static route to point to your downstream then traffic will not be blackholed, it will be routed downstream, but if you do not have routes at all (even no blackhole) and have a default route to upstream, then congratulations you created a routing loop and congested your upstream link. Ba...

mrz

Quite the contrary, it is a bad idea to route traffic inside your network without an actual destination.
Blackholing traffic on the edge prevents it.

mrz

But how can I print the differences between RIB and FIB?

Only active routes are in the FIB.

mrz

I do not know the details of why @br0kenPKI is so upset, but FYI the problem is acknowledged and will be fixed.

mrz

Those are dynamic entries, of course export will not export them.

mrz

/ip/firewall/address-list export where list="your_list"

mrz

As it is described in the article above input and output processes are not handling route calculations. bgp input process receives updates, decodes and sends routing info to main process. Main process is doing the calculations bgp output is similar to input, it "asks" for routes from the m...

mrz

There are certain tasks done by one process, check this article how multicore with routing processes work:
https://help.mikrotik.com/docs/display/ ... re+Support

mrz

ip route print detail where bgp-as-path ~ "30621\$" is not going to work because such parameters do not exist. And even if you do such search in a correct menu with correct parameters you are asking console to run a script that gets whole routing table ( which by itself could take few minu...

mrz

Hm, my device receives an address via dhcp client, but it does not set any routes... Neither default one, nor stateless ones (option 121).

DHCP routes installed with no issues. Contact support.

mrz

In 7.16beta7 ALL (all instances in all protocols) dynamic routing and, for some reason, 6to4 tunnel breaks, when using routing filter rule with "set gw" property.

There is a route crash, will be fixed in next beta.

mrz

It's impossible to tell anything more from a given info, but from a description, it looks like a misconfiguration on the network where one router has forwarding network actually resolvable.

mrz

Read here when forwarding address is added
https://help.mikrotik.com/docs/display/ ... ingAddress

mrz

A remote address and/or common template does not mean that the session runs on the same instance. See documentation for more info:
https://help.mikrotik.com/docs/display/ ... neInstance

mrz

Set BGP properly so that all sessions run on the same BGP instance.

mrz

It's been that way for quite some time already.

mrz

if i add: dst-address=192.168.88.0/24 gateway=bridge1@vrf1 routing-table=main ,===> i can ping the phone, but no access to the phone dst-address=192.168.88.0/24 gateway=vrf1@vrf1 routing-table=main ,======>i can ping the router itslef This is expected. You can reach local table only when gateways i...

mrz

What is really inefficient is smashing your head against a wall due to typo's or not fully understanding the syntax The GUI shows you every potential option, there is no need to go wandering off on a side quest to find out what the capabilities are, or what the correct syntax is For this specific r...

mrz

You cannot set routing marks with filters. To add routes in a specific routing table use routing-table parameter in bgp config.

mrz

routing rule is just a frontend for linux ip rules. Here you will find this "unknown reason":
https://www.man7.org/linux/man-pages/ma ... ule.8.html

mrz

It has nothing to do with script syntax. You should familiarize with the configuration changes between v7 and v6. You can start with this article: https://help.mikrotik.com/docs/display/ROS/Moving+from+ROSv6+to+v7+with+examples In fact syntax highlight will show you exactly where the error is and gi...

mrz

Unless the logs change to include some unique string, number, whatever, per BGP peer or per IPsec tunnel or per anything, regex won't really work.

Have you seen v7 BGP logs? What else is required to differentiate between BGP sessions apart from already logged session name, local/remote address ?

mrz

If you gave a little more detail on new things, people might try them. i.e.

It is in the manual:
https://help.mikrotik.com/docs/display/ ... CMP)routes

mrz

VRF is not the same as routing mark in v7. To be able to use routing mark you need to set it first. To match vrf in the firewall you can use other parameters, for example match on vrf interface. More info on vrf and fireall can be found in the manual: https://help.mikrotik.com/docs/pages/viewpage.ac...

mrz

Set routing filter to reject /32

mrz

ECMP works if there are multiple paths (as name suggests).

mrz

Of course ECMP works, but like I said, FIB will not install multiple same gateways in FIB.

mrz

v7 will not add multiple same gateways in FIB.

mrz

look at the units, GB is not the same as GiB. Disk size is detected properly if you convert form GiB to GB

mrz

You cannot set routing tables with routing filters. You can only install all routes in a specific table by setting routing-table parameter in bgp config.

mrz

Your filters will be converted after the upgrade.
But for differences you can start by checking this article:
https://help.mikrotik.com/docs/display/ ... ingFilters

mrz

It is purely a winbox 3.x issue, unrelated to nftables, iptables, netfilters or anything else.
Like pe1chl already wrote, Winbox takes all routes from routing/route and is applying the filters.

mrz

sorry, but unfortunately no, you can add ipv4 route with ipv6 gateway, not the other way around.

mrz

you can already add static ipv6 routes with ipv4 gateways. But it was not possible to set it with routing filters, let me check now.

mrz

Make a static binding in /interface/l2tp-server menu

mrz

Leak is related to route attributes, so basically any setup where routes are added/removed frequently (like for example flapping tunnels, lots of bgp updates etc.)

mrz

This memory leak is fixed and will be included in the next release.

mrz

Even on cisco forums they have similar suggestions:
see Gopinath_Pigili post:
https://learningnetwork.cisco.com/s/que ... gp-session

mrz

Correct me if I'm wrong, but that is not supposed to work. Mapped ipv4 address is just a representation of IPv4 address in a specific format to be able to store it in ipv6 database. It cannot be used as real address or to be routed. In RouterOS routes with such a gateway will always be unreachable b...

mrz

:toip is a command that converts from one variable type to different one (in this case to IP address type). "1.2.3.4" is a string representing an IP address which can be parsed and converted to IP address type. "google.com" is not a string of IP address, so obviously it cannot be...

mrz

By default ipv4 mapped gateway is installed if the BGP session is also ipv4.
Either change gateway with routing filters or run vpnv6 on ipv6 BGP session.

mrz

- The way the default route is represented is strange:

It is not strange, it is how it is supposed to be when you send ipv6 routes over ipv4 session. It is ipv4 mapped address.

mrz

I guess that the problem is update-source. Look what is happening after upgrade, if local-address is empty, then set it to desired IP address. You can start by checking this article on differences between v6 and v7: https://help.mikrotik.com/docs/display/ROS/Moving+from+ROSv6+to+v7+with+examples#Mov...

mrz

https://help.mikrotik.com/docs/display/ ... marisation

mrz

Add all numbers in num-list, and then use that numlist in a single rule.

mrz

Like I said contact support with all the relevant info.

mrz

If it comes from the downstream customer then it is customer originated route not locally originated route. And it should be investigated why the customer is sending you that route only when you upgrade to v7.15, or maybe it is just a coincidence and has nothing to do with v7.15

mrz

There are no reports indicating that actually v7.15 is the one originating this route, from what is known is what I mentioned previously, route is received from other peer, not originated.
Contact support with supout file and /routing/bgp/advertisements output showing the route you are talking about.

mrz

Check your routing table, I bet there is a route received from some other peer and is not actually locally originated. Trace where this route is coming from.

mrz

Is is-is support wide metic in v7.15 ??

It does:
https://help.mikrotik.com/docs/display/ROS/IS-IS

mrz

??? How not distributing 127.0.0.1 address is "stripping functionality"? It does not even make sense to distribute 127.0.0.1, it is called "localhost" for a reason.

mrz

Internal ID stays the same as long as object exists. It doesn't matter if it is api, rest api or console ID, is the same.

mrz

v7 is correct.

mrz

Like pe1chl said, but if you want to summarize those /32 routes then use "ospf area range".

mrz

currently input.accept-communities does not work as intended, problem is known and it will be addressed in the future.

mrz

Currently not possible

mrz

Like I said, those problems are known and will be addressed in the future.

mrz

Yes, IS-IS is in early development and there are known problems that will be addressed in the future.

mrz

it is not specific to v7.15 so rc3 most likely will not fix your problem.

mrz

Wait for the next RC, there will be potential fix for the problems appeared in v7.15 builds. However there can be other "high CPU usage" causes that are not strictly related to v7.15

mrz

https://help.mikrotik.com/docs/display/ ... ecPolicies

mrz

unfortunately I cannot give you any timeframe.

mrz

All of this is unrelated to 7.15rc release, if you have difficulties etting routing filters or BFD questions then please create a separate topic. Also "BFD for OSPF" means that BFD is used to detect whether the OSPF neighbor is down, it is unrelated to setting check gateways for the ospf r...

mrz

Probably was removed by mistake, it should be reverted now.

mrz

You need to set advertise=yes, because default assumed value is "no".

mrz

Dynamic rules not being removed should be reported to support and fixed. Do you mean not being removed after switching off the feature which created them(like after switching off hotspot)? Yes, if you switch on something that creates the dynamic rules, then those rules must be removed after the fea...

mrz

Dynamic rules are called dynamic for a reason, if you want a specific rule then make a static rule with your specific parameters.

Dynamic rules not being removed should be reported to support and fixed.

mrz

If topics of the log message contains your specified topics log entry is logged, for example "info" will match all that contains "info" ( "info,wireless","info,ospf" etc) You can exclude specific topics, for example: "info,!wireless" will exclude all...

mrz

isis to cisco works for me and there are no isis changes that could break isis with cisco in v7.15beta versions. There must be something specific to your config which is not related to v7.15release

mrz

As it was already mentioned here, BFD for static routes is not ready. Currently BFD session can be created by routing protocols with enabled BFD, static route may use existing session, if destination address match, but it cannot create the new session.

mrz

route will not show if that router is also originating default route and one of the other two routers selected it as best.

mrz

For those who are interested, find the following information: In MPLS (Multiprotocol Label Switching), a passive interface on a Mikrotik router refers to an interface that does not actively participate in the exchange of MPLS labels. In other words, the passive interface on a Mikrotik router does n...

mrz

That passive flag is unrelated to the problem, this is just an additional info that is available in ROSv7.
Passive flag shows if LDP router has active or passive role, more info here:
https://datatracker.ietf.org/doc/html/r ... tion-2.5.2

mrz

To my knowledge none of the MT employees have said that add path is required to install ECMP routes. And if you are so familiar with Cisco, Juniper and FRR and have at least once deployed BGP on the RouterOS you should know what BGP instance is. There is a lot of info all over the internet on what B...

mrz

I agree that for BGP to install ECMP routes, add path is not necessary, but since both ADD PATH and ECMP would need changes in best path selection code, those features should be linked and implemented at the same time. But that's not ECMP. There's nothing looking at the route costs to determine that...

mrz

but you can already have ECMP in any other case, each instance session can install its own best route and form ecmp.

mrz

There is no confusion, for OP setup ADD PATH is necessary.

mrz

THere are possible workarounds that might be implemented in the future, but currently it is as it is.

mrz

This may be by default and supposed to work this way. But, Using bgp, we had accidentally set redistribute static and connected in bgp. We "thought" turning off our output network would turn off any outbound network advertisements. But, that static route still pushed to our upstream. This...

mrz

That setup may work for your needs, but it has its own limitations as described here: https://help.mikrotik.com/docs/pages/viewpage.action?pageId=328206#VirtualRoutingandForwarding(VRF)-StaticVRF-LiteConnectedrouteleaking It is not possible to leak "main" connected routes and be able to re...

mrz

RouterOS does not copy values from template to connection config. Winbox is doing that if you open connection and apply config.

mrz

Template is not mandatory, you can find all your answers in the documentation:
https://help.mikrotik.com/docs/display/ ... figuration

mrz

Of course you will not be able to do that.
A community is a 32-bit value split into two 16-bit sections

mrz

I assume you are trying to advertise smaller subnet than /24 to the upstream. Typically upstream does not accept smaller subnets than 24

mrz

https://help.mikrotik.com/docs/display/ ... figuration

mrz

Then you are familiar what is the purpose of VRF as interface with the linux, the same is with the ROS.

mrz

https://www.dasblinkenlichten.com/worki ... inux-vrfs/

mrz

Lo is not supposed to be attached to VRF.
VRFs have their own vrf interfaces (interface name is the same as vrf name).

mrz

nothing is silently changed, multipath is still not implemented.

mrz

exactly

mrz

common sense would dictate not to use special chars in filenames anyway, especially when one can download files to other systems not supporting specific characters in filenames

mrz

Solution is just like for any other unwanted traffic. You block it.

Or upgrade to v7 and remove all BFD config.

mrz

It is not a bug. Something is sending non bfd packet to bfd port, so bfd reports that it is not a valid bfd packet.

mrz

mrz

I would say that it is misconfiguration. VPNv4 requires at least LDP, otherwiseVPNv4 MPLS label cannot be resolved.

mrz

Local addresses will be reachable starting from v7.15beta

mrz

vrf-interface parameter is just another way to say in which vrf route will be added. VRF is then chosen based on which VRF interface belongs, but since after reboot IPIP tunnel is assigned to "main", route is also moved to main.

mrz

Of course, best path selection never worked if routes are coming from different instances.

mrz

Thanks, confirmed.

mrz

make sure you are running all bgp peers on the sam bgp instance

mrz

https://help.mikrotik.com/docs/display/ ... neInstance

mrz

7.15 beta what? IS-IS is already in v7.14

mrz

its not a valid format, see
https://datatracker.ietf.org/doc/html/rfc7153

mrz

Add VRFs and leak connected routes
https://help.mikrotik.com/docs/pages/vi ... uteleaking

then set up BGP connections between VRFs.
That way you can simulate or fake any eBGP setup you like.

mrz

because connection is a matcher and it can match multiple sessions. That is why session name = connection_name-x

mrz

probably can be used as vrf loopback.

mrz

Please bring IS-IS ipv6

Have you even tried?

mrz

what do you mean?

Search found 7209 matches