New to Mikrotik. Have 2 x CCR 1072 (eventually, one warm spare).

We have 4 carrier fibers coming in. Each have a /30 and a /25 routed to a host in the /30.

I'm breaking up the /25 in two /26's and then assigning each /26 to a VLAN with DHCP (static only, MAC reserve) to hand out public IPs.

1. I need to mark each VLAN to route to the appropriate /30 nexthop. I know I have to route-mark, but I'm hoping someone could help show me the best way to do this (most efficient, proper, secure way).

2. I'd like to eliminate as much network noise as possible on the VLANs. We're limiting each VLAN we do to no more than 62 hosts, so broadcast overhead shouldn't be too big of an issue. None-the-less. What I have done so far is the per vlan client limitation mentioned here, and setup ARP to reply-only and set DHCP server to statically add address to the ARP table.

3. Is there a way to default deny all traffic to route, unless its been assigned by DHCP (Address lists maybe?).

I think thats it for now. I'm reading a lot and trying to search for answers, so it's all progress.

Thank you to anyone willing to help.

Hi everyone,

After some research I've concluded on a theory:

Add gateways to Ip->Routes. Set Routing Mark (ISP 1, ISP 2, ISP 3.. etc etc).
Add route rules for each VLAN interface to 'look-up-only-in-table' with intended gateway matching route mark.

All gateways have a mark, effectively leaving 'main' table empty.

It is working now. Any opinion on it being the best way to do this?