Routing mark and packet sniffer issue
Posted: Tue Apr 18, 2017 11:48 am
Hi All,
firstly I would like to apologize if my question regards yet covered topics, but even trying to dig into forum and wiki I didn't found nothing.
Scenario
Router Mikrotik RB750 GR3
PPPoE connection to my ISP
VPN connection (router act like a OPENVPN client)
In order to redirect traffic through the VPN I'm just trying to use connection marking and route marking.
Firstly I've created a static route with dedicated routing mark that acts as default GW.
After that I've modified the MANGLE table withing the firewall rules in order to mark new connection and then add a routing mark to that VPN GW.
The whole structure is just working fine but with orrible throughput.
If I decide to start inspecting what's going on, using packet sniffer tool, everithing starts working fine, and I can gain full throughput!
If then I switch off packet sniffing everithing fall back the orrible previous situation.
What the packet sniffer tool changes ?
I only saw that, according to fasttrack rules, all the dummy rules are just skipped (counters not incremented) while packet sniffer is enabled. Standard fasttrack REAL rules behave
in the same way, with or without packet sniffing running.
The packet sniffer configuration doesn't influence at all this strange behaviour, is just needed to be up and running regardless of interface or filtering (tried also with an unused ethernet interface...)
Any hints on this strange behaviour ?
Thank you
firstly I would like to apologize if my question regards yet covered topics, but even trying to dig into forum and wiki I didn't found nothing.
Scenario
Router Mikrotik RB750 GR3
PPPoE connection to my ISP
VPN connection (router act like a OPENVPN client)
In order to redirect traffic through the VPN I'm just trying to use connection marking and route marking.
Firstly I've created a static route with dedicated routing mark that acts as default GW.
After that I've modified the MANGLE table withing the firewall rules in order to mark new connection and then add a routing mark to that VPN GW.
The whole structure is just working fine but with orrible throughput.
If I decide to start inspecting what's going on, using packet sniffer tool, everithing starts working fine, and I can gain full throughput!
If then I switch off packet sniffing everithing fall back the orrible previous situation.
What the packet sniffer tool changes ?
I only saw that, according to fasttrack rules, all the dummy rules are just skipped (counters not incremented) while packet sniffer is enabled. Standard fasttrack REAL rules behave
in the same way, with or without packet sniffing running.
The packet sniffer configuration doesn't influence at all this strange behaviour, is just needed to be up and running regardless of interface or filtering (tried also with an unused ethernet interface...)
Any hints on this strange behaviour ?
Thank you