MikroTik

Hi all,

I have a MIK and Cisco device that have IP connectivity between them. I have a GRE tunnel configured between them and they have full connectivity on the outside and inside the tunnels. Everything pings fine.

On the MIK end, I need the GRE tunnel to be inside a VRF as I am expecting lots of overlapping IP address (per customer type thing).

However, if I *move* the GRE tunnel interface and the GRE source interface into the VRF, connectivity breaks for the tunnel. The *outer" source interfaces can still ping each other, but the GRE will not come back up. Therefore, I reckon it's something missing on the GRE tunnel itself.

Is there anything additional I require on the GRE tunnel to get the GRE tunnel up and running within the VRF? Pre-routing? Post-routing? Mangling?

Thanks.

not working by design. tunels and management interfaces should be on main routing instance.

Hi,

sorry for bringing up old topic.

But I got into same situation, where I needed GRE in VRF.
The thing was that incoming GRE packets were received on phy intf which was really in VRF, but outgoing GRE packets were being sent from other phy interface in main table.
Even though local-address in GRE intf config was set to IP of intf that is in VRF. Weird, but that's how it is.

Solution was to add in /ip route rule basically PBR rule which says if traffic is sourced from subnet in which real intf has IP, do lookup into VRF table.

/ip route rule
add src-address=10.100.2.0/24 action=lookup table=VRF_Traffic

Pretty similar to how to enable BGP in VRF, I used same thing.