Hi, I've just upgraded my Mikrotik to ROS v7. I have problem to limit (simple queue) my clients, FYI i'm using VRF in my network. Each time i made a simple queue configuration for my client, their network become unreachable. It never happened in ROS v6. Any idea?
Dankie Geoff, ek is lief daarvoor om metal of electronic music te luister terwyl ek werk, baie goeie "zone" music :D! Ek sou my Opeth hemp dra, maar die arme ding is al gaar gedra en ek het jare laas 'n Opeth hemp erens gesien.
Is it possible to use VRF with only one WAN connection? How is two routing tables created (main & vrf2) with one WAN connection (one public IP) on a MT performed?
In the ISP space VRFs are a very crucial part of business. Many times customers will have overlapping IP addresses and you need something like VRFs to provide service to them effectively. There are also ways to span VRFs between different routers using protocols like BGP across the entire ISP network making it a very desirable mechanism. This can also be extremely useful as segregating services. It is commonly used for CPEs (routers at customer site) to separate services like Voice & Data. It is not typically used in a home environment, but can still be useful if you ever need an extra layer of segregation.
Very educational as always :D Are you a doctor ? You certainly have a handwrite like them hehe, maybe if you are going do more tutorials like this maybe it's not a bad idea to get one of thoose cheap graphical tablets so you can write with that instead of a mouse ?
Hehehe I guess I am a network doctor! My handwriting on a tablet might also be just as bad. My wife actually has one of those tablets, maybe I'll test it out on my own machine and see if I can use it in my videos :)
Hi!! Good video!! I have mounted VRF lite in my environment, everything works correctly but when it comes to making the routing rules (for monitoring and other management actions) it does not work for me. The only difference I have regarding your setup is that VRFs are made up of logical interfaces (vlans and wireguard) and RouterOS7. At the time that I add the rules, I only reach the IP's of the interfaces, but not the servers within those vlans. I'm missing something?
Let's suppose that we don't have several vlans delivered by the provider, we only have a wan port, how would it be done in that case? it is not possible to put a single wan port inside several vrf
No, but you could use a technique we use called route leaking to allow vrfs to route between each other. So you could push traffic from a vrf to another using a mangle rule.
Not completely sure what VRF BGO is, will need to google that :) But you can definitely span VRFs or learn routes of the same VRF between different routers by using something like OSPF.
Reference Material:
wiki.mikrotik.com/wiki/Manual:Virtual_Routing_and_Forwarding
help.mikrotik.com/docs/pages/viewpage.action?pageId=328206
GO !!! Super !!
the only great video I found about VRF . thank you so much
Thank you for the kind comment, I appreciate it :)
this got my brain finally working on VRFs clearly ;)
thanks a LOT!!
nice pantera shirt btw.
The best tutorials ever
Excellent Video!!! Very useful also for multi-tenant clients that has overlap IPs for remote support / management
Thank you for this great explanation.
you are awesome man, keep going i also have same passion ❤
Very nice video, TNX.
17:35 but when I do so what advantages I have? Then I can also have both networks in the main routing table?
Hi, I've just upgraded my Mikrotik to ROS v7. I have problem to limit (simple queue) my clients, FYI i'm using VRF in my network. Each time i made a simple queue configuration for my client, their network become unreachable. It never happened in ROS v6. Any idea?
I am new to this. Any recommended reading?
Lekker shirt 👕! 🤘
Dankie Geoff, ek is lief daarvoor om metal of electronic music te luister terwyl ek werk, baie goeie "zone" music :D! Ek sou my Opeth hemp dra, maar die arme ding is al gaar gedra en ek het jare laas 'n Opeth hemp erens gesien.
One confustion , Have you assign 2 IPs on eher1 interface of CPE router ?
Is it possible to use VRF with only one WAN connection? How is two routing tables created (main & vrf2) with one WAN connection (one public IP) on a MT performed?
Thanks. Wonderful 🙏🏻🙏🏻
Most welcome 😊
hi!! how can i port forward a service that are running on pc4 (vfr2)?
nice video, but I am still ttrying to imagine situation in which this will be usefulll
In the ISP space VRFs are a very crucial part of business. Many times customers will have overlapping IP addresses and you need something like VRFs to provide service to them effectively. There are also ways to span VRFs between different routers using protocols like BGP across the entire ISP network making it a very desirable mechanism.
This can also be extremely useful as segregating services. It is commonly used for CPEs (routers at customer site) to separate services like Voice & Data.
It is not typically used in a home environment, but can still be useful if you ever need an extra layer of segregation.
@@TheNetworkBerg - thanks for explanation !!!
Very educational as always :D Are you a doctor ? You certainly have a handwrite like them hehe, maybe if you are going do more tutorials like this maybe it's not a bad idea to get one of thoose cheap graphical tablets so you can write with that instead of a mouse ?
Hehehe I guess I am a network doctor! My handwriting on a tablet might also be just as bad. My wife actually has one of those tablets, maybe I'll test it out on my own machine and see if I can use it in my videos :)
Hi!! Good video!! I have mounted VRF lite in my environment, everything works correctly but when it comes to making the routing rules (for monitoring and other management actions) it does not work for me. The only difference I have regarding your setup is that VRFs are made up of logical interfaces (vlans and wireguard) and RouterOS7. At the time that I add the rules, I only reach the IP's of the interfaces, but not the servers within those vlans. I'm missing something?
Hi again! It's solved. I add new mangle rules for that. (I only had mangle for internet)
Let's suppose that we don't have several vlans delivered by the provider, we only have a wan port, how would it be done in that case? it is not possible to put a single wan port inside several vrf
No, but you could use a technique we use called route leaking to allow vrfs to route between each other. So you could push traffic from a vrf to another using a mangle rule.
please make a video tutorial mikrotik VRF BGO without using MPLS. Example: GGC & FNA routing table.
Not completely sure what VRF BGO is, will need to google that :) But you can definitely span VRFs or learn routes of the same VRF between different routers by using something like OSPF.
VRF with BGP, make video