Mikrotik. How do I force traffic to follow routes created by OSPF in VPN tunnels?

S

SterhXXX2021-09-30 10:28:51

VPN

SterhXXX, 2021-09-30 10:28:51

Good afternoon.
There are 3 incoming Internet channels on the central Mikrotik-e. At the input they are marked with Mangle: I1, I2, I3.
Connections from LAN are marked L1, L2, L3 - for balancing by connections.
Raised 3 gre-tunnels to the branch. Through the tunnel to the Internet channel.
OSPF is introduced to connect local networks.
The problem is that because of the marking, the traffic to the local branch network tries to go through the Internet. The dominance of named routes over unnamed routes, which causes traffic to use marked routes for traffic.

What needs to be done to:
Either OSPF creates named routes;
Or traffic from LAN to LAN went through gre-tunnels.

The task was solved using the Mangle method, but this requires the intervention of the administrator on each router when a new network appears, but I would like automatic configuration using OSPF tools. Perhaps it is worth breaking into zones, into different instances of OSPF (tried - did not work)?

PS: gre-tunnels are working. From router to router, traffic goes as intended - along OSPF routes. The problem is with traffic from LAN to LAN.
It is known that there is a way. It's just that no one wants to share knowledge. TP said that it is in their manuals (sent to ..., in short)

For visual understanding, I stuck a picture.

This is a paraphrased and clarified question: https://qna.habr.com/q/1054024

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

SterhXXX, 2021-10-01
@SterhXXX

I found out everything: it is impossible to solve this problem exclusively using OSPF on Mikrotik equipment. This task is solved either through Mangle (in my case, I wrap traffic before marking), or through IP -> Routes, or rather, through policies (PBR). As a result, both there and there it is required to adjust the admin handles. (((
It's a pity!

A

Alexander Karabanov, 2021-09-30
@karabanov

routing-table (name of routing table;)	- the routing table this OSPF instance operates on

routing-table is a property of the OSPF instance.
Mikrotik OSPF
OSPF Case Studies and Solutions
The previous question sounded strange. This one is a little better.
I have never come across the term named route, but the user's routing table is. Probably no one who read your question understood what you were talking about. I accidentally guessed.
routing-mark that you set up in Mangle are the names of the routing tables.
Your goal is to have the OSPF process add routes to the routing table you create. Apparently you will have to make several OSPF instances.
There is also VRF , maybe you can think of something with it ...
UPD
I think it's enough to launch another OSPF instance that will deal with VPN routes. VRF is not needed here ...

N

nApoBo3, 2021-09-30
@nApoBo3

Do balancing means of OSPF.

PS: gre-tunnels are working. From router to router, traffic goes as intended - along OSPF routes. The problem is with traffic from LAN to LAN.

If you have two different routes through one router to one endpoint, then you have to take into account other factors when routing, apparently in this particular case this is marking.

It is known that there is a way. It's just that no one wants to share knowledge. TP said that they have it in their manuals (sent to ..., in short)

This is not a resource for crying, no one should share anything with you, mikrotik has a large amount of documentation and courses.