Mangle new routing mark from router traffic
For a long time now I have been steering traffic from the LAN through the router using a <mangle : prerouting : new routing mark> and a routing rule sending that new routing mark out a specific interface. Easy and reliable. Now I want to do the same thing for traffic from the router itself, but it doesn't want to work. It seems the prerouting chain is only for traffic from interfaces, not the router itself, and I can't apply a new routing mark unless it is from the prerouting chain. Catch 22. Am I missing something? Using ROS 6.49.
Hi, Put a rule on the output chain. Something like this should work and be complimentary to your existing rules. /ip firewall mangle add action=mark-routing chain=output dst-address=1.1.1.1 new-routing-mark=ISP1_routing Andy -----Original Message----- From: Public <public-bounces@talk.mikrotik.com.au> On Behalf Of Steve at Digitronics via Public Sent: Saturday, March 2, 2024 3:12 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Cc: Steve at Digitronics <steve@digitronics.com.au> Subject: [MT-AU Public] Mangle new routing mark from router traffic For a long time now I have been steering traffic from the LAN through the router using a <mangle : prerouting : new routing mark> and a routing rule sending that new routing mark out a specific interface. Easy and reliable. Now I want to do the same thing for traffic from the router itself, but it doesn't want to work. It seems the prerouting chain is only for traffic from interfaces, not the router itself, and I can't apply a new routing mark unless it is from the prerouting chain. Catch 22. Am I missing something? Using ROS 6.49. _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
Perfect. Thanks again. -Steve -----Original Message----- From: Andrew Oakeley [mailto:andrew@oakeley.com.au] Sent: Saturday, 2 March 2024 18:23 To: MikroTik Australia Public List Cc: Steve at Digitronics Subject: RE: [MT-AU Public] Mangle new routing mark from router traffic Hi, Put a rule on the output chain. Something like this should work and be complimentary to your existing rules. /ip firewall mangle add action=mark-routing chain=output dst-address=1.1.1.1 new-routing-mark=ISP1_routing Andy -----Original Message----- From: Public <public-bounces@talk.mikrotik.com.au> On Behalf Of Steve at Digitronics via Public Sent: Saturday, March 2, 2024 3:12 PM To: 'MikroTik Australia Public List' <public@talk.mikrotik.com.au> Cc: Steve at Digitronics <steve@digitronics.com.au> Subject: [MT-AU Public] Mangle new routing mark from router traffic For a long time now I have been steering traffic from the LAN through the router using a <mangle : prerouting : new routing mark> and a routing rule sending that new routing mark out a specific interface. Easy and reliable. Now I want to do the same thing for traffic from the router itself, but it doesn't want to work. It seems the prerouting chain is only for traffic from interfaces, not the router itself, and I can't apply a new routing mark unless it is from the prerouting chain. Catch 22. Am I missing something? Using ROS 6.49. _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
Output chain should be your friend here https://wiki.mikrotik.com/wiki/Manual:Packet_Flow Sent from Nine<http://www.9folders.com/> ________________________________ From: Steve at Digitronics via Public <public@talk.mikrotik.com.au> Sent: Saturday, 2 March 2024 18:12 To: 'MikroTik Australia Public List' Cc: Steve at Digitronics Subject: [MT-AU Public] Mangle new routing mark from router traffic For a long time now I have been steering traffic from the LAN through the router using a <mangle : prerouting : new routing mark> and a routing rule sending that new routing mark out a specific interface. Easy and reliable. Now I want to do the same thing for traffic from the router itself, but it doesn't want to work. It seems the prerouting chain is only for traffic from interfaces, not the router itself, and I can't apply a new routing mark unless it is from the prerouting chain. Catch 22. Am I missing something? Using ROS 6.49. _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au
participants (3)
-
Andrew Oakeley
-
Michael Junek
-
Steve at Digitronics