Baie dankie! I appreciate the kind words and I am happy to continue sharing my experiences with you guys! As long as somebody learns something new from a video of mine then I feel like I have accomplished what I set out to do with this channel.
Thanks for the content sir. just want to ask some further details about the passthrough in mangle, I still can't understand how it works. Thank you for your understanding ^^
Hi @networkberg, I have a question. I have eve-ng comunity and I've noticed for example some things doesn't work in my L2 cisco switch, for example when I type the ip default-gateway in my global configuration, it doesn't take the command. I want to know If that could be a problem with me image or the emulator.
Would it be possible to create mangle rules/PBR for return traffic to internet. I have ISP A-primary(behind a NAT of another router) and ISP B- backup(PPPoE connection from my router). I can only use ISP B to reach my home network from the outside(IPSec tunnel, Port forwarding to internal network devices, etc). Problem is, when I try to access from outside(internet) using the ISP B, the reply traffic going out uses the primary route. I'd like to mark the incoming traffic from ISP B somehow, and make the return traffic for it use the ISP B route instead of the primary route. Any help on this please ?
This is great, but how do I do this for IPv6? I'm tired of getting blocked because I'm using a Hurricane Electric tunnel, because of work stuff, and want to use my ISPs prefix for my own personal traffic.
I have an issue with your example: I have several vlans (say 5 and 10) and 2 WANS. When I added your mangle rule to route VL10 through WAN2, devices in VL10 can no longer ping or access devices in VL5. /ip firewall mangle add action=mark-routing chain=prerouting new-routing-mark=out-wan2 passthrough=no src-address-list="VL10 - Office" /ip route add check-gateway=ping distance=30 gateway=192.168.18.1 routing-mark=out-wan2 When I try to add "out-interface-list=WAN2" to the mangle rule, I get an error "Outgoing interface matching not possible in input and prerouting chains". How do I overcome this limitation? Thank you
Good day I have been so intrigued by your videos. You helped me get to my mtcna last week. Keep up the great work. I was wondering if it would be possible for you to supply us with your EVE labs so that we could follow along to your great videos. Too much love for your media.
OMG, after your videos i realized how bad concept have i on my home network and a bad config in my MT router. Your explanation is crystal clear. I'm so excited to ruin my network and build it up again from the basics. But i will watch your other videos as well first and play it around in my EVE-NG playground :)
@@TheNetworkBerg True, this is an a amazing tool! Is it that a good solution if i build my network in EVE and later just export the config to a real MT?
I would be interested to see how to prioritize traffic - such as VoIP/SIP type traffic. Working on setting up WISP and want to provide VoIP services and want to make sure they will be getting quality calls through the network. Thanks!
For that you want to consider voice VRFs and a dedicated voice network in your backbone. This is typically more complex than what the MTCRE deals with, though it's definitely something many service providers do to provide voice services with guaranteed bandwidth/quality.
Thanks! It's worth to emphasise that while mangles are great, there is a price you may pay: performance. Since CPU is used, and if mangle rule is not crafted carefully (especially with Layer 7 rules), it might seriously affect router speed.
Your explanation is awesome for all the videos you make, can you tell us how to create different routing table on same router without using any protocol and MPLS, also the created routes for other routing table do not fall back to the main table. Is there any way to do that, I will appreciate if you can give any suggestion for this. Looking forward to your reply.
Good work sir. , how about separating traffic on pppoe clients based on their profile(ip pool) sir? Lets say I have two mikrotik routers R1(main router) and R2(pppoe server) connected. Thank you so much sir
Hey man, great video. Can you help me plz? You are the best network person i find in UA-cam. So my problem is i brought a mikrotik hap ac2 router. I am totally noob, i thought its easy like other router. What i want to do is use 2 isp with my router. Right now i only setup router using web gui. Can you please make video on how yo use 2 internet connection using 1 router and port forward isp 1 for Minecraft? Very very appropriate your work
Hello sir, can you make video for viop sitting in mikrotik. imo, whatsapp,line others voice call & video calls bad quality. can you make video for those sitting.
From my point of view, distance is not importantas it looks for the marking-route, only in th ecase that this wan drops and fall to the other. Best regards
Unfortunately I am not allowed to share vendor images like Cisco or Juniper because there are some licensing issues and it would be illegal to do so. As mmrk said MikroTik's images are completely free on their website www.mikrotik.com you can download the CHR images from the software tab.
MikroTik Mangle reference material:
help.mikrotik.com/docs/display/ROS/Mangle
wiki.mikrotik.com/wiki/Manual:IP/Firewall/Mangle
Would be great to know how to do the same stuff on ROS 7.1
Your videos are by far the best when it comes to Mikrotik.
Thank you for the message Christopher, I appreciate it!
I've just searched for this a couple of days ago on how to route just my SIP-Traffic to ISP2. 👍🏻
Thank you for taking the time to share your knowledge and expertise. Look forward to each new video.
Baie dankie! I appreciate the kind words and I am happy to continue sharing my experiences with you guys! As long as somebody learns something new from a video of mine then I feel like I have accomplished what I set out to do with this channel.
Thanks for the content sir. just want to ask some further details about the passthrough in mangle, I still can't understand how it works. Thank you for your understanding ^^
Nice, you are an MikroticMagican! I like that stuff.
Bro, you help us a lot from MTCNA to MTCRE thankyou so much...
It's my pleasure
Thanks a mill dude ! Loving this series on MT.
these videos are just equals to gold. thanks alot sir!
Hi @networkberg, I have a question. I have eve-ng comunity and I've noticed for example some things doesn't work in my L2 cisco switch, for example when I type the ip default-gateway in my global configuration, it doesn't take the command. I want to know If that could be a problem with me image or the emulator.
Would it be possible to create mangle rules/PBR for return traffic to internet.
I have ISP A-primary(behind a NAT of another router) and ISP B- backup(PPPoE connection from my router).
I can only use ISP B to reach my home network from the outside(IPSec tunnel, Port forwarding to internal network devices, etc).
Problem is, when I try to access from outside(internet) using the ISP B, the reply traffic going out uses the primary route.
I'd like to mark the incoming traffic from ISP B somehow, and make the return traffic for it use the ISP B route instead of the primary route.
Any help on this please ?
This is great, but how do I do this for IPv6?
I'm tired of getting blocked because I'm using a Hurricane Electric tunnel, because of work stuff, and want to use my ISPs prefix for my own personal traffic.
I have an issue with your example: I have several vlans (say 5 and 10) and 2 WANS.
When I added your mangle rule to route VL10 through WAN2, devices in VL10 can no longer ping or access devices in VL5.
/ip firewall mangle
add action=mark-routing chain=prerouting new-routing-mark=out-wan2 passthrough=no src-address-list="VL10 - Office"
/ip route
add check-gateway=ping distance=30 gateway=192.168.18.1
routing-mark=out-wan2
When I try to add "out-interface-list=WAN2" to the mangle rule, I get an error "Outgoing interface matching not possible in input and prerouting chains".
How do I overcome this limitation? Thank you
Good day
I have been so intrigued by your videos. You helped me get to my mtcna last week. Keep up the great work.
I was wondering if it would be possible for you to supply us with your EVE labs so that we could follow along to your great videos.
Too much love for your media.
really appreciated your tutorial. Thanks
You are welcome!
when I apply the mangle rule on same seniors it block the trace and ping what is the solutions
OMG, after your videos i realized how bad concept have i on my home network and a bad config in my MT router. Your explanation is crystal clear. I'm so excited to ruin my network and build it up again from the basics. But i will watch your other videos as well first and play it around in my EVE-NG playground :)
Hah! Awesome, you must have fun while doing that and EVE is a GREAT place to learn and do that :D!
@@TheNetworkBerg True, this is an a amazing tool! Is it that a good solution if i build my network in EVE and later just export the config to a real MT?
@@gyorgykovacs6781 yes that work fine
Can i separate youtube and browsing traffic and mangle only youtube traffic ?
I would be interested to see how to prioritize traffic - such as VoIP/SIP type traffic. Working on setting up WISP and want to provide VoIP services and want to make sure they will be getting quality calls through the network. Thanks!
For that you want to consider voice VRFs and a dedicated voice network in your backbone. This is typically more complex than what the MTCRE deals with, though it's definitely something many service providers do to provide voice services with guaranteed bandwidth/quality.
Thanks! It's worth to emphasise that while mangles are great, there is a price you may pay: performance. Since CPU is used, and if mangle rule is not crafted carefully (especially with Layer 7 rules), it might seriously affect router speed.
Wonder if he could use routing rules instead of mangle to keep things like fastrack for connections
What you are using for the Presentation
Your explanation is awesome for all the videos you make, can you tell us how to create different routing table on same router without using any protocol and MPLS, also the created routes for other routing table do not fall back to the main table. Is there any way to do that, I will appreciate if you can give any suggestion for this. Looking forward to your reply.
What kind of map diagram program do you use please?
Good work sir. , how about separating traffic on pppoe clients based on their profile(ip pool) sir? Lets say I have two mikrotik routers R1(main router) and R2(pppoe server) connected. Thank you so much sir
Can you please share the EVE-NG package with Cisco and Mikrotik devices?
Hi The Network Berg, can you please post a video on the best way to ensure same input wan traffic return
Failovers would be good to look at how you manage these 👍
Thansk very usefull💯
Hey man, great video. Can you help me plz?
You are the best network person i find in UA-cam.
So my problem is i brought a mikrotik hap ac2 router. I am totally noob, i thought its easy like other router.
What i want to do is use 2 isp with my router. Right now i only setup router using web gui.
Can you please make video on how yo use 2 internet connection using 1 router and port forward isp 1 for Minecraft? Very very appropriate your work
6:52 what ist "Dude" in the Menu in the winbox?
Thanks
Could you help about BGP With PBR
what will happen if 1 isp will go down?
Hello sir, can you make video for viop sitting in mikrotik. imo, whatsapp,line others voice call & video calls bad quality. can you make video for those sitting.
Changed On Router OS-7
mikrotik version 7
😍😍😍😍😍😍😍😍
RouterOS 7.1.2 changed a little. It became more fun multiwan
Will make a video on it as soon as MikroTik releases a long-term version
@@TheNetworkBerg Can you do an updated video on this using v7? thanks
From my point of view, distance is not importantas it looks for the marking-route, only in th ecase that this wan drops and fall to the other.
Best regards
Can you please share the EVE-NG package with Cisco and Mikrotik devices?
The Mikrotik CHRs are free on the Mikrotik website :)
Unfortunately I am not allowed to share vendor images like Cisco or Juniper because there are some licensing issues and it would be illegal to do so. As mmrk said MikroTik's images are completely free on their website www.mikrotik.com you can download the CHR images from the software tab.