Dynamic Routing with Wireguard, Optimize your MikroTik network!

Hey guys, just pinning some useful links that you can use to configure Dynamic Routing with Wireguard on MikroTik (Sorry for some pops in the audio, I only realized after recording that the filter was touching the mic and whenever I would hit the table it would make a very slight pop
MikroTik WG:
help.mikrotik.com/docs/display/ROS/WireGuard
MikroTik BGP:
help.mikrotik.com/docs/display/ROS/BGP
MikroTik OSPF:
help.mikrotik.com/docs/display/ROS/OSPF

This video was awesome and fun to follow. you should consider doing a similar one for pfsense although the concept is very similar. A+ to you.

Always pleasure to see new video 😊

🎉🎉🎉🎉 awaiting for it, GURU JI

can i like this video twice? :) thx, nice tutorial

Hello,
everything works, ibgp works - it will break
now i will configure ospf as additional routers
thanks for the material
Regards
Daniel

That was pretty sweet! Using wiregaurd rather than Ipsec seems a more modern method. Also Ive noticed route flapping can occur if you share all routes over the tunnel. Would you be able to address how to mitigate this in a video please

Wow❤❤❤❤

you are so elegant man..! i love your video ..⬆

I managed to do this; I can interconnect two cities using a common broadband link and even mirror a private IP block, making the network of both places appear as if it were the same network

I wonder what to do, if public wifi is blocking "WG" like blocking UDP or something like that. Even using open ports did not made my device to handshake :/ Mostly airport wifi´s. Btw, thanks for your tutorials!

Hey. Could you please do a video where you show how to connect 3 locations with EoIP tunnels over IPsec (do not merge them in a hub) and run OSPF on loopback interfaces on each office router? Then configure iBGP from each loopback and make server's traffic exchange via iBGP with even prefix filtering from wherever point you want? I was told this is good approach to connect 3 offices. Or some other approach to rock solid connections between different locations. Many thanks in advance!

Can you make video explain and example for each mangle chain rule and action rule? I want to understand each how it works

The BGP part was interesting. It seemed l like quite a bit of extra work, and you never noted any potential need for firewall rules. Assuming traffic is coming on the connected routes one would still need some forward chain rules etc. In other words, achieving the same functionality, connecting routers, within wireguard ( allowed IPs, firewall rules, routes if necessary ) on the surface seems actually easier to me. We can also force any subnet through wireguard to use the WAN of another router. Being only a home user, I probably wont need BGP etc, but I think the value must come in economies of scale ( the more complex the connections between routers ) where BGP would really shine. Can you point out some other advantages to the BGP method vice just straight wireguard. Thanks!

Thanks for this beautiful work sir... God bless you so much, I'd like to ask how did you make this topology with that well designed internet ?

I run that with OSPF since a while already. Same way - 0/0 on the WG Allowed nets. Plus a little Route-Filtering. Works neatly and so much more stable than it used to be when I had used SSTP.

I watch your awesome video multiple times to ensure I did not miss a step. Wrote a procedures manual for my setup to have as a handy reference for the topology I have. I have all three routers talking to each other and each router can get to the others LAN. iBGP is working and reflecting the routes. I threw in a road warrior which can connect and see all the networks distributed via iBGP. HOWEVER, my LAN clients (on the hub router), for example my desktop, cannot ping the other LAN addresses across the routers, it can ping the tunnel addresses on both sides of the tunnel, but again, not past the tunnel endpoints. This leads me to believe it has something to do with iBGP. I have gone through the settings over a dozen times and still cannot figure out why my local network clients cannot see the other LANs. Can you offer up any pointers? Thanks!

Awesome stuff. What software do you use for lab simulation?

witam,
świetny materiał, rozumiem że z ospf też będzie działać?
pozdrawiam
Daniel

Hey NetworkBerg! One more great video! Thank you.
I have a question regarding the site-to-site connections setup.
So you used different ports and two separate IP addresses on the Wireguard interface on Site-C to connect from there as the initiator of the VPN tunnels to the other two sites.
What if you did this the other way around; that is: 1) you kept the port number common across all sites; 2) you had only one Wireguard interface with only one IP address on all sites; including Site-C and 3) connect from Site-A and Site-B as the initiators of the VPN communication to the same Wireguard interface (same public key; same port) on Site-C (using of course for all sites Wireguard IP addresses a /29 subnet or any other mask that would permit at least three IP addresses on the same network). Would that work?

@The Network Berg - i don't understand why we need to ticke bgp on output-redistribute since we got RR running. I don't this that is the same case on v6

Please enable OS7 prefix count option as soon as possible

Whhich vpn cheapest then mulvad as wireguard that support mikrotik

Things have changed allot in wiregaurd setups in ver 7.13.1 we need an updated video

Dear which is that cheapest wireguard service provider monthly

Is that method on mulvad

Bro my wireguard show tx error I am using mulvad I need your help

Can one alos run ospf via wireguard

I want to redirect all the remote sites traffic to a firewall below the main router. What should I configure in the main router?