Skip to main content

RDMA with QLogic FastLinQ 41xxx and 45xxx (qedentv) on ESXi

So, all the infos I'm giving here can be found in VMware KBs or on the HPE support site, it just took me literal days to find them. My problem was to get RoCEv2 running with the qedentv driver on ESXi, the driver alone doesn't support RDMA. However, the driver comes in a package of 4 drivers or modules where qedrntv does support RDMA. I suspect the "e" in qedentv stands for ethernet and the "r" in qedrntv stands for RDMA? Either way, the solution sounds quite simple, swap out qedentv with qedrntv as the active driver and done. Turns out its not that easy or I wouldn't be writing this...

Read more…

Mullvad WireGuard RouterOS LAN/NAT

LAN Routing

After updating to RouterOS 7.2.3 I noticed that my setup in the previous post still works but the router was unreachable via ping and winbox. So to reach my Mikrotik again I re-did my "noVPN" Mangle rules. I will give these just for IPv4 but something similar should work for IPv6.

The basic idea is to not route-mark anything that is originating from a local interface to a local interface, if we did, it would be send out to Mullvad (or the VPN Provider in general). Since we have to use the prerouting chain we can't use "out interfaces", therefore we will filter by "dst. address" or "dst. address list". I will be doing the example with "dst. Address list" and "in. interface list" because it is the most flexible approach I found. I will be assuming that ether2 and ether3 are LAN interfaces with the IP networks 192.168.88.0/24 and 192.168.89.0/24.

Read more…

Mullvad WireGuard with RouterOS 7

Introduction

After getting a GL iNet travel router and Mikrotik releasing RouterOS 7 I thought it's time to look at a 24/7 VPN connection again. When looking through the VPN services GL iNet suggests, I stuck with Mullvad. So in this post I will explain how I setup my Mikrotik CHR to use Mullvad VPN with WireGuard, implement a kill-switch and use the Mullvad DNS. If you are using RouterOS 7.2 or later read my other post first!

Read more…