It seems 7.17 has a problem with VRRP and connection tracking.
I have a setup where two CHRs are connected with a VXLAN (due to corporate BS that does not allow VRRP native)
Connection tracking was turned on in 7.16.X and to my knowledge seems to have worked, - we switched the routers multiple times and never got a complaint that switching routers caused a connection to drop.
Today we upgraded to 7.17 and immediately got a red warning in winbox that connection tracking is not working.
Additional info: I can see traffic on the underlying VXLAN back and forth but VRRP does not seem to be to pass connection information or much of anything else.
what can I do to get connection tracking back online or is that a bug and I will have to downgrade?
UPDATE: Since this is in a PROD environment I could not wait and had to downgrade to 7.16.2 and the problems went away. Same Firewall, same everything, so somewhere there is a bug in the 7.17 VRRP over VXLAN
I have a setup where two CHRs are connected with a VXLAN (due to corporate BS that does not allow VRRP native)
Connection tracking was turned on in 7.16.X and to my knowledge seems to have worked, - we switched the routers multiple times and never got a complaint that switching routers caused a connection to drop.
Today we upgraded to 7.17 and immediately got a red warning in winbox that connection tracking is not working.
Additional info: I can see traffic on the underlying VXLAN back and forth but VRRP does not seem to be to pass connection information or much of anything else.
what can I do to get connection tracking back online or is that a bug and I will have to downgrade?
UPDATE: Since this is in a PROD environment I could not wait and had to downgrade to 7.16.2 and the problems went away. Same Firewall, same everything, so somewhere there is a bug in the 7.17 VRRP over VXLAN
Statistics: Posted by apleschu — Thu Jan 30, 2025 2:39 pm