Disclaimer! This is important!
My humble request is that kindly donot consider me as an expert on this stuff, I am NOT certified in anything Mikrotik/Cisco/Linux or Windows. However I have worked with some core networks and I read , research & try stuff all of the time. When you are enslaved by private job & working as one man army, you have to perform many task in which you are not formally trained for. So I am not speaking/posting about stuff I am formerly trained in, I pretty much go with experience and what I have learned on my own. And , If I don’t know something then I read & learn all about it.
So , please don’t hold me/my-postings to be always 100 percent correct. I make mistakes just like everybody else. However – I do my best, learn from my mistakes and try to help others
This post is a sequel of Prevent Mikrotik from Chocking with Cisco Inter-Vlan Routing
If you are running mikrotik DHCP along with VLAN, & you want to get benefits of intervlan routing to avoid local traffic (same network but different subnets/vlans) hitting mikrotik by routing local resource requests through switch level directly. There are 2 options to sort this issue. Either provide the static routes for each vlan which becomes useless if you are using pppoe because as soon as client connected with pppoe, it will get preference over your existing default gateway thus all traffic even the local one will be passing via mikrotik resulting in excessive usage of mikrotik resources. This was discussed in details here.
Far better solution is to avoid providing any default routes to DHCP users but assign them CLASSLESS ROUTES for local resources via your DHCP options, either via Cisco or Mikrotik DHCP server. A classless route adds specified route in clients routing table
In this post we will discuss only about Mikrotik DHCP option 121/249.
- 121 – Generally used for devices / Linux / Mikrotik etc. Option 121 is a RFC3442 *standard*.However, note that DHCP Option 121 is ignored by DHCP clients prior to Windows Vista. O
- 249 – It is the pre-standard Microsoft implemented option for Classless Static Routes (CSRs). It was eventually standardized as option 121. I think 249 is for microsoft only.
Personnel Note: Don’t use both. I think this causes routes to be ignored. If you need to support both older and newer OS, use the option 249.
Scenario:
We assume you have working DHCP for each vlan under Mikrotik.
- Mikrotik interface VLAN-x IP : 192.168.100.1/24
- Cisco switch Vlan-x IP : 192.168.100.2/24
- Mikrotik DHCP assignment for VLAN-x: 192.168.100.10 – 192.168.100.255 [no dns, no gateway]
- Local sharing servers: We have some sharing servers on different subnet on local switch port: 101.0.0.0/8
Now what we want is that our DHCP LAN client 192.168.100.0/24 can access 101.0.0.0/8 via switch intervlan routing directly [via switch vlan port 192.168.100.2]. To achieve this we will assign stateless routes using DHCP options.
Side Note: It strikes me that you have to use classful routes in the Classless Static Routes DHCP Option for older version of windows like XP/2000.
Step # 1
To transfer classless routes to the Mikrotik DHCP server, the option with code 121/249 is used First we need to convert IP to hexadecimal HEX code. If you are a beginner you can simply get the ready made code using this site.
Enter the details as per your local network scheme
For single Subnet:
For multiple Subnet:
You can add ADD NEW ROW to add multiple subnet and gateways to get combined HEX value . Z
Or try
Step # 2
Now we got the HEX value & we can use it in mikrotik dhcp option 121-249 .
- Goto IP / DHCP / OPTIONS / + Add new
Note: Make two entries, one for 121 & second for 249. As shown above !
Step # 3
Now we will add the above option in OPTION SETS , we can include multiple options in the OPTION SETS window
- Goto IP / DHCP / OPTION SETS / + Add new
Step # 4
Now goto IP / DHCP / Double Click on required DHCP & under DHCP OPTION SETS, select the option set we created in Step # 4
Testing …
At client end, renew the IP and you will get all the routes you configured in above steps.
For single Subnet entry:
=========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 101.0.0.0 255.0.0.0 192.168.100.2 192.168.100.254 11 *************** 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.100.0 255.255.255.0 On-link 192.168.100.254 266 192.168.100.254 255.255.255.255 On-link 192.168.100.254 266 192.168.100.255 255.255.255.255 On-link 192.168.100.254 266 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.100.254 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.100.254 266 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 1 306 ff00::/8 On-link =========================================================================== Persistent Routes: NoneFor Multiple Subnet entry:
=========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 10.0.0.0 255.0.0.0 192.168.100.1 192.168.100.254 11 *************** 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 172.16.10.0 255.255.255.0 192.168.100.1 192.168.100.254 11 *************** 192.168.100.0 255.255.255.0 On-link 192.168.100.254 266 192.168.100.254 255.255.255.255 On-link 192.168.100.254 266 192.168.100.255 255.255.255.255 On-link 192.168.100.254 266 221.132.112.8 255.255.255.255 192.168.100.1 192.168.100.254 11 *************** 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.100.254 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.100.254 266 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 1 306 ff00::/8 On-link =========================================================================== Persistent Routes: None
Regard’s
Syed Jahanzaib
Syed Jahanzaib - Personal Blog to Share Knowledge ! 
[…] https://aacable.wordpress.com/2019/12/05/intervlan-routing-with-mikrotik-dhcp-option-121-249/ […]
LikeLike
Pingback by Prevent Mikrotik from Chocking with Cisco Inter-Vlan Routing | Syed Jahanzaib Personal Blog to Share Knowledge ! — December 5, 2019 @ 3:22 PM
Dear Jahanzaib
Thanks for the post, I’m also googling same stuff…. I go through you inter-vlan routing by Cisco Switch… how to make it if my DHCP running in Cisco Switch??
Regards
KK
LikeLike
Comment by kashifzai86 — February 18, 2020 @ 11:54 AM
Boss 192.168.100.2 cisco mien configured karna hai right so aapne cisco switch ki settings mention nahi…
LikeLike
Comment by Waqas Hussain — August 28, 2023 @ 9:52 AM