i know it sound weird and of course it is but:
Is it possible to run a script, if a certain packet travels the router?
For example: Run a script instead of marking a packet with a routing mark in /firewall/mangle
Why do i need this:
There are some Gateways (i.e. DSL Routers), that are all connected to the internet. On the LAN side, of this routers, is a server (i.e. RedHat Linux on i386 hardware) connected. The gateways do not support any routing protocol.
Now it gets interesting. I want to reach the server via each of the gateways!
The core problem is, that i can’t say wich public IP will reach the server by wich gateway. So i thought about putting a RB between the gateways and the server. The server is reachable by a number of local ip adresses and each gateway will forward the packets for the server to one of the ip addresses. Now the RB can mark the packets. It knows from which public ip it comes from and by the destination IP it knows wich gateway it has passed. With this Information it is possible to set a route for this public ip to the right gateway… baaamm problem solved
If you have any other solution for this routing problem, please let me participate in your knowledge
It’s not possible to do a script on a routing event. Even if was, scripts are too slow for anything reasonable to be doable with them per packet.
One way to do what you want is by using a VPN server. All devices (routers or otherwise) that need to reach the server will be connected to the VPN server, and then access the server by its “local” IP address (which is really the IP assigned by the VPN). No routing to speak of, as far as the server is concerned - just a particular IP in the “local network” that is trying to access it (that you can then tell the server what to do with, if you need different treatment for each device).
RouterOS supports several VPN protocols you can use, depending on what the rest of the devices involve support. But those are if your network setup is as complicated as you make it out to be (and I’m not sure if it really is)… If in reality it’s simpler, you may as well just use dst-nat.
VPN is unfortunately no option for this environment
I thought about dst. NAT too and it will work for a part of the services. It is a bit complicated. Maybe the usecase is too complicated i will think about that.
Whatever. Maybe the “prefered-source” parameter in the routing table will help. Fortunately the software on the server has the information behind which gateway, which client is to find. I hope the software uses the right source adress, if there is more than one. If this is the case, it should be possible to have one default route for every source adress, that is pointing to the right gateway.
but:
