Community discussions

MikroTik App
 
kcauchi
just joined
Topic Author
Posts: 6
Joined: Wed Aug 29, 2012 11:42 am

Configure ISP Redundancy

Tue Aug 06, 2013 2:26 pm

Dear All,

Below find config related to Mikrotik RB750G router, running 6.0rc9.

I am trying to configure ISP redundancy in load-balancing mode through a PCC article. Issue is the secondary doesn't work after the primary connection fails, nor can I use both ISPs in load-balancing mode

Some observations I've noted through WebFig are the following:

Interface>Interface – Ok, Traffic being Transmitted and Received on all interfaces
Interface>Ethernet – Ok, Traffic being Transmitted and Received on all interfaces

DNS – Four set, two for one ISP and two for the other ISP

Firewall>NAT – seems ok, traffic being transmitted and received on all interfaces
Firewall>Mangle – there seems to be an issue here since there is no packets (counter still at 0), both for primary and secondary ISP network addresses
Routes>Secondary ISP Gateway is unreachable for static routes

Routes>Nexthops
Gateway state is reachable for both nexthops


Below I am including extracts of the config.
(Please note that IP addresses/MAC Addresses have been left out and replaced with Text).

Should you require further info please let me know



[admin@MikroTik] /interface> print
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R WAN2 ether 1500 1520 1520 -
1 R ether1-gateway ether 1500 1520 1520 -
2 R ether2-master-local ether 1500 1520 1520 -
3 XS ether4-slave-local ether 1500 1520 1520 -
4 XS ether5-slave-local ether 1500 1520 1520 -

---

[admin@MikroTik] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK INTERFACE
0 ;;; default configuration
192.168.88.1/24 192.168.88.0 ether2-master-local
1 ;;; Internet Primary
ISP1 IP Address [ISP1 Network Address] ether1-gateway
2 ;;; Internet Secondary
ISP2 IP Address [ISP2 Network Address] WAN2

---



[admin@MikroTik] /ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting action=accept dst-address=[ISP1 Network Address] in-interface=ether2-master-local

1 chain=prerouting action=accept dst-address=[ISP2 Network Address] in-interface=ether2-master-local

2 chain=prerouting action=mark-connection new-connection-mark=ether1-gateway_conn passthrough=yes
in-interface=ether1-gateway connection-mark=no-mark

3 chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes in-interface=WAN2
connection-mark=no-mark

4 chain=prerouting action=mark-connection new-connection-mark=ether1-gateway_conn passthrough=yes
dst-address-type=!local in-interface=ether2-master-local connection-mark=no-mark
per-connection-classifier=both-addresses:2/0

5 chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
dst-address-type=!local in-interface=ether2-master-local connection-mark=no-mark
per-connection-classifier=both-addresses:2/1

6 chain=prerouting action=mark-routing new-routing-mark=to_ether1-gateway passthrough=yes
in-interface=ether2-master-local connection-mark=ether1-gateway_conn

7 chain=prerouting action=mark-routing new-routing-mark=to_WAN2 passthrough=yes
in-interface=ether2-master-local connection-mark=WAN2_conn

8 chain=output action=mark-routing new-routing-mark=to_ether1-gateway passthrough=yes
connection-mark=ether1-gateway_conn

9 chain=output action=mark-routing new-routing-mark=to_WAN2 passthrough=yes connection-mark=WAN2_conn

10 chain=prerouting action=accept

--------------


[admin@MikroTik] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 X ;;; default configuration
chain=srcnat action=masquerade protocol=0 out-interface=ether1-gateway

1 chain=srcnat action=masquerade out-interface=ether1-gateway

2 chain=srcnat action=masquerade out-interface=WAN2

--------------

[admin@MikroTik] /ip route> print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 ISP1 Gateway 1
1 S 0.0.0.0/0 ISP2 Gateway 1
2 A S 0.0.0.0/0 ISP1 Gateway 1
3 S 0.0.0.0/0 ISP2 Gateway 2
4 ADC 192.168.88.0/24 192.168.88.1 ether2-master-local 0
5 ADC ISP1 Network Address ISP1 Static IP ether1-gateway 0
6 ADC ISP2 Network Address ISP2 Static IP WAN2 0

---------------

Who is online

Users browsing this forum: erlinden, Google [Bot] and 38 guests