I have a setup where i'm using two Bonded EoIP tunnels for wan redundancy.

Each tunnel go to the same destination IP on Internet, but need to flow through a different ISP.

I have two interfaces for Wans, one for ISP1, the other for ISP2. Each one has a single public IP.


I can't find a way to route EoIP tunnel 1 packets through ISP1, and EoIP tunnel 2 packets through ISP2.

I tried to set a routing mark in output mangle, but it is not possible to filter according to source mac address, the only thing according to me able to differentiate each tunnel (except tunnel ID).

I tried connection tracking at inbound traffic, but unfortunately, GRE tunnels are connection less. Seems like we need a service-port helper here.


I remember i was able to do this with Shorewall version 4.


Does anyone know how to do this ? Seems like i miss something simple.


Thanks for your help

Nobody can help ?

I asked to mikrotik support, they reply that it is possible to filter according to src mac address in mangle.


But when i try to do this, on output chain, it gives me an error : "not possible to use src mac filtering on output mangle".