Another PCC with Failover thread (simple question)

richedav · Sat Nov 19, 2011 3:50 pm

Hi All

Im setting up a 450G with a PCC load balance script but need to include failover - the old TPLINK load balancer ended up with 2 dead DSL lines but still tried to route to the lines as the modem itself was up. Im therefore trying to ping a remote host external(past) the DSL router to make sure there is a working connection prior to using the port.

Eth 1-4 are configured a WAN ports using the following script which was provided by a member here from their website and seems to work well.

/ip address
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3
add address=192.168.4.2/24 network=192.168.4.0 broadcast=192.168.4.255 interface=WAN4

/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_iconn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_conn
add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=WAN4_conn

add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=output connection-mark=WAN3_conn action=mark-routing new-routing-mark=to_WAN3
add chain=output connection-mark=WAN4_conn action=mark-routing new-routing-mark=to_WAN4

add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=LAN

add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/3 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN4

/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 routing-mark=to_WAN3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 routing-mark=to_WAN4 check-gateway=ping

add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 distance=3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 distance=4 check-gateway=ping


/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
add chain=srcnat out-interface=WAN3 action=masquerade
add chain=srcnat out-interface=WAN4 action=masquerade

Im now reading up here, http://wiki.mikrotik.com/wiki/Advanced_ ... _Scripting and it appears to be very simple to add remote failover checks. using the below:

/ip route
add dst-address=Host1 gateway=GW1 scope=10
add dst-address=Host2 gateway=GW2 scope=10

/ip route
add distance=1 gateway=Host1 routing-mark=ISP1 check-gateway=ping
add distance=2 gateway=Host2 routing-mark=ISP1 check-gateway=ping

/ip route
add distance=1 gateway=Host2 routing-mark=ISP2 check-gateway=ping
add distance=2 gateway=Host1 routing-mark=ISP2 check-gateway=ping

My question is, Can I use that code as is (adding checks for the other gateways obviously) , or does it replace any of the code I had previously used regarding the routing marks?

If someone could take the time to post, maybe we could add a definative working PCC load balance with failover script to the WiKi as it appears to be a frequent question.

Many thanks

TheWiFiGuy · Wed Jan 25, 2012 9:02 pm

Did you get anywhere with this?

Is it possible to check a remote IP address to make sure the DSL is working rather than the DSL modem? Ive had about 400 emails today where a links been going up and down and the PCC script is trying to send traffic out a non working dsl connection.

If not is there another way to best impement this? netwatch?

omega-00 · Fri Jan 27, 2012 4:09 pm

I would personally recommend bridging the modems through and doing PPPoE on the MikroTik, then you can be sure of any drops as the PPPoE connection itself will disconnect

Another PCC with Failover thread (simple question)

Another PCC with Failover thread (simple question)

Re: Another PCC with Failover thread (simple question)

Re: Another PCC with Failover thread (simple question)

Who is online