Hi there,

I’m relatively new to Mikrotik and Routerboards, and I’d like to implement the script/method as described here: http://wiki.mikrotik.com/wiki/Advanced_Routing_Failover_without_Scripting

Everything makes sense to me, so I understand what the script is trying to do.

However I am getting stuck at the following step:

"Now we create rules for ISP1 routing mark (one for main gateway, and another one for failover):

/ip route
add distance=1 gateway=Host1 routing-mark=ISP1 check-gateway=ping
add distance=2 gateway=Host2 routing-mark=ISP1 check-gateway=ping"

My RB750GL states that the host (8.8.8. I’ve entered into the gateway field is unreachable. I am not sure what I am doing wrong.

I haven’t gone further than this step.

Please see my /ip route export below:

[admin@ITSA750GL] /ip route> print detail
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
0 S dst-address=0.0.0.0/0 gateway=8.8.4.4 gateway-status=8.8.4.4 unreachable check-gateway=ping distance=1 scope=30 target-scope=10
routing-mark=ISP-ADSL

1 ADS dst-address=0.0.0.0/0 gateway=105.236.6.129 gateway-status=105.236.6.129 reachable via pppoe-out-afrihost distance=1 scope=30
target-scope=10

2 DS dst-address=0.0.0.0/0 gateway=192.168.1.254 gateway-status=192.168.1.254 reachable via ether1-adsl distance=1 scope=30 target-scope=10
vrf-interface=ether1-adsl

3 A S dst-address=8.8.8.8/32 gateway=pppoe-out-afrihost gateway-status=pppoe-out-afrihost reachable distance=1 scope=10 target-scope=10

4 ADC dst-address=105.236.6.129/32 pref-src=105.236.202.207 gateway=pppoe-out-afrihost gateway-status=pppoe-out-afrihost reachable distance=0
scope=10

5 ADC dst-address=192.168.1.0/24 pref-src=192.168.1.1 gateway=ether1-adsl gateway-status=ether1-adsl reachable distance=0 scope=10

6 ADC dst-address=192.168.2.0/24 pref-src=192.168.2.1 gateway=ether3-master-local gateway-status=ether3-master-local reachable distance=0
scope=10
[admin@ITSA750GL] /ip route>

Any help would be much appreciated. I have searched the forum but I have yet to find something which solves my issue or makes sense to me unfortunately.

Gateway should be replaced by remote address of this interface.

Thanks for the reply.

I have since changed some of the infrastructure in my network.

Could you please have a look at the following:

[admin@ITSA750GL] > /ip route print detail
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
0 S dst-address=0.0.0.0/0 gateway=196.7.7.7
gateway-status=196.7.7.7 unreachable check-gateway=ping distance=1
scope=30 target-scope=10 routing-mark=ISP-ADSL

1 A S dst-address=0.0.0.0/0 gateway=8.8.8.8
gateway-status=8.8.8.8 recursive via 209.203.18.9 ether2-diginet
check-gateway=ping distance=2 scope=30 target-scope=10
routing-mark=ISP-ADSL

2 A S dst-address=0.0.0.0/0 gateway=8.8.8.8
gateway-status=8.8.8.8 recursive via 209.203.18.9 ether2-diginet
check-gateway=ping distance=1 scope=30 target-scope=10
routing-mark=ISP-Diginet

3 S dst-address=0.0.0.0/0 gateway=196.7.7.7
gateway-status=196.7.7.7 unreachable check-gateway=ping distance=2
scope=30 target-scope=10 routing-mark=ISP-Diginet

4 S dst-address=0.0.0.0/0 gateway=192.168.1.254
gateway-status=192.168.1.254 unreachable distance=1 scope=30
target-scope=10

5 S ;;; ADSL
dst-address=0.0.0.0/0 gateway=192.168.1.254
gateway-status=192.168.1.254 unreachable check-gateway=ping distance=1
scope=30 target-scope=10


I have a question about the following step:

"Now we create rules for ISP1 routing mark (one for main gateway, and another one for failover):

/ip route
add distance=1 gateway=Host1 routing-mark=ISP1 check-gateway=ping
add distance=2 gateway=Host2 routing-mark=ISP1 check-gateway=ping"

It appears as though it doesn’t matter which rule I assign a routing-mark to because the rules for both ISP1 and ISP2 seem to share one another. Is this a problem? I hope I have explained myself properly.

As you can see in the above route export:
1 A S dst-address=0.0.0.0/0 gateway=8.8.8.8
gateway-status=8.8.8.8 recursive via 209.203.18.9 ether2-diginet
check-gateway=ping distance=2 scope=30 target-scope=10
routing-mark=ISP-ADSL

2 A S dst-address=0.0.0.0/0 gateway=8.8.8.8
gateway-status=8.8.8.8 recursive via 209.203.18.9 ether2-diginet
check-gateway=ping distance=1 scope=30 target-scope=10
routing-mark=ISP-Diginet

This one host is being pinged through one interface so what is the function of the routing mark?

Any help would be helpful. The route is failing over but for some reason not all traffic is available over my primary “ether1-adsl” interface. For example, SIP phone registrations don’t work on ether1-adsl but they do work on the failover eter2-diginet.

I’m a little confused!

I'd really appreciate some assistance

I have built a new config and it still doesn't appear to work. I'm not sure why. Please find /ip route export below:

[admin@ITSA750GL] /ip route> export

oct/11/2013 12:07:44 by RouterOS 6.4

software id = K12A-5DQ2

/ip route
add check-gateway=ping distance=1 gateway=196.7.7.7 routing-mark=ADSLISP
add distance=1 gateway=10.1.1.1 routing-mark=ADSLISP
add check-gateway=ping distance=2 gateway=8.8.8.8 routing-mark=ADSLISP
add distance=2 gateway=10.2.2.2 routing-mark=ADSLISP
add check-gateway=ping distance=1 gateway=8.8.8.8 routing-mark=DIGINETISP
add distance=1 gateway=10.2.2.2 routing-mark=DIGINETISP
add check-gateway=ping distance=2 gateway=196.7.7.7 routing-mark=DIGINETISP
add distance=2 gateway=10.1.1.1 routing-mark=DIGINETISP
add distance=1 gateway=209.203.18.9
add distance=1 dst-address=8.8.4.4/32 gateway=209.203.18.9
add distance=1 dst-address=8.8.8.8/32 gateway=209.203.18.9 scope=10
add check-gateway=ping distance=1 dst-address=10.1.1.1/32 gateway=196.25.255.34 scope=10
add check-gateway=ping distance=1 dst-address=10.1.1.1/32 gateway=196.25.255.3 scope=10
add check-gateway=ping distance=1 dst-address=10.2.2.2/32 gateway=208.67.222.222 scope=10
add check-gateway=ping distance=1 dst-address=10.2.2.2/32 gateway=208.67.220.220 scope=10
add distance=1 dst-address=196.7.7.7/32 gateway=192.168.1.1 scope=10
add distance=20 dst-address=196.7.7.7/32 type=blackhole
add distance=1 dst-address=196.25.255.3/32 gateway=192.168.1.1 scope=10
add distance=1 dst-address=196.25.255.34/32 gateway=192.168.1.1 scope=10
add distance=20 dst-address=196.25.255.34/32 type=blackhole
add distance=1 dst-address=208.67.220.220/32 gateway=209.203.18.9 scope=10
add distance=1 dst-address=208.67.222.222/32 gateway=209.203.18.9 scope=10
[admin@ITSA750GL] /ip route>


I feel a little dumb!

Please see my script below based on the Advanced Routing Failover without Scripting page:

#Create routes to gateways
/ip route
add dst-address=196.7.7.7 gateway=192.168.1.1 scope=10
add dst-address=8.8.8.8 gateway=209.203.18.9 scope=10

#Create rules for ADSL routing mark
/ip route
add distance=1 gateway=196.7.7.7 routing-mark=ADSLISP check-gateway=ping
add distance=2 gateway=8.8.8.8 routing-mark=ADSLISP check-gateway=ping

#Create rules for DIGINET routing mark
/ip route
add distance=1 gateway=8.8.8.8 routing-mark=DIGINETISP check-gateway=ping
add distance=2 gateway=196.7.7.7 routing-mark=DIGINETISP check-gateway=ping

#Multiple hosts checking per uplink
/ip route
add dst-address=196.25.255.34 gateway=192.168.1.1 scope=10
add dst-address=196.25.255.3 gateway=192.168.1.1 scope=10
add dst-address=208.67.222.222 gateway=209.203.18.9 scope=10
add dst-address=208.67.220.220 gateway=209.203.18.9 scope=10

#Create destinations to virtual hops to use in virtual routes
/ip route
add dst-address=10.1.1.1 gateway=196.25.255.34 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.1.1.1 gateway=196.25.255.3 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.2.2.2 gateway=208.67.222.222 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.2.2.2 gateway=208.67.220.220 scope=10 target-scope=10 check-gateway=ping

#Add default routes for clients
/ip route
add distance=1 gateway=10.1.1.1 routing-mark=ADSLISP
add distance=2 gateway=10.2.2.2 routing-mark=ADSLISP
add distance=1 gateway=10.2.2.2 routing-mark=DIGINETISP
add distance=2 gateway=10.1.1.1 routing-mark=DIGINETISP

#Workaround for routes not being recalculated after interface goes down
/ip route
add dst-address=196.7.7.7 type=blackhole distance=20
add dst-address=196.25.255.34 type=blackhole distance=20

Alright I found one issue:

There was no route to use my ADSL gateway. Not sure how that happened. I will test if the config works and then repost

Managed to get it working. The above script worked just make sure to set route distances.

It appears to only work when the route distances are set as ADSL 1 and DIGINET as 2. However, when the session goes down on the adsl modem, for example if the telephone line goes down then the route doesnt failover to the diginet line.

I tested this by simply pulling the telephone line out the wall. The mikrotik does not fail over to the diginet and none of the status messages change to remote hosts through the adsl gateway. I’m not sure why that happens.

Hello

I have a problem.
I use basic setup from http://wiki.mikrotik.com/wiki/Advanced_Routing_Failover_without_Scripting
everything work but i have one problem.

When pppoe down my setup works good
When cabel is demage - my setup works good

Problems.

When gateway is up but my ISP have problem with internet
Setup not change gateway.

Sorry for my English

Hello,

Could you update if this solution really works?
I tried a basic configuration and i was not able to get a good result.
I created these two routes:

/ip route
add dst-address=8.8.8.8 gateway=xxx.xxx.xxx.xxx scope=10
add dst-address=8.8.4.4 gateway=000.000.000.000 scope=10

Then ISP routes (I don´t need routing marks)

/ip route
add distance=1 gateway=8.8.8.8 check-gateway=ping
add distance=2 gateway=8.8.4.4 check-gateway=ping

Everything appears to work fine, the problem is when I try to unplug the cable coming from outside from the ISP1 router (not my mikrotik). In this case the route is not disabled and all the internet traffic keep trying to use the first route.

Thank you.
Adrian