I have replaced a client router and am working to finish the configuration with a unique WAN setup the ISP had in place.
I replaced a router supplied by ISP that had two WAN connections. They do not have static WAN IPs officially, but ISP has informed me they have DHCP reservations in place (unofficially).
Here’s an equivalent but fake description of WAN topology:
They are on the same subnet, with the same (single) gateway to WAN.
I’m attempting to load balance between the two connections (testing confirms aggregate bandwidth > either single connection). However, I can not figure out how to force traffic out WAN1.
To be clear, I already have my traffic tagged for the interface I would like it to use, but am unsure how to make it actually happen. My last attempt was adding route marks and distinct src-nat entries using the IP for each interface. However, this resulted in RB sending traffic out WAN2 with both source addresses.
What exactly is the point of such setup? Having same subnet on two different interfaces is wrong. And if even the gateway is the same, I don’t see a way how to force router to use one interface or another (don’t take that as definitive answer yet, I’m still trying to think hard about it ). From your description it sounds like even when currently everything goes out one interface, it can “squeeze in” bandwidth for both connections, which would suggest that ISP limits speed based on IP addresses. If so, why do you care which physical line it uses?
The client is a non-profit, and may have had some string pulling happen at the ISP. For that reason, I’m trying to work with what is present without contacting ISP.
I completely agree this setup is non-sensical, just trying to make use out of what’s already in place. I’m doing further testing to confirm (again) the aggregate bandwidth is higher than a single physical link.
Additionaly, to create a route that “ties” the gateway through an specific interface, just add a percent sign followed by the interface: 10.10.10.10%etherX
On 6.35 an experimental feature was added that can be also be useful for you:
*) firewall - added experimental “action=route” in mangle prerouting - that forces packets to specific gateway by ignoring routing decisions (CLI only);
(ignore the CLI comment, It is already available in winbox on 6.36)
In any case as Sob pointed having two addresses from the same subnet on different interfaces is downright bad practice.
If the ISP is up to, both the ISP and you can save in public IPs by using private addresses for the transit; that will allow you to “float” or move those public IPs to any interface or host that you like, including loopback interfaces (empty bridges not tied to any specific interface).
Oh yeah, 10.10.10.10%etherX, that’s the one I’ve been looking for! I’ve actually only used it before to specify 6to4 gateway and completely forgot about it since then. But I had a hunch there was something. Thanks for refreshing my memory.
So it’s really easy then, you can have two distinct default gateways, even when it’s actually just one, and use them as with standard multi-ISP config:
). From your description it sounds like even when currently everything goes out one interface, it can “squeeze in” bandwidth for both connections, which would suggest that ISP limits speed based on IP addresses. If so, why do you care which physical line it uses?