Hi, I have routing decision problems in the following scenario:
-There are two providers, using wlan1 and wlan2, both public IPs.
-MX10 is in 212.x.x.4 and MX20 in 217.x.x.4/24.
-wlan1 has a gateway-checked default route, while wlan2 has a +2 distance gateway-checked default route.
-MKtik is src-natting the local 172.20.0.0/24 network and dst-natting dst-port 25 on both interfaces.
The problem is:
How to mangle and route to get the traffic with destination 217.x.x.4 (MX20, the backup gateway) routed back using the backup gateway in case that default gateway (primary) isn’t faulted.
After some testing, I get ICMP correctly replied but none of the TCP (smtp) sessions to 217.x.x.4 are working. The ones with destination to 212.x.x.4 are working correctly
Do I have to mark connections, then mark packets and then route mark them. And if so, in what chains?
Is it possible to do it in route rules only?
Why don’t you add both default gateways but one of them with higher distance. Then set the system to check with ping the gateway. If it is down it will fall back to the backup one. That is the easier solution.
Outgoing traffic (LAN generated) is working properly, in active and in failover scenarios… the problem is when non of them is faulted, so, the default route is through wlan1, and I have incoming traffic destinated to wlan2. The returning traffic responded from the internal server will be routed to wlan1 unless some routing conditions are applied, and the packet will never reach the ending side, because the source of that packet isn’t routable through provider1.
Well if I understand correctly you want to redirect traffic that is destined for a network reciding on the providers 2 network through the providers 2 network not your default gateway. Well you either need to add all the networks of the provider as static routes. Or ask them to use a routing protocol.
It is not possible to do so because the connections going to wlan1 and wlan2 are coming from outside the providers.
I just want to identify which interface was used to serve the request and route the connection back using the route for that interface.
