Dual Network Routing question

GeekPatrolMiller · October 10, 2013, 9:11pm

I have a RB493 / ROSv5.25 connecting one LAN to two other LANs as shown here

/ip address print
 #   ADDRESS            NETWORK         INTERFACE                                
 0   192.168.10.1/24    192.168.10.0    Local                                    
 1 D 192.168.7.64/24    192.168.7.0     WAN1                                 
 2 D 192.168.1.65/24    192.168.1.0     WAN2

The desire is to have only specific traffic pass through one network and all other traffic pass through the other network.
I created a mangle rule that looks like this:

/ip firewall mangle print
 0   chain=prerouting action=mark-routing new-routing-mark=web_traffic passthrough=no protocol=tcp dst-address-type=!local in-interface=bridge1 dst-port=20,21,22,23,25,53,80,110,443,587,992,993,995

I also have a routing table that looks like this:

/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.254 routing-mark=web_traffic scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.7.254 scope=30 target-scope=10

I have a NAT config that looks like this:

/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=WAN2-NEW
add action=masquerade chain=srcnat disabled=no out-interface=WAN1-OLD

Very basic and simple and it mostly works… But… There is always a but…
From time to time and at random intervals no traffic is passing through the router. For example, pinging from the router console while also pinging from a PC behind this router receives a “Net Unreachable” message to appear randomly at times and sometimes it is the majority of the time as seen here:

4.2.2.2                                    56  55 30ms 
4.2.2.2                                    56  55 30ms 
192.168.7.254                              56 255 0ms   net unreachable          
4.2.2.2                                    56  55 31ms 
192.168.7.254                              56 255 0ms   net unreachable          
4.2.2.2                                    56  55 32ms 
    sent=1140 received=766 packet-loss=32% min-rtt=26ms avg-rtt=30ms 
   max-rtt=49ms 
HOST                                     SIZE TTL TIME  STATUS                   
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 1ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable          
192.168.7.254                              56 255 0ms   net unreachable

This thing can go for days with no issues at all and then it will act up for a part of a day or like this time for nearly two full days straight.
Are there any suggestions in how I could diagnose this issue and or suggestions on any router programming changes that should be made.

Thank you in advance for any assistance you might be able to forward.

GeekPatrolMiller · October 11, 2013, 2:25pm

I am interested in hiring some additional assistance in resolving this issue. Contact me with your proposed rate if you are interested. gmiller[AT]geekpatrol.com