Dual-WAN failover using recursive route not working

lazynooblet · March 23, 2024, 6:21pm

Hello Mikrotik Experts!

Hoping one of you guys can see where I’m going wrong.

Setup:

WAN1, DHCP
WAN2, PPPoE
Recursive route for WAN1
Static route entry for WAN2, higher metric
Scripted configuration for recursive route rules due to DHCP requirement

I just want it so that if WAN1 goes down, WAN2 will auto-take over. WAN2 is slow, so is /only/ used for backup

I want to use recursive routing using two distinctive gateway tests. I’ve configured it currently for one to use Google and the other Cloudflare.

WAN1 went offline for an hour this morning, and I had to disable the eth1_wan1 ROUTE rules to get WAN2 to kick in, so its obviously wrong.

Current routing config

/ip route
add comment="TAG: eth1_wan1 ROUTE GOOGLE" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=8.8.4.4 pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=12
add comment="TAG: eth1_wan1 PING GOOGLE" disabled=no distance=1 dst-address=8.8.4.4 gateway=82.x.x.x pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=11 vrf-interface=eth1_wan1
add comment="TAG: eth1_wan1 ROUTE CLOUDFLARE" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.0.0.1 pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=12
add comment="TAG: eth1_wan1 PING CLOUDFLARE" disabled=no distance=1 dst-address=1.0.0.1 gateway=82.x.x.x pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=11 vrf-interface=eth1_wan1
add comment=ROUTE_WAN2 disabled=no distance=5 dst-address=0.0.0.0/0 gateway=eth2_wan2__pppoe_zen pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10

anav · March 23, 2024, 7:10pm

Complete config required for analysis ( minus router serial number, public WANIP information, keys etc.. )
From the displayed information separate the two dns by distance, so the cloudflar ones should both be disttance=2
What is vrf-doing on wan interfaces ???

lazynooblet · March 23, 2024, 8:57pm

Thanks for the reply.

The routing table is the only relevant part

When WAN1 dies, both routes regardless of distance should be disabled, so distance isn’t relevant. But I have changed it, and tested anyway and it still doesn’t work

I think in my trial and error I added these, have removed.

/ip route
add comment="TAG: eth1_wan1 ROUTE GOOGLE" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=8.8.4.4 pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=12
add comment="TAG: eth1_wan1 PING GOOGLE" disabled=no distance=1 dst-address=8.8.4.4 gateway=82.x.x.x pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=11
add comment="TAG: eth1_wan1 ROUTE CLOUDFLARE" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=1.0.0.1 pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=12
add comment="TAG: eth1_wan1 PING CLOUDFLARE" disabled=no distance=2 dst-address=1.0.0.1 gateway=82.x.x.x pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=11
add comment=ROUTE_WAN2 disabled=no distance=5 dst-address=0.0.0.0/0 gateway=eth2_wan2__pppoe_zen pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10

I think I may just switch this to a net-monitor script instead.