I’m trying to set up a home network with two WANs. One is high speed, but capped. The other is lower speed and uncapped. It would be nice to switch back and forth between them easily. For example, each computer would normally use the lower speed one, but could switch to the high speed one if the speed was needed. I’ve looked at various posts and have things set up where I can use either WAN one at a time. Currently I have the low-speed WAN configured for port 1 and the high-speed configured for port 9. But I only connect them one at a time. I have some computers connected to the other physical ports, but am using the WiFi for most devices.
I’ve seen posts about having the dual WANs load balance or fail-over, but that’s not what I’m interested in. Also, I don’t have specific computers going to specific ports to control what WAN to go through. I want to be able to set something on the individual computer that tells it what WAN to use (for example, change the IP from one range for low-speed, another range for high-speed or the gateway to use …).
Related, I also want to be able to use OpenDNS regardless of the WAN used. That means setting the DNS nameservers to specific, static addresses. Is this possible? In other words, would the IP resolution occur at the MikroTik or at the WAN modems/routers? Would the MikroTik dynamically / automatically use whatever DNS nameservers the WAN modems/routers are using? This is a big question because one the of modems has DNS nameservers that are not configurable by the user. If that gets automatically used by the MikroTik, it will circumvent OpenDNS. I can (and will) check whether it currently does this. But that won’t tell me how a change of configuration would affect it.
The opendns part is easy, the other request may not be possible.
The only solution I can think of is have each user go into the computer and manually change the IP address/subnet to match what is setup on the router to use a specific WAN.
Of course there are brainiacs here who can dream up almost anything so its possible I just cant think of how.
At any OS, Windows too - you can mark outgoing connections/packages with differ DSCP tag, this can be read by MikroTik and use other policy in Mangle. That way your PC can use differ WANs per differ software. Some time ago I do a rule that WinBox at my PC ONLY can go out … to secure that only my PC from my LAN can use winbox.
Check what you have configured and in operation first, so we don’t go down a blind alley.
Then also decide whether you want to dish out OpenDNS servers to your connected devices via DHCP, or do you want them to use the Mikrotik as local DNS server with the Mikrotik itself looking to OpenDNS. Second option allows you to add static entries for your local devices, and means that look ups are cached locally.
Why does ether2 have the 88.1 address subnet assigned to it?
You stated it was part of the bridge?
Then you have the bridge a single address.. 88.2.
Me thinks you are confused??
Comments from comparing with my configuration, where I do the same with DNS - router uses Open DNS but the DHCP clients lookup from the router. I think you need to add the DNS option into your DHCP server config.
Personal preference (which I can see I haven’t followed 100%) is to remove the “comment=defconf” from any item that I modify. Because obviously if it’s modified it’s no longer default configuration.
I added the dns-server parameter in /ip dhcp-server network.
/ip dhcp-server network
add address=192.168.88.0/24 dns-server=192.168.88.1 gateway=192.168.88.1
When I try to remove the ip address assignment on ether2, I can no longer connect to the router and have to reset to factory defaults. It comes up with that config on default (assigning 192.168.88.1/24 to ether2).
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2 network=192.168.88.0
Could that be because I should add the other 1st maybe, then delete the ether2 assignment? I think I tried that, but I’m not sure.
I haven’t checked, but it looks like this should make open-dns happy. Good call about getting rid of the defconf comments when I make changes!
You should use winbox (download it from mikrotik’s download server) and connect via MAC … when selecting router from the list of detected ROS devices, click on MAC address rather than IP address. This way you’ll be able to remove LAN IP address without losing management connection.
mkx - thanks for the tip. Sounds like that would make my life much easier if I mess something up!
aesmith - For switching WANs, I’d like the change to happen on the individual PC. One option I thought of was to have each PC use one of 2 IPs (like ...101 or ...201) where the 100 - 149 range would use one WAN, 200 - 249 would use another. Ideally, they’d be separated by a nice even number so it would be easy to remember or I may just write a utility program for the computers that provides a couple of buttons to switch the IP. I also thought about selecting by gateway, but I don’t know if that works. It seems like it would be easy enough to say that IP Range A goes out one port and Range B goes out another. But I sure don’t know how to do it!
A router’s natural behaviour is to route based on destination address. So adding configuration to make the routing decision on some other basis is not quite so easy. I’ve not done this, but I think you could use packet marks or routing marks to do this. I did a quick check and I think it can be done this way ..
Add a new default route via your second WAN, set a custom “routing mark”
2 Add a mangle rule (IP / Firewall / Mangle) to match the traffic that you want to use that route, set action as “mark routing” and set the mark to match your new route.
It might be more efficient to first mark the connection, then a second rule matching the connection mark and applying the routing mark,
