I’m currently planning/testing a dual WAN setup with failover, but no load balancing needed. I’ve read through several topics here, but I’m not sure if the information I gathered so far is enough.
One connection is made via DSL, the other is static IP. For NAT and VPN I need both WAN IPs available?
If I disable the “add default routes” for the pppoe client of the DSL line, I should be able to set up the routes manually, right?
So I could add two routes for dst-address 0.0.0.0/24 with two different gateways, one the DSL line, the second the static IP line, and giving them different distances should take care of the priority - will that work?
I don’t really know how to set up the failover though. I read about some suggestions using a ping on a internet ip to check if the specific WAN is still alive, but how do I set the default route with that? I can’t use the check gateway with the dst-address of 0.0.0.0/24, can I?
Sorry for all the questions, still working my way into the MT world
The check Gateway with ping does just that, pings the gateway address. It should not care what the dst-address is.
With this setup. If the gateway of your primary internet connection fails to respond then route would disable itself. With a second route setup with the same dst-address but pointing to your secondary gateway plus distance set to 2. This would give you fail over with out load balance.
-Louis
The ADSL connection will have a dynamically added gateway, the static WAN is known to me. So it is really only seting up the second route with a higher distance? That would be really easy for a change, will test it Wednesday.
The check Gateway with ping does just that, pings the gateway address.
That’s not good idea for (A)DSL modems, because default gateway is modem itself.
If modem is powered default gateway is always reachable, even if not connected to telephone line.
Thanks everyone for your suggestions.
The bad thing is, I can’t test it at home without any trouble around, because I only have one WAN connection here. And if I test live, I can’t do too much testing because of the potential down time
So I’m not really sure if it works the way I want it to. Since I use the MT to do the PPPOE dial in, so adding a higher distance to the second GW should work.
I’ll look into your wiki ditonet later tonight, but I’m not sure if that really applies to my situation, since my second WAN is a pure backup WAN, normally no traffic is supposed to go through it. That still confuses me a little in your wiki example. But as I said, I’ll look into it later tonight and try to prepare it for tomorrow.
Thanks
I have tired of using single ping routines to determine WAN up/downtime. Too many false alarms, changeovers in seconds etc.
This multiple ping solution in use on my system monitors the first IP on the ISP’s network as seen in a traceroute from the router to (for example) www.google.com. The script is called by schedule named “Check gateway A”. A simple netwatch on that same IP is enabled if the muiltiple ping fail count reaches 6, then the schedule is also turned off. When Gateway A comes back on, the netwatch turns the schedule on, and turns the netwatch (itself) off.
{:local a 0;
{:do {:set a ($a + 1)} while (($a < 6) && ([/ping 192.168.150.51 interval=3 count=1]=0))};
:if ($a=6) do={:log info "Gateway A down"}
:if ($a=6 && [/ip route get [find comment="Group A"] gateway]=10.254.240.250) do={/ip route set [find comment="Group A"] gateway=10.254.220.250}
:if ($a=6 && [/ip route get [find comment="Group B"] gateway]=10.254.240.250) do={ /ip route set [find comment="Group B"] gateway=10.254.220.250}
:if ($a=6) do={/tool netwatch set [find comment="GATEWAY NOC"] disabled=no;}
:if ($a=6) do={/system scheduler set [find name="Check Gateway A"] disabled=yes;}
:if ($a=6) do={:log info "DOWN Mail Sent";
/tool e-mail send from=abc@xyg.com subject="Gateway A down - All Traffic now routed via Gateway B since $[/system clock get time]" to="admin@me.com";
}
}
}
Works very effectively, and we don’t get annoying false WAN fail changeovers anymore.
