Dynamic Dual WAN Failover using Route Distance

gazingbazooka · May 11, 2020, 7:58pm

I know this must have been posted many times and I have seen all those posts. Most talk about static IP/Gateway which I do not have. My setup is RB2011 or RB3011 with a Dynamic Internet connection + PPPoE DSL for failover.

My current failover strategy is: move the physical cable over (much to be desired)

What I would like to get to is this: https://www.prinmath.com/ham/mikrotik-failover.htm

/ip route
add gateway=10.0.1.1 distance=1 check-gateway=ping  comment=Primary
add gateway=10.0.2.1 distance=2                     comment=Secondary

This seems straight forward enough but I’ve failing at the pre-requisite of setting up the routes with the gateway. Some posts mentioned that the dynamic IP is fine and the Gateway will be static from my ISP but that does not seem to be the case. I’ve been monitoring my IP and Gateway from my Cable ISP as well as my DSL ISP and not only does the IP change but the Gateway changes as well.

Is there a way I can use this clean router WAN failover without resorting to any netwatch scripting?

sindy · May 11, 2020, 8:18pm

For both DHCP and PPPoE, there is a way to run a script each time the IP configuration is assigned/changed, and from these scripts, you can access a variable which contains the IP address of the currently assigned gateway. So instead of setting use-default-route to yes (and default-route-distance to some useful value), you can use these scripts to modify your statically configured route (with check-gateway=ping) whenever the assigned gateway address changes.

See an example of such a script for a DHCP client here - you’d just have to modify the route selection part.

For the secondary route, setting default-route-distance of the /interface pppoe-client row to 2 is all what you need, but if you eventually want to do more, you cannot attach a script directly to /interface pppoe-client row, you have to use an on-up script in /ppp profile assigned to the row.

Monitoring just the availability of the WAN gateway itself is not much simpler than monitoring that the internet can be actually reached through that gateway, using the recursive method described at the same page you refer to.

gazingbazooka · May 12, 2020, 12:28am

That’s it! Thanks so much. I was trying to use net watch to check for the new IP. This is what I needed. I didn’t realize you can have a script on DHCP Client changes.

For PPPoE it just needs to sit there till it gets lit up as a backup when primary goes down. Nothing fancy needed there.

anav · May 12, 2020, 2:03am

How does your script compare to this one without any use of marks…?

/ip dhcp-client
add add-default-route=no comment=defconf dhcp-options=hostname,clientid
disabled=no interface=Eastlink_eth1 use-peer-dns=no use-peer-ntp=no
(my secondary ISP)

add default-route-distance=255 dhcp-options=hostname,clientid disabled=no
interface=vlanbell script=“:if ($bound=1) do={ /ip route set [find commen
t="BellFibre"] gateway=($"gateway-address") disabled=no; :log warning
_("New ISP1 gateway: ".($"gateway-address")) }” use-peer-dns=no
(my primary ISP)

I separate primary and secondary by distance in routing and I also use recursive routing.