failover two wan + routing policy

pelli · July 21, 2016, 10:06am

Hello, i need to implement failover for two wan with routing policy.

The scenario is:

lan: 192.168.10.0/24
wan1: 192.168.1.0/24 gw 192.168.1.254
wan2: 172.16.10.2/24 gw 172.16.10.1

i need that all connection go to wan1 except connection to site google.com to go to wan2

if the wan1 down all traffic go to wan2 and after wan1 is ok return to original situation.

I woul use this script for failover http://wiki.mikrotik.com/wiki/Failover_Scripting

any suggestion for policy routing and failover implementation?

Thanks

pelli · August 4, 2016, 8:23am

any suggestion? thanks

pelli · September 6, 2016, 7:02am

any suggestion? thanks

Deantwo · September 6, 2016, 11:56am

Is there any reason you aren’t just using that then?

Even more so the corrected version I already gave you.
See: http://forum.mikrotik.com/t/failover-script/99362/1

Ooh, well, that isn’t really a scripting issue then.

Try adding this:

/ip firewall address-list
add address=google.com list=google.com
/ip route
add distance=1 gateway=172.16.10.1%Wan2 routing-mark=Google
add distance=2 gateway=192.168.1.254%Wan1 routing-mark=Google
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address-list=google.com new-routing-mark=Google passthrough=no

That should make all traffic going to the google.com IP address go out of Wan2. If Wan2 is disable or its gateway unreachable, it should send it out of Wan1.
I guess you can modify the failover script to change the distance of the two google routes too if you want.

pelli · September 9, 2016, 3:43pm

Deantwo:

pelli:

I woul use this script for failover http://wiki.mikrotik.com/wiki/Failover_Scripting

Is there any reason you aren’t just using that then?

Even more so the corrected version I already gave you.
See: http://forum.mikrotik.com/t/failover-script/99362/1

pelli:

i need that all connection go to wan1 except connection to site google.com to go to wan2

if the wan1 down all traffic go to wan2 and after wan1 is ok return to original situation.

Ooh, well, that isn’t really a scripting issue then.

Try adding this:
/ip firewall address-list
add address=google.com list=google.com
/ip route
add distance=1 gateway=172.16.10.1%Wan2 routing-mark=Google
add distance=2 gateway=192.168.1.254%Wan1 routing-mark=Google
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address-list=google.com new-routing-mark=Google passthrough=no
That should make all traffic going to the google.com IP address go out of Wan2. If Wan2 is disable or its gateway unreachable, it should send it out of Wan1.
I guess you can modify the failover script to change the distance of the two google routes too if you want.

ok, is clear…thanks you for support!