Fast failover

RouterOS Beginner Basics
1

Hi,

I’ve played now a long time to configure Failover with two WANs.
However both solutions in the wiki have the same Problem, they are simple but slow.

for e.g. Failover WAN1 → WAN2:
It seems like the router tries the old route over WAN1, even if the route isn’t working anymore and it takes some time till it is working again.

I’ve found this guide, using Netwach instead of the default Gateway check, but still the same Problem.
https://www.dxsdata.com/de/2017/03/mikrotik-wan-failover-with-e-mail-notification/

However, if I add to the script to delete all active conections, the failover is blazing fast.
/ip firewall connection remove [find]

I know it is not a very “gentle” solution, is there maybe a better way to speed up the failover?

BR

2

Your wan is PPP or a is behind a NAT ? Please also send a traceroute to 8.8.8.8 for each WAN interface

3

WAN1 is ppp, WAN2 is behind a NAT.

At the moment I’m testing only WAN1 with netwatch with 8.8.8.8 and blocked traffic to 8.8.8.8 over WAN2.

How could i change the routing that it always probe 8.8.8.8 over WAN1?

I’ve made the static route 8.8.8.8 → gateway WAN1,distance 1 scope 10
but it’s still trying to reach 8.8.8.8 over WAN2 when WAN1 is down, that’s why i’ve blocked 8.8.8.8 on WAN2.

4

This is the basic setup I use for both my main internet connections as well as my VPN setups, it’s fast (very) and requires no additional scripting or netwatch usage. Just ensure your pppoe client does not create it’s own default route.

/ip route
add check-gateway=ping comment=Internet distance=1 gateway=WAN1
add comment="Internet (failover)" distance=2 gateway=WAN2
5

Add a routing rule and table for wan1 with a blackhole to ensure no other route will be lookedup if none available

/ip route rule
add action=lookup-only-in-table comment="Force over wan1" dst-address=8.8.8.8/32 table=wan1

/ip route
add comment=Wan1 distance=20 gateway=<gw ip> routing-mark=wan1
add distance=100 routing-mark=wan1 type=blackhole