hi everyone,
i have a mikrotik 1100hx4 , 2 isp and 4 lan on differents hotspots. i want that lan 1 and 2 go to isp1, lan3 and 4 go to isp2. but if one isp link is down all lan go to the other isp.
nb: my network is divided to 4 because it is big and want limit broadcast domains. i use also the usermanager to authenticate all users. many tutorials on web use only pcc for 1 or 2 lan.
any help please.
That should be easy to do… (he states with false bravado)
Create normal routes for all users…
ISP 1 routing distance = 5 check ping
ISP 2 routing distance = 10
In this case all users will go out ISP 1, if ISP 1 is not available ISP users will all go out ISP2.
Create two more routes for ISP2
ISP2 distance=15 routingmark=lan3 check ping
ISP2 distance=15 routingmark=lan4 check ping
Then make appropriate route rules
For LAN3 use the subnet source address or use Interface, action=lookup, table=lan3
For LAN4 use the subnet source address or use interface, action=lookup, table=lan4
How I think this could work is that all users will normally be directed to ISP 1, if its working and if not all users will go to ISP2.
This should work fine for all users on LAN1 and LAN2.
However for users on LAN3 for example we are telling the router any outbound connections originating in LAN3, go out table lan3 which is the ISP2 gateway.
Similarly for users on LAN4, outbound connections originating in LAN4, go out table4, which is the ISP2 gateway.
I am thinking the check ping on these routes will, if not successfull, send the users out the default table, which in this case would sent them out ISP1 as required.
Not 100% sure this will work, but its very simple and avoids any mangling…
This does not address any traffic originating from the WAN side however.
PCC is used to distribute traffic among WANs. @anav’s suggestion prefers ISP 1 for LAN 1 and LAN 2, and prefers ISP 2 for LAN 3 and LAN 4. No traffic distribution is used.
You can simplify it by using a single common routing-mark for traffic of both LAN 3 and LAN 4.
You can improve it by using recursive next-hop search to monitor the transparency of the uplink all the way to the internet rather than monitoring just the availability of the ISP’s gateway router, using @Chupaka’s suggestion.
For the “common routing” (routing table called main, consisting of routes with no routing-mark), the route via ISP 1 is preferred because it has lower value of distance, so the route via ISP 2 only becomes active if the ISP 1’s gateway becomes unresponsive.
For the route via ISP 2 with the routing-mark, the failover to ISP 1 consists in a fallback to routing table main if no route with the required routing-mark is available.
So the route rules could look as follows (just an example to be adjusted to your reality):
/ip route rule
add interface=br-lan3 action=lookup table=prefer-isp2
add interface=br-lan4 action=lookup table=prefer-isp2
Nice touch, a common route mark for both rules, I like it (more efficient) the only reason two rules are needed is because ROS does not allow in-interface-list as an entry for the routing rule.
thanks for your replies.
very helpful idea. I’ll try your help this weekend.
Merci.