Hi,
I have a MT router and need to add second default gateway. The current configuration is following:
router ip - 60.60.44.94/30, def gw. 60.60.44.93
behind the router I have one /25 network and lot of RFC1918 NATed networks.
Now I got new fiber from another ISP and want to switch SOME of networks behind this router to new internet.
New IP 160.160.16.47/27, and def. gw 160.160.16.33
So I need to default gateways… How to do this.
(all addresses are fake)
Thanks,
G.
Hi again! I’m urgently need an assistance! Where also I can ask for support? (I have a lot of Mikrotik licenses, is support included there?)
Thanks.
Thanks. But I don’t need to do load balancing, i need to specify which networks should be routed thru new gateway.
That example slightly modified is basically what you need.
Here is link to manual, there are also examples:
http://www.mikrotik.com/testdocs/ros/2.9/ip/route.php
hi
go to ip firwall NAT (or to the terminal)
place a new rule for your new gateway / local subnet :
chain=srcnat action=masquerade src-address=your_local_subnet/24 out-interface=new_interface
if your existing internet source and the new one are on the same physical interface, you should create a new IP adress on your WAN interface and then specify a dst-adress in your masquerade rule.
you should place this rule before the default masquerade rule, or specify a subnet for each rule
This is a different interfaces. What about non-NATed networks? Simpli the picture should be like this:
Router connected to internet with 2 gateways: 60.60.44.93 (main) and 160.160.16.33 (new).
Behind the firewall is (for example 4 networks):
192.168.0.0/24
10.10.14.0/24
60.60.47.0/25
160.160.115.0/26
Networks 10.10.14.0/24 and 60.60.47.0/25 should go thru main GW (10.10.14.0/24 should be masqueraded, 60.60.47.0/25 - not) and other two networks - thru new GW (192.168.0.0/24 should be masqueraded, 160.160.115.0/26 - should not).
you need to use policy routing - use mangle to place “routing mark” on each of the traffic types, then make routes based on these new marks.
see: http://www.mikrotik.com/testdocs/ros/2.9/ip/route_content.php#.3
I read this document but this did not helps me a lot.
When and for which condition I have to place a routing marks?
Firewall->Mangle, add roule, based on src addres and add rule based on dst address, actions=mark_routing? mark_routing=new-gw
then add def. gw with same routing mark?
After that I have to add a policy?
Shit, I’m very confused.
/ip route rule
add action=lookup src-address=10.10.14.0/24 table=mainGW
add action=lookup src-address=60.60.47.0/25 table=mainGW
add action=lookup src-address=192.168.0.0/24 table=newGW
add action=lookup src-address=160.160.115.0/26 table=newGW
/ip route add
add gateway=60.60.44.92
add gateway=60.60.44.93 routing-mark=mainGW
add gateway=160160.16.33 routing-mark=newGW
Masquerade rules you can figure by yourself.
You can use mangle to mark routing for more advanced setups.
I made
/ip route rule add src-address=160.160.115.0/26 action=lookup table=newGW
/ip route add gateway 160.160.16.33 routing-mark=newGW
also there is:
/ip address add=160.160.115.1/26 interface=testNET
/ip address add=160.160.16.33/25 interface=newISP
But the address 160.160.115.1 is still can not be pinged from the internet?
I found a mistake, please excuse me for bothering.
share your mistake with others, so they can learn it when they find this thread …
That was a very stupid mistake and I’m ashamed…
I had checked that the router can access new gateway but after that I’ve reconfigured the VLAN configuration and forgot to change PVID on a switch port router connected in. All the time I made my experiments with the policy routing the MT router and new default gw just was in a different vlans. Very stupid. Excuse me.