Inbound 1:1 static NAT failover

alex_rhys-hurn · June 12, 2016, 10:33am

Hi Everyone,
I have the following network - see image.
I have failover between two ISP working perfectly using check-gateway and default route cost.
I have 1 mailserver with 1:1 static NAT to ISP1 the primary. So my internal IP NATS to a static External IP from ISP1

What I want to achieve, is when ISP1 goes down, to have the NAT rules for the server to change to NAT via ISP2 which has a different public IP.

Please can you suggest a technique that I can use as a starting point?
Many thanks,
Alex

EDIT: I should be more clear. Masq rules wont help me here (I already have them anyway for the outbound traffic) I need to be able to re-write the 1:1 static NAT rules for INBOUND traffic TO the mailserver, and then also re-write the NAT ruls for OUTBOUND traffic FROM the mail server. This means that as far as the internet is concerned my Mail Server has 2 public IP addresses, one via ISP1 and one via ISP2. Then I can write my DKIM and SPF and MX rules to know and bind to these IP addresses properly.

Thanks.

dgnevans · June 12, 2016, 12:55pm

You will need dst-nat to your internal server . With ip addres for each WAN to internal server.
Mangle rules (pre-routing, input, forward, output)to ensure traffic goes out same connection it comes in on.
Routes to route mark traffic out specific connection.
If you need help with the code let us know. Have this working at the moment.

emikrotik · June 13, 2016, 8:00am

You will also have to setup your MX record priorities