Issue mangle in RB4011 or 6.45.1

Hi

I recently upgrade my RB2011 to RB4011 and upgraded to version 6.45.1
i have 2 wans setup and failover works perfect
but when im trying to use the second WAN is not working .and was working on RB2011 perfect.

/ip firewall mangle
add action=mark-routing chain=prerouting dst-address=!10.1.0.0/16 new-routing-mark=CO passthrough=no src-address=10.1.1.49

/ip firewall nat
add chain=srcnat action=masquerade src-address=10.1.1.49 dst-address=!10.1.0.0/16 out-interface=WAN2-Ether10

/ip route
;;; CO-RoutingMark
dst-address=0.0.0.0/0 gateway=181.197.xx.xx gateway-status=181.197.xx.xx reachable via WAN-Cableonda-Ether10 distance=1 scope=30 target-scope=10 routing-mark=CO


idk if something change on the new version that breaks this

Any ideas?

P.D the traffic from 10.1.1.49 is using the active route and not the Marked route.

Which version of RB4011? They are at least three.

You’ve only posted a few lines from your configuration, and it seems there is some misconfiguration or that you have edited the lines inconsistently: the NAT rule you’ve quoted refers to out-interface=**WAN2-**Ether10, whereas the marked route says “reachable via **WAN-Cableonda-**Ether10”. So if this observation doesn’t push you in the right direction, follow the hint in my automatic signature below.

The marked route must be active too so that it could be used, so you probably have in mind that the routing-marked traffic uses the active one of the default routes with no routing-mark, or even just that the routing-marked traffic uses a different WAN interface/gateway than you expect it to. It is a normal behaviour that when no route with a matching routing-mark is available, routing-marked packets use the routing table with no routing-mark as a fallback, but if you haven’t modified the data you’ve posted, you’ve likely messed up the gateway in the marked route so it became part of the failover scheme.