Hi everyone,
i have some difficulty and at this point i need help,
I have 2 different isp: 1 PPPOE (BELL CANADA)
1 DYNAMIC (VIDEOTRON)
I dont have 2 static gateway ip adress and i try to make some load balancing between this two wan. I have also 3 lan
1: 192.168.0.0/24 DHCP for POS system
2: 192.168.5.0/24 DHCP for wired lan
3: 192.168.254.0/24 DHCP for wireless router dmz
those 3 network are independant and no one see each other.
I have no problem to setup each lan and the firewall policy to achieve my ultimate goal. With one isp the result is perfect. but whwen i trying to made some ECMP, PCC or NTH i fail to acces web.
this is the script i try to use
/ip address
add address=10.0.1.1/24 network=10.0.1.0 broadcast=10.0.1.255 interface=ether2
add address=10.0.2.2/24 network=10.0.2.0 broadcast=10.0.2.255 interface=ether1
add address=192.168.88.1/24 network=192.168.88.0 broadcast=192.168.88.255 interface=ether3
/ ip firewall address-list
add list="Allowed-Internet" address=192.168.0.1/24 comment="" disabled=no
/ ip firewall address-list
add list="ether1" address=192.168.0.24/32 comment="" disabled=no
add list="ether2" address=192.168.0.76/32 comment="" disabled=no
/ ip firewall nat
add chain=srcnat action=masquerade out-interface="ether1" src-address-list="Allowed-Internet" comment="Gateway 10.0.1.1/24" disabled=no
add chain=srcnat action=masquerade out-interface="ether2" src-address-list="Allowed-Internet" comment="Gateway 10.0.2.1/24" disabled=no
/ ip firewall mangle
add chain=prerouting action=mark-routing new-routing-mark="ether1" src-address-list="ether1" passthrough=no comment="" disabled=no
add chain=prerouting action=mark-routing new-routing-mark="ether2" src-address-list="ether2" passthrough=no comment="" disabled=no
add chain=prerouting action=mark-routing new-routing-mark="HTTP traffic" passthrough=no dst-port=80 protocol=tcp comment="" disabled=no
add chain=prerouting action=mark-routing new-routing-mark="SSL traffic" passthrough=no dst-port=443 protocol=tcp comment="" disabled=no
add chain=prerouting action=mark-routing new-routing-mark="POP3 traffic" passthrough=no dst-port=110 protocol=tcp comment="" disabled=no
add chain=prerouting action=mark-routing new-routing-mark="SMTP traffic" passthrough=no dst-port=25 protocol=tcp comment="" disabled=no
add chain=prerouting action=mark-routing new-routing-mark="P2P traffic" passthrough=no p2p=all-p2p comment="" disabled=no
add chain=prerouting action=mark-routing new-routing-mark="Unknown traffic" passthrough=no comment="" disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=10.0.1.1 scope=255 target-scope=10 routing-mark="ether1" comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=10.0.2.1 scope=255 target-scope=10 routing-mark="ether2" comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=10.0.2.1 scope=255 target-scope=10 routing-mark="HTTP traffic" comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=10.0.2.1 scope=255 target-scope=10 routing-mark="SSL traffic" comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=10.0.2.1 scope=255 target-scope=10 routing-mark="POP3 traffic" comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=10.0.1.1 scope=255 target-scope=10 routing-mark="SMTP traffic" comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=10.0.1.1 scope=255 target-scope=10 routing-mark="P2P traffic" comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=10.0.1.1 scope=255 target-scope=10 routing-mark="Unknown traffic" comment="" disabled=no
I used google public dns !!!
i but 600 units of microtik 750 and i update those to version 5.4. And i need to deploy this rb very very soon !
Thanks for your help !