Good morning / evening guys
I’m actually not new to mikrotik and been using 10 years ago cloud routers in our distribution network
I’d like to consult you about a certain issue that’s happened specially after upgrading to 7
I get two links from ISP and connect them to a single CCR for PPPOE distribution to home and enterprise customers (the reason is redundancy and extra bandwidth)
each ISP gives me a public Ip subnet which i can use for each connection
I user different ip pools for each group of customers for differentiation .
Let’s consider a.a.a.a is a public ip for source a a.a.a.1 ISP-A gateway
b.b.b.b is a public ip for source b b.b.b.2 ISP-B gateway
Ip pool (1) 1.1.1.0/24 for customers group1
Ip pool (2) 2.2.2.0/24 for customers group2
i use mark routing src address group 1 as routing 1
I use mark routing src address group 2 as routing 2
using mangle , ip route and firewall natting i route group 1 to gateway a and group 2 to gateway b then natting (src and destination) each group to the corresponding correct ip
using additional main routing table we add main route to gateway a for default route operation
the problem is some customers from group 2 is reaching some sites through gateway (a) not their normal gateway (b) which cause these services and sites to stop working
which force us to manually route these single customers to gateway a for these services to come up until we find a professional solution
we tried disabling the main route but then all services are down at these customers side
I believe that some configuration is missing
Works different on OS7 there are two ways to do it
1.) Use main table and the the rules tab under routing to make two policy routes
2.) Make a new table and enable in fib under routing for each ISP.
Mangle marking will be on output using src-address to apply the mark to the ISP
route is 0.0.0.0/0 to the gateway of each ISP using that table
The nating etc lies outside the issue you just need to remember you have multi-table routing now.
So basically you have a dual wan scenario ( failover is not a consideration as the ISP is the same ).
Typically the options are:
(1)PCC balancing -This basically divides usage between X WAN connections as evenly as possible and treats each subnet/vlan as part of a single LAN input whose requests will be distributed equally to the WANs available.
(2) Admin breaks up the LAN and assigns specific subnet to specific WANs.
It would seem you are attempting (2) and thus as noted two options you can mangle traffic or you can routing rule traffic.
I prefer the routing rule method but one has to have a full set of requirements to do so properly.
For example is there any traffic between the subnets at all.
a.. do local users on subnet A need access to anything on subnet B
b. do local users on subnet B need access to anything on subnet A
c. do external users access any resources on subnets A or B.
etc…
examples are servers, or shared printers …
Good evening
first
thanks for help
subnets are actually client routers connected through pppoe
the only thing we need is accessing the customer router through wan interface for management services (like wifi password change … etc)
we have many network interfaces that’s on other subnets than a and be
we need to access them
Well the facts are important.
A. WHO is going to be included in the PCC setup.
B. WHO is not going to be included in the PCC setup.
OR
which Group(s) goe(s) to WAN1, which group(s) goe(s) to WAN2 etc…
Are there any external users coming in on any of the WANs to access devices on any LAN anywhere, or the MT for config purposes
As far as being able to reach all of the routers on PPOE that is decided by firewall rules in the forward chain I would say, but until we get a decent network diagram and comnplete config (less the router serial number, public WANIP info, passwords etc), hard to say for sure.