I have an RB2011 with 3 WAN connections (2 DSL via PPPoE, 1 Cable via DHCP)
In the router I can ping from the two PPPoE interfaces to google.com, but not the Cable interface. From the Cable interface I can ping the ISP’s gateway and DHCP server, but nothing beyond that.
The masquerade rules for each WAN interface is the same.
I enabled logging of the masquerade rules and created input and ouput log rules in mangle to watch the pings. I can see the masquerade log and the ping packets in and out on the two PPPoE interfaces, but only see masquerade and outbound ping packets in the log for the Cable interface. There isn’t anything coming inbound in response to the pings to google.com.
When I plug my laptop in to the cable modem directly, everything works.
I am using mangle to mark packets for QoS and routing marks for load balancing. There are 4 different networks that use Queue Tree to prioritize traffic. Things worked fine when I used ECMP to load balance the WAN connections, but I had a lot of complaints about the inability to use websites and various web services (like netflix) consistently due to connections coming from multiple source IPs for the same session. I switched to PCC with source IP and things are a lot more stable. Unfortunately I can’t get out on the Cable modem now.
I have tried to use a routing mark to send the traffic from my laptop out the cable modem only, but I get the same behaviour as described above. I am trying to minimize the effect on my client’s users.
So … I removed the entire config and then added it section by section back in from an export.
Turns out it was the way I was creating the route for the cable modem. I needed to refer to it’s upstream gateway, not the interface. Which I can do on the PPPoE interfaces. If I have any routes referring to the interface, all working routes over that path stop working.
So my question is … how do I get it to dynamically update the gateway without using a script?
I have used aacable’s DUAL WAN LOAD BALANCING USING PCC WITH FAIL OVER without scripting. He uses recursion (very smart), but it is only for two WANs, not three.
Anyone know how to make this work for three WAN interfaces?
### ROUTE SECTION ###
### Magic begins here
/ip route
# Adding static routes for Google/TW which will be used further below to test both WAN link connectivity
add dst-address=8.8.8.8 gateway=192.168.1.1 scope=10
add dst-address=221.132.112.8 gateway=192.168.2.1 scope=10
## Now we create route for PCC marked packets routing mark:
add distance=1 gateway=8.8.8.8 routing-mark=to_ISP1 check-gateway=ping
add distance=2 gateway=221.132.112.8 routing-mark=to_ISP2 check-gateway=ping
## Create destinations to "virtual" hops to be use in further routes
add dst-address=10.0.0.1 gateway=8.8.8.8 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.0.0.2 gateway=221.132.112.8 scope=10 target-scope=10 check-gateway=ping
## Add default routes for both isp's marked packets by PCC mangle section
add distance=1 gateway=10.0.0.1 routing-mark=to_ISP1
add distance=2 gateway=10.0.0.2 routing-mark=to_ISP2
## Add default routes for no routing marks , For router itself
add distance=1 gateway=10.0.0.1
add distance=2 gateway=10.0.0.2
Turns out it was the way I was creating the route for the cable modem. I needed to refer to it’s upstream gateway, not the interface. Which I can do on the PPPoE interfaces.
You can do it on the PPPoE interfaces because they’re point to point interfaces, i.e. the gateway IP is implicit.
He uses recursion (very smart), but it is only for two WANs, not three.
Nothing prevents you from aplying recursion too, no matter how many WANs.
I was taking a closer look at it and I THINK I just need to a route for the third WAN (using a different DNS server and the appropriate gateway) to section 1,2,3, and 5. Then add the extra routes to the fourth section that create the failover paths pointing to the gateways in section 5. So, there would be 6 of them, instead of 2. I will play around in my lab with this and post an update when I have it working.
Did you get the three WAN links working and can you share the configuration? I have attempted to create the three WAN recursive failover link with no success.