MultiWAN and MultiLAN

Hello there,

I have 2 routers from 2 different ISP and 2 different LAN I would like to keep somehow distinct.

So:
LAN1 LAN2
| |
Router
| |
WAN1 WAN2

I need some computers from LAN1 to surf the web using WAN1, while other computers from LAN1 should use WAN2 to reach Internet.
The same is true for computers from LAN2.

Q1. I would like to know if it is possible using RouterOS web interface to configure a router to comply with the request?
Q3. If not, can it be done with the terminal?

Q3. I’ve found those box to use, I would like to know if they can do the job and which ones you suggest are the more useful.

CRS109-8G-1S-2HnD-IN
hAP ac²
RB2011UiAS-2HnD-IN
CRS125-24G-1S-2HnD-IN

Other requirements:
wired lines at least 1Gbps
Wireless embedded

Thanks in advance

Wasn’t this recently discussed in other thread? Use search function and read what already is here instead of opening the same topic again.

Hi jarda.

Nope.
I’ve already searched the forum and there are topics that could seems the same but they are not.
Like:
4 WAN 1 LAN
http://forum.mikrotik.com/t/multi-routes-and-winbox/119003/6
Multiple VLANs
http://forum.mikrotik.com/t/multi-vlan-on-ports/118729/2
2 LAN 1 WAN
http://forum.mikrotik.com/t/2-way-communication-between-2-subnets-2-interfaces/119071/1

I found nothing about 2 LAN and 2 WAN with permanent route in place.


Also, since I’m a newbie in the forum and using RouterOS I’ve also asked if the configuration can be set up using the graphic interface or using console only.

Finally what devices are better to do the job.

Do not worry if you can’t answer, maybe someone else could.

http://forum.mikrotik.com/t/2-wan-2-lan/104149/1

http://forum.mikrotik.com/t/routing-2-wans-and-2-lans/109661/1

http://forum.mikrotik.com/t/dual-wan-in-dual-lan-out/101632/1

http://forum.mikrotik.com/t/dual-wan-dual-lan-setup/118588/1

And others.

A1. Yes.
A2. Yes. And by winbox too.
A3. All of them. Just take care about the cpu performance, it is not clear what throughput under what conditions do you expect. I would choose hap ac2 from your list. Compare the performance and block diagrams.

It always worries me if someone is not able to make simple query and waits to be helped out. http://bfy.tw/HvbP

That’s normal. Those people just shoot a question, does not use Google, do not think about what relevant information they should provide, instead of it accuse the first person who tried to help them to keep the direction and after that they disappear…
You know, the forum is full of them.

Thank you jarda for your help.

The thread you have found are relative to 2 WAN and 2 LAN, but while the environment is the same, the problems are different.

2 LAN, 2 WAN, no fixed computers paths, the problem is external port NAT redirect.

http://forum.mikrotik.com/t/routing-2-wans-and-2-lans/109661/1

2 LAN, 2 WAN, no fixed computers paths, the problem was redirecting all LAN1 to WAN1 and all LAN2 to WAN2.

http://forum.mikrotik.com/t/dual-wan-in-dual-lan-out/101632/1

2 LAN, 2 WAN, no fixed computers paths, the problem is like the previous.

http://forum.mikrotik.com/t/dual-wan-dual-lan-setup/118588/1

2 LAN, 2 WAN, no fixed computers paths, the problem is to make 2 bridges working AFAIK.

Probably as BartoszP is worried, I’m not smart enough to make simple queries, however I’ll try again with a graphic, maybe I can express myself in a better way using an image.

I would like to instruct the router to permanently route PC2 in LAN1 and PC12 in LAN2 to always use Router2 and all other boxes to always use Router1.
Since there is only Router6 connected to the PCs I cannot use the “route” command on the PC and the “route” command in the routers I’ve used only change path based on destination, not source.
Is this different in MT routers? Can I change the route based on the source instead of the destination?

A1. Yes.
A2. Yes. And by winbox too.
A3. All of them. Just take care about the cpu performance, it is not clear what throughput under what conditions do you expect. I would choose hap ac2 from your list. Compare the performance and block diagrams.

I see you are smarter than me! You already guessed my next question.
Yes, all of them are good routers, but how heavy is the load for the CPU/RAM with the extra route rules (or whatever is needed)?

CRS109-8G-1S-2HnD-IN
8x 1Gbps usable (very nice!), throughput barely enough (less than 700/1000Mbps will it be enough with the routing?) but no 803ac.

hAP ac²
Impressive throughput with big packets (1.9 Gbps), but I see it is quite hot, maybe not the right choice.

RB2011UiAS-2HnD-IN
5x 1Gbps usable, 5 100Mbps “wasted”, nice throughput 700/1200Mbps (will it be enough with the routing?), but no 803ac.

CRS125-24G-1S-2HnD-IN
24x 1Gbps usable (great!!), throughput barely enough (less than 700/1000Mbps will it be enough with the routing?) but no 803ac.

A friend of mine said MikroTik routers can also run as firewalls and are much more configurable than any others.
That’s why before buying a router I’ve decided to search from all them in the MikroTik site, found the ones that are fast enough (in theory) with enough ports and possibly with wifi.

You always need to combine the knowledge, there cannot be step-by-step guide for everything. Having computers in two different LAN networks or having them in two different groups by the list of IP addresses is not important difference.

If it was only about the routing, it would be easy. Unfortunatelly you will probably make nat with masquerade and you will need connection tracking with mangling the connections and then packets according your wish. Therefore the throughput will be massively influenced by the cpu processing speed. What you have learnt from the performance tables and from the block diagrams of each selected device?

Why do you believe you need three routerr in your scheme?

CRSnnnnnnn devices are switches which could do light routing … do not consider them to be used as router + firewall.

Maybe router 6 can be just a switch joining the right pc to its router…

I know it is not easy, that why I’m asking to the best people, here.
I’ve read the manual of RouteOS, but did not found an answer, but I’m new to MT hardware.
I’m not even sure anyone can do it.

My choice was hAP ac² the “new” router with 4 cores and highest throughput, but if it is very hot in normal conditions, I fear it will set my desk on fire if I use it to route the traffic.
The other ones have pros and cons (lower speed/wifi protocols, too big), I’m not sure they are worth to try.


Router1 and 2 are from ISPs, they route Internet and VoIP and I must use them.
Router6 is the one I would like to buy.

That’s very interesting.
Looking at the MT site I understood there are only 2 OS: SwitchOS and RouteOS and the same version of RouteOS with the same settings is available on all the devices (only license level make a difference). Isn’t it?

https://wiki.mikrotik.com/wiki/Manual:Simple_BGP_Multihoming#Network_Advertisements_and_Routing_Filters

This one is the closest example I found.

It deals with the 2 WANs, 2 LANs and it features main connection + fallback OR load balancing the outside connections.

However no routing for single IPs.

It is. But because you didn’t do what I suggested, you do not know the differences… Sure you can run ros on the switches, but the cpu is not powerful enough to deliver the similar results in routing like the router can. Also the way how the ethernets are connected differs and might be a bottleneck.

I get it now.

My mistake, I forgot to state the IP ranges.

Router1 192.168.1.1 in 192.168.1.0/24
Router2: 10.10.10.1 in 10.10.10.0/24

LAN1: 192.168.0.0/24
LAN2: 192.168.2.0/24

Router6 need to route all the traffic, limit traffic between networks and so on; a simple switch can’t do it, AFAIK.

So. What was your final choice and how it works?