Hello,
Summery of what i want:
- All connection from addresses in addresslist wan1 are going to wan1
- Everything else should go trough wan2
- if wan1 or wan2 goes down, everything including marked packets should go to the other wan interface
So my first Question is: If a packets with routing mark hits the routing table and do not find a valid route for his mark, will it go trough the next default route which has no routing mark ?
These are my mangle rules:
/ip firewall mangle
#this rule is for marking all traffic from addresslist wan1 to go through wan1
add action=mark-routing chain=prerouting comment="Routing wan1" dst-address-type=!local new-routing-mark=wan1 passthrough=no src-address-list="wan1"
#these rules make sure that all packets going back trough the interface were they came from
add action=mark-connection chain=input connection-mark=no-mark in-interface=wan1 new-connection-mark=wan1 passthrough=yes
add action=mark-routing chain=output connection-mark=wan1 new-routing-mark=wan1 passthrough=no
add action=mark-connection chain=input connection-mark=no-mark in-interface=wan2 new-connection-mark=wan2 passthrough=yes
add action=mark-routing chain=output connection-mark=wan2 new-routing-mark=wan2 passthrough=no
These are my routes:
/ip route
#default routes for routing marked packets
add check-gateway=ping distance=1 gateway=2.2.2.2 routing-mark=wan2
add check-gateway=ping distance=1 gateway=1.1.1.1 routing-mark=wan1
#default routes for everything else
add check-gateway=ping comment="Default Route wan2" distance=1 gateway=2.2.2.2
add check-gateway=ping comment="Default Route wan1" distance=10 gateway=1.1.1.1
Is this configured correctly ? Is there a way to optimize the routing rules ?
Thanks for your time !