Hey Thavinci,
I have tried your solution, but cannot get it working either.
I can even see the connections on being forward from the DSL router to the second interface on the mikrotik router with stats tcp syn received, but its not responding with squat.
If you want i can post some screen shots of the config to show you what I have done.
-Conrad-
Hey guys,
I believe the reason this is not working is that the mangle rules for connection/packet/routing marks need to be in the PREROUTING chain, no INPUT or OUTPUT as the marks will be applied at stages in the network stack that make them irrelevant. IE - By the time they are applied, they will not be evaluated before they arrive at their destination.
I’m using this implementation to provide multiple routes and failover between my cable connection and WiMAX.
What I recommend is the following (replacing necessary values in <>):
/ip firewall mangle
add chain=prerouting action=mark-connection new-connection-mark=ISP1 passthrough=yes in-interface=<ISP1_INTERFACE>
add chain=prerouting action=mark-routing new-routing-mark=ISP1 passthrough=yes connection-mark=ISP1
add chain=prerouting action=mark-connection new-connection-mark=ISP2 passthrough=yes in-interface=<ISP2_INTERFACE>
add chain=prerouting action=mark-routing new-routing-mark=ISP1 passthrough=yes connection-mark=ISP2
/ip route
add dst-address=0.0.0.0/0 gateway=<ISP1_GATEWAY> distance=1 scope=30 target-scope=10 routing-mark=ISP1
add dst-address=0.0.0.0/0 gateway=<ISP2_GATEWAY> distance=1 scope=30 target-scope=10 routing-mark=ISP2
add dst-address=<LAN_SUBNET> gateway=<LAN_INTERFACE> distance=1 scope=30 target-scope=10 routing-mark=ISP1
add dst-address=<LAN_SUBNET> gateway=<LAN_INTERFACE> distance=1 scope=30 target-scope=10 routing-mark=ISP2
/ip route rule
add routing-mark=ISP1 action=lookup table=ISP1
add routing-mark=ISP2 action=lookup table=ISP2