I got some strange problem. MT router connected to 2 WANs, main and backup. The problem is that main WAN fails somewhere behind the gateway, ie PPPOE link is ok, route active, everything goes to there and disappears somewhere inside ISP. I can see and ping gateway, but can not ping anything else (8.8.8.8 or so). I want to switch to backup WAN in this case. Usual route failover does not work in this situation as gateway check is always ok.
Of course its possible to do it with scripts, send pings time after time and set some mark by results, then control backup route by this mark. But is there some less complicated way?
The WAN1 routes maintain the lower distance so they have priority.
The check-gateway=ping ensures that if wan1 is down, and not active, the router will keep checking and when it comes back online will switch traffic back to WAN1
Tools->Netwatch handles the sending of pings and defining timeouts without needing to script those
However it still requires manual scripting to actually do anything
Problem you may have with the routing method alone is that the connection table can break things. NAT in particular can be problematic as it will send traffic out the new interface, but it does not adjust the source address in memory. This isn’t a problem when the primary goes down (as that will kill connections) but it is a problem when it comes back up (won’t kill connections) hence traffic can be undeliverable as its still sending with the source public IP of the backup connection. And even worse it’ll stay in memory constantly being refreshed if traffic continues to flow. This causes a lot of problems with VoIP getting completely knocked out unless the router is restarted or table manually flushed
I have written scripts that can do this, it’s still a bit of a PITA
Do wish that MikroTik would update this tool with built in GUI options and elements to define interfaces/lists/gateways/routes to check and handle either PPPoE or IP appropriately (like adjusting connection table or selectively killing connections)
Nope, it does not work. It checks GATEWAY, but gateway is always available on this route, this check has no sense as it always returns success.
IE my gateways will be 192.168.0.1/24 and 192.168.100.1/24, both pingable 100% of time, but (main) 192.168.0.1 time after time does not send anything further. So check for route alive should be something like 8.8.8.8 via 192.168.0.1
.
Not significant, switching between routes happens rare, and if existing connections drop at this moment almost nobody will die. Ok, thanks, will try to look on Netwatch.
What are you smoking…
You provide no details and claim the example provided ( which confirms if the www is reachable) doesnt work without any facts.
good luck, not going to waste my time.