I am sure someone had already discussed or it’s even in the manual, but being new to the mikrotik OS I am not yet that to figure out how to search.
I have configured succesfully a load balancing with two ISP lines. The problem is that some connection don’t act very well with a load-balancing scenario.
So, i would to like to map or route some specific connection to one interface.
My mikrotik has three interfaces WAN1, WAN2 and LAN. Now I want connections versus sample.com to pass through WAN1. Sample.com is the root domain because the real connections are to: sample1.sample.com sample2.sample.com sample3.sample.com etc.
Refer to the MikroTik Docs - more specifically the mangle feature.
Basically explained : You need to do some policy routing.
SOME details :
In /ip firewall mangle you should add a mangle rule which has the conditions you state and then do mangle, marking the route. eg. (https is a issue over multiple source ip’s so I’ll use that as an example)
When you print your routes it should look something similar to this (depending on which inteface the gateway lies, i think Winbox will show you the routing mark…):
"1 A S ;;; Https
0.0.0.0/0 r (ISP Gateway) 1 ether4 "
Thanks Leonj, but if you could, one more thing. You explain here about https which do have a specific port, thus defining the rule it’s easy. How can the rule be defined if (which is my case) I would route only one part of the http connections. To be clearer, outside there are several points of sales of our company with some simple routers (not mikrotik). I have configured those routers with dynamic dns. When I log onto them, since I have load balancing, looks like one packet goes by WAN1 and the other from WAN2 which creates non consistant connections with those routers and their rules.
So I need to define a rule which establishes that connections with destination
some.dyndns.info
should pass through WAN1 lets say. Is this possible?
Hi, this is now if I understand correctly… sorry if I misunderstood…
I think you will still need to do the mangle thing unless you dont get dynamic IP from your ISP you could consider static routing, but that is also not possible as you need a static destination.
What router is it that you using? one that you manage through a web interface? if I’m not mistaking, 90% of them you could set the port through which you manage them from the internet side. this will allow you to do the mangle easily.
Yes Leon, you guessed it right.
I have a mikrotik router in the headquarters of our company, and diferent points of sale outside, in other cities. In these points of sale we do have simple routers like trendnet or dlink, which let you configure them through web interface in specific ports. We do also have IP-Camera which are accessed through web also. Their service ports is a good point as you suggested, I could mangle port 8080 for example.
But this is not the aproch I was looking for, and that’s why.
In our headquarters as I told we have two ISP, one of them is inderectly supplying the line to some our points of sale (telecom). So if I do establish a connection based on their addresses I could have the fastest possible since they will be in the ISP.
I think it is possible in mikrotik to do such routing, based on dns address rather than IP address or port service, just don’t figure how.
Maybe you could get hold of the IP ranges they dish out and route all the traffic in that range through the corresponding range? I know the MT’s have trouble working off “DNS” type addresses, they tend to ask for a valid IP or resolve it automatically once you say add a new route.
The only other solution I can think of would be to run some sort of script that resolves some.dyndns.com, deletes the old route and creates and new route with the resolved address.
Maybe ask in the scripting forum with some help with this one…?