I have a Mikrotik rb3011uias with the current firmware 6.46beta9testing.
I want to manage up to 4 separate internet accesses on this microtic.
ISP1 ↔ LAN1; ISP2 ↔ LAN2 …
I don’t want bundling and load balancing.
What is the simplest way to achieve this cleanly and transparently on the rb3011? I assume that Mangle - Roules will help me. How would I do that?
Is there another way that might be “easier”?
Internet accesses all have 200/40 MBit. Can I take full advantage of this solution (several separate ISPs on one microtic) for all accesses?
Rather than mangling I’d use VRF in this case. With VRF, the routing-mark is assigned based on the in-interface of the packet, without any /ip firewall mangle or /ip route rule rules, and there is also no fallback to routing table main if no route with that routing-mark is found.
/ip route vrf add routing-mark=isp2 interfaces=wan-isp2,lan-isp2 will ensure that whatever comes in via one of these interfaces will get a routing mark isp2, and also that the dynamically added routes to connected subnets attached to those interfaces will be marked with that routing-mark. And by adding a default route through ISP2’s gateway with routing-mark=isp2 you’re done.
If you need src-nat (or masquerade if the WAN address is dynamically changing), it is enough that the rules in chain=srcnat of /ip firewall nat match on out-interface. Unless you specify a routing-mark condition in them, they will act on a packet with any routing-mark. So it’s not the same like routes where no routing-mark is equal to routing-mark=main.