I suspect given you enter the gateway ip statically it will also fail miserably when the wan is DHCP unless I can get it to create the recursive routes by the DHCP client.
If Tiks are to be used as CPE this really could be a useful out of the box feature, like many other vendors have.
If you set the “default route distance” on the DHCP client (in Advanced tab in Winbox). This number controls which default route is used first, lower being high priority (e.g. 1 is 1st, 2 is 2nd). Similar for PPPoE, except in the “Dial Out” tab.
It’s the simplest form of failover, but that only works to detect if the physical interface going “down” (e.g. ethernet cable, PPPoE disconnects) – since no “ping” or anything at IP layer used to detect a failure. Mikrotik do have an “internet detect” feature but it’s actually not that simple – may work here (in addition to the setting the default route distance) but you’d want to read the docs carefully to setup/understand how it works.
This is possible. You need to add a small bit of script on the DHCP client (or “PPP Profile” script for PPPoE) that updates the recursive routes’s gateway via the script. Since you’re correct, hardcoding a DHCP given gateway with recursive routes is asking for trouble (unless your ISP really never changes it…).
Totally agree. It is not simple, and I still didn’t get perfectly how it exactly works. Still unsure about a couple of steps actually. But, as you said, this video helps you get going at least.
Mikrotik helps (sometimes “pushes” you) to dive deeper into networking, and it was what I was looking for just for learning purpose , but on the other hand it can really make you more confused since it can do the same things in several ways. I once set a failover on my pfSense machine and it worked smootly right away without any struggle, and I remember I thought “that’s it?”. Later in time, Mikrotik made me understand that it is not that simple, and there is a bit more going on in the background.
Merry Christmas
I did have a quick look but I still don’t think it can help in the case of PPP or DHCP where the gateway is not known.
PPPoE is still very common here for Broadband grade Circuits, if the PPPoE drops then it’s easy enough as the route along with it dissapears but if the PPP is up but the ISP beyond it is having issues then that won’t work.
The really annoying bit is Netwatch would almost be capable of this if it only had the ablity to set the number of consecutive ping failures before it triggered the up/down scripts.
Ah, so the video didn’t cover the DHCP client script need for dynamic address I’m guessing… I’m sure on another thread here cover this part, but I couldn’t find one instantly – but recursive route + dynamic gateway is possible.
All the recursive steps are the same, except you need to modify the /ip dhcp-client for the WAN to NOT “add default gateway” (uncheck it), and instead use a script to add it via the “script” tab (adapt as you need - should look follow same scope/distance as whatever example your using for the WAN’s “real” route):
if ($bound = 1) do={
/ip route
remove [find where comment=WAN1]
add dst-address=8.8.8.8 distance=1 scope=10 comment=WAN1 gateway=$"gateway-address"
}
And for PPPoE, you do this by creating a new PPP Profile (copy the one you’re using e.g. “default encrypted”) and then edit the “On Up” scripts to do something similar. Although I don’t use PPPoE nor recursive routes, so not sure on the exact steps here. This may give you some clues: http://forum.mikrotik.com/t/two-pppoe-with-same-gateway-recursive-route/120033/1 .
I’m encouraged by the new netwatch, but no “gingerbread trial” yet how to take advantage of that to control routing/failover/etc.
I’m not a huge fan of the recursive routing approach, but I use it with things like dynamic things like DHCP WAN + LTE(s). But there is the added step to have a script that modifies the /ip/route for each of the WAN interfaces that dynamic - even further from simple… But recursive routing does have one advantage over netwatch-approach that once it’s setup/working, there aren’t [likely complex] netwatch scripts to maintain - since check-gateway=yes is pretty simple and the routing engine maintains all the state for you.
.