SMTP Traffic Routing to specific ports - Internet on other

safiullahtariq · December 5, 2015, 7:52am

Hello All,

I need some guidance,

I am getting internet from 2 different service providers, I have made a failover script. But i am now facing a new challenge. My emails (SMTP and POP3) ports are blocked by one ISP.
What I want to do is, make one ISP my primary (on port 1) which will cater internet traffic, but not SMTP and POP3, this will go via the secondary ISP.

But when the primary internet fails, the router should work as normal failover in this case it doesnt matter if emails works or not.

Regards,

Safiullah Tariq

safiullahtariq · December 8, 2015, 7:41am

Will anyone give any idea

pe1chl · December 8, 2015, 9:08am

You will have to configure some special cases for that traffic into the balancing/failover mechanism that you created and did not describe.
Normally you will put in some mangle rules to mark the connections (outgoing TCP port 25, 119 etc) and then use those marks to route or block the traffic in the way you like.

safiullahtariq · December 9, 2015, 8:22am

Thanks for your reply.

failover between WANs are working fine. I did that in past with success. I know how to mark specific traffic/connection/packet via mangle, but only used that for QoS, what I dont know is how to force those to go out on a specific interface. requesting you to please provide guidance on that.

Regards,

Safiullah

safiullahtariq · December 31, 2015, 2:31pm

Hi,

My primary wan connection is 10.10.1.1 and secondary is 192.168.0.1.

I wanted my email traffic to pass via secondary WAN (always).

This is what I did and I was successful

/ ip firewall mangle 

add chain=prerouting action=mark-routing new-routing-mark="POP3 traffic" passthrough=no dst-port=110 protocol=tcp comment="" disabled=no 
add chain=prerouting action=mark-routing new-routing-mark="SMTP traffic" passthrough=no dst-port=25 protocol=tcp comment="" disabled=no

/ ip route 
add dst-address=0.0.0.0/0 gateway=192.168.0.1 scope=255 target-scope=10 routing-mark="POP3 traffic" comment="" disabled=no 
add dst-address=0.0.0.0/0 gateway=192.168.0.1 scope=255 target-scope=10 routing-mark="SMTP traffic" comment="" disabled=no

Hope this helps someone in future.

Regards,

Safi