In my current scenario, I have 2 ISP providers connected to my Mikrotik Router. One ISP (Cable Operator) allows the cable-modem to operate in bridge mode, hence the Mikrotik receives a real IPV4 address on this port. The other ISP (Fiber GPON operator) does not allow the ONU to operate in bridge mode, hece the Mikrotik receives a reserved IPV4 address on this port (192.168.0.100), configured as the DMZ for the ONU internal LAN (192.168.0.0/24). Summary:
Internal LAN: 192.168.1.0/24;
Cable Operator WAN network: 177.142.96.0/20;
Fiber Operator WAN network: 192.168.0.0/24
The problem with this scenario is that the route “check gateway” test does not ensure reachability on the Fiber case, as the ONU will be online most of the time but the fiber service itself can be offline. I’m fighting the Fiber Operator to allow bridge mode, but in the meantime I’d like to define a gateway route to it’s ONU internal address (192.168.0.254) but to test “check gateway” reachabillity by pinging it’s external gateway real IPV4 address. Is there any way to accomplish this?
I’m actually doing load balancing between both ISPs, but the problem is that the current configuration does not identify “Internet Down” for the GCNAT FIber ISP connection, as it’s only testing the 192.168.0.254 reserved IP address, which is always on as long as the ONU is powered up, regardless of the actual fiber connection state.
I’ll take a look at the proposed code and see if I can manage to modify my configuration to incorporate the appropriate connection tests.
Hi rextended, thank you for the recursive approach, very smart.
I have the same config as mhenriques (2 WANs: 1 NATted + 1 bridged).
I use PCC for dual Wan load balancing and it works fine. However, when I have on ISP line cut on the operator side, the Internet connectivity stops (ping works only to check gateway on the working ISP link), no DNS, nothing else.
example: ISP1 is a Bridged router on DSL line => line is cut on the ISP side => I need the system to failover to ISP2
For the moment I only have a dirty fix: I setup temporarily a fixed route to ISP2 to recover Internet access:
/IP route
add distance=1 gateway=172.16.2.1
But failover should be dynamic! So what is your recommandation to use PCC for LB as I use + have working failover when 1 WAN link is dow?
I’d assume it does not need a script, but I don’t understand how to implement it.
I have attached an extract of my config, including the dirty fix to ISP2 : /IP route distance=1 gateway=172.16.2.1
( 210718ConfigScriptC-Gateway4Gonly_rsc.txt (5.07 KB)
)
Thank you!
But it starts in 2020, so spans the v6 to v7 period and is long and inconclusive. This is the problem of not having a properly managed wiki.
It would be good to have a clean version we can all use. I'd like an example with 2 WAN (one primary - ie not load balanced), with no scripting and (hopefully) no connection marks.
:global isp1gateway 177.142.96.44
:global isp2gateway 192.168.0.254
/ip dns
set servers=1.1.1.1,8.8.8.8
/ip route
add comment="A - 1.1.1.1 must be reachable only by ISP1" distance=1 dst-address=1.1.1.1/32 gateway=177.142.96.44 scope=10 target-scope=11
add comment="B - Recursive ping 1.1.1.1" distance=10 dst-address=0.0.0.0/0 gateway=1.1.1.1 scope=30 target-scope=12 check-gateway=ping
add comment="C - ISP2 is the alternative gateway" distance=20 dst-address=0.0.0.0/0 gateway=192.168.0.254 scope=30 target-scope=11
On winbox, for refresh routing I must close and reopen the window for refresh the content.
You can use on terminal /ip/route pri detail interval=1 for see the real status of routes
Hi, is there a method for using this with 2 Dynamic WAN addresses? I tried setting the gateways to interfaces, but that doesn’t seem to be working. I’m unable to ping 1.1.1.1 when the static route for 1.1.1.1/32 is set up
DHCP client, but I believe I did get this figured out. I’m using NetWatch instead, and using two static routes for each gateway as a ping monitor, then modifying the static routes distances. I believe this is the “older” method, but it works for executing scripts in the event a failover occurs.
How should I go about when I receive dynamic IP and gateway addresses from the PPPoE Client? Unlike the DHCP client (under advanced) there’s no option to use a script for the PPPoE client.
Thank you, I was able to successfully use this for the PPPoE client (that gave dynamic IP) by modifying the ‘default’ PPP profile using the following script under the ‘On Up’ section:
/ip route
set [find where comment~"ISP 2"] gateway=$"remote-address"
Hello,
First of all i apologize for my poor english.
i am planning to write a script that automatically does the following: pppoe-client (the number of Wan can be entered as desired.), config bridgeLAN, IP, DHCP, NAT, ROUTE,LOADBALANCE PCC.
at the moment i have a problem with this part:
:local WANcount “any number”
:local bridgeNAME “bridge-LAN”
…
:for i from=1 to=$WANcount do={/ip/firewall/mangle/add chain=prerouting in-interface=$bridgeNAME connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses-and-ports:$WANcount"/“($i-1) action=mark-connection new-connection-mark=“WAN$i” passthrough=yes disabled=no;
}
…
I want to ask the correct syntax for the above code, maybe the exact error is in “boot-address-and-port:$WANcount”/”($i-1)" but I don’t know how to fix them.
And if the above error is fixed, then after my code is launched, I need to enter/edit information like accout pppoe-client, tagged vlan for wan interface (if needed). It would be even better if they could automatically add Recursive Route.
Hope to get help. Thanks all!