Page 1 of 1

Backup Link

Posted: Fri Sep 08, 2017 4:13 pm
by miltont
Greetings
I wanted to know how can i make a backup route of all internet traffic on my mikrotik...
Currently i have a 3011 Router with ETH1 port fiber connection as my default connection and has a static public IP.
I want to use ETH9 port as backup(Failover) connection it has a cable modem connection with no Static Public Ip.

How can i achieve this?

Re: Backup Link

Posted: Mon Sep 11, 2017 4:24 am
by Revelation
You would set two static routes. First route will point to your first ISP and will be exactly what you use today. The second router will have a higher administrative distance, set it for say 150, and traffic will only follow the second route when the first one goes down.

Re: Backup Link

Posted: Mon Sep 11, 2017 5:22 am
by jspool
Look at some of the WAN failover posts and tutorials. You should be able to use the search box on the upper right of this site to find many examples of this configuration. Obviously you would need to masquerade the traffic leaving eth 9. Bear in mind you may wish to clear connections from ip firewall connection tracking or adjust timeouts to minimize the delay when switching traffic from one WAN to another.

Re: Backup Link

Posted: Mon Sep 11, 2017 1:21 pm
by aacable
You would set two static routes. First route will point to your first ISP and will be exactly what you use today. The second router will have a higher administrative distance, set it for say 150, and traffic will only follow the second route when the first one goes down.
Primary Link distance = 1
Backup Link distance = 2

Let's say what will happen if the local primary ISP is reachable till there NOC, but having trouble from upstream provider ? the check gateway-ping will only ping then next hop that is either local Router (in case of dsl router) or ISP Gateway (in case of static ip or bridge mode) which will eventually always reachable , so the route will always be considered as UP. (even if the internet is actually Down)

It is recommended to configure an script that should run every mint or so via scheduler , that should check at least 2 internet hosts (that must always route via the primary link / you can do this in route section), if both hosts are unreachable then the primary link distance should be changed to 3 , so that all request should route via backup link & once the both or one internet hosts are reachable then the script should change the primary link distance back to 1
If you have single masquerade rule (without pointing the OUT interface) then you dont need any further additional rules.