Community discussions

MikroTik App
 
medharrak
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 50
Joined: Tue Feb 13, 2018 7:27 pm

Loadbalancing and failover

Tue Feb 13, 2018 7:42 pm

Hi,
I'm traying to configure a loadbalancing with failover on Mikrotik router using 2 WANs Interfaces (see attached picture to understand my topology) , the configuration is seems to be working fine, however when I stop WAN1 interface and I try ping it working , but in the IP>Firewall>connections it shows that the packet is still market as WAN1_conn instead of WAN2_conn (see attached picture)
following is my router configuration, please advice if there is an error in the script or if there is any advanced feature to make is work perfectly .thank you
/interface ethernet
set [ find default-name=ether5 ] name=LAN
set [ find default-name=ether1 ] name=WAN1
set [ find default-name=ether2 ] name=WAN2

/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=192.168.20.2-192.168.20.50
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=LAN name=dhcp1
/ip address
add address=192.168.20.1/24 interface=LAN network=192.168.20.0
add address=10.10.10.2/30 interface=WAN1 network=10.10.10.0
add address=20.20.20.2/30 interface=WAN2 network=20.20.20.0
/ip dhcp-client
add disabled=no interface=WAN1
/ip dhcp-server network
add address=192.168.20.0/24 dns-server=192.168.20.1 gateway=192.168.20.1
/ip firewall mangle
add action=accept chain=prerouting dst-address=10.10.10.0/30 in-interface=LAN
add action=accept chain=prerouting dst-address=20.20.20.0/30 in-interface=LAN
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=WAN1 new-connection-mark=WAN1_conn passthrough=no
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=WAN2 new-connection-mark=WAN2_conn passthrough=no
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-interface=LAN new-connection-mark=WAN1_conn \
passthrough=no per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-interface=LAN new-connection-mark=WAN2_conn \
passthrough=no per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn in-interface=LAN new-routing-mark=to_WAN1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=WAN2_conn in-interface=LAN new-routing-mark=to_WAN2 passthrough=no
add action=mark-routing chain=output connection-mark=WAN1_conn new-routing-mark=to_WAN1 passthrough=no
add action=mark-routing chain=output connection-mark=WAN2_conn new-routing-mark=to_WAN2 passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN1
add action=masquerade chain=srcnat out-interface=WAN2
/ip route
add check-gateway=ping distance=1 gateway=10.10.10.1 routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=20.20.20.1 routing-mark=to_WAN2
add check-gateway=ping distance=1 gateway=10.10.10.1
add check-gateway=ping distance=2 gateway=20.20.20.1
You do not have the required permissions to view the files attached to this post.
 
User avatar
sebastia
Forum Guru
Forum Guru
Posts: 1782
Joined: Tue Oct 12, 2010 3:23 am
Location: Antwerp, BE

Re: Loadbalancing and failover

Fri Feb 16, 2018 9:31 pm

Good evening (CET time here)

The fact that it's marked for wan1 is expected, as that's the loadbalancing at work.

BUT if one of the wans in unavailable it will re rerouted over the other.

Who is online

Users browsing this forum: 0xAA55, adrianmartin16, mszru and 47 guests