Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Route Web Traffic out Wan2 and all other out Wan1

Locked
 
User avatar
GeekPatrolMiller
newbie
Topic Author
Posts: 44
Joined: Sun Dec 07, 2008 3:47 pm
Location: Dallas, TX, USA
Contact:
Contact GeekPatrolMiller

Route Web Traffic out Wan2 and all other out Wan1

Fri Aug 23, 2013 4:17 pm

The goal is basically the same as the post at http://forum.mikrotik.com/posting.php?m ... 13&t=69327 , to have web traffic route through WAN2 and all other traffic route through WAN1
Code: Select all
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=WAN2 routing-mark=web_traffic scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.7.254 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.254 scope=30 target-scope=10
Code: Select all
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=WAN2
add action=masquerade chain=srcnat disabled=no out-interface=WAN1
Code: Select all
/ip firewall mangle
add action=mark-routing chain=prerouting disabled=no dst-address-type=!local dst-port=80,443 in-interface=Local new-routing-mark=web_traffic passthrough=no protocol=tcp
Top
 
tws101
Member Candidate
Member Candidate
Posts: 283
Joined: Thu Sep 08, 2011 11:25 pm

Re: Route Web Traffic out Wan2 and all other out Wan1

Fri Aug 23, 2013 11:00 pm

You can't specify and Ethernet interface as a gateway.... Only a pppoe or other virtual interface. Other wise you need an ip address in there.

You can assign it but traffic misses next hop. Put an IP in instead.
Top
 
User avatar
GeekPatrolMiller
newbie
Topic Author
Posts: 44
Joined: Sun Dec 07, 2008 3:47 pm
Location: Dallas, TX, USA
Contact:
Contact GeekPatrolMiller

Re: Route Web Traffic out Wan2 and all other out Wan1

Sun Aug 25, 2013 3:22 am

Thank you so much for that input... Your suggestion was 100% spot on.

I will go on to say that I made the change you pointed out and the problem actually got worse. Before the change, the router was trying to send the traffic out WAN2 but it then failed back to WAN1, even though the route said it was reachable. After the change, the route was sending the marked packets to the IP in WAN2 as it should but there was no connectivity to the outside ISP links.

The final solution there was that on my mangle rule, I was specifying "Local" as the In-Interface which needed to be "Bridge1", since there was a bridge, and Ether3 (renamed "Local") was a member. I cannot count how many times the bridge interface has kicked my tail in this fashion. I only include the info here to help someone else out who, like me, forgets the bridge interface should be referenced instead of a physical interface if it a member of a bridge.

After fixing the mangle rule in-interface issue, I went back and reversed the Route Gateway back to WAN2 to verify and as expected, I was back to where I was before I started. I applied your suggestion again and everything is now working exactly how I wanted...

Anyway, thank you again for your quick and concise answer to my question...
Top
Locked

Who is online

Users browsing this forum: AdamT77, fxcd, zalciukaz and 115 guests
  4. RouterOS
  5. Beginner Basics