Page 1 of 1

RB3011 dual wan

Posted: Wed Jul 13, 2016 5:58 am
by infused
Hi Guys.

Just got a place currently with one wan connection. I have it on port1. I now have another wan which I have had on port6.

Now, I suspect to get a dual wan going, as I need to split the same subnet, is to use mangle on routing mask and then do another default route using the routing mask. I've tried this and it doesn't seem to work.

I'm also unsure on how to use the switch chip on each set of ports as nothing seems to be switching. Currently most of it is on a bridge.

I actually just need to mark two ports to be routed out of the secondary connection.

Can you give some advice please on how to break this up and getting it working correctly?

Re: RB3011 dual wan

Posted: Wed Jul 13, 2016 8:52 am
by cutedrummerboy
it will give you some basic idea
/ip firewall mangle
add chain=prerouting dst-address=172.27.23.0/24 in-interface=LAN1-0
add chain=prerouting dst-address=172.27.15.0/24 in-interface=LAN1-0
add action=mark-connection chain=prerouting in-interface=WAN1-1 \
    new-connection-mark=WAN1-1_conn
add action=mark-connection chain=prerouting in-interface=WAN1-2 \
    new-connection-mark=WAN1-2_conn
add action=mark-connection chain=prerouting dst-address-type=!local \
    in-interface=LAN1-0 new-connection-mark=WAN1-1_conn \
    per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting dst-address-type=!local \
    in-interface=LAN1-0 new-connection-mark=WAN1-2_conn \
    per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1-1_conn \
    in-interface=LAN1-0 new-routing-mark=WAN1-1
add action=mark-routing chain=prerouting connection-mark=WAN1-2_conn \
    in-interface=LAN1-0 new-routing-mark=WAN1-2
add action=mark-routing chain=output connection-mark=WAN1-1_conn \
    new-routing-mark=WAN1-1
add action=mark-routing chain=output connection-mark=WAN1-2_conn \
    new-routing-mark=WAN1-2

/ip firewall nat
add action=src-nat chain=srcnat comment="ABSPL Account-1 NAT" out-interface=\
    WAN1-1 to-addresses=172.27.15.169
add action=src-nat chain=srcnat comment="ABSPL Account-2 NAT" out-interface=\
    WAN1-2 to-addresses=172.27.23.15

/ip route
add check-gateway=arp comment="ISP1 Account1 Default Route" distance=1 \
    gateway=172.27.15.1 routing-mark=WAN1-1
add check-gateway=arp comment="ISP1 Account2 Default Route" distance=1 \
    gateway=172.27.23.1 routing-mark=WAN1-2
add check-gateway=arp comment="ISP Default Route" distance=1 gateway=\
    172.27.15.1