/ip route
add distance=1 gateway=X.X.X.X,y.y.y.y
but it is run random over wan1 or wan2
Two ISP and five networks
I have two ISP and five lans network. I want LAN1-LAN4 to internet over WAN1, but LAN5 to internet over WAN2. I set two default gw.
/ip route
add distance=1 gateway=X.X.X.X,y.y.y.y
but it is run random over wan1 or wan2
/ip route
add distance=1 gateway=X.X.X.X,y.y.y.y
but it is run random over wan1 or wan2
Re: Two ISP and five networks
1) Mark Routing from first 4 subnets to a specific routing mark, in ip/firewall/mangle
2) Use desired gateway for that routing mark, in ip/routes
3) Do the same for 5th subnet, or just let the default route catch that.
2) Use desired gateway for that routing mark, in ip/routes
3) Do the same for 5th subnet, or just let the default route catch that.
-
-
kometchtech
Member Candidate
- Posts: 194
- Joined:
- Location: Japan
- Contact:
Re: Two ISP and five networks
Hello,
Will not this web site be helpful?
https://wiki.mikrotik.com/wiki/Policy_Base_Routing
https://stackoverflow.com/questions/260 ... -addresses
Will not this web site be helpful?
https://wiki.mikrotik.com/wiki/Policy_Base_Routing
https://stackoverflow.com/questions/260 ... -addresses
Re: Two ISP and five networks
Where is error?
/ip firewall mangle
add action=mark-connection chain=input comment="WAN1 - Input" in-interface=ether1 new-connection-mark=MWAN1 passthrough=no
add action=mark-connection chain=input comment="WAN2 - Input" in-interface=ether2 new-connection-mark=MWAN2 passthrough=no
add action=mark-routing chain=output comment="WAN1 - output" connection-mark=WAN1 new-routing-mark=WAN1 out-interface=ether1 passthrough=no
add action=mark-routing chain=output comment="WAN2 - output" connection-mark=WAN2 new-routing-mark=WAN2 out-interface=ether2 passthrough=no
add action=mark-routing chain=prerouting comment="WAN1 - Prerouting" connection-mark=WAN1 in-interface=br-vlan200 new-routing-mark=WAN1 passthrough=no
add action=mark-routing chain=prerouting comment="WAN2 - Prerouting" connection-mark=WAN2 in-interface=Br-eth3-eth10 new-routing-mark=WAN2 passthrough=no
add action=mark-routing chain=prerouting comment="WAN2 - Prerouting" connection-mark=WAN2 in-interface=br-vlan400 new-routing-mark=WAN2 passthrough=no
add action=mark-routing chain=prerouting comment="WAN2 - Prerouting" connection-mark=WAN2 in-interface=br-vlan300 new-routing-mark=WAN2 passthrough=no
add action=mark-routing chain=output comment=MWAN1 connection-mark=MWAN1 new-routing-mark=RWAN1 passthrough=no
add action=mark-routing chain=output comment=MWAN2 connection-mark=MWAN2 new-routing-mark=RWAN2 passthrough=no
add action=mark-connection chain=forward comment=WAN1PF connection-state=new in-interface=ether1 new-connection-mark=PFMWAN1
add action=mark-connection chain=forward comment=WAN2PF connection-state=new in-interface=ether2 new-connection-mark=PFMWAN2 passthrough=yes
/ip route
add distance=1 gateway=x.x.x.x routing-mark=RWAN1
add distance=1 gateway=y.y.y.y routing-mark=RWAN2
add distance=1 gateway=y.y.y.y,x.x.x.x
PREROUTING DONT MARK PACKETS
/ip firewall mangle
add action=mark-connection chain=input comment="WAN1 - Input" in-interface=ether1 new-connection-mark=MWAN1 passthrough=no
add action=mark-connection chain=input comment="WAN2 - Input" in-interface=ether2 new-connection-mark=MWAN2 passthrough=no
add action=mark-routing chain=output comment="WAN1 - output" connection-mark=WAN1 new-routing-mark=WAN1 out-interface=ether1 passthrough=no
add action=mark-routing chain=output comment="WAN2 - output" connection-mark=WAN2 new-routing-mark=WAN2 out-interface=ether2 passthrough=no
add action=mark-routing chain=prerouting comment="WAN1 - Prerouting" connection-mark=WAN1 in-interface=br-vlan200 new-routing-mark=WAN1 passthrough=no
add action=mark-routing chain=prerouting comment="WAN2 - Prerouting" connection-mark=WAN2 in-interface=Br-eth3-eth10 new-routing-mark=WAN2 passthrough=no
add action=mark-routing chain=prerouting comment="WAN2 - Prerouting" connection-mark=WAN2 in-interface=br-vlan400 new-routing-mark=WAN2 passthrough=no
add action=mark-routing chain=prerouting comment="WAN2 - Prerouting" connection-mark=WAN2 in-interface=br-vlan300 new-routing-mark=WAN2 passthrough=no
add action=mark-routing chain=output comment=MWAN1 connection-mark=MWAN1 new-routing-mark=RWAN1 passthrough=no
add action=mark-routing chain=output comment=MWAN2 connection-mark=MWAN2 new-routing-mark=RWAN2 passthrough=no
add action=mark-connection chain=forward comment=WAN1PF connection-state=new in-interface=ether1 new-connection-mark=PFMWAN1
add action=mark-connection chain=forward comment=WAN2PF connection-state=new in-interface=ether2 new-connection-mark=PFMWAN2 passthrough=yes
/ip route
add distance=1 gateway=x.x.x.x routing-mark=RWAN1
add distance=1 gateway=y.y.y.y routing-mark=RWAN2
add distance=1 gateway=y.y.y.y,x.x.x.x
PREROUTING DONT MARK PACKETS
Re: Two ISP and five networks
I have modified my rules and it seems to work. It is alright?
/ip firewall mangle
add action=mark-connection chain=prerouting comment="Mark all new connection" connection-mark=no-mark in-interface=ISP1 new-connection-mark=ISP1_conn passthrough=yes
add action=mark-connection chain=prerouting comment="Mark all new connection" connection-mark=no-mark in-interface=ISP2 new-connection-mark=ISP2_conn passthrough=yes
add action=mark-connection chain=input comment="Mark all new connection to Input router ISP1" connection-mark=no-mark in-interface=ISP1 new-connection-mark=ISP1_conn passthrough=no
add action=mark-connection chain=input comment="Mark all new connection to Input router ISP2" connection-mark=no-mark in-interface=ISP2 new-connection-mark=ISP2_conn passthrough=no
add action=mark-routing chain=output comment="Routing all incomint connection from ISP1 to ISP1" connection-mark=ISP1_conn new-routing-mark=to_ISP1 passthrough=no
add action=mark-routing chain=output comment="Routing all incomint connection from ISP2 to ISP2" connection-mark=ISP2_conn new-routing-mark=to_ISP2 passthrough=no
add action=mark-routing chain=prerouting comment="Prerouting to ISP1" in-interface=br-vlan2 new-routing-mark=to_ISP1 passthrough=no
add action=mark-routing chain=prerouting comment="Prerouting to ISP2" in-interface=br-vlan4 new-routing-mark=to_ISP2 passthrough=no
add action=mark-routing chain=prerouting comment="Prerouting to ISP2" in-interface=br-vlan3 new-routing-mark=to_ISP2 passthrough=no
add action=mark-routing chain=prerouting comment="Preroutin to ISP2" in-interface=Br-eth3-eth10 new-routing-mark=to_ISP2 passthrough=no
/ip route
add distance=1 gateway=x.x.x.x routing-mark=to_ISP2
add distance=1 gateway=y.y.y.y routing-mark=to_ISP1
There must be this? - > add distance=1 gateway=x.x.x.x,y.y.y.y
/ip firewall mangle
add action=mark-connection chain=prerouting comment="Mark all new connection" connection-mark=no-mark in-interface=ISP1 new-connection-mark=ISP1_conn passthrough=yes
add action=mark-connection chain=prerouting comment="Mark all new connection" connection-mark=no-mark in-interface=ISP2 new-connection-mark=ISP2_conn passthrough=yes
add action=mark-connection chain=input comment="Mark all new connection to Input router ISP1" connection-mark=no-mark in-interface=ISP1 new-connection-mark=ISP1_conn passthrough=no
add action=mark-connection chain=input comment="Mark all new connection to Input router ISP2" connection-mark=no-mark in-interface=ISP2 new-connection-mark=ISP2_conn passthrough=no
add action=mark-routing chain=output comment="Routing all incomint connection from ISP1 to ISP1" connection-mark=ISP1_conn new-routing-mark=to_ISP1 passthrough=no
add action=mark-routing chain=output comment="Routing all incomint connection from ISP2 to ISP2" connection-mark=ISP2_conn new-routing-mark=to_ISP2 passthrough=no
add action=mark-routing chain=prerouting comment="Prerouting to ISP1" in-interface=br-vlan2 new-routing-mark=to_ISP1 passthrough=no
add action=mark-routing chain=prerouting comment="Prerouting to ISP2" in-interface=br-vlan4 new-routing-mark=to_ISP2 passthrough=no
add action=mark-routing chain=prerouting comment="Prerouting to ISP2" in-interface=br-vlan3 new-routing-mark=to_ISP2 passthrough=no
add action=mark-routing chain=prerouting comment="Preroutin to ISP2" in-interface=Br-eth3-eth10 new-routing-mark=to_ISP2 passthrough=no
/ip route
add distance=1 gateway=x.x.x.x routing-mark=to_ISP2
add distance=1 gateway=y.y.y.y routing-mark=to_ISP1
There must be this? - > add distance=1 gateway=x.x.x.x,y.y.y.y