Community discussions

MikroTik App
 
mano0000
just joined
Topic Author
Posts: 11
Joined: Sun Jul 01, 2018 9:36 pm

Dual WAN balanced setup DHCP + PPPOE

Sun Jul 01, 2018 10:18 pm

Hi Experts,
Diving in to the deep end (for me) with my new hEx.
To replace a GUI based obsolete Draytek.
Looked at various Youtube, and Forum posts for the past 2 weeks, to climb the the 1st rung on the ladder.

Have 2 WAN connections - One is Cable (100M) with DHCP and the Other vDSL pppoe at 60M, serving a single LAN network on 192.168.1.0/24 using the remaining ports.

Ether 1 - WAN1 - Cable DHCP
Ether 2 - WAN2 - ADSL
Ether 3-5 as Bridge1

Wish to Replicate -
1) Balanced use of the WAN, with failover
2) Setup Static IP for some of the devices on the LAN
3) Setup port Forwarding to some of the devices on 2 for IMAP/mail service
4) Setup Dynamic DNS for (3) to work
5) setup L2TP for remote access etc..
-- Have not setup the ntp or set the date and time yet.

Hoping the below is in the right direction, or is there an easier way to achieve what I am after. All the DUAL WAN sdetups seem to be not DHCP based on bioth WAN's. Specially none I have spotted with one Cable WAN and the other as PPPOE DSL WAN. Help please..


Here is my config cobbled from what I have learned so far for (1), Not connected to the WAN network yet..
[admin@MikroTik] > export compact
# jan/01/2002 02:08:03 by RouterOS 6.42.3
# software id = NZMU-EZED
#
# model = RB760iGS
# serial number = JHDJHSJDHSJ
/interface bridge
add fast-forward=no name=bridge1
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether2 name=pppoe-out1 password=dfff user=vodafone
/interface list
add comment="Lan Network set to 192.168.1.0/24" name=LAN
add comment="Virgin DHCP " name=WAN1
add comment="Vodafone DSL DHCP" name=WAN2
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool1 ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool=pool1 disabled=no interface=bridge1 name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
/interface list member
add interface=bridge1 list=LAN
add interface=ether1 list=WAN1
add interface=pppoe-out1 list=WAN2
/ip address
add address=192.168.1.1/24 interface=ether3 network=192.168.1.0
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid disabled=no interface=ether1 use-peer-dns=no use-peer-ntp=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no interface=ether2 use-peer-dns=no use-peer-ntp=no
/ip firewall mangle
add action=mark-connection chain=prerouting comment="Load-Balance for WAN1" connection-state=new in-interface=ether1 new-connection-mark=WAN1_conn passthrough=yes
# pppoe-out1 not ready
add action=mark-connection chain=prerouting comment="Load-Balance for WAN1" connection-state=new in-interface=pppoe-out1 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn new-routing-mark=to_WAN2 passthrough=yes
add action=mark-connection chain=prerouting connection-state=new dst-address-type=!local in-interface=bridge1 new-connection-mark=WAN1_conn per-connection-classifier=both-ports:3/0
add action=mark-connection chain=prerouting connection-state=new dst-address-type=!local in-interface=bridge1 new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-ports:3/2
add action=mark-connection chain=prerouting connection-state=new dst-address-type=!local in-interface=bridge1 new-connection-mark=WAN2_conn passthrough=yes per-connection classifier=both-ports:3/1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn in-interface=bridge1 new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn in-interface=bridge1 new-routing-mark=to_WAN2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN1
add action=masquerade chain=srcnat out-interface-list=WAN2
/system routerboard settings
set silent-boot=no

/system scheduler
:global newgw [/ip dhcp-client get [find interface="WAN1" ] gateway ]
:global activegw [/ip route get [/ip route find comment="WAN2"] gateway ]
:if ($newgw != $activegw) do={
/ip route set [find comment="WAN1"] gateway=$newgw
/ip route set [find comment="WAN1 routing gateway"] gateway=$newgw
}
:global newgw [/ip dhcp-client get [find interface="WAN2" ] gateway ]
:global activegw [/ip route get [/ip route find comment="WAN2"] gateway ]
:if ($newgw != $activegw) do={
/ip route set [find comment="WAN2"] gateway=$newgw
/ip route set [find comment="WAN2 routing gateway"] gateway=$newgw
}
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Dual WAN balanced setup DHCP + PPPOE

Sun Jul 08, 2018 8:39 pm

First - if you're a newcomer to RouterOS and could put together the script in the end of your configuration, hats off.

Second - you say that the Vodafone link is a PPPoE one, but you've attached a dhcp-client to ether2 in parallel to a pppoe-client. That's theoretically possible but I guess the provider doesn't provide both services simultaneously on the same wire. So I'd remove the dhcp-client from ether2.

Third - I cannot see any routes with routing-mark parameter in your configuration export, and the script doesn't add them either. So you correctly use mangle rules to assign connection-marks to connections and to assign routing-marks to packets based on these connection-marks, but as no routes with the same routing-marks are defined, the default routing table will handle these packets anyway.

But it is actually enough to manually add only a default route with routing-mark=to_WAN2 and leave the packets belonging to connections with connection-mark WAN1_conn without any routing mark, which means that the default route in the default table will handle them, so that route has to send them out via WAN1 so that things would work properly.

So you would tell the dhcp-client on WAN1 to add its default route to the default table with distance 1 (add-default-route=yes default-route-distance=1), and you would tell the pppoe-client interface of WAN2 to add its default route with distance 2 (add-default-route=yes default-route-distance=2) or even not add it at all (add-default-route=no). And you would manually add a marked route:
/ip route add dst-address=0.0.0.0/0 routing-mark=to_WAN2 gateway=pppoe-out1

So this way, you don't need the script, because for PPP interfaces of any kind, you can use the interface itself as route's gateway so you don't care what the gateway's IP address is, and because the gateway IP address provided by the DHCP doesn't need to be copied to a marked route.

If you want a complete failover (i.e. that connections which the PCC rules have sent to WAN1 take WAN2 if WAN1 is down, and vice versa), you need that the pppoe-client adds the default route with distance=2 to the default routing table, and you need to add a default route with routing-mark=to_WAN2 and distance=2 with gateway set to the IP address of the gateway provided by the dhcp server. But instead of running a script periodically using a scheduler, you can use the script parameter of /ip dhcp-client to hold a much simpler script adjusting that route's gateway value at each DHCP assignment.
 
mano0000
just joined
Topic Author
Posts: 11
Joined: Sun Jul 01, 2018 9:36 pm

Re: Dual WAN balanced setup DHCP + PPPOE

Wed Nov 14, 2018 1:53 pm

Hi Sindy,
Thanks for the response, I will need to analyse and understand why... for each of your response at my attempt.
(I was hoping for an alert/ping to my email, when my query was responded to.. and then I went on hols etc..)
Back now..
,,,I did read the forum posts, on the correct protocol for asking, before posting to make life easy for all.

Who is online

Users browsing this forum: karlisi, netmas, scoobyn8 and 83 guests