Hi Thom,
Thanks for your assistance - it's a multiple interface, multiple IP setup. I've tried your suggestion of searching, found some options and disabled interface 3 & 4.
I also changed the config to Janisk's suggestion of only using one rule for nth, and using only one routing mangle rule... but still the same. Only have upload on one interface...
here's the config:
Firewall:
/ip firewall filter
add action=accept chain=forward comment="accept established" \
connection-state=established disabled=no
add action=accept chain=forward comment="accept related" \
connection-state=related disabled=no
add action=accept chain=forward comment="accept new" connection-state=new \
disabled=no in-interface=Local
add action=drop chain=forward comment="drop invalid" connection-state=invalid \
disabled=no
add action=drop chain=forward comment="drop new - not from local" \
connection-state=new disabled=no in-interface=!Local
add action=drop chain=forward comment="drop broadcast + multicast" disabled=no \
dst-address-type=broadcast,multicast
/ip firewall mangle
add action=jump chain=prerouting comment="bypass routers" disabled=no \
jump-target=local src-address-list=routers
add action=mark-connection chain=prerouting comment="dsl1-src addr" \
disabled=no new-connection-mark=dsl1 passthrough=yes src-address-list=dsl1
add action=mark-routing chain=prerouting comment="dsl1-src addr" disabled=no \
new-routing-mark=dsl1 passthrough=no src-address-list=dsl1
add action=mark-connection chain=prerouting comment="dsl2-src addr" \
disabled=no new-connection-mark=dsl2 passthrough=yes src-address-list=dsl2
add action=mark-routing chain=prerouting comment="dsl2-src addr" disabled=no \
new-routing-mark=dsl2 passthrough=no src-address-list=dsl2
add action=mark-connection chain=prerouting comment="dsl3-src addr " \
disabled=no new-connection-mark=dsl3 passthrough=yes src-address-list=dsl3
add action=mark-routing chain=prerouting comment="dsl3 - src addr" disabled=no \
new-routing-mark=dsl3 passthrough=no src-address-list=dsl3
add action=mark-connection chain=prerouting comment="dsl4 - src addr" \
disabled=no new-connection-mark=dsl4 passthrough=yes src-address-list=dsl4
add action=mark-routing chain=prerouting comment="dsl4 - src addr" disabled=no \
new-routing-mark=dsl4 passthrough=no src-address-list=dsl4
add action=mark-connection chain=prerouting comment="dsl1 - packet 1" \
connection-state=new disabled=no in-interface=Local \
new-connection-mark=dsl1 nth=4,1 passthrough=yes
add action=add-src-to-address-list address-list=dsl1 address-list-timeout=1h \
chain=prerouting comment="dsl1 - conn mark dsl1" connection-mark=dsl1 \
disabled=no in-interface=Local
add action=mark-routing chain=prerouting comment="dsl1 - conn mark dsl1" \
connection-mark=dsl1 disabled=no new-routing-mark=dsl1 passthrough=no
add action=mark-connection chain=prerouting comment="dsl2 - packet 2" \
connection-state=new disabled=no in-interface=Local \
new-connection-mark=dsl2 nth=4,2 passthrough=yes
add action=add-src-to-address-list address-list=dsl2 address-list-timeout=1h \
chain=prerouting comment="dsl2 - conn mark dsl2" connection-mark=dsl2 \
disabled=no in-interface=Local
add action=mark-routing chain=prerouting comment="dsl2 - conn mark dsl2" \
connection-mark=dsl2 disabled=no new-routing-mark=dsl2 passthrough=no
add action=mark-connection chain=prerouting comment="dsl3 - packet 3" \
connection-state=new disabled=no in-interface=Local \
new-connection-mark=dsl3 nth=4,3 passthrough=yes
add action=add-src-to-address-list address-list=dsl3 address-list-timeout=1h \
chain=prerouting comment="dsl3 - conn mark dsl3" connection-mark=dsl3 \
disabled=no in-interface=Local
add action=mark-routing chain=prerouting comment="dsl3 - conn mark dsl3" \
connection-mark=dsl3 disabled=no new-routing-mark=dsl3 passthrough=no
add action=mark-connection chain=prerouting comment="dsl4 - packet 4" \
connection-state=new disabled=no in-interface=Local \
new-connection-mark=dsl4 nth=4,4 passthrough=yes
add action=add-src-to-address-list address-list=dsl4 address-list-timeout=1h \
chain=prerouting comment="dsl4 - conn mark dsl4" connection-mark=dsl4 \
disabled=no in-interface=Local
add action=mark-routing chain=prerouting comment="dsl4 - conn mark dsl4" \
connection-mark=dsl4 disabled=no new-routing-mark=dsl4 passthrough=no
add action=accept chain=local comment="" disabled=no
NAT:
/ip firewall nat
add action=src-nat chain=srcnat comment="" disabled=no connection-mark=dsl1 \
to-addresses=<ip 1> to-ports=0-65535
add action=src-nat chain=srcnat comment="" disabled=no connection-mark=dsl2 \
to-addresses=<ip 2> to-ports=0-65535
add action=src-nat chain=srcnat comment="" disabled=no connection-mark=dsl3 \
to-addresses=<ip 3> to-ports=0-65535
add action=src-nat chain=srcnat comment="" disabled=no connection-mark=dsl4 \
to-addresses=<ip 4> to-ports=0-65535
Routing:
/ip route
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=<ip 1> routing-mark=dsl1 scope=255 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=<ip 2> routing-mark=dsl2 scope=255 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=<ip 3> routing-mark=dsl3 scope=255 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=<ip 4> routing-mark=dsl4 scope=255 target-scope=10
add comment="default for router" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=<ip 1> scope=255 target-scope=10
The upload traffic all goes through the route with no routing mark.