Community discussions

 
jamiewatson69
newbie
Topic Author
Posts: 25
Joined: Sun Mar 28, 2010 1:44 pm

Advanced routing failover without scripting

Fri Sep 24, 2010 11:52 pm

Evening all, has anybody got this to work?

http://wiki.mikrotik.com/wiki/Advanced_ ... _Scripting

I have been struggling and just want to check it does actually do what it says on the tin...

Thanks
Jamie
 
kazanova
Member
Member
Posts: 407
Joined: Tue Sep 06, 2005 11:52 am

Re: Advanced routing failover without scripting

Mon Sep 27, 2010 2:33 pm

انا انزلنا التوراه فيها هدى ونور يحكم بها النبيون الذين اسلموا للذين هادوا والربانيون والاحبار بما استحفظوا من كتاب الله وكانوا عليه شهداء فلا تخشوا الناس واخشون ولا تشتروا باياتي ثمنا قليلا ومن لم يحكم بما انزل الله فاولئك هم الكافرون
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8318
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Advanced routing failover without scripting

Sat Oct 16, 2010 7:28 pm

yes, it actually does what is said in the article =)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
Ibersystems
Forum Guru
Forum Guru
Posts: 1683
Joined: Wed Apr 12, 2006 12:29 am
Location: Cabrils, Barcelona - Spain
Contact:

Re: Advanced routing failover without scripting

Sat Oct 16, 2010 10:34 pm

I have it working on many places. Working with 2 adsl lines without problems. A friend tell me that it doesnt work with a lot of traffic, but I dont tryed this. I believe that the Mbps doesnt matter.
Martín
martinruiz at ibersystems.es
Experto en redes WiFi y enlaces WiFi.

Facebook: @Ibersystems
Twitter: @Ibersystems

Certified in Traffic Shaping, Wireless, Internetworking, Routing and User Management.
MTCTCE - MTCWE - MTCINE - MTCUME - MTCRE
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8318
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Advanced routing failover without scripting

Sat Oct 16, 2010 11:14 pm

A friend tell me that it doesnt work with a lot of traffic, but I dont tryed this. I believe that the Mbps doesnt matter.
probably it's because of congested link, so ping packets are getting lost
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
Ibersystems
Forum Guru
Forum Guru
Posts: 1683
Joined: Wed Apr 12, 2006 12:29 am
Location: Cabrils, Barcelona - Spain
Contact:

Re: Advanced routing failover without scripting

Sat Oct 16, 2010 11:55 pm

Ummmm.. : D! Priorization of the output will fix it. We have v2.0rc xD
Martín
martinruiz at ibersystems.es
Experto en redes WiFi y enlaces WiFi.

Facebook: @Ibersystems
Twitter: @Ibersystems

Certified in Traffic Shaping, Wireless, Internetworking, Routing and User Management.
MTCTCE - MTCWE - MTCINE - MTCUME - MTCRE
 
salac
just joined
Posts: 10
Joined: Fri May 28, 2004 1:57 pm
Location: Belgrade, Serbia & Montenegro

Re: Advanced routing failover without scripting

Sat Oct 01, 2011 11:50 am

I'm sorry cause I will ressurect an old topic, but doesn't work for me as well:
[admin@MTIK_KAZINO] /ip route> /ping 10.10.10.254
10.10.10.254 64 byte ping: ttl=64 time<1 ms
10.10.10.254 64 byte ping: ttl=64 time<1 ms
10.10.10.254 64 byte ping: ttl=64 time<1 ms
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0/0.0/0 ms
[admin@MTIK] /ip route> /ping 209.85.148.105
209.85.148.105 ping timeout
209.85.148.105 ping timeout
209.85.148.105 ping timeout
209.85.148.105 ping timeout
4 packets transmitted, 0 packets received, 100% packet loss
[admin@MTIK] /ip route> print detail
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
0 S dst-address=0.0.0.0/0 gateway=10.20.20.254 interface=LINK2 check-gateway=ping gateway-state=reachable distance=2 scope=30 target-scope=10

1 A S dst-address=0.0.0.0/0 gateway=209.85.148.105 interface=LINK1 gateway-state=recursive distance=1 scope=30 target-scope=10

2 ADC dst-address=10.0.0.0/24 pref-src=10.0.0.254 interface=CLIENT2 distance=0 scope=10

3 ADC dst-address=10.10.10.0/24 pref-src=10.10.10.1 interface=LINK1 distance=0 scope=10

4 ADC dst-address=10.20.20.0/24 pref-src=10.20.20.1 interface=LINK2 distance=0 scope=10

5 A S dst-address=66.220.158.25/32 gateway=10.20.20.254 interface=LINK2 gateway-state=reachable distance=1 scope=10 target-scope=10

6 ADC dst-address=192.168.0.0/24 pref-src=192.168.0.102 interface=ether1 distance=0 scope=10

7 ADC dst-address=192.168.101.0/24 pref-src=192.168.101.254 interface=CLIENT1 distance=0 scope=10

8 A S dst-address=209.85.148.105/32 gateway=10.10.10.254 interface=LINK1 gateway-state=reachable distance=1 scope=10 target-scope=10


[admin@MTIK] /ip route> /ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.101.254/24 192.168.101.0 192.168.101.255 CLIENT1
1 10.0.0.254/24 10.0.0.0 10.0.0.255 CLIENT2
2 10.20.20.1/24 10.20.20.0 10.20.20.255 LINK2
3 10.10.10.1/24 10.10.10.0 10.10.10.255 LINK1
4 192.168.0.102/24 192.168.0.0 192.168.0.255 ether1
[admin@MTIK] /ip route>
As you can see 'control' host (209.85.148.105) is not pingable but routing path is still marked as A (active), which is wrong.
I tried with adding blackhole:
/ip route add dst-address=209.85.148.105 type=blackhole distance=20
but still nothing.

Any ideas?

ps. As you can see I didnt implement whole concept, just tried what will happen if one route is down (didnt make any route marking etc) - this is basic example of routing failover if control host is not reachable.

Note: this is just testing environment made on Xenserver, all mikrotik versions are 3.22
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8318
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Advanced routing failover without scripting

Sat Oct 01, 2011 3:54 pm

in route #1 you don't have 'check-gateway' parameter, that's why gateway=209.85.148.105 is not checked against reachability
/ip route set 1 check-gateway=ping
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
salac
just joined
Posts: 10
Joined: Fri May 28, 2004 1:57 pm
Location: Belgrade, Serbia & Montenegro

Re: Advanced routing failover without scripting

Sat Oct 01, 2011 4:16 pm

chupaka, thank you for fast response.

I actually posted wrong config (without ping check), cause I tried to experiment a bit and see what's going on. Anyway, even with ping checking I cannot see route is going from 'reachable' to 'unreachable' . Trlied with 'blackhole' and without 'blackhole' :
[admin@MTIK] /ip route> /ping 10.10.10.254
10.10.10.254 64 byte ping: ttl=64 time=5 ms
10.10.10.254 64 byte ping: ttl=64 time<1 ms
10.10.10.254 64 byte ping: ttl=64 time<1 ms
10.10.10.254 64 byte ping: ttl=64 time<1 ms
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0/1.2/5 ms
[admin@MTIK] /ip route> /ping 209.85.148.105
209.85.148.105 ping timeout
209.85.148.105 ping timeout
209.85.148.105 ping timeout
209.85.148.105 ping timeout
4 packets transmitted, 0 packets received, 100% packet loss
[admin@MTIK] /ip route> /ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY-STATE GATEWAY DISTANCE INTERFACE
0 S 0.0.0.0/0 reachable 10.20.20.254 2 LINK2
1 A S 0.0.0.0/0 recursive 209.85.148.105 1 LINK1
2 ADC 10.0.0.0/24 10.0.0.254 0 CLIENT2
3 ADC 10.10.10.0/24 10.10.10.1 0 LINK1
4 ADC 10.20.20.0/24 10.20.20.1 0 LINK2
5 A S 66.220.158.25/32 reachable 10.20.20.254 1 LINK2
6 ADC 192.168.0.0/24 192.168.0.102 0 ether1
7 ADC 192.168.101.0/24 192.168.101.254 0 CLIENT1
8 A S 209.85.148.105/32 reachable 10.10.10.254 1 LINK1
9 X SB 209.85.148.105/32 20
[admin@MTIK] /ip route> print detail
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
0 S dst-address=0.0.0.0/0 gateway=10.20.20.254 interface=LINK2 check-gateway=ping gateway-state=reachable distance=2 scope=30 target-scope=10

1 A S dst-address=0.0.0.0/0 gateway=209.85.148.105 interface=LINK1 check-gateway=ping gateway-state=recursive distance=1 scope=30 target-scope=10

2 ADC dst-address=10.0.0.0/24 pref-src=10.0.0.254 interface=CLIENT2 distance=0 scope=10

3 ADC dst-address=10.10.10.0/24 pref-src=10.10.10.1 interface=LINK1 distance=0 scope=10

4 ADC dst-address=10.20.20.0/24 pref-src=10.20.20.1 interface=LINK2 distance=0 scope=10

5 A S dst-address=66.220.158.25/32 gateway=10.20.20.254 interface=LINK2 gateway-state=reachable distance=1 scope=10 target-scope=10

6 ADC dst-address=192.168.0.0/24 pref-src=192.168.0.102 interface=ether1 distance=0 scope=10

7 ADC dst-address=192.168.101.0/24 pref-src=192.168.101.254 interface=CLIENT1 distance=0 scope=10

8 A S dst-address=209.85.148.105/32 gateway=10.10.10.254 interface=LINK1 gateway-state=reachable distance=1 scope=10 target-scope=10

9 X SB dst-address=209.85.148.105/32 type=blackhole distance=20
[admin@MTIK] /ip route> enable 9
[admin@MTIK] /ip route> /ping 10.10.10.254
10.10.10.254 64 byte ping: ttl=64 time<1 ms
10.10.10.254 64 byte ping: ttl=64 time<1 ms
10.10.10.254 64 byte ping: ttl=64 time<1 ms
10.10.10.254 64 byte ping: ttl=64 time<1 ms
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0/0.0/0 ms
[admin@MTIK] /ip route> /ping 209.85.148.105
209.85.148.105 ping timeout
209.85.148.105 ping timeout
209.85.148.105 ping timeout
209.85.148.105 ping timeout
209.85.148.105 ping timeout
5 packets transmitted, 0 packets received, 100% packet loss
[admin@MTIK] /ip route> print detail
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit
0 S dst-address=0.0.0.0/0 gateway=10.20.20.254 interface=LINK2 check-gateway=ping gateway-state=reachable distance=2 scope=30 target-scope=10

1 A S dst-address=0.0.0.0/0 gateway=209.85.148.105 interface=LINK1 check-gateway=ping gateway-state=recursive distance=1 scope=30 target-scope=10

2 ADC dst-address=10.0.0.0/24 pref-src=10.0.0.254 interface=CLIENT2 distance=0 scope=10

3 ADC dst-address=10.10.10.0/24 pref-src=10.10.10.1 interface=LINK1 distance=0 scope=10

4 ADC dst-address=10.20.20.0/24 pref-src=10.20.20.1 interface=LINK2 distance=0 scope=10

5 A S dst-address=66.220.158.25/32 gateway=10.20.20.254 interface=LINK2 gateway-state=reachable distance=1 scope=10 target-scope=10

6 ADC dst-address=192.168.0.0/24 pref-src=192.168.0.102 interface=ether1 distance=0 scope=10

7 ADC dst-address=192.168.101.0/24 pref-src=192.168.101.254 interface=CLIENT1 distance=0 scope=10

8 A S dst-address=209.85.148.105/32 gateway=10.10.10.254 interface=LINK1 gateway-state=reachable distance=1 scope=10 target-scope=10

9 SB dst-address=209.85.148.105/32 type=blackhole distance=20
[admin@MTIK] /ip route>
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8318
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Advanced routing failover without scripting

Sat Oct 01, 2011 8:21 pm

yep, a bit strange. please recheck with the latest version
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
JP_Wireless
Member Candidate
Member Candidate
Posts: 273
Joined: Thu Dec 13, 2007 4:31 pm
Location: Lagos Nigeria
Contact:

Re: Advanced routing failover without scripting

Sat Oct 01, 2011 9:22 pm

Look critically becos it is working.
JP Wireless:::
One Stop ICT, Alternative Power & Electronics Securities Solutions Provider!
Tel: +2348098798779, +2348055353151
http://www.jpwireless.net: Email: info[at]jpwireless.net
36, Diya Road, Gbagada, Lagos - Nigeria.
.
 
salac
just joined
Posts: 10
Joined: Fri May 28, 2004 1:57 pm
Location: Belgrade, Serbia & Montenegro

Re: Advanced routing failover without scripting

Mon Oct 03, 2011 2:33 pm

Just wanted to say it is working like a charm with routeros 4.17.

Tnx for help people.
 
MythosGR
just joined
Posts: 7
Joined: Sat May 11, 2013 4:46 pm

Re: Advanced routing failover without scripting

Tue May 14, 2013 12:57 pm

Hi to all,

I bring up this thread as I cannot have it working on a 751U-2HnD although I have spent several hours to find out what I'm doing wrong....

I'am trying the "Advanced routing failover without scripting" configuration but without the routing marks as follows:
/ip route
add dst-address=8.8.4.4 gateway=192.168.0.254 scope=10
add dst-address=8.8.8.8 gateway=192.168.1.1 scope=10
add distance=1 gateway=8.8.4.4 check-gateway=ping
add distance=2 gateway=8.8.8.8 check-gateway=ping
I have two gateways:

adsl router 1: 192.168.0.254 (my LAN 192.168.0.0/24, connecting using my mikrotik's eth port 5)
and
adsl router 2: 192.168.1.1 (neighbour's net 192.168.1.0/24, connecting using my mikrotik's wifi iface)

The iface setup on my router:
[admin@MikroTik] > ip address print
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                                                                                                          
 0   192.168.0.251/24   192.168.0.0     ether5-slave-local                                                                                                                 
 1   192.168.1.251/24   192.168.1.0     wlan1 
My PC is at 192.168.0.4

The routing table:
[admin@MikroTik] /ip route> print detail 
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 0 A S  dst-address=0.0.0.0/0 gateway=8.8.4.4 gateway-status=8.8.4.4 recursive via 192.168.0.254 ether2-master-local check-gateway=ping distance=1 scope=30 target-scope=10 

 1   S  dst-address=0.0.0.0/0 gateway=8.8.8.8 gateway-status=8.8.8.8 recursive via 192.168.1.1 wlan1 check-gateway=ping distance=2 scope=30 target-scope=10 

 2 A S  dst-address=8.8.4.4/32 gateway=192.168.0.254 gateway-status=192.168.0.254 reachable via  ether2-master-local distance=1 scope=10 target-scope=10 

 3 A S  dst-address=8.8.8.8/32 gateway=192.168.1.1 gateway-status=192.168.1.1 reachable via  wlan1 distance=1 scope=10 target-scope=10 

 4 ADC  dst-address=192.168.0.0/24 pref-src=192.168.0.251 gateway=ether2-master-local gateway-status=ether2-master-local reachable distance=0 scope=10 

 5 ADC  dst-address=192.168.1.0/24 pref-src=192.168.1.251 gateway=wlan1 gateway-status=wlan1 reachable distance=0 scope=10 
Masquerading rule only for wifi iface:
[admin@MikroTik] > ip firewall nat print 
Flags: X - disabled, I - invalid, D - dynamic 
 0   chain=srcnat action=masquerade to-addresses=192.168.1.251 out-interface=wlan1 
What happens is that I am able to access the internet from 192.168.0.4 (my PC) when 192.168.0.254 (local adsl router) is connected to the internet (and 8.8.4.4 is reachable). When I disconnect 192.168.0.254 (adsl router / bring down its PPPoE connection), I can see the failover route becoming active with 'A', but 192.168.0.4 (my PC) is not able to connect to the internet through 192.168.1.1 (neighbour's adsl router). However, if I set 192.168.1.1 as the only gateway to the mikrotik, 192.168.0.4 is able to connect to the internet without problem (which means that the masqerading and the routing to 192.168.1.1 over my wifi iface works). Also, if 8.8.8.8 (gw 192.168.1.1) route is set with distance 1 and 8.8.4.4 route (gw 192.168.0.254) is set with distance 2 (swap distance values), then I can connect through 192.168.1.1 but when it fails, I cannot connect through 192.168.0.254 although the 8.8.4.4 route has become active.

Clearly I am missing something here or there is a bug.
RouterOS: 5.25
firmware 3.07
 
Ivoshiee
Member
Member
Posts: 471
Joined: Sat May 06, 2006 4:11 pm

Re: Advanced routing failover without scripting

Tue May 14, 2013 11:34 pm

All that simple ping checking is failing if the other end is actively filtering out the ping packets or is just too weak to answer to these (all the time). My ISP is all that and I've implemented indirect ways to detect if the connection is indeed down or not.
 
MythosGR
just joined
Posts: 7
Joined: Sat May 11, 2013 4:46 pm

Re: Advanced routing failover without scripting

Wed May 22, 2013 9:29 pm

I have no problem with route activation. When 8.8.4.4 is not accessible, route 1 becomes active. I am even able to ping adresses and ssh to hosts but not able to browse the web. I would really appreciate if somebod could help, as I have spend so many hours trying....

Who is online

Users browsing this forum: belits17 and 121 guests