Community discussions

MUM Europe 2020
 
jd6strings
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 73
Joined: Tue Dec 20, 2005 8:24 pm

Multiple ISP IP addresses on an Interface and policy routing

Sat Feb 25, 2006 7:48 pm

Hello:

We have a Mikrotik PTP link that feeds a few AP's with bandwidth from multiple ISP's. I'm in the process of configuring a PC router obviously running RouterOS (v. 2.9.8) so that the remote end of the PTP link is connected to the WAN interface of the router and LAN interface connected to a switch along with the AP's.

My question is, is it possible to put IP's from the two different ISP's on the same WAN interface and use policy based routing to send the incoming traffic to the correct gateway for Internet access? I know how to mark the packets based on Src IP address but I'm not certain how to properly configure the static routes.

When I do configure the static routes for the different ISP's however, RouterOS seems to only want to bind to one or the other of the IP addresses on the WAN interface but NOT both. Is this possible to route traffic down the PTP for both ISP's coming from the same WAN interface?

Thank you!!!
 
valens
Trainer
Trainer
Posts: 246
Joined: Tue Jun 01, 2004 5:42 pm
Location: INDONESIA
Contact:

Sun Feb 26, 2006 1:46 pm

If you are not using NAT (just plain routing), you can use several IPs from different ISP on one interface. But I didn't suggest this, as it will make big bridge network across several ISPs, and sometimes, you can have trouble with broadcast traffic. You can do route-mark and then do several default route, or you can do ECMP as well.

When you are doing ECMP, check if those ISPs permit all of your IP Address passing by their network.

But if do NAT or MASQ, I suggest you use different interface for each ISP.
 
jd6strings
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 73
Joined: Tue Dec 20, 2005 8:24 pm

Mon Feb 27, 2006 8:02 pm

Thanks for the reply. But i'm still having trouble...

Here's my config:

IP ADDRESSES:
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 67.XXX.XXX.129/30 67.XXX.XXX.128 67.XXX.XXX.131 eth2
1 67.XXX.XXX.133/30 67.XXX.XXX.132 67.XXX.XXX.135 eth1
2 206.XXX.XXX.193/30 206.XXX.XXX.192 206.XXX.XXX.195 eth2
3 206.XXX.XXX.161/27 206.XXX.XXX.160 206.XXX.XXX.191 eth1

MANGLE:
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting src-address=67.XXX.XXX.132/30 action=mark-routing
new-routing-mark=test1 passthrough=no

1 chain=prerouting src-address=206.XXX.XXX.160/27 action=mark-routing
new-routing-mark=test2 passthrough=no

ROUTES:
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf
# DST-ADDRESS PREFSRC G GATEWAY DISTANCE INTERFACE
0 ADC 67.XXX.XXX.128/30 67.XXX.XXX.129 eth2
1 ADC 67.XXX.XXX.132/30 67.XXX.XXX.133 eth1
2 ADC 206.XXX.XXX.160/27 206.XXX.XXX.161 eth1
3 ADC 206.XXX.XXX.192/30 206.XXX.XXX.193 eth2
4 A S 0.0.0.0/0 r 67.XXX.XXX.130 eth2
5 A S 0.0.0.0/0 r 206.XXX.XXX.194 eth2

My routes are configured as such so that traffic with a routing mark of 'test1' are routed to the 67.XXX.XXX.130 gateway and traffic marked with 'test2' are routed to the 206.XXX.XXX.194 gateway.

My problem is that if I give a client computer (for test purposes) an IP such as 67.XXX.XXX.134 and a gateway of 67.XXX.XXX.133, I can't ping the client computer from the outside world. I get a message such as 'Reply from 67.XXX.XXX.129: Destination host unreachable.'. Or better yet sometimes I get 'Reply from 206.XXX.XXX.193: Destination host unreachable.'.

I know that packets are reaching the MikroTik router because I can add additional mangle rules and see the statistics add up. There are NO additional firewall rules configured. What's preventing my traffic from getting to the client computer? It appears that eth2 is binding to one or the other IP's but NOT both.

Am I missing something here?

Thank you as always!
 
jd6strings
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 73
Joined: Tue Dec 20, 2005 8:24 pm

Tue Feb 28, 2006 3:13 pm

Any ideas out there?
 
hooronline
just joined
Posts: 14
Joined: Tue Dec 28, 2004 3:05 pm

Hi

Wed Mar 01, 2006 12:22 pm

my have problem
Please Help
 
nazemg
newbie
Posts: 47
Joined: Tue Jun 08, 2004 8:40 am
Location: Baghdad Iraq, Tripoli Lebanon
Contact:

Fri Mar 17, 2006 12:13 am

If you can add a new interface to you router assign a WAN1 ip to it.

/ip route add gateway WAN1,WAN2

Who is online

Users browsing this forum: MSN [Bot] and 72 guests