Community discussions

MikroTik App
 
jpineira
just joined
Topic Author
Posts: 3
Joined: Thu Feb 07, 2013 4:11 am

Dual WAN Failover with DHCP on WAN port.

Wed Jan 21, 2015 1:33 am

I need help with configuring internet failover on a Mikrotik. It's 2 WAN connections. Both connections are DHCP. I have gone through most tutorials but most failover scenarios are for WAN ports with static IPs and static gateways. The gateways on both of these connections will occasionally change. Any suggestions?
 
User avatar
rmmccann
Member Candidate
Member Candidate
Posts: 182
Joined: Tue Sep 25, 2012 11:15 pm
Location: USA

Re: Dual WAN Failover with DHCP on WAN port.

Wed Jan 21, 2015 7:13 pm

Rather than specifying an IP address as the gateway, can you simply specify the physical interface as the gateway? I just tried this on a PPPoE lab connection I have and it seems to work fine for the default route.

ie:
/ip route add distance=1 gateway=ether1-gateway
A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools. --Douglas Adams
 
InoX
Forum Guru
Forum Guru
Posts: 1974
Joined: Tue Jan 09, 2007 6:44 pm

Re: Dual WAN Failover with DHCP on WAN port.

Wed Jan 21, 2015 7:28 pm

Set dhcp client on both connections.
Add default route 1 and default route 2 for main and secondary wans.
Done.
Default gateway will be pinged for every connection but if the internet is not working and ping till gateway work, failover will not work.
You do not have the required permissions to view the files attached to this post.
 
thewickerman666
just joined
Posts: 7
Joined: Sun Sep 10, 2017 9:28 am

Re: Dual WAN Failover with DHCP on WAN port.

Mon Sep 11, 2017 6:38 am

InoX your solution worked awesomely well for me. This is on my hapAC (MikroTik RouterOS 6.40.3 (c) 1999-2017) dual wan failover with DHCP on wan ports.

I have ether1 (WAN1) connected to a TWC DOCSIS3.0 modem, and ether2 (WAN2) connected to a google fiber.
Selection_001.png
Selection_002.png
::For WAN1::
IP > DHCP Client > DHCP tab > interface: ether1; add default route : yes
IP > DHCP Client > Advanced tab > Default Route Distance: 1

::For WAN2::
IP > DHCP Client > DHCP tab > interface: ether2; add default route : yes
IP > DHCP Client > Advanced tab > Default Route Distance: 2

I had static routes set with scope and distance setting per some previous posts, I have now deleted them now. These are not needed if one uses InOX's solution.

Thanks InOX.

In addition i realised that without ping check the changeover is not very effective especially if you have unresponsive modem/gateway device. So found that adding this in the routing filter is helping:
/routing filter
add action=passthrough chain=dynamic-in disabled=no set-check-gateway=ping
the above is as suggested in here by tabate47: viewtopic.php?t=112532#

Would appreciate if people would post their finding and test observations. Thanks tabate47.
You do not have the required permissions to view the files attached to this post.
 
viktorcode
just joined
Posts: 1
Joined: Sat Sep 21, 2019 1:51 pm

Re: Dual WAN Failover with DHCP on WAN port.

Sat Sep 21, 2019 1:56 pm

I'm trying to fo roughly the same thing but with the difference being that one of my WAN connections is PPPoE and the other one is DHCP. My problem is when with the PPPoE connection setup I'm trying to add DHCP client to the corresponding ethernet port I get the following: "Couldn't add New DHCP Client - can not run on slave interface (6)"

How do I do it?
 
User avatar
maxslug
just joined
Posts: 18
Joined: Sun Aug 30, 2020 7:07 am

Re: Dual WAN Failover with DHCP on WAN port.

Wed Sep 16, 2020 9:02 pm

This seemed too simple to be true! Thanks InoX and thewickerman666!
 
User avatar
bpwl
Forum Veteran
Forum Veteran
Posts: 915
Joined: Mon Apr 08, 2019 1:16 am

Re: Dual WAN Failover with DHCP on WAN port.

Thu Oct 15, 2020 8:19 pm

This is indeed very simple, but has a very limited functionality. You don't even have to specify the interface. Just let the DHCP client add the default route with a different route priority (advanced tab)
This the standard simple fail-over.

You have NOT solved the problem that others tackle. Checking if that path has internet connectivity,. Even if the gateway is UP, and the line active, this does not mean that you should use that line. The internet connection can be broken at many places. The other path could still be better, as it might have internet connectivity.

I believe you can use the interface as path in the other solutions. (Replacing the fixed gateway IP address 192.168.90.1 and 192.168.95.1 in my example by their interfaces)

This is my setup (not with DHCP dynamic IP addresses but at least the rest of the internet checks is there.)

ascii-art code

 
  The mechanism is as such: by playing with “scope” one can assign/use/check a remote (not directly reachable) gateway. (AFAIK this comes from iBGP routing. Not the simple routing we know)
The clue is to set scope on 10 while checking for reachability for that remote gateway
 (gateway that actually never is used as gateway, just a phantom gateway check to see if that path there leads to internet)

  So again my setup:

/ip route
add check-gateway=ping comment="dynamische default route" distance=2 gateway=8.8.4.4
add check-gateway=ping distance=3 gateway=8.8.8.8

Route set #1: Those lines would normally not work. The gateways 8.8.4.4 and 8.8.8.8 are not directly reachable.
 Because of the target scope on 10, routes with scope 10 will be used to resolve recursively, those are normally only directly attached subnets.

add comment="fallback dynamische default route" distance=10 gateway=192.168.90.1
add distance=11 gateway=192.168.95.1

Route set #2 : This is a fallback, just in case all the Google servers are down, and the normal check will give a false negative (servers not reachable, but internet is reachable)
                Actually by playing with the distance, this is already a fail-over between them that will function if the named gateway (directly attached) becomes unreachable.
                To make it only act as fallback for route set #1, the distance must be higher than the route set #1.

Route set #3: Is not in this table, but is added dynamically by DHCP. This is the fallback of the fallback, where the gateway is actually broken & replaced or changed its IP address.
                To make sure that set #3 is only used as 3th solution, the DHCP client default route parameter must set at a higher distance than route set #2. I use 20 and 21.


add comment="check 4G recursive for default route ( scope = 10! )" distance=1 dst-address=8.8.4.4/32 gateway=192.168.95.1 scope=10
add comment="check SkyDSL recursive for default route ( scope = 10!)" distance=1 dst-address=8.8.8.8/32 gateway=192.168.90.1 scope=10

Route set#4: this is the clue. This set of routes that make the gateways for route set #1 reachable, if they are reachable via multiple in between routers. (recursive)
                The basic requirement for those routes to help out route set #1 is that the scope is 10 . Standard static routes are added with scope 30 !
                If the gateway is reachable the corresponding route from set #1 is UP. If the gateway is NOT reachable, the corresponding route in route set #1 is DOWN.
                This route set #4 is not used for data traffic (except for something directly addressed at the named gateways, like a DNS lookup)


See the wiki confusing doc: ( THE clue: we create a static route with scope 10  (value normally reserved for directly connected paths only).
 And we know that static routes (with target scope 10) , do use routes with scope 10 as helpers.  iBGP does something similar by setting “target scope” to 30.)

https://help.mikrotik.com/docs/display/ ... Are+Routed

Klembord-2.jpg
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 5317
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Dual WAN Failover with DHCP on WAN port.

Thu Oct 15, 2020 8:31 pm

Distance I understand,
Scope is still a mystery..........
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!

Who is online

Users browsing this forum: Bionic, Renfrew, sindy and 113 guests