MikroTik

Bridged network, all vlan to separate this traffic from fixed clients network. (So normal default routing doesn't apply. Routes to gateways for this network pass over vlan to gateway. Separate from other traffic.)

Somewhere one IP is gateway (192.168.1.1), some other router is dhcp-server (192.168.1.2).
dhcp-server sits on bridge that bridges several vlans towards remote AP's.
When dhcp-server issues IP's to clients it issues default gw as 192.168.1.1
I have another router part of the same network with IP 192.168.1.3 that also connects to the Internet (different provider)
I want that if default gateway 192.168.1.1 goes down, client traffic for this network goes to 192.168.1.3
So actually it needs that def. gateway in client should test route to gateway and switch to the one that is available with lowest cost.
But although dhcp-server has option to hand-out two gateway address, the client is not getting these. Only one.

What am I missing?
Or, what is the proper use of 2nd mentioning of gateway address in dhcp-server?

Clients typically only support one default route. You should look into VRRP to solve your issue.

Clients typically only support one default route. You should look into VRRP to solve your issue.

Yes, but you can have several backup default routes set. Only the one with the lowers cost is active. But if that one isn't reachable (ping) it would disable and the next lowest cost route becomes active. Simple failover.

All I want is to give two default gateway routes to client. One main, with lowest cost, and one backup, with higher cost.
If now main gateway goes down backup gateway should take over and client could still reach the internet.

The trouble is leaving it up to the client (if they even support it) is basically making it unknown. Its best if the network behaves in a deterministic way. If you use VRRP and other routing techniques to present a consistent experience to the customer it will reduce the support unknown.

Basically its possible to do what you want without involving the client.

+1 to jkarras suggestion. Go with VRRP - you will have more control over the desired end result.

-1 to jkarras, -1 to rmmccann;
VRRP is for having 2 routers in the same situation/configuration, where one is a backup for the other. The 'slave' should take over 'master's' work when master goes down and give funtion back to master if master comes back online.
Its called "Virtual Router Redundancy Protocol". It give you a redundant router system.


I am talking a completely different situation. I am looking to create a redundant route. Independent on if routers have backup or not.
My both gateway routers serve their own networks and have their own provider on the WAN. They both also have extended routing tables and perform QoS and traffic shaping.
They only share one vlan which has a network that is to become a hotspot network with many connected clients.
The hotspot (now is still a dhcp-scerver) router resides some nodes away and is at the same time handling normal routing stuff for another network. Basic default route + backup routing in this router is already used for the main networks.

The basic aim of my question was why you can set in 'dhcp-server' funcion a double default gateway IP if it has no further function?
It would have a function if you could set two def. gateways in client, one main, and one backup route..... but nothing happens.
So why a function that looks interesting but than is doing nothing.....?

What your describing is the need for first hop redundancy VRRP is created for solve just that problem. What is done after the first hop is up to your routing policies.

I have exactly this scenario setup to add first hop redundancy to our ISP for devices that can't just use a dynamic routing protocol. We have routing policies in place to track the primary interface on router A. If router A's interface to the ISP goes down then the priority for the VRRP master is adjusted forcing traffic to router B (not needed but a design feature we wanted).

What your describing is the need for first hop redundancy VRRP is created for solve just that problem. What is done after the first hop is up to your routing policies.

I have exactly this scenario setup to add first hop redundancy to our ISP for devices that can't just use a dynamic routing protocol. We have routing policies in place to track the primary interface on router A. If router A's interface to the ISP goes down then the priority for the VRRP master is adjusted forcing traffic to router B (not needed but a design feature we wanted).

No, I don't need first hop redundancy. I need a route redundancy. The vlan from the dhcp-server (=>hotspot) runs over several routers towards the end router. Here it terminates on an interface of the border router to be passed towards provider's router.
The dhcp-server (that 'sits' on a bridge interface bridging several vlan to all corners of my network and the both border gateway) is issuing a default gw-ip to its clients. But in itself this dhcp-server has no clue if either one of the border gateways can be reached.
(Well, I can do netwatch tool or script but I don't want to make it too complicated.)

Basically the CPE gets its IP from the dhcp-server, plus a default gateway address. Since both the CPE as the gateway are on the same vlan network the CPE can 'see' if the IP of the gateway is reachable or not. By setting a second gateway IP, that has slightly higher cost, and therefore becomes the 'standby' gateway, the CPE can reach the internet via the second gateway if the first becomes unreachable.
I can set it manually, but if dhcp-server looks to have an option to issue two gateways to the client, that would be nice. But although some functionality looks like the server can handle two (or more) default gateways, I can't get that info into the CPE.

Is the CPE always a router of some kind? I am thinking business clients here not home routers. If so it sounds like you should setup BGP between your network and the CPE allowing the routing to help with the decision. That or move to a fully routed backbone removing the VLAN bridges and implement VRFs or TE style tunnels to fix it.

-1 to jkarras, -1 to rmmccann;
VRRP is for having 2 routers in the same situation/configuration, where one is a backup for the other. The 'slave' should take over 'master's' work when master goes down and give funtion back to master if master comes back online.
Its called "Virtual Router Redundancy Protocol". It give you a redundant router system.

In some situations, yes you want a redundant hot spare router scenario with identical configurations, however if you think outside the box a bit this works as intended (I know because I'm doing it on my network).

I have two geographically separate routers with two different upstreams and IP addressing schemes serving multiple networks AND a shared corporate network. I have TWO VRRP instances enabled on a single VLAN - one for each router. The routers essentially have 3 IPs assigned to them - 1 for each VRRP instance and one for communicaton. Instance 1 on gateway 1 serves computers in one part of the network with router 2 as a backup if router 1 goes down. Instance 2 on gateway 2 serves the other part of my network with router 1 for failover.

Since I'm NOT dealing with wireless CPE but instead Windows computers on an Active Directory network AND I want load balancing, I'm utilizing some tricks in active directory to assign a specific gateway to the client depending on which part of the network they reside on.

This setup would be very similar to what you are trying to do.

Router 1 VRRP could be 192.168.1.1 with Router 2 as backup. Router 2 VRRP could be 192.168.1.3 with Router 1 as backup - two VRRP instances. You'd just want to assign an additional IP to each router (192.168.1.4 and 192.168.1.5) so that you don't run into communication problems if the other router owns the VRRP IP address.

Additionally, you can manually point hosts to that secondary IP address if you ONLY want it to route out that connection. Both routers can have completely unique configurations.

Does that make sense?

Hi!
For add specifics gateway on a client in the network please:
add opcion 3 in dhcp server.

/ip dhcp-server option
add code=3 name=option3 value="'192.168.1.7'"
/ip dhcp-server option sets
add name=set1_add_def_gw options=option3

STATC LEASE FOR A CLIENT:
add address=192.168.1.110 comment=PC1 dhcp-option-set=set1_add_def_gw \
mac-address=E8:9A:8F:55:69:1A server=dhcp1

Ejample in graphics mode: