Community discussions

MikroTik App
 
spaxton
Member Candidate
Member Candidate
Topic Author
Posts: 192
Joined: Fri Jan 01, 2010 12:18 pm

Simple way for multiwan

Mon Jun 08, 2015 3:07 pm

Hello friends,

I have two WAN connections and two different local network subnets. Subnets are 172.16.201.0/24 and 10.3.0.0/24. This time I don't need load balancing but I want 10.3.0.0/24 get out over WAN2 always and 172.16.201.0/24 over WAN1. Currently my routes are set with different distances and normally outgoing traffic from 10.3.0.0/24 will find a way via WAN1 which is what I want to avoid. Is there a simple way to do this?

Best Regards.
 
User avatar
pukkita
Trainer
Trainer
Posts: 3051
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Simple way for multiwan

Mon Jun 08, 2015 3:54 pm

Guess you're using PCC, you can force outbound WAN by marking routes.
 
spaxton
Member Candidate
Member Candidate
Topic Author
Posts: 192
Joined: Fri Jan 01, 2010 12:18 pm

Re: Simple way for multiwan

Mon Jun 08, 2015 3:59 pm

No PCC set in this router. Is there any way without making PCC?
 
User avatar
pukkita
Trainer
Trainer
Posts: 3051
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Simple way for multiwan

Mon Jun 08, 2015 5:22 pm

sorry, it seems I had some leftovers from another post :)

you can achieve that with policy based routing, i.e. conditionally setting routes:

IP > firewall > mangle

for connections src address 10.3.x.x/24 action=mark-route route-mark=to_WAN2
for connections src address 172.16.x.x/24 action=mark-route route-mark=to_WAN1

in IP > Routes

add check-gateway=ping distance=1 gateway=wan1_interface routing-mark=to_WAN1
add check-gateway=ping distance=2 gateway=wan2_interface routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=wan2_interface routing-mark=to_WAN2
add check-gateway=ping distance=2 gateway=wan1_interface routing-mark=to_WAN2
Last edited by pukkita on Mon Jun 08, 2015 9:41 pm, edited 1 time in total.
 
spaxton
Member Candidate
Member Candidate
Topic Author
Posts: 192
Joined: Fri Jan 01, 2010 12:18 pm

Re: Simple way for multiwan

Mon Jun 08, 2015 8:52 pm

Hi,

Thanks for reply. I'll try this later but please tell me... why do I need to add two gateway routes on the same distance? Wouldn't that make a mess?

BR.


sorry, it seems I had some leftovers from another post :)

you can achieve that with policy based routing, i.e. conditionally setting routes:

IP > firewall > mangle

for connections src address 10.3.x.x/24 action=mark-route route-mark=to_WAN2
for connections src address 172.16.x.x/24 action=mark-route route-mark=to_WAN1

in IP > Routes

add check-gateway=ping distance=1 gateway=wan1_interface routing-mark=to_WAN1
add check-gateway=ping distance=2 gateway=wan2_interface routing-mark=to_WAN2
add check-gateway=ping distance=1 gateway=wan2_interface routing-mark=to_WAN2
add check-gateway=ping distance=2 gateway=wan1_interface routing-mark=to_WAN1
 
User avatar
pukkita
Trainer
Trainer
Posts: 3051
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Simple way for multiwan

Mon Jun 08, 2015 9:39 pm

Sorry, it should be

add check-gateway=ping distance=1 gateway=wan1_interface routing-mark=to_WAN1
add check-gateway=ping distance=2 gateway=wan2_interface routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=wan2_interface routing-mark=to_WAN2
add check-gateway=ping distance=2 gateway=wan1_interface routing-mark=to_WAN2


The goal is having the PBR gateway (wan1_interface with routing-mark=to_WAN1, wan2_interface with routing-mark to_WAN2) the other routes with increased distance will only activate as failover.
 
spaxton
Member Candidate
Member Candidate
Topic Author
Posts: 192
Joined: Fri Jan 01, 2010 12:18 pm

Re: Simple way for multiwan

Tue Jun 09, 2015 10:49 am

Hi friend.

Thanks for reply. This setup works half way... With this, router will became inaccessible from the outside which means that no more VPN connections are possible. As well as DST NAT. Is there any other way? Except making PCC and then forcing the traffic. PCC is really not needed. :(

BR
Sorry, it should be

add check-gateway=ping distance=1 gateway=wan1_interface routing-mark=to_WAN1
add check-gateway=ping distance=2 gateway=wan2_interface routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=wan2_interface routing-mark=to_WAN2
add check-gateway=ping distance=2 gateway=wan1_interface routing-mark=to_WAN2


The goal is having the PBR gateway (wan1_interface with routing-mark=to_WAN1, wan2_interface with routing-mark to_WAN2) the other routes with increased distance will only activate as failover.
 
spaxton
Member Candidate
Member Candidate
Topic Author
Posts: 192
Joined: Fri Jan 01, 2010 12:18 pm

Re: Simple way for multiwan

Tue Jun 09, 2015 11:22 am

I did something similar but I have something strange. At least it is strange in my opinion. This is my setup in routes now:

check-gateway=ping distance=1 gateway=wan1_interface
check-gateway=ping distance=1 gateway=wan2_interface
check-gateway=ping distance=1 gateway=wan1_interface routing-mark=to_WAN1
check-gateway=ping distance=2 gateway=wan1_interface routing-mark=to_WAN2

I achieved to separate the traffic without losing something else. At least not losing all but I did lost video streaming directed to a remote address from this router. I can see that 3 Mbps are regulary going out the wan2 interface as well as in connections I can see that connection exists to a remote address but there is no video on the other side. All works normaly if I exclude one of these WAN interfaces but when I make the setup then something hapens to the stream. Any ideas?

BR.
 
User avatar
pukkita
Trainer
Trainer
Posts: 3051
Joined: Wed Dec 04, 2013 11:09 am
Location: Spain

Re: Simple way for multiwan

Tue Jun 09, 2015 11:45 am

I didn't post the complete setup, look for load balancing with PCC, in first mangle rules you should make sure that everything that enters through an interface gets replied through the same, i.e. connection marking in prerouting whatever enters through WAN1 as WAN1_connection, to later mark route (output) those connections to the proper WAN depending on the connection-mark.

That will make outside connections to the router work.
 
spaxton
Member Candidate
Member Candidate
Topic Author
Posts: 192
Joined: Fri Jan 01, 2010 12:18 pm

Re: Simple way for multiwan

Tue Jun 09, 2015 12:19 pm

Thanks for reply. I solved the problem by restarting the IP encoder. It wasn't the mikrotik problem. However, I didn't add any output rule, only prerouting but so far it does what I need. Like the subject... Simple way for multiwan. What I needed actualy was 2 routers in one package. Your posts helped a lot!

Again, many thanks!
I didn't post the complete setup, look for load balancing with PCC, in first mangle rules you should make sure that everything that enters through an interface gets replied through the same, i.e. connection marking in prerouting whatever enters through WAN1 as WAN1_connection, to later mark route (output) those connections to the proper WAN depending on the connection-mark.

That will make outside connections to the router work.

Who is online

Users browsing this forum: Amazon [Bot], CGGXANNX, esicgg, karlisi, roe1974, Seekport [Bot], Valerio5000 and 62 guests