There are several possible ways of doing this.
One of them is setting default route through an Internet host like 220.127.116.11 by using recursivity, so that the "ping gateway" ROS feature controls the failover.
I have had issues with this, and wouldn't be surprised if your ISP, or further up the uplink filters traffic addressed to such IP as gw.
There's another approach: using netwatch + simple up/down scripts to control the failover, while monitoring an Internet address, like 18.104.22.168 or 22.214.171.124.
- Label default route on main WAN with something on its comment, like "DEFAULT"
- Create secondary default route via secondary WAN, with higher distance than the DEFAULT route
- Create an static route for e.g. 126.96.36.199 via main WAN, so that it can be used to monitor main WAN
add dst-address=0.0.0.0/0 gw=192.168.1.1 distance=1 comment=DEFAULT
add dst-address=0.0.0.0/0 gw=192.168.2.1 distance=5
add dst=address=188.8.131.52/32 gw=192.168.1.1
Now create a Tool > Netwatch entry:
add comment="WAN Failover" down-script="/ip route disable [find comment=\"DEFAULT\"]" host=184.108.40.206 up-script="/ip route enable [find comment=\"DEFAULT\"]
- Netwatch monitors constantly 220.127.116.11 (you can adjust interval and timeout on netwatch to fine tune for false alarms / flapping)
- As there's a specific static route to it, it will always try to reach 18.104.22.168 through main WAN
- If 22.214.171.124 is not reachable, down script will disable the route labelled "DEFAULT". As next lower distance route is the secondary WAN, it will get active on the routing table, and traffic will start flowing through it
- While this is happening, netwatch will keep trying to reach 126.96.36.199 through its specific route via main WAN; if it comes back, netwatch up script will re-enable main WAN default route.
Note: ensure customers don't use 188.8.131.52 as DNS, as it will fail when main WAN is down (or use other reliable anycasting host for monitoring).
Best practice anyhow is setting DNS cache on the mikrotik, and making sure (DHCP, PPPoE) that DNS IP it's handed to clients as DNS.