I'm testing a configuration with two WANs in failover mode. Currently when the main connection "WAN1" goes down, WAN2 is activated immediately and all data traffic runs smoothly, with the exception of the voice traffic which is interrupted. To restart the voice traffic too, I have to manually restart the routerboard or enter the firwall connections table and manually remove the udp connections present, in this way the phone immediately re-creates new udp connections routes on WAN2.
I'd like to automate this mechanism.
When WAN1 failover occurs -> clean all udp connections
When WAN1 is back up and running -> clean all udp connections
I know I'm asking for something complicated
I thank anyone who can help me.
This is my current configuration:
Code: Select all
# apr/18/2021 00:14:18 by RouterOS 6.48.1
# software id =
# model = RouterBOARD 941-2nD
# serial number =
/interface bridge
add name=bridge1
/interface wireless
set [ find default-name=wlan1 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=192.168.1.100-192.168.1.200
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=bridge1 name=dhcp1
/queue simple
add max-limit=768k/10M name=Total target=""
/queue type
add kind=pcq name="BMG Voip Download" pcq-classifier=src-address,dst-address pcq-dst-address6-mask=64 pcq-rate=128k pcq-src-address6-mask=64
/queue simple
add max-limit=768k/10M name=VoIP packet-marks=3CX_packet parent=Total priority=1/1 queue="BMG Voip Download/BMG Voip Download" target="" total-queue="BMG Voip Download"
/interface bridge port
add bridge=bridge1 interface=ether3 multicast-router=disabled
add bridge=bridge1 interface=ether4 multicast-router=disabled
/ip address
add address=192.168.1.1/24 interface=bridge1 network=192.168.1.0
/ip dhcp-client
add disabled=no interface=ether1
add disabled=no interface=ether2
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.1.1
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address=***.***.77.238 new-connection-mark=3CX_connection passthrough=yes
add action=mark-packet chain=prerouting connection-mark=3CX_connection new-packet-mark=3CX_packet passthrough=no
add action=mark-connection chain=output connection-mark=no-mark connection-state=new new-connection-mark=WAN1 out-interface=ether1 passthrough=yes
add action=mark-connection chain=output connection-mark=no-mark connection-state=new new-connection-mark=WAN2 out-interface=ether2 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1 new-routing-mark=to_WAN1 out-interface=ether1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2 new-routing-mark=to_WAN2 out-interface=ether2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat out-interface=ether2
/ip firewall service-port
set sip disabled=yes
/ip route
add check-gateway=ping distance=1 gateway=192.168.3.75 routing-mark=to_WAN1
add check-gateway=ping distance=2 gateway=192.168.78.1 routing-mark=to_WAN2
/system clock
set time-zone-name=Europe/Rome
[admin@MikroTik] >