On the first I tried a quick setup. When I connected to one ISP at the time, everything worked great.
I use this tutorial for setup of Load balancing https://youtu.be/GeuuNE3EPBA - should be same setup as well recommended MUM https://mum.mikrotik.com/presentations/ ... 749570.pdf
WAN1 has distance 1 and WAN2 distance 2. I set it up like this, because Starlink WAN2 has a faster download than DSL WAN1.
I get in the Route List Starlink WAN2 as unreachable. I tried a few things to change but nothing helped. I decided to change Check gateway from ping to arp and that was it! Starlink WAN2 is from now on reachable.
If I try to disconnect Starlink WAN2 failover works pretty well. For example, youtube play video without interruption. When I connected WAN2 back, youtube stopped playing video and some apps like Signal showed “disconnected”. In RouterOS everything looks fine, like the handover worked.
Another issue is that loading of websites is really slow. It can take like a minute before it loads the UI of youtube. Another example, if I want to check speed on speedtest, it takes +-1 minute to “finding optimal server” and sometimes it will never find the optimal server or the speed check fails.
Sometimes websites does not loads at all and showing: This site can’t be reached - ERR_CONNECTION_CLOSED
Once again, if I use one ISP at the time, everything works great.
Please, anyone have some suggestions on how I could resolve these issues?
I would be happy if I can benefit from both ISPs at the same time. Like when I am downloading some game from steam, it would combine speeds. But that only works with link aggregation, right?
Code: Select all
# nov/27/2021 18:27:03 by RouterOS 6.49.1
# software id = I2IK-I1QG
#
# model = RB962UiGS-5HacT2HnT
# serial number = E7D00F3639D9
/interface bridge
add admin-mac=DC:2C:6E:3D:37:41 auto-mac=no comment=defconf name=bridge1
/interface ethernet
set [ find default-name=ether3 ] comment="ether3 - WAN1 - Tmobile" name=WAN1
set [ find default-name=ether1 ] comment="ether1 - WAN2 - Starlink" name=WAN2
/interface wireless
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=\
20/40/80mhz-XXXX country="czech republic" disabled=no distance=indoors \
frequency=auto installation=indoor mode=ap-bridge ssid=Metaverse \
wireless-protocol=802.11 wps-mode=disabled
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" mode=\
dynamic-keys supplicant-identity=MikroTik
add authentication-types=wpa2-psk eap-methods="" mode=dynamic-keys name=Sveta \
supplicant-identity="" unicast-ciphers=tkip,aes-ccm
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX \
country="czech republic" disabled=no distance=indoors frequency=auto \
installation=indoor mode=ap-bridge name="wlan1 Sveta" security-profile=\
Sveta ssid=Na_konci_sveta wireless-protocol=802.11 wps-mode=disabled
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 name=defconf
/interface bridge port
add bridge=bridge1 comment=defconf interface=ether4
add bridge=bridge1 comment=defconf interface=ether5
add bridge=bridge1 comment=defconf interface=sfp1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface="wlan1 Sveta"
add bridge=bridge1 interface=wlan2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface detect-internet
set detect-interface-list=all
/interface list member
add comment=defconf interface=bridge1 list=LAN
add comment=defconf interface=WAN2 list=WAN
add interface=WAN1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge1 network=\
192.168.88.0
/ip dhcp-client
add add-default-route=no disabled=no interface=WAN1
add add-default-route=no disabled=no interface=WAN2
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall mangle
add action=accept chain=prerouting dst-address=10.0.0.0/24 in-interface=\
bridge1
add action=accept chain=prerouting dst-address=100.64.0.0/10 in-interface=\
bridge1
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=WAN1 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=WAN2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark \
dst-address-type=!local in-interface=bridge1 new-connection-mark=\
WAN1_conn passthrough=yes per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting connection-mark=no-mark \
dst-address-type=!local in-interface=bridge1 new-connection-mark=\
WAN2_conn passthrough=yes per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn \
in-interface=bridge1 new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn \
in-interface=bridge1 new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn \
new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn \
new-routing-mark=to_WAN2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/ip route
add check-gateway=ping distance=1 gateway=10.0.0.138 routing-mark=to_WAN1
add check-gateway=arp distance=1 gateway=100.127.255.7 routing-mark=to_WAN2
add check-gateway=arp distance=1 gateway=100.127.255.7
add check-gateway=ping distance=2 gateway=10.0.0.138
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=bridge1 type=internal
add interface=WAN2 type=external
/system clock
set time-zone-name=Europe/Prague
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN