Community discussions

MikroTik App
 
Mikr3211
just joined
Topic Author
Posts: 7
Joined: Wed Apr 14, 2021 10:16 am

Routes redundancy

Mon May 23, 2022 10:26 am

Hello,

I hope you can help because I am new at this and I didn't find a solution for it on google search.
I have 3 networks
  • 192.168.0.1/24
  • 10.10.0.0/22
  • 10.20.0.0/22
I also have three WAN connections
  • 62.x.x.x
  • 85.x.x.x
  • 74.x.x.x
For the moment all networks goes to 0.0.0.0 action masquerade and in routing I have distance 1 on 62.x.x.x, distance 2 on 85.x.x.x and distance 3 on 74.x.x.x

I am trying to do the following :

10.10.0.0/22 should work with WAN 62.x.x.x (distance 1), 85.x.x.x (distance 2), 74.x.x.x (distance 3)
- so it should direct all traffic to 62.x.x.x but use 85.x.x.x if 62.x.x.x goes down and so on...
10.10.0.0/22 should work with WAN 62.x.x.x (distance 1), 85.x.x.x (distance 2), 74.x.x.x (distance 3)
- so it should direct all traffic to 62.x.x.x but use 85.x.x.x if 62.x.x.x goes down and so on...
10.20.0.0/22 should work with WAN 85.x.x.x (distance 1), 62.x.x.x (distance 2), 74.x.x.x (distance 3)
- so it should direct all traffic to 85.x.x.x but use 62.x.x.x if 85.x.x.x goes down and so on...

Can you please help me and give me some instructions on how to do that?

Thank you for your time.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19100
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Routes redundancy

Mon May 23, 2022 2:22 pm

If you are confused on your posting as you are on your config yes you do need help.
You fail to mention the 192.168.0.1 network LOL. Try again..........

10.10.0.0/22 should work with WAN 62.x.x.x (distance 1), 85.x.x.x (distance 2), 74.x.x.x (distance 3)
- so it should direct all traffic to 62.x.x.x but use 85.x.x.x if 62.x.x.x goes down and so on...
10.10.0.0/22 should work with WAN 62.x.x.x (distance 1), 85.x.x.x (distance 2), 74.x.x.x (distance 3)
- so it should direct all traffic to 62.x.x.x but use 85.x.x.x if 62.x.x.x goes down and so on...
10.20.0.0/22 should work with WAN 85.x.x.x (distance 1), 62.x.x.x (distance 2), 74.x.x.x (distance 3)
- so it should direct all traffic to 85.x.x.x but use 62.x.x.x if 85.x.x.x goes down and so on...



I could guess that both 10.10.0.0 and 192.168.0.0 have the same requirement and its only 10.20.0.0 that is different but will wait for clarification.
 
Mikr3211
just joined
Topic Author
Posts: 7
Joined: Wed Apr 14, 2021 10:16 am

Re: Routes redundancy

Tue May 24, 2022 5:04 pm

Sorry for the mistake

192.168.0.1 should work with WAN 62.x.x.x (distance 1), 85.x.x.x (distance 2), 74.x.x.x (distance 3)
- so it should direct all traffic to 62.x.x.x but use 85.x.x.x if 62.x.x.x goes down and so on...
10.10.0.0/22 should work with WAN 62.x.x.x (distance 1), 85.x.x.x (distance 2), 74.x.x.x (distance 3)
- so it should direct all traffic to 62.x.x.x but use 85.x.x.x if 62.x.x.x goes down and so on...
10.20.0.0/22 should work with WAN 85.x.x.x (distance 1), 62.x.x.x (distance 2), 74.x.x.x (distance 3)
- so it should direct all traffic to 85.x.x.x but use 62.x.x.x if 85.x.x.x goes down and so on...
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19100
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Routes redundancy

Tue May 24, 2022 6:11 pm

To simplify:
Subnets A,B have the same requirement as each other (ISP1-->ISP2-->ISP3)
Subnet C, has the first two reversed (ISP2-->ISP1-->ISP3).

Conceptually this is what needs to be done.
STARTING POINT
add dst-address=0.0.0.0/0 gwy=ISP1 dist=5 check-gateway=ping
add dst-address=0.0.0.0/0 gwy=ISP2 dist=10 check-gateway=ping
add dst-address=0.0.0.0/0 gwy=ISP3 dist=15 check-gateway=ping

In this manner subnets A,B,C will use the WAN connections in the following order ISP1, ISP2, ISP3. This is great for subnets A,B and thus we have limited the issue to subnet C.
To redirect Subnet C, to an alternate ISP we need to create 3 items: routing table, routing rule and additional route.

add dst-address=0.0.0.0/0 gwy=ISP1 dist=5 check-gateway=ping
add dst-address=0.0.0.0/0 gwy=ISP2 dist=10 check-gateway=ping
add dst-address=0.0.0.0/0 gwy=ISP3 dist=15 check-gateway=ping
add dst-address=0.0.0.0/0 gwy=ISP2 dist=10 table=useWAN2
/routing table add name=useWAN2 fib
/routing rule add src-address=10.20.0.0/22 action=lookup table=useWAN2


Now all the users on subnetC, will be directed out ISP2. If ISP2 is not available, the users will then go out ISP1 as an available route on the main table with shortest distance. If ISP1 is not available they will be moved to ISP3. At any point in time ISP2 comes back online, the users will be moved back to ISP2.

++++++++++++++++++
Above assumes firmware ver7
If Vers6 then its really two steps........ (add routing mark in the duplicate ip route, and the associated routing rule)

add dst-address=0.0.0.0/0 gwy=ISP2 distance=10 routing-mark=useWAN2
/routing rule add src-address=10.20.0.0/22 action=lookup table=useWAN2[/b]
 
Mikr3211
just joined
Topic Author
Posts: 7
Joined: Wed Apr 14, 2021 10:16 am

Re: Routes redundancy

Thu May 26, 2022 7:57 am

Thank you for your answer.

I will try it out see how it goes.
 
Mikr3211
just joined
Topic Author
Posts: 7
Joined: Wed Apr 14, 2021 10:16 am

Re: Routes redundancy

Thu May 26, 2022 8:48 am

Hello,

I tried what you recommended and it worked but also made other things not work :)

For example communication between networks B and C stop working. Do you think there is a way to implement your solution but also keep networks B and C communication?

Thank you for your time!
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19100
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Routes redundancy

Thu May 26, 2022 1:12 pm

Not without seeing your config
/export hide-sensitive file=anynameyouwish
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: Routes redundancy

Thu May 26, 2022 5:39 pm

Even without config, if there's routing rule telling traffic from 10.20.0.0/22 to use another routing table in which is only route to internet and not to local subnets, it makes everything from that subnet go to internet. So you need another routing rules before that, to reach local subnets, e.g.:
/routing rule
add dst-address=192.168.0.0/16 action=lookup-only-in-table table=main
add dst-address=10.0.0.0/8 action=lookup-only-in-table table=main
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19100
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Routes redundancy

Thu May 26, 2022 6:16 pm

Concur, but also wanted to ensure there were not other issues as well at play.
The most important KEY is that those rules (order being important) need to show up on the config before/prior to the table=useWAN2 rule.
This provides the routing possibility for the 10.20.0.0 subnet to reach the other local subnets, and this can be blocked or allowed by firewall rules as the admin sees fit.
Note that these additional routes makes use of destination address not source address and use table main.

/routing rule
add dst-address=192.168.0.0/16 action=lookup-only-in-table table=main - matches/captures all traffic heading to 192.168.0.0 (from any subnet)
add dst-address=10.0.0.0/8 action=lookup-only-in-table table=main - matches/captures all traffic heading to 10.0.0.8 (from any subnet)
add src-address=10.20.0.0/22 action=lookup table=useWAN2 - matches/captures all traffic from subnet 10.20.0.0, not captured by the two previous rules, and sends it to WAN2.

It is possible to use both source and destination address on the rules, but as SOB didnt, he is either lazy or more likely realizes that its unecesssary, as destination-address only gets the job done (efficient) and there is no conflict on what the OP whats to occur. As stated, traffic between subnets is controlled by firewall rules. Routes are just making paths available for traffic flow.

Who is online

Users browsing this forum: cesarfernandez63, Google [Bot], SanchoHa, syslog and 50 guests