I have a Mikrotik Chateau LTE12 with routerOS 7.7 and would like to load balance and have redundancy with an LTE connection and a PPPoE connection (to a bridged modem from my ISP).
Using this help (Example 3: PCC) from here (https://help.mikrotik.com/docs/display/ ... g-Routes.2) and from other sources, I have managed to achieve that. When I bring down the lte1 interface, traffic from my LAN (i.e. port2) or wifi, is automatically routed via pppoe-out1 and vice versa.
I have a bridge and it contains everything except ether1 (reserved for the PPPoE) and a zerotier interface I have installed. Everything else is pretty much standard after a fresh installation (with defaults).
This is my code (it is a bit different from the above link):
Code: Select all
/routing/table
add fib name=to_lte1
add fib name=to_pppoe-out1
/ip/firewall/mangle
add chain=prerouting dst-address=10.223.57.71/24 action=accept in-interface=bridge
add chain=prerouting dst-address=91.140.74.51/24 action=accept in-interface=bridge
add chain=input in-interface=lte1 connection-mark=no-mark action=mark-connection new-connection-mark=lte1_conn passthrough=yes
add chain=input in-interface=pppoe-out1 connection-mark=no-mark action=mark-connection new-connection-mark=pppoe-out1 passthrough=yes
add chain=prerouting in-interface=bridge connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=lte1_conn passthrough=yes
add chain=prerouting in-interface=bridge connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=pppoe-out1_conn passthrough=yes
add chain=prerouting connection-mark=lte1_conn in-interface=bridge action=mark-routing new-routing-mark=to_lte1 passthrough=no
add chain=prerouting connection-mark=pppoe-out1_conn in-interface=bridge action=mark-routing new-routing-mark=to_pppoe-out1 passthrough=no
add chain=output connection-mark=lte1_conn action=mark-routing new-routing-mark=to_lte1
add chain=output connection-mark=pppoe-out1_conn action=mark-routing new-routing-mark=to_pppoe-out1
/ip/firewall/nat
add chain=srcnat out-interface=lte1 action=masquerade
add chain=srcnat out-interface=pppoe-out1 action=masquerade
1) Both my lte1 interface and my pppoe-out1 interface have dynamic IP addresses (10.223.57.71 and 91.140.74.51 respectively), and they change in wild patterns (i.e. not just in /24 mask). How can I reflect that to the first two lines of my firewall mangle?
2) On the link provided, it also has this:
Code: Select all
/ip route
add gateway=10.111.0.1@main routing-table=to_ISP1 check-gateway=ping
add gateway=10.112.0.1@main routing-table=to_ISP2 check-gateway=ping
3) on the 3rd and 4th lines of /ip/firewall/mangle, can I use "add chain=prerouting" instead of "add chain=input"?
4) on the 3rd, 4th, 5th and 6th lines of the mangle, is "passthrough=yes" needed?
5) on the 7th and 8th lines of mangle, is "passthrough=no" needed?
6) with my current setup, i suspect that I don't have the combined bandwidth of my ISP (100/10 mbps) and the LTE (which varies at arount 10-20mbps). Is it because I don't have a perfect setup? How can I verify that?