Mon Mar 13, 2023 1:03 pm
EASY WAY TO DO THIS - avoids mangling
Step1 - create routes
/ip route
distance=5 dst-address=0.0.0.0/0 gwy=ISP1-gatewayIP table=main check-gateway=ping
distance=10 dst-address=0.0.0.0/0 gwy=ISP2-gatewayIP table=main
From this alone, you have ALL USERS going to ISP1 and if that is not available the router will send them to ISP2.
We took advantage of distance different in routes to do this.
Step2 - Force LAN2 users out ISP2 ( add table, route and routing rule)
/routing table
add fib name=useWAN2
/ip route
add distance=5 dst-address=0.0.0.0/0 gwy=ISP1-gatewayIP table=main check-gateway=ping
add distance=10 dst-address=0.0.0.0/0 gwy=ISP2-gatewayIP table=main
add dst-address=0.0.0.0/0 gwy=ISP2-gatewayIP table=useWAN2[/i]
/routing rule
add action=lookup src-address=LAN2-subnet table=useWAN2
The result is that ALL lan2 traffic will now be forced out WAN2. If WAN2 is not available the router will go to the main table for a working route and will find WAN1.
This is function of using action=lookup, if you had used action=lookup-only-in-table, there would be no option for the router to look for an alternate route.
Step3 - Consider LAn to LAn traffic.
Think about it, we are routing anything leaving LAN2 to WAN2, and that is all traffic, even that lets say heading to LAN1.
The way to ensure LAN2 to LAN2 traffic can work we need a second routing rule. Order is critical here.......
/routing rule
add action=lookup-only-in-table dst-address=LAN1-subnet table=main[/b]
add action=lookup src-address=LAN2-subnet table=useWAN2