Hi everybody,
I'm setting up the network for my new studio.
We have 4 WAN out using PPPoE from different ISPs, all plugged in a mikrotik router which connects to the main switch.
The interface is transparent and the steps are clear if you know what you are doing.
I was able to do load balancing with failover, VLAN and traffic shaping within the day

Currently everybody is connecting to the internet via eth7 (192.168.0.1) or VLAN of10 (172.16.0.1),
traffic then be routed through pppoe-out1 > 4 using PCC.

The next thing people want is to be able to choose exactly which ISP they want to connect to the internet.
So I'm thinking of create some gateways, vrrp1-4 with address 192.168.0.251-254, then mark the connection and the routing to_wan1-4
Here are the steps I intents to make:

• /interfaces > Create vrrp1-4 on eth7
• /ip Addresses > Create addresses 192.168.0.251-254 for interfaces vrrp1-4
• /ip firewall mangle> add action=mark-connection chain=prerouting dst-address-type=!local in-interface=vrrp1 new-connection-mark=conn_wan1 passthrough=yes
• User can now change gateway to 192.168.0.251-254 and be sure they are using the correct line out.

Problem is whenever I enable vrrp interfaces, packets flood in :

which is not what I want/imagine at all.
I thought only when somebody change their gateway to 192.168.0.251-254, then packages should go through vrrp interfaces.

I must have misunderstood the usage of vrrp interfaces, so how can I achieve what I intent to do
Thanks

Yes, it should work. Make sure you use unique vrid for each vrrp interface and addresses on them with /32 netmask.

It turned out that the mangle rules were overriden by the PCC rules
I made this work by change the firewall mangle rule from mark connection to mark routing directly without passthrough