Community discussions

MikroTik App
 
Xgraver
just joined
Topic Author
Posts: 12
Joined: Fri Mar 24, 2017 3:49 pm

dual external address, and static routing

Tue Nov 16, 2021 1:57 pm

Hello

Could use some quidance. Lets say i have ipsec tunnel between 2 routers. I would like to add 4g backup uplink to router B. But issues begin with routing, i have static route pointing to router A (interface eth1) but how can i add another route that still points to router A external address but traffic leaves via other interface (4g router, eth2) ?

I can add different distance, but that makes one route inactive, i would like to keep both active at the same time.
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: dual external address, and static routing

Wed Nov 17, 2021 10:30 pm

In a single routing table, at most one route can be active at a time for each dst-address prefix. The distance parameter only determines the priority between routes with identical dst-address in the same routing table if more than one of them is otherwise eligible (check-gateway is successful or not used, the gateway interface is up)

So you have to add another routing table, which may contain just a single default route via the 4G router's address, and use /ip route rule or /ip firewall mangle to mark the traffic that should use that routing table with its name:

/ip route add dst-address=0.0.0.0/0 routing-mark=via-4g gateway=ip.of.4g.router

If the IP address assigned to ether2 is static, you can set it as the local-address parameter of the peer that should use the 4G uplink, and set

/ip route rule add src-address=the.ip.of.ether2 action=lookup-only-in-table table=via-4g

If the address of ether2 is dynamic, you have to create some non-conflicting private address to some interface other than ether2, use that address as the local-address of the peer and the src-address of the /ip route rule, and make sure that the traffic sent out via ether2 will be masqueraded to its dynamic address.

You should make sure that route via the 4G router will never make it to the main routing table, or prevent the primary peer from using the 4G path using some other means.

Who is online

Users browsing this forum: Amazon [Bot], bertus, mogiretony, Ramalama and 93 guests