Is there a way to protect my server and clients from DDoS
Sure, lots of ways.
maybe by using 2 public IP addresses and switching between them,
Why would that work? You have to publish both IPs somehow. Unless you can come up with a way to do that without letting your attacker learn it, too, they'll learn of the change quite quickly.
That said…
Is any chance to switch already connected clients to another IP?
Sure. It's called a
load balancer, which does more than what the label says, including failover from one IP to another.
The thing is, it's going to do diddly for DDoS protection.
The problem with pursuing this topic on a MikroTik forum is that the very definition of a DDoS attack is an asymmetric situation where your attacker collectively has more bandwidth than your uplink. Nothing RouterOS can do will change this fact. You can add firewalls and clever switch rules and blackhole routes and everything else you can think of using RouterOS's vast toolset, and this basic fact will remain. Limiting packets at the endpoint has its uses, but DDoS protection isn't one of them.
Proper DDoS mitigation services share their tremendous backbone-grade pipes among their clients and apply the traffic limits out at that level, before it gets to your upstream pipe, because that's where the effort is most effective. No matter how big your attacker's botnet, its collective bandwidth probably isn't bigger than that of CloudFlare, or Amazon, or Azure, or…