Community discussions

MikroTik App
 
NTQAus
just joined
Topic Author
Posts: 1
Joined: Thu Oct 20, 2022 4:52 am

Automated WAN Failover using 2 DHCP WAN connections

Thu Oct 20, 2022 5:07 am

Hi all,

I've recently set up a HAP AC3 and have 2 WAN ports configured, the first is a DHCP handoff from an ISP, the second is a DHCP handoff on an LTE SIM card (in an external LTE router in bridge-mode - not built-in to the Mikrotik).

I've done a lot of research and attempted multiple solutions but can't find anything consistent regarding setting up automated failover that is reliable when using 2x DHCP WAN connections. Majority of what I can find uses Recursive Routing when both WANs have a static address.

Of all of the solutions I've tried:
  • Netwatch configured to ping public DNS such as 8.8.8.8
    Route distances set where the LTE distance is higher than the ISP connection
    Attempted to use a script on the DHCP clients that pulls the gateway address and sets the distances, etc.
The problem I have with all of the solutions is either I'm configuring it completely wrong as I'm new to Mikrotik and the terminology (most likely), or there isn't a reliable way to do this with 2x DHCP handoffs. The behaviour I have is that the failover and failback only work when either the physical ISP interface goes down, or the modem (next hop) goes down. If I disconnect my ISP modem from the VDSL handoff, but the connection between the modem and the router is up, then it won't failover as technically the next hop is available and anything behind my Mikrotik simply goes offline at that point.

My desired configuration is:
  • ISP route is primary
    ISP route goes down, LTE route takes over
    ISP route becomes live again, ISP route takes over
From what I can see online, it should be possible to get this working using a combination of Netwatch and a script to check and change the behaviour of the routes based on the Netwatch results. However I haven't been successful in finding any guides, just people saying "I've done this before" with no reference to how they achieved it.

Has anyone here successfully achieved this configuration before?
I have previously done this on Edgerouters with very very very little difficulty, in fact it's extremely simple to configure and works flawlessly. Due to stock issues with Ubiquiti gear at the moment we're likely going to have to use Mikrotik for a while for new installations, so I'm hoping someone is able to point me in the right direction.

Apologies if I've posted this in the wrong thread, or haven't provided enough information. I'm not looking for someone to do all the work for me, I'd be very appreciative if anyone can point me in the right direction for guides or forum posts where this has been achieved in the past, as ideally I'd like to understand how it works and not just copy someone else's work.

Thanks in advance for any help you can provide.
 
jonmansey
Frequent Visitor
Frequent Visitor
Posts: 84
Joined: Sat Sep 18, 2004 3:43 am

Re: Automated WAN Failover using 2 DHCP WAN connections

Tue Nov 08, 2022 2:48 am

Set Default Route Distance to 2 under the LTE APN

pick a test public IP such as 4.2.2.2 and nail up a static route over the ISP, and add a blackhole static route as well so 4.2.2.2 is only reachable over the ISP

Here's my netwatch config, I found it helps to clear icmp and udp from conntrack.
/tool netwatch
add comment=WAN-ISP disabled=no down-script=":log info \"ISP down\"\r\
    \n/ip dhcp-client set WAN-ISP default-route-distance=10\r\
    \n:log info \"defroute distance set to 10\"\r\
    \n/ip fire connection remove [find protocol=\"icmp\"]\r\
    \n:log info \"icmp connections cleared\"\r\
    \n/ip fire connection remove [find protocol=\"udp\"]\r\
    \n:log info \"udp connections cleared\"" host=4.2.2.2 http-codes="" interval=10s test-script="" timeout=\
    2s type=simple up-script=":log info \"ISP up\"\r\
    \n/ip dhcp-client set WAN_ISP default-route-distance=1\r\
    \n:log info \"defroute distance set to 1\"\r\
    \n/ip fire connection remove [find protocol=\"icmp\"]\r\
    \n:log info \"icmp connections cleared\"\r\
    \n/ip fire connection remove [find protocol=\"udp\"]\r\
    \n:log info \"udp connections cleared\""
Works for me.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Automated WAN Failover using 2 DHCP WAN connections

Tue Nov 08, 2022 10:44 am

 
User avatar
vklpt
newbie
Posts: 36
Joined: Mon Feb 18, 2019 1:13 pm
Location: Izhevsk
Contact:

Re: Automated WAN Failover using 2 DHCP WAN connections

Tue Nov 29, 2022 6:52 pm

Who is online

Users browsing this forum: miks and 25 guests