Community discussions

MUM Europe 2020
 
dineshplp
just joined
Topic Author
Posts: 24
Joined: Wed Jan 09, 2008 7:09 am

Policy based routing using two uplinks

Sun Oct 30, 2011 4:46 pm

Hi....
I have a two uplinks and i want to do routing as follows....
request from specific ip x.x.x.x should go from uplink 1 whereas every other request should go through uplink 2..... No need of load balancing or anything.....
 
silence012
just joined
Posts: 13
Joined: Wed Mar 04, 2009 4:49 pm

Re: Policy based routing using two uplinks

Sun Oct 30, 2011 8:29 pm

Hi,

Try read this post.
You can configure one IP addresses range to go through first gateway, and another through second.

http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways

Regards,
Branko
 
dineshplp
just joined
Topic Author
Posts: 24
Joined: Wed Jan 09, 2008 7:09 am

Re: Policy based routing using two uplinks

Sun Oct 30, 2011 8:43 pm

Thanks for the reply....
My confusion is this that I want to use lets say 192.168.100.x to go through uplink 1 and everything else should go via uplink 2.... Everything else here includes all private IP ranges except 192.168.100.x.... Shouldn't there be anything like wildcard mask....
We have like 2-3 clients who needs to go via uplink 1 and remaining needs to go via uplink 2.... The IP addressing we used is quite messy so we are really not in a situation to redesign the whole IP scheme....
So simply a single IP or two needs uplink 1 and everything else needs uplink 2.... Hope you got what I mean to say....
 
User avatar
skillful
Trainer
Trainer
Posts: 557
Joined: Wed Sep 06, 2006 1:42 pm
Location: Abuja, Nigeria
Contact:

Re: Policy based routing using two uplinks

Sun Oct 30, 2011 11:13 pm

You need to create an address list containing all the address you want to go through uplink1
/ip firewall address-list
add address=192.168.100.x disabled=no list=uplink1
add address=192.168.100.y disabled=no list=uplink1
Now create a mangle rule to mark all packets that should go through uplink1
/ip firewall mangle
add action=mark-routing chain=prerouting disabled=no dst-address-type=!local new-routing-mark=uplink1 passthrough=yes src-address-list=to_uplink1
Finally create a policy route for uplink1 and a default route for all other packets
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=uplink1 routing-mark=to_uplink1 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=uplink2 scope=30 target-scope=10
Don't forget to add masquerade rules for uplink1 and uplink2.

NB: Replace 192.168.100.x, 192.168.100.y, uplink1 and uplink2 with the appropriate values.
 
dineshplp
just joined
Topic Author
Posts: 24
Joined: Wed Jan 09, 2008 7:09 am

Re: Policy based routing using two uplinks

Tue Nov 08, 2011 8:16 am

Thanks...

Works good! :D
 
mm690
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Sat Aug 21, 2010 8:38 pm

Re: Policy based routing using two uplinks

Tue Nov 08, 2011 5:32 pm

I have many of these selective based policey routes.


Dont forget to add a rule in your routes with the marked connection.

Also VERY important, make sure that rule is above your main rule or else it wont get seen first and your new routes will goto default gateway instead
 
User avatar
robyhr
just joined
Posts: 19
Joined: Fri May 25, 2007 8:03 pm
Location: Croatia
Contact:

Re: Policy based routing using two uplinks

Fri Apr 20, 2012 11:25 am

i have a question about policy based routing. we have 3 ISPs, and 3 links to internet. i have set required policies, and everything works as intended.

only thing is, i dont know what to do with default route. i have PPTP server on mikrotik, and some of our clients come from ISP1 link, and other from ISP2. what do i need to add to router so we can have both policy based routing working, and still accept PPTP clients on both links? if a add default route without routing mark to ISP1, then we can accept PPTP conenctions from ISP1 and not from ISP2, but if i change it to ISP2, my PPTP clients cant connect from ISP1. how can i accept both?

thanks for your help
 
User avatar
skillful
Trainer
Trainer
Posts: 557
Joined: Wed Sep 06, 2006 1:42 pm
Location: Abuja, Nigeria
Contact:

Re: Policy based routing using two uplinks

Sun Apr 22, 2012 6:41 pm

In addition to your existing configurations, you need to add routing marks that ensures that all packets entering the router from a particular interface leaves by that interface.

/ip firewall mangle
add action=mark-connection chain=input connection-mark=no-mark disabled=no in-interface=ISP1 new-connection-mark=ISP1 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP1 disabled=no new-routing-mark=ISP1 passthrough=no

add action=mark-connection chain=input connection-mark=no-mark disabled=no in-interface=ISP2 new-connection-mark=ISP2 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP2 disabled=no new-routing-mark=ISP2 passthrough=no

add action=mark-connection chain=input connection-mark=no-mark disabled=no in-interface=ISP3 new-connection-mark=ISP3 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP3 disabled=no new-routing-mark=ISP3 passthrough=no

NB: Replace the colored text with the appropriate interface name and moved the rules to the top.


Now create policy routes to force the packets to go out on the appropriate gateway

/ip route
add check-gateway=ping disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=ISP1_Gateway routing-mark=ISP1 scope=30 target-scope=10

add check-gateway=ping disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=ISP2_Gateway routing-mark=ISP2 scope=30 target-scope=10

add check-gateway=ping disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=ISP3_Gateway routing-mark=ISP3 scope=30 target-scope=10

NB: Replace the colored text with the appropriate gateway IP address

Who is online

Users browsing this forum: gkk, Google [Bot] and 120 guests