Community discussions

 
elarrarte
just joined
Topic Author
Posts: 12
Joined: Fri Jul 30, 2010 6:33 pm

Multiple WAN --- basic configuration.

Mon Apr 21, 2014 10:13 pm

Hi people, after reading policy routing howto, I cant make it to work as expected.

I m setting up 2 WAN router, firmware 6.10

1 - Address configuration
/ip address add interface=wan1 address=IP-WAN1
/ip address add interface=wan2 address=IP-WAN2

2 - Route configuration
/ip route add gateway=GW-WAN1 routing-mark=rm-wan1
/ip route add gateway=GW-WAN2 routing-mark=rm-wan2

3 - Mark incoming connections
/ip firewall mangle
add chain=input in-interface=wan1 action=mark-connection new-connection-mark=cm-wan1
add chain=input in-interface=wan2 action=mark-connection new-connection-mark=cm-wan2

4 - Route connections to the corresponding interface
/ip firewall mangle
add chain=output connection-mark=cm-wan1 action=mark-routing new-routing-mark=rm-wan1
add chain=output connection-mark=cm-wan2 action=mark-routing new-routing-mark=rm-wan2

When I ping from outside to IP-WAN1, counters begin to increase on:
chain=input in-interface=wan1 action=mark-connection new-connection-mark=cm-wan1

But are always 0 in:
add chain=output connection-mark=cm-wan1 action=mark-routing new-routing-mark=rm-wan1

I 've found a lot of examples that cover such scenario, but all of them have differences.
I just want to ping both interfaces. When this is working, I want to forward some ports through them.

Thanks in advance!
 
User avatar
Egate
Long time Member
Long time Member
Posts: 547
Joined: Thu May 15, 2008 10:43 am
Location: South Africa

Re: Multiple WAN --- basic configuration.

Mon Apr 21, 2014 11:41 pm

Happy days. :-)
 
nerdtron
Member Candidate
Member Candidate
Posts: 123
Joined: Sat Nov 30, 2013 7:49 am

Re: Multiple WAN --- basic configuration.

Tue Apr 22, 2014 3:31 am

This one is very good. Basically, you segment the LAN into two networks, each having their own gateways.
http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways
 
elarrarte
just joined
Topic Author
Posts: 12
Joined: Fri Jul 30, 2010 6:33 pm

Re: Multiple WAN --- basic configuration.

Tue Apr 22, 2014 5:54 pm

Thank you guys, but that s not what I want. I dont care load balancing or failover at this moment, just want both WANs answer my pings.
 
nerdtron
Member Candidate
Member Candidate
Posts: 123
Joined: Sat Nov 30, 2013 7:49 am

Re: Multiple WAN --- basic configuration.

Wed Apr 23, 2014 7:35 am

You can't ping both by default since you can't have 2 default gateways at the same time.

Try adding src-address from your ping.
ping [gateway wan1] src-address=[ip of interface wan1]
 
elarrarte
just joined
Topic Author
Posts: 12
Joined: Fri Jul 30, 2010 6:33 pm

Re: Multiple WAN --- basic configuration.

Tue May 06, 2014 3:59 pm

I used this document, very good one to understand this situation:
http://lartc.org/howto/lartc.rpdb.multiple-links.html

That 's the way I used to do it with linux routers. I know linux iptables and Mikrotik are quite de same, but ... I just want to know if there is an official Mikrotik way to do the same thing.

I 've tested it and it works.

The steps are:
- IP configuration under /ip address
interface: wan1 ip: wan1-ip
interface: wan2 ip: wan2-ip
...
interface: wanN ip: wanN-ip

- Route configuration under /ip route
dst-address: 0.0.0.0/0 gateway: wan1-gw mark: rm-wan1
dst-address: 0.0.0.0/0 gateway: wan2-gw mark: rm-wan2
...
dst-address: 0.0.0.0/0 gateway: wanN-gw mark: rm-wanN

- Rule configuration under /ip route rule
src-address: wan1-ip lookup-table: rm-wan1
src-address: wan2-ip lookup-table: rm-wan2
...
src-address: wanN-ip lookup-table: rm-wanN

With that simple steps, all connections made to the router coming in a specific interface will be answered back the same interface correctly.

This allows, for example, to make Winbox connections to any WAN link in the router. This could be useful: you can manage the router via wan2 if wan1 is overloaded.
In my case, wan1 is the default-gw for internet browsing, wan2 is used for remote business offices and wan3 is used for users VPNs ---> that 's why I need wan2 and wan3 to answer back local connections regardless they are not the main default gateway. No need to load balance or failover.

Who is online

Users browsing this forum: Google [Bot] and 95 guests