Dual PPPoE - same provider - how to redirect traffic

Kadul · Mon Jul 07, 2014 4:12 pm

Hi everyone,

I have a rb 951-Ui 2HnD, with dual PPPoE working over ethernet LAN2 and 3 (as "WAN1" and "WAN2").

Flags: X - disabled, R - running 
 0  R name="pppoe-out1" max-mtu=1480 max-mru=1480 mrru=disabled interface=ether2-internet1 user="user@adsl" password="pass" 
      profile=default keepalive-timeout=60 service-name="WAN1" ac-name="" add-default-route=no dial-on-demand=no 
      use-peer-dns=yes allow=pap,chap,mschap1,mschap2 

 1 X  name="pppoe-out2" max-mtu=1480 max-mru=1480 mrru=disabled interface=ether3-internet2 user="user2@adsl" password="pass" 
      profile=default keepalive-timeout=60 service-name="WAN2" ac-name="" add-default-route=no dial-on-demand=no 
      use-peer-dns=yes allow=pap,chap,mschap1,mschap2

I need only 1 IP to reach WAN2 and the rest of the network to use WAN1 for internet.

The thing is, pppoe1 and pppoe2 are both same ISP provider, with same gateway, I've made some firewall rules for preventing my other hosts to use pppoe2 but I can't make it host-x to use pppoe2.

 7 I chain=forward action=drop src-address=!-ip-host-x out-interface=pppoe-out2 

 8 I chain=forward action=drop src-address=!-ip-host-x in-interface=pppoe-out2

I've created both ip firewall masquerades rules for both wan's so internet should work, but when I connect the second pppoe automatically all traffic start uses the last connection.

I've already marked my traffic with mangle rules, but I'm missing the part where I route them.

How can I make lan/24 use pppoe1 and only host-x to use pppoe2?

Thanks for any tip or help.

btw my mangle rules and ip-routes are these:

Flags: X - disabled, I - invalid, D - dynamic 
 0   ;;; Connection mark for http traffic (in)
     chain=prerouting action=mark-connection new-connection-mark=http_in passthrough=yes protocol=tcp src-address-list=npal dst-port=80 

 1   ;;; Connection mark for http traffic (out)
     chain=postrouting action=mark-connection new-connection-mark=http_out passthrough=yes protocol=tcp src-address-list=npal dst-port=80 

 2   ;;; LAN traffic marking
     chain=prerouting action=mark-connection new-connection-mark=lan passthrough=yes src-address-list=npal 

 3   ;;; LAN traffic marking
     chain=postrouting action=mark-connection new-connection-mark=lan_out passthrough=yes src-address-list=npal 

 4   ;;; VIDEOCONF traffic marking
     chain=prerouting action=mark-connection new-connection-mark=vconf passthrough=yes src-address=host-x 

 5   ;;; VIDEOCONF traffic marking
     chain=postrouting action=mark-connection new-connection-mark=vconf_out passthrough=yes src-address=host-x 

 6   ;;; Connection in WAN1
     chain=prerouting action=mark-connection new-connection-mark=wan1_in passthrough=yes in-interface=pppoe-out1 

 7   ;;; Connection out WAN1
     chain=postrouting action=mark-connection new-connection-mark=wan1_out passthrough=yes out-interface=pppoe-out1 

 8 I ;;; Connection in WAN2
     chain=prerouting action=mark-connection new-connection-mark=wan2_in passthrough=yes in-interface=pppoe-out2 

 9 I ;;; Connection out WAN2
     chain=postrouting action=mark-connection new-connection-mark=wan2_out passthrough=yes out-interface=pppoe-out2

IP ROUTES

Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          pppoe-out1                1
 1   S  0.0.0.0/0                          pppoe-out2                2
 2 ADC  150.100.1.0/24     public   ether5-switch             0
 3 A S  172.16.141.0/24                    150.100.1.254             1
 4 A S  192.168.10.60/32                   150.100.1.254             1
 5 A S  192.168.12.0/24                    150.100.1.254             1
 6 ADC  gateway-isp/32    public    pppoe-out1                0