Community discussions

MikroTik App
  4. RouterOS
  5. General

4 ADSL Lines PCC

Post Reply
 
Rudios
Forum Veteran
Forum Veteran
Topic Author
Posts: 977
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

4 ADSL Lines PCC

Mon Oct 03, 2016 4:22 pm

I have again bounced into some weird behaviour.

I am managing a system that does PCC over 4 ADSL lines.
These 4 ADSL lines are having an individual modem per line and all 4 modems are connected to a RB2011 for doing the PCC splitting.
For testing purposes I have re-build the same situation with some different hardware, but principle is the same.
My testing environment is running RouterOS 6.37, my production/live system is using 6.36

On the PCC splitting router I have the following config.
Code: Select all
/interface ethernet
set [ find default-name=ether1 ] comment="Modem #1"
set [ find default-name=ether2 ] comment="Modem #2"
set [ find default-name=ether3 ] comment="Modem #3"
set [ find default-name=ether4 ] comment="Modem #4"
set [ find default-name=ether10 ] comment="users link"
/ip address
add address=192.168.11.2/24 interface=ether1 network=192.168.11.0
add address=192.168.12.2/24 interface=ether2 network=192.168.12.0
add address=192.168.13.2/24 interface=ether3 network=192.168.13.0
add address=192.168.14.2/24 interface=ether4 network=192.168.14.0
add address=192.168.2.1/29 interface=ether10 network=192.168.2.0
/ip firewall mangle
add action=mark-connection chain=input connection-mark=no-mark disabled=yes in-interface=ether1 log-prefix="" new-connection-mark=ISP1_conn passthrough=yes
add action=mark-connection chain=input connection-mark=no-mark disabled=yes in-interface=ether2 log-prefix="" new-connection-mark=ISP2_conn passthrough=yes
add action=mark-connection chain=input connection-mark=no-mark disabled=yes in-interface=ether3 log-prefix="" new-connection-mark=ISP3_conn passthrough=yes
add action=mark-connection chain=input connection-mark=no-mark disabled=yes in-interface=ether4 log-prefix="" new-connection-mark=ISP4_conn passthrough=yes
add action=accept chain=prerouting comment="Accept connections to local 192.168.11.0 network" dst-address=192.168.11.0/24 in-interface=ether10 log-prefix=""
add action=accept chain=prerouting comment="Accept connections to local 192.168.12.0 network" dst-address=192.168.12.0/24 in-interface=ether10 log-prefix=""
add action=accept chain=prerouting comment="Accept connections to local 192.168.13.0 network" dst-address=192.168.13.0/24 in-interface=ether10 log-prefix=""
add action=accept chain=prerouting comment="Accept connections to local 192.168.14.0 network" dst-address=192.168.14.0/24 in-interface=ether10 log-prefix=""
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether1 log-prefix="" new-connection-mark=ISP1_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether2 log-prefix="" new-connection-mark=ISP2_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether3 log-prefix="" new-connection-mark=ISP3_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether4 log-prefix="" new-connection-mark=ISP4_conn passthrough=yes
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP1_conn passthrough=yes per-connection-classifier=both-addresses:4/0
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP2_conn passthrough=yes per-connection-classifier=both-addresses:4/1
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP3_conn passthrough=yes per-connection-classifier=both-addresses:4/2
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP4_conn passthrough=yes per-connection-classifier=both-addresses:4/3
add action=mark-routing chain=prerouting comment="Mark routing towards ISP1" connection-mark=ISP1_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP1 passthrough=no
add action=mark-routing chain=prerouting comment="Mark routing towards ISP2" connection-mark=ISP2_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP2 passthrough=no
add action=mark-routing chain=prerouting comment="Mark routing towards ISP3" connection-mark=ISP3_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP3 passthrough=no
add action=mark-routing chain=prerouting comment="Mark routing towards ISP4" connection-mark=ISP4_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP4 passthrough=no
add action=mark-routing chain=output connection-mark=ISP1_conn disabled=yes log-prefix="" new-routing-mark=to_ISP1 out-interface=ether1 passthrough=no
add action=mark-routing chain=output connection-mark=ISP2_conn disabled=yes log-prefix="" new-routing-mark=to_ISP2 out-interface=ether2 passthrough=no
add action=mark-routing chain=output connection-mark=ISP3_conn disabled=yes log-prefix="" new-routing-mark=to_ISP3 out-interface=ether3 passthrough=no
add action=mark-routing chain=output connection-mark=ISP4_conn disabled=yes log-prefix="" new-routing-mark=to_ISP4 out-interface=ether4 passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade ether1 outgoing traffic" log-prefix="" out-interface=ether1
add action=masquerade chain=srcnat comment="Masquerade ether2 outgoing traffic" log-prefix="" out-interface=ether2
add action=masquerade chain=srcnat comment="Masquerade ether3 outgoing traffic" log-prefix="" out-interface=ether3
add action=masquerade chain=srcnat comment="Masquerade ether4 outgoing traffic" log-prefix="" out-interface=ether4
/ip route
add check-gateway=ping distance=1 gateway=8.8.8.8 routing-mark=to_ISP1
add check-gateway=ping distance=2 gateway=8.8.4.4 routing-mark=to_ISP1
add check-gateway=ping distance=3 gateway=208.67.222.222 routing-mark=to_ISP1
add check-gateway=ping distance=4 gateway=208.67.220.220 routing-mark=to_ISP1
add check-gateway=ping distance=1 gateway=8.8.4.4 routing-mark=to_ISP2
add check-gateway=ping distance=2 gateway=208.67.222.222 routing-mark=to_ISP2
add check-gateway=ping distance=3 gateway=208.67.220.220 routing-mark=to_ISP2
add check-gateway=ping distance=4 gateway=8.8.8.8 routing-mark=to_ISP2
add check-gateway=ping distance=1 gateway=208.67.222.222 routing-mark=to_ISP3
add check-gateway=ping distance=2 gateway=208.67.220.220 routing-mark=to_ISP3
add check-gateway=ping distance=3 gateway=8.8.8.8 routing-mark=to_ISP3
add check-gateway=ping distance=4 gateway=8.8.4.4 routing-mark=to_ISP3
add check-gateway=ping distance=1 gateway=208.67.220.220 routing-mark=to_ISP4
add check-gateway=ping distance=2 gateway=8.8.8.8 routing-mark=to_ISP4
add check-gateway=ping distance=3 gateway=8.8.4.4 routing-mark=to_ISP4
add check-gateway=ping distance=4 gateway=208.67.222.222 routing-mark=to_ISP4
add check-gateway=ping distance=5 gateway=192.168.11.1
add check-gateway=ping distance=5 gateway=192.168.13.1
add check-gateway=ping distance=5 gateway=192.168.12.1
add check-gateway=ping distance=5 gateway=192.168.14.1
add comment="Gateway check for ISP2" distance=1 dst-address=8.8.4.4/32 gateway=192.168.12.1 scope=10
add comment="Gateway check for ISP1" distance=1 dst-address=8.8.8.8/32 gateway=192.168.11.1 scope=10
add comment="Blackhole 10.0.0.0/8 subnet" distance=1 dst-address=10.0.0.0/8 type=blackhole
add comment="Blackhole 172.16.0.0/12 subnet" distance=1 dst-address=172.16.0.0/12 type=blackhole
add comment="Blackhole 192.168.0.0/16 subnet" distance=1 dst-address=192.168.0.0/16 type=blackhole
add comment="Gateway check for ISP4" distance=1 dst-address=208.67.220.220/32 gateway=192.168.14.1 scope=10
add comment="Gateway check for ISP3" distance=1 dst-address=208.67.222.222/32 gateway=192.168.13.1 scope=10
/routing ospf network
add area=backbone network=192.168.2.0/24
add area=backbone network=192.168.12.0/24
add area=backbone network=192.168.11.0/24
add area=backbone network=192.168.13.0/24
add area=backbone network=192.168.14.0/24
/system clock
set time-zone-autodetect=no time-zone-name=Europe/Madrid
/system identity
set name=MyRouter
/system ntp client
set enabled=yes server-dns-names=0.pool.ntp.org,1.pool.ntp.org
I have the exact same code on my testing environment.

Now comes the weird stuff.

Today I took a close look to my mangle rules and found out that a number of them have the parameter passthrough set to yes, which I thought was unnecessary, since if one is applied, none of the others would apply so why not skip them with setting passthrough to no.
If I do so on my testing setup, nothing changes (as I suspect it wouldn't)
But when I change the parameter on the live system, all traffic stops to work. If I try to ping any given outside host (tried a number of dutch hosts I know) I get 1 reply (always exactly 1) and then I get time-outs.

Can maybe anybody explain of hint me into a direction.

In the meantime, I will downgrade my test environment to 6.36 to see how that behaves
Top
 
Rudios
Forum Veteran
Forum Veteran
Topic Author
Posts: 977
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: 4 ADSL Lines PCC

Tue Oct 04, 2016 8:11 am

Also when running 6.36 my test environment works as suspected.
With the passthrough parameter set to no the system keeps working, so I assume it is not version related in this matter.
This makes it even more weird for me....
Top
 
alejosalmon
just joined
Posts: 23
Joined: Sun May 31, 2015 3:02 pm

Re: 4 ADSL Lines PCC

Tue Oct 04, 2016 11:16 pm

Hello I made some changes in your configuration,please try it and tell me if it works ok or not.
Please tell me why are you using "log-prefix"

/interface ethernet
set [ find default-name=ether1 ] comment="Modem #1"
set [ find default-name=ether2 ] comment="Modem #2"
set [ find default-name=ether3 ] comment="Modem #3"
set [ find default-name=ether4 ] comment="Modem #4"
set [ find default-name=ether10 ] comment="users link"
/ip address
add address=192.168.11.2/24 interface=ether1 network=192.168.11.0
add address=192.168.12.2/24 interface=ether2 network=192.168.12.0
add address=192.168.13.2/24 interface=ether3 network=192.168.13.0
add address=192.168.14.2/24 interface=ether4 network=192.168.14.0
add address=192.168.2.1/29 interface=ether10 network=192.168.2.0
/ip firewall mangle

add action=accept chain=prerouting comment="Accept connections to local 192.168.11.0 network" dst-address=192.168.11.0/24 in-interface=ether10 log-prefix=""
add action=accept chain=prerouting comment="Accept connections to local 192.168.12.0 network" dst-address=192.168.12.0/24 in-interface=ether10 log-prefix=""
add action=accept chain=prerouting comment="Accept connections to local 192.168.13.0 network" dst-address=192.168.13.0/24 in-interface=ether10 log-prefix=""
add action=accept chain=prerouting comment="Accept connections to local 192.168.14.0 network" dst-address=192.168.14.0/24 in-interface=ether10 log-prefix=""

add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether1 log-prefix="" new-connection-mark=ISP1_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether2 log-prefix="" new-connection-mark=ISP2_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether3 log-prefix="" new-connection-mark=ISP3_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether4 log-prefix="" new-connection-mark=ISP4_conn passthrough=yes

add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP1_conn passthrough=yes per-connection-classifier=both-addresses:4/0
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP2_conn passthrough=yes per-connection-classifier=both-addresses:4/1
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP3_conn passthrough=yes per-connection-classifier=both-addresses:4/2
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP4_conn passthrough=yes per-connection-classifier=both-addresses:4/3

add action=mark-routing chain=prerouting comment="Mark routing towards ISP1" connection-mark=ISP1_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP1 passthrough=yes
add action=mark-routing chain=prerouting comment="Mark routing towards ISP2" connection-mark=ISP2_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP2 passthrough=yes
add action=mark-routing chain=prerouting comment="Mark routing towards ISP3" connection-mark=ISP3_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP3 passthrough=yes
add action=mark-routing chain=prerouting comment="Mark routing towards ISP4" connection-mark=ISP4_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP4 passthrough=yes

add action=mark-routing chain=output connection-mark=ISP1_conn disabled=yes log-prefix="" new-routing-mark=to_ISP1 out-interface=ether1 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP2_conn disabled=yes log-prefix="" new-routing-mark=to_ISP2 out-interface=ether2 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP3_conn disabled=yes log-prefix="" new-routing-mark=to_ISP3 out-interface=ether3 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP4_conn disabled=yes log-prefix="" new-routing-mark=to_ISP4 out-interface=ether4 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade ether1 outgoing traffic" log-prefix="" out-interface=ether1
add action=masquerade chain=srcnat comment="Masquerade ether2 outgoing traffic" log-prefix="" out-interface=ether2
add action=masquerade chain=srcnat comment="Masquerade ether3 outgoing traffic" log-prefix="" out-interface=ether3
add action=masquerade chain=srcnat comment="Masquerade ether4 outgoing traffic" log-prefix="" out-interface=ether4
/ip route
add check-gateway=ping distance=1 gateway=8.8.8.8 routing-mark=to_ISP1
add check-gateway=ping distance=2 gateway=8.8.4.4 routing-mark=to_ISP1
add check-gateway=ping distance=3 gateway=208.67.222.222 routing-mark=to_ISP1
add check-gateway=ping distance=4 gateway=208.67.220.220 routing-mark=to_ISP1
add check-gateway=ping distance=1 gateway=8.8.4.4 routing-mark=to_ISP2
add check-gateway=ping distance=2 gateway=208.67.222.222 routing-mark=to_ISP2
add check-gateway=ping distance=3 gateway=208.67.220.220 routing-mark=to_ISP2
add check-gateway=ping distance=4 gateway=8.8.8.8 routing-mark=to_ISP2
add check-gateway=ping distance=1 gateway=208.67.222.222 routing-mark=to_ISP3
add check-gateway=ping distance=2 gateway=208.67.220.220 routing-mark=to_ISP3
add check-gateway=ping distance=3 gateway=8.8.8.8 routing-mark=to_ISP3
add check-gateway=ping distance=4 gateway=8.8.4.4 routing-mark=to_ISP3
add check-gateway=ping distance=1 gateway=208.67.220.220 routing-mark=to_ISP4
add check-gateway=ping distance=2 gateway=8.8.8.8 routing-mark=to_ISP4
add check-gateway=ping distance=3 gateway=8.8.4.4 routing-mark=to_ISP4
add check-gateway=ping distance=4 gateway=208.67.222.222 routing-mark=to_ISP4
add check-gateway=ping distance=5 gateway=192.168.11.1
add check-gateway=ping distance=5 gateway=192.168.13.1
add check-gateway=ping distance=5 gateway=192.168.12.1
add check-gateway=ping distance=5 gateway=192.168.14.1

add comment="Gateway check for ISP1" distance=1 dst-address=8.8.8.8/32 gateway=192.168.11.1 scope=10
add comment="Gateway check for ISP2" distance=1 dst-address=8.8.4.4/32 gateway=192.168.12.1 scope=10
add comment="Gateway check for ISP3" distance=1 dst-address=208.67.222.222/32 gateway=192.168.13.1 scope=10
add comment="Gateway check for ISP4" distance=1 dst-address=208.67.220.220/32 gateway=192.168.14.1 scope=10

add comment="Blackhole 10.0.0.0/8 subnet" distance=1 dst-address=10.0.0.0/8 type=blackhole
add comment="Blackhole 172.16.0.0/12 subnet" distance=1 dst-address=172.16.0.0/12 type=blackhole
add comment="Blackhole 192.168.0.0/16 subnet" distance=1 dst-address=192.168.0.0/16 type=blackhole
/routing ospf network
add area=backbone network=192.168.2.0/24
add area=backbone network=192.168.12.0/24
add area=backbone network=192.168.11.0/24
add area=backbone network=192.168.13.0/24
add area=backbone network=192.168.14.0/24
/system clock
set time-zone-autodetect=no time-zone-name=Europe/Madrid
/system identity
set name=MyRouter
/system ntp client
set enabled=yes server-dns-names=0.pool.ntp.org,1.pool.ntp.org
Top
 
Rudios
Forum Veteran
Forum Veteran
Topic Author
Posts: 977
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: 4 ADSL Lines PCC

Wed Oct 05, 2016 8:09 am

Hello I made some changes in your configuration,please try it and tell me if it works ok or not.
Please tell me why are you using "log-prefix"

/interface ethernet
set [ find default-name=ether1 ] comment="Modem #1"
set [ find default-name=ether2 ] comment="Modem #2"
set [ find default-name=ether3 ] comment="Modem #3"
set [ find default-name=ether4 ] comment="Modem #4"
set [ find default-name=ether10 ] comment="users link"
/ip address
add address=192.168.11.2/24 interface=ether1 network=192.168.11.0
add address=192.168.12.2/24 interface=ether2 network=192.168.12.0
add address=192.168.13.2/24 interface=ether3 network=192.168.13.0
add address=192.168.14.2/24 interface=ether4 network=192.168.14.0
add address=192.168.2.1/29 interface=ether10 network=192.168.2.0
/ip firewall mangle

add action=accept chain=prerouting comment="Accept connections to local 192.168.11.0 network" dst-address=192.168.11.0/24 in-interface=ether10 log-prefix=""
add action=accept chain=prerouting comment="Accept connections to local 192.168.12.0 network" dst-address=192.168.12.0/24 in-interface=ether10 log-prefix=""
add action=accept chain=prerouting comment="Accept connections to local 192.168.13.0 network" dst-address=192.168.13.0/24 in-interface=ether10 log-prefix=""
add action=accept chain=prerouting comment="Accept connections to local 192.168.14.0 network" dst-address=192.168.14.0/24 in-interface=ether10 log-prefix=""

add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether1 log-prefix="" new-connection-mark=ISP1_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether2 log-prefix="" new-connection-mark=ISP2_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether3 log-prefix="" new-connection-mark=ISP3_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether4 log-prefix="" new-connection-mark=ISP4_conn passthrough=yes

add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP1_conn passthrough=yes per-connection-classifier=both-addresses:4/0
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP2_conn passthrough=yes per-connection-classifier=both-addresses:4/1
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP3_conn passthrough=yes per-connection-classifier=both-addresses:4/2
add action=mark-connection chain=prerouting comment="PerConnectionClassifier splitting" connection-mark=no-mark dst-address-type=!local in-interface=ether10 log-prefix="" new-connection-mark=ISP4_conn passthrough=yes per-connection-classifier=both-addresses:4/3

add action=mark-routing chain=prerouting comment="Mark routing towards ISP1" connection-mark=ISP1_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP1 passthrough=yes
add action=mark-routing chain=prerouting comment="Mark routing towards ISP2" connection-mark=ISP2_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP2 passthrough=yes
add action=mark-routing chain=prerouting comment="Mark routing towards ISP3" connection-mark=ISP3_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP3 passthrough=yes
add action=mark-routing chain=prerouting comment="Mark routing towards ISP4" connection-mark=ISP4_conn in-interface=ether10 log-prefix="" new-routing-mark=to_ISP4 passthrough=yes

add action=mark-routing chain=output connection-mark=ISP1_conn disabled=yes log-prefix="" new-routing-mark=to_ISP1 out-interface=ether1 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP2_conn disabled=yes log-prefix="" new-routing-mark=to_ISP2 out-interface=ether2 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP3_conn disabled=yes log-prefix="" new-routing-mark=to_ISP3 out-interface=ether3 passthrough=yes
add action=mark-routing chain=output connection-mark=ISP4_conn disabled=yes log-prefix="" new-routing-mark=to_ISP4 out-interface=ether4 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade ether1 outgoing traffic" log-prefix="" out-interface=ether1
add action=masquerade chain=srcnat comment="Masquerade ether2 outgoing traffic" log-prefix="" out-interface=ether2
add action=masquerade chain=srcnat comment="Masquerade ether3 outgoing traffic" log-prefix="" out-interface=ether3
add action=masquerade chain=srcnat comment="Masquerade ether4 outgoing traffic" log-prefix="" out-interface=ether4
/ip route
add check-gateway=ping distance=1 gateway=8.8.8.8 routing-mark=to_ISP1
add check-gateway=ping distance=2 gateway=8.8.4.4 routing-mark=to_ISP1
add check-gateway=ping distance=3 gateway=208.67.222.222 routing-mark=to_ISP1
add check-gateway=ping distance=4 gateway=208.67.220.220 routing-mark=to_ISP1
add check-gateway=ping distance=1 gateway=8.8.4.4 routing-mark=to_ISP2
add check-gateway=ping distance=2 gateway=208.67.222.222 routing-mark=to_ISP2
add check-gateway=ping distance=3 gateway=208.67.220.220 routing-mark=to_ISP2
add check-gateway=ping distance=4 gateway=8.8.8.8 routing-mark=to_ISP2
add check-gateway=ping distance=1 gateway=208.67.222.222 routing-mark=to_ISP3
add check-gateway=ping distance=2 gateway=208.67.220.220 routing-mark=to_ISP3
add check-gateway=ping distance=3 gateway=8.8.8.8 routing-mark=to_ISP3
add check-gateway=ping distance=4 gateway=8.8.4.4 routing-mark=to_ISP3
add check-gateway=ping distance=1 gateway=208.67.220.220 routing-mark=to_ISP4
add check-gateway=ping distance=2 gateway=8.8.8.8 routing-mark=to_ISP4
add check-gateway=ping distance=3 gateway=8.8.4.4 routing-mark=to_ISP4
add check-gateway=ping distance=4 gateway=208.67.222.222 routing-mark=to_ISP4
add check-gateway=ping distance=5 gateway=192.168.11.1
add check-gateway=ping distance=5 gateway=192.168.13.1
add check-gateway=ping distance=5 gateway=192.168.12.1
add check-gateway=ping distance=5 gateway=192.168.14.1

add comment="Gateway check for ISP1" distance=1 dst-address=8.8.8.8/32 gateway=192.168.11.1 scope=10
add comment="Gateway check for ISP2" distance=1 dst-address=8.8.4.4/32 gateway=192.168.12.1 scope=10
add comment="Gateway check for ISP3" distance=1 dst-address=208.67.222.222/32 gateway=192.168.13.1 scope=10
add comment="Gateway check for ISP4" distance=1 dst-address=208.67.220.220/32 gateway=192.168.14.1 scope=10

add comment="Blackhole 10.0.0.0/8 subnet" distance=1 dst-address=10.0.0.0/8 type=blackhole
add comment="Blackhole 172.16.0.0/12 subnet" distance=1 dst-address=172.16.0.0/12 type=blackhole
add comment="Blackhole 192.168.0.0/16 subnet" distance=1 dst-address=192.168.0.0/16 type=blackhole
/routing ospf network
add area=backbone network=192.168.2.0/24
add area=backbone network=192.168.12.0/24
add area=backbone network=192.168.11.0/24
add area=backbone network=192.168.13.0/24
add area=backbone network=192.168.14.0/24
/system clock
set time-zone-autodetect=no time-zone-name=Europe/Madrid
/system identity
set name=MyRouter
/system ntp client
set enabled=yes server-dns-names=0.pool.ntp.org,1.pool.ntp.org
You are just putting more lines with the passthrough parameter to yes.
My goals is to have this parameter to no for as much rules as possible.
The thing is it should lower the load of the CPU because less rules have to be evaluated, although I thought so....
Top
Post Reply
  4. RouterOS
  5. General