Doing multi host failover, used this link
https://wiki.mikrotik.com/wiki/Advanced ... asic_Setup.
Now on host checking per Uplink where:
/ip route
add dst-address=Host1A gateway=GW1 scope=10
add dst-address=Host1B gateway=GW1 scope=10
add dst-address=Host2A gateway=GW2 scope=10
add dst-address=Host2B gateway=GW2 scope=10
"Host", I tried putting 'domain names' instead of just IP, but it wont work. From what i remember, its not possible, am I correct? If so, please help me undertand.
Use of DNS name here would be a bit of a chicken and egg problem, because to resolve the DNS name into an IP address, the router would have to first send a DNS query packet to the IP address of a DNS server, and to do that, it would have to choose a working gateway to send that query. So it makes sense to use DNS servers' IP addresses as the monitored remote destinations directly; also because DNS servers operated by large companies are usually highly available, and because the IP addresses of DNS servers are among the very few ones which do not change.
/ip route
add dst-address=10.1.1.1 gateway=Host1A scope=10 target-scope=10 check-gateway=ping
add dst-address=10.1.1.1 gateway=Host1B scope=10 target-scope=10 check-gateway=ping
It says Host1A as dst-address and now gateway..... plus what is this 10.1.1.1 dst-address?
I understand its probably basic etc, however, cementing your understand goes a long way. So I hope one of you kind people can help me understand.
This is called recursive gateway and I cannot remember seeing this approach anywhere else except Mikrotik, but there's a lot of things I haven't seen aĺthough they do exist
The idea is the following: if the IP address of a route's gateway is not in any directly connected subnet of the router, it means it is an indirect route. So you take the IP address of the gateway and find a route for it. And you repeat this process recursively until you finally find a gateway which is in a directly connected subnet, and use its MAC address to deliver the packet.
If, at some stage of the recursion, you find a route which is currently not available (does not respond to ping) and has no alternative, the whole recursive route becomes unavailable.
When checking whether a WAN interface "works", it makes sense to check that by pinging an IP address (device) somewhere far away in the internet - because if your ISP has a problem, you may be able to ping his gateway router next to you but your packets wouldn't get anywhere further through that gateway. On the other hand, if you would monitor this way just a single remote IP address, the availability of the WAN's gateway would depend on availability of a single external monitored address, so a failure of that monitored address would render that WAN unusable although in fact it would work fine. So you use a two-level recursion - for each WAN interface, you use two monitored addresses as primary and secondary route through the same physical gateway of that WAN interface for some auxiiliary private address you won't ever need to send a packet to, and then you use the auxiliary address as the recursive gateway through that WAN for all other routes.
You could simply use four routes with different priority, two of them via WAN1 and the other two via WAN2, but that would only make sense if a plain failover would be sufficient for you, i.e. you would use WAN1 for everything as long as it would be available, and only use WAN2 if WAN1 would not available. But you often need more complex uses, such as load distribution between the WANs as long as both are available, routing to some destinations or for non-VIP local sources via one of the WANs only, not using the backup one for these clients or destinations even if the primary one becomes unavailable etc. So in these cases, you create one recursive gateway per each WAN using the auxiliary address, and you build your policy routing atop these recursive routes.
