Please help me saving the good reputation of mikrotik.
I was bragging about Mikrotik to our network admin at work. He have got an offer from a consultent about 10k USD, to solve a challenge about routing company network out to 3 ISP.
I said MikroTik was cheaper and better!!
But --We have worked with it for 2 nights now, without getting it all to work.
The challenge:
Dividing company network from SRC add out to different gateways.
Ex.
10.20.0.0/24 need to use gateway xx.xx.xx.xx
10.0.16.0/24 need to use gateway yy.yy.yy.yy
10.0.48.0/24 need to use gateway zz.zz.zz.zz, (not implemented yet.)
We have used the following setup.
http://wiki.mikrotik.com/wiki/Load_Bala ... e_Gateways
Mark with route mark in mangle -
Catch route mark in routes to different default gateways. (ex.0.0.0.0/0 – GW 87.192.190.1)
That works – but..
Then we need to use some single /32 addresses to another gateway than the whole /24 scope, and then it not seems to work.
So we tried the following
10.20.0.4/32 need to use gateway zz.zz.zz.zz (single IP)
10.20.0.0/24 need to use gateway xx.xx.xx.xx (rest of scope)
10.0.16.5/32 need to use gateway zz.zz.zz.zz (single IP)
10.0.16.0/24 need to use gateway yy.yy.yy.yy (rest of scope)
10.0.48.0/24 need to use gateway zz.zz.zz.zz
That’s not functional..
When we add 10.20.0.4 rule there is nothing in the /24 scope coming out to the internet.
It’s not an option to move all too same subnet, which needs to go out of same ISP – so we need to get the “src” routing option to work.
The setup
/Ip firewall mangle
0 ;;; Mark to Routing SHDSL
chain=prerouting src-address=10.0.16.0/20 action=mark-routing
new-routing-mark=SHDSL passthrough=yes
1 chain=prerouting src-address=10.0.48.0/20 action=mark-routing
new-routing-mark=SHDSL passthrough=yes
<<<2 chain=prerouting src-address=10.2.0.4/32 action=mark-routing
new-routing-mark=SHDSL passthrough=yes
3 ;;; Mark til routing ADSL
chain=prerouting src-address=10.2.0.0/24 action=mark-routing
new-routing-mark=ADSL passthrough=yes
/ ip route
add dst-address=10.0.16.0/20 gateway=10.0.48.1 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=10.0.48.0/20 gateway=10.0.48.1 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=10.2.0.0/24 gateway=10.0.48.1 scope=255 target-scope=10 \
comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=172.16.0.1 scope=255 target-scope=10 \
routing-mark=SHDSL comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=80.196.192.89 scope=255 target-scope=10 \
routing-mark=ADSL comment="" disabled=no
There is NAT for the SDSL not for the SHDSL line.
Please help med with dividing the diffent Ip out to different ISP.
Best regards
Henrik
