MikroTik

Hello, newbie here.

Office scenario. 2 WAN links, different ISP.
4 VLANs, one for servers has public IP. Web server published, and other services.
All firewall rules working, multiple port forwarding through ISP1.

Time pases, bandwidth is not enough.

We buy ISP2 access to separate Browsing traffic of the users.
Users now in other VLAN.
Wifi guest other VLAN too.

How do I separate the VLAN200 so users go by ISP2.
and still, ISP1 with public IP address, servers etc be still active ( vlan300)?

As I see, is not "load balancing" but allocation, or matching.
how is this done?

thanks!

in IP - Firewall - mangle, use In interface = VLANxx to mark connection , then mark Routing
use this routing mark in IP - Routing, to route traffic with such mark to ISP 2

Edited it need to be mark routing not mark packet, Sorry I was dealing with queues at the time.

Im confused by the initial information.
The member didnt mention a block of IPs but I am assuming a /29 block 6 useable IPs.
One used for the router and private LANs (or vlans) and one used for public IP (4 left to use?)
Then they added ISP2.
Is that about right?

Also why is it sometimes people mark connections then mark routes based on the marked connection and in this case not even bothering with marking routes?
I like the WHY more so than the what>

I guess if you mark connection first then you don't have to inspect every packet on that connection to mark routing. More efficient

Solar, that's not me, just regurgitating fables, known in some parts as "Sob Rules". I simply state - Yoda says 'be efficient'.

there are always good way of doing things and better way of doing things. Most cases I am happy as long as it works

Im confused by the initial information.
The member didnt mention a block of IPs but I am assuming a /29 block 6 useable IPs.
One used for the router and private LANs (or vlans) and one used for public IP (4 left to use?)
Then they added ISP2.
Is that about right?

Also why is it sometimes people mark connections then mark routes based on the marked connection and in this case not even bothering with marking routes?
I like the WHY more so than the what>

Hello all, thanks for the reply.
On ISP1, I only have 1 public IP address. Not a range.

I'm very new to the concept of marking packets/connections.
Ex cisco ccna, now retired from managing networks.I will now go read something about mangle.
thanks

Mangled is also a state of mind after reading mikrotik literature and the gobblity gook iptables speak of geekheads at MUM presentations.
Enjoy!!

I'm not ab le to get this working.


what about NAT? should I configure NAT with routing marks too?

Post your config from terminal
/export hide-sensitive file=nameofyourchoosing

go to files and download the file to your pc........