MikroTik

Posted: **Sun Apr 21, 2024 1:45 pm**

Hello

I have a Provider, which has its first hop within the local POP. This means, if there is an issue outside the local POP, the gateway still can be pinged. But connection to the Internet is not available anymore.

Due to this circumstance, the route, even with check-gateway enabled, still keeps being active when the Provider has issues within its network.

Is there a way to work around this?

I have found this solution to reroute e.g. 1.1.1.1 and do a check-gateway onto this. But isn't this kind of risky? If there is a routing issue to 1.1.1.1 or 1.1.1.1 is unreachable, it will deactivate the route. viewtopic.php?f=2&t=176574&p=865665&hil ... er#p963933

Is there a way to ping multiple targets, so there is the logic to just disable the route if all targets are unreachable?

Posted: **Sun Apr 21, 2024 1:47 pm**

Yes its called recursive routing.

Posted: **Sun Apr 21, 2024 2:46 pm**

Maybe you want a netwatch script *like*:
viewtopic.php?t=193021

Posted: **Tue Apr 23, 2024 2:08 am**

My provider now gave me an IP within its network which I can use as up metric.

Somehow, I'm unable to test recursive routing. Does it not work with different routing tables?

This is my test setup:
# mangle rule

> /ip/firewall/mangle export where new-routing-mark=test
/ip firewall mangle
add action=mark-routing chain=prerouting dst-address-list=!allowed_to_router \
    new-routing-mark=test passthrough=yes src-address=172.16.90.117

# not working (traffic flows over main table)

> /ip/route/export compact where routing-table=test
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1 pref-src="" routing-table=\
    test scope=30 suppress-hw-offload=no target-scope=12
add disabled=no distance=1 dst-address=1.1.1.1/32 gateway=192.168.88.1 pref-src="" routing-table=test scope=30 \
    suppress-hw-offload=no target-scope=1

# working (traffic flows over test table)

> /ip/route/export terse  where routing-table=test      
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.88.1 pref-src="" rout
ing-table=test scope=30 suppress-hw-offload=no target-scope=12

P.S. I'm also having issues with Fasttrack and the mangle rule. If I mangle it to this test table with Fasttrack enabled, the performance is terrible. Speedtest with just a few kb/s. Is this normal? Traffic over the main table over the same gateway is OK with Fasttrack enabled.

/ip firewall filter add action=fasttrack-connection chain=forward connection-state=established,related hw-offload=yes

Posted: **Tue Apr 23, 2024 2:58 am**

A config is not snippets...... and not into chasing moving targets!
Provide a network diagram ( should detail any vlans, WAN sources and type ( static,dynamic, public, not publice )
Provide a complete config
Provide requirements
a. identify all user(s)/device(s) and groups of users/devices including admin
b. identify all the traffic they require.

+++++++++++++++++++++++++++++++++++++++++++++++

MikroTik

Check Gateway ping failover not working for Provider

Check Gateway ping failover not working for Provider

Re: Check Gateway ping failover not working for Provider

Re: Check Gateway ping failover not working for Provider

Re: Check Gateway ping failover not working for Provider

Re: Check Gateway ping failover not working for Provider