Hello,
My mikrotik is RB750Gr3 rev r4 Firmware mt7621L
I have two ISP and both ISP provided me HUawei same device with almost same configuration.
1-ISP 1ST HUAWE device DHCP is configured as ip 192.168.100.1 and SUBNET 255.255.255.0
2-ISP 2nd HUAWE device DHCP is configured as ip 192.168.100.1 and SUBNET 255.255.255.0
3-LAN Mikrotik DHCP Server is configured as IP 10.10.10.1 and subnet 255.255.0.0
first problem is i cant able to change the IP and subnet in both huawei devices as its give me error message "Invalid IP or IP is not under the subnet mast" i try to change the IP and subnet like IP 10.10.10.1 and subnet 255.255.0.0 but huawei device wont accept this as it give me 24bit range error.
However, i try to add this two ISP in my mikrotik, ISP1 uplink mikrotik 1st port and the 2nd into 2nd port. now the issue is the internet is only working on 1st port of mikrotik which consider Main internet port. the 2nd Ethernet is shows receiving but not passing internet to LAN user but both ISP link is working if i putt that link in Mikrotik 1st port as Main internet source.
what could be the reason in your opinion ? is this possible to manage same IP/subnet ISP as i describe above ?
Re: 2 ISP CONFIGURTAION PROBLEM
you cant as far as im awear run two isp in to the mikrotik at the same time
use port 1 fromn the isp
next issue is the mikrotik cant be a dhcp after the isp router when it is set up as dhcp
need to make isp router in bridge mode then the mikrotik can run your dhcp and the sub net you wont to run it as
use port 1 fromn the isp
next issue is the mikrotik cant be a dhcp after the isp router when it is set up as dhcp
need to make isp router in bridge mode then the mikrotik can run your dhcp and the sub net you wont to run it as
Re: 2 ISP CONFIGURTAION PROBLEM
As a matter of fact you can, but since both ISPs provide addresses from the same address space, the routing part would be a bit tricky. First, the creation of routing tables and mangling which is typical load balancing, should be done:you cant as far as im awear run two isp in to the mikrotik at the same time
Code: Select all
/ip route
add fib name=ISP1_table
add fib name=ISP2_table
/ip firewall mangle
add action=mark-connection chain=input connection-state=new in-interface="ISP1_interface" new-connection-mark=ISP1_conn
add action=mark-connection chain=input connection-state=new in-interface="ISP2_interface" new-connection-mark=ISP2_conn
add action=mark-connection chain=output connection-mark=no-mark connection-state=new out-interface="ISP1_interface" new-connection-mark=ISP1_conn
add action=mark-connection chain=output connection-mark=no-mark connection-state=new out-interface="ISP2_interface" new-connection-mark=ISP2_conn
add action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new dst-address-type=!local in-interface="LAN_interface" new-connection-mark=ISP1_conn per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new dst-address-type=!local in-interface="LAN_interface" new-connection-mark=ISP2_conn per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=ISP1_conn in-interface="LAN_interface" new-routing-mark=ISP1_table passthrough=no
add action=mark-routing chain=prerouting connection-mark=ISP2_conn in-interface="LAN_interface" new-routing-mark=ISP2_table passthrough=no
add action=mark-routing chain=output connection-mark=ISP1_conn new-routing-mark=ISP1_table passthrough=no
add action=mark-routing chain=output connection-mark=ISP2_conn new-routing-mark=ISP2_table passthrough=noCode: Select all
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP1_interface" distance=1
add dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP2_interface" distance=2
add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.100.1 routing-table=ISP1_table
add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.100.1 routing-table=ISP2_table
Re: 2 ISP CONFIGURTAION PROBLEM
Would it not be for the second bit...... ????
/ip route
add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP1_interface" distance=1
add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP2_interface" distance=2
add dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP1_interface" routing-table=ISP1_table
add dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP2_interface" routing-table=ISP2_table
Also, isnt the purpose of the first set of mangling rules, independent of load balancing, aka not required?
My thought was that its mangling for the purpose of ensuring EXTERNAL traffic direct to the ROUTER is returned by the correct WAN....... such as vlans.
It was not clear to me that this was a requirement??
Its also full of errors!!!
add action=mark-connection chain=input connection-state=new in-interface="ISP1_interface" new-connection-mark=ISP1_conn
add action=mark-connection chain=input connection-state=new in-interface="ISP2_interface" new-connection-mark=ISP2_conn
add action=mark-connection chain=output connection-mark=no-mark connection-state=new out-interface="ISP1_interface" new-connection-mark=ISP1_conn
add action=mark-connection chain=output connection-mark=no-mark connection-state=new out-interface="ISP2_interface" new-connection-mark=ISP2_conn
Use of connection marks is not really standard and further you missed the routing mark aspect totally.......would be more like.
add action=mark-connection chain=input connection-mark-no-mark in-interface="ISP1_interface" new-connection-mark=ISP1_conn passthrough=yes
add action=mark-connection chain=input connection-mark=not-mark in-interface="ISP2_interface" new-connection-mark=ISP2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=ISP1_conn new-routing-mark=ISP1_table passthrough=no
add action=mark-routing chain=output connection-mark=ISP2_conn new-routing-mark=ISP2_table passthrough=no
/ip route
add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP1_interface" distance=1
add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP2_interface" distance=2
add dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP1_interface" routing-table=ISP1_table
add dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP2_interface" routing-table=ISP2_table
Also, isnt the purpose of the first set of mangling rules, independent of load balancing, aka not required?
My thought was that its mangling for the purpose of ensuring EXTERNAL traffic direct to the ROUTER is returned by the correct WAN....... such as vlans.
It was not clear to me that this was a requirement??
Its also full of errors!!!
add action=mark-connection chain=input connection-state=new in-interface="ISP1_interface" new-connection-mark=ISP1_conn
add action=mark-connection chain=input connection-state=new in-interface="ISP2_interface" new-connection-mark=ISP2_conn
add action=mark-connection chain=output connection-mark=no-mark connection-state=new out-interface="ISP1_interface" new-connection-mark=ISP1_conn
add action=mark-connection chain=output connection-mark=no-mark connection-state=new out-interface="ISP2_interface" new-connection-mark=ISP2_conn
Use of connection marks is not really standard and further you missed the routing mark aspect totally.......would be more like.
add action=mark-connection chain=input connection-mark-no-mark in-interface="ISP1_interface" new-connection-mark=ISP1_conn passthrough=yes
add action=mark-connection chain=input connection-mark=not-mark in-interface="ISP2_interface" new-connection-mark=ISP2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=ISP1_conn new-routing-mark=ISP1_table passthrough=no
add action=mark-routing chain=output connection-mark=ISP2_conn new-routing-mark=ISP2_table passthrough=no
Re: 2 ISP CONFIGURTAION PROBLEM
Since route marking is in place for the exact interface, I expect it not to be? shrugWould it not be for the second bit...... ????
/ip route
add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP1_interface" distance=1
add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP2_interface" distance=2
add dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP1_interface" routing-table=ISP1_table
add dst-address=0.0.0.0/0 gateway=192.168.100.1%"ISP2_interface" routing-table=ISP2_table
Based on the following sentence from the OP's post I assumed it would be needed:Also, isnt the purpose of the first set of mangling rules, independent of load balancing, aka not required?
My thought was that its mangling for the purpose of ensuring EXTERNAL traffic direct to the ROUTER is returned by the correct WAN....... such as vlans.
It was not clear to me that this was a requirement??
the 2nd Ethernet is shows receiving but not passing internet to LAN user [...]
Blame the official documentation on load baalncing, I have seen numerous ways on how to set it up, so I can't tell which one is the most right/efficient/etc.Its also full of errors!!!
add action=mark-connection chain=input connection-state=new in-interface="ISP1_interface" new-connection-mark=ISP1_conn
add action=mark-connection chain=input connection-state=new in-interface="ISP2_interface" new-connection-mark=ISP2_conn
add action=mark-connection chain=output connection-mark=no-mark connection-state=new out-interface="ISP1_interface" new-connection-mark=ISP1_conn
add action=mark-connection chain=output connection-mark=no-mark connection-state=new out-interface="ISP2_interface" new-connection-mark=ISP2_conn
Use of connection marks is not really standard and further you missed the routing mark aspect totally.......would be more like.
add action=mark-connection chain=input connection-mark-no-mark in-interface="ISP1_interface" new-connection-mark=ISP1_conn passthrough=yes
add action=mark-connection chain=input connection-mark=not-mark in-interface="ISP2_interface" new-connection-mark=ISP2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=ISP1_conn new-routing-mark=ISP1_table passthrough=no
add action=mark-routing chain=output connection-mark=ISP2_conn new-routing-mark=ISP2_table passthrough=no
Re: 2 ISP CONFIGURTAION PROBLEM
I dont use official documentation or anyones documentation if it doesnt make sense to me. If the official documentation says jump off a cliff I am afraid we may not see you any longer. 
For the OP, please describe the requirements more fully before deciding on any config.
Do you have any VPNs coming into the router?
Do you have any port forwardings going on, aka external users coming into the router to a LAN server
What is the purpose of two WANS, share the load ( aka load balance the available throughput ) or simply use one and have the other available if the first one goes down (redundancy).
The last question is somewhat rhetorical because for redundancy its best to have two separate providers and better yet if two different types of internet. It would seem, could be wrong, that you have the provider giving you two of the same and certainly not clear that the two sources are from two different upstream providers.
In any case without full disclosure of what all the user requirements are in more detail, providing information would be a waste of time.
Identify all users internal, external, admin
Identify all the traffic they should be able to accomplish.
For the OP, please describe the requirements more fully before deciding on any config.
Do you have any VPNs coming into the router?
Do you have any port forwardings going on, aka external users coming into the router to a LAN server
What is the purpose of two WANS, share the load ( aka load balance the available throughput ) or simply use one and have the other available if the first one goes down (redundancy).
The last question is somewhat rhetorical because for redundancy its best to have two separate providers and better yet if two different types of internet. It would seem, could be wrong, that you have the provider giving you two of the same and certainly not clear that the two sources are from two different upstream providers.
In any case without full disclosure of what all the user requirements are in more detail, providing information would be a waste of time.
Identify all users internal, external, admin
Identify all the traffic they should be able to accomplish.
Who is online
Users browsing this forum: No registered users and 22 guests