Page 1 of 1
1 Wan 2 Public IP's Gateway Failover
Posted: Tue Dec 02, 2014 2:41 am
by Montana
This may be simple but everything I have done doesnt work.
I have 2 public IP's from 2 different companies coming in to a single wireless connection. This single connection is coming in to a RB450G. Not looking to do load balancing, just failover if the internet is down to the ISP's
The problem is that the gateways may be working but one may have a break in the connection past the ISP's gateway. I was looking to check and switch active gateways using google or some other external hosts. I have tried to use "Advanced Routing Failover without Scripting" from the wiki but I havent got it to work. Been staring at it for so long I must have missed something simple or it doesnt work the way I want it to.
Any advice
Re: 1 Wan 2 Public IP's Gateway Failover
Posted: Tue Dec 02, 2014 7:53 am
by technicarl
netwatch is under tools - I have a netwatch setup that monitors remote hosts for failover eg. 8.8.8.8 and it works well.
This does require a little scripting but only to disable/enable one gateway or the other - you can do it.
Re: 1 Wan 2 Public IP's Gateway Failover
Posted: Tue Dec 02, 2014 9:04 am
by jarda
How do your routes to the testing ip address look like?
Re: 1 Wan 2 Public IP's Gateway Failover
Posted: Tue Dec 02, 2014 9:07 am
by jarda
How you can have 2 isps on one single wireless interface?
Re: 1 Wan 2 Public IP's Gateway Failover
Posted: Thu Dec 04, 2014 2:27 am
by Montana
My IP's listed are not the actual but you get the jest.
Google DNS --8.8.8.8
OpenDNS -----208.67.220.220
My address from Isp#1----10.0.1.2/30 Gateway-10.0.1.1
My address from Isp#2----10.0.2.2/30 Gateway-10.0.2.1
/ip route
add dst-address=8.8.8.8 gateway=10.0.1.1 scope=10
add dst-address=208.67.220.220 gateway=10.0.2.1 scope=10
/ip route
add distance=1 gateway=8.8.8.8 routing-mark=ISP1 check-gateway=ping
add distance=2 gateway=208.67.220.220 routing-mark=ISP1 check-gateway=ping
/ip route
add distance=1 gateway=208.67.220.220 routing-mark=ISP2 check-gateway=ping
add distance=2 gateway=8.8.8.8 routing-mark=ISP2 check-gateway=ping
This is the way that I put it together based of of wiki.mikrotik.com/wiki/Advanced_Routing_Failover_without_Scripting
The gateways for the second and third set didnt look right and I tried using my gateways instead but that didnt work either.
I can get everything to work when I treat it like a single ISP setup and I know that everything else works that way. It's just tring to implementing the failover that things fail.
As for how I get two ISP's on one port that was easy. The tower has two ISP's on it and they put a switch in that feeds my setup, thru a single wireless bridge to me in the valley.
Re: 1 Wan 2 Public IP's Gateway Failover
Posted: Thu Dec 04, 2014 3:06 am
by Aveyer
I also had a hard time finding a way to check multiple hosts beyond a gateway, eventually I found a script on the internet which I modified.
I don't have two ISPs on one interface but you can probably get it to work.
My Gateway has a static default route which is then injected to the rest of the network via OSPF, the sript will check if the hosts are responding, if not, it disables the default route.
The script is ran on Scheduler.
:if ([/ip route get [find comment="GATEWAY"] disabled]=false) do={
:if ([/ping x.x.x.x count=2] = 0 && [/ping x.x.x.x count=2] = 0 && [/ping x.x.x.x count=2] = 0) do={
/ip route disable [find comment="GATEWAY"]
:log info "ISP DOWN";
}
}
:delay 5;
:if ([/ip route get [find comment="GATEWAY"] disabled]=true) do={
:if ([/ping x.x.x.x count=2] > 0 || [/ping x.x.x.x count=2] > 0 || [/ping x.x.x.x count=2] > 0) do={
/ip route enable [find comment="GATEWAY"]
:log info "ISP UP";
}
}
Re: 1 Wan 2 Public IP's Gateway Failover
Posted: Thu Dec 04, 2014 5:28 am
by technicarl
OK, I see that you have implemented your own system for checking gateways etc. and if that works then the only problem I see is that you are using routing marks but you have not mentioned any firewall mangle settings. I recommend removing the routing marks because unless packets are marked with the routing marks and a rule is set up under routes to lookup a table for those routing marks, they will not be used at all or they will fail.
Let me know if that does it - otherwise I'll have a closer look.
Re: 1 Wan 2 Public IP's Gateway Failover
Posted: Thu Dec 04, 2014 5:46 am
by technicarl
Suggestion:
Make two gateways dest=0.0.0.0 gateway=ISP distance 1 and the other distance 2
create your gateways for host ping ISP1 as you did.
no routing marks
create netwatches for your gateway1 ping hosts - down script disables the first route if other netwatch is also down, up enables
That is pure fail-over. If route one is up it is used first, if down, route 2 is used. If route 2 is also down then internet is down.
Maybe I misunderstand, but I don't have all the info - I think you'll sort it out
Re: 1 Wan 2 Public IP's Gateway Failover
Posted: Thu Dec 04, 2014 12:03 pm
by jarda
Checking the gateway does not say anything about internet accessibility beyond the gateway. You should be checking real public IP that you know it works thru the route to be sure if the route has or has not access to internet. And then you can decide about the disabling or about the distance value change to switch the default routes.
See this:
http://forum.mikrotik.com/viewtopic.php ... le#p457065