Solved

Mikrotik Routerboard & redundant WAN connection

Posted on 2013-01-29
13
1,896 Views
Last Modified: 2013-03-08
I have a Mikrotik Routerboard 751-series and have the following set up:
ether1 - N/A
ether2 - for future use
ether3 - pppoe modem connection attached
ether4 & ether5: LAN

At present I have the option of ADSL and my pppoe wireless connection, with the option to switch by disabling the primary route, where the MikroTik will jump over to the next 0.0.0.0/0 route being the pppoe option.

I have tried here http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/Filter but for some reason the unit doesn't seem to automatically roll over to the pppoe connection if ADSL goes down (waiting on my telco to sort out a messy intermittent line fault).

Any advice on how to approach this would be appreciated.
0
Comment
Question by:kiwistag
  • 7
  • 6
13 Comments
 
LVL 7

Accepted Solution

by:
Scobber earned 500 total points
ID: 38830436
So you have two wan connections? and how do these wan connections interface with your network and outside world?

Say you have:-
Ether1 connected to the ADSL
Ether2 Connected to the Wireless
Ether3 Connected to LAN
Ether4 Connected to LAN
Ether5 NA

The better way to do this is above, as you can only set Ether2-5 as SX

Create two static routes:
Ether1 0.0.0.0/0 Metric 10
Ether2 0.0.0.0/0 Metric 20

If you are using PPPoE on your ADSL and Wireless, Make sure that you have the two routes bound to the two PPPoE connections.

When one fails the secondary (higher metric) will automatically activate.
You may need to add masquerade rules to the ip/firewall/nat
0
 
LVL 6

Author Comment

by:kiwistag
ID: 38847439
There seems to be no specific Metric field
Only:
Scope
Target Scope
Routing Mask
0
 
LVL 7

Expert Comment

by:Scobber
ID: 38847476
How are you configuring it? Winbox, terminal, webbox or webfig
0
 
LVL 6

Author Comment

by:kiwistag
ID: 38847495
A mix of Winbox and terminal.
0
 
LVL 7

Expert Comment

by:Scobber
ID: 38847783
So in IP route configure your routes there. If you don't have gateway and metric your on the wrong spot
0
 
LVL 6

Author Comment

by:kiwistag
ID: 38847798
A sample Snapshot of a routing entry is below:
routes.jpg
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 7

Expert Comment

by:Scobber
ID: 38847866
Sorry 'distance' is mikrotik for metric
0
 
LVL 6

Author Comment

by:kiwistag
ID: 38888174
Still doesn't seem to work.
I've changed the config layout slightly, but the default Dynamic (DAC) routes are locked down so I can't enter a Metric. If I create a Static route (AS) they won't help.
0
 
LVL 7

Assisted Solution

by:Scobber
Scobber earned 500 total points
ID: 38888527
Dynamic routes are that way because they are directly connected. If its a dynamic default route then turn it off in the connection properties (DHCP client, pppoe client). Then format the static route with either the up of the gateway, or no up but the gateway set as the inyerface
0
 
LVL 7

Assisted Solution

by:Scobber
Scobber earned 500 total points
ID: 38888534
Up is IP sorry on mobile. Dac routes appear when a dynamic/static IP is on the router. But as above the default ,0.0.0.0/0 are the ones you need to modify the behaviour
0
 
LVL 6

Author Comment

by:kiwistag
ID: 38933345
Just purchased "RouterOS by Example" by Stephen Discher which has some examples on the above setups (already solved 2 other queries with it).
I'll post the result once I compare it to my model.
0
 
LVL 6

Author Comment

by:kiwistag
ID: 38968176
This will take a bit more playing with to get right. So far if the Wireless interface is on eth1 it takes precedence in the routing table. I'll have to mix/match the ADSL link over this interface to take precedence or move it off onto say eth2 so it's not prioritised by a default route.
Thanks for your help so far but it may take a bit more playing around to perfect. Once I do get it right I'll post the results on here.
0
 
LVL 6

Author Closing Comment

by:kiwistag
ID: 38968177
Info has helped so far but to get it right may still take some spare time.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now