Monday, May 13, 2013

Simple Failover Mikrotik

Simple fail-over Mikrotik router configuration.
Most of the user wants backup link (Fiber link with Wireless backup), in case fiber down wireless link auto up. No downtime for the user. Here is simple setting on Mikrotik for fail-over.
I'm very great full to Anton to point out the mistake in src-address. It has been corrected now.

****default routes for new outgoing traffic.****
/ip route
add dst-address=0.0.0.0/0 gateway=ISP-GW-ADDR-1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=ISP-GW-ADDR-2 distance=2

++masquerade both WAN connections++
/ip firewall nat
add chain=srcnat src-address=192.168.0.0/24 out-interface=WAN-1 action=masquerade
add chain=srcnat src-address=192.168.0.0/24 out-interface=WAN-2 action=masquerade

Thats it.



16 comments:

  1. Hi,

    For this:

    ++masquerade both WAN connections++
    /ip firewall nat
    add chain=srcnat src-address=192.168.1.1 out-interface=WAN-1 action=masquerade
    add chain=srcnat src-address=192.168.1.1 out-interface=WAN-2 action=masquerade

    which is the src-address ? Which ip i should set here? Thanks in advance.

    ReplyDelete
  2. anton, src-address should be your lan IP range. src-address=192.168.1.0/24, if you have 192.168.1.0 network.

    ReplyDelete
  3. As per the above connection, when Primary WAN is down it is switching to backup WAN Link automatically, but when the primary WAN is up then it is not switching back from backup Link to primary WAN Link automatically. Pls suggest...

    ReplyDelete
  4. Try to increase the distance, e.g primary link distance=1 and secondary distance=10. This is working fine for me.

    ReplyDelete
  5. "src-address should be your lan IP range. src-address=192.168.1.0/24, if you have 192.168.1.0 network."

    What if I have multiple lan networks, can I keep it empty?

    ReplyDelete
  6. @Ambro
    you can do add multiple address with masquerade option or just leave blank at src-address with masquerade, that will masquerade whole your network.

    Regards
    Jay

    ReplyDelete
  7. Hello, if the both WAN gateways are connected to the routerboard but for example of you have a DSL connection and the DSL link is down while its still connected to the routerboard and pingable locally the routung rule is still counting is as the primary connection,

    can't we specify the ping destination for example google.com or 8.8.8.8 ??

    ReplyDelete
  8. Dear Samer,
    Yes you can ping other sites like google or yahoo or bing, it would be nice to add their IP's. Here we don't ping the local IP's. Here we ping remote IP, so router can detect link down and switch to next path.

    ReplyDelete
  9. Hello
    thx for this it works for me
    but I have question how can i send mail when the isp is down ?
    I triyed netwatch but the gw is still UP

    ReplyDelete
  10. how to configure fail over cluster on Mikrotik?

    ReplyDelete
  11. Hello, if the both WAN gateways are connected to the routerboard but for example of you have a DSL connection and the DSL link is down while its still connected to the routerboard and pingable locally the routung rule is still counting is as the primary connection,

    can't we specify the ping destination for example google.com or 8.8.8.8 ??

    I have the same question as Above. How do i add a site IP so as if internet is down router will switch to the second ISP?

    ReplyDelete
    Replies
    1. Instead of using ISP gateway try to ping 8.8.8.8.

      Delete
  12. what about single gateway with dual link

    ReplyDelete
    Replies
    1. hi, there is bonding feature and bridging, so if one link fail your traffic goes through other link.

      Delete