Skip to main content

Simple Failover Mikrotik

Simple fail-over Mikrotik router configuration.
Most of the user wants backup link (Fiber link with Wireless backup), in case fiber down wireless link auto up. No downtime for the user. Here is simple setting on Mikrotik for fail-over.
I'm very great full to Anton to point out the mistake in src-address. It has been corrected now.

****default routes for new outgoing traffic.****
/ip route
add dst-address=0.0.0.0/0 gateway=ISP-GW-ADDR-1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=ISP-GW-ADDR-2 distance=2

++masquerade both WAN connections++
/ip firewall nat
add chain=srcnat src-address=192.168.0.0/24 out-interface=WAN-1 action=masquerade
add chain=srcnat src-address=192.168.0.0/24 out-interface=WAN-2 action=masquerade

Thats it.



Comments

  1. Hi,

    For this:

    ++masquerade both WAN connections++
    /ip firewall nat
    add chain=srcnat src-address=192.168.1.1 out-interface=WAN-1 action=masquerade
    add chain=srcnat src-address=192.168.1.1 out-interface=WAN-2 action=masquerade

    which is the src-address ? Which ip i should set here? Thanks in advance.

    ReplyDelete
  2. anton, src-address should be your lan IP range. src-address=192.168.1.0/24, if you have 192.168.1.0 network.

    ReplyDelete
  3. As per the above connection, when Primary WAN is down it is switching to backup WAN Link automatically, but when the primary WAN is up then it is not switching back from backup Link to primary WAN Link automatically. Pls suggest...

    ReplyDelete
  4. Try to increase the distance, e.g primary link distance=1 and secondary distance=10. This is working fine for me.

    ReplyDelete
  5. "src-address should be your lan IP range. src-address=192.168.1.0/24, if you have 192.168.1.0 network."

    What if I have multiple lan networks, can I keep it empty?

    ReplyDelete
  6. @Ambro
    you can do add multiple address with masquerade option or just leave blank at src-address with masquerade, that will masquerade whole your network.

    Regards
    Jay

    ReplyDelete
  7. Hello, if the both WAN gateways are connected to the routerboard but for example of you have a DSL connection and the DSL link is down while its still connected to the routerboard and pingable locally the routung rule is still counting is as the primary connection,

    can't we specify the ping destination for example google.com or 8.8.8.8 ??

    ReplyDelete
  8. Dear Samer,
    Yes you can ping other sites like google or yahoo or bing, it would be nice to add their IP's. Here we don't ping the local IP's. Here we ping remote IP, so router can detect link down and switch to next path.

    ReplyDelete
  9. Hello
    thx for this it works for me
    but I have question how can i send mail when the isp is down ?
    I triyed netwatch but the gw is still UP

    ReplyDelete
  10. how to configure fail over cluster on Mikrotik?

    ReplyDelete
  11. Hello, if the both WAN gateways are connected to the routerboard but for example of you have a DSL connection and the DSL link is down while its still connected to the routerboard and pingable locally the routung rule is still counting is as the primary connection,

    can't we specify the ping destination for example google.com or 8.8.8.8 ??

    I have the same question as Above. How do i add a site IP so as if internet is down router will switch to the second ISP?

    ReplyDelete
    Replies
    1. Instead of using ISP gateway try to ping 8.8.8.8.

      Delete
  12. what about single gateway with dual link

    ReplyDelete
    Replies
    1. hi, there is bonding feature and bridging, so if one link fail your traffic goes through other link.

      Delete

Post a Comment

Popular posts from this blog

Unable to open kernel device . global vmx86 windows 7

Suddenly I encounter a weird problem with VMware 9 version. I install different OS for my education and testing purposed. Like MAC os, Ubuntu, CentOS, BT, WinXP, Win-server 2003. When I tried to run one of this OS a error message appear. unable to open kernel device "\\.Global\vmx86": The system cannot find the file specified. Did you reboot after installing VMware Workstation? Failed to initialize monitor device. Click ok you can see this window After googling I found one solution in developer forum but thread starter never use that method. So I tried it and here is my finding. Go to the directory of vmware installed  (In my case I run it as Administrator) C:\Program Files (x86)\VMware\VMware Workstation>   ( I've 32-bit apps on 64-bit OS, your may be different) Run this command vnetlib -- uninstall vmx86  reboot Go to the same directory and check net start command - this time it should say "service name  is invalid&quo

Mikrotik SXT 5nD r2 setup in bridge mode

How to connect two Mikrotik RouterBoard SXT 5nD r2 devices together in Bridge Mode Upgrading you SXT's to the Latest version of RouterOS Doing a Bandwidth Test between two RouterBoard SXT-5nD's Mikrotik routerboard default IP is 192.168.88.1 You can connect with routerboard by WinBox through IP and MAC address. You need to download WinBox from mikrotik website. By default routerboard have Admin as username and blank password. If you want to connect with device through IP then don't forget to add same network address into your pc NIC, otherwise connection isn't established. Else you can connect through MAC so choose MAC address from Elipsis next to " connect " field. When you login, "RouterOS Default configuration" screen is popup. click okay. Do same for other device to login to routerOS If you followed the process then you already open both device. Now you can set a HostName for those devices. Click on the system button o