![]() ip firewall filter add chain=output comment="Drop pings to 8.8.4.4.4 if they go through secondary gateway" dst-address=8.8.4.4 out-interface=ether2 action=drop ip firewall filter add chain=output comment="Drop pings to 8.8.8.8 if they go through secondary gateway" dst-address=8.8.8.8 out-interface=ether2 action=drop ip route add comment="Force test pings to 8.8.4.4 through primary gateway" dst-address=8.8.4.4 gateway=x.x.x.xĪnd to be certain that only pings to 8.8.8.8 and 8.8.4.4 go through the primary gateway interface we add two firewall rules: ip route add comment="Force test pings to 8.8.8.8 through primary gateway" dst-address=8.8.8.8 gateway=x.x.x.x The primary and secondary routes have to have the comment “primary gateway” and “secondary gateway”.Īdd comment="secondary gateway" distance=1 dst-address=0.0.0.0/0 gateway=x.x.x.xĪdd comment="primary gateway" distance=20 dst-address=0.0.0.0/0 gateway=x.x.x.x When one IP address is responding again the distance is changed back to normal. When both IP addresses aren’t responding the script changes the distance of the primary and secondary route. If one of them fails to respond there could be a problem with that specific IP address, not with the internet line. ![]() This script checks two IP addresses (8.8.8.8 and 8.8.4.4 in this case). :set msg "Pings reachable, switching back to primary gateway with setting distance to 1" :set msg "Pings not reachable, switching to secondary gateway with setting distance to 1" # check the distance of the primary default gateway static route ![]() I was inspired with the failover from Steve Discher and Michael Bear, I changed the script a little bit.įirst I added this script to the Mikrotik router (System -> Scripts): And pinging the gateway was not the way for me. I wanted the most stable failover I could think of, in my opinion that is by pinging multiple IP addresses. There are several ways to do a failover in RouterOS. ![]()
0 Comments
Leave a Reply. |