diff --git a/PCC Load Balancing (2 WAN PPPoE) + VLAN + FailOver Netwatch.rsc b/PCC Load Balancing (2 WAN PPPoE) + VLAN + FailOver Netwatch.rsc new file mode 100644 index 0000000..a5b7890 --- /dev/null +++ b/PCC Load Balancing (2 WAN PPPoE) + VLAN + FailOver Netwatch.rsc @@ -0,0 +1,124 @@ +# jul/22/2023 13:22:28 by RouterOS 7.9.2 +# software id = +# +/interface bridge +add name=Bridge-VLAN-TRUNKs +/interface pppoe-client +add disabled=no interface=ether1 name=pppoe-out1 user=ppp1 +add disabled=no interface=ether2 name=pppoe-out2 user=ppp2 +/interface vlan +add interface=Bridge-VLAN-TRUNKs name=vlan10 vlan-id=10 +add interface=Bridge-VLAN-TRUNKs name=vlan20 vlan-id=20 +/disk +set slot1 slot=slot1 type=hardware +/interface list +add name=Bridge-LAN +/interface wireless security-profiles +set [ find default=yes ] supplicant-identity=MikroTik +/ip pool +add name=dhcp_pool0 ranges=192.168.88.2-192.168.88.254 +add name=dhcp_pool1 ranges=10.10.10.2-10.10.10.254 +add name=dhcp_pool2 ranges=10.20.20.2-10.20.20.254 +/ip dhcp-server +add address-pool=dhcp_pool0 interface=Bridge-VLAN-TRUNKs lease-time=1d name=\ + dhcp1 +add address-pool=dhcp_pool1 interface=vlan10 lease-time=1d name=dhcp2 +add address-pool=dhcp_pool2 interface=vlan20 lease-time=1d name=dhcp3 +/port +set 0 name=serial0 +/routing table +add disabled=no fib name=via-ISP1 +add disabled=no fib name=via-ISP2 +/interface bridge port +add bridge=Bridge-VLAN-TRUNKs interface=ether5 +/interface list member +add interface=Bridge-VLAN-TRUNKs list=Bridge-LAN +add interface=vlan10 list=Bridge-LAN +add interface=vlan20 list=Bridge-LAN +/ip address +add address=192.168.88.1/24 interface=Bridge-VLAN-TRUNKs network=192.168.88.0 +add address=10.10.10.1/24 interface=vlan10 network=10.10.10.0 +add address=10.20.20.1/24 interface=vlan20 network=10.20.20.0 +/ip dhcp-server network +add address=10.10.10.0/24 dns-server=10.10.10.1 gateway=10.10.10.1 +add address=10.20.20.0/24 dns-server=10.20.20.1 gateway=10.20.20.1 +add address=192.168.88.0/24 dns-server=192.168.88.1 gateway=192.168.88.1 +/ip dns +set allow-remote-requests=yes servers=1.1.1.1,1.0.0.1 +/ip firewall address-list +add address=192.168.88.0/24 list=LAN +add address=10.10.10.0/24 list=LAN +add address=10.20.20.0/24 list=LAN +/ip firewall mangle +add action=accept chain=prerouting in-interface=pppoe-out1 +add action=accept chain=prerouting in-interface=pppoe-out2 +add action=accept chain=prerouting dst-address-list=LAN +add action=mark-connection chain=prerouting in-interface-list=Bridge-LAN \ + new-connection-mark=ISP1_Conn passthrough=yes per-connection-classifier=\ + both-addresses:2/0 +add action=mark-routing chain=prerouting connection-mark=ISP1_Conn \ + in-interface-list=Bridge-LAN new-routing-mark=via-ISP1 passthrough=no +add action=mark-connection chain=prerouting in-interface-list=Bridge-LAN \ + new-connection-mark=ISP2_Conn passthrough=yes per-connection-classifier=\ + both-addresses:2/1 +add action=mark-routing chain=prerouting connection-mark=ISP2_Conn \ + in-interface-list=Bridge-LAN new-routing-mark=via-ISP2 passthrough=no +add action=mark-connection chain=prerouting in-interface=pppoe-out1 \ + new-connection-mark=ISP1_Conn passthrough=yes +add action=mark-routing chain=output connection-mark=ISP1_Conn \ + new-routing-mark=via-ISP1 passthrough=no +add action=mark-connection chain=prerouting in-interface=pppoe-out2 \ + new-connection-mark=ISP2_Conn passthrough=yes +add action=mark-routing chain=output connection-mark=ISP2_Conn \ + new-routing-mark=via-ISP2 passthrough=no +/ip firewall nat +add action=masquerade chain=srcnat out-interface=pppoe-out1 +add action=masquerade chain=srcnat out-interface=pppoe-out2 +/ip route +add comment=via-ISP1_To_ISP1 disabled=no distance=1 dst-address=0.0.0.0/0 \ + gateway=pppoe-out1 pref-src="" routing-table=via-ISP1 scope=30 \ + suppress-hw-offload=no target-scope=10 +add comment=via-ISP2_To_ISP2 disabled=no distance=1 dst-address=0.0.0.0/0 \ + gateway=pppoe-out2 pref-src="" routing-table=via-ISP2 scope=30 \ + suppress-hw-offload=no target-scope=10 +add comment="Redirect via-ISP1 To ISP2" disabled=no distance=2 dst-address=\ + 0.0.0.0/0 gateway=pppoe-out2 pref-src="" routing-table=via-ISP1 scope=30 \ + suppress-hw-offload=no target-scope=10 +add comment="Redirect via-ISP2 To ISP1" disabled=no distance=2 dst-address=\ + 0.0.0.0/0 gateway=pppoe-out1 pref-src="" routing-table=via-ISP2 scope=30 \ + suppress-hw-offload=no target-scope=10 +add comment=To-ISP1 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\ + pppoe-out1 pref-src="" routing-table=main scope=30 suppress-hw-offload=no \ + target-scope=10 +add comment=To-ISP2 disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\ + pppoe-out2 pref-src="" routing-table=main scope=30 suppress-hw-offload=no \ + target-scope=10 +add comment="Netwatch ISP1 (Quad9 DNS)" disabled=no distance=1 dst-address=\ + 9.9.9.9/32 gateway=pppoe-out1 pref-src="" routing-table=main scope=30 \ + suppress-hw-offload=no target-scope=10 +add comment="Netwatch ISP2 (Google DNS)" disabled=no distance=1 dst-address=\ + 8.8.8.8/32 gateway=pppoe-out2 pref-src="" routing-table=main scope=30 \ + suppress-hw-offload=no target-scope=10 +/system identity +set name=R1 +/system note +set show-at-login=no +/tool netwatch +add comment=ISP1 disabled=no down-script="ip route disable [find comment=To-IS\ + P1]\r\ + \nip route disable [find comment=via-ISP1_To_ISP1]\r\ + \n:log warning \"ISP1 is down\"\r\ + \n/ip firewall connection remove [find]" host=9.9.9.9 http-codes="" \ + interval=10s test-script="" timeout=800ms type=simple up-script="ip route \ + enable [find comment=To-ISP1]\r\ + \nip route enable [find comment=via-ISP1_To_ISP1]\r\ + \n:log warning \"ISP1 is up\"" +add comment=ISP2 disabled=no down-script="ip route disable [find comment=To-IS\ + P2]\r\ + \nip route disable [find comment=via-ISP2_To_ISP2]\r\ + \n:log warning \"ISP1 is down\"\r\ + \n/ip firewall connection remove [find]" host=8.8.8.8 http-codes="" \ + interval=10s test-script="" timeout=800ms type=simple up-script="ip route \ + enable [find comment=To-ISP2]\r\ + \nip route enable [find comment=via-ISP2_To_ISP2]\r\ + \n:log warning \"ISP2 is up\""