Mikrotik Multi WAN Loadbalance NTH with Failover [Netwatch PublicDNS]
Published in
2 min readApr 6, 2017
/ip address
add address=192.168.0.1/24 interface=local network=192.168.0.0
add address=10.111.111.2/24 interface=wan1 network=10.111.111.0
add address=10.222.222.2/24 interface=wan2 network=10.222.222.0/ip firewall mangle
add action=mark-connection chain=prerouting in-interface=local\
new-connection-mark=wan1 passthrough=yes src-address-list=wan1
add action=mark-routing chain=prerouting in-interface=local\
new-routing-mark=wan1 passthrough=no src-address-list=wan1
add action=mark-connection chain=prerouting in-interface=local\
new-connection-mark=wan2 passthrough=yes src-address-list=wan2
add action=mark-routing chain=prerouting in-interface=local\
new-routing-mark=wan2 passthrough=no src-address-list=wan2
add action=mark-connection chain=prerouting connection-state=new\
in-interface=local new-connection-mark=wan1 nth=2,1 passthrough=yes
add action=add-src-to-address-list address-list=wan1\
address-list-timeout=1d chain=prerouting connection-mark=wan1\
in-interface=local
add action=mark-routing chain=prerouting connection-mark=wan1\
in-interface=local new-routing-mark=wan1 passthrough=no
add action=mark-connection chain=prerouting connection-state=new\
in-interface=local new-connection-mark=wan2 nth=2,2 passthrough=yes
add action=add-src-to-address-list address-list=wan2\
address-list-timeout=1d chain=prerouting connection-mark=wan2\
in-interface=local
add action=mark-routing chain=prerouting connection-mark=wan2\
in-interface=local new-routing-mark=wan2 passthrough=no/ip firewall nat
add action=masquerade chain=srcnat out-interface=wan1
add action=masquerade chain=srcnat out-interface=wan2/ip route
add check-gateway=ping comment="wan1" distance=1\
gateway=10.111.111.1 routing-mark=wan1 scope=255
add check-gateway=ping comment="wan2" distance=1\
gateway=10.222.222.1 routing-mark=wan2 scope=255
add check-gateway=ping comment="wan1" distance=2\
gateway=10.111.111.1 routing-mark=wan2 scope=255
add check-gateway=ping comment="wan2" distance=2\
gateway=10.222.222.1 routing-mark=wan1 scope=255
add check-gateway=ping distance=1 gateway=10.111.111.1 scope=255
add check-gateway=ping distance=2 gateway=10.222.222.1 scope=255
add comment="netwatch opendns wan1" distance=1\
dst-address=208.67.222.222/32 gateway=10.111.111.1
add comment="netwatch opendns wan2" distance=1\
dst-address=208.67.220.220/32 gateway=10.222.222.1/tool netwatch
add down-script="/ip route disable [find comment=wan1]"\
host=208.67.222.222 up-script="/ip route enable [find comment=wan1]"
add down-script="/ip route disable [find comment=wan2]"\
host=208.67.220.220 up-script="/ip route enable [find comment=wan2]"
สุดท้ายนี้ (พื้นที่โฆษณาเล็กน้อย)
ถ้าหากท่านติดปัญหาด้านใดเกี่ยวกับเรื่อง Network อย่าลังเลที่จะติดต่อเรา
“ นึกถึงเน็ตเวิร์คนึกถึงเน็กฮอป ” Next-Hop Software and Network Solution
