Organizations are heavily dependent on internet to get their jobs done these days. With everything going cloud, there is no room for internet downtime, especially for cooperate organisations. The onus is now on network administrators to implement policies on carefully designed networks to keep business operations running, no matter what. In this demonstration, I will be sharing with us on how we can use the Mikrotik netwatch in combination with a simple script to achieve automatic failover in a dual ISP setup on Mikrotik.
With a default route already pointing to ISP-1, netwatch will automatically set the default route to ISP-2 once ISP-1 becomes unreachable and will return authority to ISP-1 whenever it becomes available. To accomplish this, we need to enter the following commands in the new-terminal window of our Mikrotik router, assuming all basic configurations have been done and connectivity has been established to those ISPs.
Image showing dual connections
[[email protected]] system script> add name=gw_1 source={/ip route set {… [/ip route find dst 0.0.0.0] gateway 197.255.240.55}
This command creates a script named gw_1 with command to set the default route to 197.255.240.55, which is ISP-1
[[email protected]] system script> add name=gw_2 source={/ip route set {.. [/ip route find dst 0.0.0.0] gateway 197.210.43.44}
This command creates a script named gw_2 with command to set the default route to 197.210.43.44, which is ISP-2
This line initiates a ping to 197.210.240.55, the gatew through ISP-1. The pings will be set at 10 seconds interval and at latency below 998 milliseconds, the link is considered up and the script gw_1 will be executed, otherwise, the script gw_2 will be executed. The script gw_1 sets the gateway to ISP-1 while gw_2 sets the gateway to ISP-2 .
For this to work effectively as intended, we need to make sure that pings used to test the reachability of ISP-1 one is not sent through ISP-2. To do this, we will create a firewall rule to block all icmp traffics to ISP-1 gateway through the interface connecting to ISP-2
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
Advertising
This site uses functional cookies and external scripts to improve your experience.