Dual WAN Failover MikroTik

This is a recursive routing and scopes method for advanced failover configuration.

 

We will work on:

a) IP > Routes

In the version 7, Routing Mark can be created on Routing > Tables

b) IP > Routes > Rules

In the version 7  it's:  Routing > Rules

c)  Tools > Email

d) Tools > Netwatch

 

 Let's Start !

 

Collect the ISP gateway IP addresses first.

For the PPPoE connection you can use the  gateway ip from IP > Routes, the Dynamic IP on the "Dst. Address" column for the pppoe line is the Gateway IP.

 

Now, assume that the Gateway IPs is as below:

ISP-1 Gateway: 172.27.70.9 (pppoe-out1)
ISP-2 Gateway: 172.16.53.36 (pppoe-out2)

 

1)  IP > Routes

Disable "Add Default Route" in the DHCP Client or PPPoE interface. Delete all static routes if existing.

 

/ip/route/ 

add dst-address=8.8.4.4 distance=1 scope=10 target-scope=10 gateway=172.27.70.9
add dst-address=1.0.0.1 distance=2 scope=10 target-scope=10 gateway=172.27.70.9

add distance=3 gateway=8.8.4.4 target-scope=11 check-gateway=ping comment="Primary ISP (1st check)"
add distance=4 gateway=1.0.0.1 target-scope=11 check-gateway=ping comment="Primary ISP (2nd check)"

add distance=5 gateway=pppoe-out2 (172.16.53.36) check-gateway=ping comment="Backup ISP"

 

* Create routing mark for the next step 

add distance=6 gateway=pppoe-out1 routing-mark=primary_line

add distance=7 gateway=pppoe-out2 routing-mark=backup_line

For v7 MikroTik, create routing mark name first on Routing > Tables 

 

2) IP > Routes > Rules (v7 = Routing > Rules)

Set destination address fixed with an specific gateway.

 

Dst. Address = 9.9.9.9
Action = lookup only in table
Table = primary_line

 

Dst. Address = 208.67.222.222
Action = lookup only in table
Table = backup_line

 

3)  Tools > Email

Firstly, login to your Gmail account. Setup two-step verification in your Gmail account security settings. Then create "App Password" from your Gmail account security settings (https://myaccount.google.com/apppasswords) to use the app password in MikroTik Email settings.

 Server = smtp.gmail.com
 Port = 587
 Start TLS = yes
 From = "MikroTik Router" <youremailaddress@gmail.com>
 User = youremailaddress@gmail.com
 Password = ********** (app password)

Apply the settings to send emails from MikroTik systemwide.

 

4)  Tools > Netwatch

 

* Create a new Netwatch for primary line down notification:

Host = 9.9.9.9
Interval = 00:10:02
Timeout = 1000

Down script:

# Collecting Uptime and creating a variable

:local uptime [/system resource get uptime]

# Condition: Link down notifications will be sent only if the uptime is more than 5 minutes
# This prevents mass email sending for every reboot or unexpected shutdown

:if ($uptime > 5m) do={

    :local date [/system clock get date]
    :local time [/system clock get time]
    :local ispname "Main Line Primary ISP"

    :log info "Netwatch: $ispname is Down"
    :log info "Netwatch: Main line down notice sent to youremailaddress@gmail.com"

    # A small delay has been added to avoid link flapping

    :delay 15s

    /tool e-mail send to="youremailaddress@gmail.com" subject="Internet \"$ispname\" is DOWN at $time $date" body="Internet \"$ispname\" is down at $time , $date .

Attention! Please check the primary fiber line immediately! You can also check the PPPoE gateway IP if changed on IP>Routes.

If necessary, please contact your ISP.

The router is currently operating on the backup line."

}

 

* Create another new Netwatch for backup line down notification:

Host = 208.67.222.222
Interval = 00:18:06
Timeout = 1000

Down script:

 

# Collecting Uptime and creating a variable

:local uptime [/system resource get uptime]

# Condition: Link down notifications will be sent only if the uptime is more than 5 minutes
# This prevents mass email sending for every reboot or unexpected shutdown

:if ($uptime > 5m) do={

    :local date [/system clock get date]
    :local time [/system clock get time]
    :local ispname "Backup Line Secondary ISP"

    :log info "Netwatch: $ispname is Down"
    :log info "Netwatch: Backup line down notice sent to youremailaddress@gmail.com"

    # A small delay has been added to avoid link flapping

    :delay 23s

    /tool e-mail send to="youremailaddress@gmail.com" subject="Internet \"$ispname\" is DOWN at $time $date" body="Internet \"$ispname\" is down at $time , $date .

Attention! Please check the backup line immediately! You can also check the PPPoE gateway IP if changed on IP>Routes.

If necessary, please contact your ISP.

The router is currently operating on the primary line."

}