Policy Based Routing + Failover - RouterOS v7
Вставка
- Опубліковано 17 жов 2024
- #mikrotik #routeros7 #mikrotikTutorial
Policy based routing (PBR) is a technique that forwards and routes data packets based on policies or filters. In this video, we will configure PBR from scratch in RouterOS v7.
Menu
0:00 Introduction
Network Diagram + Config Backups at
thenetworktrip...
Check more videos on my channel
/ @thenetworktrip
Connect with Wilmer Almazan
LinkedIN: / wilmeralmazan
Facebook: / nsswilmeralmazan
Twitter: / wilmer_almazan
Instagram: / wilmer_almazan
Personal Blog: thenetworktrip...
mikrotik
routeros 7
ospf
mtcna
mtcre
cybersecurity
routing
cloud computing
virtualization
switching
network automation
spent two days trying to get this to work, After slowly watching your video it worked perfectly! THANK YOU!!
Great to hear!
@@TheNetworkTrip thanks for your reply. Actually, i want four or five computer in the same network 192.168.0.0/24 using PBR to WAN2, when WAN2 link fail go to WAN1 link like this, Sir. Could you please ping me the link if you able to help me, Sir?
Very detailed explanation.
When I tried to make a similar configuration, everything immediately worked as it should. Great educational video!👍
Thank you, your explanation is very easy to understand,
Glad to hear that!
beautiful . i have been seeing this but did not take a look at it until today
Thanks!
Very clear and easy to understand. thank you for sharing this information..
Glad it was helpful!
Very informative and useful. Please more videos about policy routing, especially about routing rules possibly. Thanks
Thank You! This video was very helpfull. Thank You again and hope to see more interesting movies.
I'm glad to hear that. Thank you!
Can you explain more about failover? In some conditions, it happens that the gateway from the modem is active, but the internet connection coming from the ISP is experiencing problems.
In this video, the router only checks the ping to the gateway, without knowing whether the gateway has an active internet connection.
Hello!
We can add recursive routing to monitor an IP beyond the connected gateway. I’ve explained that process on the following video: Recursive Routing + Failover - Mikrotik RouterOS v7
ua-cam.com/video/eTmpBAAW_pQ/v-deo.html
Dziękuje bardzo za dobry film !
Hi! Wilmer, In the mangle prerouting configuration in the extra tab dst address type=local can you still select local and deny it?

Yes, absolutely
thank you very much for your response. The thing is that only by enabling that option can my local IP addresses access my web server, but I don't understand why? I would like to know how that option behaves. I would like to understand it, but if it is something that requires consulting and payment, how can we do it?
Thanks for this, you got me motivated to try it out. I did it on a RB952-Ui-xxxx with v7.8 and the marked traffic is deadly slow even though CPU usage is in the single digits. I’m going to try it on a better router to see how it performs.
Hello!
It should work fine in any model. Something else should be affecting in your RB952
@@TheNetworkTripFasttrack was the issue, firewall forward rules in and out before fasttrack rule solved it.
Thank you very much! Very informative tutorial. Great work!
Thanks!
Thank you man, it was a great video and a good class. Keep going 💪
Thank you 😃
Al fin pude configurar mi RB en modo PBR, te agradezco mucho, saludos!
Hi i have 2 routers 1st router is core, and the 2nd is access concentrator, i put my isp 1 and 2 in my core router, and i connect router 2 using ospf, how can i configure PBR? thank you
Hello!
The PBR rules must be placed on the core router since it’s the point where traffic is sent out to the internet.
gracias por compartir la info ya logre configurar en modo PBR, saludos
Okay now Lets say ISP2 is a cable ISP with dynamic ISP. The Default route created always switches to the new gateway and new IP address but the policy Route with FIB will not change its gateway as it was created manually. How will this get updated??
Hello!
In you scenario, you will require a script to monitor the current gateway and update the route whenever it changes. I will create a video about that.
Please! Most possible real life situation when ISP 1 is static and wired (ether1) and ISP 2 is LTE or other dynamic IP connection (ether2 or internal LTE). How to manage this situation in ROS7x correctly?@@TheNetworkTrip
Good explanation
Thanks and welcome
Спасибо!
muchas gracias por el video!!
Thank you for the great discussion good sir. Unfortunately, my WANs are directly connected to my Mikrotik so it will always have a connection even without internet. May I ask how I could apply this on my system?
Hello, thank you. You can use recursive routing to monitor if the WAN connection has access to Internet. I have a video about it on my channel: ua-cam.com/video/eTmpBAAW_pQ/v-deo.html
Hello
i.e. if you excluded lan addresses, you don't need to specify in.interface ether3 ?
Hello, it's still required because the traffic coming from Internet must not be excluded.
Greetings The Network Trip, thank you very much for the tutorial, and all the knowledge you share with Mikrotik enthusiasts, I wanted to ask a very specific question:
When making this configuration, there is a problem if only the Mangle part of the backup WAN2 is configured, of course without omitting the Routes part so that the failover works properly. Thank you!
Hello Ricardo,
No problem at all. The traffic without routing-marks will use the main routing table.
Thank you, I like your Videos.
So nice
Hello, could you please provide guidelines how to use port forwording + recursive routing to avoid to check ping the ISP gateway but a public ip address. Thank you. Amazing Video !
Hi Christos, my video about port-forwarding can solve that part of your requirement: ua-cam.com/video/-kNHtlOb5n0/v-deo.html. Then, the logic behind recursive routes is similar to the process explained in this video (just ignoring the PBR and routing tables): ua-cam.com/video/JWSfC_7p1yU/v-deo.html
I will create a video on failover + recursive routing only.
@@TheNetworkTrip hello yes I just watching both videos to combine .
Recursive routing failover and port forwarding and in case of PPC will be easy because I saw in comments many colleagues request the full package. Never mind you are amazing I am happy to see videos true ambassador of MikroTik !!
@@christosaivazoglou5860 Good point, I'll do that.
@@TheNetworkTrip I will wait you and then configure me two pending warehouses to avoid to buy 2K euro Fortinet router for a single kibo
One again,
You are amazing
brother kindly make a video PBR +Failover + Recursive Routing
hi wilmer what happened to your VRRP video?
Good work sir. , how about separating traffic on pppoe clients based on their profile(ip pool) sir? Lets say I have two mikrotik routers R1(core) and R2(pppoe server). Thank you so much sir
Hi Michael, thank you
You can add the address-list in the PPPoE profile.
Which one is better for PPPoE? PBR or Load Balancing?
Gracias maestro, me tuve que venir a su canal en inglés para ver cómo se hace completamente el PBR en v7 😂😂😂
Thank you very much..
All your video it's very helpful. Thanks.
Please think about how to configure Load balancing PCC + Fail over on RouterOS v7
Hi, thank you
My next video is about Failover + Recursive Routing. PCC is coming soon!
Good work!!!
Thank you, I'm glad you liked it
It looks like ROS v6 works differently about prerouting and firstly checks accessible routes before applying mangle rules. So the PBR rule can work well in ROS v6 without explicitly excluding dest private networks
i need to configure my router with policy based routing and external host for fail over bro kindly make a video according this scenario thanks alot
Could you please assist me step by step guide for this lab with snap shot pictures if possible? Sir, Hopefully, you can. Thank you, Sir
Hello!
You can get that behaviour by pausing the video at every step. The video is giving you the full picture, but you can go slowly if you wish.
Good luck!
16:59 what if I have several networks on several interfaces?
You can use an interface-list instead of a single interface (interface/list)
How would work port forwarding after you set pbr?
Excellent video!, thank you for share it.
I´ve a inverse situation: 1 isp and 2 routes to same ip subnet but different interfaces: a bridge and vlan interface. The vlan interface make possible a trunk link with a Cisco switch, where are PCs of the same ip subnet of bridge in Mikrotik RB. I mean, the same ip subnet has 2 routes and none PC work, obsviously. PBR may be the solution?
Greetings.. sir can you make a video how to separate social media and videos to ISP1 and other traffics goes to ISP2..
something like this video brother sorry for disturb you again and again
Muchas gracias por el video.
Gracias!