MK Config2

/ ip address

add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=LAN

add address=192.168.88.2/24 network=192.168.88.0 broadcast=192.168.88.255 interface=WAN_MTN

add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN_AIRTEL
/ ip firewall mangle
add chain=prerouting dst-address=192.168.88.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=LAN
add chain=prerouting in-interface=WAN_MTN connection-mark=no-mark action=mark-connection \
new-connection-mark=WAN_MTN_conn
add chain=prerouting in-interface=WAN_AIRTEL connection-mark=no-mark action=mark-connection \
new-connection-mark=WAN_AIRTEL_conn
add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local \
per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-

mark=WAN_MTN_conn
add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local \
per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-

mark=WAN_AIRTEL_conn
add chain=prerouting connection-mark=WAN_MTN_conn in-interface=LAN action=mark-routing \
new-routing-mark=to_WAN_MTN
add chain=prerouting connection-mark=WAN_AIRTEL_conn in-interface=LAN action=mark-routing \
new-routing-mark=to_WAN_AIRTEL
add chain=output connection-mark=WAN_MTN_conn action=mark-routing new-routing-

mark=to_WAN_MTN
add chain=output connection-mark=WAN_AIRTEL_conn action=mark-routing new-routing-

mark=to_WAN_AIRTEL
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.88.1 routing-mark=to_WAN_MTN check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN_AIRTEL check-gateway=ping

add dst-address=0.0.0.0/0 gateway=192.168.88.1 distance=1 check-gateway=ping
/ ip firewall nat
add chain=srcnat out-interface=WAN_MTN action=masquerade
add chain=srcnat out-interface=WAN_AIRTEL action=masquerade
______
add chain=prerouting in-interface=WAN_AIRTEL connection-mark=no-mark action=mark-connection new-connection-mark=WAN_AIRTEL_conn
add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=WAN_MTN_conn

/ip
address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255
interface=Local
interface=WAN1
interface=WAN2
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-

udp-packet-size=512 servers=192.168.0.1,8.8.8.8
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-
mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-
mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-
mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-
mark=to_WAN2
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.88.0/24 action=accept in-interface=Local
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-
classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-
mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-
classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-
mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-
routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-
routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-
gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.88.1 routing-mark=to_WAN2 check-
gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
++++++++++++++++++++++++++++++++++++++++++++++++++++
PCC WITH FAILOVER
/interface set “ether1″ name=”ISP1”

set “ether2″ name=”ISP2”
set “ether3″ name=”LAN”
/ ip address
add address=192.168.30.2/30 interface=ISP1
add address=192.168.60.2/30 interface=ISP2
add address=10.10.70.1/24 interface=LAN
/ ip firewall mangle add chain=prerouting dst-address=192.168.30.0/30

action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.60.0/30 action=accept in-
interface=LAN
add chain=prerouting in-interface=ISP1 connection-mark=no-mark
action=mark-connection \
new-connection-mark=ISP1_conn
add chain=prerouting in-interface=ISP2 connection-mark=no-mark
action=mark-connection \
add chain=prerouting in-interface=LAN connection-mark=no-mark dst-
address-type=!local \
per-connection-classifier=both-addresses:2/0 action=mark-connection
add chain=prerouting in-interface=LAN connection-mark=no-mark dst-
address-type=!local \
per-connection-classifier=both-addresses:2/1 action=mark-connection
add chain=prerouting connection-mark=ISP1_conn in-interface=LAN
action=mark-routing \
new-routing-mark=to_ISP1
add chain=prerouting connection-mark=ISP2_conn in-interface=LAN
action=mark-routing \
new-routing-mark=to_ISP2
add chain=output connection-mark=ISP1_conn action=mark-routing new-
routing-mark=to_ISP1
add chain=output connection-mark=ISP2_conn action=mark-routing new-
routing-mark=to_ISP2
/ ip route add dst-address=0.0.0.0/0 gateway=192.168.30.1 routing-

mark=to_ISP1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.60.1 routing-mark=to_ISP2
check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.30.1 distance=1 check-
gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.60.1 distance=2 check-
gateway=ping
/ ip firewall nat add chain=srcnat out-interface=ISP1 action=masquerade
add chain=srcnat out-interface=ISP2 action=masquerade

MK Config2

Uploaded by

Copyright:

Available Formats

MK Config2

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

MK Config2

Uploaded by

Copyright:

Available Formats

/ ip address

add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=LAN

add address=192.168.88.2/24 network=192.168.88.0 broadcast=192.168.88.255 interface=WAN_MTN

add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN_AIRTEL

add chain=prerouting dst-address=192.168.88.0/24 action=accept in-interface=LAN

add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=LAN

add chain=prerouting in-interface=WAN_MTN connection-mark=no-mark action=mark-connection \

add chain=prerouting in-interface=WAN_AIRTEL connection-mark=no-mark action=mark-connection \

add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local \

per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-

add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local \

per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-

add chain=prerouting connection-mark=WAN_MTN_conn in-interface=LAN action=mark-routing \

add chain=prerouting connection-mark=WAN_AIRTEL_conn in-interface=LAN action=mark-routing \

add chain=output connection-mark=WAN_MTN_conn action=mark-routing new-routing-

add chain=output connection-mark=WAN_AIRTEL_conn action=mark-routing new-routing-

add dst-address=0.0.0.0/0 gateway=192.168.88.1 routing-mark=to_WAN_MTN check-gateway=ping

add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN_AIRTEL check-gateway=ping

add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=2 check-gateway=ping

add chain=srcnat out-interface=WAN_MTN action=masquerade

add chain=srcnat out-interface=WAN_AIRTEL action=masquerade

add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=WAN_MTN_conn

/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-

/interface set “ether1″ name=”ISP1”

/ ip firewall mangle add chain=prerouting dst-address=192.168.30.0/30

/ ip route add dst-address=0.0.0.0/0 gateway=192.168.30.1 routing-

/ ip firewall nat add chain=srcnat out-interface=ISP1 action=masquerade

add chain=srcnat out-interface=ISP2 action=masquerade

You might also like