Záložní konektivita (2 ISP v jednom routeru) bez kontroly default gw a se skriptem - resi poradi bran. ether1 - primarni ISP ether5 - sekundarni zalozni ISP pro testovani funkcni primarni linky se pouziva sekundarni google dns (8.8.4.4), ktere je dostupne JEN pres primarni konektivitu predpoklada se, ze je na kazdem WAN interface pouze jedna ip adresa /ip address add address=10.11.23.10/24 comment=primarni-isp interface=ether1 network=10.11.23.0 /ip address add address=172.16.23.20/24 comment=zalozni-isp interface=ether5 network=172.16.23.0 /ip route add distance=1 gateway=10.11.23.1 /ip route add distance=10 gateway=192.168.8.1 /ip route add distance=1 dst-address=8.8.4.4/32 gateway=10.11.23.1 /ip firewall nat add action=masquerade chain=srcnat comment="primarni-isp: masquerade" out-interface=ether1 /ip firewall nat add action=masquerade chain=srcnat comment="sekundarni-isp: masquerade" out-interface=ether5 Po priprave tohoto nastaveni je potreba vlozit tento skript do scheduleru: system > scheduler, skript vlozte sem a nastavte, aby se vykonaval treba kazdych 10 sekund # Please fill the WAN interface names :local InterfaceISP1 ether1 :local InterfaceISP2 ether5 # Please fill the ping check host - currently: secondary dns google :local PingTarget 8.8.4.4 # Please fill how many ping failures are allowed before fail-over happends :local FailTreshold 3 # Editing the script after this point may break it # -------------- stop editing here -------------- # Declare the global variables :global PingFailCountISP1 :global PingFailCountISP2 # This inicializes the PingFailCount variables, in case this is the 1st time the script has ran :if ([:typeof $PingFailCountISP1] = "nothing") do={:set PingFailCountISP1 0} :if ([:typeof $PingFailCountISP2] = "nothing") do={:set PingFailCountISP2 0} # This variable will be used to keep results of individual ping attempts :local PingResult # Check ISP1 :set PingResult [ping $PingTarget count=1 interface=$InterfaceISP1] :put $PingResult :if ($PingResult = 0) do={ :if ($PingFailCountISP1 < ($FailTreshold+2)) do={ :set PingFailCountISP1 ($PingFailCountISP1 + 1) :if ($PingFailCountISP1 = $FailTreshold) do={ :log warning "ISP1 has a problem en route to $PingTarget - increasing distance of routes." /ip route set 0 distance=10 /ip route set 1 distance=1 /ip firewall connection {remove [find]} :log warning "isp 2 ACTIVE." } } } :if ($PingResult = 1) do={ :if ($PingFailCountISP1 > 0) do={ :set PingFailCountISP1 ($PingFailCountISP1 - 1) :if ($PingFailCountISP1 = ($FailTreshold -1)) do={ :log warning "ISP1 can reach $PingTarget again - bringing back original distance of routes." /ip route set 0 distance=1 /ip route set 1 distance=10 /ip firewall connection {remove [find]} :log warning "spoje-net ACTIVE, disable backup isp." } } } V pripade nedostupnosti 8.8.4.4 se provede prohozeni priorit u vychozi brany tak aby se uprednostinila zalozni konektivita a nasledne se vymaze connection tabulka (jinak se zmena neprojevi pro jiz navazana spojeni !!!) V pripade, ze primarni konektivita opet naskoci, provede to stejne v obracenem poradi.