Static Route how to route all traffic to one device?

[Dixit]

High level here is my network breakdown between two house. I basically have two Mikrotik SXT antennas that allow me to keep the two houses connected and do that by running a static route on each respective Asus Router. So for 1750 side, I have a static route setup like this: Network/Host=192.168.2.0 Subnet 255.255.255.0 Gateway=192.168.0.50. So that basically tells it anything with the 192.168.2.x network shoot it to my local SXT which will then send it across to the other side, and same thing vice versa

What Im looking to figure out is to send ALL traffic in case of ISP failure on any side. We had this happen earlier and couldnt figure this out easily. I tried to do a static route of 0.0.0.0 on the Network Host and 0.0.0.0 Subnet but that doesnt work. Tried a few different combos but couldnt get anything to use the Mikrotik link when we had the outage.

Whats the best way in the event of an ISP failure on either side, to tell the Asus (I dont mind manually adding the route during that time) to route all traffic through the "SNET" which is basically my Mikrotik antennas and therefore essentially leach off the other house temporarily until the ISP is back up.

Thanks
Dixit

 

[ColinTaylor]

Just a thought. Perhaps you could setup each Asus as dual WAN devices in failover mode. I don't know the specifics as it's not something that I've tried.

 

[Dixit]

Just a thought. Perhaps you could setup each Asus as dual WAN devices in failover mode. I don't know the specifics as it's not something that I've tried.

We tried this awhile ago but not usable for us here mainly because this link is also used to access each others internal LAN network for other purpose. With Dual WAN on failover, when the main WAN link/ISP is up, it doesnt allow any traffic across the secondary WAN setup, I believe also it doesnt listen to or pay attention to the Static Route either because its now under the WAN side.

 

[MichaelCG]

Where did you put the routes at? With this setup as drawn, I see multiple places that routing changes would need to be made during times of failure.

#1.) The local PC in a failed location will need to have default route pointed to the local Mikrotik
-- this could also potentially be the local ASUS instead of the local PC
#2.) The Mikrotik will also need to have a default route updated to point to the far side Mikrotik

What this comes down to is making sure that any Layer3 hop in the network has a full routing path for the traffic your are trying to flow through it.

How do your clients know how to route to the other house?
** static routes on the client to point to the Mikrotik?
** static routes on the Asus to point to the Mikrotik?

 

[Dixit]

Where did you put the routes at? With this setup as drawn, I see multiple places that routing changes would need to be made during times of failure.

#1.) The local PC in a failed location will need to have default route pointed to the local Mikrotik
-- this could also potentially be the local ASUS instead of the local PC
#2.) The Mikrotik will also need to have a default route updated to point to the far side Mikrotik

What this comes down to is making sure that any Layer3 hop in the network has a full routing path for the traffic your are trying to flow through it.

How do your clients know how to route to the other house?
** static routes on the client to point to the Mikrotik?
** static routes on the Asus to point to the Mikrotik?

The route right now is added in the LAN/Route tab of the Asus. So for example for the 1750 Asus, under LAN/ Route, I have a single route that states: Network/HostIP=192.168.2.0, Netmask=255.255.255.0, Gateway=192.168.0.50, Interface=LAN.

For the 2744 Asus, its basically the same route with the opposite side IPs, so that one says the following:
Network/HostIP=192.168.0.0, Netmask=255.255.255.0, Gateway=192.168.2.50, Interface=LAN.

So that is essentially how the clients get routed, from the 2744 side, if there is a client looking to say connect to my plex server on the 1750 side, it knows that IP is a 192.168.0.x based, and therefore 2744 Asus routes it over to the 1750 side of the house, and similar vice versa, so client doesnt really know, the Asus takes care of it for the client.

What I wanted is now when the ISP on one side goes down, how can I simply route ALL traffic to the other side? I cant use the Primary/Secondary WAN option as mentioned because it doesnt allow routes to work as it marks it as a WAN. Id rather do it on the Asus side that way its client agnostic as well. When this happened a few days ago, I was able to get a client on the 2744 side (a windows10 desktop) to use the other side by simply changing its GATEWAY IP in windows networking to 192.168.0.1 vs what it had which was 192.168.2.1 (which is its local 2744 Asus). So that caused it to send all traffic to 192.168.0.x network side, but again that means it has to be done on each and every client when that happens, which gets cumbersome and hard when you talking about devices that dont easily support it like smart devices (yes most do static options, but its a pain to configure those).

Dixit

 

[MichaelCG]

I don't understand how it could have been possible to change your default gateway on a client at 2744 to point to 192.168.0.1...IP networking doesn't work that way. You cannot point to a gateway that doesn't reside on your local subnet. If the PC can't ARP for the address, it can't be its default gateway. ARP doesn't traverse Layer3 segments, it stays only on the local Layer2 segment. So the only gateway options a client at 2744 will have is either 192.168.2.1 or 192.168.2.50. So without changing the IP of the client itself, I don't see how this was possible.

Are the SXT boxes routers or just bridges?

Guessing you won't be able to modify the default route via the ASUS GUI...have you tried via the CLI?

 

[Dixit]

The SXTs are not Routers, they are simply Wireless APs in a sense. They are capable of routing as most Mikrtotiks are but not using that here. Im simply using it as a means to connect the two houses which are above 650ft apart with higher powered focused antennas. So essentially they are just bridges. Whatever traffic you send it, it will just relay to the other side.

By me changing the PC on the 2744 side in Windows 10 to manually point to 192.168.0.1 as its gateway definitely worked as I believe the Mikrotiks are just bridges, they dont block any traffic (except I specifically have a rule to block DHCP requests because sometimes randomly DHCP could be assigned by wrong side because DHCP requests are broadcasted and without the block, sometimes the other side would serve up the IP request, such as a PC/Device on 2744 side could get an DHCP from the 1750 Asus) and just relay packets across.

I never changed the default route via CLI, I thought there was a way (and for some reason I swear I got this to work once) via UI.

 

[coxhaus]

The term you guys are looking for is "gateway of last resort". This exist in Cisco equipment for fail over.

 

[ColinTaylor]

The term you guys are looking for is "gateway of last resort". This exist in Cisco equipment for fail over.

How is that different from a default gateway being discussed here?

https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/16448-default.html

EDIT: OK I get it. Cisco is setting a default network rather than a default gateway.

 

[coxhaus]

How is that different from a default gateway being discussed here?

https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/16448-default.html

EDIT: OK I get it. Cisco is setting a default network rather than a default gateway.

I think I am wrong. There is another term for alternate route and I got them mixed up.

It sounded good though.

http://configureterminal.com/gateway-of-last-resort-vs-default-gateway/

 

[MichaelCG]

Default route, Gateway of Last Resort (GoLR), zero route....all the same thing for the most part. Routing protocol or not...it is where it will send traffic if there is not a more specific route available. If you want to get into specific use cases like the Cisco example...yes there could be some differences depending on the specific scenario.

 

[Dixit]

So looking at my routing table, the highlighted one is my route for the Mikrotiks (to the other house). Im assuming I need to somehow change the other 3 maybe via the CLI when I need to force it to the other side all traffic wise?

Sounds like maybe just remove all of them when it happens, and create one for all traffic to the Mikrotik?

Dixit

 

[MichaelCG]

The only route that matters in the scenario you describe is the very last one named "default". That is where the router will send any traffic that it doesn't have a more specific route for. What I don't know is if the ASUS will let you send the default out the LAN interface instead of the WAN. I don't have my ASUS equipment anymore so I can't test it myself.

 

[Rolo]

I did something similar a couple of decades ago when I had cable and DSL. You switch your connection by switching your default gateway. You can experiment with multiple gateways and assigning costs to them but I didn't have any luck with consistency and instead clicked on a script when I wanted to manually switch.

Since you have the same ISP for both locations and they're FTTH, I'd expect an outage would affect both equally, making this more of an exercise than anything of practical utility (not that I'm against such a thing but affects how much time one is willing to spend on it).

Knowing specifics about your SXTs would help with determining your options, like whether they can actually bridge (not "essentially" bridge but can be configured as an actual Ethernet bridge)--since you have different subnets, you're routing.

Bridging would create more traffic on the wireless link, may not be a good idea unless you wanted to put both locations on one LAN

Putting the SXT as a backup WAN interface sounds like a good option if you aren't using LAN services between the two locations (House A's Router WAN2 interface would be a DHCP client of House B's router and vice-versa)

What did you use to make your drawing? I'm looking for a free Visio replacement.