Source : https://datahunter.org/node/2595/revisions/13095/view
[1] 額外加兩條 Route
/ip route add check-gateway=ping distance=1 gateway=192.168.88.1 routing-mark=ISP1_Route add check-gateway=ping distance=1 gateway=192.168.10.1 routing-mark=ISP2_Route
[2] 用來略過 [3~N] 的 rule (防 loop 死)
/ip firewall address-list add address=192.168.88.0/24 list=Connected add address=192.168.10.0/24 list=Connected add address=192.168.8.0/24 list=Connected
/ip firewall mangle
add action=accept chain=prerouting comment="Connected Network" \
dst-address-list=Connected src-address-list=Connected
[3] Wan to ROS
add action=mark-connection chain=input connection-mark=no-mark \
in-interface=ISP_1 new-connection-mark=WAN1->ROS passthrough=yes \
comment=WAN->ROS
add action=mark-connection chain=input connection-mark=no-mark \
in-interface=ISP_2 new-connection-mark=WAN2->ROS passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1->ROS \
new-routing-mark=ISP1_Route passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2->ROS \
new-routing-mark=ISP2_Route passthrough=yes
[4] Wan to Lan (For DNAT)
add action=mark-connection chain=forward connection-mark=no-mark \
in-interface=ISP_1 new-connection-mark=WAN1->LAN passthrough=yes \
comment=WAN->LAN
add action=mark-connection chain=forward connection-mark=no-mark \
in-interface=ISP_2 new-connection-mark=WAN2->LAN passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN1->LAN \
in-interface=LAN new-routing-mark=ISP1_Route passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2->LAN \
in-interface=LAN new-routing-mark=ISP2_Route passthrough=yes