| /ip firewall nat |
| add chain=srcnat out-interface=ether1 action=masquerade comment="lbpcc" |
| add chain=srcnat out-interface=ether2 action=masquerade comment="lbpcc" |
| /ip firewall mangle |
| add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether1 new-connection-mark=CM-WAN1 passthrough=yes hotspot=auth comment="lbpcc" |
| add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether2 new-connection-mark=CM-WAN2 passthrough=yes hotspot=auth comment="lbpcc" |
| add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=ether3 hotspot=auth comment="lbpcc-wan1" |
| add chain=prerouting dst-address=192.168.0.0/24 action=accept in-interface=ether3 hotspot=auth comment="lbpcc-wan2" |
| add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether3 new-connection-mark=CM-WAN1 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 dst-address-type=!local hotspot=auth comment="lbpcc" |
| add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether3 new-connection-mark=CM-WAN2 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 dst-address-type=!local hotspot=auth comment="lbpcc" |
| add action=mark-routing chain=prerouting connection-mark=CM-WAN1 in-interface=ether3 new-routing-mark=RM-WAN1 passthrough=yes hotspot=auth comment="lbpcc" |
| add action=mark-routing chain=prerouting connection-mark=CM-WAN2 in-interface=ether3 new-routing-mark=RM-WAN2 passthrough=yes hotspot=auth comment="lbpcc" |
| add action=mark-routing chain=output connection-mark=CM-WAN1 new-routing-mark=RM-WAN1 passthrough=yes hotspot=auth comment="lbpcc" |
| add action=mark-routing chain=output connection-mark=CM-WAN2 new-routing-mark=RM-WAN2 passthrough=yes hotspot=auth comment="lbpcc" |
| /ip route |
| add check-gateway=ping distance=1 gateway=192.168.1.1 routing-mark=RM-WAN1 comment="WAN1" |
| add check-gateway=ping distance=1 gateway=192.168.0.1 routing-mark=RM-WAN2 comment="WAN2" |
| add check-gateway=ping distance=1 gateway=192.168.1.1 comment="WAN1" |
| add check-gateway=ping distance=2 gateway=192.168.0.1 comment="WAN2" |