PCC Load Balancing (2 WAN PPPoE) + VLAN + FailOver Netwatch.rsc

# jul/22/2023 13:22:28 by RouterOS 7.9.2
# software id = 
#
/interface bridge
add name=Bridge-VLAN-TRUNKs
/interface pppoe-client
add disabled=no interface=ether1 name=pppoe-out1 user=ppp1
add disabled=no interface=ether2 name=pppoe-out2 user=ppp2
/interface vlan
add interface=Bridge-VLAN-TRUNKs name=vlan10 vlan-id=10
add interface=Bridge-VLAN-TRUNKs name=vlan20 vlan-id=20
/disk
set slot1 slot=slot1 type=hardware
/interface list
add name=Bridge-LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=192.168.88.2-192.168.88.254
add name=dhcp_pool1 ranges=10.10.10.2-10.10.10.254
add name=dhcp_pool2 ranges=10.20.20.2-10.20.20.254
/ip dhcp-server
add address-pool=dhcp_pool0 interface=Bridge-VLAN-TRUNKs lease-time=1d name=\
    dhcp1
add address-pool=dhcp_pool1 interface=vlan10 lease-time=1d name=dhcp2
add address-pool=dhcp_pool2 interface=vlan20 lease-time=1d name=dhcp3
/port
set 0 name=serial0
/routing table
add disabled=no fib name=via-ISP1
add disabled=no fib name=via-ISP2
/interface bridge port
add bridge=Bridge-VLAN-TRUNKs interface=ether5
/interface list member
add interface=Bridge-VLAN-TRUNKs list=Bridge-LAN
add interface=vlan10 list=Bridge-LAN
add interface=vlan20 list=Bridge-LAN
/ip address
add address=192.168.88.1/24 interface=Bridge-VLAN-TRUNKs network=192.168.88.0
add address=10.10.10.1/24 interface=vlan10 network=10.10.10.0
add address=10.20.20.1/24 interface=vlan20 network=10.20.20.0
/ip dhcp-server network
add address=10.10.10.0/24 dns-server=10.10.10.1 gateway=10.10.10.1
add address=10.20.20.0/24 dns-server=10.20.20.1 gateway=10.20.20.1
add address=192.168.88.0/24 dns-server=192.168.88.1 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=1.1.1.1,1.0.0.1
/ip firewall address-list
add address=192.168.88.0/24 list=LAN
add address=10.10.10.0/24 list=LAN
add address=10.20.20.0/24 list=LAN
/ip firewall mangle
add action=accept chain=prerouting in-interface=pppoe-out1
add action=accept chain=prerouting in-interface=pppoe-out2
add action=accept chain=prerouting dst-address-list=LAN
add action=mark-connection chain=prerouting in-interface-list=Bridge-LAN \
    new-connection-mark=ISP1_Conn passthrough=yes per-connection-classifier=\
    both-addresses:2/0
add action=mark-routing chain=prerouting connection-mark=ISP1_Conn \
    in-interface-list=Bridge-LAN new-routing-mark=via-ISP1 passthrough=no
add action=mark-connection chain=prerouting in-interface-list=Bridge-LAN \
    new-connection-mark=ISP2_Conn passthrough=yes per-connection-classifier=\
    both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=ISP2_Conn \
    in-interface-list=Bridge-LAN new-routing-mark=via-ISP2 passthrough=no
add action=mark-connection chain=prerouting in-interface=pppoe-out1 \
    new-connection-mark=ISP1_Conn passthrough=yes
add action=mark-routing chain=output connection-mark=ISP1_Conn \
    new-routing-mark=via-ISP1 passthrough=no
add action=mark-connection chain=prerouting in-interface=pppoe-out2 \
    new-connection-mark=ISP2_Conn passthrough=yes
add action=mark-routing chain=output connection-mark=ISP2_Conn \
    new-routing-mark=via-ISP2 passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
add action=masquerade chain=srcnat out-interface=pppoe-out2
/ip route
add comment=via-ISP1_To_ISP1 disabled=no distance=1 dst-address=0.0.0.0/0 \
    gateway=pppoe-out1 pref-src="" routing-table=via-ISP1 scope=30 \
    suppress-hw-offload=no target-scope=10
add comment=via-ISP2_To_ISP2 disabled=no distance=1 dst-address=0.0.0.0/0 \
    gateway=pppoe-out2 pref-src="" routing-table=via-ISP2 scope=30 \
    suppress-hw-offload=no target-scope=10
add comment="Redirect via-ISP1 To ISP2" disabled=no distance=2 dst-address=\
    0.0.0.0/0 gateway=pppoe-out2 pref-src="" routing-table=via-ISP1 scope=30 \
    suppress-hw-offload=no target-scope=10
add comment="Redirect via-ISP2 To ISP1" disabled=no distance=2 dst-address=\
    0.0.0.0/0 gateway=pppoe-out1 pref-src="" routing-table=via-ISP2 scope=30 \
    suppress-hw-offload=no target-scope=10
add comment=To-ISP1 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    pppoe-out1 pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
    target-scope=10
add comment=To-ISP2 disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
    pppoe-out2 pref-src="" routing-table=main scope=30 suppress-hw-offload=no \
    target-scope=10
add comment="Netwatch ISP1 (Quad9 DNS)" disabled=no distance=1 dst-address=\
    9.9.9.9/32 gateway=pppoe-out1 pref-src="" routing-table=main scope=30 \
    suppress-hw-offload=no target-scope=10
add comment="Netwatch ISP2 (Google DNS)" disabled=no distance=1 dst-address=\
    8.8.8.8/32 gateway=pppoe-out2 pref-src="" routing-table=main scope=30 \
    suppress-hw-offload=no target-scope=10
/system identity
set name=R1
/system note
set show-at-login=no
/tool netwatch
add comment=ISP1 disabled=no down-script="ip route disable [find comment=To-IS\
    P1]\r\
    \nip route disable [find comment=via-ISP1_To_ISP1]\r\
    \n:log warning \"ISP1 is down\"\r\
    \n/ip firewall connection remove [find]" host=9.9.9.9 http-codes="" \
    interval=10s test-script="" timeout=800ms type=simple up-script="ip route \
    enable [find comment=To-ISP1]\r\
    \nip route enable [find comment=via-ISP1_To_ISP1]\r\
    \n:log warning \"ISP1 is up\""
add comment=ISP2 disabled=no down-script="ip route disable [find comment=To-IS\
    P2]\r\
    \nip route disable [find comment=via-ISP2_To_ISP2]\r\
    \n:log warning \"ISP1 is down\"\r\
    \n/ip firewall connection remove [find]" host=8.8.8.8 http-codes="" \
    interval=10s test-script="" timeout=800ms type=simple up-script="ip route \
    enable [find comment=To-ISP2]\r\
    \nip route enable [find comment=via-ISP2_To_ISP2]\r\
    \n:log warning \"ISP2 is up\""