shaposhnikoff/mikrotik two WAN backup

## mikrotik two WAN backup
/ip firewall mangle
# mark incoming connections (same rules cover both traffic for router and traffic forwarded to LAN)

add action=mark-connection chain=prerouting connection-mark=no-mark \
    in-interface=ether1-primary new-connection-mark=conn_primary passthrough=no

add action=mark-connection chain=prerouting connection-mark=no-mark \
    in-interface=ether2-backup new-connection-mark=conn_backup passthrough=no

# jump to another table for all potentially outgoing connections

add action=jump chain=output jump-target=routing
add action=jump chain=prerouting in-interface=LAN jump-target=routing
add action=jump chain=prerouting in-interface=WIFI jump-target=routing
# no need to process packets which are not going out through any ISP
add action=return chain=routing dst-address-type=local,broadcast,multicast
add action=return chain=routing dst-address-list="Internal LAN"
# set routing marks for marked connections
add action=mark-routing chain=routing connection-mark=conn_primary \
    new-routing-mark=main passthrough=no
add action=mark-routing chain=routing connection-mark=conn_backup \
    new-routing-mark=backup passthrough=no
# unmarked connections
add action=mark-routing chain=routing connection-mark=no-mark disabled=yes \
    new-routing-mark=backup passthrough=no comment="enable this to use backup isp"
add action=mark-routing chain=routing connection-mark=no-mark \
    new-routing-mark=main passthrough=no

# routes
/ip route
add dst-address=0.0.0.0/0 gateway=1.1.1.1 routing-mark=backup
add dst-address=0.0.0.0/0 gateway=2.2.2.2
	/ip firewall mangle
	# mark incoming connections (same rules cover both traffic for router and traffic forwarded to LAN)

	add action=mark-connection chain=prerouting connection-mark=no-mark \
	in-interface=ether1-primary new-connection-mark=conn_primary passthrough=no

	add action=mark-connection chain=prerouting connection-mark=no-mark \
	in-interface=ether2-backup new-connection-mark=conn_backup passthrough=no

	# jump to another table for all potentially outgoing connections

	add action=jump chain=output jump-target=routing
	add action=jump chain=prerouting in-interface=LAN jump-target=routing
	add action=jump chain=prerouting in-interface=WIFI jump-target=routing
	# no need to process packets which are not going out through any ISP
	add action=return chain=routing dst-address-type=local,broadcast,multicast
	add action=return chain=routing dst-address-list="Internal LAN"
	# set routing marks for marked connections
	add action=mark-routing chain=routing connection-mark=conn_primary \
	new-routing-mark=main passthrough=no
	add action=mark-routing chain=routing connection-mark=conn_backup \
	new-routing-mark=backup passthrough=no
	# unmarked connections
	add action=mark-routing chain=routing connection-mark=no-mark disabled=yes \
	new-routing-mark=backup passthrough=no comment="enable this to use backup isp"
	add action=mark-routing chain=routing connection-mark=no-mark \
	new-routing-mark=main passthrough=no

	# routes
	/ip route
	add dst-address=0.0.0.0/0 gateway=1.1.1.1 routing-mark=backup
	add dst-address=0.0.0.0/0 gateway=2.2.2.2