Easy Dual WAN Failover

Initial setup

Initially, I had set up a TP-Link ER605 (TL-R605) V2 router to handle the dual WANs - on paper, it checked all the boxes: load balancing, failover, and a relatively affordable price point. But in practice, it turned out to be a frustrating experience.

The biggest issue was how excruciatingly slow the device was to boot and handle failover. In a setup where uptime actually matters, waiting around for the router to recover or switch links defeats the whole purpose of having redundancy in the first place. Failover should feel seamless - this felt anything but.

What made things worse was the user experience. TP-Link usually does a decent job with their consumer gear, but this one felt like an afterthought. To be fair, the hardware isn't terrible for very basic use cases. But if you're expecting fast failover, responsiveness, or a polished management experience, this router falls short. It feels like a product that looks good on a spec sheet but struggles in real-world scenarios. In the end, I realized that for something as critical as WAN failover, it's worth investing in gear that prioritizes reliability and usability - not just features.

Current Setup

I recently got a MikroTik hEX S (2025) which runs RouterOS. I am sharing the commands which I used to set up the Dual WAN Failover feature (based on a layer-x.com article).

# Configure interfaces
/interface ethernet
set [find default-name=ether1] name=wan1-primary
set [find default-name=ether2] name=wan2-secondary

# Output
set [find default-name=ether4] name=lan1

/ip address
add address=192.168.1.2/24 interface=wan1-primary comment="Primary WAN Static"
add address=192.168.2.2/24 interface=wan2-secondary comment="Secondary WAN Static"

# Configure LAN interface
/ip address
add address=192.168.100.1/24 interface=lan1 comment="LAN Gateway"

# Enable DHCP server for LAN
/ip pool
add name=lan-pool ranges=192.168.100.100-192.168.100.200

/ip dhcp-server
add address-pool=lan-pool interface=lan1 name=lan-dhcp

/ip dhcp-server network
add address=192.168.100.0/24 gateway=192.168.100.1 dns-server=8.8.8.8,8.8.4.4

# Configure NAT
/ip firewall nat
add chain=srcnat out-interface=wan1-primary action=masquerade
add chain=srcnat out-interface=wan2-secondary action=masquerade

# Configure routes with failover
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 \
    distance=1 check-gateway=ping comment="Primary Route"
add dst-address=0.0.0.0/0 gateway=192.168.2.1 \
    distance=2 comment="Secondary Route"

The primary ISP router is @ 192.168.1.1 and my 4G router is @ 192.168.2.1. Adjust these values as needed. You may need to disable a bunch of interfaces in the default bridge configuration manually and then disable the default DHCP server which runs on the default bridge.

I then pluggged the Main Deco Mesh Network unit into the Ethernet 4 port. Done!