@yacud With failover and multiple tiers, it will use the Tier1 gateways until it meets the criteria of a failure (specified packet loss or latency).
Then it will route all traffic on the Tier2 gateway until Tier1 gateway is back within acceptable limits.
If you want to load balance you could set multiple gateways as Tier1 and it will split traffic between them, you can set a "weight" in the gateway options to have it balance the traffic unevenly (e.g. put 2x as much on WAN1 vs WAN2)
As far as I know, there is no way for it to know what the maximum throughput of your link is - just trying to split it evenly if you want load balancing.
Well, the part with 2 LANs and 2 WANs is quite easy.
You configure the transit network interface as defined by your second ISP.
You configure e.g. 129.x.?.1/24 as a static IP on your "Public LAN".
You either set the NAT mode to "Manual Outbound NAT rule generation." and set all NAT rules manually, or you set it to "Hybrid Outbound NAT rule generation" and manually add a "Do not NAT" rule for the traffic between your new LAN and WAN.
This should already create the appropriate routing table entries so that incoming traffics finds your 129.x.?.1/24. What's missing to tell the outgoing traffic which gateway to use. This can e.g. be done by specifying the gateway of the second WAN interface in the "allow to any" (or whatever firewall rule you use to allow internet access) firewall rule on your "Public LAN" interface.
Regarding the public IPs for your 192.168.x.1/22: From my perspective, the clean solution would be to give them a second network interface (e.g. using VLANs) in the "Public LAN" network. This also makes it easier to separate the administrative from the public traffic, e.g. only enable SSH on the interface in 192.168.x.0/22 network.
in the 90's i remember there was this conspiracy theory that antivirus computers create viruses in order to sell antivirus software... say no more ... now that your isp know your fear it will ddos you to take your money ... big fish eat small fish !
Because amateur may be You newer come under real DDoS.
P.S. Another perfect example of new attacks vectors, that You may newer know https://www.washingtonpost.com/news/innovations/wp/2017/07/21/how-a-fish-tank-helped-hack-a-casino/
@derelict did a Google search for netgear dual wan and one of the links was to this forum))) It crossed my mind that it's probably a wrong place to ask for help with my issue but I decided to give it a go anyways)