Aug

Load Balancing with Mikrotik 3.x

Tag » Load Balancing, Mikrotik, Connection, Linux

Written by nofee

When we want to make Loadbalancing system used Mikrotik 2.9.x, we can using the rule from here. But there is little different with Mikrotik 3.x
Ok then, let's started, i will use 5 connection here.

IP Address Configuration

/ ip address add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local comment="" disabled=no
/ ip address add address=10.111.0.2/30 network=10.111.0.0 broadcast=10.111.0.3 interface=Uplink1 comment="" disabled=no
/ ip address add address=10.112.0.2/30 network=10.112.0.0 broadcast=10.112.0.3 interface=Uplink2 comment="" disabled=no
/ ip address add address=10.113.0.2/30 network=10.113.0.0 broadcast=10.113.0.3 interface=Uplink3 comment="" disabled=no
/ ip address add address=10.114.0.2/30 network=10.114.0.0 broadcast=10.114.0.3 interface=Uplink4 comment="" disabled=no
/ ip address add address=10.115.0.2/30 network=10.115.0.0 broadcast=10.115.0.3 interface=Uplink5 comment="" disabled=no

Mangle Configuration

/ ip firewall mangle add chain=prerouting in-interface=Local connection-state=new nth=5,1 action=mark-connection new-connection-mark=conn1 passthrough=yes comment="" disabled=no
/ ip firewall mangle add chain=prerouting in-interface=Local connection-mark=conn1 action=mark-routing new-routing-mark=conn1 passthrough=no comment="" disabled=no
/ ip firewall mangle add chain=prerouting in-interface=Local connection-state=new nth=4,1 action=mark-connection new-connection-mark=conn2 passthrough=yes comment="" disabled=no
/ ip firewall mangle add chain=prerouting in-interface=Local connection-mark=conn2 action=mark-routing new-routing-mark=conn2 passthrough=no comment="" disabled=no
/ ip firewall mangle add chain=prerouting in-interface=Local connection-state=new nth=3,1 action=mark-connection new-connection-mark=conn3 passthrough=yes comment="" disabled=no
/ ip firewall mangle add chain=prerouting in-interface=Local connection-mark=conn3 action=mark-routing new-routing-mark=conn3 passthrough=no comment="" disabled=no
/ ip firewall mangle add chain=prerouting in-interface=Local connection-state=new nth=2,1 action=mark-connection new-connection-mark=conn4 passthrough=yes comment="" disabled=no
/ ip firewall mangle add chain=prerouting in-interface=Local connection-mark=conn4 action=mark-routing new-routing-mark=conn4 passthrough=no comment="" disabled=no
/ ip firewall mangle add chain=prerouting in-interface=Local connection-state=new action=mark-connection new-connection-mark=conn5 passthrough=yes comment="" disabled=no
/ ip firewall mangle add chain=prerouting in-interface=Local connection-mark=conn5 action=mark-routing new-routing-mark=conn5 passthrough=no comment="" disabled=no

Masquerade Local Network

/ ip firewall nat add chain=srcnat connection-mark=conn1 action=masquerade out-interface=Uplink1 comment="" disabled=no
/ ip firewall nat add chain=srcnat connection-mark=conn2 action=masquerade out-interface=Uplink2 comment="" disabled=no
/ ip firewall nat add chain=srcnat connection-mark=conn3 action=masquerade out-interface=Uplink3 comment="" disabled=no
/ ip firewall nat add chain=srcnat connection-mark=conn4 action=masquerade out-interface=Uplink4 comment="" disabled=no
/ ip firewall nat add chain=srcnat connection-mark=conn5 action=masquerade out-interface=Uplink5 comment="" disabled=no

Route

/ ip route add dst-address=0.0.0.0/0 gateway=10.111.0.1 scope=255 target-scope=10 routing-mark=conn1 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=10.112.0.1 scope=255 target-scope=10 routing-mark=conn2 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=10.113.0.1 scope=255 target-scope=10 routing-mark=conn3 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=10.114.0.1 scope=255 target-scope=10 routing-mark=conn4 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=10.115.0.1 scope=255 target-scope=10 routing-mark=conn5 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=10.111.0.1 scope=255 target-scope=10 comment="" disabled=no

Explanation
First we give a code snippet and then explain what it actually does.

IP Address and Mangle

The router has 5 upstream (WAN) interfaces with the addresses of 10.111.0.2/30; 10.112.0.2/24; 10.113.0.2/30; 10.114.0.2/24 and 10.115.0.2/30. The LAN interface has the name "Local" and IP address of 192.168.0.1/24.

For the ip firewall mangle, 5 uplink connection need 5 connection mark and 5 routing mark.
Mangle 1 : nth : 5,1
Mangle 2 : nth : 4,1
Mangle 3 : nth : 3,1
Mangle 4 : nth : 2,1
Mangle 5 : No nth
Here the explanation :
Mangle 1 : read all traffic and match 1/5 of traffic
Mangle 2 : read 4/5 traffic and match 1/4 of they traffic (1/5 total traffic)
Mangle 3 : read 3/4 from 4/5 traffic above (or 3/5 total traffic) and match 1/2 traffic above (1/5 total traffic)
Mangle 4 : read 2/3 from 3/5 total traffic (or 2/5 total traffic) and match 1/2 traffic above (1/5 total traffic)
Mengle 5 : read the rest of traffic (1/5 total traffic)

Thats it. Now you can try your setting.

Happy Surfing with 5 Connection.. :)

Bookmark

Email This

Trackback(0)

TrackBack URI for this entry

Comments (4) Add Comment

Subscribe to this comment's feed

...
written by Vladan Maksic, November 17, 2008

Thanks No Fee This is very nice explanation but i have the same problem like Sved
and same config 2wan + 1 lan and only 1wan works .My MIkrotik version is 3.14 .
I tried few times and someting is wrong.Please if you can help.

Best regards

report abuse

vote down

vote up

Votes: +0

Reply: AA Cable.Network Services
written by No Fee, September 26, 2008

Can you show me your config? Maybe I can help you.

Thanks

report abuse

vote down

vote up

Votes: +0

AA Cable.Network Services
written by Syed Jahanzaib, September 26, 2008

Hi,

I tried same config posted above, (but with 2 WAN & 1 LAN),
All traffic from LAN users goes to WAN1 only, no traffic is routing to WAN2.

What could be wrong?

report abuse

vote down

vote up

Votes: +0