Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB
Following is a complete script for Mikrotik to combine/load balance two DSL lines. In this example I used MikrotikT RB750 5 ports router.
2 ports were connected with two difference DSL Routers,
and 3rd port was connected with User LAN.
Both DSL are of same speed , i.e 10Mb each.
DSL MODEM IP’S
DSL MODEM 1 = 192.168.1.1
DSL MODEM 2 = 192.168.2.1
Also don’t forget to rename the interface names accordingly.
In my personnel experience , If users request are directly hitting Mikrotik configured with PCC , then you will get good load balancing. Use src-address as classifier, this way you will get rid of problems like https/broken link, streaming issues etc. Load balancing using this PCC
technique (src-address) will be effective and balanced approach when
more and more connections (from clients) that occurred. I also recommend
to use SQUID proxy server along with mikrotik , either
parallel or in front or backend , for better response time and it will
also increase good browsing experience to users.
If somehow you are not satisfied with the src-address approach,play with the PCC-Classifier, then Try both addresses and ports
as the classifier. While this will randomize things the most and in
theory give you the most fair allocation of bandwidth, BUT there is also
a good chance that it will break certain things like banking web sites
and some forums. This is because often times a HTTP requests will
generate several connections, so there is a chance that some requests
may go out a different route than the initial one, and that will break
secure web sites. For that reason I usually stick with src-address for PCC load balancing.
Regard’s
Syed Jahanzaib
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
| /ip address add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1 add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2 /ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8 /ip firewall mangle add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1 add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2 add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local add
chain=prerouting dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:2/0
action=mark-connection new-connection-mark=WAN1_conn passthrough=yes add
chain=prerouting dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:2/1
action=mark-connection new-connection-mark=WAN2_conn passthrough=yes add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1 add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2 /ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping /ip firewall nat add chain=srcnat out-interface=WAN1 action=masquerade add chain=srcnat out-interface=WAN2 action=masquerade |
PCC WITH UN-EQUAL WAN LINKS
If you have Un-Equal WAN Links, for example WAN,1 is of 4MB and WAN,2 is of 8 Mb, and you want to force MT to use WAN42link more then other because of its capacity, Then you have to Add more PCC rules assigning the same two marks to a specific link i.e WAN2 , something likeCode:
1
2
3
| add
chain=prerouting dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:2/0
action=mark-connection new-connection-mark=WAN1_conn passthrough=yes add
chain=prerouting dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:2/1
action=mark-connection new-connection-mark=WAN2_conn passthrough=yes add
chain=prerouting dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:2/2
action=mark-connection new-connection-mark=WAN2_conn passthrough=yes |
PCC WITH HOTSPOT (Reference)
1
| /ip firewall nat add action=accept chain=pre-hotspot disabled=no dst-address-type=!local hotspot=auth |
0 comments:
Post a Comment