Community discussions

MikroTik App
 
salama900
just joined
Topic Author
Posts: 11
Joined: Wed Nov 12, 2008 1:01 am
Location: Egypt

layer 3 gateway load balance need advanced routing

Mon Aug 01, 2011 5:20 am

hi all friends here i have 3 adsl balanced like greg sowell way which called layer3 gateway load balance and it is work fine with me but i need to add Qos to evry gateway it work fine with brother all lines from many isp, with multi dns and i balanced on rb450g and my hotspot work on rb450g and it work frine with me but i need to make Qos to this 3 line 2 from first isp and third from other isp
i found this way is good but i need a help am i need to make advanced routing or am i must us qos as sowell sayed and need ur help in it my configuration is

/ip address
add address=192.168.1.1/24 broadcast=192.168.1.255 comment="" disabled=no \
interface=ether1 network=192.168.1.0
add address=192.168.2.1/24 broadcast=192.168.2.255 comment="" disabled=no \
interface=ether2 network=192.168.2.0
add address=192.168.0.1/24 broadcast=192.168.0.255 comment="" disabled=no \
interface=ether4 network=192.168.0.0
add address=192.168.3.1/24 broadcast=192.168.3.255 comment="" disabled=no \
interface=ether3 network=192.168.3.0

/ip firewall nat
add action=masquerade chain=srcnat comment="Masq for GW1" disabled=no \
out-interface=ether1
add action=masquerade chain=srcnat comment="Masq for GW2" disabled=no \
out-interface=ether2
add action=masquerade chain=srcnat comment="Masq for GW3" disabled=no \
out-interface=ether3

/ip route
add check-gateway=ping comment="" disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=192.168.1.2 routing-mark=GW1 scope=30 target-scope=10
add comment="" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=\
192.168.2.2 routing-mark=GW1 scope=30 target-scope=10
add check-gateway=ping comment="" disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=192.168.2.2 routing-mark=GW2 scope=30 target-scope=10
add comment="" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=\
192.168.3.2 routing-mark=GW2 scope=30 target-scope=10
add check-gateway=ping comment="" disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=192.168.3.2 routing-mark=GW3 scope=30 target-scope=10
add comment="" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=\
192.168.1.2 routing-mark=GW3 scope=30 target-scope=10

/ip firewall mangle
add action=mark-connection chain=prerouting comment="CM for GW1" disabled=no \
in-interface=ether4 new-connection-mark=GW1 passthrough=yes \
per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting comment="CM for GW2" disabled=no \
in-interface=ether4 new-connection-mark=GW2 passthrough=yes \
per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting comment="CM for GW3" disabled=no \
in-interface=ether4 new-connection-mark=GW3 passthrough=yes \
per-connection-classifier=both-addresses:3/2

/ip firewall mangle
add action=mark-connection chain=output comment="CM for GW1 - output" \
connection-mark=no-mark disabled=no new-connection-mark=GW1 passthrough=\
yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=output comment="CM for GW2 - output" \
connection-mark=no-mark disabled=no new-connection-mark=GW2 passthrough=\
yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=output comment="CM for GW3 - output" \
connection-mark=no-mark disabled=no new-connection-mark=GW3 passthrough=\
yes per-connection-classifier=both-addresses:3/2

/ip firewall mangle
add action=mark-connection chain=input comment="CM input GW1" \
connection-mark=no-mark disabled=no in-interface=ether1 \
new-connection-mark=GW1 passthrough=yes
add action=mark-connection chain=input comment="CM input GW2" \
connection-mark=no-mark disabled=no in-interface=ether2 \
new-connection-mark=GW2 passthrough=yes
add action=mark-connection chain=input comment="CM input GW3" \
connection-mark=no-mark disabled=no in-interface=ether3 \
new-connection-mark=GW3 passthrough=yes

add action=mark-routing chain=prerouting comment="RM for GW1" \
connection-mark=GW1 disabled=no in-interface=ether4 new-routing-mark=GW1 \
passthrough=yes
add action=mark-routing chain=prerouting comment="RM for GW2" \
connection-mark=GW2 disabled=no in-interface=ether4 new-routing-mark=GW2 \
passthrough=yes
add action=mark-routing chain=prerouting comment="RM for GW3" \
connection-mark=GW3 disabled=no in-interface=ether4 new-routing-mark=GW3 \
passthrough=yes

I would now like to discuss doing QoS based on these configurations. As for QoS, you will also need a set of queues (in and out) for EACH gateway. Each gateway will have it’s own rate-limit and it will also have varying levels of congestion, so each requires its own set of queues.
What’s my ultimate solution to the issue? In my mind, the best option in reference to our configuration example is one of two things.
1. Add an additional router for each GW with standard QoS applied to each one using my beloved connection marking. Then add a single router that all of these GW routers connect to…lets call it a backbone router. This BB router will run the PCC load balancing and not worry about QoS. It’s a win win…other than the fact that you have to buy several routers…hehe.
2. Since we are going to be doing some hairy stuff on the routers with heavy QoS, we need some equipment that has good processing power or “needs more pow-a”. If there was a real processing giant in the routerboard line we could use meta router and just run the GW routers virtually and let the physical box be the BB. Alas, there is no RB with high power, so we will use an X86. I’m not a big advocate of the off the Mikrotik branded X86 boxes that are on the market right now, so I would suggest building your own. X86 has “KVM”, which is a virtualization mechanism designed for X86. The only catch is that you have to have virtualization support in the CPU. This has gotten far too long of a rant. In essence, we do it with virtual GW routers and use the core as the BB. Again, this is a win win, only in this case we require a single box instead of multiple routers.

I know this is a somewhat complex topic to explain, but I hope you guys made it out alive. Any thoughts or suggestions, please leave me some feedback. Despite my fancified airs I put on, I still really like to hear what you guys think.
thanks so muc

Who is online

Users browsing this forum: No registered users and 27 guests