4 WAN PCC , But All Load goes to 1 DSL Only !!!

Dear All,

I am using Mikrotik to merge 4 DSL lines, but all load goes to only 1 DSL. (only WAN1 is working) , its not divining load to all 4 DSL lines. Mikrotik is also configured as a PPPoE server. I have tried putting many users load but still only WAN1 is taking all load.

I am using the following script. Where is the mistake ?

/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3
add address=192.168.4.2/24 network=192.168.4.0 broadcast=192.168.4.255 interface=WAN4

/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_conn
add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=WAN4_conn

add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=output connection-mark=WAN3_conn action=mark-routing new-routing-mark=to_WAN3
add chain=output connection-mark=WAN4_conn action=mark-routing new-routing-mark=to_WAN4

add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=Local

add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=src-address:4/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=src-address:4/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=src-address:4/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=src-address:4/3 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes

add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN4

/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 routing-mark=to_WAN3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 routing-mark=to_WAN4 check-gateway=ping

add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 distance=3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 distance=4 check-gateway=ping

/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
add chain=srcnat out-interface=WAN3 action=masquerade
add chain=srcnat out-interface=WAN4 action=masquerade

Wild guess: you’re using the proxy?

NO, I am not using webproxy. Just a simple plain setup,

However I have managed to solve the problem this few minutes before after banging my head with MT, I simply reset all configuration, and re-configure it using guide at aacable 4 wan load balance script, and its working now.

One more question , I want to add webproxy to this configuration, I heard that webproxy messes with PCC. What extra rules do I have to add in the above script in order to make web proxy and pcc work together on the same server. Plese help me again Fewi Bro, You have helped me many times before

In my opinion it is significantly easier to just add an external proxy box. Trying to integrate proxies with PCC becomes too convoluted and and complicated.

If you want to try it, the general idea is to replicate all the PCC set up for the ‘output’ chain. PCC as you have it runs in ‘prerouting’, which never sees packets generated by the router. When you use a proxy all web traffic is split into two connections - one from client to router (proxy), the other from the proxy (router) to the Internet. You have to PCC balance those connections. At the same time you have to be careful not to match any other traffic sent from the router (replies to SSH, Winbox, DNS, whatever other services you have running), and you have to be careful to not match traffic during normal PCC that will be redirected to the proxy. Routing marks override everything.

I would keep it simple and easy to troubleshoot and just build a Squid proxy as an external device.

Dear Fewi,

Thank you for kind reply. As you suggested, I will add external SQUID proxy to make my life easier.

One last thing, PCC works fine when the client is directly connected to mikrotik without pppoe. When client is connected with pppoe , pcc doesn’t work. What rules should I add in PCC script ?

Following is my ip address scheme.

Mikrotik LAN = 10.0.0.1
Users = 10.0.0.x
PPPoE IP Pool = 172.16.0.x/16