Hey all, I have been struggling to find a load balancing script on the wiki that will work to fit our needs. I have tried all of them including PCC but there is always a unwanted side effect after implementing it.
Basic needs:
-
Load balance wlan1 and wlan2. (obvious) For extra information, wlan1 is a 20MB pipe and wlan2 is a 24MB.
-
I cant have clients losing connection every 10 minutes from a DNS flush or gateway change from wlan1 to wlan2.
-
All my dst-nat’s that are nat’ing private IP’s to public IP’s through wlan1 have to stay working.
-
Clients have to be able to VPN into their public addresses and also I need to be able to VPN as well. This is also through wlan1.
-
HTTPS and other load balance touchy applications must work for clients.
Now I have had all of the above working pretty well with PCC except for VPN stopped working for us and there has been reports of clients losing connection. Does PCC switch clients from from gateway to gateway?
Thanks in advance, and sorry if some of these questions sound too newbie, but I am still new in the world of Mikrotik.
describe what problems exactly exactly you had with PCC configuration. Problems you named usually appear on simple ECMP configuration, that only works if you are not using masquerade. PCC is what you need to configure with additional mangle and routing marks.
Thanks for replying, at the moment we are using these mangle rules:
0 chain=input action=mark-connection new-connection-mark=wlan1_conn passthrough=yes in-interface=wlan1
1 chain=input action=mark-connection new-connection-mark=wlan2_conn passthrough=yes in-interface=wlan2
2 chain=output action=mark-routing new-routing-mark=to_wlan1 passthrough=yes connection-mark=wlan1_conn
3 chain=output action=mark-routing new-routing-mark=to_wlan2 passthrough=yes connection-mark=wlan2_conn
4 chain=prerouting action=accept dst-address=x.x.x.x/26 in-interface=Local
5 chain=prerouting action=accept dst-address=x.x.x.x/29 in-interface=Local
6 chain=prerouting action=mark-connection new-connection-mark=wlan1_conn passthrough=yes dst-address-type=!local
in-interface=Local connection-mark=no-mark per-connection-classifier=both-addresses:2/0
7 chain=prerouting action=mark-connection new-connection-mark=wlan2_conn passthrough=yes dst-address-type=!local
in-interface=Local connection-mark=no-mark per-connection-classifier=both-addresses:2/1
8 chain=prerouting action=mark-routing new-routing-mark=to_wlan1 passthrough=yes in-interface=Local
connection-mark=wlan1_conn
9 chain=prerouting action=mark-routing new-routing-mark=to_wlan2 passthrough=yes in-interface=Local
connection-mark=wlan2_conn
10 chain=forward action=mark-connection new-connection-mark=wlan1_conn passthrough=yes connection-state=new
in-interface=wlan1
11 chain=forward action=mark-connection new-connection-mark=wlan2_conn passthrough=yes connection-state=new
in-interface=wlan2
It seems like everything but VPN is working like it should, but when I log in to the VPN I cant connect to any of the internal devices. With these rules I shouldn’t have any clients disconnecting all the time?
Thanks again