Hi, all.
How to setup 2 internet line from same isp (with same gateway address) to get best bandwidth or throughput?
Best Regards
Do you have two IP addresses on the same physical interface at your router or do you have each uplink on a separate interface? Is there PPPoE, DHCP, manually configured IP? Without knowledge of the physical and logical topology, no useful suggestion can be made. If you have two modems/routers from the ISP which both use the same LAN subnet and you cannot change their configuration, the setup may be much simpler than if you have two IPs in the same subnet on some FTTH connection and there is a bandwidth enforcement per IP at the ISP side.
The two 2 IP Addresses (from wlan1 & wlan2) are from the same router with same interface which using PPPoE.
Wait, the IP addresses are assigned directly to wlan1 and wlan2, so PPPoE is not related to the IP address assignment (unless you’ve renamed PPPoE interfaces to wlan1 and wlan2). Can post an export of the whole configuration (see my automatic signature below for hints), and if the PPPoE is on some other router, can you draw the whole network setup (a photo of a handmade drawing is sufficient, no need to spend hours on it).
I’m so sorry, for the wlan1 & wlan2 are from router from ISP which using PPPoE.
The router from ISP are have more than 1 SSID which can access using different account (which have different bandwidth)
ISP1 => Router => Access Point => SSID1 => wlan1 (RouterBoard)
ISP1 => Router => Access Point => SSID2 => wlan2 (RouterBoard)
ISP2 => Router => ether1 (RouterBoard)
Bridge => ether3, ether 4
Well, so I suppose that the router with PPPoE uplink either links each PPPoE uplink to another SSID or it restricts the bandwidth per connected wireless client, but that’s not important for the setup at your end.
The key is that you can use an IP address along with an interface name as a gateway of a route, using the ip.add.re.ss**%**interfacename notation.
So you can create two routing tables with a single defaut route in each (modify the actual gateway IP to the real one):
/ip route
add routing-mark=via-wlan1 gateway=10.227.0.1%wlan1
add routing-mark=via-wlan2 gateway=10.227.0.1%wlan2
Then, use any policy routing strategy to assign the two routing-mark values (per-connection-classifier rules directly assigning the routing-mark or nth rules assigning a connection-mark and other rules translating connection-mark into routing-mark). These are explained in both the Mikrotik manual as well as countless times here on the forum. The first strategy (per-connection-classifier) is simpler but always spreads the load 1:1 between the two WANs, the second one allows to distribute the connections among the two WANs in a ratio you choose (1:1,1:3,3:5, whatever). But bear in mind that both distribute connections, not bandwidth, so on a low number of connections, you may see a different outcome than you expect. Also, bear in mind that one connection always uses only one uplink, so you cannot use the aggregated bandwidth of both WANs for a single connection.
So, which best setting if I have bandwidth like this?
- wlan1 50M/50M
- wlan2 4M/20M
if 20 is the download limit and 4 is the upload limit, and you mostly download, then it’s best to use nth rules to spread the connections in a 5:2 ratio (or, in another words, 2 of each 7 to be sent via wlan2 with the 20M bandwidth, and the rest via wlan1):
/ip firewall mangle
add chain=prerouting connection-mark=no-mark action=jump jump-target=cmark-pre
add chain=prerouting in-interface=your-lan-interface-name connection-mark=via-wlan1 action=mark-routing new-routing-mark=via-wlan1 passthrough=no
add chain=prerouting in-interface=your-lan-interface-name connection-mark=via-wlan2 action=mark-routing new-routing-mark=via-wlan2 passthrough=no
add chain=cmark-pre in-interface=your-lan-interface-name connection-mark=no-mark nth=7,1 action=mark-connection new-connection-mark=via-wlan2
add chain=cmark-pre in-interface=your-lan-interface-name connection-mark=no-mark nth=6,1 action=mark-connection new-connection-mark=via-wlan2
add chain=cmark-pre in-interface=your-lan-interface-name connection-mark=no-mark action=mark-connection new-connection-mark=via-wlan1
add chain=cmark-pre connection-mark=no-mark action=mark-connection new-connection-mark=use-main
As I can see, you have another dhcp client attached to ether1, with add-default-route=yes, so you have to adjust the suggestion above to your setup as a whole.
Hi, sindy. Thanks for your help. Your settings working for me.
Hi, Sindy. I’m adjusting your settings, but load balancing not working. (Only work fail over)
- ether1 50M DL 50M UL
- wlan1 50M DL 50M UL
- wlan2 20M DL 4M UL
I adjusted like this
/ip firewall mangle
add chain=prerouting connection-mark=no-mark action=jump jump-target=cmark-pre
add chain=prerouting in-interface=bridge-hotspot connection-mark=via-wlan1 action=mark-routing new-routing-mark=via-wlan1 passthrough=no
add chain=prerouting in-interface=bridge-hotspot connection-mark=via-wlan2 action=mark-routing new-routing-mark=via-wlan2 passthrough=no
add chain=prerouting in-interface=bridge-hotspot connection-mark=via-ether1 action=mark-routing new-routing-mark=via-ether1 passthrough=no
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=12,1 action=mark-connection new-connection-mark=via-wlan2
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=11,1 action=mark-connection new-connection-mark=via-wlan2
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=10,1 action=mark-connection new-connection-mark=via-wlan1
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=9,1 action=mark-connection new-connection-mark=via-wlan1
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=8,1 action=mark-connection new-connection-mark=via-wlan1
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=7,1 action=mark-connection new-connection-mark=via-wlan1
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=6,1 action=mark-connection new-connection-mark=via-wlan1
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=5,1 action=mark-connection new-connection-mark=via-ether1
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=4,1 action=mark-connection new-connection-mark=via-ether1
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=3,1 action=mark-connection new-connection-mark=via-ether1
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=2,1 action=mark-connection new-connection-mark=via-ether1
add chain=cmark-pre in-interface=bridge-hotspot connection-mark=no-mark nth=1,1 action=mark-connection new-connection-mark=via-ether1
Are there any mistake?
On the off chance that you have two modems/switches from the lsp which both utilize a similar LAN subnet and you can’t change their arrangement, the arrangement might be a lot less complex than if you have two IPs in the equivalent subnet on some ftth association and there is a data transfer capacity requirement per IP at the ISP side.
What I can see is that you use underscore (via**_wan1) in the routing-mark values set on the routes, but in the mangle rules, you assign values with a dash (via-**wan1).
It means that all the routing-mark values assigned by mangle are unknown to the routing, so it falls back to routing table main (consisting of routes with no routing-mark value assigned).
Nice pickup but I got queasy when you typed nth…
I havent seen anyone recommend nth before.
WHy not use pcc classifier method (both addresses) and for different loading use something like.
(3 Wan example where one loads connections onto WAN3 at a greater ratio than the other wans 1:1:2)
/ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN1 \
passthrough=yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN2 \
passthrough=yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN3 \
passthrough=yes per-connection-classifier=both-addresses:3/2
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN3 \
passthrough=yes per-connection-classifier=both-addresses:3/3
applied to your scenario… 5:2 (in favour of wan2)
/ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN1 \
passthrough=yes per-connection-classifier=both-addresses:6/0
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN1 \
passthrough=yes per-connection-classifier=both-addresses:6/1
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN2 \
passthrough=yes per-connection-classifier=both-addresses:6/2
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN2 \
passthrough=yes per-connection-classifier=both-addresses:6/3
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN2 \
passthrough=yes per-connection-classifier=both-addresses:6/4
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN2 \
passthrough=yes per-connection-classifier=both-addresses:6/5
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
no dst-address-type=!local in-interface=ether5 new-connection-mark=WAN2 \
passthrough=yes per-connection-classifier=both-addresses:6/6
You are right that PCC can be used for any ratio, I must have had a brain eclipse when writing it can only be used for 1:1 distribution.
However, 6/6 won’t work with PCC - for 5:2 distribution, you have to use 7/0 to 7/6 (the number to the left of the slash is the divider, the number to the right is the remainder, and the remainder is always between zero included and the divider not included.
As for nth, it was a mere illustration that other methods to spread the traffic exist than just per-connection-classifier. To be sure that you won’t get hard to explain issues with connections to some picky sites, not only that you have to use per-connection-classifier, but you even have to use only the source address to compute the hash to be divided by the divider - those picky servers refuse incoming sessions that are logically bound to already existing ones if the new ones don’t come from the same source address.
However, 6/6 won’t work with PCC - for 5:2 distribution, you have to use 7/0 to 7/6 (the number to the left of the slash is the divider, the number to the right is the remainder, and the remainder is always between zero included and the divider not included.
That there is Gold information!! Thanks!!
So, which best setting for my existing network?
First, have you fixed the mismatch between routing-mark values used in routes and mangle rules, and does load distribution work now?
This Thread is interesting as it talks about (near the end) a combo approach that may be optimal in that it uses
PCC where required HTTPS type connections and then Nth for the rest…
Would love Sindys comments on that approach!!!
Yes, I fixed it. But sometimes it likes to lose connection and unstable speed.
That’s too vague a description, so I’d exclude one of the WANs at a time and see whether the other one is not unstable on its own.
Regarding “what’s the best”, I gave my opinion in the topic which @anav has referred above. None of the approaches can affect connection losses and jumping speed, it must be something else.