The following network has Fault Tolerancy & Load Balancing over 2 WAN links (ie. 2 ISPs) .
But the WAN-LB-Router can load-balance of course only the outgoing traffic towards the WAN:
Now, the LAN shall be spitted up into 2 LANs, LAN1 and LAN2, and also all the incoming WAN-traffic shall be load-balanced as well.
Is the following a viable solution? :
WAN1 WAN2
| |
-----------
| WAN-LB- |
| Router |
-----------
| |
ILAN1 ILAN2
| |
-----------
| WAN-LB- | here ILAN1 is plugged into the WAN1 socket, ILAN2 into the WAN2 socket
| Router |
-----------
| |
LAN1 LAN2
Ie. one uses two artificial interior LANs (ILAN1 and ILAN2) between the 2 routers.
Is this correct / can this function as intended? Any alternative solutions, incl. mixed HW/SW/protocol solutions?
It’s an advanced data center HPC project involving vast amounts of data in both directions at the same time,
with redundancy and load-balancing the up and down links.
Do you plan any NAT on the WANs, or will the LAN hosts have public IP addresses?
Will any client connections be coming in via WAN and need to reach servers on LAN? I can’t wrap my head around load balancing of WAN->LAN connections at L3 where the destination is always a single address, so unless the destination host has two network interfaces and can respond incoming connections on the one through which it has received them, I cannot get the purpose of two LANs.
Regardless the above, I also don’t get the purpose of the interconnection of two boxes using the ILAN connections - why can’t you use a single box with just two WANs and two LANs?
@sindy, no additional NAT in the LANs besides the standard SNATting when traffic leaves the LAN at the border. Internally using only private IPs
(but we need the public IP of the remotes in WAN (for logging, stats & analysis); ie. the standard NAT on the border router by default passes through the public IP of the remote side, and that’s good).
Yes, some select client connects from the WAN to the LAN is possible (via port-forwarding, aka “virtual server”).
No, the destination servers/PCs are just all very normal. Ie. no Multiport-NICs just for this.
The two LANs are independent of each other, just sharing the same WAN links. But all is administered by the same admin staff.
Regardless the above, I also don’t get the purpose of the interconnection of two boxes using the ILAN connections - why can’t you use a single box with just two WANs and two LANs?
I think then only the outgoing traffic would be load-balanced.
Said differently: the traffic to the WAN shall be load-balanced, as well any received WAN-traffic shall go further over 2 local alternative routes to their destination LANs, in a load-balanced fashion, to optimally saturate the local links.
You can spread the WAN->LAN traffic among the two ILAN links on the upper router, but on the lower router each packet, regardless through which ILAN it has arrived, has to be sent either to LAN1 or to LAN1 depending on the destination address. So I still cannot see any purpose in load balancing the WAN->LAN traffic.
Hmm. it rather seems the ILANx must be plugged into the LAN sockets of the 2nd router, and at the other side the LANx must be plugged to its WANx sockets, ie. a mirrored setup… Have to rethink this part of the setup, indeed a little bit complicated & confusing…
I today tried such a Load Balancing Router. Though it has 2+ WAN ports, its LAN ports are only switched, ie. just only one LAN is possible with it
So, I’m now looking for a router device with at least 4 independent ports for WAN/LAN configuration, and where I can put my own networking code for LoadBalancing and FaultTolerancy.
Is it possible to install own (Linux) code (kernel or userland driver/module/daemon) in/under RouterOS? Or maybe installing just Linux on a RB, if that’s possible (dunno, I’m new to MT/RB, haven’t researched yet).
No way to handle load-balancing on another layer ? Just thinking out loud here.
Depending on the application-design, you could build out the LAN-network using some multihomed HPC systems yet keep the LAN rather straightforward and have more capable products (eg. haproxy,nginx,traefic) handle it.
Sure these HPC systems need to be connected eg. with some basic aggregation (eg. n x 10Gbits) so they are well connected, redundancy is in place etc.
But for the rest you could just let your network do what it is supposed to be doing… transporting data
I doubt you will find any Mikrotik product with the specs to support load-balancing for HPC-systems.
For the larger projects we usually roll out the F5’s in our datacenters
