Ok, decided to rewrite this, since I’ve learned a little more in a few hours.
Basically, I want to avoid having to have a default route of 0.0.0.0/0 through a specific pppoe connection, because I have two and doing Nth balancing over them, and want ALL traffic to do this, including that generated by RB itself.
However, it’s not playing ball, I’ve setup a Route mark to apply to traffic from the LAN, which there are then two more routing mark rules that split up for each 2 packets, packet 1 mark as “one” and packet 2 mark as “two”, these then go to routes setup with those marks.
Problem is, using the RB for DNS, it’s not able to resolve, but it’s DNS requests to the ISP DNS servers don’t have a routing mark, and hence get spread across the two pppoe’s.
I could set one, or even both gateways as a 0.0.0.0/0 route I guess, but would rather the RB traffic just did the same as the LAN traffic.
I think that there is a manual in the wiki to make this. To mark all traffic generated by the RB and use NTH too, but I think is better that this traffic could use only the default gateway..
I’ve looked at the two Wiki topics for Nth load balancing, but nothing mentions the RB’s traffic (DNS requests, NTP Client requests etc.), other than to put in a basic default route, which I don’t really want to do.
It’ll have multiple WANs/ISPs, and I really want to lock specific traffic to those WANs, including requests from the RB itself, using Routing Marks.
I’ve tried a rule to take Routing marks of “main” to be the same as the one I’m using to pass traffic to the Nth rules, but that hasn’t helped. It’s interesting Routing has your marks, and “main”, whereas packet and connection have your marks and “no-mark”.
It seems traffic from the RB just goes straight out a default route, and not pass through the mangle rules, I can’t see how/where to set that (ideally for outbound WAN traffic, don’t want to fudge with local access).
Thanks skillful, I’ve tried an output rule, but nothing seems to be going through it, no bytes increase.
I’ve got a list of the ISP servers, and created Dst. Addresses for them, and set that in the rule, since it’s specfically for these IPs, I want it to be given that packet mark which will send it through the correct connection.
“your” being traffic from the LAN going through the RB, not the RB’s DNS/NTP requests, I take it.
My topic is about DNS/NTP FROM the RB itself, I’m trying to avoid using default route of 0.0.0.0/0 without a routing mark.
It appears, unless I’m wrong, there’s no provision for controlling/mangling RB’s generated traffic (DNS, NTP requests) to direct them using a packet/routing mark, and you MUST have a 0.0.0.0/0 default route without any routing marks and this is where all RB generated traffic will go without control.
If so, I find it a surprising lack of control for such routing software, that otherwise seems so controllable.
Setup a RouterBoard and don’t have any 0.0.0.0/0 non-marked route, instead have one with a Routing Mark of “ISP”.
Configure DNS and remote requests, and NTP and a time server.
Now, setup your PC to use the RB as it’s DNS server (if it isn’t already).
You’ll find you can’t get anywhere, and DNS requests fail.
I’ve tried creating rules in Output, too wide a rule and it interferres with connecting via winbox, setting a dst. address list of the ISP DNS servers and NTP server but nothing goes through them.
A rule should packet mark these as ISP, then another rule matches this packet mark and gives it a Routing Mark (reason for this is because I’m doing Nth load balancing, and I have two pppoe interfaces, one for each line).
Try it on your RB, just can’t seem to capture stuff from the RB itself.
Ok, it would appear that you HAVE to have a default route of 0.0.0.0/0 going somewhere without a routing mark, however it appears rules in output override this (as far as I can tell) to allow me to distribute the output from the RB.
Have a look over the PCC load-balancing thread to see some examples of traffic from the router itself (dns, proxy etc) as well as for the inside users.