I’d like to request a feature enhancement for ECMP (Equal Cost Multi-Path) in RouterOS 7.
Currently, ECMP uses a Layer 3 hash that includes both source and destination IPs. While this works for many cases, it creates problems when using round-robin src-nat with multiple source IPs (e.g., for multi-WAN load balancing). The result is inconsistent and unstable path selection, especially with NAT pools, making traffic flow unpredictable.
Feature Request:
Please provide a configuration option that allows ECMP to use only the source IP in the Layer 3 hash. This would help:
• Achieve more stable and predictable traffic flow in NAT round-robin scenarios
• Simplify policy-based routing setups
• Improve multi-WAN reliability with multiple public IPs
• Avoid asymmetric routing issues caused by hash fluctuations
This small change would provide significant benefit for ISP and enterprise environments where source-based routing logic is required.
Thanks in advance for considering this. If needed, I can share example configurations and real-world use cases.
Sincerely,
Tishri Calimbo Clarin
Network Engineer / ISP Consultant
Visual Security System IT Solutions tishriclarin@outlook.com
Did you make your suggestion directly to Mikrotik via their support page sub section Suggestion ( vice Bug )??
Seems like an L3-lite is a very worthwhile suggestion.
That’s a really good idea. Never thought about this, but fill the gap where you’d want “more stability” in load balancing.
Now that come at expense of diversity/spreading, so potentially less optimal at maximizing bandwidth… Now if you have enough clients, it still get close to balance. And no load balance technique is going to “perfectly” balance bandwidth. So… your suggestion to essentially have a “prefer stability” option, as the opposite of “max diversity” in the new L4 ECMP options.
While good to have a thread about your idea, you should also submit it to MikroTik via their portal help.mikrotik.com, there is a “feature request” category in their JIRA.
ECMP 90% of the time it works for us but we are having issues with HTTPS some sites behind the L7 load balancers is kicking us in the butt, in the old days where HTTPS is not that common compare to what we have today, we used netfilter module SAME to workaround this. how about NETMAP in conjunction with ECMP + NAT POOL? I’m just thinking aloud here
Clever. Now I cannot quite picture that, but I’m sure there is some tricks to pull with netmap…
But issue is PCC already let you do this, which be less complex than some netmap-based scheme.
IMO the use case for ECMP for WAN load balancing is avoiding needing firewall changes required for PCC (and other firewall-based schemes) & ECMP is generally “simpler”. The newer L4 options get you closer to the same options as PCC with ECMP… but PCC’s “src-address” was not included in L3-inner/L4 options.
Which begs another thought… why not just match PCC options with ECMP options. PCC support all the combos of src/dest/both + ipaddr/port/both.
And that what make this idea decent. There are cases where some middleboxes in path want all traffic from same IP. And special casing IPs in routing rules isn’t always practical, or at least a game of whack-a-mole.