How can I reeduce load over 1072 to 2 x 1036

amt · December 16, 2018, 8:51pm

Hi All,
I want to share load on ccr 1072 and divide it to two router… I share simple diagram to you all may help me.. bgp router connected to our upstream provider and we have 2 x /22 puplic ip and natting customer’s ip with them on CCR1072.. but I would like to nat customer’s ip’s on Router A and RouterB then disable conn track on 1072, what can I do on this situation ?

peterh · December 20, 2018, 11:34pm

Where is the CCR 1072 located? I don’t see it in the drawing. Is not visible because you have been drawing the target scenario with Router A+B (2x 1036?) already replacing the 1072? Or is the CCR 1072 called “BGP Router” in the drawing?

amt · December 21, 2018, 9:12am

hi peterh
Bgp router is 1072 and connected to our upstream provider, and we do nat on it to our customer’s, there are 1200 nat rule like;

/ip firewall nat add action=src-nat chain=srcnat  out-interface=WAN src-address=172.31.0.0/30 to-addresses=puplic_ip

and Router A and Router B is CCR 1036 conneted to 1072 via fiber optic.. We are struggling with the low traffic, We have 3Gb internet from provider but usage always 2.1 -2,2 and I tought that 1072 has not enough capabilitie to pass traffic easily.. I would like to nat customer ip’s on Router A and router B and disable conn track on 1072.

amt · December 21, 2018, 9:19am

can I route all puplic ip’s to both Router A and routerB then nat on them ?
for ex;

/ip route
add comment=to_roterA and RouterB distance=1 dst-address=xxx.xxx.xxx/24 gateway=10.10.1.5,10.10.1.2,10.10.1.10

For Router A there are 2 interface comes from bgp router so 10.10.1.5,10.10.1.10 use for it.. its use ecmp for get 2gb internet via 2 x 1gb link.

Thanks

amt · December 24, 2018, 11:18am

ip route
add comment=to_roterA and RouterB distance=1 dst-address=xxx.xxx.xxx/24 gateway=10.10.1.5,10.10.1.2,10.10.1.10

Tested and not work :=)

mducharme · December 24, 2018, 6:41pm

amt - I’m afraid I don’t quite understand the problem here. If the traffic is coming from the clients and passing through router A and B on the way to the BGP router, why not just do NAT there? Why do you need to send the traffic back to router A and router B after it has come from the inside?

If you mean routes for the return traffic, you would probably need a small public NAT subnet or single IP that is unique to router A and another one that is unique to router B that you can route to them. I don’t see why you need a static route to do that though if you have OSPF or BGP.

amt · December 25, 2018, 9:26am

hello mducharme;

bgp router connected to upstream provider via bgp and Other network mean ABR Router’s or pppoe_servers vs, we have some puplic ip’s and nat customer’s ip addresses with these puplic ip on bgp router. there are 1200 nat rule on bgp router which is CCR1072 and I would like to route puplic ip’s to router A and B then nat customer IP’s on Router A and B.

Deywid · January 6, 2019, 5:51pm

Always prefer 2x 1036 than a 1072.

See the topic …

http://forum.mikrotik.com/t/ccr1072-watchdog-reboot/109522/1

We are still waiting for mikrotik’s official position on the CCR1072 freezes without any solution or information.

Complete wrapping of your best product, fix, worst product.

amt · January 7, 2019, 6:22am

you are absolutely right, I see complaints about 1072 in the forum constantly. But I am lucky that I have no problem with 1072 reboot. just see that always one cpu hitting to %100 and I thought that if i put natting to another device it will work more relax.

thanks for your suggestion