Improved Load balancing with failover

jose · December 18, 2006, 7:33pm

hello

I am doing load balancing according to the example provided in the MT wiki http://wiki.mikrotik.com/wiki/Load_Balancing with very high success.

Now I would like to do failover also but it seems somewhat tricky because it is not just like to changing routes in /ip route because for each marked connection the packet is src-nated, not just masqueraded

Any ideas???

spire2z · December 18, 2006, 7:55pm

I do that kinda thing using scripts and netwatch. You can make different routes and disable them and make a script enable and disable different rules at will.

jose · December 18, 2006, 8:00pm

Yes but in this case is not just canging routes because the src-nat

Hellbound · December 20, 2006, 11:43am

I’ve wrote something, but its not complete yet.
there is a routing issue with routeros that will not
update arp record due that my both gateways
are using the same MAC address.

maybe you can try it and correct my mistakes?

Hope it helps

PS: remember that in one occasion i have used comment
as identifier.

schedule_A_down

#set variables
:local pingcount  3
:local ipA 211.24.149.42
:local GatewayA 211.24.149.41
:local ipB 211.24.139.114
:local GatewayB 211.24.139.113
:local website www.yahoo.com 

#ping gateways with src
:local pingresultA [/ping $website src-address=$ipA count=$pingcount]
:local pingresultB [/ping $website src-address=$ipB count=$pingcount]

:local timenow ([/system clock get date] . " / " . [/system clock get time])

# Link A or Link B is down then>
:if (($pingresultA=0) || ($pingresultB=0)) do={
#send email

:if (($pingresultA=0) && ($pingresultB=0)) do={
:local msg ("both of the gateways are down now at: " . $timenow)
/tool e-mail send subject=($ipA . " / " . $ipB . " are down at: " . $timenow) \
body=($msg) \ to=("zirnevis@gmail.com")
}

:if (($pingresultA=0) && ($pingresultB>0)) do={
:local msg ("The gateway is down now at: " . $timenow)
/tool e-mail send subject=($ipA . " is down at: " . $timenow) \
body=($msg) to=("zirnevis@gmail.com")
}

:if (($pingresultA>0) && ($pingresultB=0)) do={

:local msg ("The gateway is down now at: " . $timenow)
/tool e-mail send subject=($ipB . " is down at: " . $timenow) body=($msg) \
to=("zirnevis@gmail.com")}

#disable all multi-session balancing mangles
/ip firewall mangle set [find chain=prerouting in-interface=LAN \
connection-mark=even action=mark-routing passthrough=no] disabled=yes
/ip firewall mangle set [find chain=prerouting in-interface=LAN \
connection-state=new new-connection-mark=even passthrough=yes \
action=mark-connection nth=1,1,1] disabled=yes
/ip firewall mangle set [find chain=prerouting in-interface=LAN \
connection-mark=odd action=mark-routing new-routing-mark=odd \
passthrough=no] disabled=yes
/ip firewall mangle set [find chain=prerouting in-interface=LAN nth=1,1,0 \
action=mark-connection new-connection-mark=odd \
passthrough=yes] disabled=yes

/ip firewall mangle set [find comment="faisal"] disabled=yes

#disable current scheduler
/system scheduler set [find name=ping_google_link_A-down] disabled=yes

#enable -up scheduler
/system scheduler set [find name=ping_google_link_A-up] disabled=no

#set gateway to secondary or tertiary

#if link_A is DOWN and link_B is UP then:
:if (($pingresultA=0) && ($pingresultB>0)) do={
/ip route set [find comment="Default Gateway"] gateway=$GatewayB
/ip firewall mangle set [find comment="faisal"] disabled=no
}

#if link_A is UP and link_B is DOWN then:
:if (($pingresultA>0) && ($pingresultB=0)) do={
/ip route set [find comment="Default Gateway"] gateway=$GatewayA
/ip firewall mangle set [find comment="faisal"] disabled=yes
}

#if link_A and link_B both were DOWN then:
:if (($pingresultA=0) && ($pingresultB=0)) do={
/ip route set [find comment="Default Gateway"] gateway=$GatewayC
	/ip firewall mangle set [find comment="faisal"] disabled=yes
}
}

schedule_A_up

#set variables
:local pingcount 3
:local ipA 211.24.149.42
:local GatewayA 211.24.149.41
:local ipB 211.24.139.114
:local GatewayB 211.24.139.113
:local GatewayC 192.168.0.250
:local website www.yahoo.com 


#ping gateways with src
:local pingresultA [/ping $website src-address=$ipA count=$pingcount]
:local pingresultB [/ping $website src-address=$ipB count=$pingcount]

:local timenow ([/system clock get date] . " / " . [/system clock get time])

#if link_A is UP and link_B is DOWN then:
:if (($pingresultA=$pingcount) && ($pingresultB=0)) do={
:if ([/ip route get [find comment="Default Gateway"] gateway]!=$GatewayA) \
do={/ip route set [find comment="Default Gateway"] gateway=$GatewayA}
/ip firewall mangle set [find comment="faisal"] disabled=yes
}

#if link_A is DOWN and link_B is UP then:
:if (($pingresultA=0) && ($pingresultB=$pingcount)) do={
:if ([/ip route get [find comment="Default Gateway"] gateway]!=$GatewayB) \
do={/ip route set [find comment="Default Gateway"] gateway=$GatewayB}
/ip firewall mangle set [find comment="faisal"] disabled=no
}

#if both link DOWN:
:if (($pingresultA=0) && ($pingresultB=0)) do={
#if it is not already set then do it
:if ([/ip route get [find comment="Default Gateway"] gateway]!=$GatewayC) \
do={/ip route set [find comment="Default Gateway"] gateway=$GatewayC
/ip firewall mangle set [find comment="faisal"] disabled=yes}

}

# Link A and Link B both are UP:
:if (($pingresultA=$pingcount) && ($pingresultB=$pingcount)) do={
#send alert email
:local msg ("the gateway is backed up at: " . $timenow)
:local subject ($ipA . " / " . $ipB . " are up at: " . $timenow)
/tool e-mail send subject=($subject) body=($msg) to=("zirnevis@gmail.com")


#disable all multi-session balancing mangles
/ip firewall mangle set [find chain=prerouting in-interface=LAN \
connection-mark=even action=mark-routing passthrough=no] disabled=no
/ip firewall mangle set [find chain=prerouting in-interface=LAN \
connection-state=new new-connection-mark=even passthrough=yes \
action=mark-connection nth=1,1,1] disabled=no
/ip firewall mangle set [find chain=prerouting in-interface=LAN \
connection-mark=odd action=mark-routing new-routing-mark=odd \
passthrough=no] disabled=no
/ip firewall mangle set [find chain=prerouting in-interface=LAN nth=1,1,0 \
action=mark-connection new-connection-mark=odd \
passthrough=yes] disabled=no
/ip firewall mangle set [find comment="faisal"] disabled=no

#disable current scheduler
/system scheduler set [find name=ping_google_link_A-down] disabled=no

#enable -up scheduler
/system scheduler set [find name=ping_google_link_A-up] disabled=yes

#set gateway back to GatewayB
/ip route set [find comment="Default Gateway"] gateway=$GatewayB
}

maroon · May 24, 2007, 12:12pm

no comments from jose yet!

have you tried that script for failover? found any success!!