I tried for years trying to get load balancing and transparent proxy right using Mikrotik and gave up in the end. I mostly experimented with ECMP, but I also gave NTH a try.
The problems I had:
HTTP downloads breaking - some people have this problem, others not. I had it and my customers hated me.
Certain other protocols breaking, e.g. SSL, MSN (so you end up policy routing these protocols)
In the end I opted for a separate load balancer and separate transparent proxy. My conclusion is it’s better to separate your load balancing role with your transparent proxy role. This might not always be possible because depending on your load balancer the moment you activate a transparent proxy all the source packets have the same address, that of the router. So you end up sending all your traffic via one route as you cannot identify different incoming lines.
At present I am using a Linksys RV016 as the load balancer (7x ports for load balance) and Mikrotik 2.9.x as the transparent proxy. This setup is stable, but I still have to policy route some protocols. The transparent proxy has 491 clients registered tonight. I have never had any downtime on the proxy but the Linksys occasionally reboots. Other people complain about performance of the Linksys. One feature I really like about the Linksys is it wants to know about the speed of each of your ports, upload and download. E.g. you can specify you have 384k upload and 4096k download. It obviously uses this information internally to properly balance the lines. Nice.
I am planning on migrating the transparent proxy to Mikrotik 3.0.x in the next month. I am a little bit nervous because I can’t compromise any of my clients, but since the proxy in Mikrotik 3 is completely new I might be pleasantly surprised. I really see forward to putting in a fast SATA drive for the proxy. I’ll publish my results.
I hope in the long term the guys at Mikrotik starts devoting more time to the desires of us mere mortals to load balance multiple connections AND use a transparent proxy. There is a big need for this, especially in developing countries where large T1-type lines are expensive and hard to come by. For now these people are stuck with load balancing multiple asymmetrical lines. Mikrotik is a ‘core’ product, whereas load balancing and transparent proxy is quite a ‘custom’ service, considering all the available parameters. What we need is some kind of wizard that help us load balance a few asymmetrical lines, set up a transparent proxy, and provide assistance with the most common types protocols such as SSL and IM that cannot be load balanced. This appears to be the most common type of request.
In the mean time I will continue making Load balance (multiple adsl, same provider and same IP gateway,
with proxy cache) on a Linux debian box (kernel tuned), with diferents HTB scripts that make all
work, QoS, availability and so on inslusive… he he.
I don’t know a better way to do it. I’m using it for years without any problem.
I home MT people consider to view this issue because, like you said, is a common
topic on countries where a T1/E1 is very expensive yet.
I have now 4x 12Mb ADSL2+ lines. For real 48Mb line you need to put a router into serverhousing (because of high speed line).
So the “outside” router has 1Gbps line with cca 2TB data limit(here I pay cca 130€ monthly for it).
Next step: I create 4xEoIP tunnel between each ADSL line and the outside router. Then I create BONDING interface with EoIP slaves. So users from LAN are going out through bonded EoIP tunnels and their public IP address is the IP of the outside router.
This way I’m getting real 48Mb line. For upload it has 2Mbps(4x 512kbps). Everything is working fine.
My simplified schema:
4x ADSL2+ Vigor2700 router in bridge mode. PPPoE is dialed from Mikrotik:
Vigor1 -----> mikrotik_home ether1
Vigor2 -----> mikrotik_home ether2
Vigor3 -----> mikrotik_home ether3
Vigor4 -----> mikrotik_home ether4
Outside router:
4x public IP address
On both routers(home and outside) you need to create routing rules, that will route the EoIP tunnel through needed interface.
It is a must because EoIP interfaces are created from both sides. And you need only 1 tunnel through 1 ADSL connection.
I’m trying to connect my local ROS (6 adsl) with my remote ROS (1 T1 line, and 6 public IPs)
Then I make 6 EOIP tunnels from local ROS to Remote ROS, using static routes in order to
each route use each adsl line.
Thath works very great…!!
My problem is my 6 ADSL on local router have IP dynamic, not static.
Then, I tried to setup PPtP server on remoter ROS, and make 6 PPTP tunels
from local ROS to remote ROS, and then make eoip over PPTP tunels.
My result is:
Bonding EoIP tunels over PPtP works, but I get a slow bandwidth.
Bonding EoIP tunels without PPtP works, and I get a great bandwidth,
but every time ADSL change IP, I must reconfigure EOIP remite IP address
on remote ROS.
There is a way to get all bandwidth when bonding EOIP tunels over PPTP ???
It will create host name for you and it will be always binded to the dynamic IP address - most of today routers support the dynamic DNS feature. You just enter you login credentials and it will work perfectly.
I was wandering if you could spare a few minutes to help a novice in line bonding… I have 2 ridiculously slow ADSL connections (2 ZTE’s, ZXHN H108NS Home Gateways), which I have (w/crossover) connected to my mikrotik RouterBOARD 2011L. Would you be willing to help me by giving me instructions to bond the 2 lines (ping:53 ms, Download 1.75 Mbps and upload 0.42 Mbps for both lines) using the webfig interface of the 2011L? Thanks in Advance.
These line speeds are not fast, todays websites are heavy and the experience will be “slow”.
“bonding” would require a piece of equipment in a datacenter, or someone to provide it as a service:
The ADSL lines may experience different speeds and latency, which does not play well with MikroTik’s bonding features.
How many clients will be using the lines at the same time?
I have approximately 10 cable (utp) lines feeding the house and a wifi router which I would like to feed with the result of the bonding process (maximum 4 users at any time)
