Hi,
We are currently load balancing our traffic over multiple providers on separate interfaces using PCC and masquerade NAT. We would also like to make the traffic going an interface isn’t all sharing the ip and also split the traffic on each interface over say 5 ip addresses. Is this possible and how? You can’t srcnat based on subnet block as that would defeat the PCC. Any help would be appreciated.
The first sentence quoted seems to have suffered some editing, but if I get you right, you want to use PCC together with src-nat using a pool of addresses on each WAN uplink rather than a single address.
If you use the pcc matcher to assign connection marks to choose WANs, you can use those same connection marks also to choose a src-nat rule. Assume you have two WANs and you want to use two addresses on each. So you use four action=mark-connection pcc=4,x rules to assign connection marks w1a1, w1a2, w2a3, w2a4.
You then translate both w1a1 and w1a2 to the same routing mark identifying a routing table which sends traffic via WAN 1, and both w2a3 and w2a4 to the same routing mark identifying a routing table which sends traffic via WAN2.
And in /ip firewall nat, you use rules translating these connection marks to source addresses:
action=src-nat chain=srcnat out-interface=wan1 connection-mark=w1a1 to-addresses=addr-1
action=src-nat chain=srcnat out-interface=wan1 connection-mark=w1a2 to-addresses=addr-2
action=src-nat chain=srcnat out-interface=wan2 connection-mark=w2a3 to-addresses=addr-3
action=src-nat chain=srcnat out-interface=wan2 connection-mark=w3a4 to-addresses=addr-4
If one or both of these two routing tables contain also backup routes via the other WAN, you need to add another pair of nat rules per each backup route which translates the “incompatible” connection marks to source addresses applicable on the relevant wan:
action=src-nat chain=srcnat out-interface=wan1 connection-mark=w2a3 to-addresses=addr-1
action=src-nat chain=srcnat out-interface=wan1 connection-mark=w2a4 to-addresses=addr-2
action=src-nat chain=srcnat out-interface=wan2 connection-mark=w1a1 to-addresses=addr-3
action=src-nat chain=srcnat out-interface=wan2 connection-mark=w1a2 to-addresses=addr-4
Thanks