load balance problem, need help.

webberlink · September 14, 2007, 5:04pm

Hi,

I do load balance on router OS runing on Pentium 4. I have 2 ISPs and follow load balance exmaple in wiki. Here is my configuration.
My Modem1-router1 ip = 10.0.0.138
modem2-router2 = 192.168.1.1

Flags: X - disabled, I - invalid, D - dynamic

ADDRESS NETWORK BROADCAST INTERFACE

0 192.168.10.1/24 192.168.10.0 192.168.10.255 local1
1 10.0.0.2/24 10.0.0.0 10.0.0.255 wan1
2 192.168.1.2/24 192.168.1.0 192.168.1.255 wan2

0 chain=prerouting in-interface=local1 connection-state=new nth=1,1,0
action=mark-connection new-connection-mark=odd passthrough=yes

1 chain=prerouting in-interface=local1 connection-mark=odd
action=mark-routing new-routing-mark=odd passthrough=no

2 chain=prerouting in-interface=local1 connection-state=new nth=1,1,1
action=mark-connection new-connection-mark=even passthrough=yes

3 chain=prerouting in-interface=local1 connection-mark=even
action=mark-routing new-routing-mark=even passthrough=no

0 ;;; masquerade hotspot network chain=srcnat src-address=192.168.10.0/24 action=masquerade

1 chain=srcnat connection-mark=odd action=src-nat to-addresses=10.0.0.2
to-ports=0-65535
2 chain=srcnat connection-mark=even action=src-nat to-addresses=192.168.1.2
to-ports=0-65535

0 A S 0.0.0.0/0 r 192.168.1.1 1 wan2 routing- mark = even 1 A S 0.0.0.0/0 r 10.0.0.138 1 wan1 routing- mark = odd 2 A S 0.0.0.0/0 r 10.0.0.138 1 wan1 3 ADC 10.0.0.0/24 192.168.1.2 0 wan2 4 ADC 192.168.1.0/24 192.168.1.2 0 wan2 5 ADC 192.168.10.0/24 192.168.10.1 0 local1 \ \ Here is my question. 1. If I disable default gate way (#2). All pcs connected to this router cannot connect to the internet, Why? It seems that all connections use the default gate way(no mark).

How to verify that this load balance work? I test on client pc using tracert -d 8.8.8.8, all client pc shows that it uses default gateway (non mark).
What happen if one of ISPs line fail? Thank you very much.

GRiffiN · September 15, 2007, 12:35am

first:

IP firewall mangle>
2 chain=prerouting in-interface=local2 connection-state=new nth=1,1,1 
action=mark-connection new-connection-mark=even passthrough=yes 

3 chain=prerouting in-interface=local2 connection-mark=even 
action=mark-routing new-routing-mark=even passthrough=no

don’t you think that only “local1” interface available from your MT?

and then just type this from your winbox → new terminal:

ip route

then copy paste this:

add dst-address=0.0.0.0/0 gateway=10.0.0.2 scope=255 target-scope=10 routing-mark=odd \
    disabled=no 
add dst-address=0.0.0.0/0 gateway=192.168.1.2 scope=255 target-scope=10 routing-mark=even \
    disabled=no 
add dst-address=0.0.0.0/0 gateway=10.0.0.2 scope=255 target-scope=10 \
    disabled=no

then hit “Enter”, but before you do that, i think that you should disable / remove your old ip route configuration.

and try to disable the:

<ip firewall nat> 
0 ;;; masquerade hotspot network
chain=srcnat src-address=192.168.10.0/24 action=masquerade

second:
try to open http://www.whatismyip.com from web-browser, see ur ip add, and then reload/refresh it, see ur ip add again, you should get a diffrent ip add, if not, try to reload it again.
or from ur winbox → firewall → connection, see the mark-ed connection, it should be equal from odd / even connection that already establised.

third:
it should be automaticly switching to the other connection “automatic fail over”
why don’t u try it, unplug the power from first/second isp modem/router, and then try the method above.

hopefully it would help u.

webberlink · September 15, 2007, 3:17am

Hi, Griffin

Thank you so much for your help. I will try it today. Would you mind help answer the post that I post it in Multiple gateway and Multiple hotspot.

Many Thanks again.

shaunw · February 26, 2008, 9:23pm

Hi, I have a similar problem. Did you get a solution?

ab130kd · February 27, 2008, 8:13pm

Hi GRiffiN,
I would use multiple gateways but I cannot masquerade the source IP because the IP are Public IP…
The scenario is:
There is a big wireless lan, with many client; the routing inside the wlan is based on OSFP; now the provider buy connection from second provider. The all IP are public. All client go to one MT pentium4. Now the MT pc is connected to 2 ISP; how can i split the traffic based on source address without natting?

GRiffiN:

first:
IP firewall mangle>
2 chain=prerouting in-interface=local2 connection-state=new nth=1,1,1 
action=mark-connection new-connection-mark=even passthrough=yes 

3 chain=prerouting in-interface=local2 connection-mark=even 
action=mark-routing new-routing-mark=even passthrough=no
don’t you think that only “local1” interface available from your MT?

and then just type this from your winbox → new terminal:
ip route
then copy paste this:
add dst-address=0.0.0.0/0 gateway=10.0.0.2 scope=255 target-scope=10 routing-mark=odd \
    disabled=no 
add dst-address=0.0.0.0/0 gateway=192.168.1.2 scope=255 target-scope=10 routing-mark=even \
    disabled=no 
add dst-address=0.0.0.0/0 gateway=10.0.0.2 scope=255 target-scope=10 \
    disabled=no
then hit “Enter”, but before you do that, i think that you should disable / remove your old ip route configuration.

and try to disable the:
<ip firewall nat> 
0 ;;; masquerade hotspot network
chain=srcnat src-address=192.168.10.0/24 action=masquerade
second:
try to open http://www.whatismyip.com from web-browser, see ur ip add, and then reload/refresh it, see ur ip add again, you should get a diffrent ip add, if not, try to reload it again.
or from ur winbox → firewall → connection, see the mark-ed connection, it should be equal from odd / even connection that already establised.

third:
it should be automaticly switching to the other connection “automatic fail over”
why don’t u try it, unplug the power from first/second isp modem/router, and then try the method above.

hopefully it would help u.