Hi!
I have such setup:
2 WAN links - 1 ADSL PPPoE and 1 Ethernet (DHCP) from different ISPs
I set up load balancing
/ip firewall mangle
;;; Mark NTH2-1
chain=prerouting action=mark-packet new-packet-mark=nlb-krasnet0 passthrough=yes connection-state=new nth=2,1
5 ;;; Mark NTH2-2
chain=prerouting action=mark-packet new-packet-mark=nlb-wan1 passthrough=yes connection-state=new nth=2,2
6 ;;; Mark krasnet0
chain=prerouting action=mark-connection new-connection-mark=nlb-krasnet0 passthrough=yes packet-mark=nlb-krasnet0
7 ;;; Mark krasnet0
chain=prerouting action=mark-routing new-routing-mark=nlb-krasnet0 passthrough=no packet-mark=nlb-krasnet0
8 ;;; Mark wan1
chain=prerouting action=mark-connection new-connection-mark=nlb-wan1 passthrough=yes packet-mark=nlb-wan1
9 ;;; Mark wan1
chain=prerouting action=mark-routing new-routing-mark=nlb-wan1 passthrough=no packet-mark=nlb-wan1
/ip routes (now they are disabled)
1 X S ;;; NLB GW2
0.0.0.0/0 84.22.135.178 reachable 84.22.135.177 1 wan1
3 X S ;;; NLB GW1
0.0.0.0/0 87.103.157.200 reachable krasnet0 1 krasnet0
/ip firewall nat
6 chain=srcnat action=masquerade src-address=10.168.0.0/24 out-interface=krasnet0 connection-mark=nlb-krasnet0
7 chain=srcnat action=masquerade src-address=10.168.0.0/24 out-interface=wan1 connection-mark=nlb-wan1
Load balancing works fine, but there is one problem
Each of ISPs have internal resources (ftp, game servers etc) which are accessible only via isp’s connection. I have made some static routes for such resources and now, with balancing, sometimes I can’t access this resources because MT uses wrong interface
Is there any way to avoid this?