Load Balancing over Multiple Gateways

RouterOS General
1

Hi!

I’ve been searching for something like this a while ago:

http://wiki.mikrotik.com/wiki/Load_Balancing_over_Multiple_Gateways

…and it works fine, the way I wanted it to, but one thing happens when I do this, I lose access to the web configuration interface of all my devices, modems and wireless gear connected to the Ethernet ports.

I have two ADSL Modens and two wireless APs, one is a Ubiquiti Rocket M2 and the other one is a Bullet M2, each on one ethernet interface. The routerboard is one 750G with Router OS 5.12.

Is there a way I can do this without losing access to the web config of the devices?

Thanks!

2

You can make the rules which set the route marks not do this for the devices which you want to configure.

Make an address list with the IP addresses of the devices in it.

Then on the mangle rules go to the advanced tab, and pick the address list in Dst Address List, and select the checkbox to NOT the selection.

This will stop the mangle rules being applied when you go to any of the addresses in the address list.

Hope that helps

Nick.

3

Thanks for the reply!

If I do this, all the clients connected to that IP range cannot access the Internet, all data stops being sent to the Modem # 2 - The Second ISP. My need and configuration is as follow:

  • ADSL Modem - ISP #1
  • ADSL Modem - ISP # 2
  • LAN Clients - on Eth # 3
  • Wireless Cliets # 1 - Bullet M2
  • Wireless Clients # 2 - Rocket M2.

I want to route the LAN Clients and Wireless Clients # 1 to the ISP #1, and the Wireless Clients #2 only to the ISP # 2. This is the way I need, to keep the Internet traffic separated to each ISP, unless one of the links is down when the other assumes all traffic.

I can do this, the way that tutorial explained it works fine, the only problem is I can’t access the web interface of the devices, be it the Modens, APs and Clients CPEs, but on the RouterOS Terminal I can ping them all, I can’t ping via cmd though.

Thanks once again!

Update:

I can still use this whenever I need to access some clients CPE and once all the configurarion is finished I remove its IP address from the rule. Its not the most elegant solution, but I can live with it. :slight_smile:

4

I think we need more information.

Can you paste the output of:

/ip address print
/ip route print
/ip firewall mangle print

and give examples of your client IPs, and the IPs of the devices which you are trying to configure.

Nick.

5

Sorry for taking so long to post a reply with the information you asked for. I had a few problems that took all my time and willing to solve this problem, but I'm back again posting what you had asked me. I still want to solve this little problem. Thanks for spending your time with me.


/ip address print

ADDRESS NETWORK INTERFACE

0 192.168.0.1/24 192.168.0.0 Wireless2
1 192.168.1.1/24 192.168.1.0 Wireless1
2 192.168.3.1/24 192.168.3.0 Cabo
3 10.1.1.5/24 10.1.1.0 LinkInternet
4 192.168.254.5/24 192.168.254.0 LinkInternet2
5 D 189.xx.xxx.xx/32 201.xx.xxx.xx pppoe-out1

/ip route print

DST-ADDRESS PREF-SRC GATEWAY DISTANCE

0 A S 10.1.1.5/32 LinkInternet 1
1 A S 10.1.1.5/32 LinkInternet 1
2 A S 0.0.0.0/0 pppoe-out1 2
3 A S 0.0.0.0/0 10.1.1.1 1
4 DS 0.0.0.0/0 201.xx.xx.xx 1
5 S 0.0.0.0/0 pppoe-out1 2
6 ADC 10.1.1.0/24 10.1.1.5 LinkInternet 0
7 ADC 192.168.0.0/24 192.168.0.1 Wireless2 0
8 ADC 192.168.1.0/24 192.168.1.1 Wireless1 0
9 ADC 192.168.3.0/24 192.168.3.1 Cabo 0
10 ADC 192.168.254.0/24 192.168.254.5 LinkInternet2 0
11 ADC 201.10.xxx.xx/32 189.xx.xx.xx pppoe-out1 0

/ip firewall mangle print:

0 chain=prerouting action=mark-connection new-connection-mark=fazendinha
passthrough=yes protocol=tcp content=happyfarm.mentez.com

1 chain=prerouting action=mark-packet new-packet-mark=fazendinha passthrough=no
connection-mark=fazendinha

2 chain=prerouting action=mark-connection new-connection-mark=Megacity
passthrough=yes protocol=tcp content=vostu.com

3 chain=prerouting action=mark-packet new-packet-mark=megacity passthrough=no
connection-mark=Megacity

4 ;;; Roteamento Grupo1
chain=prerouting action=mark-routing new-routing-mark=Grupo1 passthrough=no
src-address=192.168.3.10-192.168.3.254

5 ;;; Roteamento Grupo 2
chain=prerouting action=mark-routing new-routing-mark=Grupo2 passthrough=no
src-address=192.168.1.0/24

6 ;;; Roteamento Grupo 3
chain=prerouting action=mark-routing new-routing-mark=Grupo3 passthrough=no
src-address=192.168.0.50-192.168.0.253 dst-address-list=!192.168.0.58

\

My network is divided in Local Clients which is connected to the "Cabo" Interface, this interface is set to the 192.168.3.0/24 network. The "Wireless Interface" is connected to a Wireless AP, A Ubiquiti Bullet M2 and IP address of this network is 192.168.1.0/24, there is another interface called Wireless 2 which is connected to a Ubiquiti Rocket M2 and the IP Adddress of this network is 192.168.0.0/24. The other to interfaces left there is one bridged ADSL Modem (192.168.254.1) and on the other one is a routed ADSL Modem (10.1.1.1). What I basically want to do is make all the clients, computers connected to the "Cabo" Interface and Wireless Interface use the Link from the ADSL Modem (10.1.1.1) and the clients from the Wireless 2 Only, use the other ADSL Modem (192.168.254.1). I have changed the modem IPs and configuration since I posted the first message, one is now bridged and the other routed. I could not make the two modems work on bridge mode. It is working now the way I want, apart from the fact that I can't access the Wireless 2 Client CPE's web interface. And the failover thing is not working as I wanted, I mean, If one internet connection goes down, the other one assumes the traffic of all interfaces until it comes back on no matter which modem goes down...

6

I did what wiki told in here:
http://wiki.mikrotik.com/wiki/Load_Balancing_over_Multiple_Gateways
But it’s not woking for me.

I have two ADSL modem:
192.168.8.1 connected to ether 9
192.168.9.1 connected to ether 8

I just want one of my IPs(10.10.111.145) use ether 9. So I did this:

1- I set a Mangle rule:
chain: prerouting - src. add: 10.10.111.145
action: mark routing - New Routing Mark: ComputerName

2- I setup a route:
Dst. Add: 0.0.0.0 - Gateway: 192.168.8.1(reachable) - Routing Mark: ComputerName

3- I already had a NAT rule:
chain: srcnat - Scr. Add.: 10.10.111.0/24 - Dst. Add.: not 10.10.0.0/16
Action: masquerade

But again, my tracert shows that the IP add. uses 192.168.9.1 instead of 192.168.8.1

What is wrong?

Thanks