Load Balancing Persistent + Queue Tree QOS -- Is it Possible

funkytown · July 3, 2007, 12:30pm

Hey there,

I followed the WiKi on Load balancing at http://wiki.mikrotik.com/wiki/Load_Balancing and it is working very well for my 2 VDSL Lines.

/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=1,1,0 \
    action=mark-connection new-connection-mark=odd passthrough=yes comment="" \
    disabled=no 
add chain=prerouting in-interface=Local connection-mark=odd action=mark-routing \
    new-routing-mark=odd passthrough=no comment="" disabled=no 
add chain=prerouting in-interface=Local connection-state=new nth=1,1,1 \
    action=mark-connection new-connection-mark=even passthrough=yes comment="" \
    disabled=no 
add chain=prerouting in-interface=Local connection-mark=even action=mark-routing \
    new-routing-mark=even passthrough=no comment="" disabled=no 
/ ip firewall nat 
add chain=srcnat connection-mark=odd action=src-nat to-addresses=10.111.0.2 \
    to-ports=0-65535 comment="" disabled=no 
add chain=srcnat connection-mark=even action=src-nat to-addresses=10.112.0.2 \
    to-ports=0-65535 comment="" disabled=no 
/ ip route 
add dst-address=0.0.0.0/0 gateway=10.111.0.1 scope=255 target-scope=10 routing-mark=odd \
    comment="" disabled=no 
add dst-address=0.0.0.0/0 gateway=10.112.0.1 scope=255 target-scope=10 routing-mark=even \
    comment="" disabled=no 
add dst-address=0.0.0.0/0 gateway=10.112.0.1 scope=255 target-scope=10 comment="" \
    disabled=no

What i want to make next is prioritizing traffic based on ports with mangle and queue trees.
But whenever i put a qos mangle rule like

add chain=prerouting dest-port=80 action=mark-connection new-connection=HTTP passthrough=yes comment="" disabled=no
add chain=prerouting connection-mark=HTTP action=mark-packet new-packet-mark=HTTP passthrough=no comment="" disabled=no

it breaks the Load Balancing set up, probably because it overrides the odd/even connction-mark so the “ip firewall nat” rule which depends on that con-marks doesnt work anymore.

Is there any different way i can mark my connections / packets depending on port/protocol to use this marks in a queue tree for priorization?? of course without breaking my load balancing setup.

thanks for helping out!

gustkiller · July 3, 2007, 1:48pm

i have the same problem for a long time but still dunno how to do that

trakopel · September 10, 2007, 8:53pm

funkytown:

Hey there,

I followed the WiKi on Load balancing at http://wiki.mikrotik.com/wiki/Load_Balancing and it is working very well for my 2 VDSL Lines.
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=1,1,0 \
    action=mark-connection new-connection-mark=odd passthrough=yes comment="" \
    disabled=no 
add chain=prerouting in-interface=Local connection-mark=odd action=mark-routing \
    new-routing-mark=odd passthrough=no comment="" disabled=no 
add chain=prerouting in-interface=Local connection-state=new nth=1,1,1 \
    action=mark-connection new-connection-mark=even passthrough=yes comment="" \
    disabled=no 
add chain=prerouting in-interface=Local connection-mark=even action=mark-routing \
    new-routing-mark=even passthrough=no comment="" disabled=no 
/ ip firewall nat 
add chain=srcnat connection-mark=odd action=src-nat to-addresses=10.111.0.2 \
    to-ports=0-65535 comment="" disabled=no 
add chain=srcnat connection-mark=even action=src-nat to-addresses=10.112.0.2 \
    to-ports=0-65535 comment="" disabled=no 
/ ip route 
add dst-address=0.0.0.0/0 gateway=10.111.0.1 scope=255 target-scope=10 routing-mark=odd \
    comment="" disabled=no 
add dst-address=0.0.0.0/0 gateway=10.112.0.1 scope=255 target-scope=10 routing-mark=even \
    comment="" disabled=no 
add dst-address=0.0.0.0/0 gateway=10.112.0.1 scope=255 target-scope=10 comment="" \
    disabled=no
What i want to make next is prioritizing traffic based on ports with mangle and queue trees.
But whenever i put a qos mangle rule like
add chain=prerouting dest-port=80 action=mark-connection new-connection=HTTP passthrough=yes comment="" disabled=no
add chain=prerouting connection-mark=HTTP action=mark-packet new-packet-mark=HTTP passthrough=no comment="" disabled=no
it breaks the Load Balancing set up, probably because it overrides the odd/even connction-mark so the “ip firewall nat” rule which depends on that con-marks doesnt work anymore.

Is there any different way i can mark my connections / packets depending on port/protocol to use this marks in a queue tree for priorization?? of course without breaking my load balancing setup.

thanks for helping out!

try replace connection-mark by ROUTING-mark in nat seccion.

before= add chain=srcnat connection-mark=odd action=src-nat…
after= add chain=srcnat ROUTING-MARK=odd action=src-nat…

before= add chain=srcnat connection-mark=even action=src-nat…
after= add chain=srcnat ROUTING-MARK=even action=src-nat…

maybe works.. Sorry my bad english
Trakopel