Load Balancing with 3 ADSL links

prologic · June 22, 2007, 8:00am

Hi all,

I’ve been reading the following wiki about
load balancing across 2 gateways. I understand
that if you want to do this with 3, you just
simply modify the number of packets being
split.

See: http://wiki.mikrotik.com/wiki/Load_Balancing

However I have concerns. If these gateways
are ADSL links (each has a static ip), what
happens if one of them goes down for any
length of time ?

Also I believe the ISP my network is one
uses dynamic routers, and the gateway
addresses cannot be relied upon.

Appreicate some feedback on this one
as I want to load balance these 3 ADSL
links if I can to provide more bandwidth
to the network and it’s users.

cheers
James

Equis · June 22, 2007, 10:50am

Can you use adsl modem/routers instead of just modems

That way the MT gateways will be the same.

You could use netwatch, if one goes down disable the mangle & send you and email etc.

prologic · June 23, 2007, 4:21am

Hi,

In my experience I have always used ADSL
Modems in bridged mode and the PPPoE/PPP
session has always been controlled by MikroTik.

If I switched them all (3 adsl modems) to
router mode and the adsl modems handled
the pppoe/ppp session to the ISP …

I would get static gateways - though
I’d have to reconfigure the network on
the main router slightly and give each
ADSL modem an ip address of some kind.

Q: Which method performs better ?
Q: Are there any benefits of one over the other ?

cheers
James

pedja · June 23, 2007, 1:36pm

I had similar problem: gateway IP is changed frequently. So I had to set adsl router to make pppoe connection and provide it’s own address as gateway. That is the gain: static gateway.

Odd is that MT cannot know if ADSL connection si down or not, as it now only sees ADSL router.

When MT makes ppoe conection over the ADSL bridge, then, if connection fails, MT knows it and all rules regarding that connection are disbled - meaning, that that connection would be simply taken out of load balancing by redirecting all traffic to other links(s)

Some time ago I started topic with the same question, and also I posted some script that manages dynamic gateway: http://forum.mikrotik.com/viewtopic.php?f=2&t=14461&start=0&st=0&sk=t&sd=a

prologic · June 25, 2007, 5:01pm

HI all,

Using the howto on the wiki I have ran
into a problem. How do you set routing-mark
on pppoe-client connections ? (ADSL).

I tried to turn “add-default-route” off
on all 3 adsl links and add static default
routes to the gateways.

I can ping the gateway, but I get
“no route to host” when I ping something
on the itnernet or beyond.

cheers
James

prologic · June 28, 2007, 8:20am

Hi all,

I’d love to get some help on this issue.
Please see previous msg.

I’ve attached a copy of my current config
which doesn’t work as expected yet.

cheers
James

prologic · June 28, 2007, 8:23am

Attachment didn’t work

/ip address 
add address=10.0.0.1/28 broadcast=10.0.0.15 comment="" disabled=no \
    interface=lan network=10.0.0.0 

/ip firewall mangle 
add action=mark-connection chain=prerouting comment="" connection-state=new \
    disabled=yes in-interface=lan new-connection-mark=1st nth=3,1 \
    passthrough=yes 
add action=mark-routing chain=prerouting comment="" connection-mark=1st \
    disabled=yes new-routing-mark=1st passthrough=no 
add action=mark-connection chain=prerouting comment="" connection-state=new \
    disabled=yes in-interface=lan new-connection-mark=2nd nth=3,2 \
    passthrough=yes 
add action=mark-routing chain=prerouting comment="" connection-mark=2nd \
    disabled=yes new-routing-mark=2nd passthrough=no 
add action=mark-connection chain=prerouting comment="" connection-state=new \
    disabled=yes in-interface=lan new-connection-mark=3rd nth=3,3 \
    passthrough=yes 
add action=mark-routing chain=prerouting comment="" connection-mark=3rd \
    disabled=yes new-routing-mark=3rd passthrough=no 

/ip firewall nat 
add action=masquerade chain=srcnat comment="" disabled=no \
    src-address=10.0.0.0/28 
add action=src-nat chain=srcnat comment="" connection-mark=1st disabled=yes \
    to-addresses=10.1.0.8 to-ports=0-65535 
add action=src-nat chain=srcnat comment="" connection-mark=2nd disabled=yes \
    to-addresses=10.1.0.9 to-ports=0-65535 
add action=src-nat chain=srcnat comment="" connection-mark=3rd disabled=yes \
    to-addresses=10.1.0.10 to-ports=0-65535 

/interface pppoe-client 
add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 comment="" \
    dial-on-demand=no disabled=no interface=modem1 max-mru=1480 max-mtu=1480 \
    name="bigpond1" password="semaj2891" profile=default service-name="" \
    use-peer-dns=no user="gw1" 
add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 comment="" \
    dial-on-demand=no disabled=no interface=modem2 max-mru=1480 max-mtu=1480 \
    name="bigpond2" password="semaj2891" profile=default service-name="" \
    use-peer-dns=no user="gw2" 
add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 comment="" \
    dial-on-demand=no disabled=no interface=modem3 max-mru=1480 max-mtu=1480 \
    name="bigpond3" password="semaj2891" profile=default service-name="" \
    use-peer-dns=no user="gw3"

Please ignore “disabled=yes”. This config
doesn’t do what I want and makes the network
unusable - so they are disabled atm.

cheers
James

hilton · July 9, 2008, 7:20pm

James did you come right with this?

ekkas · April 15, 2011, 10:26am

You want to sell your setup or your router?
Good luck with that.
Not a good idea to use the forum as a marketing tool.
We all help each other for free.

qdza · April 16, 2011, 11:25am

Yeah that’s right

We all help each other for free.

Ban for seller!!!

ekkas · April 16, 2011, 5:55pm

Just ask and I’ll post my 6 ADSL setup with national/international split, combining PCC for ‘sensitive’ (read 443) ports & address list of IPs(normal sites that doesn’t like Nth load balancing) with Nth for super fast multi-session downloads from the rest.

for free. lol

xezen · April 17, 2011, 6:45pm

then please post some info for use

ekkas · April 18, 2011, 1:06pm

This is a quick slap-together.
If it’s really needed, I can maybe put in on Wiki and add more description/explanations to it and clean it up a bit.

What is basically does is:
Have address-lists to force certain IPs to go out over certain lines.
Split local and international traffic into each it’s own chain.
For each chain:
Do PCC load balancing for problem ports.
Do Nth load balancing for rest of traffic.

Not shown is VoIP QOS queues, but it’s another story anycase.
then there are a few other rules to make IPs ping-able from internet and network. (In/Out marks)

Remove sections with **
I have now 7 ADSL lines, first 5 have 2 PPPOE on each, a national (local) and International account.
Other 2 ADSLs have accounts that is used only for VoIP.

/ip firewall mangle

First we mark incoming (into router itself) connections on each interface

add action=mark-connection chain=input comment=“Incoming ADSL1” disabled=no
in-interface=ADSL1 new-connection-mark=Cdsl1 passthrough=yes
add action=mark-connection chain=input comment=“Incoming ADSL2” disabled=no
in-interface=ADSL2 new-connection-mark=Cdsl2 passthrough=yes
add action=mark-connection chain=input comment=“Incoming ADSL3” disabled=no
in-interface=ADSL3 new-connection-mark=Cdsl3 passthrough=yes
add action=mark-connection chain=input comment=“Incoming ADSL4” disabled=no
in-interface=ADSL4 new-connection-mark=Cdsl4 passthrough=yes
add action=mark-connection chain=input comment=“Incoming ADSL5” disabled=no
in-interface=ADSL5 new-connection-mark=Cdsl5 passthrough=yes
add action=mark-connection chain=input comment=“Incoming LOCAL1” disabled=no
in-interface=LOCAL1 new-connection-mark=Cloc1 passthrough=yes
add action=mark-connection chain=input comment=“Incoming LOCAL2” disabled=no
in-interface=LOCAL2 new-connection-mark=Cloc2 passthrough=yes
add action=mark-connection chain=input comment=“Incoming LOCAL3” disabled=no
in-interface=LOCAL3 new-connection-mark=Cloc3 passthrough=yes
add action=mark-connection chain=input comment=“Incoming LOCAL4” disabled=no
in-interface=LOCAL4 new-connection-mark=Cloc4 passthrough=yes
add action=mark-connection chain=input comment=“Incoming LOCAL5” disabled=no
in-interface=LOCAL5 new-connection-mark=Cloc5 passthrough=yes
add action=mark-connection chain=input comment=“Incoming VOIP01” disabled=no
in-interface=VOIP01 new-connection-mark=CVOIP01 passthrough=yes
add action=mark-connection chain=input comment=“Incoming VOIP02” disabled=no
in-interface=VOIP02 new-connection-mark=CVOIP02 passthrough=yes

Then mark outgoing (out of router itself) on each interface

add action=mark-routing chain=output comment=“Outgoing VOIP01”
connection-mark=CVOIP01 disabled=no new-routing-mark=RVOIP01 passthrough=
no
add action=mark-routing chain=output comment=“Outgoing VOIP02”
connection-mark=CVOIP02 disabled=no new-routing-mark=RVOIP02 passthrough=
no
add action=mark-routing chain=output comment=“Outgoing WAN1” connection-mark=
Cwan1 disabled=no new-routing-mark=Rwan1 passthrough=no
add action=mark-routing chain=output comment=“Outgoing ADSL1”
connection-mark=Cdsl1 disabled=no new-routing-mark=Rdsl1 passthrough=no
add action=mark-routing chain=output comment=“Outgoing ADSL2”
connection-mark=Cdsl2 disabled=no new-routing-mark=Rdsl2 passthrough=no
add action=mark-routing chain=output comment=“Outgoing ADSL3”
connection-mark=Cdsl3 disabled=no new-routing-mark=Rdsl3 passthrough=no
add action=mark-routing chain=output comment=“Outgoing ADSL4”
connection-mark=Cdsl4 disabled=no new-routing-mark=Rdsl4 passthrough=no
add action=mark-routing chain=output comment=“Outgoing ADSL5”
connection-mark=Cdsl5 disabled=no new-routing-mark=Rdsl5 passthrough=no
add action=mark-routing chain=output comment=“Outgoing LOCAL1”
connection-mark=Cloc1 disabled=no new-routing-mark=Rloc1 passthrough=no
add action=mark-routing chain=output comment=“Outgoing LOCAL2”
connection-mark=Cloc2 disabled=no new-routing-mark=Rloc2 passthrough=no
add action=mark-routing chain=output comment=“Outgoing LOCAL3”
connection-mark=Cloc3 disabled=no new-routing-mark=Rloc3 passthrough=no
add action=mark-routing chain=output comment=“Outgoing LOCAL4”
connection-mark=Cloc4 disabled=no new-routing-mark=Rloc4 passthrough=no
add action=mark-routing chain=output comment=“Outgoing LOCAL5”
connection-mark=Cloc5 disabled=no new-routing-mark=Rloc5 passthrough=no

Now mark incoming connections of each interface (that is destined to be routed)

add action=mark-connection chain=prerouting comment=“Incoming ADSL1”
connection-state=new disabled=no in-interface=ADSL1 new-connection-mark=
Cdsl1 passthrough=yes
add action=mark-connection chain=prerouting comment=“Incoming ADSL2”
connection-state=new disabled=no in-interface=ADSL2 new-connection-mark=
Cdsl2 passthrough=yes
add action=mark-connection chain=prerouting comment=“Incoming ADSL3”
connection-state=new disabled=no in-interface=ADSL3 new-connection-mark=
Cdsl3 passthrough=yes
add action=mark-connection chain=prerouting comment=“Incoming ADSL4”
connection-state=new disabled=no in-interface=ADSL4 new-connection-mark=
Cdsl4 passthrough=yes
add action=mark-connection chain=prerouting comment=“Incoming ADSL5”
connection-state=new disabled=no in-interface=ADSL5 new-connection-mark=
Cdsl5 passthrough=yes
add action=mark-connection chain=prerouting comment=“Incoming LOCAL1”
connection-state=new disabled=no in-interface=LOCAL1 new-connection-mark=
Cloc1 passthrough=yes
add action=mark-connection chain=prerouting comment=“Incoming LOCAL2”
connection-state=new disabled=no in-interface=LOCAL2 new-connection-mark=
Cloc2 passthrough=yes
add action=mark-connection chain=prerouting comment=“Incoming LOCAL3”
connection-state=new disabled=no in-interface=LOCAL3 new-connection-mark=
Cloc3 passthrough=yes
add action=mark-connection chain=prerouting comment=“Incoming LOCAL4”
connection-state=new disabled=no in-interface=LOCAL4 new-connection-mark=
Cloc4 passthrough=yes
add action=mark-connection chain=prerouting comment=“Incoming LOCAL5”
connection-state=new disabled=no in-interface=LOCAL5 new-connection-mark=
Cloc5 passthrough=yes

Mark packets for VoIP QOS, my VoIP server is 10.1.1.5

add action=mark-packet chain=prerouting comment=“VOIP Qos 26” disabled=no
dscp=26 new-packet-mark=VoIPIAX passthrough=yes
add action=mark-packet chain=prerouting comment=“VOIP Qos 46” disabled=no
dscp=46 new-packet-mark=VoIPIAX passthrough=yes
add action=mark-packet chain=prerouting comment=“VOIP Qos 56” disabled=no
dscp=56 new-packet-mark=VoIPIAX passthrough=yes
add action=mark-packet chain=prerouting comment=“VOIP Qos 59” disabled=no
dscp=59 new-packet-mark=VoIPIAX passthrough=yes
add action=mark-packet chain=prerouting comment=VoIP disabled=no dst-port=
4569 new-packet-mark=VoIPIAX passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment=VoIP disabled=no
new-packet-mark=VoIPIAX passthrough=yes protocol=udp src-port=4569
add action=mark-packet chain=prerouting comment=“VOIP by SrcIP” disabled=no
new-packet-mark=VoIPIAX passthrough=yes src-address=10.1.1.5
add action=mark-packet chain=prerouting comment=“VOIP by DstIP” disabled=no
dst-address=10.1.1.5 new-packet-mark=VoIPIAX passthrough=yes
add action=mark-packet chain=prerouting comment=“Not VOIP” disabled=no
new-packet-mark=TheRest packet-mark=!VoIPIAX passthrough=yes

Mark any connectiong that is already marked, give it routing mark

add action=mark-routing chain=prerouting comment=“RMark already WAN1”
connection-mark=Cwan1 disabled=no in-interface=TRUE new-routing-mark=
Rwan1 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already ADSL1”
connection-mark=Cdsl1 disabled=no in-interface=TRUE new-routing-mark=
Rdsl1 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already ADSL2”
connection-mark=Cdsl2 disabled=no in-interface=TRUE new-routing-mark=
Rdsl2 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already ADSL3”
connection-mark=Cdsl3 disabled=no in-interface=TRUE new-routing-mark=
Rdsl3 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already ADSL4”
connection-mark=Cdsl4 disabled=no in-interface=TRUE new-routing-mark=
Rdsl4 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already ADSL5”
connection-mark=Cdsl5 disabled=no in-interface=TRUE new-routing-mark=
Rdsl5 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already LOCAL1”
connection-mark=Cloc1 disabled=no in-interface=TRUE new-routing-mark=
Rloc1 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already LOCAL2”
connection-mark=Cloc2 disabled=no in-interface=TRUE new-routing-mark=
Rloc2 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already LOCAL3”
connection-mark=Cloc3 disabled=no in-interface=TRUE new-routing-mark=
Rloc3 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already LOCAL4”
connection-mark=Cloc4 disabled=no in-interface=TRUE new-routing-mark=
Rloc4 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already LOCAL5”
connection-mark=Cloc5 disabled=no in-interface=TRUE new-routing-mark=
Rloc5 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already VOIP01”
connection-mark=CVOIP01 disabled=no in-interface=TRUE new-routing-mark=
RVOIP01 passthrough=no
add action=mark-routing chain=prerouting comment=“RMark already VOIP02”
connection-mark=CVOIP02 disabled=no in-interface=TRUE new-routing-mark=
RVOIP02 passthrough=no

Do some force-marking based on IP ranges in adress list, forcing certain dst-ip to go through certain ADSLs (first connection mark, then routing mark

add action=mark-connection chain=prerouting comment=“CMark Force CVOIP01”
disabled=no dst-address-list=ForceVOIP1 dst-address-type=!local
in-interface=TRUE new-connection-mark=CVOIP01 passthrough=yes
add action=mark-routing chain=prerouting comment=“RMark VOIP1”
connection-mark=CVOIP01 disabled=no in-interface=TRUE new-routing-mark=
RVOIP01 passthrough=no
add action=mark-connection chain=prerouting comment=“CMark Force CVOIP02”
disabled=no dst-address-list=ForceVOIP2 dst-address-type=!local
in-interface=TRUE new-connection-mark=CVOIP02 passthrough=yes
add action=mark-routing chain=prerouting comment=“RMark Voip2”
connection-mark=CVOIP02 disabled=no in-interface=TRUE new-routing-mark=
RVOIP02 passthrough=no

add action=mark-connection chain=prerouting comment=“CMark Force ADSL1”
disabled=no dst-address-list=ForceADSL1 dst-address-type=!local
in-interface=TRUE new-connection-mark=Cdsl1 passthrough=yes
add action=mark-routing chain=prerouting comment=“RMark Force ADSL1”
connection-mark=Cdsl1 disabled=no in-interface=TRUE new-routing-mark=
Rdsl1 passthrough=no
add action=mark-connection chain=prerouting comment=“CMark Force ADSL2”
disabled=no dst-address-list=ForceADSL2 dst-address-type=!local
in-interface=TRUE new-connection-mark=Cdsl2 passthrough=yes
add action=mark-routing chain=prerouting comment=“RMark Force ADSL2”
connection-mark=Cdsl2 disabled=no in-interface=TRUE new-routing-mark=
Rdsl2 passthrough=no
add action=mark-connection chain=prerouting comment=“CMark Force ADSL3”
disabled=no dst-address-list=ForceADSL3 dst-address-type=!local
in-interface=TRUE new-connection-mark=Cdsl3 passthrough=yes
add action=mark-routing chain=prerouting comment=“RMark Force ADSL3”
connection-mark=Cdsl3 disabled=no in-interface=TRUE new-routing-mark=
Rdsl3 passthrough=no
add action=mark-connection chain=prerouting comment=“CMark Force ADSL4”
disabled=no dst-address-list=ForceADSL4 dst-address-type=!local
in-interface=TRUE new-connection-mark=Cdsl4 passthrough=yes
add action=mark-routing chain=prerouting comment=“RMark Force ADSL4”
connection-mark=Cdsl4 disabled=no in-interface=TRUE new-routing-mark=
Rdsl4 passthrough=no
add action=mark-connection chain=prerouting comment=“CMark Force ADSL5”
disabled=no dst-address-list=ForceADSL5 dst-address-type=!local
in-interface=TRUE new-connection-mark=Cdsl5 passthrough=yes
add action=mark-routing chain=prerouting comment=“RMark Force ADSL5”
connection-mark=Cdsl5 disabled=no in-interface=TRUE new-routing-mark=
Rdsl5 passthrough=no

(Split traffic for International/Local based on address-list. Do it only once to prevent extra processing, jump to chains

add action=jump chain=prerouting disabled=no dst-address-list=LOCAL
in-interface=TRUE jump-target=NATIONAL
add action=jump chain=prerouting disabled=no in-interface=TRUE jump-target=
INTERNAT

NATIONAL and INTERNAT chains is very similar, just different marks, interfaces
(First do PCC connection marking only on ceratin ports

add action=mark-connection chain=NATIONAL comment=“CMark PCC LOCAL1”
disabled=no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,8443,27014-27050
in-interface=TRUE new-connection-mark=Cloc1 passthrough=yes
per-connection-classifier=src-address:5/0 protocol=tcp
add action=mark-connection chain=NATIONAL comment=“CMark PCC LOCAL2”
disabled=no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,6112,8443,27014-27050
in-interface=TRUE new-connection-mark=Cloc2 passthrough=yes
per-connection-classifier=src-address:5/1 protocol=tcp
add action=mark-connection chain=NATIONAL comment=“CMark PCC LOCAL3”
disabled=no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,6112,8443,27014-27050
in-interface=TRUE new-connection-mark=Cloc3 passthrough=yes
per-connection-classifier=src-address:5/2 protocol=tcp
add action=mark-connection chain=NATIONAL comment=“CMark PCC LOCAL4”
disabled=no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,6112,8443,27014-27050
in-interface=TRUE new-connection-mark=Cloc4 passthrough=yes
per-connection-classifier=src-address:5/3 protocol=tcp
add action=mark-connection chain=NATIONAL comment=“CMark PCC LOCAL5”
disabled=no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,6112,8443,27014-27050
in-interface=TRUE new-connection-mark=Cloc5 passthrough=yes
per-connection-classifier=src-address:5/4 protocol=tcp

Then route-mark them
add action=mark-routing chain=NATIONAL comment=“RMark PCC LOCAL1”
connection-mark=Cloc1 disabled=no in-interface=TRUE new-routing-mark=
Rloc1 passthrough=no
add action=mark-routing chain=NATIONAL comment=“RMark PCC LOCAL2”
connection-mark=Cloc2 disabled=no in-interface=TRUE new-routing-mark=
Rloc2 passthrough=no
add action=mark-routing chain=NATIONAL comment=“RMark PCC LOCAL3”
connection-mark=Cloc3 disabled=no in-interface=TRUE new-routing-mark=
Rloc3 passthrough=no
add action=mark-routing chain=NATIONAL comment=“RMark PCC LOCAL4”
connection-mark=Cloc4 disabled=no in-interface=TRUE new-routing-mark=
Rloc4 passthrough=no
add action=mark-routing chain=NATIONAL comment=“RMark PCC LOCAL5”
connection-mark=Cloc5 disabled=no in-interface=TRUE new-routing-mark=
Rloc5 passthrough=no
add action=mark-connection chain=NATIONAL comment=“CMark Nth LOCAL1”
disabled=no dst-address-type=!local in-interface=TRUE
new-connection-mark=Cloc1 nth=5,1 passthrough=yes
add action=mark-routing chain=NATIONAL comment=“RMark Nth LOCAL1”
connection-mark=Cloc1 disabled=no in-interface=TRUE new-routing-mark=
Rloc1 passthrough=no

Now do normal Nth load balance on rest of the ports
add action=mark-connection chain=NATIONAL comment=“CMark Nth LOCAL2”
disabled=no dst-address-type=!local in-interface=TRUE
new-connection-mark=Cloc2 nth=4,1 passthrough=yes
add action=mark-routing chain=NATIONAL comment=“RMark Nth LOCAL2”
connection-mark=Cloc2 disabled=no in-interface=TRUE new-routing-mark=
Rloc2 passthrough=no
add action=mark-connection chain=NATIONAL comment=“CMark Nth LOCAL3”
disabled=no dst-address-type=!local in-interface=TRUE
new-connection-mark=Cloc3 nth=3,1 passthrough=yes
add action=mark-routing chain=NATIONAL comment=“RMark Nth LOCAL3”
connection-mark=Cloc3 disabled=no in-interface=TRUE new-routing-mark=
Rloc3 passthrough=no
add action=mark-connection chain=NATIONAL comment=“CMark Nth LOCAL4”
disabled=no dst-address-type=!local in-interface=TRUE
new-connection-mark=Cloc4 nth=2,1 passthrough=yes
add action=mark-routing chain=NATIONAL comment=“RMark Nth LOCAL4”
connection-mark=Cloc4 disabled=no in-interface=TRUE new-routing-mark=
Rloc4 passthrough=no
add action=mark-connection chain=NATIONAL comment=“CMark Nth LOCAL5”
disabled=no dst-address-type=!local in-interface=TRUE
new-connection-mark=Cloc5 nth=1,1 passthrough=yes
add action=mark-routing chain=NATIONAL comment=“RMark Nth LOCAL5”
connection-mark=Cloc5 disabled=no in-interface=TRUE new-routing-mark=
Rloc5 passthrough=no
add action=accept chain=NATIONAL disabled=no

(INTERNAT chain is similar to above)

add action=mark-connection chain=INTERNAT comment=“CMark PCC ADSL1” disabled=
no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,6112,8443,27014-27050
in-interface=TRUE new-connection-mark=Cdsl1 passthrough=yes
per-connection-classifier=src-address:5/0 protocol=tcp
add action=mark-connection chain=INTERNAT comment=“CMark PCC ADSL2” disabled=
no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,6112,8443,27014-27050
in-interface=TRUE new-connection-mark=Cdsl2 passthrough=yes
per-connection-classifier=src-address:5/1 protocol=tcp
add action=mark-connection chain=INTERNAT comment=“CMark PCC ADSL3” disabled=
no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,6112,8443,27014-27050
in-interface=TRUE new-connection-mark=Cdsl3 passthrough=yes
per-connection-classifier=src-address:5/2 protocol=tcp
add action=mark-connection chain=INTERNAT comment=“CMark PCC ADSL4” disabled=
no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,6112,8443,27014-27050
in-interface=TRUE new-connection-mark=Cdsl4 passthrough=yes
per-connection-classifier=src-address:5/3 protocol=tcp
add action=mark-connection chain=INTERNAT comment=“CMark PCC ADSL5” disabled=
no dst-address-type=!local dst-port=
443,1119,1723,2082,2095,2222,3724,5154,5192,6112,8443,27014-27050
in-interface=TRUE new-connection-mark=Cdsl5 passthrough=yes
per-connection-classifier=src-address:5/4 protocol=tcp
add action=mark-routing chain=INTERNAT comment=“RMark PCC ADSL1”
connection-mark=Cdsl1 disabled=no in-interface=TRUE new-routing-mark=
Rdsl1 passthrough=no
add action=mark-routing chain=INTERNAT comment=“RMark PCC ADSL2”
connection-mark=Cdsl2 disabled=no in-interface=TRUE new-routing-mark=
Rdsl2 passthrough=no
add action=mark-routing chain=INTERNAT comment=“RMark PCC ADSL3”
connection-mark=Cdsl3 disabled=no in-interface=TRUE new-routing-mark=
Rdsl3 passthrough=no
add action=mark-routing chain=INTERNAT comment=“RMark PCC ADSL4”
connection-mark=Cdsl4 disabled=no in-interface=TRUE new-routing-mark=
Rdsl4 passthrough=no
add action=mark-routing chain=INTERNAT comment=“RMark PCC ADSL5”
connection-mark=Cdsl5 disabled=no in-interface=TRUE new-routing-mark=
Rdsl5 passthrough=no
add action=mark-connection chain=INTERNAT comment=“CMark Nth ADSL1” disabled=
no dst-address-type=!local in-interface=TRUE new-connection-mark=Cdsl1
nth=5,1 passthrough=yes
add action=mark-routing chain=INTERNAT comment=“RMark Nth ADSL1”
connection-mark=Cdsl1 disabled=no in-interface=TRUE new-routing-mark=
Rdsl1 passthrough=no
add action=mark-connection chain=INTERNAT comment=“CMark Nth ADSL2” disabled=
no dst-address-type=!local in-interface=TRUE new-connection-mark=Cdsl2
nth=4,1 passthrough=yes
add action=mark-routing chain=INTERNAT comment=“RMark Nth ADSL2”
connection-mark=Cdsl2 disabled=no in-interface=TRUE new-routing-mark=
Rdsl2 passthrough=no
add action=mark-connection chain=INTERNAT comment=“CMark Nth ADSL3” disabled=
no dst-address-type=!local in-interface=TRUE new-connection-mark=Cdsl3
nth=3,1 passthrough=yes
add action=mark-routing chain=INTERNAT comment=“RMark Nth ADSL3”
connection-mark=Cdsl3 disabled=no in-interface=TRUE new-routing-mark=
Rdsl3 passthrough=no
add action=mark-connection chain=INTERNAT comment=“CMark Nth ADSL4” disabled=
no dst-address-type=!local in-interface=TRUE new-connection-mark=Cdsl4
nth=2,1 passthrough=yes
add action=mark-routing chain=INTERNAT comment=“RMark Nth ADSL4”
connection-mark=Cdsl4 disabled=no in-interface=TRUE new-routing-mark=
Rdsl4 passthrough=no
add action=mark-connection chain=INTERNAT comment=“CMark Nth ADSL5” disabled=
no dst-address-type=!local in-interface=TRUE new-connection-mark=Cdsl5
nth=1,1 passthrough=yes
add action=mark-routing chain=INTERNAT comment=“RMark Nth ADSL5”
connection-mark=Cdsl5 disabled=no in-interface=TRUE new-routing-mark=
Rdsl5 passthrough=no
add action=accept chain=INTERNAT disabled=no

*normal NAT for each ADSL *

/ip firewall nat
add action=masquerade chain=srcnat comment=VOIP01 disabled=no out-interface=
VOIP01
add action=masquerade chain=srcnat comment=VOIP02 disabled=no out-interface=
VOIP02
add action=masquerade chain=srcnat comment=ADSL2 disabled=no out-interface=
ADSL1
add action=masquerade chain=srcnat comment=ADSL3 disabled=no out-interface=
ADSL2
add action=masquerade chain=srcnat comment=ADSL4 disabled=no out-interface=
ADSL3
add action=masquerade chain=srcnat comment=ADSL5 disabled=no out-interface=
ADSL4
add action=masquerade chain=srcnat comment=ADSL6 disabled=no out-interface=
ADSL5
add action=masquerade chain=srcnat comment=LOCAL1 disabled=no out-interface=
LOCAL1
add action=masquerade chain=srcnat comment=LOCAL2 disabled=no out-interface=
LOCAL2
add action=masquerade chain=srcnat comment=LOCAL3 disabled=no out-interface=
LOCAL3
add action=masquerade chain=srcnat comment=LOCAL4 disabled=no out-interface=
LOCAL4
add action=masquerade chain=srcnat comment=LOCAL5 disabled=no out-interface=
LOCAL5

Do routing based on marks first
/ip route
add check-gateway=ping comment=VOIP01 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=VOIP01 routing-mark=RVOIP01 scope=255 target-scope=10
add check-gateway=ping comment=VOIP02 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=VOIP02 routing-mark=RVOIP02 scope=255 target-scope=10
add check-gateway=ping comment=ADSL1 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=ADSL1 routing-mark=Rdsl1 scope=30 target-scope=10
add check-gateway=ping comment=ADSL2 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=ADSL2 routing-mark=Rdsl2 scope=30 target-scope=10
add check-gateway=ping comment=ADSL3 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=ADSL3 routing-mark=Rdsl3 scope=30 target-scope=10
add check-gateway=ping comment=ADSL4 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=ADSL4 routing-mark=Rdsl4 scope=30 target-scope=10
add check-gateway=ping comment=ADSL5 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=ADSL5 routing-mark=Rdsl5 scope=30 target-scope=10
add check-gateway=ping comment=LOCAL1 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=LOCAL1 routing-mark=Rloc1 scope=30 target-scope=10
add check-gateway=ping comment=LOCAL2 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=LOCAL2 routing-mark=Rloc2 scope=30 target-scope=10
add check-gateway=ping comment=LOCAL3 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=LOCAL3 routing-mark=Rloc3 scope=30 target-scope=10
add check-gateway=ping comment=LOCAL4 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=LOCAL4 routing-mark=Rloc4 scope=30 target-scope=10
add check-gateway=ping comment=LOCAL5 disabled=no distance=1 dst-address=
0.0.0.0/0 gateway=LOCAL5 routing-mark=Rloc5 scope=30 target-scope=10

have fallback default routes incase a line is down
add check-gateway=ping comment=“Fallback 4” disabled=no distance=2
dst-address=0.0.0.0/0 gateway=ADSL4 scope=30 target-scope=10
add check-gateway=ping comment=“Fallback 2” disabled=no distance=3
dst-address=0.0.0.0/0 gateway=ADSL2 scope=30 target-scope=10
add check-gateway=ping comment=“Fallback 1” disabled=no distance=3
dst-address=0.0.0.0/0 gateway=ADSL1 scope=30 target-scope=10
add check-gateway=ping comment=“Fallback 3” disabled=no distance=4
dst-address=0.0.0.0/0 gateway=ADSL3 scope=30 target-scope=10
add check-gateway=ping comment=“Fallback 5” disabled=no distance=6
dst-address=0.0.0.0/0 gateway=ADSL5 scope=30 target-scope=10

default routes to my network IP ranges
add disabled=no distance=1 dst-address=10.0.0.0/8 gateway=10.1.1.254 scope=30
target-scope=10
add disabled=no distance=1 dst-address=192.168.168.0/24 gateway=10.1.1.254
scope=30 target-scope=10

Enjoy.

Nanflexal · May 25, 2011, 12:11pm

hello Ekkas,

can you take a look my thread regarding loan balancing (3 ADSL line)
http://forum.mikrotik.com/t/load-balancing-2-or-3-adsl-line/47350/1

thanks in advance, hope you can help me on this.

ekkas · May 25, 2011, 2:01pm

Take my example above and edit it to suit you.
e.g. you can leave out the part on national/international or leave out the sections where it uses address lists to force traffic through a certain line.

More than that I cannot do unless you have a specific problem.
If none of that sample makes sense after reading it the 10th time, then you’ll have to hire a consultant.
You need to understand what each line do and why.
Also refer to the wiki on load balancing as it is where I started when doing this script.

The basic idea is:
connections destined for the Internet can get marked by either Nth or PCC. In my example I use both but you can use only PCC (also in wiki more info).
Then connections marked get a routing mark (based on the connection mark) and in the routing table that traffic go out through corresponding interface.
Then there are some other parts to make connections coming from the internet to go out through the same interface it came in on. In a nutshell.

Ekkas

PS: I get all LAN traffic from one interface, you seem to want to get from 3 different interfaces. If you want to use my example, you’ll have to do something else or put them in bridge in some way.

Nanflexal · May 26, 2011, 6:07am

thanks for your reply. i keep reading your load balancing setup over 6 ADSL line but right now, i don’t have VOIP and my problem right now is that assigning IP to my LAN Interface namely: ether1, ether2,ether3 and ether4.

please take a look, I’ve like the load balancing guide there because it’s too easy to understand. if there is a wrong with the setup please tell me.
http://forum.mikrotik.com/t/load-balancing-2-or-3-adsl-line/47350/2

Many Thanks

@ Alex