Hello Everyone!
I've got a service behind a Mikrotik on network 192.168.0.0/24 and two diferent "WANs". I want that every client who access through ether1 receives his anwser on same etherport.
I know that is possible with Mangle rules, but I have trougbles to which CHAIN and ACTION parámeters are correct for my partiular case.
It’s primarily about load balancing, but in fact the actual load balancing is just two rules with per-connection-classifier. Most of the rest is common dual-WAN config you’re looking for.
I am a bit confused as I dont see any user going OUT on a particular etherport somehow getting returns on a different etherport???
and thus no special rules would be required.
However if the op is saying he has a server that people from outside the internet will be accessing and he/she wants to ensure that server returns go out the etherport they came in on then
the pcc load balancing you mention would keep it consistent?? Again wouldnt the router keep track of which etherport the traffic came in on?? (and thus no special rules required).
or are you saying pcc is simply a method to load balance the two ISP inputs and the side benefit is that both ISPs will be used, dont have to worry about routing preference (ie the pcc basically simplifies the outgoing routing choices)??
The wiki page @Sob refers to actually describes how to use connection-mark in general, whereas the per-connection-classifier, which as such can work even if it assigns routing-mark values directly, i.e. without connection marking, is shown on that page as just one of the possible criteria to assign the connection-mark. The other criteria, also mentioned there, is the WAN interface through which the initial packet of a connection came in.
So different criteria are used for connections initiated from the LAN side than for connections initiated from the WAN one: those initiated from LAN side get their connection-mark based on PCC, so they are distributed among the WANs; those initiated from WAN side get their connection-mark based on their source WAN so that the response LAN->WAN packets used the same WAN, and this is the part the OP asked about.
The question was not clearly answered (at least for me with limited understanding).
Wouldnt the router know which etherport the traffic came in on and thus send it back out that way?
It seems not from your response (and its good to learn that nothing (packet flow) is necessarily automatic in MT), and that the traffic would go out via the route rules which may not guarantee the same etherport out…
So the load balance method, although designed to load balance seems to have a side benefit of ensuring incoming on wanx, also goes out wan x.
No, it’s not automatic, router uses regular routes to find out where to send packets. With usual multi-WAN setup (different ISPs) you obviously want to send responses back the same way from where requests came, because it wouldn’t work otherwise. But it’s also possible to have asymmetric routing where each direction uses different path (don’t ask me for any good examples, I don’t remember needing something like that myself). The point is that one or the other isn’t always right or wrong.
Load balancing doesn’t have anything to do with it, except that I remember PCC example to also contain rules for this.
