i have load balance in mikrotik v3.3. and i`m using 2 connection from the same isp. everything is all right except when I play poker zynga. when i change the servers there it faild to connect and says reconnect. when i disable one of the lines it works very well . can you help me please
Hi, if you are using nth, you’ll have problem with https sites because packets received in the https site arrive there with your 2 adsl ips for the same connection.
You need to update ROS and use PCC instead NTH.
Yes im using PCC , that why i
m asking
well well well
u will have the same proplem with yahoo messenger and hotmail
also silkroad game
the solution easily is to set the dst port of any application to one connection
here is what to do exactly
add action=mark-routing chain=prerouting comment="Y! routing mark" disabled=\
no dst-port=5050 new-routing-mark=Yahoo passthrough=no protocol=tcp
add action=mark-routing chain=prerouting comment="MSN routing mark" disabled=\
no dst-port=1863 new-routing-mark=MSN passthrough=no protocol=tcp
add action=mark-routing chain=prerouting comment="Zynga POKER" disabled=no \
dst-port=9339 new-routing-mark="Zynga POKER" passthrough=no protocol=tcp
add action=mark-routing chain=prerouting comment="SILKROAD PLAY" disabled=no \
dst-port=15883 new-routing-mark="SILKROAD PLAY" passthrough=no protocol=\
tcp
then add these routes
add comment="MSN special route" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=192.168.1.1 routing-mark=MSN scope=30 target-scope=10
add comment="Y! special route" disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=192.168.1.1 routing-mark=Yahoo scope=30 target-scope=10
add comment="Zynga POKER special route" disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=192.168.1.1 routing-mark="Zynga POKER" scope=30 \
target-scope=10
add comment="SILKROAD PLAY special route" disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=192.168.1.1 routing-mark="SILKROAD PLAY" scope=30 \
target-scope=10
try it dont forget to change the wan u want to specify the connection to ur wan…
actually I want u to do it first using the winbox, dont forget to backup ur configuration…
good luck
thank you very much . it workes very well
this post is very interesting : D! Thanks!
thxx alot I will put a separated topic for that soon…
i do use pcc and poker work perfect with without this could
who do see that they are disconnect??? form router or form game
i need to know to see ifi should add this rule
hi..
would u pls export ur firewall settings?
I think that its normal that when u use PCC some disconnecting will happen in messengers, flash games..etc the solution is to put the port of these services to one of the lines u use, so they are not included in the PCC actually…
got it?
you kill pcc here don’t you think
/ip firewall mangle
add action=change-ttl chain=postrouting comment=“” disabled=no new-ttl=set:128
add action=mark-packet chain=forward comment=“” disabled=no dst-port=443 new-packet-mark=“msn limit” passthrough=yes protocol=tcp
add action=mark-packet chain=forward comment=“” disabled=no dst-port=1863 new-packet-mark=“msn limit” passthrough=yes protocol=tcp
add action=mark-packet chain=output comment=“” disabled=no dst-port=53 new-packet-mark=“msn limit” passthrough=yes protocol=udp
add action=mark-connection chain=input comment=“” disabled=no in-interface=pppoe-out1 new-connection-mark=wan1_conn passthrough=yes
add action=mark-connection chain=input comment=“” disabled=no in-interface=pppoe-out2 new-connection-mark=wan2_conn passthrough=yes
add action=mark-connection chain=input comment=“” disabled=no in-interface=pppoe-out3 new-connection-mark=wan3_conn passthrough=yes
add action=mark-connection chain=input comment=“” disabled=no in-interface=pppoe-out4 new-connection-mark=wan4_conn passthrough=yes
add action=mark-connection chain=prerouting comment=“” disabled=no dst-address-type=!local in-interface=Local new-connection-mark=wan1_conn passthrough=yes
per-connection-classifier=both-addresses:4/0
add action=mark-connection chain=prerouting comment=“” disabled=no dst-address-type=!local in-interface=Local new-connection-mark=wan2_conn passthrough=yes
per-connection-classifier=both-addresses:4/1
add action=mark-connection chain=prerouting comment=“” disabled=no dst-address-type=!local in-interface=Local new-connection-mark=wan3_conn passthrough=yes
per-connection-classifier=both-addresses:4/2
add action=mark-connection chain=prerouting comment=“” disabled=no dst-address-type=!local in-interface=Local new-connection-mark=wan4_conn passthrough=yes
per-connection-classifier=both-addresses:4/3
add action=mark-routing chain=prerouting comment=“” connection-mark=wan1_conn disabled=no in-interface=Local new-routing-mark=to_wan1 passthrough=yes
add action=mark-routing chain=prerouting comment=“” connection-mark=wan2_conn disabled=no in-interface=Local new-routing-mark=to_wan2 passthrough=yes
add action=mark-routing chain=prerouting comment=“” connection-mark=wan3_conn disabled=no in-interface=Local new-routing-mark=to_wan3 passthrough=yes
add action=mark-routing chain=prerouting comment=“” connection-mark=wan4_conn disabled=no in-interface=Local new-routing-mark=to_wan4 passthrough=yes
/ip route
add check-gateway=ping comment=“” disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=to_wan2
add check-gateway=ping comment=“” disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out3 routing-mark=to_wan3
add check-gateway=ping comment=“” disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out4 routing-mark=to_wan4
add check-gateway=ping comment=“” disabled=no distance=3 dst-address=0.0.0.0/0 gateway=pppoe-out3
add check-gateway=ping comment=“” disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_wan1
add check-gateway=ping comment=“” disabled=no distance=4 dst-address=0.0.0.0/0 gateway=pppoe-out4
add check-gateway=ping comment=“” disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1
add check-gateway=ping comment=“” disabled=no distance=2 dst-address=0.0.0.0/0 gateway=pppoe-out2
i had ask my client no one feel that there is problem
what i want to know problem you talk about it client feel it or just the one who monitor mikrotik
Microsoft said that msn use port 443 and 1863 what make you choice 1863 not 443??
and about zynga it use many port why 9339 ???
I think u use kind of queuing or something like that this will do the same action of marking the port of MSN but Im not sure if the rest of apps wont disconnect..
about the ports u use the port of the session not the login port for example 9339 is the play port so u use it..however its a personal effort from me so check me out if Im wrong…
regards…
probably, for those cases (when there are many server IPs for single client session) you should use ‘src-address’ PCC classifier instead of ‘both-addresses’. you may even add another PCC rules set for above services, so that PCC work quite differently for those services, but still work =)
please would u put some examples especially for downloa centers…
I mean, instead of

add action=mark-routing chain=prerouting comment="Y! routing mark" disabled=\ no dst-port=5050 new-routing-mark=Yahoo passthrough=no protocol=tcp add action=mark-routing chain=prerouting comment="MSN routing mark" disabled=\ no dst-port=1863 new-routing-mark=MSN passthrough=no protocol=tcp add action=mark-routing chain=prerouting comment="Zynga POKER" disabled=no \ dst-port=9339 new-routing-mark="Zynga POKER" passthrough=no protocol=tcp add action=mark-routing chain=prerouting comment="SILKROAD PLAY" disabled=no \ dst-port=15883 new-routing-mark="SILKROAD PLAY" passthrough=no protocol=\ tcp
you may use something like
add chain=prerouting comment="Y!" protocol=tcp dst-port=5050 action=jump jump-target=pcc-src
add chain=prerouting comment="MSN" protocol=tcp dst-port=1863 action=jump jump-target=pcc-src
add chain=prerouting comment="Zynga POKER" protocol=tcp dst-port=9339 action=jump jump-target=pcc-src
add chain=prerouting comment="SILKROAD PLAY" protocol=tcp dst-port=15883 action=jump jump-target=pcc-src
add chain=pcc-src per-connection-classifier=src-address:2/0 action=mark-connection new-connection-mark=wan1_conn
add chain=pcc-src per-connection-classifier=src-address:2/1 action=mark-connection new-connection-mark=wan2_conn
wow .. its very nice actually..
now is it better to generalize the src- port PCC to work with all connections? and if u dont mind what its the different between src-port and both addresses?
src-port? you mean, src-address?
src-address - link is selected based on the client address
both-addresses - link is selected based on ‘client_address + server_address’ pair. new server address for old client - link may be changed for that connection
what if i has this problem (my friend ) but with address site like www.hotmail.com ex.
use ‘src-address’ classifier for the whole load-balancing =)
like this?
add chain=prerouting comment=“H!” protocol=tcp src-addresst=www.hotmail.com action=jump jump-target=pcc-src
i think you mean like this
add chain=prerouting comment=“H!” protocol=tcp src-addresst=10.10.10.10 action=jump jump-target=pcc-src