Hi All,
I am looking for some assistance with load balancing. I’ve done a fair bit of searching and have configured my router in a fashion that I think should work but it does not.
I am trying to load balance two 4G modems/routers for bandwidth and WAN resiliency. The primary issue that I run into is that the Mikrotik does not seem to load balance across both WAN links. If I look at the routing table only one of the WAN links shows up as a gateway and the interface list does not show any traffic passing. I have copied the routing table and configuration below. Any help is appreciated.
DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 ether1-gateway 1
1 ADC 10.159.86.0/24 10.159.86.157 ether1-gateway 0
2 ADC 10.229.238.0/24 10.229.238.111 ether2-gateway 0
3 ADC 192.168.28.0/24 192.168.28.1 ether3-lan 0
4 ADC 192.168.31.0/24 192.168.31.253 ether5 0
\
jan/13/2017 16:55:24 by RouterOS 6.37.3
software id = QSR1-J862
/interface ethernet
set [ find default-name=ether1 ] name=ether1-gateway
set [ find default-name=ether2 ] name=ether2-gateway
set [ find default-name=ether3 ] name=ether3-lan
/ip neighbor discovery
set ether1-gateway discover=no
set ether2-gateway discover=no
/interface ethernet
set [ find default-name=ether4 ] master-port=ether5
/ip pool
add name=default-dhcp ranges=192.168.28.10-192.168.28.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=ether3-lan name=LAN
/ip address
add address=192.168.28.1/24 interface=ether3-lan network=192.168.28.0
add address=192.168.31.253/24 interface=ether5 network=192.168.31.0
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid disabled=no interface=ether1-gateway use-peer-dns=no use-peer-ntp=no
add add-default-route=no dhcp-options=hostname,clientid disabled=no interface=ether2-gateway use-peer-dns=no use-peer-ntp=no
/ip dhcp-server network
add address=192.168.28.0/24 gateway=192.168.28.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=accept chain=input comment=“defconf: accept ICMP” protocol=icmp
add action=accept chain=input comment=“defconf: accept established,related” connection-state=established,related
add action=drop chain=input comment=“defconf: drop all from WAN” in-interface=ether1-gateway
add action=drop chain=input comment=“defconf: drop all from WAN” in-interface=ether2-gateway
add action=fasttrack-connection chain=forward comment=“defconf: fasttrack” connection-state=established,related
add action=accept chain=forward comment=“defconf: accept established,related” connection-state=established,related
add action=drop chain=forward comment=“defconf: drop invalid” connection-state=invalid
add action=drop chain=forward comment=“defconf: drop all from WAN not DSTNATed” connection-nat-state=!dstnat connection-state=new in-interface=ether1-gateway
add action=drop chain=forward comment=“defconf: drop all from WAN not DSTNATed” connection-nat-state=!dstnat connection-state=new in-interface=ether2-gateway
/ip firewall mangle
add action=mark-connection chain=prerouting comment=“Load Balance” connection-state=new in-interface=ether1-gateway new-connection-mark=ether1_conn
add action=mark-connection chain=prerouting connection-state=new in-interface=ether2-gateway new-connection-mark=ether2_conn
add action=mark-routing chain=output connection-mark=ether1_conn new-routing-mark=to_ether1
add action=mark-routing chain=output connection-mark=ether2_conn new-routing-mark=to_ether2
add action=mark-connection chain=prerouting connection-state=new dst-address-type=!local in-interface=ether3-lan new-connection-mark=ether1_conn passthrough=yes
per-connection-classifier=dst-address:2/0
add action=mark-connection chain=prerouting connection-state=new dst-address-type=!local in-interface=ether3-lan new-connection-mark=ether2_conn passthrough=yes
per-connection-classifier=dst-address:2/1
add action=mark-routing chain=prerouting connection-mark=ether1_conn in-interface=ether3-lan new-routing-mark=to_ether1
add action=mark-routing chain=prerouting connection-mark=ether2_conn in-interface=ether3-lan new-routing-mark=to_ether2
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-gateway
add action=masquerade chain=srcnat out-interface=ether2-gateway
/ip route
add distance=1 gateway=ether1-gateway
/system clock
set time-zone-name=America/Chicago
/system ntp client
set enabled=yes primary-ntp=158.69.125.231 secondary-ntp=206.108.0.132
/system scheduler
add interval=2s name=ChangeGateways on-event=ChangeGateways policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=jan/13/2017 start-time=
12:54:15
/system script
add name=ChangeGateways owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=“:global newgw [/ip dhcp-client get [find interface="e
ther1-gateway" ] gateway ]\r
\n:global activegw [/ip route get [/ip route find comment="Ether1-Wan"] gateway ]\r
\n:if ($newgw != $activegw) do={\r
\n/ip route set [find comment="Ether1-Wan"] gateway=$newgw\r
\n/ip route set [find comment="Ether1-Wan routing gateway"] gateway=$newgw\r
\n}\r
\n:global newgw [/ip dhcp-client get [find interface="ether2-gateway" ] gateway ]\r
\n:global activegw [/ip route get [/ip route find comment="Ether2-Wan"] gateway ]\r
\n:if ($newgw != $activegw) do={\r
\n/ip route set [find comment="Ether2-Wan"] gateway=$newgw\r
\n/ip route set [find comment="Ether2-Wan routing gateway"] gateway=$newgw\r
\n}”
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether2-gateway
add interface=ether1-gateway
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether2-gateway
add interface=ether1-gateway