why we need input & output rule without these rule looks like everthing wrking fine

miankamran7100 · June 14, 2023, 6:15am

Dear all experts,
Why do We need to add rule input and output in PCC LoadBalancing?
As I mentioned below

/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn

add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2

add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=wlan2
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=wlan2

add chain=prerouting dst-address-type=!local in-interface=wlan2 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=wlan2 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes

add chain=prerouting connection-mark=WAN1_conn in-interface=wlan2 action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=wlan2 action=mark-routing new-routing-mark=to_WAN2

rextended · June 14, 2023, 7:14am

“We”?
How many are you?

mrz · June 14, 2023, 7:25am

See here:
https://help.mikrotik.com/docs/display/ROS/Per+connection+classifier

miankamran7100 · June 14, 2023, 11:59am

Just me. Please guide me Is it necessary to "add input and output rule" for excellent load balancing

rextended · June 14, 2023, 12:07pm

anav · June 14, 2023, 12:28pm

They should know better!

As for the ‘helpers’ you really think obscure, cold flaccid MT documentation is going to provide real answers… its only designed for people that already know ROS and have a solid background in networking, thats why most of MT documentation is CRAP.

The reason is that the output chain is the last possible chance to modify the outcome of outgoing packets being sent back to originators on the internet.
So by marking traffic coming in on a WAN, and using output chain rule forcing the associated RETURN traffic (responses) out the same WAN at the last possible point guarantees that there will be no mismatch and thus lost traffic. This is critical for many things (mainly servers) but also for Router Services…

Amm0 · June 14, 2023, 12:44pm

In fairness, Mikrotik did a video on PCC recently: https://www.youtube.com/watch?v=nlb7XAv57tw

There are more “chains” than just input/output. Basically the answer is the “prerouting” chain is used for PCC, as seen on TV. See Mikrotik’s Packet Flow diagram for gory details: https://help.mikrotik.com/docs/display/ROS/Packet+Flow+in+RouterOS#PacketFlowinRouterOS-Chains