Community discussions

 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

youtube to other gateway

Sat Dec 23, 2017 11:46 pm

Hello
I’m new to Mikrotik

I have router board 2011 with three gateways.
I want to split the connection to the 3:
YouTube to gateway1, Facebook to gateway2 and the others to gateway3
I have tried layer7 with this script ( ^.+(facebook.com|youtube).*$ )
And after I marked the connection with mangle and with route I chose the gateway but it stops the sites YouTube and Facebook.
Any Idea
Regards
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1309
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: youtube to other gateway

Sun Dec 24, 2017 10:57 am

Since most website uses https, layer 7 rules does not work. (at least noe easy solution)
You could see what IP youtube uses and route them to propper interface.
Se a list here:
https://www.lifewire.com/ip-address-of-youtube-818157
Problem arise when youtube changes their IP, this will then break.
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
pe1chl
Forum Guru
Forum Guru
Posts: 5919
Joined: Mon Jun 08, 2015 12:09 pm

Re: youtube to other gateway

Sun Dec 24, 2017 1:29 pm

It is not possible to select a different gateway with a layer7 filter because this filter checks the content of traffic in the connection that already has been established.
The gateway has already been chosen at that point. When you still switch it, you interrupt the connection. So the behaviour you see is as expected.
 
User avatar
matiaszon
Member
Member
Posts: 305
Joined: Mon Jul 09, 2012 9:26 am

Re: youtube to other gateway

Mon Dec 25, 2017 12:22 am

What about adding youtube as domain name to address list? MikroTik will resolve all addresses automatically. Then you can make a mangle rule marking that connection and then, route connection with that mark through the desired WAN.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5919
Joined: Mon Jun 08, 2015 12:09 pm

Re: youtube to other gateway

Mon Dec 25, 2017 1:32 pm

That will only work when you force the users to use the MikroTik DNS (by setting it in DHCP and also a dstnat rule so other servers like 8.8.8.8 will be sent to your local MikroTik instead).
This is because services like youtube have many different IP and are rotating them all the time for load balancing.
So what your MikroTik got in reply to youtube.com may be different from what your user gets from 8.8.8.8 a while later.
 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

Re: youtube to other gateway

Tue Dec 26, 2017 12:00 pm

Thanks friends really your reply's are useful.
Before i decide to use L7 i have tried like you (matiaszon) said . to run a script each 20 mn, this script search the youtube ip list and add them to address list in firewall and mark the routing with mangle and after with route i chose another gateway2 for this address list. but actually nothing change the youtube function normally at the same gateway1 and nothing pass through gateway2.
what other steps can i do?
 
pe1chl
Forum Guru
Forum Guru
Posts: 5919
Joined: Mon Jun 08, 2015 12:09 pm

Re: youtube to other gateway

Tue Dec 26, 2017 12:15 pm

There is no need to use a script for this, you can put the name(s) in your address list directly.
But before you proceed you first need to make your marking/routing working correctly because apparently it isn't.
Before trying to do complicated matching of youtube or similar, first make it work for a single IP address of some server you know.
 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

Re: youtube to other gateway

Tue Dec 26, 2017 7:05 pm

I try with 1 ip address and it work good.
now to add all the ips address of you tube i need a script because the ips address of youtube are changed always
how can i do it without a script calling the DNS ?
 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

Re: youtube to other gateway

Tue Dec 26, 2017 7:44 pm

how can i add the names in address list i can only add ip s
 
pe1chl
Forum Guru
Forum Guru
Posts: 5919
Joined: Mon Jun 08, 2015 12:09 pm

Re: youtube to other gateway

Tue Dec 26, 2017 9:31 pm

Maybe you are running very old software? Update.
 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

Re: youtube to other gateway

Tue Dec 26, 2017 9:47 pm

My router is RB2011il
the software version 6.33.3


i try to put in mangle rule content "youtube" i found some traffic pass but only about 40 kbs maximum
 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

Re: youtube to other gateway

Tue Dec 26, 2017 9:50 pm

all the client have like dns my router ip the same as gateway
 
pe1chl
Forum Guru
Forum Guru
Posts: 5919
Joined: Mon Jun 08, 2015 12:09 pm

Re: youtube to other gateway

Tue Dec 26, 2017 11:21 pm

My router is RB2011il
the software version 6.33.3
That is ANCIENT! Current is 6.41
Do you never update software?
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1309
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: youtube to other gateway

Wed Dec 27, 2017 8:07 am

the software version 6.33.3
That is ANCIENT! Current is 6.41
Just two year:
6.33.3 released 2015-Dec-03
 
How to use Splunk to monitor your MikroTik Router

MikroTik->Splunk
 
 
pe1chl
Forum Guru
Forum Guru
Posts: 5919
Joined: Mon Jun 08, 2015 12:09 pm

Re: youtube to other gateway  [SOLVED]

Wed Dec 27, 2017 11:18 am

Upgrading is just a matter of two mouseclicks so I don't know why he would not try that when he has a problem...
(and it also adds the new functionality of an address list with a DNS name which automatically populates it with the current addresses, with automatic refresh)
 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

Re: youtube to other gateway

Wed Dec 27, 2017 11:23 am

ok i update to 6.41
I create a rule in mangle with content youtube and action mark routing
in routing i route the marked routing to gateway2.
but the youtube is stopped instead to go to gateway2. i see in mangle the statistic of the rule it mark about 20 kbs.
i think i cant use the content because it will have the same problem like L7 the connection is broken after it was established .
the only way i think is to add all the ip of youtube to address list .
Any idea how
 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

Re: youtube to other gateway

Wed Dec 27, 2017 11:26 am

Upgrading is just a matter of two mouseclicks so I don't know why he would not try that when he has a problem...
(and it also adds the new functionality of an address list with a DNS name which automatically populates it with the current addresses, with automatic refresh)
ok thanks i try in address list instead of ip a domain www.youtube.com and it accept the rule.
i will try with that
 
pe1chl
Forum Guru
Forum Guru
Posts: 5919
Joined: Mon Jun 08, 2015 12:09 pm

Re: youtube to other gateway

Wed Dec 27, 2017 11:30 am

Please show your /ip firewall export
Low bitrate of the mangle rule is normal when you use connection marking. Only the first packet of the connection is counted.
Also make sure you have disabled FastPath and FastTrack (at least for this type of traffic), they cannot co-exist with such route mangling.
 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

Re: youtube to other gateway

Wed Dec 27, 2017 1:30 pm

ok,
i disabled Allow Fast Path from ip settings but i didn't find Fast Track.
till now i succeed to redirect the youtube from google chrome to gateway 2 but the youtube application on mobile still go to gateway 1
 
danytrad
just joined
Topic Author
Posts: 10
Joined: Sat Dec 23, 2017 11:22 pm

Re: youtube to other gateway

Wed Dec 27, 2017 1:44 pm

this is the firewall configuration
You do not have the required permissions to view the files attached to this post.
 
pe1chl
Forum Guru
Forum Guru
Posts: 5919
Joined: Mon Jun 08, 2015 12:09 pm

Re: youtube to other gateway

Wed Dec 27, 2017 3:12 pm

Unless this router is behind some other firewall you really need more input firewalling!

It is also advisable to use your gateway decision criteria to apply a connection mark to the connection (only once) and
then select on this connection mark to apply the route mark on each packet. That way it is guaranteed that
the route mark cannot change halfway an open connection (which would kill it).
See the examples of load balancing.

Who is online

Users browsing this forum: No registered users and 43 guests