Community discussions

 
anav
Forum Guru
Forum Guru
Topic Author
Posts: 2967
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

PCC Questions

Sat Feb 09, 2019 6:15 am

1. Why is it necessary to mark Internet to router traffic? I understand that if its necessary to do so (there is legitimate such traffic) then clearly one wants to ensure that the incoming interface is then used for replies, out the same wan ISP.
However, what traffic could we be talking about? What traffic originates from the internet that hits our router that we should be allowing or considering in the first place??

2. I get the general premise that for two WANS we mangle with 2/0 and 2/1 (if remainder is zero or one based on algorithm of src+dst address for example) and if one had three wans
3/0, 3/1, 3/2 would be used.
However these are geared towards creating a roughly 50-50 split in the two WAN scenario and 1/3 split in the latter scenario. More importantly these assume EVEN ISP throughputs.
What if I want to load balance not only across two ISPs but also take into account the discrepancy on throughput.
Lets say WAN1 has a fiber line 1gig up and down, whereas WAN2 has 150 down and 30 up. Clearly to load balance, one would want at least a 3:1 ration or perhaps a 4:1 ration between the two routers...............

It is as simple at the following example for a 3 WAN setting with equal PCC load balancing and then the subsequent modifications for a ratio based outcome other than 1:1?

Given LAN -> WAN mangle
add action=mark-connection chain=prerouting connection-mark=no-mark\
  dst-address-list=!LAN dst-address-type=!local new-connection-mark=LAN-to-WAN1 passthrough=yes\
  per-connection-classifier=both-addresses:3/0 src-address-list=LAN
add action=mark-connection chain=prerouting connection-mark=no-mark\
  dst-address-list=!LAN dst-address-type=!local new-connection-mark= LAN-to-WAN2 passthrough=yes\
  per-connection-classifier=both-addresses:3/1 src-address-list=LAN
add action=mark-connection chain=prerouting connection-mark=no-mark\
  dst-address-list=!LAN dst-address-type=!local new-connection-mark=LAN-to-WAN3 passthrough=yes\
  per-connection-classifier=both-addresses:3/2 src-address-list=LAN
For a RATIO of 3:1 load balancing vice 1:1
dst-address-list=!LAN dst-address-type=!local new-connection-mark=LAN-to-WAN1 passthrough=yes\
per-connection-classifier=both-addresses:4/0 src-address-list=LAN
add action=mark-connection chain=prerouting connection-mark=no-mark\
dst-address-list=!LAN dst-address-type=!local new-connection-mark= LAN-to-WAN1 passthrough=yes\
per-connection-classifier=both-addresses:4/1 src-address-list=LAN
add action=mark-connection chain=prerouting connection-mark=no-mark\
dst-address-list=!LAN dst-address-type=!local new-connection-mark=LAN-to-WAN1 passthrough=yes\
per-connection-classifier=both-addresses:4/2 src-address-list=LAN[/code]
add action=mark-connection chain=prerouting connection-mark=no-mark\
dst-address-list=!LAN dst-address-type=!local new-connection-mark=LAN-to-WAN2 passthrough=yes\
per-connection-classifier=both-addresses:4/3 src-address-list=LAN[/code]

and is the order of such rules important..........would where I put the Rule Matter.......... for example.

dst-address-list=!LAN dst-address-type=!local new-connection-mark=LAN-to-WAN1 passthrough=yes\
per-connection-classifier=both-addresses:4/0 src-address-list=LAN
add action=mark-connection chain=prerouting connection-mark=no-mark\
dst-address-list=!LAN dst-address-type=!local new-connection-mark= LAN-to-WAN1 passthrough=yes\
per-connection-classifier=both-addresses:4/1 src-address-list=LAN
add action=mark-connection chain=prerouting connection-mark=no-mark\
dst-address-list=!LAN dst-address-type=!local new-connection-mark=LAN-to-WAN2 passthrough=yes\
per-connection-classifier=both-addresses:4/2 src-address-list=LAN[/code]
add action=mark-connection chain=prerouting connection-mark=no-mark\
dst-address-list=!LAN dst-address-type=!local new-connection-mark=LAN-to-WAN1 passthrough=yes\
per-connection-classifier=both-addresses:4/3 src-address-list=LAN[/code]
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)

Who is online

Users browsing this forum: No registered users and 38 guests