Community discussions

MikroTik App
 
User avatar
anav
Forum Guru
Forum Guru
Topic Author
Posts: 5932
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Moving from Fail Over to Using both WANS ??

Sun Sep 20, 2020 6:10 pm

If I want to use both ISPs fiber 1gig up/down and Cable 100 down 10 up, can I do so without mangling?
Certainly this is a load balancing nightmare which would be probably be setup as a 10:1 ratio
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
User avatar
SiB
Forum Guru
Forum Guru
Posts: 1314
Joined: Sun Jan 06, 2013 11:19 pm
Location: Poland

Re: Moving from Fail Over to Using both WANS ??

Sun Sep 20, 2020 9:12 pm

Sorry, async WAN-s and without Mangle... no idea :)


I always do
1) recursive routing...

2) MANGLE
I really recommended to learn and do this one HowTo who have got the best way to use many WAN's at ones.
Next you can use any method netwatch/script/pcc etc to just flow the outgoing - then this is small stuff.
Bandwidth-based load-balancing with failover. This presentation also covers Mangle.
This was presented at the MUM (MikroTik User Meeting) in New Orelans, USA.
Tomas Kirnak - YouTube: https://www.youtube.com/watch?v=67Dna_ffCvc&t=1s
http://mum.mikrotik.com/presentations/US12/tomas.pdf

3) My own detectors of offline and do action with fix that stuff
Advance watchdog: viewtopic.php?f=9&t=151492&hilit=watchdog#p768392

4) ISP who is now DOWN should have a remove all connections from conntrack table, and that connection and theyr keepalive will start NEW connection via UP ISP without breake at network.

One of main action here is that:
ip route enable  [find dst-address="0.0.0.0/0" gateway=8.8.4.4 routing-mark="wan2_SM" ]
delay 1s
foreach IPList in=[/ip firewall address-list find list="LANs_via_SM"] do={
 local CurIP [ip firewall address-list get $IPList address ]
 local IP3oct [pick $CurIP  0 [find $CurIP "." ([find $CurIP "." ([find $CurIP "."]+1)]+1)]]
 ip firewall connection remove [find connection-mark~"wan1_Orange<->LANs" src-address~$IP3oct ]
 ip firewall connection remove [find connection-mark~"wan1_Orange<->LANs" reply-src-address~$IP3oct ]
}

With all that points I receive good and FULL working MultiWan.

----------------------------------

The last one point is very importand in your situation because he help's hop to next ISP that users who are using "re-connected" wan.
Other words it's fix for massive TIMEOUT problem when WAS is offline.
MTCNA + MTCRE + MTCINE | ~600 users at ~150 RouterBoards in EMEA | Telegram: @SiB_PL
WinBox Tip: F6 works as ALT+TAB | Gliffy.com - free network schematic | prnt.sc - free ScreenShot software
At vacation until 15.jan.2021
 
User avatar
anav
Forum Guru
Forum Guru
Topic Author
Posts: 5932
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Moving from Fail Over to Using both WANS ??

Sun Sep 20, 2020 9:27 pm

Hi Sib
Awesome advice.
I have done research in many of these areas and thus familiar with the refs, especially the MUM archives stuff.
Since I have a home network and a CCR1009, I think I can take the hit in losing fastrack without any real negative effect on users, do you agree??
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
User avatar
SiB
Forum Guru
Forum Guru
Posts: 1314
Joined: Sun Jan 06, 2013 11:19 pm
Location: Poland

Re: Moving from Fail Over to Using both WANS ??

Sun Sep 20, 2020 9:52 pm

exacly, I use that way at every RB I configure with 2xWAN and more, just that all stuff give me all possibility.
I not use a bandwitch-way of selection a main wan, I always send servers via slower isp and users via better wan :) but you can adapt any of LoadBalance method in this way.
Mangle are awesome :D
MTCNA + MTCRE + MTCINE | ~600 users at ~150 RouterBoards in EMEA | Telegram: @SiB_PL
WinBox Tip: F6 works as ALT+TAB | Gliffy.com - free network schematic | prnt.sc - free ScreenShot software
At vacation until 15.jan.2021
 
User avatar
anav
Forum Guru
Forum Guru
Topic Author
Posts: 5932
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Moving from Fail Over to Using both WANS ??

Sun Sep 20, 2020 11:20 pm

What is the most efficient way to send users to the better wanip. A simple route rule for mangled traffic?

What if I have a load balance scenario of 10:2 for example, and the primary the 10 fails, no connectivity (I would use external recursive to check).
How does the router then respond??
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
User avatar
SiB
Forum Guru
Forum Guru
Posts: 1314
Joined: Sun Jan 06, 2013 11:19 pm
Location: Poland

Re: Moving from Fail Over to Using both WANS ??

Mon Sep 21, 2020 1:14 am

What is the most efficient way to send users to the better wanip. A simple route rule for mangled traffic?
I use mangle to manage that.

What if I have a load balance scenario of 10:2 for example, and the primary the 10 fails, no connectivity (I would use external recursive to check).
How does the router then respond??
When ISPx not work, then all conection inside Firewall\Connections gets timeout... in some time... this means user see that internet not work until theyr brower/soft/app not do a new Syn connction who will be send via working ISP OR the old ISPx cameback to life.
This can be fixed just by removing that ISPx marks in firewall and all theyr keep-a-live package will go via working ISP, I put that info as 4) point of my howto. This is awesome and sometimes you not even see ping timeout, sometimes 1x :)
MTCNA + MTCRE + MTCINE | ~600 users at ~150 RouterBoards in EMEA | Telegram: @SiB_PL
WinBox Tip: F6 works as ALT+TAB | Gliffy.com - free network schematic | prnt.sc - free ScreenShot software
At vacation until 15.jan.2021
 
Dude2048
Member Candidate
Member Candidate
Posts: 129
Joined: Thu Sep 01, 2016 4:04 pm

Re: Moving from Fail Over to Using both WANS ??

Wed Dec 09, 2020 6:00 pm

Can you give an example config so that I can see how you put it together?
 
User avatar
SiB
Forum Guru
Forum Guru
Posts: 1314
Joined: Sun Jan 06, 2013 11:19 pm
Location: Poland

Re: Moving from Fail Over to Using both WANS ??

Wed Dec 09, 2020 6:24 pm

Can you give an example config so that I can see how you put it together?
? you not read a #2
or I not understand what you want put together.
MTCNA + MTCRE + MTCINE | ~600 users at ~150 RouterBoards in EMEA | Telegram: @SiB_PL
WinBox Tip: F6 works as ALT+TAB | Gliffy.com - free network schematic | prnt.sc - free ScreenShot software
At vacation until 15.jan.2021
 
Dude2048
Member Candidate
Member Candidate
Posts: 129
Joined: Thu Sep 01, 2016 4:04 pm

Re: Moving from Fail Over to Using both WANS ??

Wed Dec 09, 2020 7:09 pm

I understand the mangle bit, I use it to. But why the recursive part?
 
User avatar
SiB
Forum Guru
Forum Guru
Posts: 1314
Joined: Sun Jan 06, 2013 11:19 pm
Location: Poland

Re: Moving from Fail Over to Using both WANS ??

Thu Dec 10, 2020 12:01 am

I understand the mangle bit, I use it to. But why the recursive part?
ok, means you mix a 1) point with RecursiveRouting with 3) who detect if wanx working or not.

ad1 and ad3 work together.
  • ad1 RR do "lock path" that to hostA you go via ISP1 only - this is perfect, and ad3) use from that route to detect, if internet is work via that ISP.
    This is mix of both. Sometimes this is winner instead of just ad3 who can use additional parameters like interface and src-address, who can have problems with Contrack and this ad1 solve that at lower level.
    I hope this is understand way of answer.
  • ad1 RR and special part with FailOver, is duplicated in ad3 and here you can have right. But... Routing detection of "next hop" status is just slow, 2x10s to detect DOWN... and ad3) do the same but faster, e.g. if ping 10 pings with interval 1s and all 10x pings have timeout then this can be more "sure" offline detection compare to ping every 10s count=2 who do routing and can generate false detection. Thats ad3 is used.
I hope I write in human form :)
MTCNA + MTCRE + MTCINE | ~600 users at ~150 RouterBoards in EMEA | Telegram: @SiB_PL
WinBox Tip: F6 works as ALT+TAB | Gliffy.com - free network schematic | prnt.sc - free ScreenShot software
At vacation until 15.jan.2021
 
User avatar
anav
Forum Guru
Forum Guru
Topic Author
Posts: 5932
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Moving from Fail Over to Using both WANS ??

Thu Dec 10, 2020 12:18 am

I hope I write in human form :)
I knew it!!, You are either an alien or a very smart teddy bear!!
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
Dude2048
Member Candidate
Member Candidate
Posts: 129
Joined: Thu Sep 01, 2016 4:04 pm

Re: Moving from Fail Over to Using both WANS ??

Thu Dec 10, 2020 12:21 am

What Anav said, and thanks. I will try to build this in the weekend and provide some feedback.
 
Dude2048
Member Candidate
Member Candidate
Posts: 129
Joined: Thu Sep 01, 2016 4:04 pm

Re: Moving from Fail Over to Using both WANS ??

Sat Dec 12, 2020 5:58 pm

I will stop hijacking this post with this one last question. Sib, did you manage to resolve this recursive load balancing with LTE?
 
User avatar
SiB
Forum Guru
Forum Guru
Posts: 1314
Joined: Sun Jan 06, 2013 11:19 pm
Location: Poland

Re: Moving from Fail Over to Using both WANS ??

Sat Dec 12, 2020 8:39 pm

Dude2048
Sib, did you manage to resolve this recursive load balancing with LTE?
This "1) Recursive Routing" can be done only by MikroTik Developers Team
MTCNA + MTCRE + MTCINE | ~600 users at ~150 RouterBoards in EMEA | Telegram: @SiB_PL
WinBox Tip: F6 works as ALT+TAB | Gliffy.com - free network schematic | prnt.sc - free ScreenShot software
At vacation until 15.jan.2021

Who is online

Users browsing this forum: anav, Baidu [Spider], toggee and 53 guests