Community discussions

MikroTik App
 
LdB
Member Candidate
Member Candidate
Topic Author
Posts: 141
Joined: Thu May 20, 2021 4:23 pm

Load balancing 3 WANS to combined out

Fri May 21, 2021 11:12 am

There are plenty of load balancer examples with NAT's but none with live IP's
I have a C class from my ISP and 3 different pop's on 3 links on /32's which must the provide a single WAN out load balanced on another /32 in that class
It sort of works when all 3 links in but it's hard to work out if the issue is the balancer or the firewall.

Ideally I would like to take the firewall down but given these are live IP's the router will get attacked very hard :-)

So can some kind soul pass an eye over balancer and check I got it right
/ip address
add address=xxx.yyy.zzz.6/30 network=xxx.yyy.zzz.4 broadcast=xxx.yyy.zzz.7 interface=ether2
add address=xxx.yyy.zzz.10/30 network=xxx.yyy.zzz.8 broadcast=xxx.yyy.zzz.11 interface=ether3
add address=xxx.yyy.zzz.14/30 network=xxx.yyy.zzz.12 broadcast=xxx.yyy.zzz.15 interface=ether4
add address=xxx.yyy.zzz.18/30 network=xxx.yyy.zzz.16 broadcast=xxx.yyy.zzz.19 interface=ether5

/ip firewall address-list
add address=xxx.yyy.zzz.1-xxx.yyy.zzz.255 list=allowed_users

/ip firewall mangle
add action=accept chain=prerouting in-interface=ether2
add action=accept chain=prerouting in-interface=ether3
add action=accept chain=prerouting in-interface=ether4

add chain=prerouting dst-address-type=!local in-interface=ether5 per-connection-classifier=both-addresses-and-ports:3/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes src-address-list=allowed_users
add chain=prerouting dst-address-type=!local in-interface=ether5 per-connection-classifier=both-addresses-and-ports:3/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes src-address-list=allowed_users
add chain=prerouting dst-address-type=!local in-interface=ether5 per-connection-classifier=both-addresses-and-ports:3/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes src-address-list=allowed_users

add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN3

/ip route
add dst-address=0.0.0.0/0 gateway=xxx.yyy.zzz.5 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=xxx.yyy.zzz.9 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=xxx.yyy.zzz.11 routing-mark=to_WAN3 check-gateway=ping

add dst-address=0.0.0.0/0 gateway=xxx.yyy.zzz.5 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=xxx.yyy.zzz.9 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=xxx.yyy.zzz.11 distance=3 check-gateway=ping

Who is online

Users browsing this forum: anav, AtomikRoach and 40 guests