Community discussions

MikroTik App
 
raffey
just joined
Topic Author
Posts: 1
Joined: Sun Jun 20, 2021 8:51 am

Load balancer not using all wan

Sun Jun 20, 2021 9:25 am

Hi,

I am new to mikrotik, I watched tutorials and some scripts for 3 WAN load balancing,
I have 3 WAN, I did what was told in tutorials, Now my load balancer is configured and working. But issue is that all 3 WAN are not used simultaneously. When I disable or unplug 1 or 2 WAN it goes to 3rd WAN.
Only WAN1 is used at a time.
Image
# jun/20/2021 11:06:14 by RouterOS 6.48.1
# software id = MQUA-U7M5
#
# model = CRS106-1C-5S
# serial number = 6DE00775DBD4
/interface ethernet
set [ find default-name=sfp4 ] name=LAN1
set [ find default-name=sfp1 ] name=WAN1
set [ find default-name=sfp2 ] name=WAN2
set [ find default-name=sfp3 ] name=WAN3
/ip pool
add name=dhcp_pool0 ranges=192.168.21.2-192.168.21.254
/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=LAN1 lease-time=4d4h40m39s \
    name=dhcp1
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface detect-internet
set detect-interface-list=all
/ip address
add address=192.168.1.2/24 interface=WAN1 network=192.168.1.0
add address=192.168.2.2/24 interface=WAN2 network=192.168.2.0
add address=210.2.130.52/29 interface=WAN3 network=210.2.130.48
add address=192.168.21.1/24 interface=LAN1 network=192.168.21.0
/ip dhcp-server network
add address=192.168.21.0/24 gateway=192.168.21.1
/ip dns
set allow-remote-requests=yes cache-size=5000KiB max-udp-packet-size=2048 \
    servers=210.2.181.7,210.2.177.6,192.168.21.1,8.8.8.8
/ip firewall filter
add action=accept chain=output content="530 Login incorrect" dst-limit=\
    1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=ftp_blacklist \
    address-list-timeout=3h chain=output content="530 Login incorrect" \
    protocol=tcp
add action=drop chain=input dst-port=22 protocol=tcp src-address-list=\
    ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
    address-list-timeout=1w3d chain=input connection-state=new dst-port=22 \
    protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
    address-list-timeout=1m chain=input connection-state=new dst-port=22 \
    protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
    address-list-timeout=1m chain=input connection-state=new dst-port=22 \
    protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
    address-list-timeout=1m chain=input connection-state=new dst-port=22 \
    protocol=tcp
add action=drop chain=forward comment="drop ssh brute downstream" dst-port=22 \
    protocol=tcp src-address-list=ssh_blacklist
/ip firewall mangle
add action=mark-connection chain=input in-interface=WAN1 new-connection-mark=\
    WAN1_conn passthrough=yes
add action=mark-connection chain=input in-interface=WAN2 new-connection-mark=\
    WAN2_conn passthrough=yes
add action=mark-connection chain=input in-interface=WAN3 new-connection-mark=\
    WAN3_conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn \
    new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn \
    new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN3_conn \
    new-routing-mark=to_WAN3 passthrough=yes
add action=accept chain=prerouting dst-address=192.168.1.0/24 in-interface=\
    LAN1
add action=accept chain=prerouting dst-address=192.168.2.0/24 in-interface=\
    LAN1
add action=accept chain=prerouting dst-address=210.2.130.48/29 in-interface=\
    LAN1
add action=mark-connection chain=prerouting dst-address-type=local \
    in-interface=LAN1 new-connection-mark=WAN1_conn passthrough=yes \
    per-connection-classifier=both-addresses-and-ports:3/0
add action=mark-connection chain=prerouting dst-address-type=local \
    in-interface=LAN1 new-connection-mark=WAN2_conn passthrough=yes \
    per-connection-classifier=both-addresses-and-ports:3/1
add action=mark-connection chain=prerouting dst-address-type=local \
    in-interface=LAN1 new-connection-mark=WAN3_conn passthrough=yes \
    per-connection-classifier=both-addresses-and-ports:3/2
add action=mark-routing chain=prerouting connection-mark=WAN1_conn \
    in-interface=LAN1 new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn \
    in-interface=LAN1 new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN3_conn \
    in-interface=LAN1 new-routing-mark=to_WAN3 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN1
add action=masquerade chain=srcnat out-interface=WAN2
add action=masquerade chain=srcnat out-interface=WAN3
/ip route
add check-gateway=ping distance=1 gateway=192.168.1.1 routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=192.168.2.1 routing-mark=to_WAN2
add check-gateway=ping distance=1 gateway=210.2.130.49 routing-mark=to_WAN3
add check-gateway=ping distance=1 gateway=192.168.1.1
add check-gateway=ping distance=1 gateway=192.168.2.1
add check-gateway=ping distance=1 gateway=210.2.130.49

Who is online

Users browsing this forum: No registered users and 65 guests