Community discussions

MikroTik App
 
karthickk
just joined
Topic Author
Posts: 8
Joined: Sun Aug 22, 2021 2:44 pm

**HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Sun Aug 22, 2021 3:31 pm

Hi All,

I have configured the heX router with dual WAN Load balancing and Failover. But i do feel something is wrong in the configuration. Can someone help me find the mistake in the configuration below. Thanks in advance.
# RouterOS 6.48.3
# model = RB750Gr3
/interface bridge
add name=Bridge-LAN
/interface ethernet
set [ find default-name=ether1 ] comment=WAN name=WAN1-Hathway
set [ find default-name=ether2 ] name=WAN2-ACT
set [ find default-name=ether3 ] comment=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=DHCP-Server-LAN ranges=192.168.1.10-192.168.1.30
/ip dhcp-server
add address-pool=DHCP-Server-LAN disabled=no interface=Bridge-LAN name=DHCP-Server-LAN
/interface bridge port
add bridge=Bridge-LAN interface=ether3
add bridge=Bridge-LAN interface=ether4
add bridge=Bridge-LAN interface=ether5
/ip address
add address=192.168.1.1/24 interface=Bridge-LAN network=192.168.1.0
/ip dhcp-client
add add-default-route=no disabled=no interface=WAN1-Hathway use-peer-dns=no
add add-default-route=no disabled=no interface=WAN2-ACT use-peer-dns=no
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=8.8.8.8,9.9.9.9 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,9.9.9.9
/ip firewall mangle
add action=mark-connection chain=input in-interface=WAN1-Hathway new-connection-mark=WAN1_Conn passthrough=yes
add action=mark-connection chain=input in-interface=WAN2-ACT new-connection-mark=WAN2_Conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_Conn new-routing-mark=To_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_Conn new-routing-mark=To_WAN2 passthrough=yes
add action=accept chain=prerouting dst-address=192.168.10.0/24 in-interface=Bridge-LAN
add action=accept chain=prerouting dst-address=10.227.0.0/16 in-interface=Bridge-LAN
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=Bridge-LAN new-connection-mark=WAN1_Conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=Bridge-LAN new-connection-mark=WAN2_Conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1_Conn in-interface=Bridge-LAN new-routing-mark=To_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_Conn in-interface=Bridge-LAN new-routing-mark=To_WAN2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN1-Hathway
add action=masquerade chain=srcnat out-interface=WAN2-ACT
/ip route
add check-gateway=ping distance=1 gateway=192.168.10.1 routing-mark=To_WAN1
add check-gateway=ping distance=1 gateway=10.227.0.1 routing-mark=To_WAN2
add check-gateway=ping distance=1 gateway=192.168.10.1
add check-gateway=ping distance=1 gateway=10.227.0.1 
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Thu Sep 16, 2021 8:34 am

If you want to get some advice, you'll have to be more verbose on what exactly doesn't feel right. At least my crystall ball is out of order today.
 
karthickk
just joined
Topic Author
Posts: 8
Joined: Sun Aug 22, 2021 2:44 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Thu Sep 16, 2021 8:53 am

Hi, thanks for the reply. I want to know whether the firewall mangle/nat rules and routes are configured right to achieve the load balancing & failover.

/ip firewall mangle
add action=mark-connection chain=input in-interface=WAN1-Hathway new-connection-mark=WAN1_Conn passthrough=yes
add action=mark-connection chain=input in-interface=WAN2-ACT new-connection-mark=WAN2_Conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_Conn new-routing-mark=To_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_Conn new-routing-mark=To_WAN2 passthrough=yes
add action=accept chain=prerouting dst-address=192.168.10.0/24 in-interface=Bridge-LAN
add action=accept chain=prerouting dst-address=10.227.0.0/16 in-interface=Bridge-LAN
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=Bridge-LAN new-connection-mark=WAN1_Conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting dst-address-type=!local in-interface=Bridge-LAN new-connection-mark=WAN2_Conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1_Conn in-interface=Bridge-LAN new-routing-mark=To_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_Conn in-interface=Bridge-LAN new-routing-mark=To_WAN2 passthrough=yes

/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN1-Hathway
add action=masquerade chain=srcnat out-interface=WAN2-ACT

/ip route
add check-gateway=ping distance=1 gateway=192.168.10.1 routing-mark=To_WAN1
add check-gateway=ping distance=1 gateway=10.227.0.1 routing-mark=To_WAN2
add check-gateway=ping distance=1 gateway=192.168.10.1
add check-gateway=ping distance=1 gateway=10.227.0.1
 
atuxnull
Frequent Visitor
Frequent Visitor
Posts: 82
Joined: Tue Feb 07, 2017 10:02 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Thu Sep 16, 2021 9:20 am

What issues do you currently experience with the firewall rules?
 
karthickk
just joined
Topic Author
Posts: 8
Joined: Sun Aug 22, 2021 2:44 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Thu Sep 16, 2021 9:22 am

I feel like the traffic is not evenly balanced and passed through both ISP. I have 2 ISPs each with 200Mbps connection. So i should get a 400 Mbps bandwidth. But sometimes i'm getting around 360-380Mbps and sometimes 180-200Mbps that is passed through only one ISP.
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Thu Sep 16, 2021 3:16 pm

Any client-only 'load balancing' is really 'load sharing'. When a new connection is assigned to a particular WAN then all traffic is via that WAN for the duration of the connection, be it only a couple of kB in a second or many GB over hours - you will never achieve an exact 50/50 split.
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Thu Sep 16, 2021 7:51 pm

Both addresses and ports gives the best chances for even traffic distribution...
How do you test the actual throughput of your Total Bandwidth ?
 
karthickk
just joined
Topic Author
Posts: 8
Joined: Sun Aug 22, 2021 2:44 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Thu Sep 16, 2021 11:09 pm

Using torrent download, streaming and speed test.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Thu Sep 16, 2021 11:28 pm

When benchmarking using torrent, you should get net throughput very close to sum of both ISP throughputs because torrent uses maaany concurrent connections to many peers which is ideal for your kind of load balancing.The exact result still depends on how peers perform though.
For streaming you will almost certainly always be limited to using single ISP line as streaming usually uses single connection end there's nothing to be balanced between the two ISP lines.
For speed test, which uses multiple connections (but small number of connections never the less) the results will be more varying ... sometimes you might get almost sum of both links, sometimes less. I'm not sure how much speedtest client communicates with server and if the fact that same client binary accesses server via two different IP addresses bothers server (and consequently client)? No idea.
 
karthickk
just joined
Topic Author
Posts: 8
Joined: Sun Aug 22, 2021 2:44 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Fri Sep 17, 2021 8:58 am

Understood, so the firewall rule configuration is good right?
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Fri Sep 17, 2021 5:10 pm

Understood, so the firewall rule configuration is good right?
Your rules from a quick look, are fine...
What i would be worried about, is that as you said, sometimes while you re doing speed tests, is that only one line of a specific ISP is used...
It seems impossible that when doing speed tests or downloading from Torrent, there is zero traffic to the second ISP...

Something seems to not be working as it should... Or i understood something wrong ...
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Fri Sep 17, 2021 5:42 pm

It seems impossible ...
Not impossible. But probability of it happen is 1 divided by 2 to the power of (N-1) (where N is number of active torrent peers). E.g. if number of active torrent peers is 11, then possibility of only one ISP line being used is around one in a thousand.
 
karthickk
just joined
Topic Author
Posts: 8
Joined: Sun Aug 22, 2021 2:44 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Fri Sep 17, 2021 6:13 pm

I could see traffic in both ISP port. But sometimes they are even like 190+190 on both ports. But sometimes 20+180.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Fri Sep 17, 2021 9:10 pm

If things are all working right then seeing sharing ratios different than 200:200 is matter of statistics. As I explained it is most probable to see even ratio, but some odd ratios are possible but you should not see that too often.

Since we're talking about two ISPs with different backbone and peering, it is very possible to see some systematic difference (one ISP line persistently performing better than the other). But that still wouldn't indicate any error in router's configuration or performance.
 
karthickk
just joined
Topic Author
Posts: 8
Joined: Sun Aug 22, 2021 2:44 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Fri Sep 17, 2021 10:00 pm

Great, thank you all for explaining patiently and helping me out. It's a good learning. I think we can mark this thread as solved.
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Fri Sep 17, 2021 11:47 pm

then possibility of only one ISP line being used is around one in a thousand.
Right ...
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: **HELP NEEDED** RB750Gr3- Load balancing and Failover configuration

Sat Sep 18, 2021 12:15 pm

then possibility of only one ISP line being used is around one in a thousand.
Right ...
But not impossible. If somebody has too much time and is checking performance every few seconds (or has enabled graphing), then seeing this happen now and then is a reality and might trigger some sort of anxiety attack :wink:.

Just wanted to prepare user for this to gappdn so that we don't have to deal with it at that time (it's easier to do it now when the details are still fresh in our minds).

Who is online

Users browsing this forum: GoogleOther [Bot] and 33 guests