Community discussions

MikroTik App
 
aah
newbie
Topic Author
Posts: 27
Joined: Wed Apr 21, 2021 7:37 pm

What is the best practice for setting load-balancing and failover for two WANs

Sat Jun 12, 2021 4:32 pm

Hi everyone,

I have made a switch from PfSense to RouterOS, so I am very new to Mikrotik. Setting up load-balancing and failover was a pretty straightforward task in PfSense. However, in RouterOS, I have come to realize there are many ways one could undertake accomplishing this. I would just like to know what generally is the best practice for setting up LB and FO for one PPPoE WAN and one static IP WAN. I would like one to ping 8.8.8.8 and the other 1.1.1.1 and not their gateways. For the finer details I will bother you all again, if I don't end up resolving the matter on my own. Many thanks.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18959
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: What is the best practice for setting load-balancing and failover for two WANs

Sat Jun 12, 2021 4:51 pm

Well
- simply stating failover is not enough detail.
-simply stating load balancing is not enough

What is primary, what is secondary.
What do you want to have happen if primary or secondary faiils.

Why say failover and then load balancing>
Do you mean both are roughly equal interfaces Not a primary or Secondary but
perhaps one should handle more of the wan traffic by a a certain amount.......... but takes all the load if one fail.s

No specific lan or subnet requirements for the above scenarios??

Read this for starters....
https://mum.mikrotik.com/presentations/US12/steve.pdf

Also you may want to peruse MT info.......
https://help.mikrotik.com/docs/display/ ... +Balancing
 
aah
newbie
Topic Author
Posts: 27
Joined: Wed Apr 21, 2021 7:37 pm

Re: What is the best practice for setting load-balancing and failover for two WANs

Sat Jun 12, 2021 5:29 pm

Thank you for the quick reply. The PDF looks very informative. Although I already have done some research on ECMP, Nth LB, PBR, and PCC. I understand each have their own benefits and downsides.
Well
- simply stating failover is not enough detail.
-simply stating load balancing is not enough
Why Failover? Redundancy: If WAN1 goes down (packet loss goes to 100% or latency above ~500ms) switch to WAN2 for default gateway. When WAN1 comes back online then switch BACK to WAN1 from WAN2. In PfSense this is to go both ways (as in Tier 1 to Tier 2 and Tier 2 to Tier 1). I also don't want either WAN to ping their gateways (next hops). I want them to ping an actual address on the web.
Why Load Balancing? Utilizing two pipelines at the same time: If an app has the capacity to open enough connections, then both WANs should be available to it (such as an IDM). If load balancing automatically addresses failover in Mikrotik then the need for failover essentially becomes moot. But in PfSense default gateway would not automatically switch, unless specified under routing rules. That is why I was asking for both.

What is primary, what is secondary.
What do you want to have happen if primary or secondary faiils.
Static Primary. PPPoE secondary.
Do you mean both are roughly equal interfaces Not a primary or Secondary but
perhaps one should handle more of the wan traffic by a a certain amount.......... but takes all the load if one fail.s

Assigning a weight ratio (as in 2 to 1) was beyond the scope of what I wanted to ask on the get go. But should this matter, primary's connection speed is 50% faster than the secondary. Overall, it wouldn't matter if a connection goes from one or the other (but it has to come back through the same gateway and go out the same [such as for banking connections [anyway, this is besides the point and easily done with mangle]).

No specific lan or subnet requirements for the above scenarios??
No. Not at this juncture
 
DarkNate
Forum Veteran
Forum Veteran
Posts: 997
Joined: Fri Jun 26, 2020 4:37 pm

Re: What is the best practice for setting load-balancing and failover for two WANs

Sat Jun 12, 2021 5:36 pm

The best practice would be one where:
  • Sub 0ms failover effect
  • Bandwidth aggregation is achieved for non HTTP/HTTPS traffic
  • HTTP/HTTPS traffic is not broken
  • QUIC traffic is accounted for
  • LAN to LAN traffic is excluded
  • Anything destined towards IP>Address IPs is excluded
  • Previously marked connections are no longer re-marked constantly and using up CPU

Source: https://www.daryllswer.com/multi-wan-se ... -routeros/
 
aah
newbie
Topic Author
Posts: 27
Joined: Wed Apr 21, 2021 7:37 pm

Re: What is the best practice for setting load-balancing and failover for two WANs

Sun Jun 13, 2021 5:20 pm

The best practice would be one where:
  • Sub 0ms failover effect
  • Bandwidth aggregation is achieved for non HTTP/HTTPS traffic
  • HTTP/HTTPS traffic is not broken
  • QUIC traffic is accounted for
  • LAN to LAN traffic is excluded
  • Anything destined towards IP>Address IPs is excluded
  • Previously marked connections are no longer re-marked constantly and using up CPU

Source: https://www.daryllswer.com/multi-wan-se ... -routeros/

Thank you very much. This seems to address about 90 percent of what I had in mind. I am working on it. Will report back. Many thanks again.


EDIT: What exactly do you mean by NOT "NOT_IN_INTERNET" ... Do you want the user to replace the "NOT_IN_INTERNET" by LAN subnet address?
 
DarkNate
Forum Veteran
Forum Veteran
Posts: 997
Joined: Fri Jun 26, 2020 4:37 pm

Re: What is the best practice for setting load-balancing and failover for two WANs

Sun Jun 13, 2021 6:46 pm

The best practice would be one where:
  • Sub 0ms failover effect
  • Bandwidth aggregation is achieved for non HTTP/HTTPS traffic
  • HTTP/HTTPS traffic is not broken
  • QUIC traffic is accounted for
  • LAN to LAN traffic is excluded
  • Anything destined towards IP>Address IPs is excluded
  • Previously marked connections are no longer re-marked constantly and using up CPU

Source: https://www.daryllswer.com/multi-wan-se ... -routeros/

Thank you very much. This seems to address about 90 percent of what I had in mind. I am working on it. Will report back. Many thanks again.


EDIT: What exactly do you mean by NOT "NOT_IN_INTERNET" ... Do you want the user to replace the "NOT_IN_INTERNET" by LAN subnet address?
That "not_in_internet" address list is built from RFC 6890 it means exactly just that, subnets/prefixes that are not on the internet. You can copy/paste the whole thing from here for the address list: https://www.daryllswer.com/edge-router- ... -for-isps/

For LAN subnets, you don't need to intervene. As the implementation in that link relies on interface grouping/lists instead of per subnet basis (which is equivalent to a brain seizure), so you can create a LAN interface list containing all your bridged VLANs or whatever and it will work automatically.
 
aah
newbie
Topic Author
Posts: 27
Joined: Wed Apr 21, 2021 7:37 pm

Re: What is the best practice for setting load-balancing and failover for two WANs

Mon Jun 14, 2021 4:49 am

The best practice would be one where:
  • Sub 0ms failover effect
  • Bandwidth aggregation is achieved for non HTTP/HTTPS traffic
  • HTTP/HTTPS traffic is not broken
  • QUIC traffic is accounted for
  • LAN to LAN traffic is excluded
  • Anything destined towards IP>Address IPs is excluded
  • Previously marked connections are no longer re-marked constantly and using up CPU

Source: https://www.daryllswer.com/multi-wan-se ... -routeros/

Thank you very much. This seems to address about 90 percent of what I had in mind. I am working on it. Will report back. Many thanks again.


EDIT: What exactly do you mean by NOT "NOT_IN_INTERNET" ... Do you want the user to replace the "NOT_IN_INTERNET" by LAN subnet address?
That "not_in_internet" address list is built from RFC 6890 it means exactly just that, subnets/prefixes that are not on the internet. You can copy/paste the whole thing from here for the address list: https://www.daryllswer.com/edge-router- ... -for-isps/

For LAN subnets, you don't need to intervene. As the implementation in that link relies on interface grouping/lists instead of per subnet basis (which is equivalent to a brain seizure), so you can create a LAN interface list containing all your bridged VLANs or whatever and it will work automatically.

Ahhh! OK. It's your equivalent term for bogons. Understood.
 
aah
newbie
Topic Author
Posts: 27
Joined: Wed Apr 21, 2021 7:37 pm

Re: What is the best practice for setting load-balancing and failover for two WANs

Fri Jun 18, 2021 8:52 am

Hi,

Sorry it took me a while to get things working. I am wondering what is the benefit of assigning TCP,UDP (80,443) to PCC and the rest to Nth. Utilizing only PCC across the board seems - at first glance - to function as expected. Looking forward to your input.
 
DarkNate
Forum Veteran
Forum Veteran
Posts: 997
Joined: Fri Jun 26, 2020 4:37 pm

Re: What is the best practice for setting load-balancing and failover for two WANs

Fri Jun 18, 2021 2:33 pm

Hi,

Sorry it took me a while to get things working. I am wondering what is the benefit of assigning TCP,UDP (80,443) to PCC and the rest to Nth. Utilizing only PCC across the board seems - at first glance - to function as expected. Looking forward to your input.
TCP,UDP (80,443) to PCC because you don't want to change source IP every 3 seconds.

The rest to Nth = bandwidth aggregation. Run a speed test with iPerf3 with multiple threads and you'll see it's pulling bandwidth from both uplinks.

Who is online

Users browsing this forum: No registered users and 70 guests