Page 1 of 1

Load Balancing, Any problems?

Posted: Sat Nov 10, 2007 5:24 am
by xbaha
Hi,
i have implemented the wiki "Per Connection Load Balancing" @ http://wiki.mikrotik.com/wiki/Load_Balancing and it works fine on my 2 adsl lines,
i used 3 routers, 2 as my pppoe clients, and one router that does load balancing.
so far everything is fine, only couple of problems:

1. some bank sites requie that traffic comes from 1 IP address, if it came from diffrent one, it will terminate your session.
2. P2P traffic get killed and become very slow, i tried direct connection ( to make sure its not my isp who is killing traffic) and download went fine, when i do load balance, traffic is very slow, but it works, any idea why ???

i have not implemented any solutions so far, i am thinking of the following, please correct me if i am wrong:

/ip firewall add chain=prerouting action=mark-routing new-routing-mark="SSL Traffic" passthrough=no dst-port=443 protocol=tcp
/ip firewall nat add chain=srcnat connection-mark="SSL Traffic" action=src-nat to-addresses=10.0.1.2 to-ports=0-65535
/ip route add dst-address=0.0.0.0/0 gateway=10.0.1.1 scope=255 target-scope=10 routing-mark="SSL Traffic"

please let me know if this would work with my other 4 mangle rules?


also, please whoever implemented per connection load balancing, can you give your feed back on what kind of problems you faced? i really appreciate any feedback on this subject.


Thanks.

Re: Load Balancing, Any problems?

Posted: Mon Nov 19, 2007 10:53 am
by GWISA
Try the 'Improved ECMP with persistent connections' on the wiki.

Re: Load Balancing, Any problems?

Posted: Wed Nov 21, 2007 2:00 pm
by Tanker
.......when you get the SSL solution working - puhLEEEZE let me know!!!

I have LOTS of irritated Banking clients ..!!!!

:shock:

Re: Load Balancing, Any problems?

Posted: Wed Nov 21, 2007 2:26 pm
by xbaha
sure,

jsut add the following line befor the (2) odd rules:

/ip firewall mangle chain=prerouting action=mark-connection new-connection-mark=odd passthrough=yes connection-state=new in-interface=Local dst-port=443 protocol=tcp comment="HTTPS" disabled=no

Re: Load Balancing, Any problems?

Posted: Wed Nov 21, 2007 8:43 pm
by xxiii
I see you are using PPPoE. This is possibly the actual culprit.

See "PPPoE dynamic mangle rules are broken" http://forum.mikrotik.com/viewtopic.php ... &sk=t&sd=a

for a discussion of the issue and a workaround/fix.

SSL connections in particular are very susceptible to the issue.

Re: Load Balancing, Any problems?

Posted: Thu Nov 22, 2007 3:19 am
by xbaha
no i am not using pppoe, this is only load balancing router..

Re: Load Balancing, Any problems?

Posted: Mon Nov 26, 2007 10:23 pm
by xxiii
Ok, I'm confused, as you said:
i used 3 routers, 2 as my pppoe clients, and one router that does load balancing.
The Mikrotik PPPoE client can also generate broken rules, and SSL and anything trying to use full sized packets (P2P) are where you would be likely to see the problem.

2 questions:

If you remove the load balancing router, and only use one of the connections, do the problems go away?

If you still go through the load balancing router, but force it to send everything through only one of the connections (perhaps by disconnecting or disabling the other one), do the problems go away?

Re: Load Balancing, Any problems?

Posted: Mon Nov 26, 2007 10:59 pm
by xbaha
sorry, i thought PPPoE Server,
yes, my 2 routers are PPPoE clients,
now the SSL problem was resolved, because i am forcing any SSL connection to go through a single line (not load balanced), so banking sites get only 1 IP, which works fine.,

the P2P has a problem, i still can download using bittorrent, but the program keep telling me i have natting problem.
to get things short:
1. i tried to dial from my pc through a bridged modem to the ISP, and tried P2P, i didnt have any natting problems.
2. i tried to get Mikrotik to be a PPPoE client, and set it to be my computer gateway, the bittorrent client told me i have natting problems, although i still can download, but probably not as fast as if i was direct.
3. i tried with load balancing, i am still have problem as (2), so it seems not the load balancing problem, something to do with natting, cant figure it out so far.
4. i tried other ADSL modems, bittorrent said i have natting problems.
5. i tried cisco 2800 with adsl wic, still natting problem.

so far i gave it up. not sure what to do really, and not that major problem...

Re: Load Balancing, Any problems?

Posted: Thu Feb 21, 2008 11:35 pm
by sandov63
HI how can i do load balance with fail over with two adsl modems with only my mikrotik system? i have 2 adsl modems asigning ip on dhcp

Re: Load Balancing, Any problems?

Posted: Fri Feb 22, 2008 5:10 am
by mson77
Hello sandov63,

to make your LB be failover... just add check your gateway with ping or arp.


Regards,