Community discussions

MikroTik App
 
raktim
Member Candidate
Member Candidate
Topic Author
Posts: 184
Joined: Fri Jun 15, 2007 7:22 am

need to understand nat rules, action=same

Fri Jan 09, 2009 3:55 pm

i read the the mikrotik manual to understand the "Action=same". May be example will clear my confusion.
please help me.
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8465
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: need to understand nat rules, action=same

Fri Jan 09, 2009 5:43 pm

when you src-nat to block of addresses, for example, 123.123.123.1-123.123.123.3, and use 'action=same', if one client connected to 'xxx' website and were src-natted to 123.123.123.2, then all following connections to this site will be src-natted only to 123.123.123.2, not 123.123.123.1 or 123.123.123.3
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: need to understand nat rules, action=same

Thu Jan 15, 2009 12:53 am

Then how can we use this to replace the TP-LINK load balancing router with a MirkoTik router? TL-R488T Load Balance Broadband Router User Guide 200865143018.pdf page 34
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8465
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: need to understand nat rules, action=same

Fri Jan 16, 2009 11:59 am

TL-R488T Load Balance Broadband Router User Guide 200865143018.pdf
where's link? =)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: need to understand nat rules, action=same

Mon Feb 02, 2009 4:20 am

wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1735
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: need to understand nat rules, action=same

Mon Feb 02, 2009 9:21 am

Then how can we use this to replace the TP-LINK load balancing router with a MirkoTik router? TL-R488T Load Balance Broadband Router User Guide 200865143018.pdf page 34
Just to avoid confusion - NAT have nothing to do with routing, so only load balancing can be done with NATed src-address distribution on the same physical link
With great knowledge comes great responsibility, because of ability to recognize id... incompetent people much faster.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: need to understand nat rules, action=same

Mon Feb 02, 2009 1:23 pm

"Load Balancing" as we all here in the forums strive to achieve, without success, is with NATing - yes. If it were routing we would have a bunch of Internet IP addresses for our clients and BGP or static routes in our router and in our ISPs routers would take care of it. (somewhat). The TP-LINK example is a NAT example, that claims very useful features (see pdf) that it would be good if we can accomplish with MikroTik.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8465
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: need to understand nat rules, action=same

Mon Feb 02, 2009 3:40 pm

"Load Balancing" as we all here in the forums strive to achieve, without success, is with NATing - yes.
hmmm... without? we used load balancing between 3 modem lines successfully 2-3 years ago =) fortunately, now we are ISP and use one uplink line

and "Load Balancing" is not NAT, it is selecting one of uplink/downlink lines. actually, NAT in our scenarios is just a means to use the same link for download traffic =) so, at first you should decide how you will separate requests between lines
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: need to understand nat rules, action=same

Mon Feb 02, 2009 4:42 pm

Sure. Of course. Simply back then you had static IPs for gateways and not PPPoE interface names... ? An maybe then you did not notice the packet leaks.. etc ? What I'm saying is - me, and a couple other users have this load balancing problem (that is a MikroTik problem) and it can not be denied. I need the PPPoE load balancing for a lot of the routers of my customers as well as a couple of my own routers. So... By the way, there is new info here: http://wiki.mikrotik.com/index.php?titl ... Persistent that I will try, but I am still not convinced until I see its all OK without any packet leaks etc.. And by the way WiKi article does not provide any failover for the scenario when we have interface names instead of GW IPs.... OK will be back in a couple of hours...

Regards
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service
 
ekkas
Long time Member
Long time Member
Posts: 564
Joined: Mon Sep 26, 2005 1:01 pm
Location: South Africa

Re: need to understand nat rules, action=same

Sat Feb 14, 2009 6:37 pm

I use a RB532A with a 6 port LAN daughterboard and loadbalance 4 WAN ports without any problems. Had to do some tweaking as to send port 443 traffic through 1 interface only, but after that all is ok. There are a few sites that also need to work through 1 WAN only, but achieved this with simple address list. I think it is only about 3 sites, local banking servers that are poorly designed.

So I implemented example as in wiki(expanded to 4 WAN ports), but added the 2 rules before the normal Nth rules, 1 to send 443 to 1 WAN & 1 to send address-list to another and all is fine for almost a year now. Previously use a Linksys RV016, but I can tell you the MT box gives MUCH better performance/response and control.

I don't know what the packet leak is that you are talking about, if we have it, it doesn't bother us.

Ekkas
 
User avatar
NetworkPro
Forum Guru
Forum Guru
Posts: 1370
Joined: Mon Jan 05, 2009 6:23 pm
Location: Worldwide
Contact:

Re: need to understand nat rules, action=same

Sun Feb 15, 2009 9:29 am

Professional Performance-tuning of your network could give you a lot of gain in speed for the important traffic. This includes filtering any pointless packets being sent over interfaces. If you have time - check out our discussions for packet leak fix. The other is proper QoS.
wiki.mikrotik.com/wiki/NetworkPro_on_Quality_of_Service

Who is online

Users browsing this forum: Google [Bot] and 113 guests