Hi.
I want to configure gw load balancing with 4 WAN connections to different ISPs, with different bandwidth limitation.
It must guarantee that all paths to the destination network are being used.
I need your opinion on how to configure (load balancing) router for forwarding packets in different routes to the same destination, when there is more than one entry in the routing table for the same destination network.
Which is the best way or protocol (RIP, IGRP, EIGRP, OSPF, IS - IS) for my scenario?
I intend to include even internal IP proxy cache feature on configurations.
This will help me very much.
Thank you in advance for helping me.
Re: Forwarding packets in different routes to the same destinati
Thank you Chupaka for your help.
But what about IP web proxy, does it works with that configuration?
Does anyone test it before?
thnx
But what about IP web proxy, does it works with that configuration?
Does anyone test it before?
thnx
Re: Forwarding packets in different routes to the same destinati
yes, you may set routing marks in prerouting and output chains, to web-proxy should not be the problem
Re: Forwarding packets in different routes to the same destinati
Hi.
What about messengers, do they have problems using PCC matcher?
Thank you and best regards.
What about messengers, do they have problems using PCC matcher?
Thank you and best regards.
Re: Forwarding packets in different routes to the same destinati
no problems. especially when using 'both-addresses' classifier
Re: Forwarding packets in different routes to the same destinati
thank you Chupaka for helping me
Re: Forwarding packets in different routes to the same destinati
I did PCC gateway load balancing configuration with 3 WAN connections.
I intend to do this configuration too for having max speed from proxy cache to clients, but firstly I need to consult with you.
-Is this wright config that I must add to my router?
-New Mangle rules (these ones that I intend to add), must be upper or downer (who must be executed firstly) PCC rules?
config that I intend to add:
[admin@instaler] > ip proxy pr
enabled: yes
src-address: 0.0.0.0
port: 3128
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-drive: system
cache-administrator: "webmaster"
max-cache-size: none
cache-on-disk: yes
maximal-client-connections: 600
maximal-server-connections: 600
max-fresh-time: 3d
serialize-connections: yes
cache-hit-dscp: 4
[admin@instaler] ip firewall nat> pr
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat out-interface=WAN1
src-address=192.168.0.0/16 action=masquerade
1 chain=srcnat out-interface=WAN2
src-address=192.168.0.0/16 action=masquerade
2 chain=srcnat out-interface=WAN3
src-address=192.168.0.0/16 action=masquerade
3 chain=dstnat in-interface=lan src-address=192.168.0.0/16
protocol=tcp dst-port=80 action=redirect to-ports=800
/ip firewall mangle
add chain=output out-interface=Local dscp=4 action=mark-packet new-packet-mark=proxy-hit passthrough=no comment="HIT TRAFFIC FROM PROXY"
add chain=prerouting in-interface=Local src-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-up passthrough=no comment="UP TRAFFIC"
add chain=forward src-address=192.168.0.0/16 action=mark-connection new-connection-mark=test-conn passthrough=yes comment="CONN-MARK"
add comment="DOWN-DIRECT CONNECTION" chain=forward in-interface=WAN1 connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-DIRECT CONNECTION" chain=forward in-interface=WAN2 connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-DIRECT CONNECTION" chain=forward in-interface=WAN3 connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-VIA PROXY" chain=output out-interface=Local dst-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-down passthrough=no
[admin@instaler] > queue tree pr
Flags: X - disabled, I - invalid
0 name="downstream" parent=Local packet-mark=test-down
limit-at=32000 queue=default priority=8
max-limit=32000 burst-limit=0
burst-threshold=0 burst-time=0s
1 name="upstream" parent=global-in
packet-mark=test-up limit-at=0
queue=default priority=8
max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
I intend to do this configuration too for having max speed from proxy cache to clients, but firstly I need to consult with you.
-Is this wright config that I must add to my router?
-New Mangle rules (these ones that I intend to add), must be upper or downer (who must be executed firstly) PCC rules?
config that I intend to add:
[admin@instaler] > ip proxy pr
enabled: yes
src-address: 0.0.0.0
port: 3128
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-drive: system
cache-administrator: "webmaster"
max-cache-size: none
cache-on-disk: yes
maximal-client-connections: 600
maximal-server-connections: 600
max-fresh-time: 3d
serialize-connections: yes
cache-hit-dscp: 4
[admin@instaler] ip firewall nat> pr
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat out-interface=WAN1
src-address=192.168.0.0/16 action=masquerade
1 chain=srcnat out-interface=WAN2
src-address=192.168.0.0/16 action=masquerade
2 chain=srcnat out-interface=WAN3
src-address=192.168.0.0/16 action=masquerade
3 chain=dstnat in-interface=lan src-address=192.168.0.0/16
protocol=tcp dst-port=80 action=redirect to-ports=800
/ip firewall mangle
add chain=output out-interface=Local dscp=4 action=mark-packet new-packet-mark=proxy-hit passthrough=no comment="HIT TRAFFIC FROM PROXY"
add chain=prerouting in-interface=Local src-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-up passthrough=no comment="UP TRAFFIC"
add chain=forward src-address=192.168.0.0/16 action=mark-connection new-connection-mark=test-conn passthrough=yes comment="CONN-MARK"
add comment="DOWN-DIRECT CONNECTION" chain=forward in-interface=WAN1 connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-DIRECT CONNECTION" chain=forward in-interface=WAN2 connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-DIRECT CONNECTION" chain=forward in-interface=WAN3 connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-VIA PROXY" chain=output out-interface=Local dst-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-down passthrough=no
[admin@instaler] > queue tree pr
Flags: X - disabled, I - invalid
0 name="downstream" parent=Local packet-mark=test-down
limit-at=32000 queue=default priority=8
max-limit=32000 burst-limit=0
burst-threshold=0 burst-time=0s
1 name="upstream" parent=global-in
packet-mark=test-up limit-at=0
queue=default priority=8
max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
Re: Forwarding packets in different routes to the same destinati
all this seems okay, but you may want to replace your three "DOWN-DIRECT CONNECTION" rules with one, replacing "in-interface=WAN1" with "out-interface=Local". and... do you really need connection-marks? =)
p.s. reviewed your queues... why 'default'? maybe you want to use PCQ to divide traffic equally among users?
p.s. reviewed your queues... why 'default'? maybe you want to use PCQ to divide traffic equally among users?
Re: Forwarding packets in different routes to the same destinati
I dont know how to do that without connection-marks.
Is this config OK with PCQ? Do I need to set up queue type on Simple Queues and Interface Queues to PCQ_Download or PCQ_Upload?
Thank you again for your help!
/ip firewall mangle
add chain=output out-interface=Local dscp=4 action=mark-packet new-packet-mark=proxy-hit passthrough=no comment="HIT TRAFFIC FROM PROXY"
add chain=prerouting in-interface=Local src-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-up passthrough=no comment="UP TRAFFIC"
add chain=forward src-address=192.168.0.0/16 action=mark-connection new-connection-mark=test-conn passthrough=yes comment="CONN-MARK"
add comment="DOWN-DIRECT CONNECTION" chain=forward out-interface=Local connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-VIA PROXY" chain=output out-interface=Local dst-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-down passthrough=no
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=all passthrough=no
/queue type add name="PCQ_download" kind=pcq pcq-rate=0 pcq-classifier=dst-address
/queue type add name="PCQ_upload" kind=pcq pcq-rate=0 pcq-classifier=src-address
/queue tree add parent=global-in queue=PCQ_download packet-mark=all
/queue tree add parent=global-out queue=PCQ_upload packet-mark=all
Is this config OK with PCQ? Do I need to set up queue type on Simple Queues and Interface Queues to PCQ_Download or PCQ_Upload?
Thank you again for your help!
/ip firewall mangle
add chain=output out-interface=Local dscp=4 action=mark-packet new-packet-mark=proxy-hit passthrough=no comment="HIT TRAFFIC FROM PROXY"
add chain=prerouting in-interface=Local src-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-up passthrough=no comment="UP TRAFFIC"
add chain=forward src-address=192.168.0.0/16 action=mark-connection new-connection-mark=test-conn passthrough=yes comment="CONN-MARK"
add comment="DOWN-DIRECT CONNECTION" chain=forward out-interface=Local connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-VIA PROXY" chain=output out-interface=Local dst-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-down passthrough=no
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=all passthrough=no
/queue type add name="PCQ_download" kind=pcq pcq-rate=0 pcq-classifier=dst-address
/queue type add name="PCQ_upload" kind=pcq pcq-rate=0 pcq-classifier=src-address
/queue tree add parent=global-in queue=PCQ_download packet-mark=all
/queue tree add parent=global-out queue=PCQ_upload packet-mark=all
Re: Forwarding packets in different routes to the same destinati
what's 'all' mark? why have you mixed this?.. you already have 'test-up' and 'test-down'!
Re: Forwarding packets in different routes to the same destinati
Oh, this one I think is wright 
/ip firewall mangle
add chain=output out-interface=Local dscp=4 action=mark-packet new-packet-mark=proxy-hit passthrough=no comment="HIT TRAFFIC FROM PROXY"
add chain=prerouting in-interface=Local src-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-up passthrough=no comment="UP TRAFFIC"
add chain=forward src-address=192.168.0.0/16 action=mark-connection new-connection-mark=test-conn passthrough=yes comment="CONN-MARK"
add comment="DOWN-DIRECT CONNECTION" chain=forward out-interface=Local connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-VIA PROXY" chain=output out-interface=Local dst-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-down passthrough=no
/queue type add name="PCQ_download" kind=pcq pcq-rate=0 pcq-classifier=dst-address
/queue type add name="PCQ_upload" kind=pcq pcq-rate=0 pcq-classifier=src-address
/queue tree add parent=global-in queue=PCQ_download packet-mark=test-down
/queue tree add parent=global-out queue=PCQ_upload packet-mark=test-up
But do I need to set up queue type on Simple Queues and Interface Queues to PCQ_Download or PCQ_Upload?
/ip firewall mangle
add chain=output out-interface=Local dscp=4 action=mark-packet new-packet-mark=proxy-hit passthrough=no comment="HIT TRAFFIC FROM PROXY"
add chain=prerouting in-interface=Local src-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-up passthrough=no comment="UP TRAFFIC"
add chain=forward src-address=192.168.0.0/16 action=mark-connection new-connection-mark=test-conn passthrough=yes comment="CONN-MARK"
add comment="DOWN-DIRECT CONNECTION" chain=forward out-interface=Local connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-VIA PROXY" chain=output out-interface=Local dst-address=192.168.0.0/16 action=mark-packet new-packet-mark=test-down passthrough=no
/queue type add name="PCQ_download" kind=pcq pcq-rate=0 pcq-classifier=dst-address
/queue type add name="PCQ_upload" kind=pcq pcq-rate=0 pcq-classifier=src-address
/queue tree add parent=global-in queue=PCQ_download packet-mark=test-down
/queue tree add parent=global-out queue=PCQ_upload packet-mark=test-up
But do I need to set up queue type on Simple Queues and Interface Queues to PCQ_Download or PCQ_Upload?
Re: Forwarding packets in different routes to the same destinati
well, I'd better use this
about what simple queues you are asking?..
/ip firewall mangle
add chain=output out-interface=Local dscp=4 action=mark-packet new-packet-mark=proxy-hit passthrough=no comment="HIT TRAFFIC FROM PROXY"
add chain=prerouting in-interface=Local <del>src-address=192.168.0.0/16</del> action=mark-packet new-packet-mark=test-up passthrough=no comment="UP TRAFFIC"
<del>add chain=forward src-address=192.168.0.0/16 action=mark-connection new-connection-mark=test-conn passthrough=yes comment="CONN-MARK"</del>
add comment="DOWN-DIRECT CONNECTION" chain=forward out-interface=Local <del>connection-mark=test-conn</del> action=mark-packet new-packet-mark=test-down passthrough=no
add comment="DOWN-VIA PROXY" chain=output out-interface=Local <del>dst-address=192.168.0.0/16</del> action=mark-packet new-packet-mark=test-down passthrough=no
/queue type add name="PCQ_download" kind=pcq pcq-rate=0 pcq-classifier=dst-address
/queue type add name="PCQ_upload" kind=pcq pcq-rate=0 pcq-classifier=src-address
/queue tree add parent=global-out queue=PCQ_download packet-mark=test-down
/queue tree add parent=global-in queue=PCQ_upload packet-mark=test-up[/color]
about what simple queues you are asking?..
Re: Forwarding packets in different routes to the same destinati
I asked for this queue simple:
'default' or 'PCQ'
[admin@MikroTik] /queue simple> pr
Flags: X - disabled, I - invalid, D - dynamic
0 name="conn 1" target-addresses=192.168.1.101/32 dst-address=0.0.0.0/0
interface=Local parent=none direction=both priority=5
queue=default/default limit-at=200k/200k max-limit=500k/500k
burst-limit=1500k/1500k burst-threshold=400k/400k burst-time=10s/10s
total-queue=default
and for queue interface
I must put 'default' or PCQ
[admin@MikroTik] /queue interface> pr
Flags: D - dynamic
# INTERFACE QUEUE
0 Local default
1 spare default
2 WAN1 default
3 WAN 2 default
4 WAn 3 default
5 Public4 default
6 WAN2 default
7 WAN3 default
Thank you.
'default' or 'PCQ'
[admin@MikroTik] /queue simple> pr
Flags: X - disabled, I - invalid, D - dynamic
0 name="conn 1" target-addresses=192.168.1.101/32 dst-address=0.0.0.0/0
interface=Local parent=none direction=both priority=5
queue=default/default limit-at=200k/200k max-limit=500k/500k
burst-limit=1500k/1500k burst-threshold=400k/400k burst-time=10s/10s
total-queue=default
and for queue interface
I must put 'default' or PCQ
[admin@MikroTik] /queue interface> pr
Flags: D - dynamic
# INTERFACE QUEUE
0 Local default
1 spare default
2 WAN1 default
3 WAN 2 default
4 WAn 3 default
5 Public4 default
6 WAN2 default
7 WAN3 default
Thank you.
Re: Forwarding packets in different routes to the same destinati
don't touch interface queue type.
what is that simple queue for? use either simple queues or queue tree, especially if you don't know how they work simultaneously
what is that simple queue for? use either simple queues or queue tree, especially if you don't know how they work simultaneously
Re: Forwarding packets in different routes to the same destinati
I use simple queue for having more bandwidth for an period of time (ex. 10s).
But on my configuration queue simple rules seems that does not work properly.
Please, what I must change for making them to work?
queue config:
[admin@MikroTik] /queue tree> pr
Flags: X - disabled, I - invalid
0 name="queue1" parent=global-out packet-mark=test-down limit-at=0
queue=PCQ_download priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
1 name="queue2" parent=global-in packet-mark=test-up limit-at=0
queue=PCQ_upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
[admin@MikroTik] > queue interface pr
Flags: D - dynamic
# INTERFACE QUEUE
0 Local default
1 spare default
2 WAN1 ethernet-default
3 WAN-eth 2 ethernet-default
4 WAN-eth 3 ethernet-default
5 Public4 default
6 WAN2 default
7 WAN3 default
[admin@MikroTik] > queue type pr
0 name="default" kind=pfifo pfifo-limit=50
1 name="ethernet-default" kind=pfifo pfifo-limit=50
2 name="wireless-default" kind=sfq sfq-perturb=5 sfq-allot=1514
3 name="synchronous-default" kind=red red-limit=60 red-min-threshold=10
red-max-threshold=50 red-burst=20 red-avg-packet=1000
4 name="hotspot-default" kind=sfq sfq-perturb=5 sfq-allot=1514
5 name="PCQ_download" kind=pcq pcq-rate=0 pcq-limit=50
pcq-classifier=dst-address pcq-total-limit=3500
6 name="PCQ_upload" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address
pcq-total-limit=3500
7 name="default-small" kind=pfifo pfifo-limit=10
[admin@MikroTik] > queue simple pr
Flags: X - disabled, I - invalid, D - dynamic
0 name="Komp 1" target-addresses=192.168.12.101/32 dst-address=0.0.0.0/0
interface=Local parent=none direction=both priority=5
queue=default/default limit-at=200k/200k max-limit=500k/500k
burst-limit=1500k/1500k burst-threshold=400k/400k burst-time=10s/10s
total-queue=default
1 name="Komp 2" target-addresses=192.168.12.102/32 dst-address=0.0.0.0/0
interface=Local parent=none direction=both priority=5
queue=default/default limit-at=200k/200k max-limit=500k/500k
burst-limit=1500k/1500k burst-threshold=400k/400k burst-time=10s/10s
total-queue=default
2 name="Komp 3" target-addresses=192.168.12.103/32 dst-address=0.0.0.0/0
interface=Local parent=none direction=both priority=5
queue=default/default limit-at=200k/200k max-limit=500k/500k
burst-limit=1500k/1500k burst-threshold=400k/400k burst-time=10s/10s
total-queue=default
Thank you for your help!
But on my configuration queue simple rules seems that does not work properly.
Please, what I must change for making them to work?
queue config:
[admin@MikroTik] /queue tree> pr
Flags: X - disabled, I - invalid
0 name="queue1" parent=global-out packet-mark=test-down limit-at=0
queue=PCQ_download priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
1 name="queue2" parent=global-in packet-mark=test-up limit-at=0
queue=PCQ_upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
[admin@MikroTik] > queue interface pr
Flags: D - dynamic
# INTERFACE QUEUE
0 Local default
1 spare default
2 WAN1 ethernet-default
3 WAN-eth 2 ethernet-default
4 WAN-eth 3 ethernet-default
5 Public4 default
6 WAN2 default
7 WAN3 default
[admin@MikroTik] > queue type pr
0 name="default" kind=pfifo pfifo-limit=50
1 name="ethernet-default" kind=pfifo pfifo-limit=50
2 name="wireless-default" kind=sfq sfq-perturb=5 sfq-allot=1514
3 name="synchronous-default" kind=red red-limit=60 red-min-threshold=10
red-max-threshold=50 red-burst=20 red-avg-packet=1000
4 name="hotspot-default" kind=sfq sfq-perturb=5 sfq-allot=1514
5 name="PCQ_download" kind=pcq pcq-rate=0 pcq-limit=50
pcq-classifier=dst-address pcq-total-limit=3500
6 name="PCQ_upload" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address
pcq-total-limit=3500
7 name="default-small" kind=pfifo pfifo-limit=10
[admin@MikroTik] > queue simple pr
Flags: X - disabled, I - invalid, D - dynamic
0 name="Komp 1" target-addresses=192.168.12.101/32 dst-address=0.0.0.0/0
interface=Local parent=none direction=both priority=5
queue=default/default limit-at=200k/200k max-limit=500k/500k
burst-limit=1500k/1500k burst-threshold=400k/400k burst-time=10s/10s
total-queue=default
1 name="Komp 2" target-addresses=192.168.12.102/32 dst-address=0.0.0.0/0
interface=Local parent=none direction=both priority=5
queue=default/default limit-at=200k/200k max-limit=500k/500k
burst-limit=1500k/1500k burst-threshold=400k/400k burst-time=10s/10s
total-queue=default
2 name="Komp 3" target-addresses=192.168.12.103/32 dst-address=0.0.0.0/0
interface=Local parent=none direction=both priority=5
queue=default/default limit-at=200k/200k max-limit=500k/500k
burst-limit=1500k/1500k burst-threshold=400k/400k burst-time=10s/10s
total-queue=default
Thank you for your help!
Re: Forwarding packets in different routes to the same destinati
just
use either simple queues or queue tree, especially if you don't know how they work simultaneously