ok so far i have established everything works good but now and then something goes wrong like for instance iv i watch a youtube video it work and cashes faster than ever but suddenly it stops playing, after inspection it revealed it changed ip adresses like it does the loadbalancing between my two routers that have two different public ip addresses hoe would i go about fixing this problem?

Change ppc qualifier to src address.

hu ? ppc qualifier to src address what rule is that in the list?

Sorry pcc. (Per connection classifier) under advance tab.

ok under my rules i have rule number 12 and 13 that states it but still doing the same problem,

Flags: X - disabled, I - invalid, D - dynamic
0 chain=input action=mark-connection new-connection-mark=wan1_conn passthrough=no in-interface=ether1-mweb

1 chain=input action=mark-connection new-connection-mark=wan2_conn passthrough=no in-interface=ether2-is

2 chain=output action=mark-routing new-routing-mark=to_wan1 passthrough=no connection-mark=wan1_conn

3 chain=output action=mark-routing new-routing-mark=to_wan2 passthrough=no connection-mark=wan2_conn

4 chain=prerouting action=accept dst-address=41.134.110.0/28 in-interface=ether5-lan

5 chain=prerouting action=accept dst-address=196.212.100.0/28 in-interface=ether5-lan

6 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether1-mweb
dst-port=20-22,80-81,443,3203-3206,5900-5935,6000-6020,7000,8080-8082

7 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether2-is
dst-port=20-22,80-81,443,3203-3206,5900-5935,6000-6020,7000,8080-8082

8 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether1-mweb dst-port=2040-2050,6080,9091

9 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes connection-state=new protocol=tcp in-interface=ether2-is dst-port=2040-2050,6080,9091

10 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes dst-address=192.168.88.2 in-interface=ether5-lan

11 chain=prerouting action=mark-connection new-connection-mark=wan2_conn passthrough=yes dst-address=192.168.88.2 in-interface=ether5-lan

12 chain=prerouting action=mark-connection new-connection-mark=wan1_conn passthrough=yes dst-address-type=!local in-interface=ether5-lan connection-mark=no-mark
per-connection-classifier=both-addresses:2/0

13 chain=prerouting action=mark-connection new-connection-mark=wan2_conn passthrough=yes dst-address-type=!local in-interface=ether5-lan connection-mark=no-mark
per-connection-classifier=both-addresses:2/1

14 chain=prerouting action=mark-routing new-routing-mark=to_wan1 passthrough=no in-interface=ether5-lan connection-mark=wan1_conn

15 chain=prerouting action=mark-routing new-routing-mark=to_wan2 passthrough=no in-interface=ether5-lan connection-mark=wan2_conn

and all these rules are in my mangel. should i put another rule somwhere else?

i have the following setup.

2 ISPs. -> MTK Load balancing -> MTK Firewall -> LAN with 7 src addresses.
10.X.X.1 10.Y.Y.1

I activate this setting of 'use src address'. It working well with banks! But now traffic utilization is max on one ISP and the other have almost none. Might 'MTK Firewall' having effect this? So if i made MTK loadbalancing to do firewall job it would helping share BW between src addresses?

Unfortunately this is the luck of the draw. This happen even with more Wan's. Can manually give a routing mark to heavy users and balance them this way.

sry my network diagram was not very clear. dont know why it changed after post!

the router doing the load balancing has 1 IP on LAN. 1 ip that connecting to load balancing router. it is firewall router. would that not mean that all traffic from src address would use only one ISP? because thats what graphing seems to show? but i take out firewall router so LAN units have direct connect to load balance router. this working well!

so my question is this. there may be situation where load balance is needed and bank sites are failing. lucky this was my own lan because i can change setup easy! but say some customer having proxy server on private lan and wants it there for their own purporse or reason. i think it cannot?

thanks for replication!

1 ip that connecting to load balancing router. it is firewall router

Will only have one ip if you nat/masquerade your traffic before going to load balance.

yes it is nating. so if giving 1 ip then will cause b/w to go through 1 isp. is a shame is nice technology! taking that 'firewall' mt away all b/w is being used!

Disable nating on firewall and add it on on router doing load balance. Can actually use one router for load balancing and firewall.