Please, someone explain me in more details some ideas in the following examples of PCC load balancing (LB), which I cannot understand:
1.https://help.mikrotik.com/docs/display/ ... Classifier
2.https://help.mikrotik.com/docs/display/ ... classifier
In both examples there is the following explanation:
If traffic to a host is directed entirely throughout one of possible gateways, it is not obligatory to get into a loop, isn’t it? The nexthop may have better or preferred route to the host than returning traffic back to the source, hasn’t it?With policy routing, it is possible to force all traffic to the specific gateway, even if traffic is destined to the host (other than gateway) from the connected networks. This way routing loop will be generated and communications with those hosts will be impossible. To avoid this situation we need to allow usage of the default routing table for traffic to connected networks:
/ip firewall mangle
add chain=prerouting dst-address=10.111.0.0/30 action=accept in-interface=ether3
add chain=prerouting dst-address=10.112.0.0/30 action=accept in-interface=ether3
How exactly those mangle rules prevent policy routing through the specific gateway, say in reaching dst-address=8.8.8.8/32?
Isn’t the default routing table allowed by default, why do we need those explicit rules?
Please explain the entire section in as much details as possible.
------
Obviously, there can be different approaches for connection marking. In the first example only “prerouting” chain is used, whereas in the second one “input” and “output” chains are used.
In the later example there are also the following rows:
May they be replaced with the following?:add action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new dst-address-type=!local in-interface=ether_LAN new-connection-mark=ISP1 per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new dst-address-type=!local in-interface=ether_LAN new-connection-mark=ISP2 per-connection-classifier=both-addresses:2/1
add action=mark-connection chain=forward connection-mark=no-mark connection-state=new in-interface=ether_LAN new-connection-mark=ISP1 per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=forward connection-mark=no-mark connection-state=new in-interface=ether_LAN new-connection-mark=ISP2 per-connection-classifier=both-addresses:2/1