Community discussions

MikroTik App
 
Guscht
Member Candidate
Member Candidate
Topic Author
Posts: 236
Joined: Thu Jul 01, 2010 5:32 pm

Nth vs PCC

Sat May 07, 2022 12:41 am

Hi,

can someone please explain me the difference between Nth and PCC in regards of using the two?

For a Multi-WAN Load-Balancing scenarion I can say Nth, every 1st packet (connection-state new) matches with an connection-mark. And in the next rule, translating this connection-mark to a routing-mark. Same with the 2nd packet. So I can create a distribution between two WAN-links.

But I can do the same with PCC?! Match PCC (both addresses), create a connection-mark and then in the next rule translating this connection-mark to a routing-mark.

I see no real diference here. Nth allows me a per-connection-to-routing-mark classification and PCC does the same. I assume a per-packet-mark will break TCP connections if packet 1 goes through ISP1 and packet 2 through ISP2 and so on, because for the other end it looks two different hosts send packets (different source-IPs).

A clarification would be appreciated :)
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: Nth vs PCC

Sat May 07, 2022 2:25 pm

With nth it's simple one connection to A, another to B, next to A, B, A, B, etc. With PCC you have more control. Popular use is to make it more stable, i.e. that same client connecting to same server will use same WAN, because some servers may not like clients jumping from one address to another.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Nth vs PCC

Sat May 07, 2022 5:39 pm

Short and sweet and to the point. What I dont want to see is another Dark Nate rabbit hole. ;-)

https://mum.mikrotik.com/presentations/US12/steve.pdf
https://mum.mikrotik.com/presentations/US12/tomas.pdf
 
Guscht
Member Candidate
Member Candidate
Topic Author
Posts: 236
Joined: Thu Jul 01, 2010 5:32 pm

Re: Nth vs PCC

Sun May 08, 2022 7:30 pm

This makes sense!

With Nth a seconds connection for the same session clould go through ISPb, even when connection1 goes through ISPa. So a matcher which takes into account the SRC-IP is needed (afaik Nth cannot do this).
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Nth vs PCC

Sun May 08, 2022 8:35 pm

The main point is that per-connection-classifier takes a hash of the chosen address and port fields of the packet header, which is the same for every packet belonging to the same direction of a given connection, so you can use it to directly assign a routing-mark value to the packet. So load distribution alone, without redundancy considerations, you do not need to mark connections.

nth doesn't care about the contents of the packet header, so if you want that all packets belonging to the same direction of a given connection would take the same route, which is a must where the WANs are NATed, you have to handle only the initial packet of each connection using nth, store the decision into the context data of the connection by means of a connection-mark, and assign the routing-mark value based on the connection-mark to all packets of that connection, including the initial one.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: Nth vs PCC

Sun May 08, 2022 9:12 pm

I wouldn't expect that avoiding connection marking helps much, unless you need connection marks for something else. Connection tracking happens anyway and mark should be just simple atribute assigned to some structure storing connection info. Matching that should probably be simpler than redoing PCC hashing for each packet (even if that's not difficult either).
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Nth vs PCC

Sun May 08, 2022 9:14 pm

I wouldn't expect that avoiding connection marking helps much
It doesn't help performance, but it simplifies the setup.
 
NetWorker
Frequent Visitor
Frequent Visitor
Posts: 98
Joined: Sun Jan 31, 2010 6:55 pm

Re: Nth vs PCC

Fri Jan 20, 2023 6:17 pm

Hey everyone and sorry of reviving an old thread.

I had a couple of glitches with different clients related to load balancing in the past few months. The short term solutions for those glitches was to work around them, assigning a particular WAN to certain traffic that was misbehaving.

But since they keep turning up I decided to reevaluate different load balancing scenarios and to find that all encompassing solution that always worked in the past.

In the early days (10+ years ago) I used NTH. I can't recall when PCC was introduced but I think it wasn't when I started out with Mikrotik.

I then moved on to PCC though I can't really recall why. Hence, after a quick forum search, I landed here. I think someone argued that PCC was more performant (clock and memory wise) though I have no data whatsoever to back that up. In the end I think I only moved to PCC because it was the "new way" of doing it.

To the point of this thread, I don't think you can dispense with using connection marks with PCC primarily because of outside connections. If you have any type of incoming traffic (VPN, web/mail servers, other) you need to make sure ir goes out the same WAN it came in on and doesn't default over to some other GW as that generally breaks encryption.

Also, I vaguely recall that some tcp connections sometimes build a new stream from the outside in that is assigned the "related" status. If the connection is marked, the related connection coming back gets marked too and it is reverse masqueraded to the intended private IP. I'm theorizing that said process would fail if the connection isn't marked in the router? Maybe it wouldn't as the connection gets tracked anyway. Hmmm.

Anyways, the holy wiki docs clearly instruct us to use connection marking with PCC though I agree that it should work just as well without?

Who is online

Users browsing this forum: DeltaCreek, Fasder, stevencameron16, TeWe and 75 guests