Hello all,
I have looked for a solution to this, but cannot find it.
I need to load balance two cable modem feeds into my Mikrotik. Problem is, both connections have the same gateway.
Is this possible?
Thank you.
Re: Load balancing - same gateway
I will add some more information to this, perhaps it will help with responses.....
I have the following interfaces:
Cable1 10MB
Cable2 10MB
ATT 4.5MB
Local
PTP
I need to load balance cable1 and cable2 so that stations connected to local and PTP interfaces can use the load balanced interfaces and take advantage of the doubled bandwidth available. As I said, cable1 and cable2 have the same gateway, which I know presents a problem.
If that is not possible, then I can use either Cable1 or Cable2 and load balance it with ATT interface, for the same use as above.
I can supply more information if needed.
Any help would be appreciated.
I have the following interfaces:
Cable1 10MB
Cable2 10MB
ATT 4.5MB
Local
PTP
I need to load balance cable1 and cable2 so that stations connected to local and PTP interfaces can use the load balanced interfaces and take advantage of the doubled bandwidth available. As I said, cable1 and cable2 have the same gateway, which I know presents a problem.
If that is not possible, then I can use either Cable1 or Cable2 and load balance it with ATT interface, for the same use as above.
I can supply more information if needed.
Any help would be appreciated.
Re: Load balancing - same gateway
You could create a route with a routing mark and then mark every other new connection with that routing mark.
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=1,1,0 \
action=mark-connection new-connection-mark=odd passthrough=yes comment="" \
disabled=no
The above is a part of the following:
http://wiki.mikrotik.com/wiki/Improved_ ... e_Gateways
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=1,1,0 \
action=mark-connection new-connection-mark=odd passthrough=yes comment="" \
disabled=no
The above is a part of the following:
http://wiki.mikrotik.com/wiki/Improved_ ... e_Gateways
Re: Load balancing - same gateway
Use the PCC or ECMP method for load balancing, and in the routes specify the gateway by interface, not by IP. For example:
Code: Select all
/ip route
add dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=whateverRe: Load balancing - same gateway
Don't you have to list two or more gateways in a single route for ECMP routing? Also, how would you use PCQ to select a gateway?Use the PCC or ECMP method for load balancing, and in the routes specify the gateway by interface, not by IP. For example:Code: Select all/ip route add dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=whatever
Once the route is selected I think queuing is irrelevant unless the goal is to hold some traffic back. I generally use SFQ to prioritize traffic types within one interface unless I am worried about fair distribution of a rate controlled service in which case I use PCQ.
I would solve this with packet marking and route selection. I would also note that one TCP connection should always go out the same interface so your going to want to also mark connections. If you don't keep connections sourced from the same ip then you may have issues with https sites or other services that care about having valid tcp connections.
If PCQ can somehow be used to split connections out over different interfaces to the same gateway then please provide more detail. I've never thought of this type of use.
Load balancing - same gateway
I agree with using PCC. You can use the same gateway and specify an interface by using the % sign.
Example: /ip route add gateway=1.1.1.1%ether1
add gateway=1.1.1.1%ether2 distance=2
Example: /ip route add gateway=1.1.1.1%ether1
add gateway=1.1.1.1%ether2 distance=2
Re: Load balancing - same gateway
Your right on. Sorry I obviously misread. And PCC would be easier then connection and packet marking.
Re: Load balancing - same gateway
OK, I will try it tonite. I tried using the script from this page: http://aacable.wordpress.com/2011/07/27 ... t-by-zaib/
To try to get one of the cable WANs and my ATT WAN to load balance, But a couple of the lines in the firewall chain are staying at 0 on their counters, so something is not quite right yet.
Thank you.
To try to get one of the cable WANs and my ATT WAN to load balance, But a couple of the lines in the firewall chain are staying at 0 on their counters, so something is not quite right yet.
Thank you.
Re: Load balancing - same gateway
I have not been able to get this to work. Here is my export:
Its probably something very simple, but I have tried many different configs and have not had any luck. This is PCC with cable-1 and ATT. Once I get those two to work together, then I will try to add in cable-2 (has the same gateway and in the same subnet as cable-1)
/ip firewall mangle
add action=mark-connection chain=input disabled=no in-interface=\
Public-gateway new-connection-mark=Public-gateway_conn passthrough=no
add action=mark-connection chain=input disabled=no in-interface=SL-1 \
new-connection-mark=SL-1_conn passthrough=no
add action=mark-routing chain=output connection-mark=Public-gateway_conn \
disabled=no new-routing-mark=to_Public-gateway passthrough=no
add action=mark-routing chain=output connection-mark=SL-1_conn disabled=no \
new-routing-mark=to_SL-1 passthrough=no
add action=accept chain=prerouting disabled=no dst-address=x.165.234.128/25 \
in-interface=Office-network
add action=accept chain=prerouting disabled=no dst-address=y.76.133.1 \
in-interface=Office-network
add action=accept chain=prerouting disabled=no dst-address-type=!local \
in-interface=Office-network per-connection-classifier=\
both-addresses-and-ports:3/0
add action=accept chain=prerouting disabled=no dst-address-type=!local \
in-interface=Office-network per-connection-classifier=\
both-addresses-and-ports:3/1
add action=mark-routing chain=prerouting connection-mark=SL-1_conn disabled=\
no in-interface=Office-network new-routing-mark=to_SL-1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=Public-gateway_conn \
disabled=no in-interface=Office-network new-routing-mark=\
to_Public-gateway passthrough=no
/ip address
add address=192.168.100.1/24 disabled=no interface=Office-network network=\
192.168.100.0
add address=10.90.90.1/23 disabled=no interface=PTP-to-Hoxie network=10.90.90.0
add address=x.165.234.132/25 disabled=no interface=Public-gateway network=\
x.165.234.128
add address=y.76.133.250/32 disabled=no interface=SL-1 network=y.76.133.0
/ip route
add check-gateway=ping comment="added by setup" disabled=no distance=1 \
dst-address=0.0.0.0/0 gateway=x.165.234.129 routing-mark=to_Public-gateway \
scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
SL-1 routing-mark=to_SL-1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
x.165.234.129 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
y.76.133.1%SL-1 scope=30 target-scope=10
/ip route rule
add action=lookup disabled=no dst-address=0.0.0.0/0 src-address=0.0.0.0/0 \
table=main
Its probably something very simple, but I have tried many different configs and have not had any luck. This is PCC with cable-1 and ATT. Once I get those two to work together, then I will try to add in cable-2 (has the same gateway and in the same subnet as cable-1)
/ip firewall mangle
add action=mark-connection chain=input disabled=no in-interface=\
Public-gateway new-connection-mark=Public-gateway_conn passthrough=no
add action=mark-connection chain=input disabled=no in-interface=SL-1 \
new-connection-mark=SL-1_conn passthrough=no
add action=mark-routing chain=output connection-mark=Public-gateway_conn \
disabled=no new-routing-mark=to_Public-gateway passthrough=no
add action=mark-routing chain=output connection-mark=SL-1_conn disabled=no \
new-routing-mark=to_SL-1 passthrough=no
add action=accept chain=prerouting disabled=no dst-address=x.165.234.128/25 \
in-interface=Office-network
add action=accept chain=prerouting disabled=no dst-address=y.76.133.1 \
in-interface=Office-network
add action=accept chain=prerouting disabled=no dst-address-type=!local \
in-interface=Office-network per-connection-classifier=\
both-addresses-and-ports:3/0
add action=accept chain=prerouting disabled=no dst-address-type=!local \
in-interface=Office-network per-connection-classifier=\
both-addresses-and-ports:3/1
add action=mark-routing chain=prerouting connection-mark=SL-1_conn disabled=\
no in-interface=Office-network new-routing-mark=to_SL-1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=Public-gateway_conn \
disabled=no in-interface=Office-network new-routing-mark=\
to_Public-gateway passthrough=no
/ip address
add address=192.168.100.1/24 disabled=no interface=Office-network network=\
192.168.100.0
add address=10.90.90.1/23 disabled=no interface=PTP-to-Hoxie network=10.90.90.0
add address=x.165.234.132/25 disabled=no interface=Public-gateway network=\
x.165.234.128
add address=y.76.133.250/32 disabled=no interface=SL-1 network=y.76.133.0
/ip route
add check-gateway=ping comment="added by setup" disabled=no distance=1 \
dst-address=0.0.0.0/0 gateway=x.165.234.129 routing-mark=to_Public-gateway \
scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
SL-1 routing-mark=to_SL-1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
x.165.234.129 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
y.76.133.1%SL-1 scope=30 target-scope=10
/ip route rule
add action=lookup disabled=no dst-address=0.0.0.0/0 src-address=0.0.0.0/0 \
table=main
Re: Load balancing - same gateway
You need to use the gateway=1.1.1.1%interface for the routes with packet marks as well. Setting the routes to use an interface is really only useful for tunnel interfaces.
Re: Load balancing - same gateway
When I try this on the routes with marks and without:
gateway = x.76.133.250%SL-1
Both routes then say unreachable
Also, this line: add action=accept chain=prerouting disabled=no dst-address=y.76.133.1 \
in-interface=Office-network
Will not accept me putting in a subnet mask. The counter on this line is staying at zero, as is the counter for this line:
add action=mark-routing chain=prerouting connection-mark=SL-1_conn disabled=\
no in-interface=Office-network new-routing-mark=to_SL-1 passthrough=no
I have been issued these IPs from Cable: y.76.133.250 - y.76.133.254
gateway = x.76.133.250%SL-1
Both routes then say unreachable
Also, this line: add action=accept chain=prerouting disabled=no dst-address=y.76.133.1 \
in-interface=Office-network
Will not accept me putting in a subnet mask. The counter on this line is staying at zero, as is the counter for this line:
add action=mark-routing chain=prerouting connection-mark=SL-1_conn disabled=\
no in-interface=Office-network new-routing-mark=to_SL-1 passthrough=no
I have been issued these IPs from Cable: y.76.133.250 - y.76.133.254
Re: Load balancing - same gateway
Can you post your entire config with /export compact
Re: Load balancing - same gateway
Here is the export.
[admin@MikroTik] > export compact
# apr/08/2013 05:40:14 by RouterOS 5.22
# software id = S3YX-FI7K
#
/interface ethernet
set 0 name=Public-gateway
set 1 name=SL-1
set 2 disabled=yes name=PTP-to-H
set 3 name=Office-network
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
/ip pool
add name=Office-pool ranges=192.168.100.10-192.168.100.254
add name=Wireless-pool ranges=\
10.90.90.11-10.90.90.254,10.90.91.11-10.90.91.254
/ip dhcp-server
add add-arp=yes address-pool=Office-pool always-broadcast=yes disabled=no \
interface=Office-network lease-time=1d name=Office-DHCP
add add-arp=yes address-pool=Wireless-pool always-broadcast=yes interface=\
PTP-to-H name=Wireless-network
/port
set 0 flow-control=hardware
set 1 flow-control=hardware
/system logging action
set 3 remote=0.0.0.0
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-vlan=yes
/ip address
add address=192.168.100.1/24 interface=Office-network
add address=10.90.90.1/23 interface=PTP-to-H
add address=x.165.234.132/25 interface=Public-gateway
add address=x.76.133.250/29 interface=SL-1
/ip dhcp-client
add add-default-route=no interface=SL-1
/ip dhcp-server lease
add address=192.168.100.252 client-id=1:0:50:da
1e:70 mac-address=\
00:50:DA:CD:1E:70 server=Office-DHCP
add address=192.168.100.10 client-id=1:0:30:bd:2e:68:54 mac-address=\
00:30:BD:2E:68:54 server=Office-DHCP
add address=192.168.100.15 client-id=1:0:f:1f:78:9c:cb mac-address=\
00:0F:1F:78:9C:CB server=Office-DHCP
add address=192.168.100.20 client-id=1:0:d:56:5f:8d:19 mac-address=\
00:0D:56:5F:8D:19 server=Office-DHCP
/ip dhcp-server network
add address=10.90.90.0/23 dns-server=192.168.100.1,12.165.234.130 gateway=\
10.90.90.1
add address=192.168.100.0/24 dns-server=x.165.234.132,68.94.156.1 gateway=\
192.168.100.1 netmask=24
/ip dns
set allow-remote-requests=yes cache-size=10240KiB servers=\
x.94.156.1,x.94.157.1
/ip dns static
add address=192.168.100.1 name=m.w.net
add address=x.165.234.130 name=t.w.net
add address=x.165.234.131 disabled=yes name=g.w.net
add address=x.180.42.100 disabled=yes name=rdns02.s.net ttl=5d
add address=8.8.8.8 disabled=yes
add address=68.94.156.1 disabled=yes
/ip firewall address-list
/ip firewall filter
add chain=input comment="Router protection - Allow established connections" \
connection-state=established
add action=drop chain=input comment=\
"Router protection - drop invalid connections" connection-state=invalid
add chain=input comment="Router protection - allow access from these IPs" \
src-address=10.90.90.0/23
add chain=input src-address=192.168.100.0/24
add chain=input src-address=192.168.68.0/24
add chain=input src-address=x.76.133.248/29
add chain=input comment="Router protection - Allow UDP" protocol=udp
add chain=input comment="Router Protection - Allow ICMP" protocol=icmp
add action=drop chain=input comment=\
"Router protection - drop everything else"
add chain=forward comment="Customer protection (data going through router) - A\
llow Established connections" connection-state=established
add chain=forward comment="Customer protection - Allow related connections" \
connection-state=related
add action=drop chain=forward comment=\
"Customer protection - Drop Invalid connections" connection-state=invalid
add action=jump chain=forward comment="Jump to virus port scan" jump-target=\
Virus
add action=jump chain=input comment="Jump to virus port scan" disabled=yes \
jump-target=Virus
add action=drop chain=input comment="block all other access" disabled=yes
add action=drop chain=Virus comment=\
"port block warning - disabled for x" disabled=yes \
dst-port=1434 protocol=tcp
add action=drop chain=Virus comment="Disabled for x" disabled=\
yes dst-port=1434 protocol=udp
add action=drop chain=Virus dst-port=2745 protocol=udp
add action=drop chain=Virus dst-port=6344-6381 protocol=tcp
add action=drop chain=Virus dst-port=6344-6381 protocol=udp
add action=drop chain=Virus comment="MyDoom - leave disabled for x!" \
disabled=yes dst-port=1080 protocol=tcp
add action=drop chain=Virus dst-port=1214 protocol=tcp
add action=drop chain=Virus disabled=yes dst-port=593 protocol=tcp
add action=drop chain=Virus dst-port=1024-1030 protocol=tcp
add action=drop chain=Virus comment="Blaster Worm" disabled=yes dst-port=\
135-139 protocol=tcp
add action=drop chain=Virus comment="Messenger Worm" dst-port=135-139 \
protocol=udp
add action=drop chain=Virus comment="Blaster Worm" disabled=yes dst-port=445 \
protocol=tcp
add action=drop chain=Virus comment="Blaster Worm" disabled=yes dst-port=445 \
protocol=udp
add action=drop chain=Virus comment="ndm requester" dst-port=1363 protocol=\
tcp
add action=drop chain=Virus comment="ndm server" dst-port=1364 protocol=tcp
add action=drop chain=Virus comment="screen cast" dst-port=1368 protocol=tcp
add action=drop chain=Virus comment=hromgrafx dst-port=1373 protocol=tcp
add action=drop chain=Virus comment=cichlid dst-port=1377 protocol=tcp
add action=drop chain=Virus comment="Worm - disabled for x" \
disabled=yes dst-port=1433-1434 protocol=tcp
add action=drop chain=Virus comment="Bagle Virus" dst-port=2745 protocol=tcp
add action=drop chain=Virus comment="Drop Dumaru.Y" dst-port=2283 protocol=\
tcp
add action=drop chain=Virus comment="Drop Beagle" dst-port=2235 protocol=tcp
add action=drop chain=Virus comment="Drop Beagle.C-K" disabled=yes dst-port=\
2745 protocol=tcp
add action=drop chain=Virus comment="Drop MyDoom" dst-port=3127-3128 \
protocol=tcp
add action=drop chain=Virus comment="Drop Backdoor OptixPro" dst-port=3410 \
protocol=tcp
add action=drop chain=Virus comment=Worm dst-port=4444 protocol=tcp
add action=drop chain=Virus comment=Worm dst-port=4444 protocol=udp
add action=drop chain=Virus comment="Drop Sasser" dst-port=5554 protocol=tcp
add action=drop chain=Virus comment="Drop Beagle.B" dst-port=8866 protocol=\
tcp
add action=drop chain=Virus comment="Drop Dabber.A-B" dst-port=9898 protocol=\
tcp
add action=drop chain=Virus comment="Drop Dumaru.Y" dst-port=10000 protocol=\
tcp
add action=drop chain=Virus comment="Drop MyDoom.B" dst-port=10080 protocol=\
tcp
add action=drop chain=Virus comment="Drop NetBus" dst-port=12345 protocol=tcp
add action=drop chain=Virus comment="Drop Kuang2" dst-port=17300 protocol=tcp
add action=drop chain=Virus comment="Drop PhatBot, Agobot, Gaobot" dst-port=\
65506 protocol=tcp
add action=drop chain=Virus comment="Drop SubSeven" dst-port=27374 protocol=\
tcp
add chain=Virus comment="Age of Conan game" dst-port=6881-6889 protocol=tcp
add chain=Virus comment="Age of Conan game #2" dst-port=6881-6889 protocol=\
udp
add chain=Virus comment="Age of Conan game #3" dst-port=7000-7999 protocol=\
tcp
add chain=Virus comment="Star Wars Old Republic #1" dst-port=8995 protocol=\
tcp
add chain=Virus comment="Star Wars Old Republic #2" dst-port=12000-12999 \
protocol=tcp
add chain=Virus comment="Star Wars Old Republic #3" dst-port=20000-3000 \
protocol=tcp
add action=drop chain=forward comment="block bogon" disabled=yes src-address=\
127.0.0.0/8
add action=drop chain=forward disabled=yes dst-address=127.0.0.0/8
add action=drop chain=forward disabled=yes src-address=224.0.0.0/3
add action=drop chain=forward disabled=yes dst-address=224.0.0.0/3
add action=drop chain=input comment="Drop telnet attempts" dst-port=23 \
protocol=tcp
add chain=input dst-port=1080 protocol=udp
add action=log chain=input comment="Log everything else" disabled=yes \
log-prefix="DROP INPUT"
add action=mark-connection chain=input in-interface=Public-gateway \
new-connection-mark=Public-gateway_conn passthrough=no
add action=mark-connection chain=input in-interface=SL-1 new-connection-mark=\
SL-1_conn passthrough=no
add action=mark-routing chain=output connection-mark=Public-gateway_conn \
new-routing-mark=to_Public-gateway passthrough=no
add action=mark-routing chain=output connection-mark=SL-1_conn \
new-routing-mark=to_SL-1 passthrough=no
add chain=prerouting dst-address=x.165.234.128/25 in-interface=\
Office-network
add chain=prerouting dst-address=x.76.133.248/29 in-interface=Office-network
add chain=prerouting dst-address-type=!local in-interface=Office-network \
per-connection-classifier=both-addresses-and-ports:2/0
add chain=prerouting dst-address-type=!local in-interface=Office-network \
per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=SL-1_conn \
in-interface=Office-network new-routing-mark=to_SL-1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=Public-gateway_conn \
in-interface=Office-network new-routing-mark=to_Public-gateway \
passthrough=no
/ip firewall nat
add action=redirect chain=dstnat comment="Redirect for Unpaid customers" \
dst-port=80 protocol=tcp src-address-list=Unpaid to-ports=8081
add action=masquerade chain=srcnat out-interface=Public-gateway to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat out-interface=SL-1
/ip neighbor discovery
set PTP-to-H disabled=no
/ip proxy
set enabled=yes max-cache-size=none port=8081
/ip proxy access
add action=deny comment="block telnet & spam e-mail relaying" dst-port=23-25
add dst-address=x.165.234.130
add disabled=yes src-address=10.90.90.0/23
add disabled=yes src-address=192.168.100.0/24
add disabled=yes src-address=x.165.234.0/25
add disabled=yes dst-address=x.165.234.130
add action=deny disabled=yes redirect-to=x.165.234.130
add disabled=yes dst-address=x.165.234.130
add action=deny disabled=yes redirect-to=x.165.234.130
add action=deny redirect-to=x.165.234.130 src-address=10.90.90.0/23
add action=deny redirect-to=x.165.234.130 src-address=172.16.16.0/24
/ip proxy cache
add action=deny dst-host=":cgi-bin \\\?" local-port=""
/ip route
add check-gateway=ping comment="added by setup" distance=1 gateway=\
x.165.234.129%Public-gateway routing-mark=to_Public-gateway
add check-gateway=ping distance=1 gateway=x.76.133.248%SL-1 routing-mark=\
to_SL-1
add check-gateway=ping distance=1 gateway=x.165.234.129%Public-gateway
add check-gateway=ping distance=2 gateway=x.76.133.248%SL-1
add disabled=yes distance=1 dst-address=10.92.92.0/23 gateway=SL-1
add distance=1 dst-address=172.16.16.0/24 gateway=10.90.90.9
/ip route rule
add dst-address=0.0.0.0/0 src-address=0.0.0.0/0 table=main
/ip service
set telnet address=x.165.234.0/25
set ftp disabled=yes
set www address=x.165.234.0/25,192.168.100.0/24
set ssh disabled=yes
/ip traffic-flow
set enabled=yes
/ip upnp
set allow-disable-external-interface=no enabled=yes
/ip upnp interfaces
add interface=Public-gateway type=external
add interface=PTP-to-H type=internal
/ppp aaa
set accounting=no use-radius=yes
/radius incoming
set accept=yes port=1645
/routing rip interface
add receive=v2
/snmp
set enabled=yes trap-target=0.0.0.0
/system clock
set time-zone-name=America/Chicago
/tool bandwidth-server
set max-sessions=10
/tool graphing interface
add interface=Public-gateway
add interface=SL-1
add interface=PTP-to-H
add interface=Office-network
/tool sniffer
set file-limit=10KiB filter-direction=any filter-mac-protocol=!ip interface=\
Public-gateway memory-limit=10KiB
/user aaa
set accounting=no use-radius=yes
[admin@MikroTik] >
[admin@MikroTik] > export compact
# apr/08/2013 05:40:14 by RouterOS 5.22
# software id = S3YX-FI7K
#
/interface ethernet
set 0 name=Public-gateway
set 1 name=SL-1
set 2 disabled=yes name=PTP-to-H
set 3 name=Office-network
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
/ip pool
add name=Office-pool ranges=192.168.100.10-192.168.100.254
add name=Wireless-pool ranges=\
10.90.90.11-10.90.90.254,10.90.91.11-10.90.91.254
/ip dhcp-server
add add-arp=yes address-pool=Office-pool always-broadcast=yes disabled=no \
interface=Office-network lease-time=1d name=Office-DHCP
add add-arp=yes address-pool=Wireless-pool always-broadcast=yes interface=\
PTP-to-H name=Wireless-network
/port
set 0 flow-control=hardware
set 1 flow-control=hardware
/system logging action
set 3 remote=0.0.0.0
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-vlan=yes
/ip address
add address=192.168.100.1/24 interface=Office-network
add address=10.90.90.1/23 interface=PTP-to-H
add address=x.165.234.132/25 interface=Public-gateway
add address=x.76.133.250/29 interface=SL-1
/ip dhcp-client
add add-default-route=no interface=SL-1
/ip dhcp-server lease
add address=192.168.100.252 client-id=1:0:50:da
1e:70 mac-address=\00:50:DA:CD:1E:70 server=Office-DHCP
add address=192.168.100.10 client-id=1:0:30:bd:2e:68:54 mac-address=\
00:30:BD:2E:68:54 server=Office-DHCP
add address=192.168.100.15 client-id=1:0:f:1f:78:9c:cb mac-address=\
00:0F:1F:78:9C:CB server=Office-DHCP
add address=192.168.100.20 client-id=1:0:d:56:5f:8d:19 mac-address=\
00:0D:56:5F:8D:19 server=Office-DHCP
/ip dhcp-server network
add address=10.90.90.0/23 dns-server=192.168.100.1,12.165.234.130 gateway=\
10.90.90.1
add address=192.168.100.0/24 dns-server=x.165.234.132,68.94.156.1 gateway=\
192.168.100.1 netmask=24
/ip dns
set allow-remote-requests=yes cache-size=10240KiB servers=\
x.94.156.1,x.94.157.1
/ip dns static
add address=192.168.100.1 name=m.w.net
add address=x.165.234.130 name=t.w.net
add address=x.165.234.131 disabled=yes name=g.w.net
add address=x.180.42.100 disabled=yes name=rdns02.s.net ttl=5d
add address=8.8.8.8 disabled=yes
add address=68.94.156.1 disabled=yes
/ip firewall address-list
/ip firewall filter
add chain=input comment="Router protection - Allow established connections" \
connection-state=established
add action=drop chain=input comment=\
"Router protection - drop invalid connections" connection-state=invalid
add chain=input comment="Router protection - allow access from these IPs" \
src-address=10.90.90.0/23
add chain=input src-address=192.168.100.0/24
add chain=input src-address=192.168.68.0/24
add chain=input src-address=x.76.133.248/29
add chain=input comment="Router protection - Allow UDP" protocol=udp
add chain=input comment="Router Protection - Allow ICMP" protocol=icmp
add action=drop chain=input comment=\
"Router protection - drop everything else"
add chain=forward comment="Customer protection (data going through router) - A\
llow Established connections" connection-state=established
add chain=forward comment="Customer protection - Allow related connections" \
connection-state=related
add action=drop chain=forward comment=\
"Customer protection - Drop Invalid connections" connection-state=invalid
add action=jump chain=forward comment="Jump to virus port scan" jump-target=\
Virus
add action=jump chain=input comment="Jump to virus port scan" disabled=yes \
jump-target=Virus
add action=drop chain=input comment="block all other access" disabled=yes
add action=drop chain=Virus comment=\
"port block warning - disabled for x" disabled=yes \
dst-port=1434 protocol=tcp
add action=drop chain=Virus comment="Disabled for x" disabled=\
yes dst-port=1434 protocol=udp
add action=drop chain=Virus dst-port=2745 protocol=udp
add action=drop chain=Virus dst-port=6344-6381 protocol=tcp
add action=drop chain=Virus dst-port=6344-6381 protocol=udp
add action=drop chain=Virus comment="MyDoom - leave disabled for x!" \
disabled=yes dst-port=1080 protocol=tcp
add action=drop chain=Virus dst-port=1214 protocol=tcp
add action=drop chain=Virus disabled=yes dst-port=593 protocol=tcp
add action=drop chain=Virus dst-port=1024-1030 protocol=tcp
add action=drop chain=Virus comment="Blaster Worm" disabled=yes dst-port=\
135-139 protocol=tcp
add action=drop chain=Virus comment="Messenger Worm" dst-port=135-139 \
protocol=udp
add action=drop chain=Virus comment="Blaster Worm" disabled=yes dst-port=445 \
protocol=tcp
add action=drop chain=Virus comment="Blaster Worm" disabled=yes dst-port=445 \
protocol=udp
add action=drop chain=Virus comment="ndm requester" dst-port=1363 protocol=\
tcp
add action=drop chain=Virus comment="ndm server" dst-port=1364 protocol=tcp
add action=drop chain=Virus comment="screen cast" dst-port=1368 protocol=tcp
add action=drop chain=Virus comment=hromgrafx dst-port=1373 protocol=tcp
add action=drop chain=Virus comment=cichlid dst-port=1377 protocol=tcp
add action=drop chain=Virus comment="Worm - disabled for x" \
disabled=yes dst-port=1433-1434 protocol=tcp
add action=drop chain=Virus comment="Bagle Virus" dst-port=2745 protocol=tcp
add action=drop chain=Virus comment="Drop Dumaru.Y" dst-port=2283 protocol=\
tcp
add action=drop chain=Virus comment="Drop Beagle" dst-port=2235 protocol=tcp
add action=drop chain=Virus comment="Drop Beagle.C-K" disabled=yes dst-port=\
2745 protocol=tcp
add action=drop chain=Virus comment="Drop MyDoom" dst-port=3127-3128 \
protocol=tcp
add action=drop chain=Virus comment="Drop Backdoor OptixPro" dst-port=3410 \
protocol=tcp
add action=drop chain=Virus comment=Worm dst-port=4444 protocol=tcp
add action=drop chain=Virus comment=Worm dst-port=4444 protocol=udp
add action=drop chain=Virus comment="Drop Sasser" dst-port=5554 protocol=tcp
add action=drop chain=Virus comment="Drop Beagle.B" dst-port=8866 protocol=\
tcp
add action=drop chain=Virus comment="Drop Dabber.A-B" dst-port=9898 protocol=\
tcp
add action=drop chain=Virus comment="Drop Dumaru.Y" dst-port=10000 protocol=\
tcp
add action=drop chain=Virus comment="Drop MyDoom.B" dst-port=10080 protocol=\
tcp
add action=drop chain=Virus comment="Drop NetBus" dst-port=12345 protocol=tcp
add action=drop chain=Virus comment="Drop Kuang2" dst-port=17300 protocol=tcp
add action=drop chain=Virus comment="Drop PhatBot, Agobot, Gaobot" dst-port=\
65506 protocol=tcp
add action=drop chain=Virus comment="Drop SubSeven" dst-port=27374 protocol=\
tcp
add chain=Virus comment="Age of Conan game" dst-port=6881-6889 protocol=tcp
add chain=Virus comment="Age of Conan game #2" dst-port=6881-6889 protocol=\
udp
add chain=Virus comment="Age of Conan game #3" dst-port=7000-7999 protocol=\
tcp
add chain=Virus comment="Star Wars Old Republic #1" dst-port=8995 protocol=\
tcp
add chain=Virus comment="Star Wars Old Republic #2" dst-port=12000-12999 \
protocol=tcp
add chain=Virus comment="Star Wars Old Republic #3" dst-port=20000-3000 \
protocol=tcp
add action=drop chain=forward comment="block bogon" disabled=yes src-address=\
127.0.0.0/8
add action=drop chain=forward disabled=yes dst-address=127.0.0.0/8
add action=drop chain=forward disabled=yes src-address=224.0.0.0/3
add action=drop chain=forward disabled=yes dst-address=224.0.0.0/3
add action=drop chain=input comment="Drop telnet attempts" dst-port=23 \
protocol=tcp
add chain=input dst-port=1080 protocol=udp
add action=log chain=input comment="Log everything else" disabled=yes \
log-prefix="DROP INPUT"
add action=mark-connection chain=input in-interface=Public-gateway \
new-connection-mark=Public-gateway_conn passthrough=no
add action=mark-connection chain=input in-interface=SL-1 new-connection-mark=\
SL-1_conn passthrough=no
add action=mark-routing chain=output connection-mark=Public-gateway_conn \
new-routing-mark=to_Public-gateway passthrough=no
add action=mark-routing chain=output connection-mark=SL-1_conn \
new-routing-mark=to_SL-1 passthrough=no
add chain=prerouting dst-address=x.165.234.128/25 in-interface=\
Office-network
add chain=prerouting dst-address=x.76.133.248/29 in-interface=Office-network
add chain=prerouting dst-address-type=!local in-interface=Office-network \
per-connection-classifier=both-addresses-and-ports:2/0
add chain=prerouting dst-address-type=!local in-interface=Office-network \
per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=SL-1_conn \
in-interface=Office-network new-routing-mark=to_SL-1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=Public-gateway_conn \
in-interface=Office-network new-routing-mark=to_Public-gateway \
passthrough=no
/ip firewall nat
add action=redirect chain=dstnat comment="Redirect for Unpaid customers" \
dst-port=80 protocol=tcp src-address-list=Unpaid to-ports=8081
add action=masquerade chain=srcnat out-interface=Public-gateway to-addresses=\
0.0.0.0
add action=masquerade chain=srcnat out-interface=SL-1
/ip neighbor discovery
set PTP-to-H disabled=no
/ip proxy
set enabled=yes max-cache-size=none port=8081
/ip proxy access
add action=deny comment="block telnet & spam e-mail relaying" dst-port=23-25
add dst-address=x.165.234.130
add disabled=yes src-address=10.90.90.0/23
add disabled=yes src-address=192.168.100.0/24
add disabled=yes src-address=x.165.234.0/25
add disabled=yes dst-address=x.165.234.130
add action=deny disabled=yes redirect-to=x.165.234.130
add disabled=yes dst-address=x.165.234.130
add action=deny disabled=yes redirect-to=x.165.234.130
add action=deny redirect-to=x.165.234.130 src-address=10.90.90.0/23
add action=deny redirect-to=x.165.234.130 src-address=172.16.16.0/24
/ip proxy cache
add action=deny dst-host=":cgi-bin \\\?" local-port=""
/ip route
add check-gateway=ping comment="added by setup" distance=1 gateway=\
x.165.234.129%Public-gateway routing-mark=to_Public-gateway
add check-gateway=ping distance=1 gateway=x.76.133.248%SL-1 routing-mark=\
to_SL-1
add check-gateway=ping distance=1 gateway=x.165.234.129%Public-gateway
add check-gateway=ping distance=2 gateway=x.76.133.248%SL-1
add disabled=yes distance=1 dst-address=10.92.92.0/23 gateway=SL-1
add distance=1 dst-address=172.16.16.0/24 gateway=10.90.90.9
/ip route rule
add dst-address=0.0.0.0/0 src-address=0.0.0.0/0 table=main
/ip service
set telnet address=x.165.234.0/25
set ftp disabled=yes
set www address=x.165.234.0/25,192.168.100.0/24
set ssh disabled=yes
/ip traffic-flow
set enabled=yes
/ip upnp
set allow-disable-external-interface=no enabled=yes
/ip upnp interfaces
add interface=Public-gateway type=external
add interface=PTP-to-H type=internal
/ppp aaa
set accounting=no use-radius=yes
/radius incoming
set accept=yes port=1645
/routing rip interface
add receive=v2
/snmp
set enabled=yes trap-target=0.0.0.0
/system clock
set time-zone-name=America/Chicago
/tool bandwidth-server
set max-sessions=10
/tool graphing interface
add interface=Public-gateway
add interface=SL-1
add interface=PTP-to-H
add interface=Office-network
/tool sniffer
set file-limit=10KiB filter-direction=any filter-mac-protocol=!ip interface=\
Public-gateway memory-limit=10KiB
/user aaa
set accounting=no use-radius=yes
[admin@MikroTik] >
Re: Load balancing - same gateway
The counter for this line in my config is zero (not moving any data): add chain=prerouting dst-address=x.76.133.248/29 in-interface=Office-network
Also, the following route is not active (font is blue): add check-gateway=ping distance=2 gateway=x.76.133.248%SL-1
On my Interfaces, my SL-1 WAN is receiving, but not transferring at all.
I can ping and traceroute across the SL-1 WAN interface, but it does not appear to be being used for web access.
Thank you.
Also, the following route is not active (font is blue): add check-gateway=ping distance=2 gateway=x.76.133.248%SL-1
On my Interfaces, my SL-1 WAN is receiving, but not transferring at all.
I can ping and traceroute across the SL-1 WAN interface, but it does not appear to be being used for web access.
Thank you.
Re: Load balancing - same gateway
Anyone care to look at this?
Re: Load balancing - same gateway
I don't have the time at the moment to build it on my bench and I cannot give you an answer without building it to find the problem myself. If you wanted to create credentials so I could login to your equipment then I would take a look and see if I can find something but I don't expect you to want to open your router to me... if you do then email me at joshaven at dmcibb dot net which is my day job address and I'll send you a user/pass to add to your router.
Re: Load balancing - same gateway
I think there are a couple of things that need to be changed in the mangle rules:
Try this in your mangle rules. Make a backup of your current config anyway.
Code: Select all
/ip firewall mangle
add action=mark-connection chain=input comment=Router_in_out_connections \
disabled=no in-interface=Public-gateway new-connection-mark=\
Public-gateway_conn passthrough=yes
add action=mark-connection chain=input disabled=no in-interface=SL-1 \
new-connection-mark=SL-1_conn passthrough=yes
add action=mark-routing chain=output connection-mark=Public-gateway_conn \
disabled=no new-routing-mark=to_Public-gateway passthrough=no
add action=mark-routing chain=output connection-mark=SL-1_conn disabled=no \
new-routing-mark=to_SL-1 passthrough=no
add action=accept chain=prerouting disabled=no dst-address=192.168.100.0/24 \
in-interface=Office-network
add action=mark-connection chain=prerouting comment=PCC disabled=no \
dst-address-type=!local in-interface=Office-network new-connection-mark=\
Public-gateway_conn passthrough=yes per-connection-classifier=\
both-addresses:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local in-interface=Office-network new-connection-mark=SL-1_conn \
passthrough=yes per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=SL-1_conn disabled=\
no in-interface=Office-network new-routing-mark=to_SL-1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=Public-gateway_conn \
disabled=no in-interface=Office-network new-routing-mark=\
to_Public-gateway passthrough=no
Re: Load balancing - same gateway
Let me clear up a few things - it is kind of confusing:
My WAN connection public-gateway is my ATT connection.
The above router code I listed is me trying to get the ATT and one of my cable feeds working together.
Thank you.
My WAN connection public-gateway is my ATT connection.
The above router code I listed is me trying to get the ATT and one of my cable feeds working together.
Thank you.
Re: Load balancing - same gateway
This is a copy from the code above that was suggested I try:
I have put in notes about what is happening now after I put the code in:
/ip firewall mangle
add action=mark-connection chain=input comment=Router_in_out_connections \
disabled=no in-interface=Public-gateway new-connection-mark=\
Public-gateway_conn passthrough=yes
add action=mark-connection chain=input disabled=no in-interface=SL-1 \
new-connection-mark=SL-1_conn passthrough=yes
add action=mark-routing chain=output connection-mark=Public-gateway_conn \
disabled=no new-routing-mark=to_Public-gateway passthrough=no
add action=mark-routing chain=output connection-mark=SL-1_conn disabled=no \
new-routing-mark=to_SL-1 passthrough=no
***This line has very little activity, compared to all the others. In about ten minutes it is at 224 and 4 packets.
add action=accept chain=prerouting disabled=no dst-address=192.168.100.0/24 \
in-interface=Office-network
add action=mark-connection chain=prerouting comment=PCC disabled=no \
dst-address-type=!local in-interface=Office-network new-connection-mark=\
Public-gateway_conn passthrough=yes per-connection-classifier=\
both-addresses:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local in-interface=Office-network new-connection-mark=SL-1_conn \
passthrough=yes per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=SL-1_conn disabled=\
no in-interface=Office-network new-routing-mark=to_SL-1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=Public-gateway_conn \
disabled=no in-interface=Office-network new-routing-mark=\
to_Public-gateway passthrough=no
The TX on WAN interface SL-1 is always at 0. The RX is moving, however.
Also, the following route is still not active (font is blue): add check-gateway=ping distance=2 gateway=x.76.133.1%SL-1
Please someone help me with this,
Thanks
I have put in notes about what is happening now after I put the code in:
/ip firewall mangle
add action=mark-connection chain=input comment=Router_in_out_connections \
disabled=no in-interface=Public-gateway new-connection-mark=\
Public-gateway_conn passthrough=yes
add action=mark-connection chain=input disabled=no in-interface=SL-1 \
new-connection-mark=SL-1_conn passthrough=yes
add action=mark-routing chain=output connection-mark=Public-gateway_conn \
disabled=no new-routing-mark=to_Public-gateway passthrough=no
add action=mark-routing chain=output connection-mark=SL-1_conn disabled=no \
new-routing-mark=to_SL-1 passthrough=no
***This line has very little activity, compared to all the others. In about ten minutes it is at 224 and 4 packets.
add action=accept chain=prerouting disabled=no dst-address=192.168.100.0/24 \
in-interface=Office-network
add action=mark-connection chain=prerouting comment=PCC disabled=no \
dst-address-type=!local in-interface=Office-network new-connection-mark=\
Public-gateway_conn passthrough=yes per-connection-classifier=\
both-addresses:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=\
!local in-interface=Office-network new-connection-mark=SL-1_conn \
passthrough=yes per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=SL-1_conn disabled=\
no in-interface=Office-network new-routing-mark=to_SL-1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=Public-gateway_conn \
disabled=no in-interface=Office-network new-routing-mark=\
to_Public-gateway passthrough=no
The TX on WAN interface SL-1 is always at 0. The RX is moving, however.
Also, the following route is still not active (font is blue): add check-gateway=ping distance=2 gateway=x.76.133.1%SL-1
Please someone help me with this,
Thanks
Re: Load balancing - same gateway
Check also the masquerade rules, you should have:
and the routes should be something like:
these are the routes for the PCC
these are the backup routes in case any of the ISP connections is down
these are the routes for the router itself
The distance=2 is normal to be inactive as long as the same route with distance=1 is active. The distance in this case defines a priority of the same routes, the one with lower distance is the primary route. If that goes down, then the route with distance=2 becomes active and takes the primary role.
Code: Select all
/ip firewall nat
chain=srcnat out-interface=Public-gateway action=masquerade
chain=srcnat out-interface=SL-1 action=masqueradeCode: Select all
/ip route
dst-address=0.0.0.0/0 gateway=Public-gateway(or IP here) routing-mark=to_Public-gateway
dst-address=0.0.0.0/0 gateway=SL-1(or IP here) routing-mark=to_SL-1Code: Select all
dst-address=0.0.0.0/0 gateway=SL-1(or IP here) routing-mark=to_Public-gateway distance=2
dst-address=0.0.0.0/0 gateway=Public-gateway(or IP here) routing-mark=to_SL-1 distance=2Code: Select all
dst-address=0.0.0.0/0 gateway=Public-gateway(or IP here)
dst-address=0.0.0.0/0 gateway=Public-gateway(or IP here) distance=2The distance=2 is normal to be inactive as long as the same route with distance=1 is active. The distance in this case defines a priority of the same routes, the one with lower distance is the primary route. If that goes down, then the route with distance=2 becomes active and takes the primary role.
Re: Load balancing - same gateway
Yes, all that code is in it, except for the backup routing.
Still, the same problems as my last post.
Any suggestions?
There is no data being transferred to the SL-1 interface. There is very little being received, but it is a steady trickle.
Do I need to do something in the code for the sizes since they are not the same size:
ATT = 4.5MB up/down
SL-1=10MB down /1 up
I do not understand why this is not running. From everything I have read, this is correct and should work.
Still, the same problems as my last post.
Any suggestions?
There is no data being transferred to the SL-1 interface. There is very little being received, but it is a steady trickle.
Do I need to do something in the code for the sizes since they are not the same size:
ATT = 4.5MB up/down
SL-1=10MB down /1 up
I do not understand why this is not running. From everything I have read, this is correct and should work.
Re: Load balancing - same gateway
What happens if you work only with the SL-1 ISP with the current configuration?
Also, I see that the two ISP-s are very different between each other. One is giving you 4Mbps up and down, while the other 10Mbps down and only 1Mbps up. I wouldn't recommend to use PCC or ECMP in scenarios like these, there is no way you can balance such bandwidths. I mean, you have a 1/2 ratio in download and a 4/1 ratio in upload, it is impossible to aggregate these lines together.
The only method I can think of now, is to divide the LAN in groups, where one group of PC-s or customers, works with one of the ISP and the other group goes through the other ISP.
Also, I see that the two ISP-s are very different between each other. One is giving you 4Mbps up and down, while the other 10Mbps down and only 1Mbps up. I wouldn't recommend to use PCC or ECMP in scenarios like these, there is no way you can balance such bandwidths. I mean, you have a 1/2 ratio in download and a 4/1 ratio in upload, it is impossible to aggregate these lines together.
The only method I can think of now, is to divide the LAN in groups, where one group of PC-s or customers, works with one of the ISP and the other group goes through the other ISP.
Re: Load balancing - same gateway
What about seven groups of PCC, five over the larger connection and two over the smaller?
Re: Load balancing - same gateway
Ok, I have been waiting on a fiber upgrade since August. Once it is installed, it will look like this:
20MB up/down
10MB down/1 up
10MB down/1 up
And the 4.5 will be shut down.
You mention dividing the LAN into groups. Can I take my DHCP pool and split it into groups and route each group over a specific gateway? If so, please give me some pointers on how to do so.
Thanks so much.
20MB up/down
10MB down/1 up
10MB down/1 up
And the 4.5 will be shut down.
You mention dividing the LAN into groups. Can I take my DHCP pool and split it into groups and route each group over a specific gateway? If so, please give me some pointers on how to do so.
Thanks so much.
Re: Load balancing - same gateway
I am afraid I don't quite understand what you recommend. If we consider this specific scenario, we have a line which offers 5/5 ratio up and down, and the other 10/1 down and up. So, if we divide based on the download offered, we are going to send to connections over the 10Mbps line and one over the 5Mbps line, so three PCC streams. But this is completely the opposite of the upload ratio, while the download will be fulfilled by this division, we are sending double the connections to the line which offers 5 time less upload in respect of the other. Since the connections are not divided by machine, it is possible to find one machine which has connections over both lines, experiencing odd results. That's why I think that dividing by machines, it could be more beneficial than by PCC.What about seven groups of PCC, five over the larger connection and two over the smaller?
Well, there are "options" in the dhcp server configuration, but I am not familiar with, do not know if it can be done by using options.Ok, I have been waiting on a fiber upgrade since August. Once it is installed, it will look like this:
20MB up/down
10MB down/1 up
10MB down/1 up
And the 4.5 will be shut down.
You mention dividing the LAN into groups. Can I take my DHCP pool and split it into groups and route each group over a specific gateway? If so, please give me some pointers on how to do so.
Thanks so much.
One way of doing it, is making the leases of the dhcp server static. This way, the same mac-address (the same PC, machine) will always get the same IP address. After that, you can use address lists or range of IP addresses to divide the LAN as you would like.
Re: Load balancing - same gateway
Ok, I am already using a static pool for my DHCP. I am also familiar with address lists, as I am using those also.
However, how do I take the IPs in the address list and force them down a certain WAN port?
Thanks for your help!
However, how do I take the IPs in the address list and force them down a certain WAN port?
Thanks for your help!
Re: Load balancing - same gateway
Using mangle and to mark connections and then routing:
Then use the routing marks to route the specific groups to the desired ISP.
Code: Select all
/ip firewall mangle
add chain=prerouting in-interface=LAN src-address-list=Group1 action=mark-connection new-connection-mark=group1 passthrough=yes
add chain=prerouting in-interface=LAN src-address-list=Group2 action=mark-connection new-connection-mark=group2 passthrough=yes
add chain=prerouting in-interface=LAN connection-mark=group1 action=mark-routing new-routing-mark=group1 passthrough=no
add chain=prerouting in-interface=LAN connection-mark=group2 action=mark-routing new-routing-mark=group2 passthrough=noRe: Load balancing - same gateway
thanks for the input.
So, will this code work with my two cable interfaces? They can either by dynamic or I can set them both (or a single interface) up on a provided static IP. If I leave them both dynamic, both interfaces are in the same subnet and have the same gateway.
So, will this code work with my two cable interfaces? They can either by dynamic or I can set them both (or a single interface) up on a provided static IP. If I leave them both dynamic, both interfaces are in the same subnet and have the same gateway.
Re: Load balancing - same gateway
Well, it is up to you to decide which way you want it, dynamic or static. If by running dynamic IP, you end up having the same IP as gateway, you can put the interface as gateway instead of the IP.thanks for the input.
So, will this code work with my two cable interfaces? They can either by dynamic or I can set them both (or a single interface) up on a provided static IP. If I leave them both dynamic, both interfaces are in the same subnet and have the same gateway.
Just give it a try, it will not hurt
