My Server specifications
mikrotik 5.4 registered level 6
5 interface
local
wan1
wan2
wan3
wan4
My script
/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=local
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3
add address=192.168.4.2/24 network=192.168.4.0 broadcast=192.168.4.255 interface=WAN4
/ip firewall mangle
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=local
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=local
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=local
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_conn
add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=WAN4_conn
add chain=prerouting dst-address-type=!local in-interface=local per-connection-classifier=both-addresses-and-ports:4/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=local per-connection-classifier=both-addresses-and-ports:4/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=local per-connection-classifier=both-addresses-and-ports:4/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=local per-connection-classifier=both-addresses-and-ports:4/3 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=local action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=local action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=local action=mark-routing new-routing-mark=to_WAN4
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=output connection-mark=WAN3_conn action=mark-routing new-routing-mark=to_WAN3
add chain=output connection-mark=WAN4_conn action=mark-routing new-routing-mark=to_WAN4
/ip firewall nat
add action=accept chain=pre-hotspot disabled=no dst-address-type=!local hotspot=auth
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
add chain=srcnat out-interface=WAN3 action=masquerade
add chain=srcnat out-interface=WAN4 action=masquerade
/ip route
add dst-address=8.8.4.4 gateway=192.168.1.1 scope=10
add dst-address=173.194.38.135 gateway=192.168.1.1 scope=10
add dst-address=116.71.241.198 gateway=192.168.2.1 scope=10
add dst-address=173.252.110.27 gateway=192.168.2.1 scope=10
add dst-address=8.8.8.8 gateway=192.168.3.1 scope=10
add dst-address=199.59.148.82 gateway=192.168.3.1 scope=10
add dst-address=156.154.70.1 gateway=192.168.4.1 scope=10
add dst-address=156.154.71.1 gateway=192.168.4.1 scope=10
add dst-address=10.1.1.1 gateway=8.8.4.4 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.1.1.1 gateway=173.194.38.135 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.2.2.2 gateway=116.71.241.198 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.2.2.2 gateway=173.252.110.27 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.3.3.3 gateway=8.8.8.8 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.3.3.3 gateway=199.59.148.82 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.4.4.4 gateway=156.154.70.1 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.4.4.4 gateway=156.154.71.1 scope=10 target-scope=10 check-gateway=ping
add distance=1 gateway=10.1.1.1 routing-mark=to_WAN1
add distance=2 gateway=10.2.2.2 routing-mark=to_WAN1
add distance=3 gateway=10.3.3.3 routing-mark=to_WAN1
add distance=4 gateway=10.4.4.4 routing-mark=to_WAN1
add distance=1 gateway=10.2.2.2 routing-mark=to_WAN2
add distance=2 gateway=10.3.3.3 routing-mark=to_WAN2
add distance=3 gateway=10.4.4.4 routing-mark=to_WAN2
add distance=4 gateway=10.1.1.1 routing-mark=to_WAN2
add distance=1 gateway=10.3.3.3 routing-mark=to_WAN3
add distance=2 gateway=10.4.4.4 routing-mark=to_WAN3
add distance=3 gateway=10.1.1.1 routing-mark=to_WAN3
add distance=4 gateway=10.2.2.2 routing-mark=to_WAN3
add distance=1 gateway=10.4.4.4 routing-mark=to_WAN4
add distance=2 gateway=10.1.1.1 routing-mark=to_WAN4
add distance=3 gateway=10.2.2.2 routing-mark=to_WAN4
add distance=4 gateway=10.3.3.3 routing-mark=to_WAN4
/ip pool add name=pppoe-users-pool ranges=10.0.0.1-10.0.0.255
/ppp profile add change-tcp-mss=default dns-server=192.168.0.1 local-address=192.168.0.1 name=pppoe-profile only-one=yes remote-address=pppoe-users-pool use-compression=default use-encryption=default use-vj-compression=default
/interface pppoe-server server add authentication=pap default-profile=pppoe-profile disabled=no interface=local keepalive-timeout=10 max-mru=1480 max-mtu=1480 max-sessions=1 mrru=disabled one-session-per-host=yes service-name="JJnet"
/ppp secret add caller-id="" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=nabeel password=123456 profile=pppoe-profile routes="" service=pppoe
/ppp aaa set accounting=yes interim-update=0s use-radius=yes
/radius add accounting-backup=no accounting-port=1813 address=127.0.0.1 authentication-port=1812 called-id="" disabled=no domain="" realm="" secret=14122115 service=ppp,hotspot timeout=300ms
/radius incoming set accept=yes port=3799
Re: PCC load balancing with (Hotspot + PPPoE dialer)on ether
can some one help me in this...
i dont know why it is not working.
i dont know why it is not working.
Re: PCC load balancing with (Hotspot + PPPoE dialer)on ether
try this one : (don't forget to change the ips)
Code: Select all
/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3
add address=192.168.4.2/24 network=192.168.4.0 broadcast=192.168.4.255 interface=WAN4
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_conn
add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=WAN4_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=output connection-mark=WAN3_conn action=mark-routing new-routing-mark=to_WAN3
add chain=output connection-mark=WAN4_conn action=mark-routing new-routing-mark=to_WAN4
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=Local
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:4/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:4/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:4/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:4/3 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN4
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 routing-mark=to_WAN3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 routing-mark=to_WAN4 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 distance=3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 distance=4 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
add chain=srcnat out-interface=WAN3 action=masquerade
add chain=srcnat out-interface=WAN4 action=masqueradeRe: PCC load balancing with (Hotspot + PPPoE dialer)on ether
Dear Ronix i appreciate but problem is not with Routes
problem is with mangle and NAT rules
when i use these rules PPPoE works fine and Hotspot dont work at all.
(sexond script and problem at the end of first script)
/ip firewall mangle
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN3 new-connection-mark=WAN3_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN4 new-connection-mark=WAN4_conn passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.1.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.2.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.3.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.4.0/24
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/0 src-address=10.0.0.1-10.0.0.255
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/1 src-address=10.0.0.1-10.0.0.255
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN3_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/2 src-address=10.0.0.1-10.0.0.255
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN4_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/3 src-address=10.0.0.1-10.0.0.255
add action=mark-routing chain=prerouting comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN1 src-address=10.0.0.1-10.0.0.255
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN2 src-address=10.0.0.1-10.0.0.255
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN3 src-address=10.0.0.1-10.0.0.255
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN4 src-address=10.0.0.1-10.0.0.255
and when i use this script hotspot works fine PPPoE users can connect but after connecting nothing happens no browsing no downloading no Ping.
ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_conn
add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=WAN4_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=output connection-mark=WAN3_conn action=mark-routing new-routing-mark=to_WAN3
add chain=output connection-mark=WAN4_conn action=mark-routing new-routing-mark=to_WAN4
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/3 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN4
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
add chain=srcnat out-interface=WAN3 action=masquerade
add chain=srcnat out-interface=WAN4 action=masquerade
add chain=srcnat out-interface=WAN5 action=masquerade
problem is with mangle and NAT rules
when i use these rules PPPoE works fine and Hotspot dont work at all.
(sexond script and problem at the end of first script)
/ip firewall mangle
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN3 new-connection-mark=WAN3_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN4 new-connection-mark=WAN4_conn passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.1.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.2.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.3.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.4.0/24
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/0 src-address=10.0.0.1-10.0.0.255
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/1 src-address=10.0.0.1-10.0.0.255
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN3_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/2 src-address=10.0.0.1-10.0.0.255
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN4_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/3 src-address=10.0.0.1-10.0.0.255
add action=mark-routing chain=prerouting comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN1 src-address=10.0.0.1-10.0.0.255
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN2 src-address=10.0.0.1-10.0.0.255
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN3 src-address=10.0.0.1-10.0.0.255
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN4 src-address=10.0.0.1-10.0.0.255
and when i use this script hotspot works fine PPPoE users can connect but after connecting nothing happens no browsing no downloading no Ping.
ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_conn
add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=WAN4_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=output connection-mark=WAN3_conn action=mark-routing new-routing-mark=to_WAN3
add chain=output connection-mark=WAN4_conn action=mark-routing new-routing-mark=to_WAN4
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/3 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN4
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
add chain=srcnat out-interface=WAN3 action=masquerade
add chain=srcnat out-interface=WAN4 action=masquerade
add chain=srcnat out-interface=WAN5 action=masquerade
Re: PCC load balancing with (Hotspot + PPPoE dialer)on ether
if any one is using or have knowledge on how to use
hotspot + PPPoE on single interface with PCC load balanced multiple WANs please help me.
hotspot + PPPoE on single interface with PCC load balanced multiple WANs please help me.
Re: PCC load balancing with (Hotspot + PPPoE dialer)on ether
hahhahahaah after continuous work along with banging my head and ass over wall for 26 hours i final found what i was doing wrong.
i was just placing in-interface= in mangle rules and that was shit . finally i made it and final script is ready.
only problem now i have is that my hotspot page is not displaying automatically, users have to put dns name or ip to get to login page.
here is the script fully functional if this helps you dont forget to give KARMA
/ip firewall mangle
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.1.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.2.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.3.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.4.0/24
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN1 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN3 new-connection-mark=WAN3_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN4 new-connection-mark=WAN4_conn passthrough=yes
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/0
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/1
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN3_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/2
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN4_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/3
add action=mark-routing chain=output comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN1
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN2
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN3
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN4
i was just placing in-interface= in mangle rules and that was shit . finally i made it and final script is ready.
only problem now i have is that my hotspot page is not displaying automatically, users have to put dns name or ip to get to login page.
here is the script fully functional if this helps you dont forget to give KARMA
/ip firewall mangle
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.1.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.2.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.3.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.4.0/24
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN1 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN3 new-connection-mark=WAN3_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN4 new-connection-mark=WAN4_conn passthrough=yes
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/0
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/1
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN3_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/2
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN4_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/3
add action=mark-routing chain=output comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN1
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN2
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN3
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN4
Re: PCC load balancing with (Hotspot + PPPoE dialer)on ether
in-interface= is still needed.
Also do you have either the rule:
if not using this you will need to add the following to each line in PCC mangles:
Also of note if you have Vlans attached to the physical LAN interface you will need to make a PCC rule for the Vlan interface. Say I had Vlan10 attached to LAN in the above example, I would need a rule as follows:
I also ran into the dns problem and hotspot page problem, I however fixed all of that with taking away assigning the dns directly in dhcp, I shifted it to the /ip dns and allowed remote requests. I use google public dns for this.
Also for the PPPOE on the out and in interface you will use the in-interface=pppoe-interface not the physical interface.
I have over 10 of these implementations working now.
Also do you have either the rule:
Code: Select all
/ip firewall nat
chain=pre-hotspot action=accept dst-address-type=!local hotspot=authCode: Select all
/ip firewall mangle
chain=prerouting action=mark-connection new-connection-mark=WAN1_conn passthrough=yes dst-address-type=!local hotspot=auth in-interface=LAN per-connection-classifier=both-addresses-and-ports:2/0Code: Select all
/ip firewall mangle
chain=prerouting action=mark-connection new-connection-mark=WAN1_conn passthrough=yes dst-address-type=!local hotspot=auth in-interface=Vlan10 per-connection-classifier=both-addresses-and-ports:2/0Code: Select all
/ip dns set allow-remote-request=yesI have over 10 of these implementations working now.
-
-
moazdabsheh
Frequent Visitor
- Posts: 54
- Joined:
- Location: Palestine
Re: PCC load balancing with (Hotspot + PPPoE dialer)on ether
what about me ?
i have mikrotik configured as pppoe server with usermanager, and pcc is not working, i noticed that wan2 has no activity for pppoe users though i don't have hotspot enabled !!
this is my config:
i have mikrotik configured as pppoe server with usermanager, and pcc is not working, i noticed that wan2 has no activity for pppoe users though i don't have hotspot enabled !!
this is my config:
/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=local
add address=10.10.10.0/24 network=192.168.0.0 broadcast=10.10.10.255 interface=local
add address=10.0.0.100/24 network=192.168.1.0 broadcast=10.0.0.255 interface=WAN1
add address=5.5.5.200/24 network=192.168.2.0 broadcast=5.5.5.255 interface=WAN2
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address=10.0.0.0/24 action=accept in-interface=local
add chain=prerouting dst-address=5.5.5.0/24 action=accept in-interface=local
add chain=prerouting dst-address-type=!local in-interface=local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=local action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=10.0.0.138 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=5.5.5.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.0.0.138 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=5.5.5.1 distance=2 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
Who is online
Users browsing this forum: dioeyandika, McSee and 16 guests