Community discussions

MikroTik App
  4. RouterOS
  5. General

Dual WAN (DHCP, PPPoE) w/ PCC and local VLANs

Post Reply
 
jaadu
just joined
Topic Author
Posts: 16
Joined: Mon Sep 30, 2013 6:14 am

Dual WAN (DHCP, PPPoE) w/ PCC and local VLANs

Mon Sep 30, 2013 6:33 am

Hi,

If this has been covered already, sorry in advance.

I am trying to configure a Dual WAN (DHCP, PPPoE) solution with PCC load balancing that is accessible by 3 local networks (untagged LAN and 2 VLANs)

I have the wireless/LAN networks routing over either WAN okay, but am having problems getting the PCC load balancing to work. Here is what I have so far:
Code: Select all
/ip firewall mangle
add chain=input in-interface=wan1 action=mark-connection new-connection-mark=wan1_conn
add chain=input in-interface=wan2 action=mark-connection new-connection-mark=wan2_conn
add chain=output connection-mark=wan1_conn action=mark-routing new-routing-mark=to_wan1
add chain=output connection-mark=wan2_conn action=mark-routing new-routing-mark=to_wan2
add chain=prerouting dst-address-type=local action=accept in-interface=lan1
add chain=prerouting dst-address-type=local action=accept in-interface=lan2
add chain=prerouting dst-address-type=local action=accept in-interface=lan3
add chain=prerouting dst-address-type=!local in-interface=lan1 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=wan1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=lan1 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=wan2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=lan2 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=wan1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=lan2 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=wan2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=lan3 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=wan1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=lan3 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=wan2_conn passthrough=yes
add chain=prerouting connection-mark=wan1_conn in-interface=lan1 action=mark-routing new-routing-mark=to_wan1
add chain=prerouting connection-mark=wan2_conn in-interface=lan1 action=mark-routing new-routing-mark=to_wan2
add chain=prerouting connection-mark=wan1_conn in-interface=lan2 action=mark-routing new-routing-mark=to_wan1
add chain=prerouting connection-mark=wan2_conn in-interface=lan2 action=mark-routing new-routing-mark=to_wan2
add chain=prerouting connection-mark=wan1_conn in-interface=lan3 action=mark-routing new-routing-mark=to_wan1
add chain=prerouting connection-mark=wan2_conn in-interface=lan3 action=mark-routing new-routing-mark=to_wan2
/ip route
add dst-address=0.0.0.0/0 gateway=wan1 routing-mark=to_wan1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=wan2 routing-mark=to_wan2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=wan1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=wan2 distance=2 check-gateway=ping
wan1 & wan2 are my WAN interfaces
lan1, lan2, lan3 are bridges joining the LAN/VLANs with their respective AP/VirtualAPs

Any thoughts/input is greatly appreciated.

Cheers
Top
 
jaadu
just joined
Topic Author
Posts: 16
Joined: Mon Sep 30, 2013 6:14 am

Re: Dual WAN (DHCP, PPPoE) w/ PCC and local VLANs

Wed Oct 02, 2013 7:19 am

After some research and help (thx Amin!) it looks like this. (note to self: address lists are your friend)
Code: Select all
/ip firewall mangle
add chain=prerouting dst-address-list=!LAN src-address-list=LAN
add action=mark-connection chain=input in-interface=pppoe new-connection-mark=WAN1_mark
add action=mark-connection chain=input in-interface=wan2 new-connection-mark=WAN2_mark
add action=mark-routing chain=output connection-mark=WAN1_mark new-routing-mark=to_ISP1
add action=mark-routing chain=output connection-mark=WAN2_mark new-routing-mark=to_ISP2
add action=mark-connection chain=prerouting dst-address-list=!LAN new-connection-mark=WAN1_mark per-connection-classifier=both-addresses-and-ports:2/0 src-address-list=LAN
add action=mark-connection chain=prerouting dst-address-list=!LAN new-connection-mark=WAN2_mark per-connection-classifier=both-addresses-and-ports:2/1 src-address-list=LAN
add action=mark-routing chain=prerouting connection-mark=WAN1_mark new-routing-mark=to_ISP1
add action=mark-routing chain=prerouting connection-mark=WAN2_mark new-routing-mark=to_ISP2
/ip firewall nat
add action=masquerade chain=srcnat out-interface=wan2
add action=masquerade chain=srcnat out-interface=pppoe
/ip route
add check-gateway=ping distance=1 gateway=pppoe routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=wan2 routing-mark=to_WAN2
add check-gateway=ping distance=1 gateway=pppoe
add check-gateway=ping distance=2 gateway=wan2
Now on to adding failover
Top
 
Jeanluck
Member Candidate
Member Candidate
Posts: 280
Joined: Tue Apr 19, 2011 7:07 pm

Re: Dual WAN (DHCP, PPPoE) w/ PCC and local VLANs

Sun Oct 06, 2013 10:19 pm

Hi,
I was reading your article, and I think that solves my problem casually.
I have a problem at mark routes that you do correctly. I have a doubt with your script when you use:
new-routing-mark = to_ISP1
new-routing-mark = to_ISP2

Where is "to_ISP1" and "to_ISP2" defined and used?, In "ip route" is not used and I have not clear what role they play.

Thanks
Top
 
01101110110110
Frequent Visitor
Frequent Visitor
Posts: 81
Joined: Thu Apr 12, 2012 8:19 pm

Re: Dual WAN (DHCP, PPPoE) w/ PCC and local VLANs

Mon Oct 07, 2013 5:50 pm

Judging by the previous script and the updated one, he probably forgot to update the routing rules, but to_ISP1 should be to_WAN1 ..etc
Top
 
Jeanluck
Member Candidate
Member Candidate
Posts: 280
Joined: Tue Apr 19, 2011 7:07 pm

Re: Dual WAN (DHCP, PPPoE) w/ PCC and local VLANs

Mon Oct 07, 2013 6:31 pm

yes... I think you are right, thanks!
Top
 
freemannnn
Forum Veteran
Forum Veteran
Posts: 700
Joined: Sun Oct 13, 2013 7:29 pm

Re: Dual WAN (DHCP, PPPoE) w/ PCC and local VLANs

Thu Apr 21, 2016 9:25 pm

can someone expain what this line exactly does? why we need it? what traffic accept?

add chain=prerouting dst-address-list=!LAN src-address-list=LAN
Top
 
jaadu
just joined
Topic Author
Posts: 16
Joined: Mon Sep 30, 2013 6:14 am

Re: Dual WAN (DHCP, PPPoE) w/ PCC and local VLANs

Sat Oct 29, 2016 6:48 pm

can someone expain what this line exactly does? why we need it? what traffic accept?

add chain=prerouting dst-address-list=!LAN src-address-list=LAN
You don't, I don't think it actually does anything looking at it now. The new iteration of this config I am using doesn't have it.
Top
Post Reply
  4. RouterOS
  5. General