Hi everybody,
A few days ago I activated my second internet connection, and I thought of using both connections at the same time via PCC lod balance.
Both connections are PPPOE type and have dynamic IP but the second connection is behind NAT so i can't use DDNS services to reach my IP address remotly.
I would like to use the PCC load balance only with 3 of the 6 LANs and I would like the remaining 3 to be directed to only one of the two WANs.
To simplify I would like to create such a configuration:
- LAN 1 - PCC (WAN 1 + WAN 2 with failover)
- LAN 2 - PCC (WAN 1 + WAN 2 with failover)
- LAN 3 - PCC (WAN 1 + WAN 2 with failover)
- LAN 4 - WAN 1
- LAN 5 - WAN 1
- LAN 6 - WAN 2
I did step by step tests using the PCC load balance in the beginning only with one LAN and the two WANs.
This is the configuration I've used:

(pppoe-1=WAN 1)
(pppoe-2=WAN 2)
(bridge_1=LAN 1)
(bridge_2=LAN 2)

/ip firewall mangle
add chain=input in-interface=pppoe-1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=pppoe-2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address-type=!local in-interface=bridge_1 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge_1 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=bridge_1 action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=bridge_1 action=mark-routing new-routing-mark=to_WAN2

/ip route
add dst-address=0.0.0.0/0 gateway=pppoe-1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-2 routing-mark=to_WAN2 check-gateway=ping

/ip firewall nat
add chain=srcnat out-interface=pppoe-1 action=masquerade
add chain=srcnat out-interface=pppoe-2 action=masquerade

This configuration works very good.
The first problem came when I tried to apply this configuration to two LANs simultaneously.
This is the configuration I've used:

/ip firewall mangle
# LAN 1
add chain=input in-interface=pppoe-1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=pppoe-2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address-type=!local in-interface=bridge_1 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge_1 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=bridge_1 action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=bridge_1 action=mark-routing new-routing-mark=to_WAN2
# LAN 2
add chain=input in-interface=pppoe-1 action=mark-connection new-connection-mark=WAN3_conn
add chain=input in-interface=pppoe-2 action=mark-connection new-connection-mark=WAN4_conn
add chain=output connection-mark=WAN3_conn action=mark-routing new-routing-mark=to_WAN3
add chain=output connection-mark=WAN4_conn action=mark-routing new-routing-mark=to_WAN4
add chain=prerouting dst-address-type=!local in-interface=bridge_2 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge_2 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes
add chain=prerouting connection-mark=WAN3_conn in-interface=bridge_2 action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=bridge_2 action=mark-routing new-routing-mark=to_WAN4

/ip route
add dst-address=0.0.0.0/0 gateway=pppoe-1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-2 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-1 routing-mark=to_WAN3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-2 routing-mark=to_WAN4 check-gateway=ping

/ip firewall nat
add chain=srcnat out-interface=pppoe-1 action=masquerade
add chain=srcnat out-interface=pppoe-2 action=masquerade

Using this configuration it seems that the PCC load balance works with both LANs but the LANs can no longer communicate with each other.

First, why WAN3 and WAN4, when you have only two? Keep using marks only for WAN1 and WAN2, you'll save some rules, and it won't be unnecessarily confusing.

Regarding the main problem, you mark all connections from LAN, but you have only one route in alternative routing tables (default one). What happens is that for these packets, router doesn't find route to local connected subnets. You have three options:

a) Don't mark connections when the destination is another LAN.
b) Manually add routes to connected subnets to other routing tables.
c) Use routing rule(s) to override route selection, when destination is any LAN.

Last one is simplest (change it or add another if you use different addresses for LAN, e.g. from 10.0.0.0/8):
It tells router that no matter what routing mark packet has, it should look up destination only in main table (which contains connected routes). Extra bonus is that it will allow you to further prune your mangle rules, where instead of (example from after you get rid od WAN3 and WAN4):
you can use just two rules for all:
It will mark routing in both directions, which would normally break it for incoming packets, but routing rule overrides that.

Thank you so much for your reply Sob!
I solved my problem!
I have one last question regarding this configuration.
Would it be possible to ping an IP address (for example google DNS servers or Open DNS servers) for checking failover instead of the IP address of the PPPOE connection?

You're probably looking for this:

viewtopic.php?f=23&t=157048

Thank You so much for your reply!
I tried to search for this topic within Mikrotik Wiki but every link I found brought me to a blank page.
As soon as I can I try to perform the configuration following the explanation of Chupaka.
Thank You again!

Hi,
I reopened this old post as I would like to ask a question regarding this configuration.
I state that I have already done research in this and other forums and in the mikrotik wiki but I have not been able to find an answer, probably because I am not sure what to look for.
I would like to make sure that an interface, for example "bridge_2" connects to the internet only through the pppoe-2 interface.
This is the configuration I am using.
With this configuration, if I disconnect pppoe-2, bridge_2 automatically connects to the internet via pppoe-1.
I wish that if I disconnect pppoe-2, bridge_2 will not connect to the internet.

I have probably found the solution!
I've added the Src. Address to the Masquerade.
These are the masquerade rules before the change: and these are the masquerade rules after the change:
Apparently everything works fine.
Do you think it is a correct solution?