MikroTik

Community discussions
https://forum.mikrotik.com/

Routing with Load Balancing

https://forum.mikrotik.com/viewtopic.php?t=36768

Page 1 of 1

Routing with Load Balancing

Posted: Wed Nov 18, 2009 1:00 am
by rafa_lore
Hello
I'm trying to load the traffic of my users with 3 Internet connection, I divided the connections like this:

Connection 1 - WAN1: It´s you for all traffic sweepings, like P2P, RapidShare..., ftp, and everything strange.
Connection 2 - WAN2: Common connection, but heavy connections, (here is the problem) Mails, Youtube, http download, and big thing, but not of WAN1.
Connection 3 - VIP: Vip connection, like HTTP, VPN, NET service, Chat, VOIP (This is the more expensive connection, so I have to safe it!!)

Well the problem appears when I tried to change the route of some connection.
For example If I start download a Router OS of the Mikrotik page it's mangle with this rule without problem:
Code: Select all
add action=mark-connection chain=HTTP comment=HTTP \
    disabled=no dst-port=80 new-connection-mark=HTTP_CON passthrough=yes \
    protocol=tcp
add action=mark-routing chain=HTTP comment="" connection-mark=HTTP_CON \
    disabled=no new-routing-mark=VIP passthrough=no
But latter when is downloading the file, the packets are mangle with this rules and start the problem:
Code: Select all
add action=mark-connection chain=FTP comment="HTTP de archivos - 1 Mbyte" \
    connection-bytes=512000-1000000 disabled=yes new-connection-mark=FTP_CON \
    passthrough=yes protocol=tcp
add action=mark-connection chain=FTP comment="HTTP de archivos - 3 Mbyte" \
    connection-bytes=1000000-3000000 disabled=yes new-connection-mark=FTP_CON \
    passthrough=yes protocol=tcp
add action=mark-connection chain=FTP comment="HTTP de archivos - 6 Mbyte" \
    connection-bytes=3000000-6000000 disabled=yes new-connection-mark=FTP_CON \
    passthrough=yes protocol=tcp
add action=mark-connection chain=FTP comment="HTTP de archivos - 30 Mbyte" \
    connection-bytes=6000000-30000000 disabled=yes new-connection-mark=\
    FTP_CON passthrough=yes protocol=tcp
add action=mark-connection chain=FTP comment="HTTP de archivos - 60 Mbyte" \
    connection-bytes=30000000-60000000 disabled=yes new-connection-mark=\
    FTP_CON passthrough=yes protocol=tcp
add action=mark-connection chain=HTTP comment=\
    "HTTP de archivos - Infinitive Mbyte" connection-bytes=60000000-0 \
    disabled=yes new-connection-mark=FTP_CON passthrough=yes protocol=tcp
add action=mark-routing chain=FTP comment="" connection-mark=FTP_CON \
    disabled=no new-routing-mark=WAN2 passthrough=no

It's stop downloading, I think because the route is different, so the IP of who is downloading change! :(

The same happend with youtube page, the fist part you can see, but few seconds later is mangled with L7 or port 554, and stop showing the video!

Code: Select all
add action=mark-connection chain=VIDEO comment=RSTP disabled=no dst-port=554 \
    new-connection-mark=VIDEO_CON passthrough=yes protocol=tcp
add action=mark-connection chain=VIDEO comment=\
    "RTSP - Real Time Streaming Protocol - L7" disabled=no layer7-protocol=\
    rtsp new-connection-mark=VIDEO_CON passthrough=yes
add action=mark-connection chain=VIDEO comment="Quicktime HTTP - L7" \
    disabled=no layer7-protocol=quicktime new-connection-mark=VIDEO_CON \
    passthrough=yes
add action=mark-connection chain=VIDEO comment=\
    "HTTP - Video over HyperText Transfer Protocol (RFC 2616) - L7" disabled=\
    no layer7-protocol=httpvideo new-connection-mark=VIDEO_CON passthrough=\
    yes
add action=mark-connection chain=VIDEO comment=\
    "RTSP tunneled within HTTP - L7" disabled=no layer7-protocol=http-rtsp \
    new-connection-mark=VIDEO_CON passthrough=yes
add action=mark-routing chain=VIDEO comment="" connection-mark=VIDEO_CON \
    disabled=no new-routing-mark=WAN2 passthrough=yes
So someone, know how to change the route without losing the connection? :?
Thanks in advance
Rafael Lore

Re: Routing with Load Balancing

Posted: Wed Nov 18, 2009 1:04 am
by fewi
I don't believe you can. That's a limitation of TCP/IP - endpoints are defined by IP address and port. If suddenly, in the middle of a download, you change one endpoint by forcing it out another WAN connection and NAT'ing to that IP, the server you're downloading from is suddenly going to see a different endpoint and refuse to talk to it and sever the connection.

Re: Routing with Load Balancing

Posted: Wed Nov 18, 2009 1:45 am
by rafa_lore
Thanks fewi
I thing so, but like MKT make miracles, I think that may be a solution for this
Thanks fewi
Rafael Lore

Re: Routing with Load Balancing

Posted: Wed Nov 18, 2009 8:03 pm
by Chupaka
I don't believe you can. That's a limitation of TCP/IP - endpoints are defined by IP address and port. If suddenly, in the middle of a download, you change one endpoint by forcing it out another WAN connection and NAT'ing to that IP, the server you're downloading from is suddenly going to see a different endpoint and refuse to talk to it and sever the connection.
it's even more deep: NAT address isn't being changed, only the interface. and another provider simply drops packets with unknown source
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/