Page 1 of 1

how to separate traffic of port 80 in pcc ?

Posted: Thu Feb 07, 2013 11:25 pm
by ronix
Dears ...

we have a PCC load balancing :
WAN1: 5M up / 5M down (for direct connections)
WAN2: 5M up / 5M down (for direct connections)
WAN3: 20M sat down (for port 80 connections)

we are routing our sat subnet to use it for port 80 connections and every thing is ok...

but we want to stop our sat down and upgrade our WAN2 to become 15M up / 30M down
what we need is to divide the WAN2 bandwidth between the direct connections and port 80 connections
to be like this :
WAN1: 5M up / 5M down (for direct connections)
WAN2: 5M up / 5M down (for direct connections)
WAN2: 10M up / 25M down (for port 80 connections)

any idea to solve it ?

Best regards...

Re: how to separate traffic of port 80 in pcc ?

Posted: Sun Feb 17, 2013 9:38 am
by ronix
can I use it in this way :

ether2: my local lan
ether3: my WAN1 (15M up / 30M down)
ether4: my WAN2 (5M up / 5M down)
/ip address
add address=192.168.1.1/24 disabled=no interface=ether2 network=192.168.1.0
add address=1.1.1.2/24 disabled=no interface=ether3 network=1.1.1.0
add address=2.2.2.2/24 disabled=no interface=ether4 network=2.2.2.0
PCC load balance with marking http connection:
/ip firewall mangle
add action=mark-connection chain=forward disabled=no dst-port=80 new-connection-mark=http_conn passthrough=yes protocol=tcp src-address=192.168.1.0/24
add action=mark-packet chain=forward connection-mark=http_conn disabled=no dst-port=80 new-packet-mark=http passthrough=no protocol=tcp src-address=192.168.1.0/24
add action=accept chain=prerouting comment=ether3 disabled=no dst-address=1.1.1.0/24 in-interface=ether2
add action=accept chain=prerouting comment=ether4 disabled=no dst-address=2.2.2.0/24 in-interface=ether2
add action=mark-connection chain=prerouting comment=ether3_conn connection-mark=no-mark disabled=no in-interface=ether3 new-connection-mark=ether3_conn passthrough=yes
add action=mark-connection chain=prerouting comment=ether4_conn connection-mark=no-mark disabled=no in-interface=ether4 new-connection-mark=ether4_conn passthrough=yes
add action=mark-connection chain=prerouting comment=ether3_conn connection-mark=no-mark disabled=no dst-address-type=!local in-interface=ether2 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-connection chain=prerouting comment=ether4_conn connection-mark=no-mark disabled=no dst-address-type=!local in-interface=ether2 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-routing chain=prerouting comment="ether3_packet mark" connection-mark=ether3_conn disabled=no in-interface=ether2 new-routing-mark=to_ether3 passthrough=yes
add action=mark-routing chain=prerouting comment="ether4_packet mark" connection-mark=ether4_conn disabled=no in-interface=ether2 new-routing-mark=to_ether4 passthrough=yes
add action=mark-routing chain=output comment="ether3_packet mark" connection-mark=ether3_conn disabled=no new-routing-mark=to_ether3 passthrough=yes
add action=mark-routing chain=output comment="ether4_packet mark" connection-mark=ether4_conn disabled=no new-routing-mark=to_ether4 passthrough=yes
/ip firewall nat
add action=accept chain=srcnat disabled=no dst-port=80 out-interface=ether3 protocol=tcp
add action=masquerade chain=srcnat disabled=no out-interface=ether3
add action=masquerade chain=srcnat disabled=no out-interface=ether4
/ip route

add check-gateway=ping comment="Load balance_ether3" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1 routing-mark=to_ether3 scope=30 target-scope=10
add check-gateway=ping comment="Load balance_ether4" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=2.2.2.1 routing-mark=to_ether4 scope=30 target-scope=10
add check-gateway=ping comment="Load balance_ether3" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1 scope=30 target-scope=10
add check-gateway=ping comment="Load balance_ether4" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=2.2.2.1 scope=30 target-scope=10
/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=10M/25M name="HTTP Queue" packet-marks=http parent=none priority=8 queue=ethernet-default/ethernet-default target-addresses="" total-queue=default-small
what I need is to separate http connection from the PCC load balance and must pass from ether3 only