MikroTik

Community discussions
https://forum.mikrotik.com/

PCC Mangle rules question (Load Balancing)

https://forum.mikrotik.com/viewtopic.php?t=73205

Page 1 of 1

PCC Mangle rules question (Load Balancing)

Posted: Fri May 31, 2013 4:26 pm
by whoknew
Hi folks, quick question, here are my mangle rules currently (still have them in notepad, haven't put them into the router yet;
Code: Select all
add chain=input in-interface=ether1-WANA action=mark-connection new-connection-mark=ether1-WANA_conn
add chain=input in-interface=ether2-WANB action=mark-connection new-connection-mark=ether2-WANB_conn

add chain=output connection-mark=ether1-WANA_conn action=mark-routing new-routing-mark=to_ether1-WANA
add chain=output connection-mark=ether2-WANB_conn action=mark-routing new-routing-mark=to_ether2-WANB

add chain=prerouting dst-address=1.1.1.1/27 action=accept in-interface=ether3-LAN
add chain=prerouting dst-address=2.2.2.2/29 action=accept in-interface=ether3-LAN

add chain=prerouting dst-address-type=!ether3-LAN in-interface=ether3-LAN per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=ether1-WANA_conn passthrough=yes
add chain=prerouting dst-address-type=!ether3-LAN in-interface=ether3-LAN per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=ether2-WANB_conn passthrough=yes

add chain=prerouting connection-mark=ether1-WANA_conn in-interface=ether3-LAN action=mark-routing new-routing-mark=to_ether1-WANA
add chain=prerouting connection-mark=ether2-WANB_conn in-interface=ether3-LAN action=mark-routing new-routing-mark=to_ether2-WANB
I have 20 Vlans attached to ether3-LAN, do I need to make a mangle rule for every Vlan or is the ether3-LAN rules above sufficient?

Re: PCC Mangle rules question (Load Balancing)

Posted: Sat Aug 06, 2016 1:17 pm
by marcmerz
I would be very interested to know this as well (eventhough the question is more than 3 years old now).

It seems i would have to define the mangle rules for every vlan that is defined and not only for the ethernet interface these vlan's are connected to.

Can somebody please confirm this?

Re: PCC Mangle rules question (Load Balancing)

Posted: Sun Aug 07, 2016 2:55 am
by IntrusDave
You can use an Interface List. Add all of your LANs and VLANs to an interface list, then create one set of rules.

Re: PCC Mangle rules question (Load Balancing)

Posted: Sun Aug 07, 2016 3:16 am
by IntrusDave
If it helps, this is my config. I have two cable modems, both with dynamic IP's. The script will update the routes when a WAN IP changes.
Code: Select all
/ip route
add comment=wan0 distance=50 gateway=x.x.x.x routing-mark=to_WAN0
add comment=wan1 distance=50 gateway=x.x.x.x routing-mark=to_WAN1
Code: Select all
/ip firewall nat
add action=masquerade chain=srcnat out-interface=wan0
add action=masquerade chain=srcnat out-interface=wan1
Code: Select all
/ip firewall mangle
add action=mark-connection chain=input in-interface=wan0 new-connection-mark=WAN0_conn passthrough=no
add action=mark-connection chain=input in-interface=wan1 new-connection-mark=WAN1_conn passthrough=no
add action=mark-routing chain=output connection-mark=WAN0_conn new-routing-mark=to_WAN0 passthrough=no
add action=mark-routing chain=output connection-mark=WAN1_conn new-routing-mark=to_WAN1 passthrough=no
add action=mark-connection chain=prerouting dst-address-type=!local in-interface-list=lanLinks new-connection-mark=WAN0_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting dst-address-type=!local in-interface-list=lanLinks new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=WAN0_conn in-interface-list=lanLinks new-routing-mark=to_WAN0 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN1_conn in-interface-list=lanLinks new-routing-mark=to_WAN1 passthrough=yes
Code: Select all
/system script
add name=pccWanIpUpdate policy=read,write,test source="# Dynamic IP Updater\r\
    \n\r\
    \n:local wan0name \"wan0\";\r\
    \n:local wan1name \"wan1\";\r\
    \n:global wan0address;\r\
    \n:global wan1address;\r\
    \n\r\
    \n:local wan0ip [/ip dhcp-client get [find interface=\"\$wan0name\"] value-name=address];\r\
    \n:if (\$wan0address != \$wan0ip) do={\r\
    \n\t:global wan0address [:pick \$wan0ip 0 [:find \$wan0ip \"/\"]];\r\
    \n\t:local wan0gateway [/ip dhcp-client get  [find interface=\"\$wan0name\"] value-name=gateway];\r\
    \n\t:local wan0temp [/ip address get [find interface=\"\$wan0name\"] value-name=network ]\r\
    \n\t:local wan0subnet (\$wan0temp . \"/\" . [:pick \$wan0ip ([:find \$wan0ip \"/\"]+1) [:len \$wan0ip] ] )\r\
    \n\t/ip route set [find comment=\"wan0\"] gateway=\$wan0gateway;\r\
    \n}\r\n\r\
    \n:local wan1ip [/ip dhcp-client get [find interface=\"\$wan1name\"] value-name=address];\r\
    \n:if (\$wan1address != \$wan1ip) do={\r\
    \n\t:global wan1address [:pick \$wan1ip 0 [:find \$wan1ip \"/\"]];\r\
    \n\t:local wan1gateway [/ip dhcp-client get  [find interface=\"\$wan1name\"] value-name=gateway];\r\
    \n\t:local wan1temp [/ip address get [find interface=\"\$wan1name\"] value-name=network ]\r\
    \n\t:local wan1subnet (\$wan1temp . \"/\" . [:pick \$wan1ip ([:find \$wan1ip \"/\"]+1) [:len \$wan1ip] ] )\r\
    \n\t/ip route set [find comment=\"wan1\"] gateway=\$wan1gateway;\r\
    \n}\r\n"
All times are UTC+02:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/