4 Wan LoadBalaning / Failover with Mikrotik
Posted: Sat Sep 07, 2013 10:26 pm
Hi,
I am trying to do LoadBalancing / Failover with Mikrotik with limited success
as a guide i have used :
http://fatalsite.net/?p=100
And i tried to tweak it for 4wans and to my network IPs
I would like to be able to detect if a Wan is down not by pinging the ip of the modem but by some external host like 8.8.8.8. It would also be nice if i could consider a wan down if it had a slow ping or Packet loss.
What i have accomplished so far is to have internet by its unstable and websites don't always load, the gateways dont seem to be used evenly and detection of failure in one of the wans is slow.
Obviously i will have mistakes in my code since i have not done this before using Mikrotik were are my details
Details:
Mini-ITX
VIA C7 1ghz 512 ram
ether1:192.168.1.1/24
ether2:192.168.2.150/24 GW: 192.168.2.100/24
ether3:192.168.3.150/24 GW: 192.168.3.100/24
ether4:192.168.4.150/24 GW: 192.168.4.100/24
ether5:192.168.5.150/24 GW: 192.168.5.100/24
DNS Μikrotik i have used the modems.
192.168.2.100
192.168.3.100
192.168.4.100
192.168.5.100
/ip firewall mangle
add chain=input in-interface=ether2 action=mark-connection new-connection-mark=wan1_mark
add chain=input in-interface=ether3 action=mark-connection new-connection-mark=wan2_mark
add chain=input in-interface=ether4 action=mark-connection new-connection-mark=wan3_mark
add chain=input in-interface=ether5 action=mark-connection new-connection-mark=wan4_mark
add chain=output connection-mark=wan1_mark action=mark-routing new-routing-mark=to_wan1
add chain=output connection-mark=wan2_mark action=mark-routing new-routing-mark=to_wan2
add chain=output connection-mark=wan3_mark action=mark-routing new-routing-mark=to_wan3
add chain=output connection-mark=wan4_mark action=mark-routing new-routing-mark=to_wan4
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=192.168.5.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/0 action=mark-connection new-connection-mark=wan1_mark passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/1 action=mark-connection new-connection-mark=wan2_mark passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/2 action=mark-connection new-connection-mark=wan3_mark passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/3 action=mark-connection new-connection-mark=wan4_mark passthrough=yes
add chain=prerouting connection-mark=wan1_mark in-interface=ether1 action=mark-routing new-routing-mark=to_wan1
add chain=prerouting connection-mark=wan2_mark in-interface=ether1 action=mark-routing new-routing-mark=to_wan2
add chain=prerouting connection-mark=wan3_mark in-interface=ether1 action=mark-routing new-routing-mark=to_wan3
add chain=prerouting connection-mark=wan4_mark in-interface=ether1 action=mark-routing new-routing-mark=to_wan4
/ip route
add dst-address=8.8.8.8 gateway=192.168.2.100 scope=10
add dst-address=208.67.222.222 gateway=192.168.3.100 scope=10
add dst-address=8.8.4.4 gateway=192.168.4.100 scope=10
add dst-address=208.67.220.220 gateway=192.168.5.100 scope=10
/ip route
add dst-address=10.1.1.1 gateway=8.8.4.4 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.2.2.2 gateway=208.67.222.222 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.3.3.3 gateway=8.8.8.8 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.4.4.4 gateway=208.67.220.220 scope=10 target-scope=10 check-gateway=ping
/ip route
add distance=1 gateway=10.1.1.1 routing-mark=to_wan4
add distance=2 gateway=10.2.2.2 routing-mark=to_wan3
add distance=3 gateway=10.3.3.3 routing-mark=to_wan1
add distance=4 gateway=10.4.4.4 routing-mark=to_wan2
/ip firewall nat
add chain=srcnat out-interface=ether2 action=masquerade
add chain=srcnat out-interface=ether3 action=masquerade
add chain=srcnat out-interface=ether4 action=masquerade
add chain=srcnat out-interface=ether5 action=masquerade
http://img19.imageshack.us/img19/5190/lc04.png
Thanks
I am trying to do LoadBalancing / Failover with Mikrotik with limited success
as a guide i have used :
http://fatalsite.net/?p=100
And i tried to tweak it for 4wans and to my network IPs
I would like to be able to detect if a Wan is down not by pinging the ip of the modem but by some external host like 8.8.8.8. It would also be nice if i could consider a wan down if it had a slow ping or Packet loss.
What i have accomplished so far is to have internet by its unstable and websites don't always load, the gateways dont seem to be used evenly and detection of failure in one of the wans is slow.
Obviously i will have mistakes in my code since i have not done this before using Mikrotik were are my details
Details:
Mini-ITX
VIA C7 1ghz 512 ram
ether1:192.168.1.1/24
ether2:192.168.2.150/24 GW: 192.168.2.100/24
ether3:192.168.3.150/24 GW: 192.168.3.100/24
ether4:192.168.4.150/24 GW: 192.168.4.100/24
ether5:192.168.5.150/24 GW: 192.168.5.100/24
DNS Μikrotik i have used the modems.
192.168.2.100
192.168.3.100
192.168.4.100
192.168.5.100
/ip firewall mangle
add chain=input in-interface=ether2 action=mark-connection new-connection-mark=wan1_mark
add chain=input in-interface=ether3 action=mark-connection new-connection-mark=wan2_mark
add chain=input in-interface=ether4 action=mark-connection new-connection-mark=wan3_mark
add chain=input in-interface=ether5 action=mark-connection new-connection-mark=wan4_mark
add chain=output connection-mark=wan1_mark action=mark-routing new-routing-mark=to_wan1
add chain=output connection-mark=wan2_mark action=mark-routing new-routing-mark=to_wan2
add chain=output connection-mark=wan3_mark action=mark-routing new-routing-mark=to_wan3
add chain=output connection-mark=wan4_mark action=mark-routing new-routing-mark=to_wan4
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=192.168.5.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/0 action=mark-connection new-connection-mark=wan1_mark passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/1 action=mark-connection new-connection-mark=wan2_mark passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/2 action=mark-connection new-connection-mark=wan3_mark passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses-and-ports:4/3 action=mark-connection new-connection-mark=wan4_mark passthrough=yes
add chain=prerouting connection-mark=wan1_mark in-interface=ether1 action=mark-routing new-routing-mark=to_wan1
add chain=prerouting connection-mark=wan2_mark in-interface=ether1 action=mark-routing new-routing-mark=to_wan2
add chain=prerouting connection-mark=wan3_mark in-interface=ether1 action=mark-routing new-routing-mark=to_wan3
add chain=prerouting connection-mark=wan4_mark in-interface=ether1 action=mark-routing new-routing-mark=to_wan4
/ip route
add dst-address=8.8.8.8 gateway=192.168.2.100 scope=10
add dst-address=208.67.222.222 gateway=192.168.3.100 scope=10
add dst-address=8.8.4.4 gateway=192.168.4.100 scope=10
add dst-address=208.67.220.220 gateway=192.168.5.100 scope=10
/ip route
add dst-address=10.1.1.1 gateway=8.8.4.4 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.2.2.2 gateway=208.67.222.222 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.3.3.3 gateway=8.8.8.8 scope=10 target-scope=10 check-gateway=ping
add dst-address=10.4.4.4 gateway=208.67.220.220 scope=10 target-scope=10 check-gateway=ping
/ip route
add distance=1 gateway=10.1.1.1 routing-mark=to_wan4
add distance=2 gateway=10.2.2.2 routing-mark=to_wan3
add distance=3 gateway=10.3.3.3 routing-mark=to_wan1
add distance=4 gateway=10.4.4.4 routing-mark=to_wan2
/ip firewall nat
add chain=srcnat out-interface=ether2 action=masquerade
add chain=srcnat out-interface=ether3 action=masquerade
add chain=srcnat out-interface=ether4 action=masquerade
add chain=srcnat out-interface=ether5 action=masquerade
http://img19.imageshack.us/img19/5190/lc04.png
Thanks