PPPOE ECMP load balancing with Failover

Recently one of my friend asked me to provide some solution, as he was stuck up with DSL connections as when 1 connection modem get hang router configured with marked gw still sending traffic to down connection.

Hardware used:
1. PC with mikrotik router OS (For user manager and PPPOE Server)
2. Mikrotik Rb750 GL (For Access vlan to broadcast different IP POOL)
3. RB 750 GR HEX (Working as a WAN router by 3 PPPOE Client Each connection is 50mbps)

I am pasting GR HEX configuration for reference you can change it as per your requirement.

Here we go.

/interface pppoe-client
add allow=pap,chap disabled=no interface=WAN1 name=pppoe-out1 password=**** use-peer-dns=yes user=304a
add allow=pap,chap disabled=no interface=WAN2 name=pppoe-out2 password=**** use-peer-dns=yes user=786b
add allow=pap,chap disabled=no interface=WAN3 name=pppoe-out3 password=**** use-peer-dns=yes user=786c

/ip pool
add name=Lan_Pool ranges=\
    192.168.0.150-192.168.0.200
/ip dhcp-server
add add-arp=yes address-pool=Lan_Pool disabled=no interface=Lan lease-time=3d name=Lan

/ip address
add address=192.168.0.1/24 interface=Lan network=192.168.0.0

/ip dhcp-server network
add address=192.168.0.0/24 dns-server= 8.8.8.8 gateway=192.168.0.1

/ip dns
set cache-size=20000KiB max-udp-packet-size=20000 servers=8.8.8.8,8.8.4.4

/ip firewall mangle
add action=mark-connection chain=input in-interface=pppoe-out1 new-connection-mark=PWAN1_conn passthrough=yes
add action=mark-connection chain=input in-interface=pppoe-out2 new-connection-mark=PWAN2_conn passthrough=yes
add action=mark-connection chain=input in-interface=pppoe-out3 new-connection-mark=PWAN3_conn passthrough=yes
add action=mark-routing chain=output connection-mark=PWAN1_conn new-routing-mark=to_PWA1 passthrough=yes
add action=mark-routing chain=output connection-mark=PWAN2_conn new-routing-mark=to_PWA2 passthrough=yes
add action=mark-routing chain=output connection-mark=PWAN3_conn new-routing-mark=to_PWA3 passthrough=yes
add action=accept chain=prerouting in-interface=pppoe-out1
add action=accept chain=prerouting in-interface=pppoe-out2
add action=accept chain=prerouting in-interface=pppoe-out3

/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
add action=masquerade chain=srcnat out-interface=pppoe-out2
add action=masquerade chain=srcnat out-interface=pppoe-out3

/ip route
add check-gateway=ping distance=1 gateway=pppoe-out1 routing-mark=to_PWA1
add check-gateway=ping distance=2 gateway=pppoe-out2 routing-mark=to_PWA2
add check-gateway=ping distance=3 gateway=pppoe-out3 routing-mark=to_PWA3
add check-gateway=ping distance=1 gateway=pppoe-out1,pppoe-out2,pppoe-out3

Thats It. below is screenshot for reference with working configuration.


Below is a screenshot of PPPOE Server with its user manager and squid transparent proxy.




don't forget while configuring PPPOE Client on your wan router to un check the add default route tab. if everything goes fine then you may use your another ISA Server or other Firewall or Mikrotik Router OS for your lan network to distribute internet as per your requirement.

Brgds,
Hammad Ahmed Khan

Comments

Post a Comment

Popular posts from this blog

Mikrotik Webproxy with PCC

Image
Usually when you enable web proxy on pcc, it wont work. To make it work you have to mark web proxy connection in output chain, and exclude port 80 traffic from pre-routing PCC rules. Example is as below. (I assume you have dual wan pcc already configured and in running state Add following rules (Output chain) /ip firewall mangle add action=mark-connection chain=output comment=”Marking Web Proxy Connection for WAN-1″ disabled=no dst-port=80 new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=\    both-addresses-and-ports:2/0 protocol=tcp     both-addresses-and-ports:2/1 protocol=tcp     per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp add action=mark-connection chain=prerouting comment=”Excluding Port 80 from PCC – WAN2″ disabled=no dst-address-type=!local  dst-port=!80  in-interface=LAN new-connection-mark=WAN2_conn passthrough=yes \     per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp     max-server-connections=600 p
Read more

Dual Wan Load balacing with failover mikrotik

Introduction Let us suppose that we have two WAN links, and we want  load balance the two WAN links  and do a fail-over if one of the WAN links fails ( eg: traffic redirected to the link which is up ) . the problem is to monitor, whether the Internet is accessible through each of them. The problem can be everywhere. If your VPN cannot connect – then there’s no problem, your default route with gateway=that-vpn-connection will be inactive. If your ADSL modem is down – then check-gateway=ping is on stage, and no problem again. But what if your modem is up, and telephone line is down? Or one of your ISP has a problem inside it, so traceroute shows only a few hops – and then stops… Some people use NetWatch tool to monitor remote locations. Others use scripts to periodically ping remote hosts. And then disable routes or in some other way change the behaviour of routing. But RouterOS facilities allow us to use only /ip routes to do such checking – no scripting and netwatch at al
Read more

Configure Static IP Address (CLI) on Ubuntu 18.04.5 LTS

 goto: sudo nano /etc/netplan/01-netcfg.yaml Sample Config: # This file describes the network interfaces available on your system # For more information, see netplan(5). network:   version: 2   renderer: networkd   ethernets:         ens160:             dhcp4: no             addresses: ['192.168.1.26/24']             gateway4: 192.168.1.1             nameservers:                 addresses: [8.8.8.8, 8.8.4.4]                 search: [hak786.blogspot.com] sudo netplan apply
Read more