ECMP Load Balancing Simple and Easy Method tested by HaK 

First you need to rename your Mikrotik Interface name according to below script otherwise it won't work..  
 
/ ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local 
add address=10.10.10.2/24 network=10.10.0.0 broadcast=10.10.10.255 interface=wan2
add address=10.20.20.2/24 network=10.20.0.0 broadcast=10.20.20.255 interface=wan1

/ ip route
add dst-address=0.0.0.0/0 gateway=10.10.10.1,10.20.20.1 check-gateway=ping 

/ ip firewall nat 
add chain=srcnat out-interface=wan1 action=masquerade
add chain=srcnat out-interface=wan2 action=masquerade

/ ip firewall mangle
add chain=input in-interface=wan1 action=mark-connection new-connection-mark=wan1_conn
add chain=input in-interface=wan2 action=mark-connection new-connection-mark=wan2_conn
add chain=output connection-mark=wan1_conn action=mark-routing new-routing-mark=to_wa1     
add chain=output connection-mark=wan1_conn action=mark-routing new-routing-mark=to_wa2     

/ ip route
add dst-address=0.0.0.0/0 gateway=10.10.10.1 routing-mark=to_wa1 
add dst-address=0.0.0.0/0 gateway=10.20.20.1 routing-mark=to_wa2
 
 
You can use asymmetric bandwidth links also  - for example one link is 
2Mbps other 10Mbps. Just use this command to make load balancing 1:5
 
/ ip route 
add dst-address=0.0.0.0/0 gateway=10.10.10.1,10.20.20.1,10.20.20.1,10.20.20.1,10.20.20.1,10.20.20.1 check-gateway=ping
 


Rule to redirect port 80 to mikrotik local proxy.


 


/ip firewall nat 


add action=redirect chain=dstnat comment=”Redirect port 80 request to Web 
Proxy” disabled=no dst-port=80 protocol=tcp to-ports=8080  


 


Enable Mikrotik local webproxy.



/ip proxy

set always-from-cache=no 
cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=yes 
enabled=yes max-cache-size=unlimited max-client-connections=600 
max-fresh-time=3d \ max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=no src-address=0.0.0.0



or 




Check this out: http://wiki.mikrotik.com/wiki/Manual:IP/Proxy




 


Rule to redirect request to squid proxy.


 





/ip firewall nat



add action=redirect chain=dstnat disabled=no dst-address=192.168.1.2 \



dst-port=80 protocol=tcp to-ports=8080 or 3128




 


  



 DNS issues

ISP specific DNS servers might have custom configuration that treats 
specific requests from ISP's network differently than requests from 
other network. So in case connection is made via other gateway those 
sites will not be accessible.


To avoid that we suggest to use 3rd-party (public) DNS servers, 
and in case you need ISP specific recourse, create static DNS entry and 
policy route that traffic to specific gateway.



Thanks to http://Wiki.mikrotik.com 


  




































Comments











Post a Comment



















Popular Posts