Scribd
Upload
224 views

Load Balancing Using Mikrotik Router OS

The presentation discussed using load balancing and failover in RouterOS by utilizing techniques like ECMP, Nth load balancing, and PCC to distribute traffic across multiple internet connections. It provided details on setting up PCC rules to mark and route traffic through different WAN interfaces using hashing on source and destination addresses/ports. Considerations for using these methods with hotspots or additional WAN connections were also covered.

Uploaded by

AmbroseNdahura
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
224 views

Load Balancing Using Mikrotik Router OS

The presentation discussed using load balancing and failover in RouterOS by utilizing techniques like ECMP, Nth load balancing, and PCC to distribute traffic across multiple internet connections. It provided details on setting up PCC rules to mark and route traffic through different WAN interfaces using hashing on source and destination addresses/ports. Considerations for using these methods with hotspots or additional WAN connections were also covered.

Uploaded by

AmbroseNdahura
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 24

Load Balancing and Fail-Over in

Router Os
Presented By

Ambrose Ahurra
Simplifinetworks Ltd.
About Simplifinetworks
● Largest Mikrotik Routerboard Distributor in E/A.
● WiFi AP, PTP, PTMP, Security

Address : 13 C/A Luthuli Drive Bugolobi


● P.O Box : 25306, Kampala Uganda.

Mobile : +256 (0) 758 937 003

Address: Hillcrest Court, Hillcrest Drive, Karen


● P.O Box: 15097-00509, Nairobi Kenya
● Mobile: +254 (0) 727 401 262 /+254 (0) 737 296 186
About Presenter
● Router Os user since 2015
● Big fan of API..(php)
● First MUM :)
● Affiliation
– Simplifinetworks
– netLabsUG Research project @ Makerere University Kampala
Agenda
● Load Balancing

● SimplifiApp
Load Balancing...

● Hotspot provider
● Hotel /Office/Hostel/Hostel
● Apartments
Why
● Average speeds 2mb/2mb..slow.
● Always on requirement
● High Throughput need
● Cost considerations
Router OS options
● ECMP→ Equal Cost Multi path Routing
Traffic divided up per src-dst-address
combination.
Chances of traffic switching gateways when
routing tables are periodically flushed.
● Nth Load Balancing
Ties user to same source IP address (persistent
user sessions)
Router OS options

PCC→ Per Connection Classifier
Splits traffic into streams according to a set of options (src-address,
src-port, dst-address, dst-port) using a hashing algorithm.
For example:
PCC= Hash(dst-address-and-port)/Denominator-> Reminder
– Remainder=> 0-4294967295 (integer number)
– Denominator=> 1-4294967295 (integer number)
– ValuesToHash ::= both-addresses|both-ports|dst-address-and-port|
– src-address|src-port|both-addresses-and-ports|dst-address|dst-port|src-address-and-
port

If reminder equals X label connection 1/stream1


Router Os Options
What you need!!
● Mikrotik Routerboard -> RouterOs v3.48 &
above.
● 2 or more Internet connections.
– Wan1 192.168.30.2
– Wan2 192.168.42.2
– Lan 192.168.88.0/24
Set Up
Set Up
● Add addresses
● Accept traffic in the prerouting chain
1

/ ip address
add address=192.168.88.1/24 network=192.168.88.0 interface=bridge
add address= 192.168.30.2/24 network=192.168.30.0 interface=Wan1
add address=192.168.42.2/24 network=192.168.42.0 interface=Wan2
/ip firewall mangle
add action=accept chain=prerouting dst-address=192.168.42.0/24 in-interface=bridge
add action=accept chain=prerouting dst-address=192.168.30.0/24 in-interface=bridge
Set Up
● Mark traffic from the Internet to avoid replies using wrong
gateway.

/ip firewall mangle


add action=mark-connection chain=input connection-mark=no-mark in-interface=Wan1 new-connection-
mark=Wan1_conn passthrough=yes
add action=mark-connection chain=input connection-mark=no-mark in-interface=Wan2 new-connection-
mark=Wan2_conn passthrough=yes
Set Up
● Add the PCC rules in Ip mangle menu and mark connections
Set Up
/ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-
interface=bridge new-connection-mark=Wan1_conn passthrough=yes per-connection-classifier=both-
addresses-and-ports:2/0
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-
interface=bridge new-connection-mark=Wan2_conn passthrough=yes per-connection-classifier=both-
addresses-and-ports:2/1

● Add routing mark in prerouting and output chains

/ip firewall mangle


add action=mark-routing chain=prerouting connection-mark=Wan1_conn in-interface=bridge new-routing-
mark=to_Wan1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=Wan2_conn in-interface=bridge new-routing-
mark=to_Wan2 passthrough=no

add action=mark-routing chain=output connection-mark=Wan1_conn new-routing-mark=to_Wan1


add action=mark-routing chain=output connection-mark=Wan2_conn new-routing-mark=to_Wan2
Set Up
Masquerade Rule
● Add a masquerade rule for each Wan
connection in ip firewall nat;
/ip firewall nat
add action=masquerade chain=srcnat out-interface=Wan1
add action=masquerade chain=srcnat out-interface=Wan2
Set Up
● Routing Table
Set Up
● Connections
Set Up
● Traffic
Speed Test
Considerations
PCC with Hotspot
● See: https://wiki.mikrotik.com/wiki/Manual:Hotspot_with_PCC

Third WAN connection


● Just modify PCC rule and corresponding routing mark and default
route
/ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-
interface=bridge new-connection-mark=Wan1_conn passthrough=yes per-connection-classifier=both-
addresses-and-ports:3/0
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-
interface=bridge new-connection-mark=Wan2_conn passthrough=yes per-connection-classifier=both-
addresses-and-ports:3/1

add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local in-


interface=bridge new-connection-mark=Wan3_conn passthrough=yes per-connection-classifier=both-
addresses-and-ports:3/2
Resources
● https://wiki.mikrotik.com/wiki/Manual:PCC
● https://wiki.mikrotik.com/wiki/ECMP_load_balancing_with_mas
querade
● https://mum.mikrotik.com/presentations/US12/steve.pdf

You might also like