119. Mikrotik Loadbalancing and Prefer Route


You can contact me: plus.google.com/+PhallaCCMT; youtube.com/phallaccmt; facebook.com/Phalla.CCMT; twitter.com/PhallaCCMT and Phalla.CCMT@gmail.com

Script LoadBalancing:

/ip address
 add address=103.28.2.254/30 interface=ether1-WAN1
 add address=103.28.0.254/30 interface=ether2-WAN2
 add address=192.168.168.1/24 interface=bridge-LAN

/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=103.28.3.187,8.8.8.8

/ip firewall mangle
add chain=prerouting in-interface=bridge-LAN connection-state=new nth=2,1 action=mark-connection new-connection-mark=conn1 passthrough=yes comment="" disabled=no
add chain=prerouting in-interface=bridge-LAN connection-mark=conn1 action=mark-routing new-routing-mark=conn1 passthrough=no comment="" disabled=no

add chain=prerouting in-interface=bridge-LAN connection-state=new nth=2,2 action=mark-connection new-connection-mark=conn2 passthrough=yes comment="" disabled=no
add chain=prerouting in-interface=bridge-LAN connection-mark=conn2 action=mark-routing new-routing-mark=conn2 passthrough=no comment="" disabled=no

/ip firewall nat
add chain=srcnat action=masquerade out-interface=ether1-WAN1 comment="" disabled=no
add chain=srcnat action=masquerade out-interface=ether2-WAN2 comment="" disabled=no

/ip route
add dst-address=0.0.0.0/0 gateway=103.28.2.253 scope=255 target-scope=10 routing-mark=conn1 comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=103.28.0.253 scope=255 target-scope=10 routing-mark=conn2 comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=103.28.2.253 comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=103.28.0.253 comment="" disabled=no



Script Prefer Route

/ip firewall address-list
add address=17.253.82.0/23 comment=\
    --------------------------------------------------------------------Apple \
    list=WAN1-Pref_Add_lst
add address=104.66.0.0/20 comment="-------------------------------------------\
    -------------------------WhatIsMyipAddress" list=WAN1-Pref_Add_lst
add address=216.58.192.0/19 comment=\
    --------------------------------------------------------------------Utube \
    list=WAN2-Pref_Add_lst

/ip firewall mangle
add action=mark-connection chain=prerouting comment="-------------------------\
    -------------------------------------------Prefer route to WAN 1" \
    dst-address-list=WAN1-Pref_Add_lst in-interface=bridge-LAN \
    new-connection-mark=Pre_Route-WAN1 passthrough=yes
add action=mark-routing chain=prerouting comment="----------------------------\
    -----------------------------------------Prefer route to WAN 1" \
    connection-mark=Pre_Route-WAN1 in-interface=bridge-LAN new-routing-mark=\
    Pre_Route-WAN1 passthrough=no
add action=mark-connection chain=prerouting comment="-------------------------\
    -------------------------------------------Prefer route to WAN 2" \
    dst-address-list=WAN2-Pref_Add_lst in-interface=bridge-LAN \
    new-connection-mark=Pre_Route-WAN2 passthrough=yes
add action=mark-routing chain=prerouting comment="----------------------------\
    -----------------------------------------Prefer route to WAN 2" \
    connection-mark=Pre_Route-WAN2 in-interface=bridge-LAN new-routing-mark=\
    Pre_Route-WAN2 passthrough=no


/ip route
add distance=1 gateway=103.28.0.253 routing-mark=Pre_Route-WAN2
add distance=1 gateway=103.28.2.253 routing-mark=Pre_Route-WAN1


Previous
Next Post »

4 comments

Write comments
HKNGNC
AUTHOR
June 16, 2017 at 3:09 PM delete

dear Phallma
This type of balance is having trouble with https (443)web sites, For constant ip change We have log out from bank sites
Is there a solution to this problem?

Reply
avatar
Unknown
AUTHOR
November 19, 2017 at 7:26 PM delete

Hi Phalla, is there any way i can pick which one of the two want will the the active one?

Reply
avatar