Re: [WISPA] MikroTik as Load Balancer?
I found that load balancing in a NAT environment was much better handled with PCC. Might not fit for you, Just something to look at. http://wiki.mikrotik.com/wiki/PCC Nick Olsen Network Operations (855) FLSPEED x106 From: "Rubens Kuhl" Sent: Sunday, February 13, 2011 9:01 PM To: "WISPA General List" Subject: Re: [WISPA] MikroTik as Load Balancer? > I was playing around with a spare rb433 doing something similar to what > you just posted (nth+conn-mark rules) but, things were not working > properly. I noticed my connections were really really slow, I don't know > if I did something wrong. It's very easy to do something wrong in such kind of setup. Look first to counters using Winbox while generating traffic (both connected and new connections); if that doesn't show what's wrong, packet captures are the next resource. > One other thing, how about fail over? If one line goes out would the > other 3 work and that other line would be ignored until is back up? How > can that be done? A route on RouterOS have a check_gateway attribute, and usually arp or ping dies when the line dies. You can go further than that by using scripts like the ones in http://wiki.mikrotik.com/wiki/ECMP_Failover_Script in order to kill a line when something dies beyond the last-mile hop. / ip route add dst-address=0.0.0.0/0 gateway=Uplink-A scope=255 target-scope=10 routing-mark=Route-Mark-A comment="" disabled=no check_gateway=ping / ip route add dst-address=0.0.0.0/0 gateway=Uplink-B scope=255 target-scope=10 routing-mark=Route-Mark-B comment="" disabled=no check_gateway=ping / ip route add dst-address=0.0.0.0/0 gateway=Uplink-A scope=255 target-scope=10 comment="" disabled=no check_gateway=ping distance=2 / ip route add dst-address=0.0.0.0/0 gateway=Uplink-B scope=255 target-scope=10 comment="" disabled=no check_gateway=ping distance=2 Note that when Uplink-A dies, the traffic with Route-Mark-A will match the last route to Uplink-B because the two routes to Uplink-A will be disabled by check_gateway (and be brought back when it comes up). Rubens > I would also love to prioritize traffic, SYN ACK flags and DNS be on the > highest priority, etc... > > I know is too much but, would like to do something like that, I don't > know if all these are doable at the same time. You first need to move the queues back to Mikrotik, as it usually sees your ADSL/Cable line as 100 Mbps that won't ever be congested. Shaping the outbound interfaces to actual ADSL uplink is the starting point, and it's doable at the same time. The complexity of the ruleset will increase, so I recommend doing all the load-balancing + fail-over stuff, and then moving to QoS. WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] MikroTik as Load Balancer?
> I was playing around with a spare rb433 doing something similar to what > you just posted (nth+conn-mark rules) but, things were not working > properly. I noticed my connections were really really slow, I don't know > if I did something wrong. It's very easy to do something wrong in such kind of setup. Look first to counters using Winbox while generating traffic (both connected and new connections); if that doesn't show what's wrong, packet captures are the next resource. > One other thing, how about fail over? If one line goes out would the > other 3 work and that other line would be ignored until is back up? How > can that be done? A route on RouterOS have a check_gateway attribute, and usually arp or ping dies when the line dies. You can go further than that by using scripts like the ones in http://wiki.mikrotik.com/wiki/ECMP_Failover_Script in order to kill a line when something dies beyond the last-mile hop. / ip route add dst-address=0.0.0.0/0 gateway=Uplink-A scope=255 target-scope=10 routing-mark=Route-Mark-A comment="" disabled=no check_gateway=ping / ip route add dst-address=0.0.0.0/0 gateway=Uplink-B scope=255 target-scope=10 routing-mark=Route-Mark-B comment="" disabled=no check_gateway=ping / ip route add dst-address=0.0.0.0/0 gateway=Uplink-A scope=255 target-scope=10 comment="" disabled=no check_gateway=ping distance=2 / ip route add dst-address=0.0.0.0/0 gateway=Uplink-B scope=255 target-scope=10 comment="" disabled=no check_gateway=ping distance=2 Note that when Uplink-A dies, the traffic with Route-Mark-A will match the last route to Uplink-B because the two routes to Uplink-A will be disabled by check_gateway (and be brought back when it comes up). Rubens > I would also love to prioritize traffic, SYN ACK flags and DNS be on the > highest priority, etc... > > I know is too much but, would like to do something like that, I don't > know if all these are doable at the same time. You first need to move the queues back to Mikrotik, as it usually sees your ADSL/Cable line as 100 Mbps that won't ever be congested. Shaping the outbound interfaces to actual ADSL uplink is the starting point, and it's doable at the same time. The complexity of the ruleset will increase, so I recommend doing all the load-balancing + fail-over stuff, and then moving to QoS. WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] MikroTik as Load Balancer?
On Sun, 2011-02-13 at 20:29 -0200, Rubens Kuhl wrote: > On Sun, Feb 13, 2011 at 7:27 PM, Optimum Wireless Services > wrote: > > Hello. > > > > I was thinking of using MikroTik rb450g to balance four 5mbps/1mbps dsl > > lines to replace TP-Link TL-R480+ which locks up from time to time. > > > > Just wanted to know how many of you use MT routerOS for load balancing > > and how is working out for you. > > You could use RB-750 which is much cheaper than RB-450G to balance > that little traffic, or RB-750G if you want to have room for growth. > It works just fine... nth+conn-mark rules can provide very good > per-connection load-balancing, and the quirks of some sites/networks > that require to use fail-over instead of load-balancing are also > doable. > > I really prefer building blocks instead of final products to do > loadbalancing stuff, as there will always be another thing that > doesn't mix up with it and you can always make it work. > > For two uplinks, it would look like this: > > 0 chain=prerouting action=mark-routing new-routing-mark=RotaGrupoA > passthrough=no in-interface=LAN > connection-mark=ConexaoGrupoA > > 1 chain=prerouting action=mark-routing new-routing-mark=RotaGrupoB > passthrough=no in-interface=LAN > connection-mark=ConexaoGrupoB > > 2 chain=prerouting action=mark-connection new-connection-mark=ConexaoGrupoA > passthrough=yes in-interface=LAN nth=2,1 > > 3 chain=prerouting action=mark-routing new-routing-mark=RotaGrupoA > passthrough=no in-interface=LAN > connection-mark=ConexaoGrupoA > > 4 chain=prerouting action=mark-connection new-connection-mark=ConexaoGrupoB > passthrough=yes in-interface=LAN > > 5 chain=prerouting action=mark-routing new-routing-mark=RotaGrupoB > passthrough=no in-interface=LAN > > (and then two default routes, each one tiead to one of the routing marks) > > Four uplinks require more chains with nth=4,1 then nth=3,1, then > nth=2,1 and then the last uplink. You will also need the "no > load-balance" rules prior to this rule group doing some form of > fail-over. > > > Rubens Thanks Rubens for your reply. I was playing around with a spare rb433 doing something similar to what you just posted (nth+conn-mark rules) but, things were not working properly. I noticed my connections were really really slow, I don't know if I did something wrong. One other thing, how about fail over? If one line goes out would the other 3 work and that other line would be ignored until is back up? How can that be done? I would also love to prioritize traffic, SYN ACK flags and DNS be on the highest priority, etc... I know is too much but, would like to do something like that, I don't know if all these are doable at the same time. Any suggestions? WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] MikroTik as Load Balancer?
On Sun, Feb 13, 2011 at 7:27 PM, Optimum Wireless Services wrote: > Hello. > > I was thinking of using MikroTik rb450g to balance four 5mbps/1mbps dsl > lines to replace TP-Link TL-R480+ which locks up from time to time. > > Just wanted to know how many of you use MT routerOS for load balancing > and how is working out for you. You could use RB-750 which is much cheaper than RB-450G to balance that little traffic, or RB-750G if you want to have room for growth. It works just fine... nth+conn-mark rules can provide very good per-connection load-balancing, and the quirks of some sites/networks that require to use fail-over instead of load-balancing are also doable. I really prefer building blocks instead of final products to do loadbalancing stuff, as there will always be another thing that doesn't mix up with it and you can always make it work. For two uplinks, it would look like this: 0 chain=prerouting action=mark-routing new-routing-mark=RotaGrupoA passthrough=no in-interface=LAN connection-mark=ConexaoGrupoA 1 chain=prerouting action=mark-routing new-routing-mark=RotaGrupoB passthrough=no in-interface=LAN connection-mark=ConexaoGrupoB 2 chain=prerouting action=mark-connection new-connection-mark=ConexaoGrupoA passthrough=yes in-interface=LAN nth=2,1 3 chain=prerouting action=mark-routing new-routing-mark=RotaGrupoA passthrough=no in-interface=LAN connection-mark=ConexaoGrupoA 4 chain=prerouting action=mark-connection new-connection-mark=ConexaoGrupoB passthrough=yes in-interface=LAN 5 chain=prerouting action=mark-routing new-routing-mark=RotaGrupoB passthrough=no in-interface=LAN (and then two default routes, each one tiead to one of the routing marks) Four uplinks require more chains with nth=4,1 then nth=3,1, then nth=2,1 and then the last uplink. You will also need the "no load-balance" rules prior to this rule group doing some form of fail-over. Rubens WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
[WISPA] MikroTik as Load Balancer?
Hello. I was thinking of using MikroTik rb450g to balance four 5mbps/1mbps dsl lines to replace TP-Link TL-R480+ which locks up from time to time. Just wanted to know how many of you use MT routerOS for load balancing and how is working out for you. Thanks. WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
