Thanks for the corporation.
I am using this method for the load Balancing and PCC Exempt. If you find
any thing wrong then please correct it for me.
/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255
interface=Local
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255
interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255
interface=WAN2
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB
max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection
new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection
new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing
new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing
new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.1.0/24 action=accept
in-interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept
in-interface=Local
add chain=prerouting dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:2/0
action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local
per-connection-classifier=both-addresses-and-ports:2/1
action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=Local
action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local
action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1
check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2
check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
I am using this for the PCC exemption.
To Exempt Any User IP from PCC Rule,
/ip firewall address-list
add list=usere-exempted-from-pcc address=192.168.0.24/32
Now create Mangle Rule to accept traffic from above list, then PCC will not
precess this user ip address , and Mikrotik will use the Default route for
this user Traffic. (We will add it later)
Example:
/ip firewall mangle
add action=accept chain=prerouting disabled=no
src-address-list=user-exempted-from-pcc
Adding Route for Un-Marked Traffic
You have to add Default ROUTE rule to tell Mikrotik to use this ROUTE as
default route for all other UNMARKED traffic not processed / marked by the
PCC. and in this route, you can bind exempted traffic request to always go
through Specific Link only.
/ip route
add comment=”Default Route For Un-Marked Traffic” disabled=no distance=3
dst-address=0.0.0.0/0 gateway=191.168.1.36 scope=30 target-scope=10
_______________________________________________
Mikrotik mailing list
[email protected]
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
