Scribd
Upload
21 views5 pages

PCC Config Running - Calltek2022

This document outlines a configuration for dual WAN load balancing using PCC (Per Connection Classifier) with failover capabilities. It details the mangle rules for marking connections and routing packets through two WAN interfaces based on connection marks, ensuring that local connections are not affected by load balancing. Additionally, it includes routing rules for monitoring gateways and implementing failover mechanisms to maintain connectivity even when one gateway is down.

Uploaded by

mudzramer.hayudini
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
21 views5 pages

PCC Config Running - Calltek2022

This document outlines a configuration for dual WAN load balancing using PCC (Per Connection Classifier) with failover capabilities. It details the mangle rules for marking connections and routing packets through two WAN interfaces based on connection marks, ensuring that local connections are not affected by load balancing. Additionally, it includes routing rules for monitoring gateways and implementing failover mechanisms to maintain connectivity even when one gateway is down.

Uploaded by

mudzramer.hayudini
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

DUAL WAN LOAD BALANCING USING PCC WITH FAIL

OVER

/ip firewall mangle

#interface of Local Area Network

add action=accept chain=prerouting disabled=no dst-


address=10.10.10.0/24 in-interface=ether1
add action=accept chain=prerouting disabled=no dst-
address=172.20.0.0/16 in-interface=ether1

Explanation: accept local connections para dili maapil sa pag


loadbalance

#interface of Wide Area Network

add action=mark-connection chain=input disabled=no in-


interface=wlan1 new-connection-mark=WAN1_mark
passthrough=yes
add action=mark-connection chain=input disabled=no in-
interface=ether5 new-connection-mark=WAN2_mark
passthrough=yes

Explanation: markahan ang incoming connections para ang exit


same interface lang sila mo balik, sticky – gamit pud sa monitor
ip using netwatch ug recursive
add action=mark-connection chain=prerouting disabled=no dst-
address-type=!local in-interface=ether1 new-connection-
mark=WAN1_mark passthrough=yes per-connection-
classifier=both-addresses-and-ports:2/0

add action=mark-connection chain=prerouting disabled=no dst-


address-type=!local in-interface=ether1 new-connection-
mark=WAN2_mark passthrough=yes per-connection-
classifier=both-addresses-and-ports:2/1

Explanation: markahan ang routes from LAN side para mabahin


sa PCC, same sa baraha pag deal. Need kuhaon ang ratio para
sa unequal speed nga ISP. Mao daun ang number of connection
share, not local para ma filter ang dili local connections ra ang
moagi sa PCC. Mao na ang mga connections ang destination ip
dili installed sa mikrotik (internet)

add action=mark-routing chain=prerouting connection-


mark=WAN1_mark disabled=no in-interface=ether1 new-
routing-mark=ISP1 passthrough=no

add action=mark-routing chain=prerouting connection-


mark=WAN2_mark disabled=no in-interface=ether1 new-
routing-mark=ISP2 passthrough=no
Explanation: ang na markahan nan ga packets e route na sa
specified gateway, diri nga part mosulod ang input chain para
mo sticky na daun ang connection

add action=mark-routing chain=output connection-


mark=ISP1_conn new-routing-mark=ISP1 out-interface=wlan1
passthrough=yes

add action=mark-routing chain=output connection-


mark=ISP2_conn new-routing-mark=ISP2 out-interface=ether5
passthrough=yes

add action=mark-routing chain=output comment="FOR


RECURSIVE FAILOVER OUTPUT" connection-mark=ISP2_conn
new-routing-mark=ISP2 out-interface=wlan1 passthrough=yes

add action=mark-routing chain=output connection-


mark=ISP1_conn new-routing-mark=ISP1 out-interface=ether5
passthrough=yes

Explanation: mo capture sa marked input packets para e route


same interface

/ip route
add dst-address=208.67.220.220 gateway=10.10.10.100
scope=10
add dst-address=208.67.222.222 gateway=172.20.1.1 scope=10
Explanation: force route to specific gateway para bisan down
ang gateway dili na siya mo failover sa default route

/ip route
add distance=1 gateway=208.67.220.220 routing-mark= ISP1
check-gateway=ping

add distance=1 gateway=208.67.222.222 routing-mark= ISP2


check-gateway=ping

#for ROUTING MARK FAILOVER


/ip route
add distance=2 gateway=208.67.220.220 routing-mark= ISP2
check-gateway=ping

add distance=2 gateway=208.67.222.222 routing-mark= ISP1


check-gateway=ping

Explanation: gamiton ang virtual hop as gateway naka check


gateway ping para ma monitor ang gateway ip if mo down mo
failover sa next available gateway nga same routing mark if
wala.. sa default route mo exit
/ip route
add dst-address=10.0.0.1 gateway=208.67.220.220 scope=10
target-scope=10 check-gateway=ping
add dst-address=10.0.0.2 gateway=208.67.222.222 scope=10
target-scope=10 check-gateway=ping

Explanation: 10.0.0.1 and 10.0.02 as monitor ip 208.67.220.220


and 208.67.220.220 are local gateways

/ip route
add distance=1 gateway=10.0.0.1 routing-mark= ISP1
add distance=2 gateway=10.0.0.2 routing-mark= ISP2

Explanation: virtual hop gigamit nga gateway base sa taas


granted ang monitor ip is an ip reachable outside sa network
with routing mark

/ip route
add distance=1 gateway=10.0.0.1
add distance=2 gateway=10.0.0.2

Explanation: default routes in case dili magamit ug routing mark


ang packet ma route gihapon successfully

You might also like