Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB
Following is a complete script for Mikrotik to combine/load balance two DSL lines. In this example I used MikrotikT RB750 5 ports router.
2 ports were connected with two difference DSL Routers,
and 3rd port was connected with User LAN.
Both DSL are of same speed , i.e 10Mb each.
DSL MODEM IP’S
DSL MODEM 1 = 192.168.1.1
DSL MODEM 2 = 192.168.2.1
Also don’t forget to rename the interface names accordingly.
In my personnel experience , If users request are directly hitting Mikrotik configured with PCC , then you will get good load balancing. Use src-address as classifier, this way you will get rid of problems like https/broken link, streaming issues etc. Load balancing using this PCC technique (src-address) will be effective and balanced approach when more and more connections (from clients) that occurred. I also recommend to use SQUID proxy server along with mikrotik , either parallel or in front or backend , for better response time and it will also increase good browsing experience to users.
If somehow you are not satisfied with the src-address approach,play with the PCC-Classifier, then Try both addresses and ports as the classifier. While this will randomize things the most and in theory give you the most fair allocation of bandwidth, BUT there is also a good chance that it will break certain things like banking web sites and some forums. This is because often times a HTTP requests will generate several connections, so there is a chance that some requests may go out a different route than the initial one, and that will break secure web sites. For that reason I usually stick with src-address for PCC load balancing.
Regard’s
Syed Jahanzaib
/ip address add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1 add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2 /ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8 /ip firewall mangle add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1 add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2 add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1 add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2 /ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping /ip firewall nat add chain=srcnat out-interface=WAN1 action=masquerade add chain=srcnat out-interface=WAN2 action=masquerade
All Done ! Now Test the link by putting user load, the more multiple users load you put on it, the better Load Balance result you will get 
PCC WITH UN-EQUAL WAN LINKS
If you have Un-Equal WAN Links, for example WAN,1 is of 4MB and WAN,2 is of 8 Mb, and you want to force MT to use WAN42link more then other because of its capacity, Then you have to Add more PCC rules assigning the same two marks to a specific link i.e WAN2 , something like
Code:
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/2 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
PCC WITH HOTSPOT (Reference)
/ip firewall nat add action=accept chain=pre-hotspot disabled=no dst-address-type=!local hotspot=auth
٩(●̮̮̃•̃)۶ ZaiB ٩(●̮̮̃•̃)۶
hi
plz contact me…..
and tell me where you live……
am Shahzad form pakistan/multan
my phone number # 0092312-6460823
Comment by shahzad — July 31, 2011 @ 5:42 AM
You can contact me at my email address.
aacable [at] hotmail.com / 0092333.xxxxxxx
Comment by Pinochio / zaib — July 31, 2011 @ 6:05 AM
How can i achieve load balancing with these typr of setup.
2 wan and 1 hotspot LAN.
normal web/light browsing traffic should be directed to WAN1 while heavy and other traffic should go to WAN 2.
Comment by Collins — August 1, 2011 @ 3:26 PM
You have to do policy base load balancing.
or you can mark packets for specific traffic and route it to your desired WAN link.
Comment by Pinochio / zaib — August 4, 2011 @ 6:03 AM
i am also enabled proxy because WAN1 is billing me based on volume of data i use.
Comment by Collins — August 1, 2011 @ 4:01 PM
hello sir i am aman can you help me how mikrotik load balasing and modem setting what is your mobile no and your E-mail
Comment by Aman Manifarooqi — August 1, 2011 @ 4:05 PM
plz sir help me
Comment by Aman Manifarooqi — August 1, 2011 @ 4:06 PM
my name is Aman farooqi plz you help me from pakistan RAWAlpindi mikrotik load balascing how make and how modem settend
Comment by Aman Manifarooqi — August 1, 2011 @ 4:11 PM
you can contact me at
aacable at hotmail.com
Comment by Pinochio / zaib — August 4, 2011 @ 6:03 AM
/ ip address
add address=1.1.0.5/24 network=1.1.0.0 broadcast=1.1.0.255 interface=Local comment=”" disabled=no
add address=10.0.0.10/24 network=10.0.0.0 broadcast=10.0.0.255 interface=wan1 comment=”" disabled=no
add address=7.7.7.10/24 network=7.7.7.0 broadcast=7.7.7.255 interface=wan2 comment=”" disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=2,1 action=mark-connection new-connection-mark=conn1 passthrough=yes comment=”" disabled=no
add chain=prerouting in-interface=Local connection-mark=conn1 action=mark-routing new-routing-mark=conn1 passthrough=no comment=”" disabled=no
add chain=prerouting in-interface=Local connection-state=new nth=1,1 action=mark-connection new-connection-mark=conn2 passthrough=yes comment=”" disabled=no
add chain=prerouting in-interface=Local connection-mark=conn2 action=mark-routing new-routing-mark=conn2 passthrough=no comment=”" disabled=no
/ ip firewall nat
add chain=srcnat connection-mark=conn1 action=masquerade out-interface=wan1 comment=”" disabled=no
add chain=srcnat connection-mark=conn2 action=masquerade out-interface=wan2 comment=”" disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=10.0.0.138 scope=255 target-scope=10 routing-mark=conn1 comment=”" disabled=no
add dst-address=0.0.0.0/0 gateway=7.7.7.7 scope=255 target-scope=10 routing-mark=conn2 comment=”" disabled=no
Comment by Aman Manifarooqi — August 4, 2011 @ 11:21 PM
ware is this problam khaa par masllha ho sakta hai kia modem ki setting bhi karni hai aghr karni hai to kia ya is main problam, hai
Comment by Aman Manifarooqi — August 4, 2011 @ 11:25 PM
/ ip address
add address=1.1.0.5/24 network=1.1.0.0 broadcast=1.1.0.255 interface=Local comment=”" disabled=no
add address=1.1.0.77/24 network=1.1.0.0 broadcast=1.1.0.255 interface=wan1 comment=”" disabled=no
add address=5.5.5.1/24 network=5.5.5.0 broadcast=5.5.5.255 interface=wan2 comment=”" disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=2,1 action=mark-connection new-connection-mark=conn1 passthrough=yes comment=”" disabled=no
add chain=prerouting in-interface=Local connection-mark=conn1 action=mark-routing new-routing-mark=conn1 passthrough=no comment=”" disabled=no
add chain=prerouting in-interface=Local connection-state=new nth=1,1 action=mark-connection new-connection-mark=conn2 passthrough=yes comment=”" disabled=no
add chain=prerouting in-interface=Local connection-mark=conn2 action=mark-routing new-routing-mark=conn2 passthrough=no comment=”" disabled=no
/ ip firewall nat
add chain=srcnat connection-mark=conn1 action=masquerade out-interface=wan1 comment=”" disabled=no
add chain=srcnat connection-mark=conn2 action=masquerade out-interface=wan2 comment=”" disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=1.1.0.5 scope=255 target-scope=10 routing-mark=conn1 comment=”" disabled=no
add dst-address=0.0.0.0/0 gateway=5.5.5.1 scope=255 target-scope=10 routing-mark=conn2 comment=”" disabled=no
Comment by Aman Manifarooqi — August 5, 2011 @ 6:57 PM
First turn off dhcp server seetings in modem than try…good luck
Comment by Faisal — August 13, 2011 @ 10:31 PM
ab yeh sahi kar bhi liya hai tab bhi net nahi chal rahaa hai plz help me ab kia karo yeh load balasing is liye kar rha hoo is se net ki 4mb aur 4mb ke speed 8 ati hai is liye plz ab dekhye kia karoblam hai
Comment by Aman Manifarooqi — August 5, 2011 @ 6:59 PM
This is nth base load balancing which will give you some problems in steaming , https web sites etc. but try it anyways since its the simplest way to do load balance.
Make some changes to your ip scheme.
Change ‘Local’ interface ip to 10.0.0.1
Change ‘WAN1′ ip to 192.168.1.1
Change ‘WAN2′ ip to 192.168.2.1
Change ‘WAN1′ DSL ROUTER LAN ip to 192.168.1.2
Change ‘WAN2′ DSL ROUTER LAN ip to 192.168.2.2
Now moving on to script.
/ ip address
add address=10.0.0.1 network=10.0.0.0 broadcast=10.0.0.255 interface=Local comment=”" disabled=no
add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=wan1 comment=”" disabled=no
add address=192.168.2.1/24 network=192.168.2.0 broadcast=192.168.2.255 interface=wan2 comment=”" disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=2,1 action=mark-connection new-connection-mark=conn1 passthrough=yes comment=”" disabled=no
add chain=prerouting in-interface=Local connection-mark=conn1 action=mark-routing new-routing-mark=conn1 passthrough=no comment=”" disabled=no
add chain=prerouting in-interface=Local connection-state=new nth=1,1 action=mark-connection new-connection-mark=conn2 passthrough=yes comment=”" disabled=no
add chain=prerouting in-interface=Local connection-mark=conn2 action=mark-routing new-routing-mark=conn2 passthrough=no comment=”" disabled=no
/ ip firewall nat
add chain=srcnat connection-mark=conn1 action=masquerade out-interface=wan1 comment=”" disabled=no
add chain=srcnat connection-mark=conn2 action=masquerade out-interface=wan2 comment=”" disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.2 scope=255 target-scope=10 routing-mark=conn1 comment=”" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.2.2 scope=255 target-scope=10 routing-mark=conn2 comment=”" disabled=no
Comment by Pinochio / zaib — August 6, 2011 @ 6:32 AM
would you please give me Mikrotik DUAL WAN Load Balancing using PCC method in simple word i need 4WAN merging
Comment by zain ul abdin — January 26, 2012 @ 4:16 PM
Can you be more specific what you meant by ‘Simple Words’
The tutorial is complete reference guide. You can use it and modify it according to your need.
Comment by Syed Jahanzaib / Pinochio~:) — January 27, 2012 @ 11:23 AM
thnaks you it is work
Comment by Aman Manifarooqi — August 15, 2011 @ 11:06 PM
plz sir help me how pcc load balasing 3.22
Comment by Aman Manifarooqi — August 15, 2011 @ 11:08 PM
I have implemented DUAL (2) WAN Load Balancing using PCC method and it is working fine without hotspot. But I want to implement this PCC method with hotspot service. Please let me know what I should do now.
Comment by Kafi — August 22, 2011 @ 11:45 AM
Dear Kafi,
I have never tested load balancing with HOTSPOT scenario, but what I have heard or read at forums, hotspot messes with load balancing method. But give it a try and share your experience with us.
Comment by Pinochio / zaib — August 22, 2011 @ 11:51 AM
Salam bhai
see pics below is this possible or not
http://forum.mikrotik.com/download/file.php?id=7740
http://forum.mikrotik.com/download/file.php?id=7739
http://forum.mikrotik.com/download/file.php?id=7738
Comment by usmans — August 23, 2011 @ 12:49 PM
Yes this is very much possible achieving this kind of load balancing. Even RRD can get equal LB, but I will not recommend you to use RDD base algorithm as it have some issues with many sites n protocols. Use PCC instead.
Just make sure that all users are hitting Mikrotik directly (where PCC is configured)
The more users load you put on PCC, the better load balancing you will be able to get.
Comment by Pinochio / zaib — August 24, 2011 @ 10:50 AM
Wow…. Amazing..
How to do this with 2 WAN only?
Comment by Danish Jamil — April 3, 2012 @ 1:52 PM
bhai mai ny 2 pc mai mikrotik install kia hai 1 mai load balancing ki hai aur dosry mai user add hai aur per connetion classifier ko ma ny dst address pa set kia hai. kia yeh sahi hai yaha is sy b better ho akta hai…..
dsl1
dsl2———–mikrotik pcc (dst address)——–mikrotik pppoe server——-clients
dsl3
Comment by usmans — August 28, 2011 @ 1:01 AM
dst-address works fine too. All depend on your usage scenario.
You can configure pcc and pppoe on the same server. in this way you can use src-address as your classifier.
Comment by Pinochio / zaib — August 28, 2011 @ 10:54 AM
bhai agar mai pcc aur pppoe same sever mai configure karta ho to jab mai us mai thunder cache ka mangle rule add karta ho to wo work nai karta…is liy mai 2 server use kar raha ho….
Comment by usmans — August 28, 2011 @ 2:07 PM
Great to use PCC to load balance, but I don’t know I’m using nth is better at my network…
Comment by another mikrotik tips — September 24, 2011 @ 9:30 AM
PCC is a very customizable and enhanced version of Load balancing as compared to NTH . Using PCC you can get rid of many problems found in NTH, for example, broken http/https link, streaming issues and some others. (Using pcc with src-address as classifier.)
Anyhow if NTH is fulfilling your requirements and you are satisfied with the results, you can stick with it as loon as it doesn’t bother you
Comment by Pinochio~:) — September 24, 2011 @ 10:30 AM
im having one wan link- 4 Mb ,another one is 2Mb,
is it is possible to loadbalance with pcc
Comment by tamilmaran — October 28, 2011 @ 8:31 AM
yes you can,
Just give create more pcc rule to give priority to 4mb rule, so 2mb will be used twice as compare to 2 mb, to get some balanced load balancing.
Comment by Pinochio~:) — October 28, 2011 @ 12:33 PM
Hi,
I also have rb750. Now I want to do load balancing on 2 dsl lines. How will I know that port 1 is Local, port 2 is WAN1 ans so on?
Also for WAN1 dsl is the ip address 192.168.1.1?
And for WAN2 dsl is the ip address 192.168.2.1?
Comment by Nouman Aziz — November 12, 2011 @ 4:59 PM
You can check port status by various ways.
Following command will blink the port light.
/interface ethernet blink ether1
OR
/interface ethernet monitor ether1
/interface ethernet monitor ether2
/interface ethernet monitor ether3
Comment by Pinochio~:) — November 14, 2011 @ 10:38 AM
dear sir,
i want to implement fcc method with pppoe server in 1mikrotik OS x86 pc…..
how to do that?
kindly help me ASAP……;)
Comment by fareed — November 16, 2011 @ 9:14 AM
PCC with PPPoE Server on single Mikrotik Server. Read the following link
http://aacable.wordpress.com/2011/08/29/mikrotik-4-wan-load-balancing-using-pcc-with-pppoe-server-complete-script/
Comment by Pinochio~:) — November 16, 2011 @ 10:33 AM
i have 2 Satellite internet connections and i want to do loadbalancing and i have 2 diffrent public ips.
Comment by fareed — November 16, 2011 @ 9:17 AM
Thankx For Help ……………………
Comment by Mazhar Sheikh — November 16, 2011 @ 3:28 PM
3 wan load balancing, no need to set static IP to the interfaces;
multiple ADSL services and the Mikrotik PCC rules along with some inbound mangling to allow a single router to load balance traffic across as many non bonded links as required.
credits to: http://www.mikrotik-routeros.com/?p=12
Note that none of this config requires the use of IP addresses at all, as it simply uses the pppoe-client interfaces and your lan interface to mark traffic. In my example wan1-pppoe,wan2-pppoe,wan3-pppoe are used and lan
/ip route
add check-gateway=arp comment=”WAN 3 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan3
add check-gateway=arp comment=”WAN 2 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan2
add check-gateway=arp comment=”WAN 1 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan1
add check-gateway=arp comment=”WAN 1 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan1
add check-gateway=arp comment=”WAN 2 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan2
add check-gateway=arp comment=”WAN 3 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan3
add check-gateway=arp comment=”WAN 1 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan1
add check-gateway=arp comment=”WAN 2 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan2
add check-gateway=arp comment=”WAN 3 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan3
add check-gateway=arp comment=”Default Route – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe
add check-gateway=arp comment=”Default Route – Distance 2″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe
add check-gateway=arp comment=”Default Route – Distance 3″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe
add check-gateway=arp comment=”Static Route – WAN1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=static-wan1
add check-gateway=arp comment=”Static Route – WAN2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=static-wan2
add check-gateway=arp comment=”Static Route – WAN3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=static-wan3
/ip firewall mangle
add action=mark-connection chain=input comment=”Mark new inbound connection wan1″ connection-state=new disabled=no in-interface=wan1-pppoe new-connection-mark=wan1 \
passthrough=yes
add action=mark-connection chain=input comment=”Mark new inbound connection wan2″ connection-state=new disabled=no in-interface=wan2-pppoe new-connection-mark=wan2 \
passthrough=yes
add action=mark-connection chain=input comment=”Mark new inbound connection wan3″ connection-state=new disabled=no in-interface=wan3-pppoe new-connection-mark=wan3 \
passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark established inbound connection wan1″ connection-state=established disabled=no in-interface=wan1-pppoe \
new-connection-mark=wan1 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark established inbound connection wan2″ connection-state=established disabled=no in-interface=wan2-pppoe \
new-connection-mark=wan2 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark established inbound connection wan3″ connection-state=established disabled=no in-interface=wan3-pppoe \
new-connection-mark=wan3 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark related inbound connection wan1″ connection-state=related disabled=no in-interface=wan1-pppoe \
new-connection-mark=wan1 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark related inbound connection wan2″ connection-state=related disabled=no in-interface=wan2-pppoe \
new-connection-mark=wan2 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark related inbound connection wan3″ connection-state=related disabled=no in-interface=wan3-pppoe \
new-connection-mark=wan3 passthrough=yes
add action=mark-routing chain=output comment=”Mark new inbound route wan1″ connection-mark=wan1 disabled=no new-routing-mark=static-wan1 passthrough=no
add action=mark-routing chain=output comment=”Mark new inbound route wan2″ connection-mark=wan2 disabled=no new-routing-mark=static-wan2 passthrough=no
add action=mark-routing chain=output comment=”Mark new inbound route wan3″ connection-mark=wan3 disabled=no new-routing-mark=static-wan3 passthrough=no
add action=mark-connection chain=prerouting comment=”Mark traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=new disabled=no \
dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting comment=”Mark traffic that isn’t local with PCC mark rand (3 possibilities) – option 2″ connection-state=new disabled=no \
dst-address-type=!local in-interface=lan new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting comment=”Mark traffic that isn’t local with PCC mark rand (3 possibilities) – option 3″ connection-state=new disabled=no \
dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/2
add action=mark-connection chain=prerouting comment=”Mark established traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=\
established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=\
both-addresses:3/0
add action=mark-connection chain=prerouting comment=”Mark established traffic that isn’t local with PCC mark rand (3 possibilities) – option 2″ connection-state=\
established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=\
both-addresses:3/1
add action=mark-connection chain=prerouting comment=”Mark established traffic that isn’t local with PCC mark rand (3 possibilities) – option 3″ connection-state=\
established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=\
both-addresses:3/2
add action=mark-connection chain=prerouting comment=”Mark related traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=related \
disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting comment=”Mark related traffic that isn’t local with PCC mark rand (3 possibilities) – option 2″ connection-state=related \
disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting comment=”Mark related traffic that isn’t local with PCC mark rand (3 possibilities) – option 3″ connection-state=related \
disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/2
add action=mark-routing chain=prerouting comment=”Mark routing for PCC mark – option 1″ connection-mark=wan1_pcc_conn disabled=no new-routing-mark=wan1 passthrough=\
yes
add action=mark-routing chain=prerouting comment=”Mark routing for PCC mark – option 2″ connection-mark=wan2_pcc_conn disabled=no new-routing-mark=wan2 passthrough=\
yes
add action=mark-routing chain=prerouting comment=”Mark routing for PCC mark – option 3″ connection-mark=wan3_pcc_conn disabled=no new-routing-mark=wan3 passthrough=\
yes
Comment by adrian — November 26, 2011 @ 7:25 AM
is is working OK to me, after I modified a bit to use only 2 wans on my router
Comment by adrian — November 26, 2011 @ 7:29 AM
Jahanzaib Bhai I need your help Would you…………….
Comment by Umair Hanif — December 4, 2011 @ 8:28 PM
Regarding ???
Comment by Pinochio~:) — December 7, 2011 @ 10:42 AM
i have mikrotik 3.22 and i want to use 2 WAN link load balancing
Comment by umair — December 13, 2011 @ 11:03 PM
You need at least ver 3.30 for pcc base load balancing.
Comment by Pinochio~:) — December 14, 2011 @ 10:42 AM
I have upgraded to version 3.30
Comment by umair — December 14, 2011 @ 11:46 PM
These are great scripts, but could you possibly explain how to change the gateway check to check a remote IP address rather than the gateway IP address (for instances where the DSL line may be down, but the modem still up) – im sure its not as easy as just changing the ip address in the check?
Comment by David — December 22, 2011 @ 4:26 PM
You are right, its not that easy to integrate netwatch with the PCC.
I stopped working on this script long time ago. I will do some r&d on it and will update the article accordingly.
Comment by Pinochio~:) — December 23, 2011 @ 10:59 AM
Hi,
Sir I have done dual wan load balancing on MK RB750 v 5.9. I have two 4 mbps connection.
The problem I am facing is the second dsl line is not much is use. Sometimes I get 7-8 mB speed but sometimes it drops out so I just left with the 4MB.
Any thoughts or suggestions?
Thanks.
Comment by Nouman Aziz — December 23, 2011 @ 1:05 AM
If ‘sometimes’ you able to get 7-8 mbps , then your PCC is configure okay.
what classifier are you using?
Comment by Pinochio~:) — December 23, 2011 @ 10:57 AM
I am using Dst.Address for both lines.
Comment by Nouman Aziz — December 25, 2011 @ 12:10 AM
It will happen if you use dst-address, for example if there are 10 online users and 8 of them are using you tube.com, then PCC will bind you-tube at first dsl link, and other web at other link.
You have to read a lot on PCC classifier, goto wiki and read thoroughly then play with this option.
Comment by Pinochio~:) — December 25, 2011 @ 9:44 AM
So which classifier should I use?
Comment by Nouman Aziz — December 25, 2011 @ 10:09 AM
Can you please explain me which classifier do I change and how?
Thanks.
Comment by Nouman Aziz — December 25, 2011 @ 12:43 PM
Dear Noman,
I guess its time for you to do some research and read teh mikrotik wiki on How PCC works. Please start with this one and you will get idea on which classifier is best for you.
http://wiki.mikrotik.com/wiki/How_PCC_works_(beginner)
After all its your network and you have to decide what classifer to use depends on your network usage. Please Read, Read and Read.
Comment by Pinochio~:) — December 25, 2011 @ 10:17 PM
ok Thanks/.
Comment by Nouman — December 26, 2011 @ 1:04 AM
sir muhe yee bataye ke x86 main bhi pcc load balasing ho sakti hai
Comment by noman — December 31, 2011 @ 7:20 PM
It doesn’t matter what architecture you use , you can do it on x86 or any RB.
Just make sure you use ver 3.30 or above.
preferably latest 5.x series.
Comment by Pinochio~:) — December 31, 2011 @ 9:17 PM
min ne computer par install kia hai mikrotik ko pcc load balasing chaliy gi
Comment by noman — December 31, 2011 @ 9:23 PM
yes if u configure it properly.
Comment by Syed Jahanzaib / Pinochio~:) — January 2, 2012 @ 9:59 AM
Sir, This load balancing works great when we put a load on it (browse heavy site, or watch youtube). Is there any way to keep both WAN’s alive and working equally.
For example even when we browse lite sites it should use both lines 50/50.
Thanks
Comment by nominet — January 4, 2012 @ 3:45 PM
Try using different classifier.
There are 8 various, test which one works for you best
Comment by Syed Jahanzaib / Pinochio~:) — January 4, 2012 @ 4:03 PM
I have tried them and I liked ‘scr-address’ and ‘both-addresses and ports’ one.
Comment by Nouman — January 5, 2012 @ 12:26 AM
Sir what is failover?
Comment by Ayoob — January 6, 2012 @ 1:30 AM
‘Failover’ It will always check the modem status before sending any packets, If the modem is not reachable it will not send the packets.
Comment by Syed Jahanzaib / Pinochio~:) — January 6, 2012 @ 10:55 AM
I want to add another WAN3 with the ip 192.168.3.1
Can you please write a script for me thanks.
Comment by Asad — January 6, 2012 @ 11:27 AM
/ip route
add check-gateway=arp comment=”WAN 3 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan3
add check-gateway=arp comment=”WAN 2 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan2
add check-gateway=arp comment=”WAN 1 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan1
add check-gateway=arp comment=”WAN 1 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan1
add check-gateway=arp comment=”WAN 2 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan2
add check-gateway=arp comment=”WAN 3 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan3
add check-gateway=arp comment=”WAN 1 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan1
add check-gateway=arp comment=”WAN 2 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan2
add check-gateway=arp comment=”WAN 3 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan3
add check-gateway=arp comment=”Default Route – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe
add check-gateway=arp comment=”Default Route – Distance 2″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe
add check-gateway=arp comment=”Default Route – Distance 3″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe
add check-gateway=arp comment=”Static Route – WAN1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=static-wan1
add check-gateway=arp comment=”Static Route – WAN2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=static-wan2
add check-gateway=arp comment=”Static Route – WAN3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=static-wan3
/ip firewall mangle
add action=mark-connection chain=input comment=”Mark new inbound connection wan1″ connection-state=new disabled=no in-interface=wan1-pppoe new-connection-mark=wan1 \
passthrough=yes
add action=mark-connection chain=input comment=”Mark new inbound connection wan2″ connection-state=new disabled=no in-interface=wan2-pppoe new-connection-mark=wan2 \
passthrough=yes
add action=mark-connection chain=input comment=”Mark new inbound connection wan3″ connection-state=new disabled=no in-interface=wan3-pppoe new-connection-mark=wan3 \
passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark established inbound connection wan1″ connection-state=established disabled=no in-interface=wan1-pppoe \
new-connection-mark=wan1 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark established inbound connection wan2″ connection-state=established disabled=no in-interface=wan2-pppoe \
new-connection-mark=wan2 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark established inbound connection wan3″ connection-state=established disabled=no in-interface=wan3-pppoe \
new-connection-mark=wan3 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark related inbound connection wan1″ connection-state=related disabled=no in-interface=wan1-pppoe \
new-connection-mark=wan1 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark related inbound connection wan2″ connection-state=related disabled=no in-interface=wan2-pppoe \
new-connection-mark=wan2 passthrough=yes
add action=mark-connection chain=prerouting comment=”Mark related inbound connection wan3″ connection-state=related disabled=no in-interface=wan3-pppoe \
new-connection-mark=wan3 passthrough=yes
add action=mark-routing chain=output comment=”Mark new inbound route wan1″ connection-mark=wan1 disabled=no new-routing-mark=static-wan1 passthrough=no
add action=mark-routing chain=output comment=”Mark new inbound route wan2″ connection-mark=wan2 disabled=no new-routing-mark=static-wan2 passthrough=no
add action=mark-routing chain=output comment=”Mark new inbound route wan3″ connection-mark=wan3 disabled=no new-routing-mark=static-wan3 passthrough=no
add action=mark-connection chain=prerouting comment=”Mark traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=new disabled=no \
dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting comment=”Mark traffic that isn’t local with PCC mark rand (3 possibilities) – option 2″ connection-state=new disabled=no \
dst-address-type=!local in-interface=lan new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting comment=”Mark traffic that isn’t local with PCC mark rand (3 possibilities) – option 3″ connection-state=new disabled=no \
dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/2
add action=mark-connection chain=prerouting comment=”Mark established traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=\
established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=\
both-addresses:3/0
add action=mark-connection chain=prerouting comment=”Mark established traffic that isn’t local with PCC mark rand (3 possibilities) – option 2″ connection-state=\
established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=\
both-addresses:3/1
add action=mark-connection chain=prerouting comment=”Mark established traffic that isn’t local with PCC mark rand (3 possibilities) – option 3″ connection-state=\
established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=\
both-addresses:3/2
add action=mark-connection chain=prerouting comment=”Mark related traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=related \
disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting comment=”Mark related traffic that isn’t local with PCC mark rand (3 possibilities) – option 2″ connection-state=related \
disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting comment=”Mark related traffic that isn’t local with PCC mark rand (3 possibilities) – option 3″ connection-state=related \
disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/2
add action=mark-routing chain=prerouting comment=”Mark routing for PCC mark – option 1″ connection-mark=wan1_pcc_conn disabled=no new-routing-mark=wan1 passthrough=\
yes
add action=mark-routing chain=prerouting comment=”Mark routing for PCC mark – option 2″ connection-mark=wan2_pcc_conn disabled=no new-routing-mark=wan2 passthrough=\
yes
add action=mark-routing chain=prerouting comment=”Mark routing for PCC mark – option 3″ connection-mark=wan3_pcc_conn disabled=no new-routing-mark=wan3 passthrough=\
yes
after that all you need to do is make your 3 pppoe client conections coresponding to your wans, pppoe client cone3ctions with user and pass provided from yout ISP, and in NAT…make a masquerade in ip firewall nat… click + to add net nat rule, Chain – scrnat….than go to Action tab and select masquerade… that is all
this config is the config that I am using on a rb750, for 3 wans
Comment by Acidu — January 6, 2012 @ 6:40 PM
Hi Sir,
What is the function of distance in routes?
Comment by Asad — January 6, 2012 @ 8:34 PM
Hi, thanks for the great howto. I have a setup with 2 WANs and when I vpn to the router I can no longer ping or connect to the local addresses.
Local interface is: 192.168.0.0/24
VPN local address is: 10.0.1.100
VPN remote address is: 10.0.2.100
Before setting up the load balancing I was able to connect to 192.168.0.102 or 192.168.0.101.
Comment by quinametin — January 18, 2012 @ 10:05 AM
Just create an address list (vpn subnet included) and on the mangle rules exclude them , e.g src-address-list=!pptpusers and dst-address-list=!pptpusers
For more info, read comments in following article, few guiys made it worked with pcc.
http://aacable.wordpress.com/2011/06/04/mikrotik-4-wan-load-balance-pcc-complete-script-by-zaib/
Comment by Syed Jahanzaib / Pinochio~:) — January 18, 2012 @ 10:38 AM
Ok, found it
I had to add to firewall -> nat a masquerade with the source 10.0.2.0/24
Comment by quinametin — January 18, 2012 @ 11:14 AM
gr8.
Comment by Syed Jahanzaib / Pinochio~:) — January 18, 2012 @ 11:18 AM
Which classifier should I use? I want 4 + 4 = 8. So traffic should spread aross them two links.
Thanks.
Comment by Bablu — January 18, 2012 @ 1:54 PM
Use ‘both addressess and ports’ approach.
Comment by Syed Jahanzaib / Pinochio~:) — January 18, 2012 @ 5:37 PM
Jitna b Geo Khushi se Geo. Ye Bablu ki dua ha Jahanzaib Bhai.
Comment by Bablu — January 19, 2012 @ 3:29 PM
Comment by Syed Jahanzaib / Pinochio~:) — January 20, 2012 @ 10:46 AM
Hello,
Thank you for helpful posts,
I little bit confused with IP addresses and how to setup load balance with my RB750G.
I have 2 ADSL from same ISP with 2 linksys modems with static external IP and 10M speed each.I cannot access the modems they r locked by ISP. I just getting internal IP by DHCP in range 192.168.1.1/254.
On both modems are same gateway address 192.168.1.1 and same IP range.
How can I configure load balancing????
Please help!!!! Need ASAP!!!
Thank you in advance!!!
Nikos
Comment by Nikos — January 25, 2012 @ 2:11 AM
Move them on different subnet.
For example
ISP DSL Modems:
DSL1 = 192.168.1.1
DSL2 = 192.168.2.1
Mikrotik:
WAN1 = 192.168.1.2 / GW > 192.168.1.1
WAN2 = 192.168.2.2 / GW > 192.168.2.1
This way things will get simpler and manageable for you.
You can use static ip on you mikrotik wan interface of same subnet series provided by the modem.
Comment by Syed Jahanzaib / Pinochio~:) — January 25, 2012 @ 10:56 AM
Thank you for fast response,
The problem is that I cannot change DSL2 to 192.168.2.1 its locked by ISP and both DSL modems had same 192.168.1.1.
In my scenario it will be something like this :
DSL1:192.168.1.1==>WAN1=192.168.1.2
DSL2:192.168.1.1==>WAN2=192.168.1.3
This will work or NOT???
Please advice !!!
Thank you in advance
Nikos
Comment by Nikos — January 25, 2012 @ 7:12 PM
I have not tested such scenario, in my opinion it should not work.
Comment by Syed Jahanzaib / Pinochio~:) — January 26, 2012 @ 10:55 AM
Alsalamu Alaykom
Dear Brother can you please send me a Backup file for RB 750 Load Balance ?
Comment by Moataz Ibrahem — January 30, 2012 @ 11:02 PM
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
Comment by Syed Jahanzaib / Pinochio~:) — January 30, 2012 @ 11:08 PM
sir main ne pcc load balasing ki hai load balasing to sahi hai par dhcp par webproxy nahi chal rahey plz help me
Comment by mani — January 31, 2012 @ 12:05 AM
If you upgrade to 4.x that’s relatively easy to do because it has a feature that can match connections that do not yet have a connection mark.
I will not recommend you to use mikrotik webproxy with pcc on same box, It is recommended to use external proxy like SQUID or ISA. Upgrade to new version and it will be easy for you to use mikrotik web proxy.
/ip firewall mangle
add chain=output connection-mark=no-mark action=mark-connection new-connection-mark=Internet1_conn passthrough=yes per-connection-classifier=both-addresses:2/0
add chain=output connection-mark=no-mark action=mark-connection new-connection-mark=Internet2_conn passthrough=yes per-connection-classifier=both-addresses:2/1
On 3.x the rule set would be quite much more complicated to make sure you don’t interfere with potentially existing connection marks that must not be changed, so hopefully you can upgrade to 4.x
Comment by Syed Jahanzaib / Pinochio~:) — January 31, 2012 @ 2:31 PM
sir this script not work as failover it works only when modem turned off
in the case when modem power is on but the modem is disconnect failover not work 100% sure
sir i want a solution for failover free or paid not matter but perfect solution
my id is zohaib.shakeel1@yahoo.com
Comment by salman — January 31, 2012 @ 10:45 PM
Aslam O Alikum Syed Jahanzaib Bahi
My DSL 4MB PTCL
I m Use Hotspot Par User 1MB Speed And 512k My Thinking Is a User End Download Speed Is Limited
But Browsing Full 4MB Speed Please Add This Script And Send Me
My ID waseemahmed147@yahoo.com
I m use 3.22 v
Thank You
Comment by WASEEM AHMED — February 1, 2012 @ 5:12 AM
hi
i have 16 mb pipe connected with 4 wan tplink load balancer , and load balancer connect with mikro tik OS installed on pc i configured dns, firewall, web proxy correctly but my browsing speed is too slow. is in mikrotik there is place to mention wan link rate, means does mikro tik required the link rate in Wan link. if yes then plzz tell me becoz i m watching all time my wan link in interface option it never rich to 16 mb infect it is not crossing 4 mb in all time pick time non pick time …guide me as soon as possible………… thxzzzzzzzzzzzzz
Comment by rehmat ali gulwating — February 7, 2012 @ 3:50 AM
Slow browsing , hmmm… there can be multiple issue, I told you earlier, make sure all of your client is using your mikrotik as there primary DNS server,
secondly, using IDM , try to download 10-15 multiple files (Big downloads) and see if you can able to download from all links.
Comment by Syed Jahanzaib / Pinochio~:) — February 7, 2012 @ 9:34 AM
DEAR…….
YES I CAN USE 16 MB PIPE WITH IDM BUT 1 TROUBLE I FIND THAT WHEN I PING TO TPLINK IP 192.168.205.1 REPLY IN 1 OR 2 MS CONTINUE SLY BUT WHEN I PING PTCL MODEM LAN IP (192.168.201.1 MODEM 1,192.168.202.1 MODEM 2, 192.168.203.1 MODEM 3,192.168.204.1 MODEM 4) SOME TIME PING REPLY IN 6 TO 7 MS AND SOME TIMES REQUEST TIME OUT OCCURS I CHANGE LAN CARDS OF MIKROTIK BUT NOTHING HAPPENED AND WHEN I CONNECT TPLINK LOADBALANCER DIRECT 2 WINDOWS PC PING REPLIES IN 1 MS AND ALL WORKED FINE…. THEN Y PING IS BREAKING WITH MIKROTIK PLEASE GUIDE ME AND SHOOT THIS TROUBLE WITH UR GOOD EXPERIENCE THANKING YOU,
Comment by rehmat ali gulwating — February 10, 2012 @ 3:15 AM
You probably have a bad network design topology.
Also check with your queueing section, Try to disable all Queues, and thenc heck the ping reply. If ping works fine after disabling the Queue, try the following.
http://aacable.wordpress.com/2011/12/07/mikrotik-howto-give-ping-icmp-high-priority/
Comment by Syed Jahanzaib / Pinochio~:) — February 10, 2012 @ 8:58 AM
my name habib
Comment by a — February 10, 2012 @ 9:27 PM
are you on line in wordpress
Comment by a — February 10, 2012 @ 9:28 PM
Hi,
Work fine, but “both-addresses-and-ports” per connection classifier creates problems (eg ftp client: passive ports are open on another WAN, so the ftp server considers it as a security violation). I recommend an “both addresses” pcc configuration to avoid this.
Best regards
Comment by Alexandre Alouit — February 13, 2012 @ 10:33 PM
Yes you are right, both address provides more reliable connections. But for some operators who demands more bandwidth rather then reliability, both-addresses-and-ports gives overall better load balancing, but they face broken link issues.
Comment by Syed Jahanzaib / Pinochio~:) — February 14, 2012 @ 8:48 AM
Salam,
this is rehmat, i trace problem in my network it is from client side. i means my clients have a lots of viruses, Trojans and spammers and their pcs use tcp and udp ports to access wan.ports are 445,80,23 which i trace out i have problem with port 80 becoz its a browsing port (http) please send me rules or any script to block viruses,Trojans and spammers completely. or any other guide to resolve this issue. thxxxxxxxxxxx
Comment by rehmat ali gulwating — February 14, 2012 @ 2:51 AM
Monitor your network closely using monitoring tools like TORCH (built-in mikrotik tool)
and block all suspected ports.)
Few examples are here.
http://aacable.wordpress.com/2011/08/15/mikrotik-howto-prevent-mt-host-from-invalid-login-attempts-from-lanwan-users/
Comment by Syed Jahanzaib / Pinochio~:) — February 14, 2012 @ 8:51 AM
Hi. Salam jahanzaib bhai. jahanzaib bhai i have 4 mb connection of PTCL. and main mikrotik 3.30 pay hotspot server use kr raha hun. i have 30 clients on it . 300 gb limit ki waja say now i want to add one more 4 mb connection. Plz guide me k main kesay on ki load balancing krun. is wqt meray WAN ka address 192.168.1.150 and LAN ka address 192.168.0.150 hai. yaa to ap yay guide kr dain k dono 4 mb ka 50/50 use ho ya phr ya bta dain k main half clients WAN1 pay kesay krun and half WAN2 pay ? because main downloading limit ko cross nhi krna chahta. its too expensive for me if downloading limit crossed.
Comment by SHAFQAT FARHAN — February 22, 2012 @ 10:45 AM
and dono connections ptcl say liyay hain main nay so . dono ka ip address same hai yani k DSL1 192.168.1.1 and DSL2 192.168.1.1 and i dont have authority to change this address.
Comment by SHAFQAT FARHAN — February 22, 2012 @ 10:51 AM
First thing first.
Both links must be on different subnet, otherwise you won’t be able to do proper load balance.
One workaround is to put another router (any cheap brand like tplink etc) in between mikrotik WAN2 and DSL2 and give it another subnet ip.
For example like this.
DSL1 ======> === >> MIKROTIK ROUTER ETH1
192.168.1.1 192.168.1.2
DSL2 ======> TPLINK ROUTER === >> MIKROTIK ROUTER ETH2
192.168.1.1 192.168.5.1 192.168.5.2
Also check this It might help you.
http://aacable.wordpress.com/2011/10/27/mikrotik-policy-routing-based-on-client-ip-address/
Comment by Syed Jahanzaib / Pinochio~:) — February 23, 2012 @ 9:16 AM
thank you so much sir. now i will change the ip address of one of the DSL router. now plz tell me how could i do load balancing on hotspot server. and i want k dono DSL’s equally use hun. i mean agar total downloading (from clients) 200 GB howi hai to DSL1 say 100 GB and DSL2 say 100 GB ho. i mean i want the average download from both of the DSL.
Comment by SHAFQAT FARHAN — February 23, 2012 @ 11:51 AM
To use PCC with HOTSPOT , use the following.
http://aacable.wordpress.com/2012/02/12/mikrotik-pcc-with-hotspot/
You can’t define on that how much exact amount of data should be used from each wan link.
Comment by Syed Jahanzaib / Pinochio~:) — February 23, 2012 @ 11:59 AM
to phr kya is trah ho skta hai k main half clients WAN1 pay kr dun and half WAN2 pay. ??
Comment by SHAFQAT FARHAN — February 23, 2012 @ 12:06 PM
Yes you can, see the link i have sent earlier. policy/ip base client routing
Comment by Syed Jahanzaib / Pinochio~:) — February 23, 2012 @ 1:37 PM
jahanzaib bhai os policy main 2 LAN output hain. jab k meray pass situation kuch yun hai k meray pas bulletm2 hai. main wireless k through clients ko net provide kr raha hun. so agar main 2 output krta hun to bullet main to aik he input jaey gi.
Comment by SHAFQAT FARHAN — February 23, 2012 @ 8:26 PM
You can use single output (LAN) also.
The example showed in the article was not using 2 output, Both users are on same LAN.
Comment by Syed Jahanzaib / Pinochio~:) — February 24, 2012 @ 9:28 AM
sir, give me a script of queue tree bandwith setting mikrotik rb750G please….. note: I use dual wan about it wan
Comment by aanet — February 24, 2012 @ 7:22 AM
dear sir
Syed Jahanzaib
sir main ne TWO wan ore ONE lan ka mikrotik server
banya hai jis ka scrpit ye hai.
((
/ip address
add address=192.168.5.1/24 network=192.168.5.0 broadcast=192.168.5.255 interface=LAN
add address=192.168.0.2/24 network=192.168.0.0 broadcast=192.168.0.255 interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=208.67.220.220,208.67.222.222
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.0.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
sir jab main internet
use karta hun tu mera server srif os wan ka interinet
use karta hai jis ki speed kam hoti hai jab k meri dosri
wan per speed kafi achi hoti hai
ek wan meri 3mbps ki hai ore dosri 4 mbps ki hai
kindly tell me a script jis se main in dono wan ko use
kar sekon yan phier asa ho in dono wan main se jis ki
speed zaida ho server os wan ko use karey kindly send
me a script jis se mera masla hal ho jaye
Comment by ali — February 24, 2012 @ 9:50 PM
Your script seems fine.
Try playing with the distance value.
Comment by Syed Jahanzaib / Pinochio~:) — February 25, 2012 @ 12:51 PM
yes i have licnes call me 03245001960 pta
Comment by noman — March 1, 2012 @ 11:01 AM
jahanzaib bhai do u have some info that how can i get license of ISP from PTCL or PTA . and how much cost it have ??
Comment by SHAFQAT FARHAN — February 25, 2012 @ 9:54 PM
hi.. i’m using this script right now and i want to port forward (23156) from WAN1 to internet.. can u help me sir
Comment by nick — March 5, 2012 @ 8:58 PM
sir meine aap ka dual wan configuration wala script use kia hai leikin mere aik wan se reply nahin aaraha
Comment by Yasir — March 9, 2012 @ 9:04 PM
What is the impact you are getting because of this?
Check the DISTANCE VALUE.
Comment by Syed Jahanzaib / Pinochio~:) — March 12, 2012 @ 9:04 AM
mein mikrotik ka os ver 3.3 use kerraha hoon
Comment by Yasir — March 9, 2012 @ 9:09 PM
hello !
the difference with this scenario is that i have
modem 1 IP : 79.106.15.44 ( bridge with PPPoE connection with username and password) or it doesn’t influence in the configuration
modem 2 IP : 79.106.15.45 ( bridge with PPPoE connection with username and password)
with gateway 79.106.14.1 or dynamic
LAN : 192.168.2.1/24
can you please help me with the configuration
regards
Comment by sidio — March 12, 2012 @ 3:52 AM
salaam sir how are u
main pppoe server use kar rahaa hooo aap mjhe yeh batao ke dil up par kon se colore use hote hai main ne net ki waire se bjiliy gozarni hai plz tell me
Comment by musa — March 19, 2012 @ 9:57 AM
hi,
this is Rehmat ali have to ask one thing is that i follow script given by u on this page ( http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/ ) .
problem is
only 1 wan is using internet named wan1 but 2nd wan named wan4 is not using similarly means with pcc method i m able to use both links in same time……? if yes then please solve this issue because it can’t use both links in same time.
Wan1 route is shows as AS and in black color but Wan4 route is shows as S and in blue color.
i think problem is with ip route. reply me as soon as possible.
thanking you,
Comment by Rehmat Ali Gulwating — March 20, 2012 @ 3:34 PM
Very Very Thanks Mr,Zaib With this script you changed my life
Comment by Haroon nimroozy — March 29, 2012 @ 11:17 AM
Dear Bro, I m using MIKROTIK from last 2 years with these settings.
I have 4 WANS and 1 LAN. 1 wan 4Mbs, 2nd 4Mb, 3rd 6Mb and 4th is 2Mb. i splice the ip with differnet subnets and send traffic through routes. 1 group ips gets 4 2nd group ip also 4 3rd group 6 mb and 4th group 2mb. and all users or on PPPOE.
But now i want to combine all traffic and then send it to 1 LAN. means 4 lans = 1 lan ,4+4+6+2=16 Mb. I contact many Mikrotik persons for this issue but all in vain.
I am using RB750G 3.22v.
Need help..
Comment by Junaid — April 1, 2012 @ 11:02 PM
A quick search on google can save you from posting queries
http://aacable.wordpress.com/2011/06/04/mikrotik-4-wan-load-balance-pcc-complete-script-by-zaib/
Comment by Syed Jahanzaib / Pinochio~:) — April 2, 2012 @ 8:33 AM
Thanks a lot Brother…..i’ll work on it then i’ll let u know if i faced any error..
Comment by Junaid — April 4, 2012 @ 1:04 PM
Jahanzaib Bhai, i it Possible to have Load Balancer and Hotspot on same Machine?
Comment by Danish Jamil — April 4, 2012 @ 11:42 PM
Yes its possible.
http://aacable.wordpress.com/2012/02/12/mikrotik-pcc-with-hotspot/
Comment by Syed Jahanzaib / Pinochio~:) — April 5, 2012 @ 8:53 AM
Dear Syed,
How can we use the web proxy with your configuration (not on a box of course..)?
Comment by Alex Alouit (@alexalouit) — April 8, 2012 @ 7:49 PM
You mean like the one showed here ???
http://aacable.wordpress.com/2011/12/29/howto-to-enable-mikrotik-routeros-web-proxy-in-transparent-mode/
Comment by Syed Jahanzaib / Pinochio~:) — April 9, 2012 @ 8:34 AM
Yes,
unfortunately, for me it does not work.
The proxy works fine from outside (lan network), but the internal drift does not work.
My current config is:
nat
0 chain=srcnat action=masquerade src-address=192.168.2.0/24 out-interface=wan1
1 chain=srcnat action=masquerade src-address=192.168.2.0/24 out-interface=wan2
2 chain=dstnat action=redirect to-ports=3128 protocol=tcp src-address=192.168.2.0/24 dst-port=80
mangle
0 chain=input action=mark-connection new-connection-mark=WAN1_conn passthrough=yes in-interface=wan1
1 chain=input action=mark-connection new-connection-mark=WAN2_conn passthrough=yes in-interface=wan2
2 chain=output action=mark-routing new-routing-mark=to_WAN1 passthrough=yes connection-mark=WAN1_conn
3 chain=output action=mark-routing new-routing-mark=to_WAN2 passthrough=yes connection-mark=WAN2_conn
4 chain=prerouting action=accept dst-address=X.X.X.X/24 in-interface=lan
5 chain=prerouting action=accept dst-address=X.X.X.X/24 in-interface=lan
6 ;;; 80
chain=prerouting action=mark-connection new-connection-mark=WAN1_conn passthrough=yes protocol=tcp dst-address-type=!local in-interface=lan dst-port=80 per-connection-classifier=both-addresses-and-ports:2/0
7 chain=prerouting action=mark-connection new-connection-mark=WAN1_conn passthrough=yes dst-address-type=!local in-interface=lan per-connection-classifier=both-addresses:2/0
8 ;;; 80
chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes dst-address-type=!local in-interface=lan per-connection-classifier=both-addresses-and-ports:2/1
9 chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes dst-address-type=!local in-interface=lan per-connection-classifier=both-addresses:2/1
10 chain=prerouting action=mark-routing new-routing-mark=to_WAN1 passthrough=yes in-interface=lan connection-mark=WAN1_conn
11 chain=prerouting action=mark-routing new-routing-mark=to_WAN2 passthrough=yes in-interface=lan connection-mark=WAN2_conn
proxy
enabled: yes
src-address: 0.0.0.0
port: 3128
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-administrator: webmaster
max-cache-size: none
cache-on-disk: yes
max-client-connections: 600
max-server-connections: 600
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: primary-slave
The router runs on Router OS 5.14
Do you see that does not work?
Regards
Comment by Alex Alouit (@alexalouit) — April 9, 2012 @ 8:25 PM
Error in copy/paste, my mangle config number 8 is:
chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes protocol=tcp dst-address-type=!local in-interface=lan dst-port=80 per-connection-classifier=both-addresses-and-ports:2/1
but it does affect my web proxy problem.
The problem I encounter is also valid to intercept DNS requests (cache dns transparent).
The firewall is it not challenged?
Comment by Alex Alouit (@alexalouit) — April 10, 2012 @ 10:04 PM
use notepad +…paste there… and then copy from there and paste in new terminal…
Comment by Acidu — April 11, 2012 @ 1:08 AM
For the copy/paste error, I spoke about the comment, not the CLI configuration of the router..
Regards
Comment by Alex Alouit (@alexalouit) — April 11, 2012 @ 5:43 PM
Dear Sir
I want to know these configuration also use with 750up router board ?
I want load balancing with 2 wan on 750up router board …please help ….
I also want load balancing using hotspot ……
Regards
Comment by faisalmirzapk — April 8, 2012 @ 8:15 PM
The script posted in this article will work on any version of routerboard.
to use it with hotspot you should follow this.
http://aacable.wordpress.com/2012/02/12/mikrotik-pcc-with-hotspot/
Comment by Syed Jahanzaib / Pinochio~:) — April 9, 2012 @ 8:33 AM
Dear Sir
plz help me mere pass RB750GL hai mey us pe 3 wan chalana chata ho with bondig (means merge all bandwidth ?) mere pass ye configuration hai.
4Mb = 1st DSL router address = 192.168.0.1 => ehter1 WAN
4Mb = 2nd DSL router address = 192.168.2.1 => ehter2 WAN
6Mb = 3rd DSL router address = 192.168.3.1 => ehter3 WAN
Bandwidth merge = 4Mb + 4Mb + 6Mb = 14Mbps
local network = 192.168.1.1 => ehter5
DHCP server on local network => ehter5
Bandwidth controlling in Kbps on specific IP (local address)
or kia interface ka name bhi change karna parey ga wo kese hoga ??? n plz help me step by step
mey ne apki batae hui script mey changes ki hai wo nichy hai is mey koi mistake hai ? or baqi complete script send karden
Thanks
————————————————————————————————————————————————————————————————————
rename the interface
?????
————————————————————————————————————————————————————————————————————
/ip address
02 add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=Local
03 add address=192.168.0.2/24 network=192.168.0.0 broadcast=192.168.0.255 interface=WAN1
04 add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
05 add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255 interface=WAN3
06 /ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8
07
08 /ip firewall mangle
09 add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
10 add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
11 add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_conn
12 add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
13 add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
14 add chain=output connection-mark=WAN3_conn action=mark-routing new-routing-mark=to_WAN3
15 add chain=prerouting dst-address=192.168.0.0/24 action=accept in-interface=Local
16 add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=Local
17
18 add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
19 add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
20
21 add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
22 add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2
23 add chain=prerouting connection-mark=WAN3_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN3
24 /ip route
25 add dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-mark=to_WAN1 check-gateway=ping
26 add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
27 add dst-address=0.0.0.0/0 gateway=192.168.3.1 routing-mark=to_WAN3 check-gateway=ping
28 add dst-address=0.0.0.0/0 gateway=192.168.0.1 distance=1 check-gateway=ping
29 add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
30 add dst-address=0.0.0.0/0 gateway=192.168.3.1 distance=3 check-gateway=ping
31 /ip firewall nat
32 add chain=srcnat out-interface=WAN1 action=masquerade
33 add chain=srcnat out-interface=WAN2 action=masquerade
34 add chain=srcnat out-interface=WAN3 action=masquerade
————————————————————————————————————————————————————————————————————
DHCP SERVER also
————————————————————————————————————————————————————————————————————
Bandwith controlling
???????
THANKS
Regards
Ehtisham Ul Haq
Comment by Ehtisham Ul Haq — April 11, 2012 @ 12:18 PM
change the lines from
18 add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
19 add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
TO below lines
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:3/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:3/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:3/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
Comment by Syed Jahanzaib / Pinochio~:) — April 11, 2012 @ 1:14 PM
thanks Sir plz send me also interface rename script and DHCP server
Comment by Ehtisham Ul Haq — April 11, 2012 @ 1:47 PM
Dear Sir
this script is working in my case ??
ip dhcp-server> setup
Select interface to run DHCP server on
dhcp server interface: local
Select network for DHCP addresses
dhcp address space: 192.168.1.0/24
Select gateway for given network
gateway for dhcp network: 192.168.1.1
Select pool of ip addresses given out by DHCP server
addresses to give out: 192.168.1.25-192.168.1.254
Select DNS servers
dns servers: 192.168.1.1
Select lease time
lease time: 3d
Comment by Ehtisham Ul Haq — April 11, 2012 @ 2:11 PM
Dear Bro. how can we use User Manager and manage users and their accounting on v3.3 with level4 license. if their some solution please tell me how can i do it.
Comment by Junaid — April 11, 2012 @ 4:49 PM
Hi, I have an address-list and want to force that all addresses in address-list ISP1 always goes to to WAN1, what should I do?
Comment by Ari — April 26, 2012 @ 11:55 PM
Read This.
http://aacable.wordpress.com/2011/10/27/mikrotik-policy-routing-based-on-client-ip-address/
Comment by Syed Jahanzaib / Pinochio~:) — April 27, 2012 @ 9:14 AM
Hello, have you ever noticed redirect problem with NAT? I have the latest version of RouterOS on ESXi 5.
I Can’t use the redirect (eg web proxy transparent, or transparent DNS cache).
Comment by Alex Alouit (@alexalouit) — April 27, 2012 @ 3:59 PM
Here is my configuration:
/ip firewall filter
add action=drop chain=input disabled=no dst-port=3128 in-interface=wan1 protocol=tcp
add action=drop chain=input disabled=no dst-port=3128 in-interface=wan2 protocol=tcp
/ip firewall mangle
add action=mark-connection chain=input disabled=no in-interface=wan1 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input disabled=no in-interface=wan2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=accept chain=prerouting disabled=no dst-address=0.0.0.0/24 in-interface=lan
add action=accept chain=prerouting disabled=no dst-address=0.0.0.0/24 in-interface=lan
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local in-interface=lan new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local in-interface=lan new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1_conn disabled=no in-interface=lan new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn disabled=no in-interface=lan new-routing-mark=to_WAN2 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=wan1 src-address=0.0.0.0/24
add action=masquerade chain=srcnat disabled=no out-interface=wan2 src-address=0.0.0.0/24
add action=redirect chain=dstnat comment=”Transparent Web Cache” disabled=yes dst-port=80 protocol=tcp to-ports=3128
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=unlimited max-client-connections=600 max-fresh-time=3d max-server-connections=600 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=3128 serialize-connections=no src-address=0.0.0.0
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=0.0.0.0 routing-mark=to_WAN1 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=0.0.0.0 routing-mark=to_WAN2 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=0.0.0.0 scope=30 target-scope=10
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=0.0.0.0 scope=30 target-scope=10
Comment by Alex Alouit (@alexalouit) — April 27, 2012 @ 4:11 PM
I never used Mikrotik’s Web Proxy service with PCC. Only heard that it do make some problems if you have all setup on single box i.e PCC / Firewall / WEBPROXY. Its better to use external proxy for cache.
Comment by Syed Jahanzaib / Pinochio~:) — April 28, 2012 @ 4:21 PM
Hello
Could you help me please.
I am using 2 wan load balancing with PCC rules. But I want to use WAN1 generally and WAN2 if WAN1 is full.
How can I do it.
Also I use load balancing PCC with hotspot but there are problems when browsing https sites.
Thanks a lot
Best Regards
Eynulla Samadov
Comment by Eynulla Samadov — May 7, 2012 @ 7:11 PM
You can’t shift user to wan2 if wan1 is FULL using mikrotik AFAIK.
Try using Load Balancing scenario. or policy base routing.
E.g:
http://aacable.wordpress.com/2011/10/27/mikrotik-policy-routing-based-on-client-ip-address/
Comment by Syed Jahanzaib / Pinochio~:) — May 8, 2012 @ 3:16 PM
Best tutorial, works from first attempt.
Thank you for that.
I have a small problem and wish that you can help me with.
My board is RB493G (9 ports), I am using 2 ports for load sharing. Other ports for local net.
The problem is that I fail to communicate with other ports now (I cannot access the shares nor ping my hosts ).
I wish that you could help me solving this problem.
Comment by Taha — May 12, 2012 @ 3:40 AM
Are you using HOTSPOT ?
Comment by Syed Jahanzaib / Pinochio~:) — May 14, 2012 @ 8:57 AM
Thank you problem is solved no need to worry about it.
What should be done is just create a prerouting chain with accept to each network segment. in /ip firewall mangle
Comment by Taha — May 12, 2012 @ 7:17 PM
Yes I am using hotspot .
All I did to solve the problem is to create a mangle rule with accept from each segment to the other one.
I have one problem left which is not related to the script of yours but being an expert in Mikrotik I would like to
get your opinion on it.
My RB is 493G (V5.16) with no wireless cards installed, instead I have an AP connected to one of the ETH2.
I have 2 iPhones jail broken, connected to the same AP acting as the wireless HS I cannot see the shares between them.
I have installed Multicast package still not working.
If I connect the Iphones to an AP before the RB everything works fine. I would appreciate sharing your experience on solving this problem.
Comment by Taha — May 14, 2012 @ 1:48 PM
turn off Universal NAT to enable users communicate with each other. because hotspot poison the network to forece every device to use HS as there default gateway.
http://aacable.wordpress.com/2011/09/12/mikrotik-hotspot-quick-setup-guide-cli-version/
Comment by Syed Jahanzaib / Pinochio~:) — May 14, 2012 @ 2:13 PM
1 /ip hotspot set address-pool=none——————————- could not do.. what are you referring to ?
2 OR
3 /ip hotspot set numbers=hotspot1 address-pool=none————– done—————–
4 OR
5 /ip firewall nat add chain=pre-hotspot dst-address-type=!local hotspot=auth action=accept—————— was already there——————-
And problem is still there
Comment by Taha — May 14, 2012 @ 2:47 PM
hum apne server ki secript kaise jan sakte hain k hum ne us ko kia kia script di hai
Comment by obaid — May 22, 2012 @ 8:49 PM
sir i use your this script my mikrotik 3.30 L6 but just i wan line work not both at a time what happen? one time just 1 WAN work if i unplug 192.168.1.1 WAN1 then WAN2 work if i unplug wan2 then wan1 work but not both , if 2 wan are connectd wit then just WAN1 worked ? pleas help me what hapen?
Comment by obaid — May 23, 2012 @ 10:50 AM