Another updated working example [may-2017]
I recently deployed Dual WAN P.C.C configuration at a local cable.network. The scenario is something like below . . .
USERS >> MIKROTIK PPPOE SERVER >>> MIKROTIK RB 750 PCC with 2 DSL Link>>> INTERNET
The problem they were facing of one particular Banking web site name bankalhabib.com , The best method to resolve such P.C.C issues is to use src-address as classifier, this way user WAN ip won’t be change and they will be stick to 1 wan for there session. But in above scenario I cant use src-address as users are not directly hitting PCC. So I made a workaround and exempted the user and in one case , the destination website from being processed by the P.C.C
The simple theory is to make a address with the user ip or the destination web site IP address. and then create an rule in mangle to exempt it from P.C.C, Then create a new default route in with your desired WAN selected , for that traffic which is exempted from P.C.C
Important: Move this rule above of other PCC rules, so it will accept the data before PCC catches it.
=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x
To Exempt Any User IP from PCC Rule,
/ip firewall address-list
add list=usere-exempted-from-pcc address=172.16.0.2/32
Now create Mangle Rule to accept traffic from above list, then PCC will not precess this user ip address , and Mikrotik will use the Default route for this user Traffic. (We will add it later)
Example:
/ip firewall mangle
add action=accept chain=prerouting disabled=no src-address-list=user-exempted-from-pcc
To Exempt Any Web Site from PCC, first track its IP Address (or pool), then add it in exempt list.
/ip firewall address-list
add list=site-exempted-from-pcc address=108.59.160.167/32
(108.59.160.167/32 is mywanip.com for test purpose)
Now create its mangle rule
/ip firewall mangle
add action=accept chain=prerouting disabled=no dst-address-list=site-exempted-from-pcc
Adding Route for Un-Marked Traffic
You have to add Default ROUTE rule to tell Mikrotik to use this ROUTE as default route for all other UNMARKED traffic not processed / marked by the PCC. and in this route, you can bind exempted traffic request to always go through Specific Link only.
/ip route
add comment=”Default Route For Un-Marked Traffic” disabled=no distance=3 dst-address=0.0.0.0/0 gateway=101.11.11.36 scope=30 target-scope=10
(Change IP Address as per your network configuration)
=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x
Syed Jahanzaib - Personal Blog to Share Knowledge ! 