Mikrotik RouterOS Multi-WAN PPC

Mikrotik RouterOS Multi-WAN PPC howto

---

This guide assumes the following:

"ISP1" is your 1st wan connection name
"ISP2" is your 2nd wan connection name
"LAN" is your local network name

"ISP1" recieves the IP 111.111.111.1/24 on the network 111.111.111.0/24
"ISP2" recieves the IP 222.222.222.1/24 on the network 222.222.222.0/24

1. If your ISP assigned IP's via DHCP be sure to do the following (if they are assigned static move to step 2):

Log into the routeros webfig or winbox:

• IP
• DHCP Client
• Click on your first WAN DHCP client
• Change "add default gateway" to no
• Repeat the same for your second WAN connection

2. Remove current routing rules

• IP
• Firewall
• Nat
• Remove the entry for "masquerade" to your current single ISP.

3. SSH into your router and run the following script:

Code:

/ ip firewall mangle
add chain=prerouting dst-address=111.111.111.0/24  action=accept in-interface=LAN
add chain=prerouting dst-address=222.222.222.0/24  action=accept in-interface=LAN
add chain=prerouting in-interface=ISP1 connection-mark=no-mark action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting in-interface=ISP2 connection-mark=no-mark action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting connection-mark=ISP1_conn in-interface=LAN action=mark-routing new-routing-mark=to_ISP1
add chain=prerouting connection-mark=ISP2_conn in-interface=LAN action=mark-routing new-routing-mark=to_ISP2
add chain=output connection-mark=ISP1_conn action=mark-routing new-routing-mark=to_ISP1     
add chain=output connection-mark=ISP2_conn action=mark-routing new-routing-mark=to_ISP2

/ ip route
add dst-address=0.0.0.0/0 gateway=111.111.111.1 routing-mark=to_ISP1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=222.222.222.1 routing-mark=to_ISP2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=111.111.111.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=222.222.222.1 distance=2 check-gateway=ping

/ ip firewall nat 
add chain=srcnat out-interface=ISP1 action=masquerade
add chain=srcnat out-interface=ISP2 action=masquerade

This script assumes that you have 2 equal WAN connections(ex. two 7/1 DSL lines). If you have unbalanced connections you can modify the section of the script that defines how the traffic is balanced. That starts on line 6.

For example I have a 45/6 connection and a 30/6 connection and I have the following lines( Note that there are 5 lines and the first one starts at 5/0 and moves on from there):

Code:

add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:5/0 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:5/1 action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:5/2 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:5/3 action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:5/4 action=mark-connection new-connection-mark=ISP1_conn

The PCC method automatically does failover. All around good way to load balance 2 connections. You can also balance more connections by configuring the script correctly.   

from:

http://hardforum.com/showthread.php?p=1040363288

Posted in Mikrotik