Professional Documents
Culture Documents
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB
Filed under: Mikrotik Related Tags: dsl, dual wan load balance, load balance, mikrotik, pcc Syed Jahanzaib / Pinochio~:) @ 10:16 AM
i
45 Votes
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB
Following is a complete script for Mikrotik to combine/load balance two DSL lines. In this example I used MikrotikT RB750 5 ports router.
2 ports were connected with two difference DSL Routers,
and 3rd port was connected with User LAN.
Both DSL are of same speed , i.e 10Mb each.
DSL MODEM IPS
DSL MODEM 1 = 192.168.1.1
DSL MODEM 2 = 192.168.2.1
Also dont forget to rename the interface names accordingly.
In my personnel experience , If users request are directly hitting Mikrotik configured with PCC , then you will get good load balancing. Use src-address as
classifier, this way you will get rid of problems like https/broken link, streaming issues etc. Load balancing using this PCC technique (src-address) will be
effective and balanced approach when more and more connections (from clients) that occurred. I also recommend to use SQUID proxy server along with
mikrotik , either parallel or in front or backend , for better response time and it will also increase good browsing experience to users.
If somehow you are not satisfied with the src-address approach,play with the PCC-Classifier, then Try both addresses and ports as the classifier. While this
will randomize things the most and in theory give you the most fair allocation of bandwidth, BUT there is also a good chance that it will break certain things
like banking web sites and some forums. This is because often times a HTTP requests will generate several connections, so there is a chance that some
requests may go out a different route than the initial one, and that will break secure web sites. For that reason I usually stick with src-address for PCC load
balancing.
Regards
Syed Jahanzaib
1
2
3
4
5
6
7
8
9
10
11
12
13
/ip
add
add
add
address
address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1
address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
1/46
8/10/2014
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
All Done ! Now Test the link by putting user load, the more multiple users load you put on it, the better Load Balance result you will get
Comments (317)
317 Comments
1. hi
plz contact me..
and tell me where you live
am Shahzad form pakistan/multan
my phone number # 0092312-6460823
Comment by shahzad July 31, 2011 @ 5:42 AM
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
2/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Reply
You can contact me at my email address.
aacable [at] hotmail.com / 0092333.xxxxxxx
Comment by Pinochio / zaib July 31, 2011 @ 6:05 AM
Reply
Dear, how can you make the router make load balancing on tow interfaces i will use one for my hotspote and the other for my internal LAN
Comment by mtaherhassanin December 27, 2012 @ 9:59 AM
Describe in details.
Comment by Syed Jahanzaib / Pinochio~:) December 27, 2012 @ 3:06 PM
I Have RB 750GL with 5 Ports i will use 3 Ports for WANs DSL Routers , the rest 2 Ports i will Use them 1 For my LAN and 1 For My HotSpot
Bullet. i Used your Script from the Above as the followng
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512
servers=41.128.225.225,41.128.225.226,163.121.128.135
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local This for my Lan
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local2 this for my Hotspot
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=Local2
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection
new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection
new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/2 action=mark-connection
new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local2 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection
new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local2 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection
new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local2 per-connection-classifier=both-addresses-and-ports:2/2 action=mark-connection
new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.2.254 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.254 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.254 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.254 distance=2 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
/ip firewall nat add action=accept chain=pre-hotspot disabled=no dst-address-type=!local hotspot=auth
but i belive that my hot spot Not Acting well
Comment by mtaherhassanin December 30, 2012 @ 5:20 AM
Hello Dear
Well i have a Question
in RB 750 Mikrotik
Local Interface Pluged To ISA Server
Local2 Pluged To Hotspot System
I am Behind the ISA Server
how can i mange to make the PING to the Hotspot system succeded
Local 192.168.88.0/24
Local2 192.168.80.0/24
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
3/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
4/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
7. / ip address
add address=1.1.0.5/24 network=1.1.0.0 broadcast=1.1.0.255 interface=Local comment= disabled=no
add address=10.0.0.10/24 network=10.0.0.0 broadcast=10.0.0.255 interface=wan1 comment= disabled=no
add address=7.7.7.10/24 network=7.7.7.0 broadcast=7.7.7.255 interface=wan2 comment= disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=2,1 action=mark-connection new-connection-mark=conn1 passthrough=yes
comment= disabled=no
add chain=prerouting in-interface=Local connection-mark=conn1 action=mark-routing new-routing-mark=conn1 passthrough=no comment=
disabled=no
add chain=prerouting in-interface=Local connection-state=new nth=1,1 action=mark-connection new-connection-mark=conn2 passthrough=yes
comment= disabled=no
add chain=prerouting in-interface=Local connection-mark=conn2 action=mark-routing new-routing-mark=conn2 passthrough=no comment=
disabled=no
/ ip firewall nat
add chain=srcnat connection-mark=conn1 action=masquerade out-interface=wan1 comment= disabled=no
add chain=srcnat connection-mark=conn2 action=masquerade out-interface=wan2 comment= disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=10.0.0.138 scope=255 target-scope=10 routing-mark=conn1 comment= disabled=no
add dst-address=0.0.0.0/0 gateway=7.7.7.7 scope=255 target-scope=10 routing-mark=conn2 comment= disabled=no
Comment by Aman Manifarooqi August 4, 2011 @ 11:21 PM
Reply
8. ware is this problam khaa par masllha ho sakta hai kia modem ki setting bhi karni hai aghr karni hai to kia ya is main problam, hai
Comment by Aman Manifarooqi August 4, 2011 @ 11:25 PM
Reply
9. / ip address
add address=1.1.0.5/24 network=1.1.0.0 broadcast=1.1.0.255 interface=Local comment= disabled=no
add address=1.1.0.77/24 network=1.1.0.0 broadcast=1.1.0.255 interface=wan1 comment= disabled=no
add address=5.5.5.1/24 network=5.5.5.0 broadcast=5.5.5.255 interface=wan2 comment= disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=2,1 action=mark-connection new-connection-mark=conn1 passthrough=yes
comment= disabled=no
add chain=prerouting in-interface=Local connection-mark=conn1 action=mark-routing new-routing-mark=conn1 passthrough=no comment=
disabled=no
add chain=prerouting in-interface=Local connection-state=new nth=1,1 action=mark-connection new-connection-mark=conn2 passthrough=yes
comment= disabled=no
add chain=prerouting in-interface=Local connection-mark=conn2 action=mark-routing new-routing-mark=conn2 passthrough=no comment=
disabled=no
/ ip firewall nat
add chain=srcnat connection-mark=conn1 action=masquerade out-interface=wan1 comment= disabled=no
add chain=srcnat connection-mark=conn2 action=masquerade out-interface=wan2 comment= disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=1.1.0.5 scope=255 target-scope=10 routing-mark=conn1 comment= disabled=no
add dst-address=0.0.0.0/0 gateway=5.5.5.1 scope=255 target-scope=10 routing-mark=conn2 comment= disabled=no
Comment by Aman Manifarooqi August 5, 2011 @ 6:57 PM
Reply
First turn off dhcp server seetings in modem than trygood luck
Comment by Faisal August 13, 2011 @ 10:31 PM
Reply
10. ab yeh sahi kar bhi liya hai tab bhi net nahi chal rahaa hai plz help me ab kia karo yeh load balasing is liye kar rha hoo is se net ki 4mb aur 4mb ke speed
8 ati hai is liye plz ab dekhye kia karoblam hai
Comment by Aman Manifarooqi August 5, 2011 @ 6:59 PM
Reply
This is nth base load balancing which will give you some problems in steaming , https web sites etc. but try it anyways since its the simplest way to do
load balance.
Make some changes to your ip scheme.
Change Local interface ip to 10.0.0.1
Change WAN1 ip to 192.168.1.1
Change WAN2 ip to 192.168.2.1
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
5/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
6/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Just make sure that all users are hitting Mikrotik directly (where PCC is configured)
The more users load you put on PCC, the better load balancing you will be able to get.
Comment by Pinochio / zaib August 24, 2011 @ 10:50 AM
Reply
Wow. Amazing..
How to do this with 2 WAN only?
Comment by Danish Jamil April 3, 2012 @ 1:52 PM
Reply
15. bhai mai ny 2 pc mai mikrotik install kia hai 1 mai load balancing ki hai aur dosry mai user add hai aur per connetion classifier ko ma ny dst address pa
set kia hai. kia yeh sahi hai yaha is sy b better ho akta hai..
dsl1
dsl2mikrotik pcc (dst address)mikrotik pppoe server-clients
dsl3
Comment by usmans August 28, 2011 @ 1:01 AM
Reply
usman bhai mujay apna koi contect nuber dain plz mene loadbalsing ki kuch help lani hai app se
Comment by sadaq July 30, 2012 @ 8:38 AM
Reply
16. dst-address works fine too. All depend on your usage scenario.
You can configure pcc and pppoe on the same server. in this way you can use src-address as your classifier.
Comment by Pinochio / zaib August 28, 2011 @ 10:54 AM
Reply
17. bhai agar mai pcc aur pppoe same sever mai configure karta ho to jab mai us mai thunder cache ka mangle rule add karta ho to wo work nai kartais liy
mai 2 server use kar raha ho.
Comment by usmans August 28, 2011 @ 2:07 PM
Reply
18. Great to use PCC to load balance, but I dont know Im using nth is better at my network
Comment by another mikrotik tips September 24, 2011 @ 9:30 AM
Reply
PCC is a very customizable and enhanced version of Load balancing as compared to NTH . Using PCC you can get rid of many problems found in
NTH, for example, broken http/https link, streaming issues and some others. (Using pcc with src-address as classifier.)
Anyhow if NTH is fulfilling your requirements and you are satisfied with the results, you can stick with it as loon as it doesnt bother you
Comment by Pinochio~:) September 24, 2011 @ 10:30 AM
Reply
19. im having one wan link- 4 Mb ,another one is 2Mb,
is it is possible to loadbalance with pcc
Comment by tamilmaran October 28, 2011 @ 8:31 AM
Reply
yes you can,
Just give create more pcc rule to give priority to 4mb rule, so 2mb will be used twice as compare to 2 mb, to get some balanced load balancing.
Comment by Pinochio~:) October 28, 2011 @ 12:33 PM
Reply
can u pls , edit n give me the script,
im poor in scripting
Comment by tamilmaran June 26, 2012 @ 12:02 AM
20. Hi,
I also have rb750. Now I want to do load balancing on 2 dsl lines. How will I know that port 1 is Local, port 2 is WAN1 ans so on?
Also for WAN1 dsl is the ip address 192.168.1.1?
And for WAN2 dsl is the ip address 192.168.2.1?
Comment by Nouman Aziz November 12, 2011 @ 4:59 PM
Reply
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
7/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
8/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
9/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
add action=mark-routing chain=prerouting comment=Mark routing for PCC mark option 3 connection-mark=wan3_pcc_conn disabled=no newrouting-mark=wan3 passthrough=\
yes
Comment by adrian November 26, 2011 @ 7:25 AM
Reply
Hi, what about NAT rules ? (script in IP-Firewall-NAT)
Comment by esalehnet November 29, 2012 @ 1:30 AM
Reply
25. is is working OK to me, after I modified a bit to use only 2 wans on my router
Comment by adrian November 26, 2011 @ 7:29 AM
Reply
26. Jahanzaib Bhai I need your help Would you.
Comment by Umair Hanif December 4, 2011 @ 8:28 PM
Reply
Regarding ???
Comment by Pinochio~:) December 7, 2011 @ 10:42 AM
Reply
i have mikrotik 3.22 and i want to use 2 WAN link load balancing
Comment by umair December 13, 2011 @ 11:03 PM
You need at least ver 3.30 for pcc base load balancing.
Comment by Pinochio~:) December 14, 2011 @ 10:42 AM
27. I have upgraded to version 3.30
Comment by umair December 14, 2011 @ 11:46 PM
Reply
28. These are great scripts, but could you possibly explain how to change the gateway check to check a remote IP address rather than the gateway IP address
(for instances where the DSL line may be down, but the modem still up) im sure its not as easy as just changing the ip address in the check?
Comment by David December 22, 2011 @ 4:26 PM
Reply
You are right, its not that easy to integrate netwatch with the PCC.
I stopped working on this script long time ago. I will do some r&d on it and will update the article accordingly.
Comment by Pinochio~:) December 23, 2011 @ 10:59 AM
Reply
Salam Dear Sir ,
Sir ap kasy hai .umied hai k ap thek hai .ALLAH ap per desta shufqat rakha.Sir main UBNT wireless setup laga raha hun.Aur sir mujha ap say kuch
help ke zaroorat hai .wo ya k main us k liya mikrotik ka kon sa ver use karun uar mikrotik ruterbord kon sa purchas karun.qk es ma humara pass
dedicated links be hai .aur SIR humara owner ya chata hai k ptcl jasie wireless modem ma setting ho.
SIR Cache server be creat karna hai kindly ap us ka be bta dijya ga. Sir main umied karta hun k ap jaldi aur bhater jawab send kary gia.
Waqas sabir from Faisalabad.
E-mail = the2ndlastguy@yahoo.com
Mob= 03157215729
Comment by Muhammad Waqas Sabir August 30, 2012 @ 10:54 PM
Reply
29. Hi,
Sir I have done dual wan load balancing on MK RB750 v 5.9. I have two 4 mbps connection.
The problem I am facing is the second dsl line is not much is use. Sometimes I get 7-8 mB speed but sometimes it drops out so I just left with the 4MB.
Any thoughts or suggestions?
Thanks.
Comment by Nouman Aziz December 23, 2011 @ 1:05 AM
Reply
If sometimes you able to get 7-8 mbps , then your PCC is configure okay.
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
10/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
If sometimes you able to get 7-8 mbps , then your PCC is configure okay.
what classifier are you using?
Comment by Pinochio~:) December 23, 2011 @ 10:57 AM
Reply
30. I am using Dst.Address for both lines.
Comment by Nouman Aziz December 25, 2011 @ 12:10 AM
Reply
It will happen if you use dst-address, for example if there are 10 online users and 8 of them are using you tube.com, then PCC will bind you-tube at
first dsl link, and other web at other link.
You have to read a lot on PCC classifier, goto wiki and read thoroughly then play with this option.
Comment by Pinochio~:) December 25, 2011 @ 9:44 AM
Reply
31. So which classifier should I use?
Comment by Nouman Aziz December 25, 2011 @ 10:09 AM
Reply
32. Can you please explain me which classifier do I change and how?
Thanks.
Comment by Nouman Aziz December 25, 2011 @ 12:43 PM
Reply
Dear Noman,
I guess its time for you to do some research and read teh mikrotik wiki on How PCC works. Please start with this one and you will get idea on which
classifier is best for you.
http://wiki.mikrotik.com/wiki/How_PCC_works_(beginner)
After all its your network and you have to decide what classifer to use depends on your network usage. Please Read, Read and Read.
Comment by Pinochio~:) December 25, 2011 @ 10:17 PM
Reply
33. ok Thanks/.
Comment by Nouman December 26, 2011 @ 1:04 AM
Reply
34. sir muhe yee bataye ke x86 main bhi pcc load balasing ho sakti hai
Comment by noman December 31, 2011 @ 7:20 PM
Reply
It doesnt matter what architecture you use , you can do it on x86 or any RB.
Just make sure you use ver 3.30 or above.
preferably latest 5.x series.
Comment by Pinochio~:) December 31, 2011 @ 9:17 PM
Reply
min ne computer par install kia hai mikrotik ko pcc load balasing chaliy gi
Comment by noman December 31, 2011 @ 9:23 PM
yes if u configure it properly.
Comment by Syed Jahanzaib / Pinochio~:) January 2, 2012 @ 9:59 AM
35. Sir, This load balancing works great when we put a load on it (browse heavy site, or watch youtube). Is there any way to keep both WANs alive and
working equally.
For example even when we browse lite sites it should use both lines 50/50.
Thanks
Comment by nominet January 4, 2012 @ 3:45 PM
Reply
Try using different classifier.
There are 8 various, test which one works for you best
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
11/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
12/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
wan2 passthrough=no
add action=mark-routing chain=output comment=Mark new inbound route wan3 connection-mark=wan3 disabled=no new-routing-mark=staticwan3 passthrough=no
add action=mark-connection chain=prerouting comment=Mark traffic that isnt local with PCC mark rand (3 possibilities) option 1 connectionstate=new disabled=no \
dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting comment=Mark traffic that isnt local with PCC mark rand (3 possibilities) option 2 connectionstate=new disabled=no \
dst-address-type=!local in-interface=lan new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting comment=Mark traffic that isnt local with PCC mark rand (3 possibilities) option 3 connectionstate=new disabled=no \
dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/2
add action=mark-connection chain=prerouting comment=Mark established traffic that isnt local with PCC mark rand (3 possibilities) option 1
connection-state=\
established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=\
both-addresses:3/0
add action=mark-connection chain=prerouting comment=Mark established traffic that isnt local with PCC mark rand (3 possibilities) option 2
connection-state=\
established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=\
both-addresses:3/1
add action=mark-connection chain=prerouting comment=Mark established traffic that isnt local with PCC mark rand (3 possibilities) option 3
connection-state=\
established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=\
both-addresses:3/2
add action=mark-connection chain=prerouting comment=Mark related traffic that isnt local with PCC mark rand (3 possibilities) option 1
connection-state=related \
disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=bothaddresses:3/0
add action=mark-connection chain=prerouting comment=Mark related traffic that isnt local with PCC mark rand (3 possibilities) option 2
connection-state=related \
disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=bothaddresses:3/1
add action=mark-connection chain=prerouting comment=Mark related traffic that isnt local with PCC mark rand (3 possibilities) option 3
connection-state=related \
disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=bothaddresses:3/2
add action=mark-routing chain=prerouting comment=Mark routing for PCC mark option 1 connection-mark=wan1_pcc_conn disabled=no newrouting-mark=wan1 passthrough=\
yes
add action=mark-routing chain=prerouting comment=Mark routing for PCC mark option 2 connection-mark=wan2_pcc_conn disabled=no newrouting-mark=wan2 passthrough=\
yes
add action=mark-routing chain=prerouting comment=Mark routing for PCC mark option 3 connection-mark=wan3_pcc_conn disabled=no newrouting-mark=wan3 passthrough=\
yes
after that all you need to do is make your 3 pppoe client conections coresponding to your wans, pppoe client cone3ctions with user and pass provided
from yout ISP, and in NATmake a masquerade in ip firewall nat click + to add net nat rule, Chain scrnat.than go to Action tab and select
masquerade that is all
this config is the config that I am using on a rb750, for 3 wans
Comment by Acidu January 6, 2012 @ 6:40 PM
Reply
39. Hi Sir,
What is the function of distance in routes?
Comment by Asad January 6, 2012 @ 8:34 PM
Reply
40. Hi, thanks for the great howto. I have a setup with 2 WANs and when I vpn to the router I can no longer ping or connect to the local addresses.
Local interface is: 192.168.0.0/24
VPN local address is: 10.0.1.100
VPN remote address is: 10.0.2.100
Before setting up the load balancing I was able to connect to 192.168.0.102 or 192.168.0.101.
Comment by quinametin January 18, 2012 @ 10:05 AM
Reply
Just create an address list (vpn subnet included) and on the mangle rules exclude them , e.g src-address-list=!pptpusers and dst-addresslist=!pptpusers
For more info, read comments in following article, few guiys made it worked with pcc.
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
13/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
http://aacable.wordpress.com/2011/06/04/mikrotik-4-wan-load-balance-pcc-complete-script-by-zaib/
Comment by Syed Jahanzaib / Pinochio~:) January 18, 2012 @ 10:38 AM
Reply
Ok, found it
I had to add to firewall -> nat a masquerade with the source 10.0.2.0/24
14/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
15/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Thank You
Comment by WASEEM AHMED February 1, 2012 @ 5:12 AM
Reply
48. hi
i have 16 mb pipe connected with 4 wan tplink load balancer , and load balancer connect with mikro tik OS installed on pc i configured dns, firewall, web
proxy correctly but my browsing speed is too slow. is in mikrotik there is place to mention wan link rate, means does mikro tik required the link rate in
Wan link. if yes then plzz tell me becoz i m watching all time my wan link in interface option it never rich to 16 mb infect it is not crossing 4 mb in all time
pick time non pick time guide me as soon as possible thxzzzzzzzzzzzzz
Comment by rehmat ali gulwating February 7, 2012 @ 3:50 AM
Reply
Slow browsing , hmmm there can be multiple issue, I told you earlier, make sure all of your client is using your mikrotik as there primary DNS
server,
secondly, using IDM , try to download 10-15 multiple files (Big downloads) and see if you can able to download from all links.
Comment by Syed Jahanzaib / Pinochio~:) February 7, 2012 @ 9:34 AM
Reply
49. DEAR.
YES I CAN USE 16 MB PIPE WITH IDM BUT 1 TROUBLE I FIND THAT WHEN I PING TO TPLINK IP 192.168.205.1 REPLY IN 1 OR 2 MS CONTINUE
SLY BUT WHEN I PING PTCL MODEM LAN IP (192.168.201.1 MODEM 1,192.168.202.1 MODEM 2, 192.168.203.1 MODEM 3,192.168.204.1 MODEM 4)
SOME TIME PING REPLY IN 6 TO 7 MS AND SOME TIMES REQUEST TIME OUT OCCURS I CHANGE LAN CARDS OF MIKROTIK BUT NOTHING
HAPPENED AND WHEN I CONNECT TPLINK LOADBALANCER DIRECT 2 WINDOWS PC PING REPLIES IN 1 MS AND ALL WORKED FINE.
THEN Y PING IS BREAKING WITH MIKROTIK PLEASE GUIDE ME AND SHOOT THIS TROUBLE WITH UR GOOD EXPERIENCE THANKING
YOU,
Comment by rehmat ali gulwating February 10, 2012 @ 3:15 AM
Reply
You probably have a bad network design topology.
Also check with your queueing section, Try to disable all Queues, and thenc heck the ping reply. If ping works fine after disabling the Queue, try the
following.
http://aacable.wordpress.com/2011/12/07/mikrotik-howto-give-ping-icmp-high-priority/
Comment by Syed Jahanzaib / Pinochio~:) February 10, 2012 @ 8:58 AM
Reply
50. my name habib
Comment by a February 10, 2012 @ 9:27 PM
Reply
51. are you on line in wordpress
Comment by a February 10, 2012 @ 9:28 PM
Reply
52. Hi,
Work fine, but both-addresses-and-ports per connection classifier creates problems (eg ftp client: passive ports are open on another WAN, so the ftp
server considers it as a security violation). I recommend an both addresses pcc configuration to avoid this.
Best regards
Comment by Alexandre Alouit February 13, 2012 @ 10:33 PM
Reply
Yes you are right, both address provides more reliable connections. But for some operators who demands more bandwidth rather then reliability,
both-addresses-and-ports gives overall better load balancing, but they face broken link issues.
Comment by Syed Jahanzaib / Pinochio~:) February 14, 2012 @ 8:48 AM
Reply
53. Salam,
this is rehmat, i trace problem in my network it is from client side. i means my clients have a lots of viruses, Trojans and spammers and their pcs use tcp
and udp ports to access wan.ports are 445,80,23 which i trace out i have problem with port 80 becoz its a browsing port (http) please send me rules or any
script to block viruses,Trojans and spammers completely. or any other guide to resolve this issue. thxxxxxxxxxxx
Comment by rehmat ali gulwating February 14, 2012 @ 2:51 AM
Reply
Monitor your network closely using monitoring tools like TORCH (built-in mikrotik tool)
and block all suspected ports.)
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
16/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
17/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Reply
59. dear sir
Syed Jahanzaib
sir main ne TWO wan ore ONE lan ka mikrotik server
banya hai jis ka scrpit ye hai.
((
/ip address
add address=192.168.5.1/24 network=192.168.5.0 broadcast=192.168.5.255 interface=LAN
add address=192.168.0.2/24 network=192.168.0.0 broadcast=192.168.0.255 interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=208.67.220.220,208.67.222.222
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.0.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection newconnection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection newconnection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
sir jab main internet
use karta hun tu mera server srif os wan ka interinet
use karta hai jis ki speed kam hoti hai jab k meri dosri
wan per speed kafi achi hoti hai
ek wan meri 3mbps ki hai ore dosri 4 mbps ki hai
kindly tell me a script jis se main in dono wan ko use
kar sekon yan phier asa ho in dono wan main se jis ki
speed zaida ho server os wan ko use karey kindly send
me a script jis se mera masla hal ho jaye
Comment by ali February 24, 2012 @ 9:50 PM
Reply
Your script seems fine.
Try playing with the distance value.
Comment by Syed Jahanzaib / Pinochio~:) February 25, 2012 @ 12:51 PM
Reply
yes i have licnes call me 03245001960 pta
Comment by noman March 1, 2012 @ 11:01 AM
Reply
60. jahanzaib bhai do u have some info that how can i get license of ISP from PTCL or PTA . and how much cost it have ??
Comment by SHAFQAT FARHAN February 25, 2012 @ 9:54 PM
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
18/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Reply
61. hi.. im using this script right now and i want to port forward (23156) from WAN1 to internet.. can u help me sir
Comment by nick March 5, 2012 @ 8:58 PM
Reply
62. sir meine aap ka dual wan configuration wala script use kia hai leikin mere aik wan se reply nahin aaraha
Comment by Yasir March 9, 2012 @ 9:04 PM
Reply
What is the impact you are getting because of this?
Check the DISTANCE VALUE.
Comment by Syed Jahanzaib / Pinochio~:) March 12, 2012 @ 9:04 AM
Reply
63. mein mikrotik ka os ver 3.3 use kerraha hoon
Comment by Yasir March 9, 2012 @ 9:09 PM
Reply
64. hello !
the difference with this scenario is that i have
modem 1 IP : 79.106.15.44 ( bridge with PPPoE connection with username and password) or it doesnt influence in the configuration
modem 2 IP : 79.106.15.45 ( bridge with PPPoE connection with username and password)
with gateway 79.106.14.1 or dynamic
LAN : 192.168.2.1/24
can you please help me with the configuration
regards
Comment by sidio March 12, 2012 @ 3:52 AM
Reply
65. salaam sir how are u
main pppoe server use kar rahaa hooo aap mjhe yeh batao ke dil up par kon se colore use hote hai main ne net ki waire se bjiliy gozarni hai plz tell me
Comment by musa March 19, 2012 @ 9:57 AM
Reply
66. hi,
this is Rehmat ali have to ask one thing is that i follow script given by u on this page ( http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-loadbalancing-using-pcc-method-complete-script-by-zaib/ ) .
problem is
only 1 wan is using internet named wan1 but 2nd wan named wan4 is not using similarly means with pcc method i m able to use both links in same
time? if yes then please solve this issue because it cant use both links in same time.
Wan1 route is shows as AS and in black color but Wan4 route is shows as S and in blue color.
i think problem is with ip route. reply me as soon as possible.
thanking you,
Comment by Rehmat Ali Gulwating March 20, 2012 @ 3:34 PM
Reply
67. Very Very Thanks Mr,Zaib With this script you changed my life
Comment by Haroon nimroozy March 29, 2012 @ 11:17 AM
Reply
68. Dear Bro, I m using MIKROTIK from last 2 years with these settings.
I have 4 WANS and 1 LAN. 1 wan 4Mbs, 2nd 4Mb, 3rd 6Mb and 4th is 2Mb. i splice the ip with differnet subnets and send traffic through routes. 1 group
ips gets 4 2nd group ip also 4 3rd group 6 mb and 4th group 2mb. and all users or on PPPOE.
But now i want to combine all traffic and then send it to 1 LAN. means 4 lans = 1 lan ,4+4+6+2=16 Mb. I contact many Mikrotik persons for this issue but
all in vain.
I am using RB750G 3.22v.
Need help..
Comment by Junaid April 1, 2012 @ 11:02 PM
Reply
A quick search on google can save you from posting queries
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
19/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
http://aacable.wordpress.com/2011/06/04/mikrotik-4-wan-load-balance-pcc-complete-script-by-zaib/
Comment by Syed Jahanzaib / Pinochio~:) April 2, 2012 @ 8:33 AM
Reply
Thanks a lot Brother..ill work on it then ill let u know if i faced any error..
Comment by Junaid April 4, 2012 @ 1:04 PM
69. Jahanzaib Bhai, i it Possible to have Load Balancer and Hotspot on same Machine?
Comment by Danish Jamil April 4, 2012 @ 11:42 PM
Reply
Yes its possible.
http://aacable.wordpress.com/2012/02/12/mikrotik-pcc-with-hotspot/
Comment by Syed Jahanzaib / Pinochio~:) April 5, 2012 @ 8:53 AM
Reply
70. Dear Syed,
How can we use the web proxy with your configuration (not on a box of course..)?
Comment by Alex Alouit (@alexalouit) April 8, 2012 @ 7:49 PM
Reply
You mean like the one showed here ???
http://aacable.wordpress.com/2011/12/29/howto-to-enable-mikrotik-routeros-web-proxy-in-transparent-mode/
Comment by Syed Jahanzaib / Pinochio~:) April 9, 2012 @ 8:34 AM
Reply
Yes,
unfortunately, for me it does not work.
The proxy works fine from outside (lan network), but the internal drift does not work.
My current config is:
nat
0 chain=srcnat action=masquerade src-address=192.168.2.0/24 out-interface=wan1
1 chain=srcnat action=masquerade src-address=192.168.2.0/24 out-interface=wan2
2 chain=dstnat action=redirect to-ports=3128 protocol=tcp src-address=192.168.2.0/24 dst-port=80
mangle
0 chain=input action=mark-connection new-connection-mark=WAN1_conn passthrough=yes in-interface=wan1
1 chain=input action=mark-connection new-connection-mark=WAN2_conn passthrough=yes in-interface=wan2
2 chain=output action=mark-routing new-routing-mark=to_WAN1 passthrough=yes connection-mark=WAN1_conn
3 chain=output action=mark-routing new-routing-mark=to_WAN2 passthrough=yes connection-mark=WAN2_conn
4 chain=prerouting action=accept dst-address=X.X.X.X/24 in-interface=lan
5 chain=prerouting action=accept dst-address=X.X.X.X/24 in-interface=lan
6 ;;; 80
chain=prerouting action=mark-connection new-connection-mark=WAN1_conn passthrough=yes protocol=tcp dst-address-type=!local ininterface=lan dst-port=80 per-connection-classifier=both-addresses-and-ports:2/0
7 chain=prerouting action=mark-connection new-connection-mark=WAN1_conn passthrough=yes dst-address-type=!local in-interface=lan perconnection-classifier=both-addresses:2/0
8 ;;; 80
chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes dst-address-type=!local in-interface=lan perconnection-classifier=both-addresses-and-ports:2/1
9 chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes dst-address-type=!local in-interface=lan perconnection-classifier=both-addresses:2/1
10 chain=prerouting action=mark-routing new-routing-mark=to_WAN1 passthrough=yes in-interface=lan connection-mark=WAN1_conn
11 chain=prerouting action=mark-routing new-routing-mark=to_WAN2 passthrough=yes in-interface=lan connection-mark=WAN2_conn
proxy
enabled: yes
src-address: 0.0.0.0
port: 3128
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-administrator: webmaster
max-cache-size: none
cache-on-disk: yes
max-client-connections: 600
max-server-connections: 600
max-fresh-time: 3d
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
20/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: primary-slave
The router runs on Router OS 5.14
Do you see that does not work?
Regards
Comment by Alex Alouit (@alexalouit) April 9, 2012 @ 8:25 PM
Error in copy/paste, my mangle config number 8 is:
chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes protocol=tcp dst-address-type=!local ininterface=lan dst-port=80 per-connection-classifier=both-addresses-and-ports:2/1
but it does affect my web proxy problem.
The problem I encounter is also valid to intercept DNS requests (cache dns transparent).
The firewall is it not challenged?
Comment by Alex Alouit (@alexalouit) April 10, 2012 @ 10:04 PM
use notepad +paste there and then copy from there and paste in new terminal
Comment by Acidu April 11, 2012 @ 1:08 AM
For the copy/paste error, I spoke about the comment, not the CLI configuration of the router..
Regards
Comment by Alex Alouit (@alexalouit) April 11, 2012 @ 5:43 PM
71. Dear Sir
I want to know these configuration also use with 750up router board ?
I want load balancing with 2 wan on 750up router board please help .
I also want load balancing using hotspot
Regards
Comment by faisalmirzapk April 8, 2012 @ 8:15 PM
Reply
The script posted in this article will work on any version of routerboard.
to use it with hotspot you should follow this.
http://aacable.wordpress.com/2012/02/12/mikrotik-pcc-with-hotspot/
Comment by Syed Jahanzaib / Pinochio~:) April 9, 2012 @ 8:33 AM
Reply
72. Dear Sir
plz help me mere pass RB750GL hai mey us pe 3 wan chalana chata ho with bondig (means merge all bandwidth ?) mere pass ye configuration hai.
4Mb = 1st DSL router address = 192.168.0.1 => ehter1 WAN
4Mb = 2nd DSL router address = 192.168.2.1 => ehter2 WAN
6Mb = 3rd DSL router address = 192.168.3.1 => ehter3 WAN
Bandwidth merge = 4Mb + 4Mb + 6Mb = 14Mbps
local network = 192.168.1.1 => ehter5
DHCP server on local network => ehter5
Bandwidth controlling in Kbps on specific IP (local address)
or kia interface ka name bhi change karna parey ga wo kese hoga ??? n plz help me step by step
mey ne apki batae hui script mey changes ki hai wo nichy hai is mey koi mistake hai ? or baqi complete script send karden
Thanks
/ip address
02 add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=Local
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
21/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Bandwith controlling
???????
THANKS
Regards
Ehtisham Ul Haq
Comment by Ehtisham Ul Haq April 11, 2012 @ 12:18 PM
Reply
change the lines from
18 add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection
new-connection-mark=WAN1_conn passthrough=yes
19 add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection
new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection newconnection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/2 action=mark-connection newconnection-mark=WAN3_conn passthrough=yes
TO below lines
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
22/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
TO below lines
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:3/0
action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:3/1
action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:3/2
action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
Comment by Syed Jahanzaib / Pinochio~:) April 11, 2012 @ 1:14 PM
Reply
thanks Sir plz send me also interface rename script and DHCP server
Comment by Ehtisham Ul Haq April 11, 2012 @ 1:47 PM
Dear Sir
this script is working in my case ??
ip dhcp-server> setup
Select interface to run DHCP server on
dhcp server interface: local
Select network for DHCP addresses
dhcp address space: 192.168.1.0/24
Select gateway for given network
gateway for dhcp network: 192.168.1.1
Select pool of ip addresses given out by DHCP server
addresses to give out: 192.168.1.25-192.168.1.254
Select DNS servers
dns servers: 192.168.1.1
Select lease time
lease time: 3d
Comment by Ehtisham Ul Haq April 11, 2012 @ 2:11 PM
73. Dear Bro. how can we use User Manager and manage users and their accounting on v3.3 with level4 license. if their some solution please tell me how can
i do it.
Comment by Junaid April 11, 2012 @ 4:49 PM
Reply
74. Hi, I have an address-list and want to force that all addresses in address-list ISP1 always goes to to WAN1, what should I do?
Comment by Ari April 26, 2012 @ 11:55 PM
Reply
Read This.
http://aacable.wordpress.com/2011/10/27/mikrotik-policy-routing-based-on-client-ip-address/
Comment by Syed Jahanzaib / Pinochio~:) April 27, 2012 @ 9:14 AM
Reply
75. Hello, have you ever noticed redirect problem with NAT? I have the latest version of RouterOS on ESXi 5.
I Cant use the redirect (eg web proxy transparent, or transparent DNS cache).
Comment by Alex Alouit (@alexalouit) April 27, 2012 @ 3:59 PM
Reply
Here is my configuration:
/ip firewall filter
add action=drop chain=input disabled=no dst-port=3128 in-interface=wan1 protocol=tcp
add action=drop chain=input disabled=no dst-port=3128 in-interface=wan2 protocol=tcp
/ip firewall mangle
add action=mark-connection chain=input disabled=no in-interface=wan1 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input disabled=no in-interface=wan2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=accept chain=prerouting disabled=no dst-address=0.0.0.0/24 in-interface=lan
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
23/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
24/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
25/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
26/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
27/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Hardware requirements are based on number of clients that will be accessing the network resources.
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
28/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Hardware requirements are based on number of clients that will be accessing the network resources.
For smaller network, RB450, RB450G would be enough.
For cache Server, if you have some know-how on Linux environment, then I will recommend you to go with SQUID proxy.
Search my blog or Google, and you will find many helpful resources regarding configuring mikrotik/squid.
Comment by Syed Jahanzaib / Pinochio~:) September 3, 2012 @ 8:44 AM
Reply
a.a
brother ma nay 4 wireless spot bany hn aur mikro tik dhcp use kar raha hn but jab ma hotspot use karta hn to mary 3 spot k andar any waly user thk
say login hoty han par 1 spot asa ha jahan par user login hoty hi logout ho jata ha agur ip binding bi karon tab bi un users k pass login page ata ha
problum ya ha k serprofile kam nahi karti but isi spot par default profile ko login karon to thk kam karti ha but sab users ko defalt profile to nahi day
sakta
kindly ap is ka hal jaldi batin
phaly bi ap ko comment kya tha ap shyad hamary comments ko nahi dakhty
kindly is bar ko positiv
e feedback din
cell no 0312-5741540
Comment by basaam September 12, 2012 @ 10:25 PM
Reply
without knowing technical specs, I cant comment.
Post your config here. or email me.
You can copy default profile and rename it as per requirements then make necessary changes.
Comment by Syed Jahanzaib / Pinochio~:) September 16, 2012 @ 12:58 PM
98. how does when i used internet soucer with DCHP?how?
Comment by budi September 18, 2012 @ 8:32 AM
Reply
99. Asalam o Alikum sir
mane 5 WAN ka load balancing banna ha kya ap mujhe source bana k mail kar sakty hain mera nam Zohaib Bin Khalid ha mane ek server banwaya tha
jis na bana k diya tha os na password nai btaya or na hi mujhe back up diya mera server dead para howa ha plzzzz help kar dain
mane 10 connection liya hain ptcl sa or sub k sub 10MB hain,,,,,,,,,,
lucky_boy_zohaib@yahoo.com
Zohaib Bin Khalid
Pakistan Lahore
Comment by Zohaib Bin Khalid October 2, 2012 @ 7:37 PM
Reply
100. I have used your PCC script , all is working fine with the PPPOE but when using hotspot its only sending traffic through 1 gateway . does not balance the
traffic like in PPPOE
Comment by Ferdi de Beer October 5, 2012 @ 7:09 PM
Reply
to test i open 2x CMD in windows. then i use tracert to google and facebook . In PPPOE it shows that one user 192.168.4.1 and other 192.168.2.1 but in
Hotspot only *.*.4.1
Comment by Ferdi de Beer October 5, 2012 @ 7:12 PM
Reply
101. how to change the per connection classifier if we have a dual wan with the first port off 93Mbps and the second 11Mbps with the same gateway
whats the best solution to solve this .
Comment by Agashi October 6, 2012 @ 7:25 PM
Reply
102. Hello, I setuped my L/B as exactly the way you showed us but im having Stream Issues, If I listen to youtube it always cut(stop)
I have 10mb on wan1 and 6mb on wan2..
Do you have any clue?
Comment by dbRenaud October 7, 2012 @ 8:49 AM
Reply
Try changing the classifier to src-addres
Comment by Syed Jahanzaib / Pinochio~:) October 7, 2012 @ 2:33 PM
Reply
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
29/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Thanks bro.but in that way i am not getting the merged speeds.Load is only on WAN1
Comment by usman January 12, 2013 @ 9:56 PM
103. Hello
i have NanoStation M5 /RB SXT+ RB750 G.
i connected both NM5 & SXT to two isp (pppoe). so i run dhcp server in this device.
in 750g i used dhcp client to have internet. but when i use 2 dhcp client i cannot use both of them at the same time. and only one of them useing.
how i can have both rb+nm5 internet in same time on 750g?
i used this way:http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
Comment by Karim October 7, 2012 @ 8:07 PM
Reply
104. Syed , could u tell me is there a way to this scenario :
WAN1 >>>>
Mikrotik > Users with subnet 10.0.1.1/24 get internet from wan1 and users from subnet 10.0.2.1/24 gets internet from wan2 on same interface
WAN2 >>>>
is this possible in anyway to do it.
Comment by agashi October 9, 2012 @ 1:40 AM
Reply
This will surely help you in getting some ideas . . .
http://aacable.wordpress.com/2011/10/27/mikrotik-policy-routing-based-on-client-ip-address/
Comment by Syed Jahanzaib / Pinochio~:) October 9, 2012 @ 4:28 PM
Reply
105. on everyway i doo , i get a issue with reaching radius vica versa .
because when i route the second trafic to another gw then i do a tracert on it i get this :
http://postimage.org/image/xyo4aitef/
ive tried on routing it , adding a vpn to the main mikrotik but always i cant reach radius
please can u help me on solving this .
Comment by agashi October 11, 2012 @ 2:18 PM
Reply
106. sir i have a mikritik load balncind pcc mathod used, but is not working . sir 1 line is working butt 2 line is not working.
i have used the mikrotik 3.30 . please solve my problem,sir i cal adeel ahmad but is not halpe me.
Comment by naveed October 31, 2012 @ 1:25 PM
Reply
107. your script works like a charm. but when use external proxy (squid) with pcc load balancing, its not working since pcc seems to maintain all connection
state between source and destination (both address & port). if i disable all pcc mangle rules, external proxy is wortking, http packets is redirected to
squid, but it use only 1 gateway. is there any way to use external squid proxy with pcc load balancing ?
Comment by lostbytes November 10, 2012 @ 9:31 AM
Reply
I havent tried this scenario. Usually I use separate RB for LB. This way things dont get complicated when it comes to troubleshoot any problem.
Comment by Syed Jahanzaib / Pinochio~:) November 12, 2012 @ 10:26 AM
Reply
ahhi see. thats an option too, use 1st RB to do LB, then 2nd RB for guest & external proxy management. thats a simple yet effective approach
(and also cheap considering RB prices today). but it will be nice on research side if we can do the one RB option. Thank you for your reply, i will
take your suggestion (apply 2 RB).
Comment by lostbytes November 12, 2012 @ 1:29 PM
108. I have two internet connection. One is PTCL (4 Mb) and other one is World Call (2mb). I want to USE RB 750GL for the load margin and Load balancing.
Can you please give complete script for that.
Comment by Waqar November 19, 2012 @ 12:37 PM
Reply
109. i am using 2 ISP for load balancing. I have facing problem when i run my FTP at that time my FTP didt connect. But when i swith off one line my ftv
works properly. How can i run the FTP on bouth lans.
Comment by Waqar November 27, 2012 @ 7:49 PM
Reply
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
30/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
You can exempt specific use or specific port from being processed by PCC.
http://aacable.wordpress.com/2012/04/14/howto-exempt-any-user-website-from-mikrotik-pcc/
Comment by Syed Jahanzaib / Pinochio~:) November 28, 2012 @ 10:15 AM
Reply
110. Dear Sir
I have 4 WAN pppoe client and one Local using RB450G, how can I marege and bond all those 4 PPPoE Clients if my ISP doesnt support MLPPP .
what should I do to merge all links ? any script ?
Please Mr. Syed I need your help.
Thanks.
Comment by esalehnet November 28, 2012 @ 8:30 PM
Reply
111. Hi Sir,
I have 4wan pppoe client and 1 local network, hot to merge all those pppoe client if my ISP doesnt support MLPPP ? any script ?
what should I do in this case ?
I need your help.
Thank you very much.
Comment by esalehnet November 28, 2012 @ 9:04 PM
Reply
try the below link.
http://mikrotikz.blogspot.com/2010/07/load-balance-mikrotik-with-pcc-using.html
Comment by Syed Jahanzaib / Pinochio~:) November 29, 2012 @ 3:15 PM
Reply
that load balancing and not merge my connection in one single link when I download one single file, didnt give me speed for all 4 WAN interfaces
at once.
I tried to put another mikrotik Routerboard by making 4 interfaces work as on single bonding using Balance rr method.
what is the best method should I use to get merge these 4 interfaces, so when I start download a file , Ill get speed the total speeds for those 4
nterfaces connection?
Comment by esalehnet December 7, 2012 @ 8:41 PM
112. i am using 2 ISP for load balancing. I have facing problem when i run my FTP at that time my FTP didt connect. But when i swith off one line my ftv
works properly. How can i run the FTP on both Lans, I try your script. But i still i have problem . can u explain it more for me
Comment by Waqar November 29, 2012 @ 7:03 PM
Reply
Wich Is the Best Methord Pcc Or Nth ?
Comment by usma December 9, 2012 @ 12:45 AM
Reply
113. i have Question about Mikrotik Loadbalancing
First if i have Two Wan 2Mb/s , with this method My Download Speed Increase to 4Mb/s ? (Download 1 file with 4 Mb/s )
Another Question : i Think if i Established PPTP Vpn Connection on my Client PC it just Use one WAN , But if i Established PPTP on my Mikrotik i think
it use 4Mb/s Tunnel and Direct Two WAN to Tunnel . is it Correct ? if yes can help me how can i Established PPTP Client on My Mikrotik and Direct 2
Wan on That tunnel ? ( i have 4Mb/s Tunnel )
Regards .
Comment by Mehran December 9, 2012 @ 2:13 PM
Reply
114. salaM mere Pas mikrotek hotspot connection hemgr porblem ye he her baar login hona parta hekia koi aisa method nai jis se auto login mumkin ho
sake.
Comment by raheel December 12, 2012 @ 1:43 PM
Reply
Yes you can resister user mac and bypass authentication for specific users.
Howto Bypass authentication for Few Clients
This bypasses the hotspot by mac address.
/ip hotspot ip-binding add mac-address=xx:xx:xx:xx:xx:xx type=bypassed
(change xx:xx:xx:xx:xx:xx with your users mac address. You can also use the ip address to bypass.
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
31/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
32/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/2 action=mark-connection newconnection-mark=WAN1_conn passthrough=yes
Comment by warren December 14, 2012 @ 10:51 PM
Reply
Hi Warren,
I am using 2 ISP with PCC method. But i am facing a problem with the FTP. When i try to upload through Filezilla my connect disconnect when both
wan are working. But when i disable the one Wan i ma able to do a upload. Can you pleaes tell me how can i make my FTP working with both lan. Or
how can i exempt the IP from PCC rule.
Comment by waqar December 15, 2012 @ 8:38 PM
Reply
Define your network topology in detail.
If users are hitting directly to PCC , then you can use src-address as classifier as this way change of WAN ip wont occur for the user , for the
session he initially build with pcc. he will always be bound with the WAN that he initially connected to.
Or you can also exclude some Users ip / Traffic from being processed by pcc, means you can bypass certain traffic from being processed by the
PCC, and this tagged tarffic will go via specific WAN only,
http://aacable.wordpress.com/2012/04/14/howto-exempt-any-user-website-from-mikrotik-pcc/
Comment by Syed Jahanzaib / Pinochio~:) December 16, 2012 @ 10:24 AM
118. Here is my new config but no change
WAN1 = 384kb LS
WAN2 = 6Mb ADSL
/ip address
add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=Local
add address=192.168.11.2/24 network=192.168.11.0 broadcast=192.168.11.255 interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.11.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection newconnection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection newconnection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.11.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.11.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection newconnection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection newconnection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/2 action=mark-connection newconnection-mark=WAN2_conn passthrough=yes
Comment by Warren December 16, 2012 @ 9:06 PM
Reply
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
33/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
34/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
/ip address
add address=192.168.1.1/24 disabled=no interface=ether2 network=192.168.1.0
add address=1.1.1.2/24 disabled=no interface=ether3 network=1.1.1.0
add address=2.2.2.2/24 disabled=no interface=ether4 network=2.2.2.0
PCC load balance with marking http connection:
/ip firewall mangle
add action=mark-connection chain=forward disabled=no dst-port=80 new-connection-mark=http_conn passthrough=yes protocol=tcp srcaddress=192.168.1.0/24
add action=mark-packet chain=forward connection-mark=http_conn disabled=no dst-port=80 new-packet-mark=http passthrough=no protocol=tcp srcaddress=192.168.1.0/24
add action=accept chain=prerouting comment=ether3 disabled=no dst-address=1.1.1.0/24 in-interface=ether2
add action=accept chain=prerouting comment=ether4 disabled=no dst-address=2.2.2.0/24 in-interface=ether2
add action=mark-connection chain=prerouting comment=ether3_conn connection-mark=no-mark disabled=no in-interface=ether3 new-connectionmark=ether3_conn passthrough=yes
add action=mark-connection chain=prerouting comment=ether4_conn connection-mark=no-mark disabled=no in-interface=ether4 new-connectionmark=ether4_conn passthrough=yes
add action=mark-connection chain=prerouting comment=ether3_conn connection-mark=no-mark disabled=no dst-address-type=!local in-interface=ether2
new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-connection chain=prerouting comment=ether4_conn connection-mark=no-mark disabled=no dst-address-type=!local in-interface=ether2
new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-routing chain=prerouting comment=ether3_packet mark connection-mark=ether3_conn disabled=no in-interface=ether2 new-routingmark=to_ether3 passthrough=yes
add action=mark-routing chain=prerouting comment=ether4_packet mark connection-mark=ether4_conn disabled=no in-interface=ether2 new-routingmark=to_ether4 passthrough=yes
add action=mark-routing chain=output comment=ether3_packet mark connection-mark=ether3_conn disabled=no new-routing-mark=to_ether3
passthrough=yes
add action=mark-routing chain=output comment=ether4_packet mark connection-mark=ether4_conn disabled=no new-routing-mark=to_ether4
passthrough=yes
/ip firewall nat
add action=accept chain=srcnat disabled=no dst-port=80 out-interface=ether3 protocol=tcp
add action=masquerade chain=srcnat disabled=no out-interface=ether3
add action=masquerade chain=srcnat disabled=no out-interface=ether4
/ip route
add check-gateway=ping comment=Load balance_ether3 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1 routing-mark=to_ether3
scope=30 target-scope=10
add check-gateway=ping comment=Load balance_ether4 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=2.2.2.1 routing-mark=to_ether4
scope=30 target-scope=10
add check-gateway=ping comment=Load balance_ether3 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1 scope=30 target-scope=10
add check-gateway=ping comment=Load balance_ether4 disabled=no distance=2 dst-address=0.0.0.0/0 gateway=2.2.2.1 scope=30 target-scope=10
/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both disabled=no interface=all limit-at=0/0 max-limit=17M/42M name=HTTP Queue
packet-marks=http parent=none priority=8 queue=ethernet-default/ethernet-default target-addresses= total-queue=default-small
Comment by Fiber Net February 17, 2013 @ 3:14 PM
Reply
123. sorry edit :
ether2: my local lan
ether3: my WAN2 (25M up / 50M down)
ether4: my WAN1 (8M up / 8M down)
Comment by Fiber Net February 17, 2013 @ 3:26 PM
Reply
124. i have rb 1100
. ether 1: pppoe client ,local
ether 2: pppoe client ,local
ether 3: pppoe client ,local
ether 4: pppoe client ,local
ether 5: pppoe client ,local
ether 6: pppoe client ,local
all ether 1,2,3,4,5,6 have the same network 192.168.1.0 with DHCP 192.168.1.1/192.168.1.254
and i wont the output hotspot
Comment by absal February 18, 2013 @ 11:52 PM
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
35/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Reply
125. Asslam o Alaikum sir i am using rb 750 for loadbalcing in which 2 mb 4 mb 4mb connection used after dat os on syatem usinf pppoe net share bt ther is a
problem that i used skype dafual speed gives me error ur net speed is slow give me solution plz
Comment by waqar February 26, 2013 @ 6:47 PM
Reply
126. Can the setup work for me.
I have to ISP, one is USM(ppp-client USB dongle) and the other one is with a router to mikrotik thru ether1.
My Lan is on port 3 (hotspot-193.168.30.1/24),
ether2 (10.11.6.1/24) and wlan1(192.168.2.1/24).
I want a situation where the ppp-client USB will be my primary ISP (WAN1) and My secondary ISP will be from (ether1).
How will my settings or configuration be so that if primary isp is down, the secodnary will come up and if primary comes up, it switches over to it.
Comment by sapanda March 5, 2013 @ 4:41 PM
Reply
You can setup netwatch to monitor wan connectivity usnig your specific primary interface, so when it stops receive response from google for
example, then it should switch over to secondary ISP.
Comment by Syed Jahanzaib / Pinochio~:) March 6, 2013 @ 7:55 PM
Reply
127. hello,
i want to limit users internet bandwidth but i am having problem with internal connection. the internal bandwidth is also limited and it is affecting VOIP
on the network. how can i solve this issue.
thank you. i love your post and am a huge fan of yours
Comment by Rene March 5, 2013 @ 8:32 PM
Reply
Its depend on the scenario.
Are you running HOTSPOT ?
Comment by Syed Jahanzaib / Pinochio~:) March 6, 2013 @ 8:53 AM
Reply
Yes. am running hotspot on the network
Comment by Rene March 8, 2013 @ 4:07 PM
HOTSPOT users cant communicate with each other on LAN or PROXY-ARP issue
If you face hotspot broadcast issue / arp-poisoning , problem, Remove the address pool from the Hotspot to turn off Universal NAT,
/ip hotspot set address-pool=none
OR
/ip hotspot set numbers=hotspot1 address-pool=none
OR
/ip firewall nat add chain=pre-hotspot dst-address-type=!local hotspot=auth action=accept
Comment by Syed Jahanzaib / Pinochio~:) March 10, 2013 @ 7:14 PM
the trixbox server is in the network. i want a situation where users would not be limited to the bandwidth given to them to access anything on the
LAN. i already added the IP address of the sip server to bind and bypassed it; but its still slow and something jerky calls.
Comment by Rene March 11, 2013 @ 12:58 AM
128. Kindly describe this issue
I am using ppc load balancing
When I use torch tool I see this
Dst. Vlan Tx Rate Rx Rate Tx Packeg
0.0.0.0 143.2Kbps 3.5Mbps 219
Comment by Ehtisham March 8, 2013 @ 1:28 AM
Reply
tx means mikrotik is transmitting traffic to requesting target. Usually UPLOAD traffic
rx means mikrotik is receiving traffic from the source. Usually Internet
Comment by Syed Jahanzaib / Pinochio~:) March 10, 2013 @ 7:16 PM
Reply
Thanks Bhai
Comment by Ehtisham March 31, 2013 @ 1:56 AM
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
36/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
129. is it possible to achieve the config through winbox? i have 2 adsl connections 15/1Mbps each one and i like to get them on my mikrotik 750 to get higher
throughput and redundancy in case of one link fails. they are different ISPs and i can turn its modems in bridge mode.
i have one network 192.168.190.0/24
Comment by aris March 11, 2013 @ 7:02 PM
Reply
Yes you can configure mikrotik with PCC using WINBOX, in fact it will be musch easier if you use winbox because of GUI
Comment by Syed Jahanzaib / Pinochio~:) March 12, 2013 @ 8:59 AM
Reply
Is there any howto for the gui?
Comment by aris March 12, 2013 @ 12:39 PM
No. but search on google there are few guides in GUI too.
Comment by Syed Jahanzaib / Pinochio~:) March 13, 2013 @ 9:55 AM
130. AoA,
I need to know how to setup 2 adsl lines that traffic that coming to me(inbound) should be load balanced like web server hosted at my home does it work
with mikrotik or dns load balancing will be required?
Comment by gmsq March 24, 2013 @ 6:31 PM
Reply
131. hi
thanks for script
i use this script for 2 links 1 adsl (2m) and 1 wireless internet link (2m)
load balancing work well and combine 2 link ==>4m download but fail over not work correctly
so test this i disconnect modem telephone cable and internet disconnected because ping rule only check next hop of internet link and not understand
internet link is down
i try resolved this problem with tool/netwatch and check 8.8.8.8 but not success
can you help for improve fail over method with load balancing
tanks a lot
Comment by saeed April 6, 2013 @ 8:45 PM
Reply
132. Aslam O Alikum Syed Jahanzaib
I am Tanveer ul isalm from Saudi Arabia, I just configure PPPoe and it working fine, but i have tow WAN connection. How i cam make only fail over. i
no need loadbalance. please help me urgent or i want to monitor two wan IP ( yahoo or google), if it will not ping then it will shif to other gateway. if you
can help in gui mode. Thanks in Advance.
Regards,
Tanveer
Comment by Tanveer ul islam April 10, 2013 @ 7:50 PM
Reply
Read below . . .
http://aacable.wordpress.com/2013/04/12/mikrotik-multiple-wan-fail-over-scripts/
Comment by Syed Jahanzaib / Pinochio~:) April 12, 2013 @ 4:16 PM
Reply
133. What do I Need to Change to have 4 LAN Interfaces with different Networks in your script?
Do I Need to add These additional LAN ports simply to the following lines and thts it or do I Need to Change more?
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=Local
Comment by Dirk May 6, 2013 @ 6:55 PM
Reply
134. i have 2 ISP primary is 192.168.10.10/24 connected to port ether 1 secondary is 10.10.10.10/24 connected on port ether 2 and LAN is 172.16.0.1/16
connected on port ether3. please kindly provide me the dual ISP fail-over scripts.
Comment by Naveed May 12, 2013 @ 3:00 PM
Reply
sorry didnt mention RB 1100AHx2
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
37/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
38/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Reply
139. Hello Syed,
Below find config related to Mikrotik RB750G router, running 6.0rc9.
I am trying to configure ISP redundancy in load-balancing mode through a PCC article.
I have three connected interfaces, LAN, WAN and WAN2. The Primary and secondary WAN connections have different speed.
Issue is that after configuring the router, I get no traffic on one of the firewall>mangle prerouting chain rules (for WAN). The same applies when I disable
the secondary interface (WAN2) there is no automatic changeover to the primary interface.
Some observations Ive noted through WebFig are the following:
Interface>Interface Ok, Traffic being Transmitted and Received on all three interfaces
Interface>Ethernet Ok, Traffic being Transmitted and Received on all three interfaces
DNS Four set, two for one ISP and two for the other ISP
Firewall>NAT seems ok, traffic being transmitted and received on all interfaces
Firewall>Mangle there seems to be an issue here since there is no packets (counter still at 0), are flowing for primary ISP network addresses.
Rule is as follows:
/ip firewall mangle
Add chain=prerouting dst-address=XXXX action=accept in-interface=LAN
Note that all seems ok with the remaining prerouting (mark connection and mark routing) rules, since traffic is flowing. This includes the prerouting rule
for the other WAN link.
Routes>Primary ISP Gateway is unreachable for static routes
Routes>Nexthops
Primary and secondary gateways are reachable for both nexthops
Below I am including extracts of the config.
(Please note that IP addresses/MAC Addresses have been left out and replaced with Text).
Should you require further info please let me know
[admin@MikroTik] /interface> print
Flags: D dynamic, X disabled, R running, S slave
# NAME TYPE MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R WAN ether 1500 1520 1520
1 R LAN ether 1500 1520 1520
2 R WAN2 ether 1500 1520 1520
3 XS ether4-slave-local ether 1500 1520 1520
4 XS ether5-slave-local ether 1500 1520 1520
39/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
40/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
Reply
144. we are using 3 WAN connection, i study ur documents which helps a lot, internet is working fine but the problem is that when i use web email or remote
desktop from outside network (abroad) its drops after some time, can you please guide me how to fix this issue.
Comment by Friends October 10, 2013 @ 1:06 PM
Reply
145. but what if i do this in ip routes ??
what is the diffrance between the picture and between ur route role ??
or
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
Comment by qassam mahmoud October 18, 2013 @ 10:32 PM
Reply
146. Bhai,
Assalamu Alaikum Wa Rahmatullah. I am Kawsar from Bangladesh. I just configured your given 2XWan Script on My Mikrotik 450G and put two
modem (1XWimax-2MB Line+1XADSL-512 Kbps). Every script is okey. But my system is not working. I am not clear which DNS should I use and also is
there any necessity to put up real IP which has given by two ISP (1 from Wimax and 1 from ADSL)? I didnt put that. Here I am giving the whole script
which I have given to my Mikrotik. If you see and help me. I will be grateful.
Please have a look with my used script.
/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection newconnection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection newconnection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
Thanks
Kawsar
+8801711865172
mdsekawsar@gmail.com
Comment by Md Sarwar E Kawsar November 4, 2013 @ 10:24 PM
Reply
147. Hi Sir
I have 2 Dynamic IP Addresses (dsl) lines. I am using Afraid.org auto dns updater the system is load balancing setup. It seems to be working fine,
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
41/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
I have 2 Dynamic IP Addresses (dsl) lines. I am using Afraid.org auto dns updater the system is load balancing setup. It seems to be working fine,
untill both dynamic ip addresses change on the wan 1 and wan 2.. is there a script that can force my IP updater to go only through wan 1, or through
wan 2 which I can select myself?. It somehow seems to affect my voip system as well now i have to reboot my voip server everytime the IP changes
as well
Kind regards
Comment by jackalt007Nizam November 7, 2013 @ 2:46 AM
Reply
Oh yes. Using RB750
Comment by jackalt007Nizam November 7, 2013 @ 12:33 PM
Reply
148. sir ,
jab main yeh 2 wan lod balniceing karta ho to interface main rx errors ata ha plz reply
Comment by shshid November 8, 2013 @ 11:34 AM
Reply
149. [] http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-s… []
Pingback by Link to mikrotik Multiwan | Plovelogs Weblog November 12, 2013 @ 10:45 PM
Reply
150. why do u use
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local
I mean 192.168.1.0/24 and 192.168.2.0/24. Because this is WAN network. This is not my property. This is service providers network.
Please explain me.
Thanks in advance.
Comment by myfahimFahim Ahmed November 19, 2013 @ 3:15 PM
Reply
Thanks Dear,
I just update my wimax modem local IP as 192.168.1.0/24 and 192.168.2.0/24. Thats why I used those twice IP as well. One thing let me describe you.
When I just start the two wimax modem at a time just WAN1 modem is using. If I make disable WAN1 then WAN2 is automatically starts its duty.
Means this time WAN2 is working. At a time both is not working. I would like to get both modems data means (WAN1-2MB and WAN2-2MB=Local4MB). Is it possible to get 4 MB download speed at a time by the said two wimax modem?
Thanks
Kawsar
mdsekawsar@gmail.com
+8801711865172
Comment by Md Sarwar E Kawsar November 20, 2013 @ 10:36 PM
Reply
I have configured my router another way. In my LAN, I have devided my network into two (e.g. 10.10.10.0/25 and 10.10.10.128/25). The first
subnet is going twards WAN1 and second subnet going twards WAN2. It is working fine. But I want something which will work dynamically. I
dont wanna define subnet. I dont wanna select user to go to some specific WAN.
Comment by Fahim November 25, 2013 @ 8:02 AM
151. Dear I have purchased a mikrotik rb750 . and I want you to configure it for me. with hotspot login page. how much will u charge for it. plz contact me @
0333-6107719 or send me email at m.arfanzahid@yahoo.com
Comment by Arfan November 23, 2013 @ 2:19 PM
Reply
152. Hello,
I have two Fiber Optic links with /29 IP subnet and gateway IP is on ISP hardware(so I can only use 5 public IPs from each link) , how can I configure
Loadbalancer to fit my scenario???.I have tried the script but it force traffic only to one link the second not working or when I disconnect the first one its
start to force to second one.
Thank you in advance
Comment by Mojitos_82 December 12, 2013 @ 4:02 AM
Reply
It depends on how your mikrotik box is configured with other services. If only one link is in used, probably something in config is configured
incorrectly.
Once PCC script cannot fit in all environment, for example, if you have PCC with PPPoE server in box, or PCC with HOTSPOT, or simple PCC as a
gateway, settings are different for each scenario.
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
42/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
43/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
163.
how it can possible rb 750 combine two or more network
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
44/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
45/46
8/10/2014
Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB | Syed Jahanzaib Personnel Blog to Share Knowledge !
http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/
46/46