MikroTik Load Balance with PCC on RouterOS v7 – GNS3

MikroTik Load Balance dengan PCC (Per-Connection Classifier) pada RouterOS v7 – GNS3

  • Versi MikroTik yang digunakan RouterOS v7.15
  • Menggunakan 2 ISP (ISP-1 = 30 Mbps dan ISP-2 = 20 Mbps)
  • Ether1 > ISP-1 : 110.10.10.2/24 > Gateway: 110.10.10.1
  • Ether2 > ISP-2 : 120.20.20.2/24 > Gateway: 120.20.20.1
  • Ether3 > LAN : 192.168.20.1/24

  • Setting IP Address
  • IP > Addressess
/ip address
add address=110.10.10.2/24 interface=ether1 network=110.10.10.0
add address=120.20.20.2/24 interface=ether2 network=120.20.20.0
add address=192.168.20.1/24 interface=ether3 network=192.168.20.0
  • Setting Routing Table
  • Routing > Tables
/routing table
add disabled=no fib name=wan1
add disabled=no fib name=wan2
  • Setting Firewall NAT
  • IP > Firewall > NAT
/ip firewall nat
add action=masquerade chain=srcnat connection-mark=con-wan1 out-interface=ether1
add action=masquerade chain=srcnat connection-mark=con-wan2 out-interface=ether2
  • Setting Firewall Mangle (Bypass LAN)
  • IP > Firewall > Mangle
/ip firewall mangle
add action=accept chain=prerouting dst-address=192.168.20.0/24 src-address=192.168.20.0/24
  • Setting Firewall Mange (Routing PCC)
  • IP > Firewall > Mangle
/ip firewall mangle
add action=mark-connection chain=input in-interface=ether1 new-connection-mark=con-wan1 passthrough=yes
add action=mark-connection chain=input in-interface=ether2 new-connection-mark=con-wan2 passthrough=yes

add action=mark-connection chain=prerouting in-interface=ether3 new-connection-mark=con-wan1 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting in-interface=ether3 new-connection-mark=con-wan2 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1

add action=mark-routing chain=prerouting connection-mark=con-wan1 in-interface=ether3 new-routing-mark=wan1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=con-wan2 in-interface=ether3 new-routing-mark=wan2 passthrough=yes
  • Setting IP Route Gateway dan Failover
  • IP > Routes
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=110.10.10.1 routing-table=wan1
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=120.20.20.1 routing-table=wan2
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=110.10.10.1 routing-table=main
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=120.20.20.1 routing-table=main

Pengujian

  • Testing speedtest network
  • Metode PCC:
  • both addresses dan src address = jika ada 2 user yang aktif dan 2 wan, maka masing-masing user akan di arahkan ke wan yang berbeda/terpisah. jika ada 1 user yang aktif maka hanya di arahkan ke salah satu wan saja.
  • both addresses and port, src address and port dan both port = jika ada 2 user yang aktif dan 2 wan, maka masing-masing user akan diarahkan ke semua wan. jika hanya ada 1 user yang aktif maka tetap akan diarahkan ke semua wan.
  • dst address, dst address and port dan dst port = jika ada 2 user yang aktif dan 2 wan, maka masing-masing user hanya akan di arahkan ke salah satu wan yang sama. jika hanya ada 1 user yang aktif maka tetap akan di arahkan ke salah satu wan saja.

herdiana3389

A system administrator with skills in system administration, virtualization, linux, windows, networking, cloud computing, container, etc.