Documente Academic
Documente Profesional
Documente Cultură
Following is a complete script for Mikrotik to combine/load balance two DSL lines. In this example I used
In my personnel experience , If users request are directly hitting Mikrotik configured with PCC , then you
will get good load balancing. Use src-address as classifier, this way you will get rid of problems like
https/broken link, streaming issues etc. Load balancing using this PCCtechnique (src-address) will be
effective and balanced approach when more and more connections (from clients) that occurred. I also
recommend to use SQUID proxy server along with mikrotik , either parallel or in front or backend , for
better response time and it will also increase good browsing experience to users.
If somehow you are not satisfied with the src-address approach,play with the PCC-Classifier, then Try both
addresses and ports as the classifier. While this will randomize things the most and in theory give you the
most fair allocation of bandwidth, BUT there is also a good chance that it will break certain things like
banking web sites and some forums. This is because often times a HTTP requests will generate several
connections, so there is a chance that some requests may go out a different route than the initial one, and
that will break secure web sites. For that reason I usually stick with src-address for PCC load balancing.
Regard’s
Syed Jahanzaib
1 /ip address
2 add address=192.168.0.1/24 network=192.168.0.0
3 broadcast=192.168.0.255 interface=Local
add address=192.168.1.2/24 network=192.168.1.0
4 broadcast=192.168.1.255 interface=WAN1
5 add address=192.168.2.2/24 network=192.168.2.0
6 broadcast=192.168.2.255 interface=WAN2
7 /ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-
8 size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8
/ip firewall mangle
9 add chain=input in-interface=WAN1 action=mark-connection new-
10connection-mark=WAN1_conn
11add chain=input in-interface=WAN2 action=mark-connection new-
12connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-
13routing-mark=to_WAN1
14add chain=output connection-mark=WAN2_conn action=mark-routing new-
15routing-mark=to_WAN2
16add chain=prerouting dst-address=192.168.1.0/24 action=accept in-
17interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-
18interface=Local
19add chain=prerouting dst-address-type=!local in-interface=Local per-
20connection-classifier=both-addresses-and-ports:2/0 action=mark-
21connection new-connection-mark=WAN1_conn passthrough=yes
22add chain=prerouting dst-address-type=!local in-interface=Local per-
connection-classifier=both-addresses-and-ports:2/1 action=mark-
23connection new-connection-mark=WAN2_conn passthrough=yes
24add chain=prerouting connection-mark=WAN1_conn in-interface=Local
25action=mark-routing new-routing-mark=to_WAN1
26add chain=prerouting connection-mark=WAN2_conn in-interface=Local
action=mark-routing new-routing-mark=to_WAN2
27/ip route
28add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1
29check-gateway=ping
30add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2
31check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-
32gateway=ping
33add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-
gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
All Done ! Now Test the link by putting user load, the more multiple users load you put on it, the better