Mikrotik DUAL WAN Load Balancing Using PCC Method

(1)

Syed Jahanzaib Personnel Blog to Share Knowledge !

July 27, 2011

Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB

Filed under: Mikrotik Related — Tags: dsl, dual wan load balance, load balance, mikrotik, pcc — Syed Jahanzaib / Pinochio~:) @ 10:16 AM

i 45 Votes

Mikrotik DUAL WAN Load Balancing using PCC method. Complete Script ! by zaiB

Following is a complete script for Mikrotik to combine/load balance two DSL lines. In this example I used MikrotikT RB750 5 ports router. 2 ports were connected with two difference DSL Routers,

and 3rd port was connected with User LAN. Both DSL are of same speed , i.e 10Mb each. DSL MODEM IP’S

DSL MODEM 1 = 192.168.1.1 DSL MODEM 2 = 192.168.2.1

Also don’t forget to rename the interface names accordingly.

In my personnel experience , If users request are directly hitting Mikrotik configured with PCC , then you will get good load balancing. Use src-address as classifier, this way you will get rid of problems like https/broken link, streaming issues etc. Load balancing using this PCC technique (src-address) will be effective and balanced approach when more and more connections (from clients) that occurred. I also recommend to use SQUID proxy server along with mikrotik , either parallel or in front or backend , for better response time and it will also increase good browsing experience to users.

If somehow you are not satisfied with the src-address approach,play with the PCC-Classifier, then Try both addresses and ports as the classifier. While this will randomize things the most and in theory give you the most fair allocation of bandwidth, BUT there is also a good chance that it will break certain things like banking web sites and some forums. This is because often times a HTTP requests will generate several connections, so there is a chance that some requests may go out a different route than the initial one, and that will break secure web sites. For that reason I usually stick with src-address for PCC load balancing. Regard’s Syed Jahanzaib 1 2 3 4 5 6 7 8 9 10 11 12 13 /ip address

add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1 add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2

/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8 /ip firewall mangle

add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1 add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2

(2)

All Done ! Now Test the link by putting user load, the more multiple users load you put on it, the better Load Balance result you will get

PCC WITH UN-EQUAL WAN LINKS

If you have Un-Equal WAN Links, for example WAN,1 is of 4MB and WAN,2 is of 8 Mb, and you want to force MT to use WAN42link more then other because of its capacity, Then you have to Add more PCC rules assigning the same two marks to a specific link i.e WAN2 , something like

Code:

PCC WITH HOTSPOT (Reference)

٩(●̮̮̃̃•)۶ ZaiB ٩(●̮̮̃̃•)۶

Comments (317)

317 Comments »

1. hi

plz contact me…..

and tell me where you live…… am Shahzad form pakistan/multan my phone number # 0092312-6460823

Comment by shahzad — July 31, 2011 @ 5:42 AM 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33

add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local

add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1

add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2 /ip route

add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping

add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping /ip firewall nat

add chain=srcnat out-interface=WAN1 action=masquerade add chain=srcnat out-interface=WAN2 action=masquerade

1 2 3

add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/2 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes

1 /ip firewall nat add action=accept chain=pre-hotspot disabled=no dst-address-type=!local hotspot=auth

(3)

Reply

You can contact me at my email address. aacable [at] hotmail.com / 0092333.xxxxxxx

Comment by Pinochio / zaib — July 31, 2011 @ 6:05 AM Reply

Dear, how can you make the router make load balancing on tow interfaces i will use one for my hotspote and the other for my internal LAN Comment by mtaherhassanin — December 27, 2012 @ 9:59 AM

Describe in details.

Comment by Syed Jahanzaib / Pinochio~:) — December 27, 2012 @ 3:06 PM

I Have RB 750GL with 5 Ports i will use 3 Ports for WANs DSL Routers , the rest 2 Ports i will Use them 1 For my LAN and 1 For My HotSpot Bullet. i Used your Script from the Above as the followng

/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=41.128.225.225,41.128.225.226,163.121.128.135

/ip firewall mangle

add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1 add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2 add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local——– This for my Lan add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=Local

add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local2———— this for my Hotspot add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=Local2

add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes

add chain=prerouting dst-address-type=!local in-interface=Local2 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes

add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1 add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2 /ip route

add chain=srcnat out-interface=WAN1 action=masquerade add chain=srcnat out-interface=WAN2 action=masquerade

/ip firewall nat add action=accept chain=pre-hotspot disabled=no dst-address-type=!local hotspot=auth but i belive that my hot spot Not Acting well

Comment by mtaherhassanin — December 30, 2012 @ 5:20 AM Hello Dear

Well i have a Question in RB 750 Mikrotik

Local Interface Pluged To ISA Server Local2 Pluged To Hotspot System I am Behind the ISA Server

how can i mange to make the PING to the Hotspot system succeded Local 192.168.88.0/24

(4)

Comment by mtaherhassanin — December 31, 2012 @ 10:29 AM Dear sir can it possible on 3g modem? EVO PTCL

Comment by Rana Aamir — July 20, 2012 @ 9:35 PM Reply

Plz help me with a scrip for a b750 3 adsl 4mb wan 192.168.2.1 dns 196.7..7.7 192.168.3.1 192.168.4.1 lan 192.168.7.1 hotspot 192.168.8.1 thanks ben

Comment by Ben Heydenrych — June 29, 2013 @ 10:06 PM Reply

2. How can i achieve load balancing with these typr of setup. 2 wan and 1 hotspot LAN.

normal web/light browsing traffic should be directed to WAN1 while heavy and other traffic should go to WAN 2. Comment by Collins — August 1, 2011 @ 3:26 PM

Reply

You have to do policy base load balancing.

or you can mark packets for specific traffic and route it to your desired WAN link. Comment by Pinochio / zaib — August 4, 2011 @ 6:03 AM

Reply

3. i am also enabled proxy because WAN1 is billing me based on volume of data i use. Comment by Collins — August 1, 2011 @ 4:01 PM

Reply

4. hello sir i am aman can you help me how mikrotik load balasing and modem setting what is your mobile no and your E-mail Comment by Aman Manifarooqi — August 1, 2011 @ 4:05 PM

Reply 5. plz sir help me

Comment by Aman Manifarooqi — August 1, 2011 @ 4:06 PM Reply

6. my name is Aman farooqi plz you help me from pakistan RAWAlpindi mikrotik load balascing how make and how modem settend Comment by Aman Manifarooqi — August 1, 2011 @ 4:11 PM

Reply

you can contact me at aacable at hotmail.com

Comment by Pinochio / zaib — August 4, 2011 @ 6:03 AM Reply

skyp id plz 03112910453

Comment by faisal — March 30, 2014 @ 5:11 AM Reply

jhanzaib sb skyp ke id ager ap deyea tu baat ho sakti hay ya cell fone mai 03112910453 Comment by faisal — March 30, 2014 @ 5:13 AM

Reply aacable79

(5)

7. / ip address

add address=1.1.0.5/24 network=1.1.0.0 broadcast=1.1.0.255 interface=Local comment=”” disabled=no add address=10.0.0.10/24 network=10.0.0.0 broadcast=10.0.0.255 interface=wan1 comment=”” disabled=no add address=7.7.7.10/24 network=7.7.7.0 broadcast=7.7.7.255 interface=wan2 comment=”” disabled=no / ip firewall mangle

add chain=prerouting in-interface=Local connection-state=new nth=2,1 action=mark-connection new-connection-mark=conn1 passthrough=yes comment=”” disabled=no

add chain=prerouting in-interface=Local connection-mark=conn1 action=mark-routing new-routing-mark=conn1 passthrough=no comment=”” disabled=no

/ ip firewall nat

add chain=srcnat connection-mark=conn1 action=masquerade out-interface=wan1 comment=”” disabled=no add chain=srcnat connection-mark=conn2 action=masquerade out-interface=wan2 comment=”” disabled=no / ip route

add dst-address=0.0.0.0/0 gateway=10.0.0.138 scope=255 target-scope=10 routing-mark=conn1 comment=”” disabled=no add dst-address=0.0.0.0/0 gateway=7.7.7.7 scope=255 target-scope=10 routing-mark=conn2 comment=”” disabled=no Comment by Aman Manifarooqi — August 4, 2011 @ 11:21 PM

Reply

8. ware is this problam khaa par masllha ho sakta hai kia modem ki setting bhi karni hai aghr karni hai to kia ya is main problam, hai Comment by Aman Manifarooqi — August 4, 2011 @ 11:25 PM

Reply 9. / ip address

add address=1.1.0.5/24 network=1.1.0.0 broadcast=1.1.0.255 interface=Local comment=”” disabled=no add address=1.1.0.77/24 network=1.1.0.0 broadcast=1.1.0.255 interface=wan1 comment=”” disabled=no add address=5.5.5.1/24 network=5.5.5.0 broadcast=5.5.5.255 interface=wan2 comment=”” disabled=no / ip firewall mangle

/ ip firewall nat

add dst-address=0.0.0.0/0 gateway=1.1.0.5 scope=255 target-scope=10 routing-mark=conn1 comment=”” disabled=no add dst-address=0.0.0.0/0 gateway=5.5.5.1 scope=255 target-scope=10 routing-mark=conn2 comment=”” disabled=no Comment by Aman Manifarooqi — August 5, 2011 @ 6:57 PM

Reply

First turn off dhcp server seetings in modem than try…good luck Comment by Faisal — August 13, 2011 @ 10:31 PM

Reply

10. ab yeh sahi kar bhi liya hai tab bhi net nahi chal rahaa hai plz help me ab kia karo yeh load balasing is liye kar rha hoo is se net ki 4mb aur 4mb ke speed 8 ati hai is liye plz ab dekhye kia karoblam hai

This is nth base load balancing which will give you some problems in steaming , https web sites etc. but try it anyways since its the simplest way to do load balance.

Make some changes to your ip scheme. Change ‘Local’ interface ip to 10.0.0.1 Change ‘WAN1′ ip to 192.168.1.1 Change ‘WAN2′ ip to 192.168.2.1

(6)

Change ‘WAN1′ DSL ROUTER LAN ip to 192.168.1.2 Change ‘WAN2′ DSL ROUTER LAN ip to 192.168.2.2 Now moving on to script.

/ ip address

add address=10.0.0.1 network=10.0.0.0 broadcast=10.0.0.255 interface=Local comment=”” disabled=no

add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=wan1 comment=”” disabled=no add address=192.168.2.1/24 network=192.168.2.0 broadcast=192.168.2.255 interface=wan2 comment=”” disabled=no / ip firewall mangle

/ ip firewall nat

add dst-address=0.0.0.0/0 gateway=192.168.1.2 scope=255 target-scope=10 routing-mark=conn1 comment=”” disabled=no add dst-address=0.0.0.0/0 gateway=192.168.2.2 scope=255 target-scope=10 routing-mark=conn2 comment=”” disabled=no Comment by Pinochio / zaib — August 6, 2011 @ 6:32 AM

Reply

would you please give me Mikrotik DUAL WAN Load Balancing using PCC method in simple word i need 4WAN merging Comment by zain ul abdin — January 26, 2012 @ 4:16 PM

Can you be more specific what you meant by ‘Simple Words’

The tutorial is complete reference guide. You can use it and modify it according to your need. Comment by Syed Jahanzaib / Pinochio~:) — January 27, 2012 @ 11:23 AM

11. thnaks you it is work

12. plz sir help me how pcc load balasing 3.22

13. I have implemented DUAL (2) WAN Load Balancing using PCC method and it is working fine without hotspot. But I want to implement this PCC method with hotspot service. Please let me know what I should do now.

Comment by Kafi — August 22, 2011 @ 11:45 AM Reply

Dear Kafi,

I have never tested load balancing with HOTSPOT scenario, but what I have heard or read at forums, hotspot messes with load balancing method. But give it a try and share your experience with us.

Comment by Pinochio / zaib — August 22, 2011 @ 11:51 AM Reply

14. Salam bhai

see pics below is this possible or not

http://forum.mikrotik.com/download/file.php?id=7740 http://forum.mikrotik.com/download/file.php?id=7739 http://forum.mikrotik.com/download/file.php?id=7738 Comment by usmans — August 23, 2011 @ 12:49 PM Reply

Yes this is very much possible achieving this kind of load balancing. Even RRD can get equal LB, but I will not recommend you to use RDD base algorithm as it have some issues with many sites n protocols. Use PCC instead.

(7)

Just make sure that all users are hitting Mikrotik directly (where PCC is configured) The more users load you put on PCC, the better load balancing you will be able to get. Comment by Pinochio / zaib — August 24, 2011 @ 10:50 AM

Reply

Wow…. Amazing..

How to do this with 2 WAN only?

Comment by Danish Jamil — April 3, 2012 @ 1:52 PM Reply

15. bhai mai ny 2 pc mai mikrotik install kia hai 1 mai load balancing ki hai aur dosry mai user add hai aur per connetion classifier ko ma ny dst address pa set kia hai. kia yeh sahi hai yaha is sy b better ho akta hai…..

dsl1

dsl2———–mikrotik pcc (dst address)——–mikrotik pppoe server——-clients dsl3

Comment by usmans — August 28, 2011 @ 1:01 AM Reply

usman bhai mujay apna koi contect nuber dain plz mene loadbalsing ki kuch help lani hai app se Comment by sadaq — July 30, 2012 @ 8:38 AM

Reply

16. dst-address works fine too. All depend on your usage scenario.

You can configure pcc and pppoe on the same server. in this way you can use src-address as your classifier. Comment by Pinochio / zaib — August 28, 2011 @ 10:54 AM

Reply

17. bhai agar mai pcc aur pppoe same sever mai configure karta ho to jab mai us mai thunder cache ka mangle rule add karta ho to wo work nai karta…is liy mai 2 server use kar raha ho….

Comment by usmans — August 28, 2011 @ 2:07 PM Reply

18. Great to use PCC to load balance, but I don’t know I’m using nth is better at my network… Comment by another mikrotik tips — September 24, 2011 @ 9:30 AM

Reply

PCC is a very customizable and enhanced version of Load balancing as compared to NTH . Using PCC you can get rid of many problems found in NTH, for example, broken http/https link, streaming issues and some others. (Using pcc with src-address as classifier.)

Anyhow if NTH is fulfilling your requirements and you are satisfied with the results, you can stick with it as loon as it doesn’t bother you Comment by Pinochio~:) — September 24, 2011 @ 10:30 AM

Reply

19. im having one wan link- 4 Mb ,another one is 2Mb, is it is possible to loadbalance with pcc

Comment by tamilmaran — October 28, 2011 @ 8:31 AM Reply

yes you can,

Just give create more pcc rule to give priority to 4mb rule, so 2mb will be used twice as compare to 2 mb, to get some balanced load balancing. Comment by Pinochio~:) — October 28, 2011 @ 12:33 PM

Reply

can u pls , edit n give me the script, im poor in scripting…

Comment by tamilmaran — June 26, 2012 @ 12:02 AM 20. Hi,

I also have rb750. Now I want to do load balancing on 2 dsl lines. How will I know that port 1 is Local, port 2 is WAN1 ans so on? Also for WAN1 dsl is the ip address 192.168.1.1?

And for WAN2 dsl is the ip address 192.168.2.1?

Comment by Nouman Aziz — November 12, 2011 @ 4:59 PM Reply

(8)

You can check port status by various ways. Following command will blink the port light. /interface ethernet blink ether1

OR

/interface ethernet monitor ether1 /interface ethernet monitor ether2 /interface ethernet monitor ether3

Comment by Pinochio~:) — November 14, 2011 @ 10:38 AM Reply

Sir

I want to access winbox from wan port….please advice ,,,,,i have public static ip at my adsl router .i have add port forwading in router …port is 8291 : what i do at my 750GL router ….microtik router wan ip is 192.168.0.100 …and adsl router lan ip is 192.168.0.1…please advice …\ Regards

Comment by faisalmirzapk — April 10, 2013 @ 7:18 PM 21. dear sir,

i want to implement fcc method with pppoe server in 1mikrotik OS x86 pc….. how to do that?

kindly help me ASAP……;)

Comment by fareed — November 16, 2011 @ 9:14 AM Reply

PCC with PPPoE Server on single Mikrotik Server. Read the following link

http://aacable.wordpress.com/2011/08/29/mikrotik-4-wan-load-balancing-using-pcc-with-pppoe-server-complete-script/ Comment by Pinochio~:) — November 16, 2011 @ 10:33 AM

Reply

22. i have 2 Satellite internet connections and i want to do loadbalancing and i have 2 diffrent public ips. Comment by fareed — November 16, 2011 @ 9:17 AM

Reply

23. Thankx For Help ………

Comment by Mazhar Sheikh — November 16, 2011 @ 3:28 PM Reply

24. 3 wan load balancing, no need to set static IP to the interfaces;

multiple ADSL services and the Mikrotik PCC rules along with some inbound mangling to allow a single router to load balance traffic across as many non bonded links as required.

credits to: http://www.mikrotik-routeros.com/?p=12

Note that none of this config requires the use of IP addresses at all, as it simply uses the pppoe-client interfaces and your lan interface to mark traffic. In my example wan1-pppoe,wan2-pppoe,wan3-pppoe are used and lan

/ip route

add check-gateway=arp comment=”WAN 3 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan3 add check-gateway=arp comment=”WAN 2 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan2 add check-gateway=arp comment=”WAN 1 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan1 add check-gateway=arp comment=”WAN 1 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan1 add check-gateway=arp comment=”WAN 2 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan2 add check-gateway=arp comment=”WAN 3 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan3 add check-gateway=arp comment=”WAN 1 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan1 add check-gateway=arp comment=”WAN 2 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan2 add check-gateway=arp comment=”WAN 3 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan3 add check-gateway=arp comment=”Default Route – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe

add check-gateway=arp comment=”Default Route – Distance 2″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe add check-gateway=arp comment=”Default Route – Distance 3″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe

add check-gateway=arp comment=”Static Route – WAN1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=static-wan1 add check-gateway=arp comment=”Static Route – WAN2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=static-wan2 add check-gateway=arp comment=”Static Route – WAN3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=static-wan3

(9)

/ip firewall mangle

add action=mark-connection chain=input comment=”Mark new inbound connection wan1″ connection-state=new disabled=no in-interface=wan1-pppoe new-connection-mark=wan1 \

passthrough=yes

add action=mark-connection chain=prerouting comment=”Mark established inbound connection wan1″ connection-state=established disabled=no in-interface=wan1-pppoe \

new-connection-mark=wan1 passthrough=yes

add action=mark-connection chain=prerouting comment=”Mark related inbound connection wan1″ connection-state=related disabled=no in-interface=wan1-pppoe \

add action=mark-routing chain=output comment=”Mark new inbound route wan1″ connection-mark=wan1 disabled=no new-routing-mark=static-wan1 passthrough=no

add action=mark-connection chain=prerouting comment=”Mark traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=new disabled=no \

dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/0 add action=mark-connection chain=prerouting comment=”Mark traffic that isn’t local with PCC mark rand (3 possibilities) – option 2″ connection-state=new disabled=no \

dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/2 add action=mark-connection chain=prerouting comment=”Mark established traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=\

established disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=\ both-addresses:3/0

add action=mark-connection chain=prerouting comment=”Mark established traffic that isn’t local with PCC mark rand (3 possibilities) – option 2″ connection-state=\

add action=mark-connection chain=prerouting comment=”Mark related traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=related \

disabled=no dst-address-type=!local in-interface=lan new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/0

add action=mark-routing chain=prerouting comment=”Mark routing for PCC mark – option 1″ connection-mark=wan1_pcc_conn disabled=no new-routing-mark=wan1 passthrough=\

yes

(10)

yes

Comment by adrian — November 26, 2011 @ 7:25 AM Reply

Hi, what about NAT rules ? (script in IP-Firewall-NAT) Comment by esalehnet — November 29, 2012 @ 1:30 AM Reply

25. is is working OK to me, after I modified a bit to use only 2 wans on my router Comment by adrian — November 26, 2011 @ 7:29 AM

Reply

26. Jahanzaib Bhai I need your help Would you………. Comment by Umair Hanif — December 4, 2011 @ 8:28 PM Reply

Regarding ???

Comment by Pinochio~:) — December 7, 2011 @ 10:42 AM Reply

i have mikrotik 3.22 and i want to use 2 WAN link load balancing Comment by umair — December 13, 2011 @ 11:03 PM

You need at least ver 3.30 for pcc base load balancing. Comment by Pinochio~:) — December 14, 2011 @ 10:42 AM 27. I have upgraded to version 3.30

Comment by umair — December 14, 2011 @ 11:46 PM Reply

28. These are great scripts, but could you possibly explain how to change the gateway check to check a remote IP address rather than the gateway IP address (for instances where the DSL line may be down, but the modem still up) – im sure its not as easy as just changing the ip address in the check?

Comment by David — December 22, 2011 @ 4:26 PM Reply

You are right, its not that easy to integrate netwatch with the PCC.

I stopped working on this script long time ago. I will do some r&d on it and will update the article accordingly. Comment by Pinochio~:) — December 23, 2011 @ 10:59 AM

Reply

Salam Dear Sir ,

Sir ap kasy hai .umied hai k ap thek hai .ALLAH ap per desta shufqat rakha.Sir main UBNT wireless setup laga raha hun.Aur sir mujha ap say kuch help ke zaroorat hai .wo ya k main us k liya mikrotik ka kon sa ver use karun uar mikrotik ruterbord kon sa purchas karun.qk es ma humara pass dedicated links be hai .aur SIR humara owner ya chata hai k ptcl jasie wireless modem ma setting ho.

SIR Cache server be creat karna hai kindly ap us ka be bta dijya ga. Sir main umied karta hun k ap jaldi aur bhater jawab send kary gia. Waqas sabir from Faisalabad.

E-mail = [email protected] Mob= 03157215729

Comment by Muhammad Waqas Sabir — August 30, 2012 @ 10:54 PM Reply

29. Hi,

Sir I have done dual wan load balancing on MK RB750 v 5.9. I have two 4 mbps connection.

The problem I am facing is the second dsl line is not much is use. Sometimes I get 7-8 mB speed but sometimes it drops out so I just left with the 4MB. Any thoughts or suggestions?

Thanks.

Comment by Nouman Aziz — December 23, 2011 @ 1:05 AM Reply

(11)

If ‘sometimes’ you able to get 7-8 mbps , then your PCC is configure okay. what classifier are you using?

Comment by Pinochio~:) — December 23, 2011 @ 10:57 AM Reply

30. I am using Dst.Address for both lines.

It will happen if you use dst-address, for example if there are 10 online users and 8 of them are using you tube.com, then PCC will bind you-tube at first dsl link, and other web at other link.

You have to read a lot on PCC classifier, goto wiki and read thoroughly then play with this option. Comment by Pinochio~:) — December 25, 2011 @ 9:44 AM

Reply

31. So which classifier should I use?

32. Can you please explain me which classifier do I change and how? Thanks.

Comment by Nouman Aziz — December 25, 2011 @ 12:43 PM Reply

Dear Noman,

I guess its time for you to do some research and read teh mikrotik wiki on How PCC works. Please start with this one and you will get idea on which classifier is best for you.

http://wiki.mikrotik.com/wiki/How_PCC_works_(beginner)

After all its your network and you have to decide what classifer to use depends on your network usage. Please Read, Read and Read. Comment by Pinochio~:) — December 25, 2011 @ 10:17 PM

Reply 33. ok Thanks/.

Comment by Nouman — December 26, 2011 @ 1:04 AM Reply

34. sir muhe yee bataye ke x86 main bhi pcc load balasing ho sakti hai Comment by noman — December 31, 2011 @ 7:20 PM

Reply

It doesn’t matter what architecture you use , you can do it on x86 or any RB. Just make sure you use ver 3.30 or above.

preferably latest 5.x series.

Comment by Pinochio~:) — December 31, 2011 @ 9:17 PM Reply

min ne computer par install kia hai mikrotik ko pcc load balasing chaliy gi Comment by noman — December 31, 2011 @ 9:23 PM

yes if u configure it properly.

Comment by Syed Jahanzaib / Pinochio~:) — January 2, 2012 @ 9:59 AM

35. Sir, This load balancing works great when we put a load on it (browse heavy site, or watch youtube). Is there any way to keep both WAN’s alive and working equally.

For example even when we browse lite sites it should use both lines 50/50. Thanks

Comment by nominet — January 4, 2012 @ 3:45 PM Reply

Try using different classifier.

(12)

Comment by Syed Jahanzaib / Pinochio~:) — January 4, 2012 @ 4:03 PM Reply

36. I have tried them and I liked ‘scr-address’ and ‘both-addresses and ports’ one. Comment by Nouman — January 5, 2012 @ 12:26 AM

Reply

37. Sir what is failover?

Comment by Ayoob — January 6, 2012 @ 1:30 AM Reply

‘Failover’ It will always check the modem status before sending any packets, If the modem is not reachable it will not send the packets. Comment by Syed Jahanzaib / Pinochio~:) — January 6, 2012 @ 10:55 AM

Reply

38. I want to add another WAN3 with the ip 192.168.3.1 Can you please write a script for me thanks. Comment by Asad — January 6, 2012 @ 11:27 AM Reply

/ip route

add check-gateway=arp comment=”WAN 3 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan3 add check-gateway=arp comment=”WAN 2 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan2 add check-gateway=arp comment=”WAN 1 – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan1 add check-gateway=arp comment=”WAN 1 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan1 add check-gateway=arp comment=”WAN 2 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan2 add check-gateway=arp comment=”WAN 3 – Distance 2″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan3 add check-gateway=arp comment=”WAN 1 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe routing-mark=wan1 add check-gateway=arp comment=”WAN 2 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=wan2 add check-gateway=arp comment=”WAN 3 – Distance 3″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan2-pppoe routing-mark=wan3 add check-gateway=arp comment=”Default Route – Distance 1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe

add check-gateway=arp comment=”Default Route – Distance 2″ disabled=no distance=3 dst-address=0.0.0.0/0 gateway=wan3-pppoe add check-gateway=arp comment=”Default Route – Distance 3″ disabled=no distance=2 dst-address=0.0.0.0/0 gateway=wan2-pppoe

add check-gateway=arp comment=”Static Route – WAN1″ disabled=no distance=1 dst-address=0.0.0.0/0 gateway=wan1-pppoe routing-mark=static-wan1

/ip firewall mangle

passthrough=yes

(13)

new-routing-mark=static-wan2 passthrough=no

add action=mark-connection chain=prerouting comment=”Mark traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=new disabled=no \

dst-address-type=!local in-interface=lan new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/2 add action=mark-connection chain=prerouting comment=”Mark established traffic that isn’t local with PCC mark rand (3 possibilities) – option 1″ connection-state=\

yes

after that all you need to do is make your 3 pppoe client conections coresponding to your wans, pppoe client cone3ctions with user and pass provided from yout ISP, and in NAT…make a masquerade in ip firewall nat… click + to add net nat rule, Chain – scrnat….than go to Action tab and select masquerade… that is all

this config is the config that I am using on a rb750, for 3 wans Comment by Acidu — January 6, 2012 @ 6:40 PM

Reply 39. Hi Sir,

What is the function of distance in routes? Comment by Asad — January 6, 2012 @ 8:34 PM Reply

40. Hi, thanks for the great howto. I have a setup with 2 WANs and when I vpn to the router I can no longer ping or connect to the local addresses. Local interface is: 192.168.0.0/24

VPN local address is: 10.0.1.100 VPN remote address is: 10.0.2.100

Before setting up the load balancing I was able to connect to 192.168.0.102 or 192.168.0.101. Comment by quinametin — January 18, 2012 @ 10:05 AM

Reply

Just create an address list (vpn subnet included) and on the mangle rules exclude them , e.g src-address-list=!pptpusers and dst-address-list=!pptpusers

(14)

http://aacable.wordpress.com/2011/06/04/mikrotik-4-wan-load-balance-pcc-complete-script-by-zaib/ Comment by Syed Jahanzaib / Pinochio~:) — January 18, 2012 @ 10:38 AM

Reply

Ok, found it I had to add to firewall -> nat a masquerade with the source 10.0.2.0/24 Comment by quinametin — January 18, 2012 @ 11:14 AM

Reply gr8.

Comment by Syed Jahanzaib / Pinochio~:) — January 18, 2012 @ 11:18 AM

41. Which classifier should I use? I want 4 + 4 = 8. So traffic should spread aross them two links. Thanks.

Comment by Bablu — January 18, 2012 @ 1:54 PM Reply

Use ‘both addressess and ports’ approach.

42. Jitna b Geo Khushi se Geo. Ye Bablu ki dua ha Jahanzaib Bhai. Comment by Bablu — January 19, 2012 @ 3:29 PM

Reply

Comment by Syed Jahanzaib / Pinochio~:) — January 20, 2012 @ 10:46 AM Reply

43. Hello,

Thank you for helpful posts,

I little bit confused with IP addresses and how to setup load balance with my RB750G.

I have 2 ADSL from same ISP with 2 linksys modems with static external IP and 10M speed each.I cannot access the modems they r locked by ISP. I just getting internal IP by DHCP in range 192.168.1.1/254.

On both modems are same gateway address 192.168.1.1 and same IP range. How can I configure load balancing????

Please help!!!! Need ASAP!!! Thank you in advance!!! Nikos

Comment by Nikos — January 25, 2012 @ 2:11 AM Reply

Move them on different subnet. For example ISP DSL Modems: DSL1 = 192.168.1.1 DSL2 = 192.168.2.1 Mikrotik: WAN1 = 192.168.1.2 / GW > 192.168.1.1 WAN2 = 192.168.2.2 / GW > 192.168.2.1

This way things will get simpler and manageable for you.

You can use static ip on you mikrotik wan interface of same subnet series provided by the modem. Comment by Syed Jahanzaib / Pinochio~:) — January 25, 2012 @ 10:56 AM

Reply

Thank you for fast response,

The problem is that I cannot change DSL2 to 192.168.2.1 its locked by ISP and both DSL modems had same 192.168.1.1. In my scenario it will be something like this :

DSL1:192.168.1.1==>WAN1=192.168.1.2 DSL2:192.168.1.1==>WAN2=192.168.1.3 This will work or NOT???

Please advice !!! Thank you in advance Nikos

(15)

Comment by Nikos — January 25, 2012 @ 7:12 PM

I have not tested such scenario, in my opinion it should not work. Comment by Syed Jahanzaib / Pinochio~:) — January 26, 2012 @ 10:55 AM !Try defining the outbound interface.

For example replace this. /ip route

add dst-address=0.0.0.0/0 gateway=1.2.3.4 routing-mark=to_wan-ISP1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=1.2.3.4 routing-mark=to_wan-ISP2 check-gateway=ping With following

/ip route

add dst-address=0.0.0.0/0 gateway=1.2.3.4%eth1-ISP routing-mark=to_wan-ISP1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=1.2.3.4%eth2-ISP routing-mark=to_wan-ISP2 check-gateway=ping Replace the eth1-ISP with your own wan itnerface name , use the notation % for sure.

If it works , let me know Regard’s

Comment by Syed Jahanzaib / Pinochio~:) — October 21, 2013 @ 11:59 AM Reply

44. Alsalamu Alaykom

Dear Brother can you please send me a Backup file for RB 750 Load Balance ? Comment by Moataz Ibrahem — January 30, 2012 @ 11:02 PM

Reply

http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/ Comment by Syed Jahanzaib / Pinochio~:) — January 30, 2012 @ 11:08 PM

Reply

45. sir main ne pcc load balasing ki hai load balasing to sahi hai par dhcp par webproxy nahi chal rahey plz help me Comment by mani — January 31, 2012 @ 12:05 AM

Reply

If you upgrade to 4.x that’s relatively easy to do because it has a feature that can match connections that do not yet have a connection mark. I will not recommend you to use mikrotik webproxy with pcc on same box, It is recommended to use external proxy like SQUID or ISA. Upgrade to new version and it will be easy for you to use mikrotik web proxy.

/ip firewall mangle

add chain=output connection-mark=no-mark action=mark-connection new-connection-mark=Internet1_conn passthrough=yes per-connection-classifier=both-addresses:2/0

add chain=output connection-mark=no-mark action=mark-connection new-connection-mark=Internet2_conn passthrough=yes per-connection-classifier=both-addresses:2/1

On 3.x the rule set would be quite much more complicated to make sure you don’t interfere with potentially existing connection marks that must not be changed, so hopefully you can upgrade to 4.x

46. sir this script not work as failover it works only when modem turned off

in the case when modem power is on but the modem is disconnect failover not work 100% sure sir i want a solution for failover free or paid not matter but perfect solution

my id is [email protected]

Comment by salman — January 31, 2012 @ 10:45 PM Reply

47. Aslam O Alikum Syed Jahanzaib Bahi My DSL 4MB PTCL

I m Use Hotspot Par User 1MB Speed And 512k My Thinking Is a User End Download Speed Is Limited But Browsing Full 4MB Speed Please Add This Script And Send Me

My ID [email protected] I m use 3.22 v

(16)

Thank You

Comment by WASEEM AHMED — February 1, 2012 @ 5:12 AM Reply

48. hi

i have 16 mb pipe connected with 4 wan tplink load balancer , and load balancer connect with mikro tik OS installed on pc i configured dns, firewall, web proxy correctly but my browsing speed is too slow. is in mikrotik there is place to mention wan link rate, means does mikro tik required the link rate in Wan link. if yes then plzz tell me becoz i m watching all time my wan link in interface option it never rich to 16 mb infect it is not crossing 4 mb in all time pick time non pick time …guide me as soon as possible………… thxzzzzzzzzzzzzz

Comment by rehmat ali gulwating — February 7, 2012 @ 3:50 AM Reply

Slow browsing , hmmm… there can be multiple issue, I told you earlier, make sure all of your client is using your mikrotik as there primary DNS server,

secondly, using IDM , try to download 10-15 multiple files (Big downloads) and see if you can able to download from all links. Comment by Syed Jahanzaib / Pinochio~:) — February 7, 2012 @ 9:34 AM

Reply 49. DEAR…….

YES I CAN USE 16 MB PIPE WITH IDM BUT 1 TROUBLE I FIND THAT WHEN I PING TO TPLINK IP 192.168.205.1 REPLY IN 1 OR 2 MS CONTINUE SLY BUT WHEN I PING PTCL MODEM LAN IP (192.168.201.1 MODEM 1,192.168.202.1 MODEM 2, 192.168.203.1 MODEM 3,192.168.204.1 MODEM 4) SOME TIME PING REPLY IN 6 TO 7 MS AND SOME TIMES REQUEST TIME OUT OCCURS I CHANGE LAN CARDS OF MIKROTIK BUT NOTHING HAPPENED AND WHEN I CONNECT TPLINK LOADBALANCER DIRECT 2 WINDOWS PC PING REPLIES IN 1 MS AND ALL WORKED FINE…. THEN Y PING IS BREAKING WITH MIKROTIK PLEASE GUIDE ME AND SHOOT THIS TROUBLE WITH UR GOOD EXPERIENCE THANKING YOU,

You probably have a bad network design topology.

Also check with your queueing section, Try to disable all Queues, and thenc heck the ping reply. If ping works fine after disabling the Queue, try the following.

http://aacable.wordpress.com/2011/12/07/mikrotik-howto-give-ping-icmp-high-priority/ Comment by Syed Jahanzaib / Pinochio~:) — February 10, 2012 @ 8:58 AM

Reply 50. my name habib

Comment by a — February 10, 2012 @ 9:27 PM Reply

51. are you on line in wordpress

Comment by a — February 10, 2012 @ 9:28 PM Reply

52. Hi,

Work fine, but “both-addresses-and-ports” per connection classifier creates problems (eg ftp client: passive ports are open on another WAN, so the ftp server considers it as a security violation). I recommend an “both addresses” pcc configuration to avoid this.

Best regards

Comment by Alexandre Alouit — February 13, 2012 @ 10:33 PM Reply

Yes you are right, both address provides more reliable connections. But for some operators who demands more bandwidth rather then reliability, both-addresses-and-ports gives overall better load balancing, but they face broken link issues.

Comment by Syed Jahanzaib / Pinochio~:) — February 14, 2012 @ 8:48 AM Reply

53. Salam,

this is rehmat, i trace problem in my network it is from client side. i means my clients have a lots of viruses, Trojans and spammers and their pcs use tcp and udp ports to access wan.ports are 445,80,23 which i trace out i have problem with port 80 becoz its a browsing port (http) please send me rules or any script to block viruses,Trojans and spammers completely. or any other guide to resolve this issue. thxxxxxxxxxxx

Monitor your network closely using monitoring tools like TORCH (built-in mikrotik tool) and block all suspected ports.)

(17)

Few examples are here.

http://aacable.wordpress.com/2011/08/15/mikrotik-howto-prevent-mt-host-from-invalid-login-attempts-from-lanwan-users/ Comment by Syed Jahanzaib / Pinochio~:) — February 14, 2012 @ 8:51 AM

Reply

54. Hi. Salam jahanzaib bhai. jahanzaib bhai i have 4 mb connection of PTCL. and main mikrotik 3.30 pay hotspot server use kr raha hun. i have 30 clients on it . 300 gb limit ki waja say now i want to add one more 4 mb connection. Plz guide me k main kesay on ki load balancing krun. is wqt meray WAN ka address 192.168.1.150 and LAN ka address 192.168.0.150 hai. yaa to ap yay guide kr dain k dono 4 mb ka 50/50 use ho ya phr ya bta dain k main half clients WAN1 pay kesay krun and half WAN2 pay ? because main downloading limit ko cross nhi krna chahta. its too expensive for me if downloading limit crossed.

Comment by SHAFQAT FARHAN — February 22, 2012 @ 10:45 AM Reply

55. and dono connections ptcl say liyay hain main nay so . dono ka ip address same hai yani k DSL1 192.168.1.1 and DSL2 192.168.1.1 and i dont have authority to change this address.

First thing first.

Both links must be on different subnet, otherwise you won’t be able to do proper load balance.

One workaround is to put another router (any cheap brand like tplink etc) in between mikrotik WAN2 and DSL2 and give it another subnet ip. For example like this.

DSL1 ======> === >> MIKROTIK ROUTER ETH1 192.168.1.1 192.168.1.2

DSL2 ======> TPLINK ROUTER === >> MIKROTIK ROUTER ETH2 192.168.1.1 192.168.5.1 192.168.5.2

Also check this It might help you.

http://aacable.wordpress.com/2011/10/27/mikrotik-policy-routing-based-on-client-ip-address/ Comment by Syed Jahanzaib / Pinochio~:) — February 23, 2012 @ 9:16 AM

Reply

56. thank you so much sir. now i will change the ip address of one of the DSL router. now plz tell me how could i do load balancing on hotspot server. and i want k dono DSL’s equally use hun. i mean agar total downloading (from clients) 200 GB howi hai to DSL1 say 100 GB and DSL2 say 100 GB ho. i mean i want the average download from both of the DSL.

To use PCC with HOTSPOT , use the following.

http://aacable.wordpress.com/2012/02/12/mikrotik-pcc-with-hotspot/

You can’t define on that how much exact amount of data should be used from each wan link. Comment by Syed Jahanzaib / Pinochio~:) — February 23, 2012 @ 11:59 AM

Reply

57. to phr kya is trah ho skta hai k main half clients WAN1 pay kr dun and half WAN2 pay. ?? Comment by SHAFQAT FARHAN — February 23, 2012 @ 12:06 PM

Reply

Yes you can, see the link i have sent earlier. policy/ip base client routing Comment by Syed Jahanzaib / Pinochio~:) — February 23, 2012 @ 1:37 PM Reply

jahanzaib bhai os policy main 2 LAN output hain. jab k meray pass situation kuch yun hai k meray pas bulletm2 hai. main wireless k through clients ko net provide kr raha hun. so agar main 2 output krta hun to bullet main to aik he input jaey gi.

Comment by SHAFQAT FARHAN — February 23, 2012 @ 8:26 PM You can use single output (LAN) also.

The example showed in the article was not using 2 output, Both users are on same LAN. Comment by Syed Jahanzaib / Pinochio~:) — February 24, 2012 @ 9:28 AM

58. sir, give me a script of queue tree bandwith setting mikrotik rb750G please….. note: I use dual wan about it wan Comment by aanet — February 24, 2012 @ 7:22 AM

(18)

Reply 59. dear sir

Syed Jahanzaib

sir main ne TWO wan ore ONE lan ka mikrotik server banya hai jis ka scrpit ye hai.

((

/ip address

add address=192.168.5.1/24 network=192.168.5.0 broadcast=192.168.5.255 interface=LAN add address=192.168.0.2/24 network=192.168.0.0 broadcast=192.168.0.255 interface=WAN1 add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2

/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=208.67.220.220,208.67.222.222 /ip firewall mangle

add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1 add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2 add chain=prerouting dst-address=192.168.0.0/24 action=accept in-interface=LAN

add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=LAN

add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes

add chain=prerouting dst-address-type=!LAN in-interface=LAN per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes

add chain=prerouting connection-mark=WAN1_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN1 add chain=prerouting connection-mark=WAN2_conn in-interface=LAN action=mark-routing new-routing-mark=to_WAN2 /ip route

add chain=srcnat out-interface=WAN1 action=masquerade add chain=srcnat out-interface=WAN2 action=masquerade sir jab main internet

use karta hun tu mera server srif os wan ka interinet use karta hai jis ki speed kam hoti hai jab k meri dosri wan per speed kafi achi hoti hai

ek wan meri 3mbps ki hai ore dosri 4 mbps ki hai kindly tell me a script jis se main in dono wan ko use kar sekon yan phier asa ho in dono wan main se jis ki speed zaida ho server os wan ko use karey kindly send me a script jis se mera masla hal ho jaye

Comment by ali — February 24, 2012 @ 9:50 PM Reply

Your script seems fine.

Try playing with the distance value.

Comment by Syed Jahanzaib / Pinochio~:) — February 25, 2012 @ 12:51 PM Reply

yes i have licnes call me 03245001960 pta Comment by noman — March 1, 2012 @ 11:01 AM Reply

60. jahanzaib bhai do u have some info that how can i get license of ISP from PTCL or PTA . and how much cost it have ?? Comment by SHAFQAT FARHAN — February 25, 2012 @ 9:54 PM

(19)

Reply

61. hi.. i’m using this script right now and i want to port forward (23156) from WAN1 to internet.. can u help me sir Comment by nick — March 5, 2012 @ 8:58 PM

Reply

62. sir meine aap ka dual wan configuration wala script use kia hai leikin mere aik wan se reply nahin aaraha Comment by Yasir — March 9, 2012 @ 9:04 PM

Reply

What is the impact you are getting because of this? Check the DISTANCE VALUE.

Comment by Syed Jahanzaib / Pinochio~:) — March 12, 2012 @ 9:04 AM Reply

63. mein mikrotik ka os ver 3.3 use kerraha hoon Comment by Yasir — March 9, 2012 @ 9:09 PM Reply

64. hello !

the difference with this scenario is that i have

modem 1 IP : 79.106.15.44 ( bridge with PPPoE connection with username and password) or it doesn’t influence in the configuration modem 2 IP : 79.106.15.45 ( bridge with PPPoE connection with username and password)

with gateway 79.106.14.1 or dynamic LAN : 192.168.2.1/24

can you please help me with the configuration regards

Comment by sidio — March 12, 2012 @ 3:52 AM Reply

65. salaam sir how are u

main pppoe server use kar rahaa hooo aap mjhe yeh batao ke dil up par kon se colore use hote hai main ne net ki waire se bjiliy gozarni hai plz tell me Comment by musa — March 19, 2012 @ 9:57 AM

Reply 66. hi,

this is Rehmat ali have to ask one thing is that i follow script given by u on this page ( http://aacable.wordpress.com/2011/07/27/mikrotik-dual-wan-load-balancing-using-pcc-method-complete-script-by-zaib/ ) .

problem is

only 1 wan is using internet named wan1 but 2nd wan named wan4 is not using similarly means with pcc method i m able to use both links in same time……? if yes then please solve this issue because it can’t use both links in same time.

Wan1 route is shows as AS and in black color but Wan4 route is shows as S and in blue color. i think problem is with ip route. reply me as soon as possible.

thanking you,

Comment by Rehmat Ali Gulwating — March 20, 2012 @ 3:34 PM Reply

67. Very Very Thanks Mr,Zaib With this script you changed my life Comment by Haroon nimroozy — March 29, 2012 @ 11:17 AM Reply

68. Dear Bro, I m using MIKROTIK from last 2 years with these settings.

I have 4 WANS and 1 LAN. 1 wan 4Mbs, 2nd 4Mb, 3rd 6Mb and 4th is 2Mb. i splice the ip with differnet subnets and send traffic through routes. 1 group ips gets 4 2nd group ip also 4 3rd group 6 mb and 4th group 2mb. and all users or on PPPOE.

But now i want to combine all traffic and then send it to 1 LAN. means 4 lans = 1 lan ,4+4+6+2=16 Mb. I contact many Mikrotik persons for this issue but all in vain.

I am using RB750G 3.22v. Need help..

Comment by Junaid — April 1, 2012 @ 11:02 PM Reply

(20)

http://aacable.wordpress.com/2011/06/04/mikrotik-4-wan-load-balance-pcc-complete-script-by-zaib/ Comment by Syed Jahanzaib / Pinochio~:) — April 2, 2012 @ 8:33 AM

Reply

Thanks a lot Brother…..i’ll work on it then i’ll let u know if i faced any error.. Comment by Junaid — April 4, 2012 @ 1:04 PM

69. Jahanzaib Bhai, i it Possible to have Load Balancer and Hotspot on same Machine? Comment by Danish Jamil — April 4, 2012 @ 11:42 PM

Reply

Yes its possible.

http://aacable.wordpress.com/2012/02/12/mikrotik-pcc-with-hotspot/ Comment by Syed Jahanzaib / Pinochio~:) — April 5, 2012 @ 8:53 AM Reply

70. Dear Syed,

How can we use the web proxy with your configuration (not on a box of course..)? Comment by Alex Alouit (@alexalouit) — April 8, 2012 @ 7:49 PM

Reply

You mean like the one showed here ???

http://aacable.wordpress.com/2011/12/29/howto-to-enable-mikrotik-routeros-web-proxy-in-transparent-mode/ Comment by Syed Jahanzaib / Pinochio~:) — April 9, 2012 @ 8:34 AM

Reply Yes,

unfortunately, for me it does not work.

The proxy works fine from outside (lan network), but the internal drift does not work. My current config is:

nat

0 chain=srcnat action=masquerade src-address=192.168.2.0/24 out-interface=wan1 1 chain=srcnat action=masquerade src-address=192.168.2.0/24 out-interface=wan2

2 chain=dstnat action=redirect to-ports=3128 protocol=tcp src-address=192.168.2.0/24 dst-port=80 mangle

0 chain=input action=mark-connection new-connection-mark=WAN1_conn passthrough=yes in-interface=wan1 1 chain=input action=mark-connection new-connection-mark=WAN2_conn passthrough=yes in-interface=wan2 2 chain=output action=mark-routing new-routing-mark=to_WAN1 passthrough=yes connection-mark=WAN1_conn 3 chain=output action=mark-routing new-routing-mark=to_WAN2 passthrough=yes connection-mark=WAN2_conn 4 chain=prerouting action=accept dst-address=X.X.X.X/24 in-interface=lan

5 chain=prerouting action=accept dst-address=X.X.X.X/24 in-interface=lan 6 ;;; 80

chain=prerouting action=mark-connection new-connection-mark=WAN1_conn passthrough=yes protocol=tcp dst-address-type=!local in-interface=lan dst-port=80 per-connection-classifier=both-addresses-and-ports:2/0

7 chain=prerouting action=mark-connection new-connection-mark=WAN1_conn passthrough=yes dst-address-type=!local in-interface=lan per-connection-classifier=both-addresses:2/0

8 ;;; 80

chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes dst-address-type=!local in-interface=lan per-connection-classifier=both-addresses-and-ports:2/1

9 chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes dst-address-type=!local in-interface=lan per-connection-classifier=both-addresses:2/1

10 chain=prerouting action=mark-routing new-routing-mark=to_WAN1 passthrough=yes in-interface=lan connection-mark=WAN1_conn 11 chain=prerouting action=mark-routing new-routing-mark=to_WAN2 passthrough=yes in-interface=lan connection-mark=WAN2_conn proxy enabled: yes src-address: 0.0.0.0 port: 3128 parent-proxy: 0.0.0.0 parent-proxy-port: 0 cache-administrator: webmaster max-cache-size: none cache-on-disk: yes max-client-connections: 600 max-server-connections: 600 max-fresh-time: 3d

(21)

serialize-connections: no always-from-cache: no cache-hit-dscp: 4

cache-drive: primary-slave The router runs on Router OS 5.14 Do you see that does not work? Regards

Comment by Alex Alouit (@alexalouit) — April 9, 2012 @ 8:25 PM Error in copy/paste, my mangle config number 8 is:

chain=prerouting action=mark-connection new-connection-mark=WAN2_conn passthrough=yes protocol=tcp dst-address-type=!local in-interface=lan dst-port=80 per-connection-classifier=both-addresses-and-ports:2/1

but it does affect my web proxy problem.

The problem I encounter is also valid to intercept DNS requests (cache dns transparent). The firewall is it not challenged?

Comment by Alex Alouit (@alexalouit) — April 10, 2012 @ 10:04 PM

use notepad +…paste there… and then copy from there and paste in new terminal… Comment by Acidu — April 11, 2012 @ 1:08 AM

For the copy/paste error, I spoke about the comment, not the CLI configuration of the router.. Regards

Comment by Alex Alouit (@alexalouit) — April 11, 2012 @ 5:43 PM 71. Dear Sir

I want to know these configuration also use with 750up router board ? I want load balancing with 2 wan on 750up router board …please help …. I also want load balancing using hotspot ……

Regards

Comment by faisalmirzapk — April 8, 2012 @ 8:15 PM Reply

The script posted in this article will work on any version of routerboard. to use it with hotspot you should follow this.

http://aacable.wordpress.com/2012/02/12/mikrotik-pcc-with-hotspot/ Comment by Syed Jahanzaib / Pinochio~:) — April 9, 2012 @ 8:33 AM Reply

72. Dear Sir

plz help me mere pass RB750GL hai mey us pe 3 wan chalana chata ho with bondig (means merge all bandwidth ?) mere pass ye configuration hai. 4Mb = 1st DSL router address = 192.168.0.1 => ehter1 WAN

4Mb = 2nd DSL router address = 192.168.2.1 => ehter2 WAN 6Mb = 3rd DSL router address = 192.168.3.1 => ehter3 WAN Bandwidth merge = 4Mb + 4Mb + 6Mb = 14Mbps

local network = 192.168.1.1 => ehter5 DHCP server on local network => ehter5

Bandwidth controlling in Kbps on specific IP (local address)

or kia interface ka name bhi change karna parey ga wo kese hoga ??? n plz help me step by step

mey ne apki batae hui script mey changes ki hai wo nichy hai is mey koi mistake hai ? or baqi complete script send karden Thanks

———————————————————————————————————————————————————————————————————— rename the interface

?????

———————————————————————————————————————————————————————————————————— /ip address