Mikrotik two WAN Load balance



Mikrotik two WAN Load balance

1. Assign IP on Mikrotik interface

Example: WAN1: 120.136.28.2/30
WAN2: 120.136.30.2/30
Local: 192.168.100.1/24

2. Configure DNS and DHCP


3. Filter the packet with Mangle

i will copy and past the script, cause it is faster
you can manually, check your configuration on the User Interface later.


/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn

add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2

add chain=prerouting dst-address=120.136.28.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=120.136.30.0/24 action=accept in-interface=Local

add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:3/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:3/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes

add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2




4. Add load balance route and backup route

/ip route
add dst-address=0.0.0.0/0 gateway=120.136.28.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=120.136.30.1 routing-mark=to_WAN2 check-gateway=ping

add dst-address=0.0.0.0/0 gateway=120.136.28.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=120.136.30.1 distance=2 check-gateway=ping



5. Add nat for WAN1 and WAN2

/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade


now go to Win XP-01 to test the Connection Load Banlance


Done ..
Share on Google Plus

About somono chek

Hi, I am Somono Chek. I've been working in IT field for 8 years. I created this blog for sharing my experiences and knowledge for this 8 years related to IT Skill: Networking, Network Security, Linux Server, Windows Server and other skill related to IT.

0 comments:

Post a Comment