Mikrotik Load Balancing

Mikrotik Load Balancing 2 ISP With LAN IP Address List

Mikrotik is a very useful tool as a router. In everyday life, a network administrator can easily manage network traffic in accordance with his wishes, one of which is Mikrotik Load Balancing 2 ISP.

This paper illustrates the need for a college or office internet access using two ISPs, and LAN conditions using ip private as well as a router pc with three interfaces using Mikrotik OS version 5.18, plus a siwtch for the access solver to the client or work station.

The design of network topology can be seen in the picture besides, will be fully discussed one by one how to configure mikrotik load balancing 2 isp in accordance with the situation as the picture.

Call it the interface used on mikrotik router is ether1, ether2, and ether3 with the following conditions: 

ether1 (ISP1): 111.111.111.111
ehter2 (ISP2): 222.222.222.222
ehter3 (LAN): 192.168.254.1

Add IP Address to mikrotik box for the above purposes:
/ ip address
add address = 111.111.111.111 / 24 network = 111.111.111.0 broadcast = 111.111.111.255 interface = ether1
add address = 222.222.222.222 / 24 network = 222.222.222.0 broadcast = 222.222.222.255 interface = ether2
add address = 192.168.254.1 / 24 network = 192.168.254.0 broadcast = 192.168.254.255 interface = ether3

4 pieces of workstation with ip: 192.168.254.2 (WORKST-1),
192.168.254.3 (WORKST-2), 192.168.254.4 (WORKST-3) and 192.168.254.5 (WORKST-3).

 Here internet access will be split into two paths, WORKST-1 and 2 via ISP1, while WORKST-3 and 4 through ISP2, but if one ISP is disconnected or down, all access from all WORKST will be redirected to live path, set using mikrotik load balancing.

The following steps are done to configure the above requirements:

 1. Create an Adress List on IP Firewall:

/ip firewall address-list
add list=jalur1 address="192.168.254.2"
add list=jalur1 address="192.168.254.3"
add list=jalur2 address="192.168.254.4"
add list=jalur2 address="192.168.254.5"

 2. Configure NAT and MANGLE

 / ip firewall nat
add chain = srcnat action = masquerade to-addresses = 111.111.111.111 src-address-list = path1 comment = "via ISP1"
add chain = srcnat action = masquerade to-addresses = 222.222.222.222 src-address-list = path2 comment = "via ISP2"

/ ip firewall mangle
add chain = prerouting action = mark-routing new-routing-mark = path1-route passthrough = no \
src-address-list = path1 in-interface = ether3 comment "Mark Routing Line1"
add chain = prerouting action = mark-routing new-routing-mark = path2-route passthrough = no \
src-address-list = path2 in-interface = ether3 comment "Mark Routing Line2"



 3. IP Routes and Rules



 / ip route
add dst-address = 0.0.0.0 / 0 gateway = 111.111.111.1 check-gateway = ping distance = 1 scope = 30 \
target-scope = 10 routing-mark = lane1-route
add dst-address = 0.0.0.0 / 0 gateway = 222.222.222.1 check-gateway = ping distance = 1 scope = 30 \
target-scope = 10 routing-mark = lane1-route
add dst-address = 0.0.0.0 / 0 gateway = 111.111.111.1 check-gateway = ping distance = 1 scope = 30 \
target-scope = 10 routing-mark = lane2-route
add dst-address = 0.0.0.0 / 0 gateway = 222.222.222.1 check-gateway = ping distance = 1 scope = 30 \
target-scope = 10 routing-mark = lane2-route
add dst-address = 0.0.0.0 / 0 gateway = 111.111.111.1 check-gateway = ping distance = 1 scope = 30 \
target-scope = 10
add dst-address = 0.0.0.0 / 0 gateway = 222.222.222.1 check-gateway = ping distance = 1 scope = 30 \
target-scope = 10

/ ip route rule
add dst-address = 111.111.111.0 / 24 action = lookup table = main
add dst-address = 222.222.222.0 / 24 action = lookup table = main
add dst-address = 192.168.254.0 / 24 action = lookup table = main
add src-address = 111.111.111.0 / 24 action = lookup table = path1-route
add src-address = 222.222.222.0 / 24 action = lookup table = path2-route
add routing-mark = path1-route action = lookup table = path1-route
add routing-mark = lane2-route action = lookup table = lane2-route



 The above route route rule IP configuration is also useful for remote login from the internet, with the syntax above the router being visible from two different ISP directions, the final configuration result on IP Route when viewed through winbox will look like the picture below:

 Visible on the picture the routing is marked with blue and black, meaning black indicates that the routing is active for each path, and blue is the routing as a backup if the current routing is constrained or interrupted, then the routing will automatically move .

To ensure the path is running correctly, my friend can try it by doing traceroute for each IP source to a particular site, if the perceived path is correct, then mikrotik load balancing 2 ISP with LAN IP address list has been successfully done, required in accordance with the wishes of a network admin.

So and Thanks
 www.mikrotik.co.id