MikroTik Load Balancing and Link Redundancy with ECMP

Load balancing and link redundancy is the main concern to any network administrator. Because, they always want to keep live their network 24/7. If you have multiple WAN connections, you can easily make a load balancing as well as link redundancy network with MikroTik Router. Different types of load balancing and link redundancy are present in MikroTik Router. ECMP Load Balancing is one of them. ECMP is so easy to implement and it provides an perfect load balancing solution. In this article, I am going to show how to configure a DUAL WAN Load Balancing network with Failover using ECMP method in Mikrotik Router.

ECMP (Equal Cost Multi Path)Routing

ECMP stands for Equal-Cost Multi-Path routing. ECMP is persistent per-connection load balancing or per-src-dst-address combination load balancing where a new gateway is chosen for each source and destination IP pair. It means that, for example, one FTP connection will use only one link, but new connection to a different server will use another link.

Network Diagram
We will configure Dual WAN load balancing over two equal gateways using ECMP method according to the following diagram.

Load Balancing and Link Redundancy Network
Load Balancing and Link Redundancy Network

In this network, there are two ISP connections (ISP1 and ISP2) which are connected to ether1 and ether2 port of the MikroTik Router. A number of network devices are connected to the MikroTik router through a network switch. The uplink port of the LAN switch is connected to the Router’s ether10 port and using as the LAN network of the router. We will configure DUAL WAN ECMP load balancing in this MikroTik Router so that LAN traffic can pass through both WAN links equally.

This ECMP configuration will also ensure Link Redundancy. So, if any ISP connection gets disconnected, LAN traffic will pass through the available ISP connection until the lost ISP connection gets available.

ECMP Load Balancing and Link Redundancy Configuration

Complete ECMP configuration for a load balancing and link redundancy network according to the above network diagram can be divided into 4 steps.

  • Assigning WAN and LAN IP Addresses
  • DNS Configuration
  • NAT Configuration
  • ECMP Route Configuration

Step 1: Assigning WAN and LAN IP Addresses

At first we will assign WAN and LAN IP in MikroTik Router. For this article configuration, I am using the following two WAN IP addresses and their respected gateway addresses.

  • WAN1 IP Address: 172.22.15.221/24 and Gateway:172.22.15.1
  • WAN2 IP Address: 192.168.168.210/24 and Gateway:192.168.168.254

I am using these WAN IP and Gateway addresses for the configuration of this article as well as the video tutorial that I will upload in my channel but in practical your WAN IP addresses and Gateway addresses must be different and these will be provided by your ISP Company. For this article configuration, I am also using the following LAN IP block and Gateway.

  • IP Block: 192.168.10.0/24
  • Gateway: 192.168.10.254


Now we will assign the above WAN and LAN IP addresses on MikroTik Interfaces. The following steps will show how to assign IP address on MikroTik Interfaces.

  • Login to your MikroTik router using Winbox software with full permission user privilege.
  • Go to 
  • Click on PLUS SIGN (+). New Address window will appear. Put your WAN1 IP address (in this article: 172.22.15.221/24) in Address input box and choose WAN1 interface (in this article: ether1) from Interface drop-down menu and then click Apply and OK 
  • Similarly, click on PLUS SIGN (+) and put WAN2 IP address (in this article: 192.168.168.210/24) in Address input field and choose WAN2 interface (in this article: ether2) from Interface drop-down menu and then click Apply and OK button.
  • Click on PLUS SIGN (+) again and put LAN gateway IP (in this article: 192.168.10.254/24) in Address input field and choose LAN interface (in this article: ether10) from Interface drop-down menu and then click Apply and OK button.

Step 2: DNS Server Configuration

DNS is not a mandatory configuration in MikroTik Router but it is necessary for a complete MikroTik Router configuration. Optionally, you can turn your MikroTik router into a DNS Server which will be beneficial for your network. So, if you want to set DNS IP for your MikroTik router as well as want to turn your MikroTik router into a DNS server, follow the below simple steps.

  • Go to IP > DNS menu item. DNS Settings window will appear. Put DNS server IP that is provided to you by your ISP or use public DNS server IP 8.8.8.8 in Servers input field.
  • Optionally, you can click on Allow Remote Requests checkbox to turn MikroTik Router into a DNS Server. But you have to block DNS requests from outside of your LAN otherwise your MikroTik will be used as a DNS server by the public users if they know your MikroTik’s public IP. Follow my article about MikroTik router basic configuration that will show you steps to block DNS requests from public network.
  • Now click Apply and OK button.

Step 3: NAT Configuration

We will now create two masquerade NAT rules in MikroTik Router so that LAN users can access internet through the both ISP connections. That means, if any packet leaves via ether1, it will be NATed to ISP1 gateway IP address and if any packet leaves via ether2, it will be NATed to ISP2 gateway IP address. The following steps will show how to create masquerade NAT rule in MikroTik Router.

  • Go to IP > Firewall menu option. Firewall window will appear.
  • Click on NAT tab and then click on PLUS SIGN (+). New NAT Rule window will appear now. From General tab, choose srcnat from Chain drop-down menu and choose ISP1 interface (in this article: ether1) from Out. Interface drop-down menu. Now click on Action tab and choose masquerade from Action drop-down menu and then click Apply and OK button.
  • Similarly, click on PLUS SIGN (+) again and choose srcnat from Chain drop-down menu and choose your ISP2 interface (in this article: ether2) from Out. Interface drop-down menu. Now click on Action tab and choose masquerade from Action drop-down menu and then click Apply and OK button.

Step 4: Routing Configuration

We will now configure ECMP (Equal Cost Multi-Path) gateway over two WAN links. The following steps will show how to assign ECMP gateway in MikroTik Router.

  • Go to IP > Routes menu option. Route List window will appear.
  • Click on PLUS SIGN (+). New Route window will appear.
  • Put ISP1 gateway IP (in this article: 172.22.15.221) in Gateway input box and then click on Add new value button located after gateway input box. New gateway input box will appear. Put WAN2 gateway IP (in this article: 192.168.168.254) in new Gateway input box.
  • Now choose ping from Check Gateway drop-down menu.
  • Click Apply and OK button.

ECMP configuration that we have done in the above steps will send network traffics through the both ISP connections equally. That means, one connection among every two connections will be sent through ISP1 connection and another connection will be sent through ISP2 connection. So, you should have equal bandwidth connection from both ISP Company. Otherwise, your bandwidth will be wasted.  But if you have unequal bandwidth connection from these two ISP Company, how do you reduce your bandwidth waste? For this follow my another article on unequal DUAL WAN Load Balancing with Failover using ECMP.

Connections to the Router Itself

With all multi-gateway situations there is a usual problem to reach router from public network via one, other or both gateways. Because outgoing packets use same routing decision as packets those are going through the router. So reply to a packet that was received via WAN1 might be sending out via WAN2. To avoid this we need to do policy based routing.
The following steps will show how to mark router’s incoming connection to pass it over proper gateway.

  • Go to IP > Firewall menu option and click on Mangle tab. Now click on PLUS SIGN (+). New Mangle Rule window will appear now.
  • From General tab, choose input from Chain drop-down menu and choose ISP1 interface (in this article: ether1) from In. Interface drop-down menu. Now click on Action tab and choose mark connection from Action drop-down menu and put connection name (isp1_conn) whatever string you like in New Connection Mark input field and then uncheck the Passthrough check box if it is checked. Click Apply and OK button.
  • Similarly, click on PLUS SIGN (+) and choose input from Chain drop-down menu and then choose ISP2 interface (in this article: ether2) from In. Interface drop-down menu. Click on Action tab and choose mark connection from Action drop-down menu and put connection name (isp2_conn) whatever string you like in New Connection Mark input field and uncheck the Passthrough checkbox if it is checked and then click Apply and OK button.
  • Now click on PLUS SIGN (+) and choose output from Chain drop-down menu and then click on Connection Mark drop-down menu and choose ISP1 connection mark (in this article: isp1_conn ) that you have created at the first step. Now click on Action tab and choose mark routing from Action drop-down menu and put routing mark name (to_isp1) in New Routing Mark input field and uncheck the Passthrough checkbox if it is checked and then click Apply and OK button.
  • Similarly, click on PLUS SIGN (+). Choose output from Chain drop-down menu and choose ISP2 connection mark (in this article: isp2_conn) that you have created at the second step. Now click on Action tab and choose mark routing from Action drop-down menu and then put routing mark name (to_isp2) in New Routing Mark input box and uncheck the Passthrough checkbox if it is checked. Click Apply and OK button.

We have created policy to pass router’s incoming packets to the respected WAN interface. Now we will create routing based on this policy.

    • Go to IP > Routes menu option. Route List window will appear.
    • Click on PLUS SIGN (+) and put ISP1 gateway IP (172.22.15.221) in Gateway input box and then choose ISP1 routing mark (in this article: to_isp1) from Routing Mark drop-down menu. Click Apply and OK button.
    • Similarly, click on PLUS SIGN (+) and put ISP2 gateway IP (192.168.168.254) in Gateway input box and choose ISP2 routing mark (in this article: to_isp2) from Routing Mark drop-down menu. Now click Apply and OK button.

Policy based routing to get router properly from public network has been completed. Now ECMP load balancing will affect no more on getting router from public network.

If you follow the above 4 steps, you can easily configure a load balancing and link redundancy network in your MikroTik Router. However, if you face any confusion to do the above 4 steps successfully, watch the following video tutorial about MikroTik ECMP load balancing and link redundancy. I hope, it will show you the proper guide to configure a load balancing and link redundancy network in MikroTik router with ECMP method.

How to Configure MikroTik ECMP load balancing and link redundancy has been discussed in this article. I hope, you will now be able to make a load balancing and failover network with MikroTik Router sucessfully. However, if you face any problem to configure a load balancing and link redundancy network with your MikroTik Router, feel free to discuss in comment or contact with me from Contact page. I will try my best to stay with you.

Why not a Cup of COFFEE if the solution?

mikrotik-ecmp-load-balancing-and-link-redundancy

ABU SAYEED

I am a system administrator and like to share knowledge that I am learning from my daily experience. I usually work on MikroTik, Redhat/CentOS Linux, Windows Server, physical server and storage, virtual technology and other system related topics. Follow Me: Facebook, Twitter and Linkedin.

Your name can also be listed here. Have an IT topic? Submit it here to become a System Zone author.

14 comments

  • Avatar for plitzkin plitzkin

    Hey, What should I do if my 2 wans have dhcp connection? Im confused.

    • Go to IP > DHCP Client and click on PLUS SIGN to add your DHCP Interface But Load balancing with DHCP WAN will be difficult bro. Try to use static IP for your WAN and it will be better for you.

  • Avatar for Aulia K F Aulia K F

    Hello, I wanna ask you a question, I dont use the “check-gateway” you said above but the failover is still running, do you know why this could happen?

  • Avatar for hector fragoso hector fragoso

    Hello, what happen if the ISP is active but dont have internet?
    this happened very often and the lan become so slow,

    i have 4 ISP and want to redirect all lan trafic to load balance between ISP1, ISP2 and ISP3, and leave ISP4 for backup only but only for 2 local pcs

    • Dear,
      you have a complex network. Load balancing is a complex task. you have to research about your problem with your local expert guy. I think they research your problem and give you perfect solution.

  • Avatar for César Montes César Montes

    Hello Sayed,

    Thanks for another great tutorial! I am currently trying it, but I have a problem as my two internet connections have not static IP; how shall we configure it so the router handle any IP that the ISP gaves to him?

    Looking forward to hearing from you.

    Kindly,
    César.-

  • Avatar for César Montes César Montes

    Thanks for your reply Sayeed!

    I have followed your tutorial but something is wrong; at the moment I tried to route the connections it tells me that wan1 and wan2 are unreacheable. I think it happens because the Gateway provided by my ISP varies from the IP. For example, IP 192.168.85.3, DG 192.53.2.3.

    Either way, I think I shall proceed with dynamic IP as my ISP changes both IP and DG everyday. Is there a way you can take a look at my config? I am trying to do this: https://onedrive.live.com/?authkey=%21ALMuGDQzuAs2s3A&cid=DD20073D74C28CAB&id=DD20073D74C28CAB%2157878&parId=root&o=OneUp
    Do not worry for the printer, as I believe I can conenct it to the Switch and it will get an automatic IP address

  • Avatar for Mengthai Mengthai

    Hello brother!

    May we can do a load balancing with different speed?
    Ex:
    ISP1=10M
    ISP2=30M
    If we can do, how is processing? smooth or not?

    Thanks you!

  • Yes brother, you are able to get 10 MB Bandwidth because load balancing is created for this purpose.

  • Avatar for Azim Azim

    Bro, If i create a DHCP Server, is it possible?(Your tutorial was static Ip addresses for LAN user )..
    Waiting for your reply. Thank you

Leave a Reply

Your email address will not be published. Required fields are marked *

*