Site icon System Zone

MikroTik Load Balancing over Multiple Gateways (2 WAN)

Load Balancing is a technique used to send network traffic over multiple gateways. If you have multiple ISP connections in your network, you can send your network traffic through those ISP connections and can make a load balancing network. Accidently you may ask me, why will I use multiple ISP connections? What are the benefits to use multiple ISP connections in my network? I will say, ask yourself deeply then you will find the reasons why multiple ISP connections is necessary in your network. However, I am giving you some reasons which will show you the necessities of multiple ISP connections in your network.

  1. No ISP can give you 100% guarantee that their connection will remain always alive. So, it will be better to use more than one ISP connection in your network so that you can increase your internet access probability.
  2. You have an ISP connection that is not so good but you cannot disconnect it because you are using other services (such as Mail, IPPBX etc.) of this ISP. In this case, you can use another ISP which will provide you better service.
  3. You have an ISP connection that is better but high paid bandwidth. In this case, you can purchase another ISP bandwidth which is cheap but their connection is good, not better.

I think, you are now determined to use multiple ISP connections in your network. If you have multiple ISP connections, you can balance your network load as well as you can make link redundancy. There are a number of ways by which you can make load balancing as well as link redundancy using MikroTik router. Among them, today I will show you how to do only load balancing network using Policy Based Routing (PBR) in MikroTik router.

Policy Routing Based on Client IP Address

Policy Based Routing (PBR) is a technique which is used to make routing decisions based on policies those are set by any network administrator. So, today I will show you a policy in MikroTik router by which you can build a load balancing network.

If you have a number of hosts as well as multiple ISP connections, you may group your hosts by IP addresses and then depending on the source IP address send traffic out through different ISP connections. For example, consider a simple office network diagram like below where two ISP connections are being used as gateways of a MikroTik router.

Load Balancing Network over Multiple Gateways

In this network diagram, there are two ISP connections those are being used as WAN connections of a MikroTik router. Also, a number of hosts are connected to this MikroTik router through a distribution switch. As dual WAN connections are available for this MikroTik router, we will create a policy routing so that our half of the total LAN users will access internet through WAN1 ISP connection and rest of the LAN users will access internet through WAN2 ISP connection.

5 Steps to Create Policy Based Routing in MikroTik Router

As like the above simple office network diagram, I hope, you have dual WAN connections in your MikroTik router as well as a number of hosts are connected to this MikroTik router to access internet. Now I will show you how to create routing policy in your MikroTik router so that half of your LAN users will get internet through WAN1 connection and another half of your LAN users will get internet through WAN2 connections. That means, how you can make a load balancing network over these two gateways.

The whole configuration to apply policy based routing for making a load balancing network with MikroTik router can be divided into 5 steps.

  1. Assigning WAN and LAN IP addresses.
  2. DNS Server Configuration
  3. NAT Configuration
  4. Mangle Rule Creation
  5. Route Configuration

Now I will explain all the above steps in my rest of this article for configuring a load balancing network over multiple gateways.

Step 1. Assigning WAN and LAN IP Addresses

For configuring a perfect load balancing network with policy based routing, first you have to assign WAN and LAN IP addresses in your MikroTik Router. As you have two ISP connections, you must have two WAN IP addresses as well as two gateway addresses. For the configuration of this article, I am using below two WAN IP addresses and two gateway addresses for different ISP connections.

  1. WAN1 IP Address:22.15.221/24 and Gateway: 172.22.15.1
  2. WAN2 IP Address:168.168.210/24 and Gateway: 192.168.168.254

I am using these WAN IP addresses and Gateway addresses for the configuration of this article as well as my video tutorial that I have uploaded in my channel, but in practical your WAN IP addresses and Gateway addresses must be different and these will be provided by your ISP Company. However, you also have a LAN network with a large number of hosts. For the configuration of this article, I am assuming the LAN IP block and gateway address will be like below.

  1. IP Block:168.10.0/24
  2. Gateway:168.10.254

We have got our WAN IP addresses and LAN IP block. Now I will show you how to assign these WAN IP addresses and LAN gateway address in your MikroTik router. Follow my bellow steps to assign WAN and LAN IP addresses in your MikroTik router.

  1. Login to your MikroTik router with Winbox software. If you don’t have Winbox software in your collection, download Winbox from this site and then login to your MikroTik with username and password. If you are new in this article as well as in MikroTik router, follow my article about MikroTik router basic configuration which will show you the proper steps to configure a MikroTik router from very beginning.
  2. Go to IP > Addresses menu item from the winbox menu bar. Address List window will appear.
  3. Now click on add new button (PLUS Sign). New Address window will appear. Put your WAN1 IP address (in this article: 172.22.15.221/24) in Address input box and choose WAN1 interface (in this article: ether1) from Interface drop-down menu and then click Apply and OK button.
  4. Similarly, click on add new button again and put your WAN2 IP address (in this article: 192.168.168.210/24) in Address input field and choose WAN2 interface (in this article: ether2) from Interface drop-down menu and then click Apply and OK button.
  5. Again, click on add new button and put your LAN gateway IP (in this article: 192.168.10.254/24) in Address input field and choose your LAN interface (in this article: ether10) from Interface drop-down menu and then click Apply and OK button.

Assigning WAN and LAN IP addresses has been completed. Now we will configure DNS server in our next step.

Step 2. DNS Server Configuration

DNS is not a mandatory configuration in MikroTik router but it is necessary for a complete MikroTik router configuration. Optionally, you can turn your MikroTik router into a DNS server which will be beneficial for your network. So, if you want to set DNS IP in your MikroTik router as well as want to turn your MikroTik into a DNS server, follow my below simple steps.

  1. Go to IP > DNS menu option. DNS Settings window will appear. Put your DNS server IP that is provided to you by your ISP or you can use Google public DNS server IP 8.8.8.8 in Servers input field.
  2. Optionally, you can click on Allow Remote Requests checkbox to turn your MikroTik router into a DNS server. But you have to block DNS requests from outside of your LAN otherwise your MikroTik will be used as a DNS server by the public users if they know your MikroTik public IP. Follow my article about MikroTik router basic configuration which will show you how to block DNS requests from public network.
  3. Now click Apply and OK button.

Our DNS configuration in MikroTik router has been completed. Now we will create masquerade NAT rule so that our LAN user can access internet through our MikroTik router.

Step 3. NAT Configuration

Now we will create a masquerade NAT rule so that our LAN IP can be NATed by MikroTik router. If we don’t create this rule, our LAN users cannot access internet through our MikroTik router. So, follow my bellow steps to create NAT rule in MikroTik router.

  1. Go to IP > Firewall Firewall window will appear. Click on NAT tab in this window and then click on add new button (PLUS Sign). New NAT Rule window will appear.
  2. Under General tab, choose srcnat from Chain drop-down menu and put your LAN IP block address (in this article: 192.168.10.0/24) in Address input field. Now click on Action tab and choose masquerade from Action drop-down menu and then click Apply and OK button.

NAT rule configuration in MikroTik router has been completed. Now we will create Mangle rules in our MikroTik router so that our LAN user can be divided into two groups.

Step 4. Mangle Rule Creation

As we want to send our LAN users through two ISP connections for load balancing, we have to create Mangle rules which will divide our LAN users into two groups and mark them for proper routing. In this article, I am using a class C IP block which is 192.168.10.0/24 for our LAN users. This IP block can be divided into two groups by subnetting like below.

  1. Group A:168.10.0/25
  2. Group B:168.10.128/25

By doing this subnetting, our total users are now divided into two groups. The users who will use IP address between 192.168.10.1 to 192.168.10.126 will have in group A and those who will use IP address between 192.168.10.129 to 192.168.10.253 will have in group B. Now, I will show you two Mangle rules in MikroTik router those will do proper grouping and marking our LAN IP. Follow below steps to create these Mangle rules.

  1. Go to IP > Firewall menu and click on Mangle tab in Firewall window and then click on add new button (PLUS Sign). New Mangle Rule window will appear now.
  2. Choose prerouting option from Chain drop-down menu and put Group A IP block (in this article: 192.168.10.0/25) in Address input field. Click on Action tab and choose mark routing option from Action drop-down menu and put group name (here, GroupA) in New Routing Mark input box and uncheck the Passthrough option and then click Apply and OK button.
  3. Similarly, click on add new button again and choose prerouting option from Chain drop-down menu and put Group B IP block (here, 192.168.10.128/25) in Address input field. Now click on Action tab and choose mark routing option from Action drop-down menu and put group name (here, GroupB) in New Routing Mark input field and uncheck the Passthrough option and then click Apply and OK button.

We have successfully created Mangle rules for grouping our LAN users. Now we will configure routes in MikroTik router so that different groups can access internet through different ISP connection.

Step 5.  Route Configuration

After creating Mangle rules, now you have to configure routing so that your different user group can use different WAN connection for accessing internet. So, follow my bellow steps to configure your MikroTik routing properly.

  1. Go to IP > Routes menu option. Route List window will appear now. Click on add new button (PLUS Sign) from this window. New Route window will appear.
  2. Put ISP1 gateway address (here, 172.22.15.1) in Gateway input field and choose your routing mark (here, GroupA) for this gateway from Routing Mark drop-down menu and then click Apply and OK button.
  3. Similarly, click on add new button (+) and put ISP2 gateway address (here, 192.168.168.254) in Gateway input field and choose your routing mark (here, GroupB) for this gateway from Routing Mark drop-down menu and then click Apply and OK button.
  4. Again, click on add new button (+) and put any ISP gateway (here, 172.22.15.1) and Apply and OK button. If you don’t apply this route, your MikroTik cannot access internet.

After this configuration, your GroupA users will access internet through ISP1 gateway and GroupB users will access internet through ISP2 gateway. So, you will get a perfect load balancing network with this configuration. A question may arise in your mind now. Hey bro, what will happen if any ISP connection goes down? Yeah bro, half of your users will be disconnected from internet. As I said before, this configuration is just for load balancing but not for redundancy. I will show in my next article how to do load balancing as well as link redundancy with ECMP in MikroTik router. But if you do the above load balancing configuration for your network, you have to disable Mangle rules as well as routing rules manually if any ISP link goes down suddenly and create a new route rule for passing all users through the active ISP gateway. If you face any problem to create a single route gateway, follow my article about MikroTik router basic configuration which will guide you how to configure a single route for your network.

Proper steps to make a load balancing network in MikroTik router with policy based routing has been show step by step. If you face any problem to do above steps, watch my below video tutorial about MikroTik Load Balancing over Multiple Gateways which will help you to make a load balancing network in MikroTik router properly.

Policy based routing described in this article will provide only Load Balancing solution but Link Redundancy or failover will not be ensured here. If you want to get Load Balancing and Link Redundancy network, you can use MikroTik ECMP Load Balancing and Link Redundancy method. ECMP method is easy to configure but in large network ECMP method has some known issues. On the other hand, MikroTik PCC Load Balancing and Link Redundancy method provides 100% reliable Load Balancing with failover network but configuration is a little bit complex. MikroTik Dual WAN Load Balancing with Fialover using PCC article has described how to easily configure Load Balancing and Link Redundancy network in your MikroTik Router using PCC method.

MikroTik load balancing over multiple gateways has been shown step by step in this article. I hope, you are now able to configure a load balancing network using PBR if you have two ISP connections available. However, if you face any problem to configure a load balancing network with PBR, feel free to discuss in comment or contact with me from Contact page. I will try my best to stay with you.

Exit mobile version