MikroTik Unequal Dual WAN Load Balancing with Failover using ECMP
MikroTik Router is capable of doing Load Balancing with Failover over multiple gateways. Policy Based Routing, ECMP, PCC and NTH Load Balancing are the popular load balancing methods in MikroTik Router. Among these methods, ECMP is so easy to configure and provides almost 100% load balancing and link redundancy solution. In my previous article, I discussed how to configure Load Balancing and Link Redundancy using ECMP over two equal bandwidth gateways. ECMP method is also capable of doing load balancing over unequal bandwidth gateway. In this article, I will discuss how to configure load balancing with failover over two unequal bandwidth gateways using ECMP method.
ECMP (Equal Cost Multi Path) Routing
ECMP stands for Equal-Cost Multi-Path routing. ECMP is persistent per-connection load balancing or per-src-dst-address combination load balancing where a new gateway is chosen for each source and destination IP pair. It means that, for example, one FTP connection will use only one link, but new connection to a different server will use another link.
Network Diagram
We will configure Dual WAN load balancing over two unequal gateways using ECMP method according to the following diagram.
In this network, MikroTik Router’s ether1 port is connected to ISP1 with IP block 192.168.30.0/30 and ether2 port is connected to ISP2 with IP block 172.30.30./30 and ether3 port is connected to LAN network and its IP block is 10.10.10.0/24. PC-1 and PC-2 are two LAN workstations which are connected to LAN interface through a LAN switch.
We will configure ECMP Load Balancing in this MikroTik Router so that LAN traffics can pass though the both WAN connections. As ECMP is a per connection load balancing method and WAN connection has different bandwidth (WAN1: 20Mbps and WAN2: 10Mbps) with bandwidth ratio 2:1, we will pass two connections among three connections to WAN1 link and one connection to WAN2 link.
This ECMP configuration will also ensure Link Redundancy. So, if any WAN connection gets disconnected, LAN traffic will pass through the available WAN connection until the lost WAN connection gets available.
Load Balancing Configuration using ECMP over Unequal DUAL WAN Connections
We will now start Load Balancing and Link Redundancy configuration in MikroTik Router according to the above network diagram. Complete configuration can be divided into the following five steps.
- Renaming MikroTik interface name
- Assigning WAN and LAN IP
- Assigning DNS IP
- NAT configuration and
- Routing configuration
Step 1: Renaming MikroTik Interface Name
We will first rename interface name so that we can easily understand and remember configuration. The following steps will show how to rename MikroTik interface name.
- Login to MikroTik Router using Winbox with full permission user privilege.
- Click on Interfaces menu item. Interface List window will appear.
- Double click on ether1 interface. The properties window of the ether1 interface will appear.
- Put WAN1 in Name input field under General tab and then click Apply and OK button.
- Similarly, rename ether2 to WAN2 and ether3 to LAN.
- Your Interface List window will look like the below image.
Step 2: Assigning WAN and LAN IP
We will now assign WAN and LAN IP addresses on our respected interface. The following steps will show how to assign IP address on MikroTik interfaces.
- Go to IP > Addresses menu item. Address List window will appear.
- Click on PLUS SIGN (+) and put ISP1 provided IP address (192.168.30.2/30) in Address input field.
- Choose WAN1 from Interface dropdown menu and click Apply and OK button.
- Similarly, Click on PLUS SIGN (+) and put ISP2 provided IP address (172.30.30.2/30) in Address input field and choose WAN2 from interface dropdown menu and then click Apply and OK button.
- Click on PLUS SIGN (+) again and put LAN gateway IP (10.10.10.1/24) in Address input field and choose LAN from Interface drop down menu and then click Apply and OK button
- Your Address List window will look like the below image.
Step 3: Assigning DNS IP
DNS is required to resolve domain name to IP address. Without DNS server MikroTik Router cannot resolve domain name to IP address and fail to communicate with the public domain server. The following steps will show how to assign DNS IP in MikroTik Router.
- Go to IP > DNS menu item. DNS Settings window will appear.
- Put your DNS server IP provided by your ISP or put Google public DNS Server IP 8.8.8 in Serversinput field.
- Click Apply and OK button.
Step 4: NATing Configuration
We will now create two masquerade NAT rules so that LAN users can access internet through the both WAN connections. That means, if any packet leaves via WAN1, it will be NATed to WAN1 gateway IP address and if any packet leaves via WAN2, it will be NATed to WAN2 gateway IP address. The following steps will show how to create masquerade NAT rule in MikroTik Router.
- Go to IP > Firewall menu option. Firewall window will appear.
- Click on NAT tab and then click on PLUS SIGN (+). New NAT Rule window will appear now. From General tab, choose srcnat from Chain drop-down menu and put LAN IP block (10.10.10.0/24) in Src. Address input field and then choose WAN1 interface (in this article: WAN1) from Out. Interface drop-down menu. Now click on Action tab and choose masquerade from Action drop-down menu and then click Apply and OK button.
- Similarly, click on PLUS SIGN (+) again and choose srcnat from Chain drop-down menu and put LAN IP block (10.10.10.0/24) in Src. Address input field and then choose your WAN2 interface (in this article: WAN2) from Out. Interface drop-down menu. Now click on Action tab and choose masquerade from Action drop-down menu and then click Apply and OK button.
Step 5: Routing Configuration
We will now configure ECMP (Equal Cost Multi-Path) gateway over two WAN links. As we have unequal bandwidth link (WAN1:WAN2=2:1), we will put WAN1 gateway twice time and WAN2 gateway one time. The following steps will show how to assign ECMP gateway in MikroTik Router.
- Go to IP > Routes menu option. Route List window will appear.
- Click on PLUS SIGN (+). New Route window will appear.
- Put WAN1 gateway IP (in this article: 192.168.30.1) in Gateway input box and then click on Add new value button located after gateway input box. New gateway input box will appear. Put WAN1 gateway IP (192.168.30.1) again and click on Add new value button. Put WAN2 gateway IP (172.30.30.1) in new Gateway input box.
- Now choose ping from Check Gateway drop-down menu.
- Click Apply and OK button.
So, two connections among three connections will pass through WAN1 connection and one connection will pass through WAN2 connection. WAN connections will be checked by ping and if any connection gets disconnected, traffic will pass through the available WAN connection until the lost WAN connection gets connected. So, load balancing with failover will be established with ECMP load balancing method.
Connections to the Router Itself
With all multi-gateway situations there is a usual problem to reach router from public network via one, other or both gateways. Because outgoing packets use same routing decision as packets those are going through the router. So reply to a packet that was received via WAN1 might be sending out via WAN2. To avoid this we need to do policy based routing.
The following steps will show how to mark router’s incoming connection to pass it over proper gateway.
- Go to IP > Firewallmenu option and click on Mangle Now click on PLUS SIGN (+). New Mangle Rule window will appear now.
- From General tab, choose input from Chain drop-down menu and choose WAN1 from Interface drop-down menu. Now click on Action tab and choose mark connection from Action drop-down menu and put connection name (WAN1_CONN) whatever string you like in New Connection Mark input field and then uncheck the Passthrough check box if it is checked. Click Apply and OK button.
- Similarly, click on PLUS SIGN (+) and choose input from Chain drop-down menu and then choose WAN2 from In. Interface drop-down menu. Click on Action tab and choose mark connection from Action drop-down menu and put connection name (WAN2_CONN) whatever string you like in New Connection Mark input field and uncheck the Passthrough checkbox if it is checked and then click Apply and OK
- Now click on PLUS SIGN (+) and choose output from Chain drop-down menu and then click on Connection Mark drop-down menu and choose WAN1 connection mark (in this article: WAN1_CONN) that you have created at the first step. Now click on Action tab and choose mark routing from Action drop-down menu and put routing mark name (to_WAN1) in New Routing Mark input field and uncheck the Passthrough checkbox if it is checked and then click Apply and OK
- Similarly, click on PLUS SIGN (+). Choose output from Chain drop-down menu and choose WAN2 connection mark (in this article: WAN2_CONN) that you have created at the second step. Now click on Action tab and choose mark routing from Action drop-down menu and then put routing mark name (to_WAN2) in New Routing Mark input box and uncheck the Passthrough checkbox if it is checked. Click Apply and OK
We have created policy to pass router’s incoming packets to the respected WAN interface. Now we will create routing based on this policy.
- Go to IP > Routes menu option. Route List window will appear.
- Click on PLUS SIGN (+) and put WAN1 gateway IP (192.168.30.1) in Gateway input box and choose ping from Check Gateway drop down and then choose ISP1 routing mark (in this article: to_WAN1) from Routing Mark drop-down menu. Click Apply and OK button.
- Similarly, click on PLUS SIGN (+) and put ISP2 gateway IP (172.30.30.1) in Gateway input box and choose ping from Check Gateway drop down and then choose WAN2 routing mark (in this article: to_WAN2) from Routing Mark drop-down menu. Now click Apply and OK button.
Policy based routing to get router properly from public network has been completed. Now ECMP load balancing will affect no more on getting router from public network.
If you face any confusion to follow the above steps, watch the following video on MikroTik ECMP Load Balancing with Failover over two unequal gateways. Hope it will reduce your any confusion.
How to configure DUAL WAN Load Balancing with Failover using ECMP Method has been discussed in this article. I hope you will now be able to configure load balancing with ECMP method properly. However, if you face any confusion to configure DUAL WAN Load Balancing using ECMP method, feel free to discuss in comment or contact with me from Contact page. I will try my best to stay with you.
Why not a Cup of COFFEE if the solution?