DuxTel Systems (12)
Interface Cards and Adapters (13)
Mikrotik Systems-> (155)
Mimosa Wireless (5)
RouterBOARD (11)
Router Enclosures (13)
Power Supplies & PoE-> (29)
Antennas and Accessories-> (113)
Mikrotik RouterOS (6)
Assembled Kits (6)
Carrier Wireless (1)
Cable and Misc (14)
Hardware and Mounting (22)
Configuration Library (FREE!) (7)
Quick Find
search products
search articles
New Articles
Case Studies
Product Guides (3)
Mikrotik Configuration (17)
Technical (5)
Community News (8)
Q&A (28)
Product Advisory (6)
Policy and Information (7)
Shipping & Returns
Privacy Notice
Conditions of Use
Contact Us
Load balancing with Fail-over by Mike Everest

Q: We want to have the mikrotik manage the connections to be load balanced, so we aren’t hammering either link more than the other. The only caveat for us is there’s a bunch of inbound traffic that will come over one link, obviously that needs to go back out over that link… right?

Of course, we want failover too, so if one link drops, the other will do its job.

 The technique is conceptually straight-forward:

1. Use ‘mangle’ feature to select and mark connections, e.g. add connection mark “web” to traffic with dest port=80:

/ip firewall mangle add action=mark-connection chain=prerouting connection-state=new \
    disabled=no dst-port=80 new-connection-mark=web passthrough=yes protocol=tcp

2. Use ‘mangle’ feature to add route mark on selected connections, e.g. add route mark “isp2” when connection mark is “web”:

/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=web disabled=no \
new-routing-mark=isp2 passthrough=yes

3. Add default route for marked traffic with distance=1, e.g. send traffic via ppp-out2 for route mark “isp2”:

/ip route add check-gateway=ping disabled=no distance=1 dst-address= gateway=pppoe-out2 \

4.Add backup route (distance >1) via other uplink for failover, e.g. use pppoe-out1 when check-gateway=ping fails for primary uplink path:

/ip route add check-gateway=ping disabled=no distance=10 dst-address= gateway=pppoe-out1 \


a. When the uplink path is not ppp, use the next hop gateway address instead of pppoe interface name
b. Use ‘per connection classifier’ (ppc) feature to balance approximately equally across multiple uplinks

You are welcome to contact us at any time if you wish to discuss these concepts further.



Date Added:
Current Comments: 0
Write Review
Tell a friend
Tell a friend about this article:  
Shopping Cart
0 items
Latest News
about 8 days ago
Now in stock @duxtel! :-)
more >>
about 02 months ago
#wirelesswire from @mikrotik_com is coming VERY soon! received our first test samples today!
more >>
about 02 months ago
RT @mikrotik_com: Time to upgrade, 6.39.3 is out in the bugfix channel! ⚙
more >>
about 02 months ago
RT @mikrotik_com: We have updated forum topic with more information about vulnerability and its effect,
more >>
about 03 months ago
congrats to Michael Shepherd of KBIT for taking out the DUX prize of MTCNA! :)
more >>
about 03 months ago
All set and ready for MilroTik Certified Training classes starting tomorrow!
more >>
Follow our tweets for all the latest news and updates!
RB953GS-5HnT: 5 wired, 3 wireless with 3x3 MIMO 11n & 2 miniPC-e
Only MikroTik routerBOARD device at the moment which support ..
5 of 5 Stars!

Copyright © 2018 DuxTel Online Store