Load Balance using PCC method
Load balance on the proxy is a technique to distribute the traffic load on two or more lines in a balanced connection, so that traffic can run optimally, maximize throughput, minimize response time and avoid overload on one connection point.During this time many of us who think incorrectly, that by using the loadbalance two connection lines, the large bandwidth will we get into a doubling of bandwidth before using loadbalance (accumulation of both the bandwidth). This needs to be clear in advance, that will not add bulk to loadbalance bandwidth we get, but it only served to divide the traffic from both the bandwidth that can be used in a balanced way.With this article, we will prove that the use of mathematical formulas loadbalancing not like 512 + 256 = 768, but 512 + 256 = 512 + 256, or 512 + 256 = 256 + 256 + 256.In this article we use RB433UAH with the following conditions:1. Ether1 and ether2 connected to different ISPs with large bandwdith different. ISP1 and ISP2 at 512kbps for 256kbps.2. We will use the internal web-proxy and use OpenDNS.3. RouterOS you are using version 4.5 because the PCC has become a popular feature at the 3:24 version.If the above condition is different from your local network conditions, the configuration of which we will describe here should you adjust the configuration to your local network.Basic ConfigurationHere is a network topology and the IP address that we will use
/ip address
add address=192.168.101.2/30 interface=ether1
add address=192.168.102.2/30 interface=ether2
add address=10.10.10.1/24 interface=wlan2
/ip dns
set allow-remote-requests=yes primary-dns=208.67.222.222 secondary-dns=208.67.220.220
For client connections, we use the wireless connection on wlan2 the client IP range 10.10.10.2 s / d 10.10.10.254 netmask 255.255.255.0, which is attached to the IP 10.10.10.1 wlan2 serves as a gateway and dns server from the client. If you are using one of the DNS from your ISP, then there will be additional mangle would we give a thickAfter configuring the IP and DNS are correct, we have to install a default route to each of us to ISP gateway IP routers forward all traffic that is not connected to it to the gateway. Here we use the check-gateway feature is useful if one of the gateways we broke up, then the connection will be deflected to the other gateway./ Ip routeadd dst-address = 0.0.0.0 / 0 gateway = 192.168.101.1 distance = 1 check-gateway = pingadd dst-address = 0.0.0.0 / 0 gateway = 192.168.102.1 distance = 2 check-gateway = pingTo setup the Access Point so that the PC can connect to the wireless client, we use the command/ Interface wirelesswlan2 set mode = ap-bridge band = 2.4ghz-b / g ssid = MikroTik disabled = noIn order for the client pc can connect to the internet, we also have to change the private IP to a public IP client that is in us is the public interface ether1 and ether2./ Ip firewall natadd action = masquerade chain = srcnat out-interface = ether1add action = masquerade chain = srcnat out-interface = ether2Until this step, the router and the PC clients are able to access the Internet. Ping the router or the good of the client pc to the internet. If not successful, check your configuration again.
Internal WebproxyIn particular routerboard, like RB450G, RB433AH, RB433UAH, RB800 and RB1100 has an expansion slot (USB, MicroSD, CompactFlash) for additional storage. In the following example, we will use the usb flash attached to the USB slot. For the first time installation, this additional storage will be read status invalid in / system store. In order to be used as a storage media cache, the storage must be formatted in advance and activated Later we stay activate and set webproxy cache-on-disk = yes to use our storage media. Do not forget to redirect traffic HTTP (TCP port 80) into our webproxy./ Store disk-drive format usb1/ Storeadd disk = usb1 name = cache-usb type = web-proxyactivate cache-usb/ Ip proxyset cache-on-disk = yes enabled = yes max-cache-size = 200000KiB port = 8080/ Ip firewall natadd chain = tcp protocol = dstnat dst-port = 80 in-interface = wlan2 action = redirect to-ports = 8080Setting MangleIn loadbalancing this time we will use a feature called PCC (Per Connection Classifier). With PCC we can categorize traffic connections through or out of the router into multiple groups. These groupings can be distinguished based on src-address, dst-address, src-port and dst-port or. Router will remember the beginning of the path through which traffic gateway connection, so that the subsequent packets are still associated with the first connection will be passed on the same gateway path. The advantages of this PCC complaint that answers many frequently break the connection on the other loadbalancing technique prior to the PCC because displacement gateway ..Before making mangle loadbalance, to prevent routing loops in traffic, then all client traffic to the network that is connected directly to the router, should we bypass of loadbalancing. We could make a list of IP that is still in the network router and install the following first mangle/ Ip firewall address-listadd address = 192.168.101.0/30 list = localadd address = 192.168.102.0/30 list = localadd address = 10.10.10.0/24 list = local/ Ip firewall mangleadd action = accept chain = prerouting dst-address-list = local in-interface = wlan2 comment = "local traffic"add action = accept chain = output dst-address-list = localIn certain cases, the first traffic can come from the Internet, such as the use of remote winbox or telnet from the internet and so on, therefore we also need to mark the mark-connection traffic so that traffic can pass through the interface behind which the incoming traffic/ Ip firewall mangleadd action = mark-connection chain = prerouting connection-mark = no-mark in-interface = ether1 new-connection-mark = con-from-ISP1 passthrough = yes comment = "traffic from ISP1"add action = mark-connection chain = prerouting connection-mark = no-mark in-interface = ether2 new-connection-mark = con-from-ISP2 passthrough = yes comment = "traffic from ISP2"Generally, an ISP will restrict access of DNS server IP only knew, so if you are using one of the DNS from your ISP, you must add a mangle that DNS traffic through the gateway of the ISP in question rather than through other ISPs gateway. Here we provide that through the mangle DNS ISP1 ISP1 gateway. If you use independent public DNS, such as OpenDNS, you do not need the mangle below./ Ip firewall mangleadd action = mark-connection chain = output comment = dns dst-address = 202.65.112.21 dst-port = 53 new-connection-mark = dns passthrough = yes protocol = tcp comment = "DNS traffic citra.net.id"add action = mark-connection chain = output dst-address = 202.65.112.21 dst-port = 53 new-connection-mark = dns passthrough = yes protocol = udpadd action = mark-routing chain = output connection-mark = dns new-routing-mark = route-to-ISP1 passthrough = noBecause we use a webproxy on the router, then we need to loadbalance traffic there are 2 types. The first is the traffic from the client to the internet (non-HTTP), and traffic from the Internet to the webproxy. To be more structured and easier in the readings, we will use a custom-chain as follows:/ Ip firewall mangleadd action = jump chain = prerouting comment = "jump to client-lb" connection-mark = no-mark in-interface = wlan2 jump-target = client-lbadd action = jump chain = output comment = "jump to lb-proxy" connection-mark = no-mark out-interface =! wlan2 jump-target = lb-proxyAt mangle above, to make sure the client loadbalance traffic parameters in-interface is the interface connected to the client, and to loadbalance webproxy traffic, we use the chain-out output parameter interfaces are not connected to the client interface. Having a custom chain for loadbalancing made, we can make a custom chain mangle in the following/ Ip firewall mangleadd action = mark-connection chain = client-lb dst-address-type =! local new-connection-mark = to-ISP1 passthrough = yes per-connection-classifier = both-addresses: 3/0 comment = "initial loadbalancing client "add action = mark-connection chain = client-lb dst-address-type =! local new-connection-mark = to-ISP1 passthrough = yes per-connection-classifier = both-addresses: 3/1add action = mark-connection chain = client-lb dst-address-type =! local new-connection-mark = to-ISP2 passthrough = yes per-connection-classifier = both-addresses: 3/2add action = return chain = client-lb comment = "end of loadbalancing"/ Ip firewall mangleadd action = mark-connection chain = lb-proxy dst-address-type =! local new-connection-mark = con-from-ISP1 passthrough = yes per-connection-classifier = both-addresses: 3/0 comment = "initial load balancing proxy "add action = mark-connection chain = lb-proxy dst-address-type =! local new-connection-mark = con-from-ISP1 passthrough = yes per-connection-classifier = both-addresses: 3/1add action = mark-connection chain = lb-proxy dst-address-type =! local new-connection-mark = con-from-ISP2 passthrough = yes per-connection-classifier = both-addresses: 3/2add action = return chain = lb-proxy comment = "end of loadbalancing"For the example above, the client loadbalancing and WebProxy using pcc traffic separation parameters the same, ie both-address, so the router will remember by src-address and dst-address of a connection. Because we are different ISP traffic (512kbps and 256kbps), we divide the traffic load into 3 parts. 2 The first part will pass through the gateway ISP1, and 1 final part will pass through the gateway ISP2. If each traffic from clients and proxies have been marked, the next step we just create a mangle mark-route that will be used in the routing process will/ Ip firewall mangleadd action = jump chain = prerouting comment = "marking the route client" connection-mark =! no-mark in-interface = wlan2 jump-target = route-clientadd action = mark-routing chain = route-client connection-mark = ISP1 to-new-routing-mark = route-to-ISP1 passthrough = noadd action = mark-routing chain = route-client connection-mark = ISP2 to-new-routing-mark = route-to-ISP2 passthrough = noadd action = mark-routing chain = route-client connection-mark = con-from-ISP1 new-routing-mark = route-to-ISP1 passthrough = noadd action = mark-routing chain = route-client connection-mark = con-from-ISP2 new-routing-mark = route-to-ISP2 passthrough = noadd action = return chain = route-client disabled = no/ Ip firewall mangleadd action = mark-routing chain = output comment = "proxy route marking" connection-mark = con-from-ISP1 new-routing-mark = route-to-ISP1 out-interface =! wlan2 passthrough = noadd action = mark-routing chain = output connection-mark = con-from-ISP2 new-routing-mark = route-to-ISP2 out-interface =! wlan2 passthrough = noSetting RoutingMangle settings above will not be useful if you have not made a mark-routing based on the route that we have created. Here we will also make a backup routing, so that when a gateway is lost, then all connections will pass through gateways that each connected/ Ip routeadd check-gateway = ping dst-address = 0.0.0.0 / 0 gateway = 192.168.101.1 routing-mark = route-to-ISP1 distance = 1add check-gateway = ping dst-address = 0.0.0.0 / 0 gateway = 192.168.102.1 routing-mark = route-to-ISP1 distance = 2add check-gateway = ping dst-address = 0.0.0.0 / 0 gateway = 192.168.102.1 routing-mark = route-to-ISP2 distance = 1add check-gateway = ping dst-address = 0.0.0.0 / 0 gateway = 192.168.101.1 routing-mark = route-to-ISP2 distance = 2ExaminationFrom our test results, obtained as follows
From the picture looks, that just by doing 1 file download (1 connections), we only get a speed of 56kbps (448kbps) because at the time it passes through the gateway ISP1, whereas if we download the file (opens a new connection) again on another web, will get 30Kbps (240kbps). From this test it can be concluded that the visible
≠ + 256kbps 512kbps 768kbps
Note:
* Pcc loadbalancing using this technique will be effective and balanced approach when more and more connections (from clients) that occurred.
* Use ISPs that have not Share FIX bandwidth to obtain more optimal results.
* Load Balance using PCC is not always and entirely a solution that should work well on all types of networks, due to the balancing of traffic is based on the logic of probability.
Source (Mikrotik.co.id)
≠ + 256kbps 512kbps 768kbps
Note:
* Pcc loadbalancing using this technique will be effective and balanced approach when more and more connections (from clients) that occurred.
* Use ISPs that have not Share FIX bandwidth to obtain more optimal results.
* Load Balance using PCC is not always and entirely a solution that should work well on all types of networks, due to the balancing of traffic is based on the logic of probability.
Source (Mikrotik.co.id)
No comments:
Post a Comment