SlideShare a Scribd company logo

Connection load balancing with mikrotik [workshop]

Achmad Mardiansyah
Achmad Mardiansyah

In this presentation, we are talking about the basic concept of how to do load balancing outgoing connection using mikrotik Router

Internet
1 of 28
Download to read offline
www.glcnetworks.com Connection load balancing with mikrotik [workshop] Mikrotik User Meeting Jakarta, 13 october 2016 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia
www.glcnetworks.com Agenda ● Introduction ● The basics: connection and routing ● Load Balancing (LB) techniques (PCC) ● Some issues and recommendations ● Q & A 2
www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● An Indonesian company ● Located in Bandung ● Areas: Training, IT Consulting ● Mikrotik Certified Training Partner ● Mikrotik Certified Consultant ● Mikrotik distributor 3
www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since ’99 ● Certified Trainer (MTCNA/RE/WE/UME/INE/TCE) ● Mikrotik Certified Consultant ● Work: Telco engineer, Sysadmin, PHP programmer, and Lecturer ● Personal website: http://achmad.glcnetworks.com ● More info: http://au.linkedin.com/in/achmadmardiansyah 4
www.glcnetworks.com About Telkom University ● Located in Bandung, Indonesia ● 7 Faculties, 27 schools ● Areas: Engineering, Communications, Computing, Bussiness and management, Arts ● 650+ Academic staff, 400+ Administration staff, 20000+ students ● An exchange program ● Runs mikrotik academy program 5
www.glcnetworks.com Mikrotik academy @ TEL-U ● Started in 2013 ● Embedded into schools curricula ● 100% hands-on ● Get MTCNA certification 6
www.glcnetworks.com The basics: Connection and Routing 7
www.glcnetworks.com Why should i care? ● Lots of tutorials in internet!!! ● Tons of pages, tutorial, videos Questions for reader: ● Do you really understand that? ● Did the writer understand that? ● Is it really works as expected? 8
www.glcnetworks.com Are those webpages really works on you? ● Information overloaded… which one suits you? ● Perhaps they have different environment on their network ● You need to understand how it works... 9
www.glcnetworks.com What is (traffic) load balancing? ● Is a process to forward traffic on several links ● Applied on router ● != failover Benefits: ● Increase utilisation of upstream links 10 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
www.glcnetworks.com What is connection? ● When you access a server you will create a connection ● Connection is identified by a set of IP addresses (source and destination) and ports (source and destination) ● See connection tracking below 11 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
www.glcnetworks.com Single connection to a website Website with single connection: http://test.glcnetworks.com 1212 ISP1 ISP2 LAN ether5 ether6 ISP3
www.glcnetworks.com Website with multiple objects 1313 ISP1 ISP2 LAN ether5 ether6 ISP3 ● Client will open multiple connections to get website components Connect ion 1 Connect ion 2 Connect ion 3
www.glcnetworks.com Routing and Forwarding ● A process to forward a packet from input interface to output interface, based on information on routing table. ● As we use private IP address, there will be a NAT process before sending out to exit interface ● To check our public IP address, go to http://test.glcnetworks.com 1414 ISP1 ISP2 LAN ether5 ether6 ISP3
www.glcnetworks.com Adjust routing (mangle: mark-routing) ● Process to mark a packet to for routing purpose ● Steps: ○ Create firewall mangle with action mark-routing ○ Create routing entry with defined-mark ○ Create NAT rule if we use private IP address ● To check our public IP address, go to http://test.glcnetworks.com 1515 ISP1 ISP2 LAN ether5 ether6 ISP3
www.glcnetworks.com Forward traffic via ISP2 using mangle 16
www.glcnetworks.com Forward traffic via ISP1 using mangle 17
www.glcnetworks.com Load Balancing techniques 18
www.glcnetworks.com Load balancing techniques 19 Method Per-connection per-packet Firewall marking YES YES ECMP YES NO PCC YES NO Nth YES YES Bonding NO YES OSPF YES NO BGP YES NO
www.glcnetworks.com How PCC works? ● PCC = Per Connection Classifier ● PCC can identify the connection and mark them for further processing ● Example: a client opens a multi-object website via single ISP. both addresses (src-address and dst-address) are used to identify connection ● PCC can identify each connection made from client 20 ISP1 LAN ether5 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
www.glcnetworks.com Applying PCC ● You need to understand the concept of connection ● Applied on firewall mangle ● Need to define classifier. Can be based on: ○ Source or destination address only ○ Both addresses ○ Etc ● Define connection number and total connection 21 Total connection Connection identifier
www.glcnetworks.com Lets play with PCC classifier... ● Apply different classifier and check the result 22
www.glcnetworks.com Website with multiple objects, LB with classifier: both address 2323 ISP1 ISP2 LAN ether5 ether6 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
www.glcnetworks.com Some issues & recommendations 24
www.glcnetworks.com Some issues & recommendations Issues: ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> page will not displayed correctly (as it is considered illegal session) ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> banking / https pages will not allow you to access their website Recommendations ● If you use NAT, Better to use classifier based on source IP address only -> will give client consistent path to the destination ● Avoid NAT if possible -> using public IP address end-to-end -> use BGP -> better performance 25
www.glcnetworks.com QA 26
www.glcnetworks.com Some info ● Hope you are more curious now ● These materials are part of Mikrotik Certified Traffic Control Engineer (MTCTCE) course ● If you are interested, you can sign up to our website 27
www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Like our facebook page: “GLC networks” ● Stay tune with our schedule 28

Recommended

Mikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveMikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveGLC Networks
 
ISP load balancing with mikrotik nth
ISP load balancing with mikrotik nthISP load balancing with mikrotik nth
ISP load balancing with mikrotik nthAchmad Mardiansyah
 
Mikrotik firewall raw table
Mikrotik firewall raw tableMikrotik firewall raw table
Mikrotik firewall raw tableAchmad Mardiansyah
 
Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotikAchmad Mardiansyah
 
GLC webinar: limiting bandwidth using mikrotik
GLC webinar: limiting bandwidth using mikrotikGLC webinar: limiting bandwidth using mikrotik
GLC webinar: limiting bandwidth using mikrotikAchmad Mardiansyah
 
Mikrotik firewall filter
Mikrotik firewall filterMikrotik firewall filter
Mikrotik firewall filterAchmad Mardiansyah
 
Using Mikrotik Switch Features to Improve Your Network
Using Mikrotik Switch Features to Improve Your Network Using Mikrotik Switch Features to Improve Your Network
Using Mikrotik Switch Features to Improve Your Network GLC Networks
 
Using mikrotik with radius
Using mikrotik with radiusUsing mikrotik with radius
Using mikrotik with radiusAchmad Mardiansyah
 

Recommended

Mikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveMikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveGLC Networks
 
ISP load balancing with mikrotik nth
ISP load balancing with mikrotik nthISP load balancing with mikrotik nth
ISP load balancing with mikrotik nthAchmad Mardiansyah
 
Mikrotik firewall raw table
Mikrotik firewall raw tableMikrotik firewall raw table
Mikrotik firewall raw tableAchmad Mardiansyah
 
Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotikAchmad Mardiansyah
 
GLC webinar: limiting bandwidth using mikrotik
GLC webinar: limiting bandwidth using mikrotikGLC webinar: limiting bandwidth using mikrotik
GLC webinar: limiting bandwidth using mikrotikAchmad Mardiansyah
 
Mikrotik firewall filter
Mikrotik firewall filterMikrotik firewall filter
Mikrotik firewall filterAchmad Mardiansyah
 
Using Mikrotik Switch Features to Improve Your Network
Using Mikrotik Switch Features to Improve Your Network Using Mikrotik Switch Features to Improve Your Network
Using Mikrotik Switch Features to Improve Your Network GLC Networks
 
Using mikrotik with radius
Using mikrotik with radiusUsing mikrotik with radius
Using mikrotik with radiusAchmad Mardiansyah
 
MUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMANMUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMANGLC Networks
 
Mikrotik Hotspot
Mikrotik HotspotMikrotik Hotspot
Mikrotik HotspotGLC Networks
 
VLAN on mikrotik
VLAN on mikrotikVLAN on mikrotik
VLAN on mikrotikAchmad Mardiansyah
 
OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7GLC Networks
 
Mikrotik fasttrack
Mikrotik fasttrackMikrotik fasttrack
Mikrotik fasttrackAchmad Mardiansyah
 
Detecting network virus using mikrotik
Detecting network virus using mikrotikDetecting network virus using mikrotik
Detecting network virus using mikrotikAchmad Mardiansyah
 
BGP on mikrotik
BGP on mikrotikBGP on mikrotik
BGP on mikrotikAchmad Mardiansyah
 
Mikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCMikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCGLC Networks
 
IPv6 with Mikrotik
IPv6 with MikrotikIPv6 with Mikrotik
IPv6 with MikrotikGLC Networks
 
Mikrotik firewall mangle
Mikrotik firewall mangleMikrotik firewall mangle
Mikrotik firewall mangleAchmad Mardiansyah
 
BGP vs OSPF on Mikrotik
BGP vs OSPF on MikrotikBGP vs OSPF on Mikrotik
BGP vs OSPF on MikrotikGLC Networks
 
Layer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikLayer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikGLC Networks
 
Mikro tik advanced training
Mikro tik advanced trainingMikro tik advanced training
Mikro tik advanced trainingJignesh H. Bhalsod
 
EOIP Deep Dive
EOIP Deep DiveEOIP Deep Dive
EOIP Deep DiveGLC Networks
 
IPsec on Mikrotik
IPsec on MikrotikIPsec on Mikrotik
IPsec on MikrotikGLC Networks
 
Mikrotik Fastpath vs Fasttrack
Mikrotik Fastpath vs FasttrackMikrotik Fastpath vs Fasttrack
Mikrotik Fastpath vs FasttrackGLC Networks
 
PPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusPPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusDashamir Hoxha
 
Mikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityMikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityGLC Networks
 
OpeVPN on Mikrotik
OpeVPN on MikrotikOpeVPN on Mikrotik
OpeVPN on MikrotikGLC Networks
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerKHNOG
 
VPN on Mikrotik
VPN on MikrotikVPN on Mikrotik
VPN on MikrotikAchmad Mardiansyah
 
Mikrotik the dude
Mikrotik the dudeMikrotik the dude
Mikrotik the dudeAchmad Mardiansyah
 

More Related Content

What's hot

MUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMANMUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMANGLC Networks
 
OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7GLC Networks
 
Detecting network virus using mikrotik
Detecting network virus using mikrotikDetecting network virus using mikrotik
Detecting network virus using mikrotikAchmad Mardiansyah
 
Mikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCMikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCGLC Networks
 
IPv6 with Mikrotik
IPv6 with MikrotikIPv6 with Mikrotik
IPv6 with MikrotikGLC Networks
 
BGP vs OSPF on Mikrotik
BGP vs OSPF on MikrotikBGP vs OSPF on Mikrotik
BGP vs OSPF on MikrotikGLC Networks
 
Layer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikLayer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikGLC Networks
 
Mikrotik Fastpath vs Fasttrack
Mikrotik Fastpath vs FasttrackMikrotik Fastpath vs Fasttrack
Mikrotik Fastpath vs FasttrackGLC Networks
 
PPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusPPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusDashamir Hoxha
 
Mikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityMikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityGLC Networks
 
OpeVPN on Mikrotik
OpeVPN on MikrotikOpeVPN on Mikrotik
OpeVPN on MikrotikGLC Networks
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerKHNOG
 

What's hot (20)

MUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMANMUM Melbourne : Build Enterprise Wireless with CAPsMAN
MUM Melbourne : Build Enterprise Wireless with CAPsMAN
 
Mikrotik Hotspot
Mikrotik HotspotMikrotik Hotspot
Mikrotik Hotspot
 
VLAN on mikrotik
VLAN on mikrotikVLAN on mikrotik
VLAN on mikrotik
 
OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7
 
Mikrotik fasttrack
Mikrotik fasttrackMikrotik fasttrack
Mikrotik fasttrack
 
Detecting network virus using mikrotik
Detecting network virus using mikrotikDetecting network virus using mikrotik
Detecting network virus using mikrotik
 
BGP on mikrotik
BGP on mikrotikBGP on mikrotik
BGP on mikrotik
 
Mikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCCMikrotik Load Balancing with PCC
Mikrotik Load Balancing with PCC
 
IPv6 with Mikrotik
IPv6 with MikrotikIPv6 with Mikrotik
IPv6 with Mikrotik
 
Mikrotik firewall mangle
Mikrotik firewall mangleMikrotik firewall mangle
Mikrotik firewall mangle
 
BGP vs OSPF on Mikrotik
BGP vs OSPF on MikrotikBGP vs OSPF on Mikrotik
BGP vs OSPF on Mikrotik
 
Layer 7 Firewall on Mikrotik
Layer 7 Firewall on MikrotikLayer 7 Firewall on Mikrotik
Layer 7 Firewall on Mikrotik
 
Mikro tik advanced training
Mikro tik advanced trainingMikro tik advanced training
Mikro tik advanced training
 
EOIP Deep Dive
EOIP Deep DiveEOIP Deep Dive
EOIP Deep Dive
 
IPsec on Mikrotik
IPsec on MikrotikIPsec on Mikrotik
IPsec on Mikrotik
 
Mikrotik Fastpath vs Fasttrack
Mikrotik Fastpath vs FasttrackMikrotik Fastpath vs Fasttrack
Mikrotik Fastpath vs Fasttrack
 
PPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusPPPoE With Mikrotik and Radius
PPPoE With Mikrotik and Radius
 
Mikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityMikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and Security
 
OpeVPN on Mikrotik
OpeVPN on MikrotikOpeVPN on Mikrotik
OpeVPN on Mikrotik
 
Mikrotik Hotspot User Manager
Mikrotik Hotspot User ManagerMikrotik Hotspot User Manager
Mikrotik Hotspot User Manager
 

Viewers also liked

(Mikrotik)MTCNA presentation Material-IDN
(Mikrotik)MTCNA presentation Material-IDN(Mikrotik)MTCNA presentation Material-IDN
(Mikrotik)MTCNA presentation Material-IDNAndry Ansah
 
Super easy FreeBSD 8.0 installation guide
Super easy FreeBSD 8.0 installation guideSuper easy FreeBSD 8.0 installation guide
Super easy FreeBSD 8.0 installation guideAchmad Mardiansyah
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configurationTola LENG
 
MikroTik MTCNA
MikroTik MTCNAMikroTik MTCNA
MikroTik MTCNAAli Layth
 
Limiting bandwidth of specific destination based on address list
Limiting bandwidth of specific destination based on address listLimiting bandwidth of specific destination based on address list
Limiting bandwidth of specific destination based on address listAchmad Mardiansyah
 
Routing Information Protocol (RIP) on Mikrotik
Routing Information Protocol (RIP) on MikrotikRouting Information Protocol (RIP) on Mikrotik
Routing Information Protocol (RIP) on MikrotikAchmad Mardiansyah
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingAchmad Mardiansyah
 
PPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusPPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusDashamir Hoxha
 
clCaffe*: Unleashing the Power of Intel Graphics for Deep Learning Acceleration
clCaffe*: Unleashing the Power of Intel Graphics for Deep Learning AccelerationclCaffe*: Unleashing the Power of Intel Graphics for Deep Learning Acceleration
clCaffe*: Unleashing the Power of Intel Graphics for Deep Learning AccelerationIntel® Software
 
MikroTik Security
MikroTik SecurityMikroTik Security
MikroTik SecurityRofiq Fauzi
 
System Engineer: OpenLDAP and Samba Server
System Engineer: OpenLDAP and Samba ServerSystem Engineer: OpenLDAP and Samba Server
System Engineer: OpenLDAP and Samba ServerTola LENG
 
Basic command to configure mikrotik
Basic command to configure mikrotikBasic command to configure mikrotik
Basic command to configure mikrotikTola LENG
 
Primeros pasos en un routerboard Mikrotik hAP Lite – RB941-2nD
Primeros pasos en un routerboard Mikrotik hAP Lite – RB941-2nDPrimeros pasos en un routerboard Mikrotik hAP Lite – RB941-2nD
Primeros pasos en un routerboard Mikrotik hAP Lite – RB941-2nDConstantino Vargas Cornejo
 

Viewers also liked (20)

VPN on Mikrotik
VPN on MikrotikVPN on Mikrotik
VPN on Mikrotik
 
Mikrotik the dude
Mikrotik the dudeMikrotik the dude
Mikrotik the dude
 
MikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port KnockingMikroTik Firewall : Securing your Router with Port Knocking
MikroTik Firewall : Securing your Router with Port Knocking
 
(Mikrotik)MTCNA presentation Material-IDN
(Mikrotik)MTCNA presentation Material-IDN(Mikrotik)MTCNA presentation Material-IDN
(Mikrotik)MTCNA presentation Material-IDN
 
Mikrotik advanced
Mikrotik advancedMikrotik advanced
Mikrotik advanced
 
IPv6 on Mikrotik
IPv6 on MikrotikIPv6 on Mikrotik
IPv6 on Mikrotik
 
Super easy FreeBSD 8.0 installation guide
Super easy FreeBSD 8.0 installation guideSuper easy FreeBSD 8.0 installation guide
Super easy FreeBSD 8.0 installation guide
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configuration
 
MikroTik MTCNA
MikroTik MTCNAMikroTik MTCNA
MikroTik MTCNA
 
Limiting bandwidth of specific destination based on address list
Limiting bandwidth of specific destination based on address listLimiting bandwidth of specific destination based on address list
Limiting bandwidth of specific destination based on address list
 
Routing Information Protocol (RIP) on Mikrotik
Routing Information Protocol (RIP) on MikrotikRouting Information Protocol (RIP) on Mikrotik
Routing Information Protocol (RIP) on Mikrotik
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
PPPoE With Mikrotik and Radius
PPPoE With Mikrotik and RadiusPPPoE With Mikrotik and Radius
PPPoE With Mikrotik and Radius
 
clCaffe*: Unleashing the Power of Intel Graphics for Deep Learning Acceleration
clCaffe*: Unleashing the Power of Intel Graphics for Deep Learning AccelerationclCaffe*: Unleashing the Power of Intel Graphics for Deep Learning Acceleration
clCaffe*: Unleashing the Power of Intel Graphics for Deep Learning Acceleration
 
MikroTik Security
MikroTik SecurityMikroTik Security
MikroTik Security
 
Mikrotik API
Mikrotik APIMikrotik API
Mikrotik API
 
System Engineer: OpenLDAP and Samba Server
System Engineer: OpenLDAP and Samba ServerSystem Engineer: OpenLDAP and Samba Server
System Engineer: OpenLDAP and Samba Server
 
Basic command to configure mikrotik
Basic command to configure mikrotikBasic command to configure mikrotik
Basic command to configure mikrotik
 
Mikrotik metarouter
Mikrotik metarouterMikrotik metarouter
Mikrotik metarouter
 
Primeros pasos en un routerboard Mikrotik hAP Lite – RB941-2nD
Primeros pasos en un routerboard Mikrotik hAP Lite – RB941-2nDPrimeros pasos en un routerboard Mikrotik hAP Lite – RB941-2nD
Primeros pasos en un routerboard Mikrotik hAP Lite – RB941-2nD
 

Similar to Connection load balancing with mikrotik [workshop]

Troubleshooting load balancing
Troubleshooting load balancingTroubleshooting load balancing
Troubleshooting load balancingAchmad Mardiansyah
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security GLC Networks
 
Build Your Own ISP
Build Your Own ISPBuild Your Own ISP
Build Your Own ISPGLC Networks
 
Building Local-loop Services for Customers
Building Local-loop Services for CustomersBuilding Local-loop Services for Customers
Building Local-loop Services for CustomersGLC Networks
 
Building Web Server with Linux
Building Web Server with LinuxBuilding Web Server with Linux
Building Web Server with LinuxGLC Networks
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikGLC Networks
 
Using Control-Webpanel for Hosting Service - Part 1
Using Control-Webpanel for Hosting Service - Part 1Using Control-Webpanel for Hosting Service - Part 1
Using Control-Webpanel for Hosting Service - Part 1GLC Networks
 
Jumpstart your router with mikrotik quickset
Jumpstart your router with mikrotik quicksetJumpstart your router with mikrotik quickset
Jumpstart your router with mikrotik quicksetAchmad Mardiansyah
 
Manage Your Router with Dynamic Public IP
Manage Your Router with Dynamic Public IPManage Your Router with Dynamic Public IP
Manage Your Router with Dynamic Public IPGLC Networks
 
ISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMPISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMPGLC Networks
 
Zabbix for Monitoring
Zabbix for MonitoringZabbix for Monitoring
Zabbix for MonitoringGLC Networks
 
Firewall mangle PBR: steering outbound path similar to inbound
Firewall mangle PBR: steering outbound path similar to inboundFirewall mangle PBR: steering outbound path similar to inbound
Firewall mangle PBR: steering outbound path similar to inboundGLC Networks
 
Building API with PHP
Building API with PHPBuilding API with PHP
Building API with PHPGLC Networks
 
Running BGP with Mikrotik
Running BGP with MikrotikRunning BGP with Mikrotik
Running BGP with MikrotikGLC Networks
 
Internet Protocol Deep-Dive
Internet Protocol Deep-DiveInternet Protocol Deep-Dive
Internet Protocol Deep-DiveGLC Networks
 
Tuning OSPF: Bidirectional Forwarding Detection (BFD)
Tuning OSPF: Bidirectional Forwarding Detection (BFD)Tuning OSPF: Bidirectional Forwarding Detection (BFD)
Tuning OSPF: Bidirectional Forwarding Detection (BFD)GLC Networks
 
Stable OSPF: choosing network type.pdf
Stable OSPF: choosing network type.pdfStable OSPF: choosing network type.pdf
Stable OSPF: choosing network type.pdfGLC Networks
 
Tunnel vs VPN on Mikrotik
Tunnel vs VPN on MikrotikTunnel vs VPN on Mikrotik
Tunnel vs VPN on MikrotikGLC Networks
 
BGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP PeeringBGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP PeeringGLC Networks
 

Similar to Connection load balancing with mikrotik [workshop] (20)

Troubleshooting load balancing
Troubleshooting load balancingTroubleshooting load balancing
Troubleshooting load balancing
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
 
Build Your Own ISP
Build Your Own ISPBuild Your Own ISP
Build Your Own ISP
 
Building Local-loop Services for Customers
Building Local-loop Services for CustomersBuilding Local-loop Services for Customers
Building Local-loop Services for Customers
 
Building Web Server with Linux
Building Web Server with LinuxBuilding Web Server with Linux
Building Web Server with Linux
 
Network LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with MikrotikNetwork LACP/Bonding/Teaming with Mikrotik
Network LACP/Bonding/Teaming with Mikrotik
 
Mikrotik firewall NAT
Mikrotik firewall NATMikrotik firewall NAT
Mikrotik firewall NAT
 
Using Control-Webpanel for Hosting Service - Part 1
Using Control-Webpanel for Hosting Service - Part 1Using Control-Webpanel for Hosting Service - Part 1
Using Control-Webpanel for Hosting Service - Part 1
 
Jumpstart your router with mikrotik quickset
Jumpstart your router with mikrotik quicksetJumpstart your router with mikrotik quickset
Jumpstart your router with mikrotik quickset
 
Manage Your Router with Dynamic Public IP
Manage Your Router with Dynamic Public IPManage Your Router with Dynamic Public IP
Manage Your Router with Dynamic Public IP
 
ISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMPISP Load Balancing with Mikrotik ECMP
ISP Load Balancing with Mikrotik ECMP
 
Zabbix for Monitoring
Zabbix for MonitoringZabbix for Monitoring
Zabbix for Monitoring
 
Firewall mangle PBR: steering outbound path similar to inbound
Firewall mangle PBR: steering outbound path similar to inboundFirewall mangle PBR: steering outbound path similar to inbound
Firewall mangle PBR: steering outbound path similar to inbound
 
Building API with PHP
Building API with PHPBuilding API with PHP
Building API with PHP
 
Running BGP with Mikrotik
Running BGP with MikrotikRunning BGP with Mikrotik
Running BGP with Mikrotik
 
Internet Protocol Deep-Dive
Internet Protocol Deep-DiveInternet Protocol Deep-Dive
Internet Protocol Deep-Dive
 
Tuning OSPF: Bidirectional Forwarding Detection (BFD)
Tuning OSPF: Bidirectional Forwarding Detection (BFD)Tuning OSPF: Bidirectional Forwarding Detection (BFD)
Tuning OSPF: Bidirectional Forwarding Detection (BFD)
 
Stable OSPF: choosing network type.pdf
Stable OSPF: choosing network type.pdfStable OSPF: choosing network type.pdf
Stable OSPF: choosing network type.pdf
 
Tunnel vs VPN on Mikrotik
Tunnel vs VPN on MikrotikTunnel vs VPN on Mikrotik
Tunnel vs VPN on Mikrotik
 
BGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP PeeringBGP Services IP Transit vs IP Peering
BGP Services IP Transit vs IP Peering
 

More from Achmad Mardiansyah

Backup & Restore (BR) in Solaris OS
Backup & Restore (BR) in Solaris OSBackup & Restore (BR) in Solaris OS
Backup & Restore (BR) in Solaris OSAchmad Mardiansyah
 
Mikrotik User Meeting Manila: bgp vs ospf
Mikrotik User Meeting Manila: bgp vs ospfMikrotik User Meeting Manila: bgp vs ospf
Mikrotik User Meeting Manila: bgp vs ospfAchmad Mardiansyah
 
PHPID online Learning #6 Migration from procedural to OOP
PHPID online Learning #6 Migration from procedural to OOPPHPID online Learning #6 Migration from procedural to OOP
PHPID online Learning #6 Migration from procedural to OOPAchmad Mardiansyah
 
Using protocol analyzer on mikrotik
Using protocol analyzer on mikrotikUsing protocol analyzer on mikrotik
Using protocol analyzer on mikrotikAchmad Mardiansyah
 

More from Achmad Mardiansyah (11)

01 introduction to mpls
01 introduction to mpls 01 introduction to mpls
01 introduction to mpls
 
Solaris 10 Container
Solaris 10 ContainerSolaris 10 Container
Solaris 10 Container
 
Backup & Restore (BR) in Solaris OS
Backup & Restore (BR) in Solaris OSBackup & Restore (BR) in Solaris OS
Backup & Restore (BR) in Solaris OS
 
Mikrotik User Meeting Manila: bgp vs ospf
Mikrotik User Meeting Manila: bgp vs ospfMikrotik User Meeting Manila: bgp vs ospf
Mikrotik User Meeting Manila: bgp vs ospf
 
PHPID online Learning #6 Migration from procedural to OOP
PHPID online Learning #6 Migration from procedural to OOPPHPID online Learning #6 Migration from procedural to OOP
PHPID online Learning #6 Migration from procedural to OOP
 
Wireless CSMA with mikrotik
Wireless CSMA with mikrotikWireless CSMA with mikrotik
Wireless CSMA with mikrotik
 
SSL certificate with mikrotik
SSL certificate with mikrotikSSL certificate with mikrotik
SSL certificate with mikrotik
 
BGP filter with mikrotik
BGP filter with mikrotikBGP filter with mikrotik
BGP filter with mikrotik
 
Mikrotik VRRP
Mikrotik VRRPMikrotik VRRP
Mikrotik VRRP
 
Mikrotik fastpath
Mikrotik fastpathMikrotik fastpath
Mikrotik fastpath
 
Using protocol analyzer on mikrotik
Using protocol analyzer on mikrotikUsing protocol analyzer on mikrotik
Using protocol analyzer on mikrotik
 

Recently uploaded

IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
Unidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptxUnidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptxmibuzondetrabajo
 
TRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptxTRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptxAndrieCagasanAkio
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
ETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxNIMMANAGANTI RAMAKRISHNA
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
Company Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptxCompany Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptxMario
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Cybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best PracticesCybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best PracticesLumiverse Solutions Pvt Ltd
 

Recently uploaded (9)

IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
Unidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptxUnidad 4 – Redes de ordenadores (en inglés).pptx
Unidad 4 – Redes de ordenadores (en inglés).pptx
 
TRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptxTRENDS Enabling and inhibiting dimensions.pptx
TRENDS Enabling and inhibiting dimensions.pptx
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
ETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptxETHICAL HACKING dddddddddddddddfnandni.pptx
ETHICAL HACKING dddddddddddddddfnandni.pptx
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
Company Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptxCompany Snapshot Theme for Business by Slidesgo.pptx
Company Snapshot Theme for Business by Slidesgo.pptx
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Cybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best PracticesCybersecurity Threats and Cybersecurity Best Practices
Cybersecurity Threats and Cybersecurity Best Practices
 

Connection load balancing with mikrotik [workshop]

  • 1. www.glcnetworks.com Connection load balancing with mikrotik [workshop] Mikrotik User Meeting Jakarta, 13 october 2016 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia
  • 2. www.glcnetworks.com Agenda ● Introduction ● The basics: connection and routing ● Load Balancing (LB) techniques (PCC) ● Some issues and recommendations ● Q & A 2
  • 3. www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● An Indonesian company ● Located in Bandung ● Areas: Training, IT Consulting ● Mikrotik Certified Training Partner ● Mikrotik Certified Consultant ● Mikrotik distributor 3
  • 4. www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since ’99 ● Certified Trainer (MTCNA/RE/WE/UME/INE/TCE) ● Mikrotik Certified Consultant ● Work: Telco engineer, Sysadmin, PHP programmer, and Lecturer ● Personal website: http://achmad.glcnetworks.com ● More info: http://au.linkedin.com/in/achmadmardiansyah 4
  • 5. www.glcnetworks.com About Telkom University ● Located in Bandung, Indonesia ● 7 Faculties, 27 schools ● Areas: Engineering, Communications, Computing, Bussiness and management, Arts ● 650+ Academic staff, 400+ Administration staff, 20000+ students ● An exchange program ● Runs mikrotik academy program 5
  • 6. www.glcnetworks.com Mikrotik academy @ TEL-U ● Started in 2013 ● Embedded into schools curricula ● 100% hands-on ● Get MTCNA certification 6
  • 8. www.glcnetworks.com Why should i care? ● Lots of tutorials in internet!!! ● Tons of pages, tutorial, videos Questions for reader: ● Do you really understand that? ● Did the writer understand that? ● Is it really works as expected? 8
  • 9. www.glcnetworks.com Are those webpages really works on you? ● Information overloaded… which one suits you? ● Perhaps they have different environment on their network ● You need to understand how it works... 9
  • 10. www.glcnetworks.com What is (traffic) load balancing? ● Is a process to forward traffic on several links ● Applied on router ● != failover Benefits: ● Increase utilisation of upstream links 10 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
  • 11. www.glcnetworks.com What is connection? ● When you access a server you will create a connection ● Connection is identified by a set of IP addresses (source and destination) and ports (source and destination) ● See connection tracking below 11 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
  • 12. www.glcnetworks.com Single connection to a website Website with single connection: http://test.glcnetworks.com 1212 ISP1 ISP2 LAN ether5 ether6 ISP3
  • 13. www.glcnetworks.com Website with multiple objects 1313 ISP1 ISP2 LAN ether5 ether6 ISP3 ● Client will open multiple connections to get website components Connect ion 1 Connect ion 2 Connect ion 3
  • 14. www.glcnetworks.com Routing and Forwarding ● A process to forward a packet from input interface to output interface, based on information on routing table. ● As we use private IP address, there will be a NAT process before sending out to exit interface ● To check our public IP address, go to http://test.glcnetworks.com 1414 ISP1 ISP2 LAN ether5 ether6 ISP3
  • 15. www.glcnetworks.com Adjust routing (mangle: mark-routing) ● Process to mark a packet to for routing purpose ● Steps: ○ Create firewall mangle with action mark-routing ○ Create routing entry with defined-mark ○ Create NAT rule if we use private IP address ● To check our public IP address, go to http://test.glcnetworks.com 1515 ISP1 ISP2 LAN ether5 ether6 ISP3
  • 19. www.glcnetworks.com Load balancing techniques 19 Method Per-connection per-packet Firewall marking YES YES ECMP YES NO PCC YES NO Nth YES YES Bonding NO YES OSPF YES NO BGP YES NO
  • 20. www.glcnetworks.com How PCC works? ● PCC = Per Connection Classifier ● PCC can identify the connection and mark them for further processing ● Example: a client opens a multi-object website via single ISP. both addresses (src-address and dst-address) are used to identify connection ● PCC can identify each connection made from client 20 ISP1 LAN ether5 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
  • 21. www.glcnetworks.com Applying PCC ● You need to understand the concept of connection ● Applied on firewall mangle ● Need to define classifier. Can be based on: ○ Source or destination address only ○ Both addresses ○ Etc ● Define connection number and total connection 21 Total connection Connection identifier
  • 22. www.glcnetworks.com Lets play with PCC classifier... ● Apply different classifier and check the result 22
  • 23. www.glcnetworks.com Website with multiple objects, LB with classifier: both address 2323 ISP1 ISP2 LAN ether5 ether6 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
  • 24. www.glcnetworks.com Some issues & recommendations 24
  • 25. www.glcnetworks.com Some issues & recommendations Issues: ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> page will not displayed correctly (as it is considered illegal session) ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> banking / https pages will not allow you to access their website Recommendations ● If you use NAT, Better to use classifier based on source IP address only -> will give client consistent path to the destination ● Avoid NAT if possible -> using public IP address end-to-end -> use BGP -> better performance 25
  • 27. www.glcnetworks.com Some info ● Hope you are more curious now ● These materials are part of Mikrotik Certified Traffic Control Engineer (MTCTCE) course ● If you are interested, you can sign up to our website 27
  • 28. www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Like our facebook page: “GLC networks” ● Stay tune with our schedule 28