Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
www.glcnetworks.com
Connection load balancing
with mikrotik [workshop]
Mikrotik User Meeting Jakarta, 13 october 2016
Achm...
www.glcnetworks.com
Agenda
● Introduction
● The basics: connection and routing
● Load Balancing (LB) techniques (PCC)
● So...
www.glcnetworks.com
What is GLC?
● Garda Lintas Cakrawala (www.glcnetworks.com)
● An Indonesian company
● Located in Bandu...
www.glcnetworks.com
Trainer Introduction
● Name: Achmad Mardiansyah
● Base: bandung, Indonesia
● Linux user since ’99
● Ce...
www.glcnetworks.com
About Telkom University
● Located in Bandung, Indonesia
● 7 Faculties, 27 schools
● Areas: Engineering...
www.glcnetworks.com
Mikrotik academy @ TEL-U
● Started in 2013
● Embedded into schools curricula
● 100% hands-on
● Get MTC...
www.glcnetworks.com
The basics: Connection and Routing
7
www.glcnetworks.com
Why should i care?
● Lots of tutorials in internet!!!
● Tons of pages, tutorial, videos
Questions for ...
www.glcnetworks.com
Are those webpages really works on you?
● Information overloaded… which
one suits you?
● Perhaps they ...
www.glcnetworks.com
What is (traffic) load balancing?
● Is a process to forward traffic
on several links
● Applied on rout...
www.glcnetworks.com
What is connection?
● When you access a server you will create a
connection
● Connection is identified...
www.glcnetworks.com
Single connection to a website
Website with single connection:
http://test.glcnetworks.com
1212
ISP1 I...
www.glcnetworks.com
Website with multiple objects
1313
ISP1 ISP2
LAN
ether5 ether6
ISP3
● Client will open multiple connec...
www.glcnetworks.com
Routing and Forwarding
● A process to forward a packet from input
interface to output interface, based...
www.glcnetworks.com
Adjust routing (mangle: mark-routing)
● Process to mark a packet to for routing purpose
● Steps:
○ Cre...
www.glcnetworks.com
Forward traffic via ISP2 using mangle
16
www.glcnetworks.com
Forward traffic via ISP1 using mangle
17
www.glcnetworks.com
Load Balancing techniques
18
www.glcnetworks.com
Load balancing techniques
19
Method Per-connection per-packet
Firewall marking YES YES
ECMP YES NO
PCC...
www.glcnetworks.com
How PCC works?
● PCC = Per Connection Classifier
● PCC can identify the connection and mark them
for f...
www.glcnetworks.com
Applying PCC
● You need to understand the concept of connection
● Applied on firewall mangle
● Need to...
www.glcnetworks.com
Lets play with PCC classifier...
● Apply different classifier and check the result
22
www.glcnetworks.com
Website with multiple objects, LB
with classifier: both address
2323
ISP1 ISP2
LAN
ether5 ether6
ISP3
...
www.glcnetworks.com
Some issues & recommendations
24
www.glcnetworks.com
Some issues & recommendations
Issues:
● Beware of NATed connection -> webserver will see inbound conne...
www.glcnetworks.com
QA
26
www.glcnetworks.com
Some info
● Hope you are more curious now
● These materials are part of Mikrotik Certified Traffic Con...
www.glcnetworks.com
End of slides
● Thank you for your attention
● Please submit your feedback: http://bit.ly/glcfeedback
...
Upcoming SlideShare
Loading in …5
×

of

Connection load balancing with mikrotik [workshop] Slide 1 Connection load balancing with mikrotik [workshop] Slide 2 Connection load balancing with mikrotik [workshop] Slide 3 Connection load balancing with mikrotik [workshop] Slide 4 Connection load balancing with mikrotik [workshop] Slide 5 Connection load balancing with mikrotik [workshop] Slide 6 Connection load balancing with mikrotik [workshop] Slide 7 Connection load balancing with mikrotik [workshop] Slide 8 Connection load balancing with mikrotik [workshop] Slide 9 Connection load balancing with mikrotik [workshop] Slide 10 Connection load balancing with mikrotik [workshop] Slide 11 Connection load balancing with mikrotik [workshop] Slide 12 Connection load balancing with mikrotik [workshop] Slide 13 Connection load balancing with mikrotik [workshop] Slide 14 Connection load balancing with mikrotik [workshop] Slide 15 Connection load balancing with mikrotik [workshop] Slide 16 Connection load balancing with mikrotik [workshop] Slide 17 Connection load balancing with mikrotik [workshop] Slide 18 Connection load balancing with mikrotik [workshop] Slide 19 Connection load balancing with mikrotik [workshop] Slide 20 Connection load balancing with mikrotik [workshop] Slide 21 Connection load balancing with mikrotik [workshop] Slide 22 Connection load balancing with mikrotik [workshop] Slide 23 Connection load balancing with mikrotik [workshop] Slide 24 Connection load balancing with mikrotik [workshop] Slide 25 Connection load balancing with mikrotik [workshop] Slide 26 Connection load balancing with mikrotik [workshop] Slide 27 Connection load balancing with mikrotik [workshop] Slide 28
Upcoming SlideShare
Mikrotik firewall filter
Next
Download to read offline and view in fullscreen.

2 Likes

Share

Download to read offline

Connection load balancing with mikrotik [workshop]

Download to read offline

In this presentation, we are talking about the basic concept of how to do load balancing outgoing connection using mikrotik Router

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Connection load balancing with mikrotik [workshop]

  1. 1. www.glcnetworks.com Connection load balancing with mikrotik [workshop] Mikrotik User Meeting Jakarta, 13 october 2016 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia
  2. 2. www.glcnetworks.com Agenda ● Introduction ● The basics: connection and routing ● Load Balancing (LB) techniques (PCC) ● Some issues and recommendations ● Q & A 2
  3. 3. www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● An Indonesian company ● Located in Bandung ● Areas: Training, IT Consulting ● Mikrotik Certified Training Partner ● Mikrotik Certified Consultant ● Mikrotik distributor 3
  4. 4. www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since ’99 ● Certified Trainer (MTCNA/RE/WE/UME/INE/TCE) ● Mikrotik Certified Consultant ● Work: Telco engineer, Sysadmin, PHP programmer, and Lecturer ● Personal website: http://achmad.glcnetworks.com ● More info: http://au.linkedin.com/in/achmadmardiansyah 4
  5. 5. www.glcnetworks.com About Telkom University ● Located in Bandung, Indonesia ● 7 Faculties, 27 schools ● Areas: Engineering, Communications, Computing, Bussiness and management, Arts ● 650+ Academic staff, 400+ Administration staff, 20000+ students ● An exchange program ● Runs mikrotik academy program 5
  6. 6. www.glcnetworks.com Mikrotik academy @ TEL-U ● Started in 2013 ● Embedded into schools curricula ● 100% hands-on ● Get MTCNA certification 6
  7. 7. www.glcnetworks.com The basics: Connection and Routing 7
  8. 8. www.glcnetworks.com Why should i care? ● Lots of tutorials in internet!!! ● Tons of pages, tutorial, videos Questions for reader: ● Do you really understand that? ● Did the writer understand that? ● Is it really works as expected? 8
  9. 9. www.glcnetworks.com Are those webpages really works on you? ● Information overloaded… which one suits you? ● Perhaps they have different environment on their network ● You need to understand how it works... 9
  10. 10. www.glcnetworks.com What is (traffic) load balancing? ● Is a process to forward traffic on several links ● Applied on router ● != failover Benefits: ● Increase utilisation of upstream links 10 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
  11. 11. www.glcnetworks.com What is connection? ● When you access a server you will create a connection ● Connection is identified by a set of IP addresses (source and destination) and ports (source and destination) ● See connection tracking below 11 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
  12. 12. www.glcnetworks.com Single connection to a website Website with single connection: http://test.glcnetworks.com 1212 ISP1 ISP2 LAN ether5 ether6 ISP3
  13. 13. www.glcnetworks.com Website with multiple objects 1313 ISP1 ISP2 LAN ether5 ether6 ISP3 ● Client will open multiple connections to get website components Connect ion 1 Connect ion 2 Connect ion 3
  14. 14. www.glcnetworks.com Routing and Forwarding ● A process to forward a packet from input interface to output interface, based on information on routing table. ● As we use private IP address, there will be a NAT process before sending out to exit interface ● To check our public IP address, go to http://test.glcnetworks.com 1414 ISP1 ISP2 LAN ether5 ether6 ISP3
  15. 15. www.glcnetworks.com Adjust routing (mangle: mark-routing) ● Process to mark a packet to for routing purpose ● Steps: ○ Create firewall mangle with action mark-routing ○ Create routing entry with defined-mark ○ Create NAT rule if we use private IP address ● To check our public IP address, go to http://test.glcnetworks.com 1515 ISP1 ISP2 LAN ether5 ether6 ISP3
  16. 16. www.glcnetworks.com Forward traffic via ISP2 using mangle 16
  17. 17. www.glcnetworks.com Forward traffic via ISP1 using mangle 17
  18. 18. www.glcnetworks.com Load Balancing techniques 18
  19. 19. www.glcnetworks.com Load balancing techniques 19 Method Per-connection per-packet Firewall marking YES YES ECMP YES NO PCC YES NO Nth YES YES Bonding NO YES OSPF YES NO BGP YES NO
  20. 20. www.glcnetworks.com How PCC works? ● PCC = Per Connection Classifier ● PCC can identify the connection and mark them for further processing ● Example: a client opens a multi-object website via single ISP. both addresses (src-address and dst-address) are used to identify connection ● PCC can identify each connection made from client 20 ISP1 LAN ether5 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
  21. 21. www.glcnetworks.com Applying PCC ● You need to understand the concept of connection ● Applied on firewall mangle ● Need to define classifier. Can be based on: ○ Source or destination address only ○ Both addresses ○ Etc ● Define connection number and total connection 21 Total connection Connection identifier
  22. 22. www.glcnetworks.com Lets play with PCC classifier... ● Apply different classifier and check the result 22
  23. 23. www.glcnetworks.com Website with multiple objects, LB with classifier: both address 2323 ISP1 ISP2 LAN ether5 ether6 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
  24. 24. www.glcnetworks.com Some issues & recommendations 24
  25. 25. www.glcnetworks.com Some issues & recommendations Issues: ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> page will not displayed correctly (as it is considered illegal session) ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> banking / https pages will not allow you to access their website Recommendations ● If you use NAT, Better to use classifier based on source IP address only -> will give client consistent path to the destination ● Avoid NAT if possible -> using public IP address end-to-end -> use BGP -> better performance 25
  26. 26. www.glcnetworks.com QA 26
  27. 27. www.glcnetworks.com Some info ● Hope you are more curious now ● These materials are part of Mikrotik Certified Traffic Control Engineer (MTCTCE) course ● If you are interested, you can sign up to our website 27
  28. 28. www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Like our facebook page: “GLC networks” ● Stay tune with our schedule 28
  • ssuser462c26

    Jan. 13, 2017
  • abducdma

    Dec. 26, 2016

In this presentation, we are talking about the basic concept of how to do load balancing outgoing connection using mikrotik Router

Views

Total views

1,383

On Slideshare

0

From embeds

0

Number of embeds

161

Actions

Downloads

142

Shares

0

Comments

0

Likes

2

×