Achmad Mardiansyah, profile picture
Uploaded byAchmad Mardiansyah
1,652 views

Connection load balancing with mikrotik [workshop]

The document details a workshop on connection load balancing using MikroTik, led by Achmad Mardiansyah of GLC Networks in Indonesia. It covers fundamental concepts, various load balancing techniques, as well as challenges and recommendations related to networking and routing. The workshop also emphasizes the importance of understanding connection management and offers a perspective on the MikroTik Academy program.

Internet
Related topics:
Load Balancing Insights

Embed presentation

Downloaded 152 times
www.glcnetworks.com Connection load balancing with mikrotik [workshop] Mikrotik User Meeting Jakarta, 13 october 2016 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia
www.glcnetworks.com Agenda ● Introduction ● The basics: connection and routing ● Load Balancing (LB) techniques (PCC) ● Some issues and recommendations ● Q & A 2
www.glcnetworks.com What is GLC? ● Garda Lintas Cakrawala (www.glcnetworks.com) ● An Indonesian company ● Located in Bandung ● Areas: Training, IT Consulting ● Mikrotik Certified Training Partner ● Mikrotik Certified Consultant ● Mikrotik distributor 3
www.glcnetworks.com Trainer Introduction ● Name: Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since ’99 ● Certified Trainer (MTCNA/RE/WE/UME/INE/TCE) ● Mikrotik Certified Consultant ● Work: Telco engineer, Sysadmin, PHP programmer, and Lecturer ● Personal website: http://achmad.glcnetworks.com ● More info: http://au.linkedin.com/in/achmadmardiansyah 4
www.glcnetworks.com About Telkom University ● Located in Bandung, Indonesia ● 7 Faculties, 27 schools ● Areas: Engineering, Communications, Computing, Bussiness and management, Arts ● 650+ Academic staff, 400+ Administration staff, 20000+ students ● An exchange program ● Runs mikrotik academy program 5
www.glcnetworks.com Mikrotik academy @ TEL-U ● Started in 2013 ● Embedded into schools curricula ● 100% hands-on ● Get MTCNA certification 6
www.glcnetworks.com The basics: Connection and Routing 7
www.glcnetworks.com Why should i care? ● Lots of tutorials in internet!!! ● Tons of pages, tutorial, videos Questions for reader: ● Do you really understand that? ● Did the writer understand that? ● Is it really works as expected? 8
www.glcnetworks.com Are those webpages really works on you? ● Information overloaded… which one suits you? ● Perhaps they have different environment on their network ● You need to understand how it works... 9
www.glcnetworks.com What is (traffic) load balancing? ● Is a process to forward traffic on several links ● Applied on router ● != failover Benefits: ● Increase utilisation of upstream links 10 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
www.glcnetworks.com What is connection? ● When you access a server you will create a connection ● Connection is identified by a set of IP addresses (source and destination) and ports (source and destination) ● See connection tracking below 11 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
www.glcnetworks.com Single connection to a website Website with single connection: http://test.glcnetworks.com 1212 ISP1 ISP2 LAN ether5 ether6 ISP3
www.glcnetworks.com Website with multiple objects 1313 ISP1 ISP2 LAN ether5 ether6 ISP3 ● Client will open multiple connections to get website components Connect ion 1 Connect ion 2 Connect ion 3
www.glcnetworks.com Routing and Forwarding ● A process to forward a packet from input interface to output interface, based on information on routing table. ● As we use private IP address, there will be a NAT process before sending out to exit interface ● To check our public IP address, go to http://test.glcnetworks.com 1414 ISP1 ISP2 LAN ether5 ether6 ISP3
www.glcnetworks.com Adjust routing (mangle: mark-routing) ● Process to mark a packet to for routing purpose ● Steps: ○ Create firewall mangle with action mark-routing ○ Create routing entry with defined-mark ○ Create NAT rule if we use private IP address ● To check our public IP address, go to http://test.glcnetworks.com 1515 ISP1 ISP2 LAN ether5 ether6 ISP3
www.glcnetworks.com Forward traffic via ISP2 using mangle 16
www.glcnetworks.com Forward traffic via ISP1 using mangle 17
www.glcnetworks.com Load Balancing techniques 18
www.glcnetworks.com Load balancing techniques 19 Method Per-connection per-packet Firewall marking YES YES ECMP YES NO PCC YES NO Nth YES YES Bonding NO YES OSPF YES NO BGP YES NO
www.glcnetworks.com How PCC works? ● PCC = Per Connection Classifier ● PCC can identify the connection and mark them for further processing ● Example: a client opens a multi-object website via single ISP. both addresses (src-address and dst-address) are used to identify connection ● PCC can identify each connection made from client 20 ISP1 LAN ether5 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
www.glcnetworks.com Applying PCC ● You need to understand the concept of connection ● Applied on firewall mangle ● Need to define classifier. Can be based on: ○ Source or destination address only ○ Both addresses ○ Etc ● Define connection number and total connection 21 Total connection Connection identifier
www.glcnetworks.com Lets play with PCC classifier... ● Apply different classifier and check the result 22
www.glcnetworks.com Website with multiple objects, LB with classifier: both address 2323 ISP1 ISP2 LAN ether5 ether6 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
www.glcnetworks.com Some issues & recommendations 24
www.glcnetworks.com Some issues & recommendations Issues: ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> page will not displayed correctly (as it is considered illegal session) ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> banking / https pages will not allow you to access their website Recommendations ● If you use NAT, Better to use classifier based on source IP address only -> will give client consistent path to the destination ● Avoid NAT if possible -> using public IP address end-to-end -> use BGP -> better performance 25
www.glcnetworks.com QA 26
www.glcnetworks.com Some info ● Hope you are more curious now ● These materials are part of Mikrotik Certified Traffic Control Engineer (MTCTCE) course ● If you are interested, you can sign up to our website 27
www.glcnetworks.com End of slides ● Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Like our facebook page: “GLC networks” ● Stay tune with our schedule 28

More Related Content

PDF
Mikrotik IP Settings For Performance and Security
byGLC Networks
 
PDF
Mikrotik Load Balancing with PCC
byGLC Networks
 
PDF
ISP load balancing with mikrotik nth
byAchmad Mardiansyah
 
PDF
Using Mikrotik Switch Features to Improve Your Network
byGLC Networks
 
PDF
Mikrotik firewall filter
byAchmad Mardiansyah
 
PDF
Mikrotik Bridge Deep Dive
byGLC Networks
 
PDF
Mikrotik firewall raw table
byAchmad Mardiansyah
 
PDF
Mikrotik firewall NAT
byAchmad Mardiansyah
 
Mikrotik IP Settings For Performance and Security
byGLC Networks
 
Mikrotik Load Balancing with PCC
byGLC Networks
 
ISP load balancing with mikrotik nth
byAchmad Mardiansyah
 
Using Mikrotik Switch Features to Improve Your Network
byGLC Networks
 
Mikrotik firewall filter
byAchmad Mardiansyah
 
Mikrotik Bridge Deep Dive
byGLC Networks
 
Mikrotik firewall raw table
byAchmad Mardiansyah
 
Mikrotik firewall NAT
byAchmad Mardiansyah
 

What's hot

PDF
BGP filter with mikrotik
byAchmad Mardiansyah
 
PDF
BGP vs OSPF on Mikrotik
byGLC Networks
 
PDF
BGP on RouterOS7 -Part 1
byGLC Networks
 
PDF
ISP Load Balancing with Mikrotik ECMP
byGLC Networks
 
PDF
Layer 7 Firewall on Mikrotik
byGLC Networks
 
PDF
Routing fundamentals with mikrotik
byAchmad Mardiansyah
 
PDF
BGP on mikrotik
byAchmad Mardiansyah
 
PDF
Mikrotik Hotspot
byGLC Networks
 
PDF
BGP tuning: Peer with loopback
byGLC Networks
 
PDF
VLAN on mikrotik
byAchmad Mardiansyah
 
PDF
Mikrotik fastpath
byAchmad Mardiansyah
 
PDF
Best Current Practice (BCP) 38 Ingress Filtering for Security
byGLC Networks
 
PDF
Detecting network virus using mikrotik
byAchmad Mardiansyah
 
PDF
Network Monitoring with The Dude and Whatsapp
byGLC Networks
 
PDF
IPsec on Mikrotik
byGLC Networks
 
PDF
Queue Type on Mikrotik
byGLC Networks
 
PDF
Using mikrotik with radius
byAchmad Mardiansyah
 
PDF
Network LACP/Bonding/Teaming with Mikrotik
byGLC Networks
 
PDF
Mikrotik load balansing
byКирилл Кекер
 
PDF
IPv6 with Mikrotik
byGLC Networks
 
BGP filter with mikrotik
byAchmad Mardiansyah
 
BGP vs OSPF on Mikrotik
byGLC Networks
 
BGP on RouterOS7 -Part 1
byGLC Networks
 
ISP Load Balancing with Mikrotik ECMP
byGLC Networks
 
Layer 7 Firewall on Mikrotik
byGLC Networks
 
Routing fundamentals with mikrotik
byAchmad Mardiansyah
 
BGP on mikrotik
byAchmad Mardiansyah
 
Mikrotik Hotspot
byGLC Networks
 
BGP tuning: Peer with loopback
byGLC Networks
 
VLAN on mikrotik
byAchmad Mardiansyah
 
Mikrotik fastpath
byAchmad Mardiansyah
 
Best Current Practice (BCP) 38 Ingress Filtering for Security
byGLC Networks
 
Detecting network virus using mikrotik
byAchmad Mardiansyah
 
Network Monitoring with The Dude and Whatsapp
byGLC Networks
 
IPsec on Mikrotik
byGLC Networks
 
Queue Type on Mikrotik
byGLC Networks
 
Using mikrotik with radius
byAchmad Mardiansyah
 
Network LACP/Bonding/Teaming with Mikrotik
byGLC Networks
 
Mikrotik load balansing
byКирилл Кекер
 
IPv6 with Mikrotik
byGLC Networks
 

Viewers also liked

PPTX
VPN on Mikrotik
byAchmad Mardiansyah
 
PDF
Mikrotik the dude
byAchmad Mardiansyah
 
PDF
MikroTik Firewall : Securing your Router with Port Knocking
byAkbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
 
PDF
(Mikrotik)MTCNA presentation Material-IDN
byAndry Ansah
 
PDF
Mikrotik advanced
byguest8423a64e
 
PDF
IPv6 on Mikrotik
byAchmad Mardiansyah
 
ODP
Super easy FreeBSD 8.0 installation guide
byAchmad Mardiansyah
 
DOCX
Mikrotik basic configuration
byTola LENG
 
PDF
GLC webinar: limiting bandwidth using mikrotik
byAchmad Mardiansyah
 
PPTX
MikroTik MTCNA
byAli Layth
 
PDF
Limiting bandwidth of specific destination based on address list
byAchmad Mardiansyah
 
PDF
Routing Information Protocol (RIP) on Mikrotik
byAchmad Mardiansyah
 
PDF
Introduction to cloud computing
byAchmad Mardiansyah
 
PDF
PPPoE With Mikrotik and Radius
byDashamir Hoxha
 
PDF
clCaffe*: Unleashing the Power of Intel Graphics for Deep Learning Acceleration
byIntel® Software
 
PDF
MikroTik Security
byRofiq Fauzi
 
PDF
Mikrotik API
byAchmad Mardiansyah
 
PDF
System Engineer: OpenLDAP and Samba Server
byTola LENG
 
DOC
Basic command to configure mikrotik
byTola LENG
 
PDF
Mikrotik metarouter
byAchmad Mardiansyah
 
VPN on Mikrotik
byAchmad Mardiansyah
 
Mikrotik the dude
byAchmad Mardiansyah
 
MikroTik Firewall : Securing your Router with Port Knocking
byAkbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
 
(Mikrotik)MTCNA presentation Material-IDN
byAndry Ansah
 
Mikrotik advanced
byguest8423a64e
 
IPv6 on Mikrotik
byAchmad Mardiansyah
 
Super easy FreeBSD 8.0 installation guide
byAchmad Mardiansyah
 
Mikrotik basic configuration
byTola LENG
 
GLC webinar: limiting bandwidth using mikrotik
byAchmad Mardiansyah
 
MikroTik MTCNA
byAli Layth
 
Limiting bandwidth of specific destination based on address list
byAchmad Mardiansyah
 
Routing Information Protocol (RIP) on Mikrotik
byAchmad Mardiansyah
 
Introduction to cloud computing
byAchmad Mardiansyah
 
PPPoE With Mikrotik and Radius
byDashamir Hoxha
 
clCaffe*: Unleashing the Power of Intel Graphics for Deep Learning Acceleration
byIntel® Software
 
MikroTik Security
byRofiq Fauzi
 
Mikrotik API
byAchmad Mardiansyah
 
System Engineer: OpenLDAP and Samba Server
byTola LENG
 
Basic command to configure mikrotik
byTola LENG
 
Mikrotik metarouter
byAchmad Mardiansyah
 

Similar to Connection load balancing with mikrotik [workshop]

PDF
Troubleshooting load balancing
byAchmad Mardiansyah
 
PDF
Mikrotik fasttrack
byAchmad Mardiansyah
 
PDF
Mikrotik Fastpath vs Fasttrack
byGLC Networks
 
PDF
Mikrotik firewall mangle
byAchmad Mardiansyah
 
PDF
Firewall mangle PBR: steering outbound path similar to inbound
byGLC Networks
 
PDF
Running BGP with Mikrotik
byGLC Networks
 
PDF
Controlling Access Between Devices in the same Layer 2 Segment
byGLC Networks
 
PDF
Provide Internet Services Using GPON
byGLC Networks
 
PDF
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
byGLC Networks
 
PDF
BGP Services IP Transit vs IP Peering
byGLC Networks
 
PDF
Using Control-Webpanel for Hosting Service - Part 1
byGLC Networks
 
PDF
Manage Your Router with Dynamic Public IP
byGLC Networks
 
PDF
Zabbix for Monitoring
byGLC Networks
 
PDF
Building Web Server with Linux
byGLC Networks
 
PDF
Tunnel vs VPN on Mikrotik
byGLC Networks
 
PPT
Bh us-02-kaminsky-blackops
byDan Kaminsky
 
PPT
Bh us-02-kaminsky-blackops
byDan Kaminsky
 
PDF
Dynamic Website with Python
byGLC Networks
 
PDF
Spliced NAT2NAT And Other Packet-Level Misadventures.pdf
byyoneda1422
 
PDF
Up and Running DNS Service
byGLC Networks
 
Troubleshooting load balancing
byAchmad Mardiansyah
 
Mikrotik fasttrack
byAchmad Mardiansyah
 
Mikrotik Fastpath vs Fasttrack
byGLC Networks
 
Mikrotik firewall mangle
byAchmad Mardiansyah
 
Firewall mangle PBR: steering outbound path similar to inbound
byGLC Networks
 
Running BGP with Mikrotik
byGLC Networks
 
Controlling Access Between Devices in the same Layer 2 Segment
byGLC Networks
 
Provide Internet Services Using GPON
byGLC Networks
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
byGLC Networks
 
BGP Services IP Transit vs IP Peering
byGLC Networks
 
Using Control-Webpanel for Hosting Service - Part 1
byGLC Networks
 
Manage Your Router with Dynamic Public IP
byGLC Networks
 
Zabbix for Monitoring
byGLC Networks
 
Building Web Server with Linux
byGLC Networks
 
Tunnel vs VPN on Mikrotik
byGLC Networks
 
Bh us-02-kaminsky-blackops
byDan Kaminsky
 
Bh us-02-kaminsky-blackops
byDan Kaminsky
 
Dynamic Website with Python
byGLC Networks
 
Spliced NAT2NAT And Other Packet-Level Misadventures.pdf
byyoneda1422
 
Up and Running DNS Service
byGLC Networks
 

More from Achmad Mardiansyah

PDF
01 introduction to mpls
byAchmad Mardiansyah
 
PDF
Solaris 10 Container
byAchmad Mardiansyah
 
PDF
Backup & Restore (BR) in Solaris OS
byAchmad Mardiansyah
 
PDF
Mikrotik User Meeting Manila: bgp vs ospf
byAchmad Mardiansyah
 
PDF
PHPID online Learning #6 Migration from procedural to OOP
byAchmad Mardiansyah
 
PDF
Wireless CSMA with mikrotik
byAchmad Mardiansyah
 
PDF
SSL certificate with mikrotik
byAchmad Mardiansyah
 
PDF
Mikrotik VRRP
byAchmad Mardiansyah
 
PDF
Jumpstart your router with mikrotik quickset
byAchmad Mardiansyah
 
PDF
Using protocol analyzer on mikrotik
byAchmad Mardiansyah
 
01 introduction to mpls
byAchmad Mardiansyah
 
Solaris 10 Container
byAchmad Mardiansyah
 
Backup & Restore (BR) in Solaris OS
byAchmad Mardiansyah
 
Mikrotik User Meeting Manila: bgp vs ospf
byAchmad Mardiansyah
 
PHPID online Learning #6 Migration from procedural to OOP
byAchmad Mardiansyah
 
Wireless CSMA with mikrotik
byAchmad Mardiansyah
 
SSL certificate with mikrotik
byAchmad Mardiansyah
 
Mikrotik VRRP
byAchmad Mardiansyah
 
Jumpstart your router with mikrotik quickset
byAchmad Mardiansyah
 
Using protocol analyzer on mikrotik
byAchmad Mardiansyah
 

Recently uploaded

PDF
anastasia panini album.pdf album sa slicicama
byStefanFilipovic9
 
PDF
album panini Evoksi.pdf panini album slicice
byStefanFilipovic9
 
PPTX
Social_Media_Good_or_Bad_B2Plus_Lesson.pptx
byJuliaRutkowska4
 
PDF
Batman Forever album sličice.pdf panini album
byStefanFilipovic9
 
PDF
Angry Birds film (2016).pdf panini album
byStefanFilipovic9
 
PDF
alfred jonatan kvak panini album.pdf slicice
byStefanFilipovic9
 
PPTX
Creating content that converts into leads.
bySEONutri
 
PDF
action man.pdf album sa slicicama panini...
byStefanFilipovic9
 
PDF
investor pitch - iapploud | independent music platform
byVenkat Subramanian
 
PDF
automobili.pdf panini album slicice ......
byStefanFilipovic9
 
PDF
Tour & Travel App Development Explained- Features, Costs, and Technologies Us...
byMike Brown
 
anastasia panini album.pdf album sa slicicama
byStefanFilipovic9
 
album panini Evoksi.pdf panini album slicice
byStefanFilipovic9
 
Social_Media_Good_or_Bad_B2Plus_Lesson.pptx
byJuliaRutkowska4
 
Batman Forever album sličice.pdf panini album
byStefanFilipovic9
 
Angry Birds film (2016).pdf panini album
byStefanFilipovic9
 
alfred jonatan kvak panini album.pdf slicice
byStefanFilipovic9
 
Creating content that converts into leads.
bySEONutri
 
action man.pdf album sa slicicama panini...
byStefanFilipovic9
 
investor pitch - iapploud | independent music platform
byVenkat Subramanian
 
automobili.pdf panini album slicice ......
byStefanFilipovic9
 
Tour & Travel App Development Explained- Features, Costs, and Technologies Us...
byMike Brown
 

Connection load balancing with mikrotik [workshop]

  • 1.
    www.glcnetworks.com Connection load balancing withmikrotik [workshop] Mikrotik User Meeting Jakarta, 13 october 2016 Achmad Mardiansyah achmad@glcnetworks.com GLC Networks, Indonesia
  • 2.
    www.glcnetworks.com Agenda ● Introduction ● Thebasics: connection and routing ● Load Balancing (LB) techniques (PCC) ● Some issues and recommendations ● Q & A 2
  • 3.
    www.glcnetworks.com What is GLC? ●Garda Lintas Cakrawala (www.glcnetworks.com) ● An Indonesian company ● Located in Bandung ● Areas: Training, IT Consulting ● Mikrotik Certified Training Partner ● Mikrotik Certified Consultant ● Mikrotik distributor 3
  • 4.
    www.glcnetworks.com Trainer Introduction ● Name:Achmad Mardiansyah ● Base: bandung, Indonesia ● Linux user since ’99 ● Certified Trainer (MTCNA/RE/WE/UME/INE/TCE) ● Mikrotik Certified Consultant ● Work: Telco engineer, Sysadmin, PHP programmer, and Lecturer ● Personal website: http://achmad.glcnetworks.com ● More info: http://au.linkedin.com/in/achmadmardiansyah 4
  • 5.
    www.glcnetworks.com About Telkom University ●Located in Bandung, Indonesia ● 7 Faculties, 27 schools ● Areas: Engineering, Communications, Computing, Bussiness and management, Arts ● 650+ Academic staff, 400+ Administration staff, 20000+ students ● An exchange program ● Runs mikrotik academy program 5
  • 6.
    www.glcnetworks.com Mikrotik academy @TEL-U ● Started in 2013 ● Embedded into schools curricula ● 100% hands-on ● Get MTCNA certification 6
  • 7.
  • 8.
    www.glcnetworks.com Why should icare? ● Lots of tutorials in internet!!! ● Tons of pages, tutorial, videos Questions for reader: ● Do you really understand that? ● Did the writer understand that? ● Is it really works as expected? 8
  • 9.
    www.glcnetworks.com Are those webpagesreally works on you? ● Information overloaded… which one suits you? ● Perhaps they have different environment on their network ● You need to understand how it works... 9
  • 10.
    www.glcnetworks.com What is (traffic)load balancing? ● Is a process to forward traffic on several links ● Applied on router ● != failover Benefits: ● Increase utilisation of upstream links 10 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
  • 11.
    www.glcnetworks.com What is connection? ●When you access a server you will create a connection ● Connection is identified by a set of IP addresses (source and destination) and ports (source and destination) ● See connection tracking below 11 ISP1 ISP2 LAN ether5 ether6 webserver ISP3
  • 12.
    www.glcnetworks.com Single connection toa website Website with single connection: http://test.glcnetworks.com 1212 ISP1 ISP2 LAN ether5 ether6 ISP3
  • 13.
    www.glcnetworks.com Website with multipleobjects 1313 ISP1 ISP2 LAN ether5 ether6 ISP3 ● Client will open multiple connections to get website components Connect ion 1 Connect ion 2 Connect ion 3
  • 14.
    www.glcnetworks.com Routing and Forwarding ●A process to forward a packet from input interface to output interface, based on information on routing table. ● As we use private IP address, there will be a NAT process before sending out to exit interface ● To check our public IP address, go to http://test.glcnetworks.com 1414 ISP1 ISP2 LAN ether5 ether6 ISP3
  • 15.
    www.glcnetworks.com Adjust routing (mangle:mark-routing) ● Process to mark a packet to for routing purpose ● Steps: ○ Create firewall mangle with action mark-routing ○ Create routing entry with defined-mark ○ Create NAT rule if we use private IP address ● To check our public IP address, go to http://test.glcnetworks.com 1515 ISP1 ISP2 LAN ether5 ether6 ISP3
  • 16.
  • 17.
  • 18.
  • 19.
    www.glcnetworks.com Load balancing techniques 19 MethodPer-connection per-packet Firewall marking YES YES ECMP YES NO PCC YES NO Nth YES YES Bonding NO YES OSPF YES NO BGP YES NO
  • 20.
    www.glcnetworks.com How PCC works? ●PCC = Per Connection Classifier ● PCC can identify the connection and mark them for further processing ● Example: a client opens a multi-object website via single ISP. both addresses (src-address and dst-address) are used to identify connection ● PCC can identify each connection made from client 20 ISP1 LAN ether5 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
  • 21.
    www.glcnetworks.com Applying PCC ● Youneed to understand the concept of connection ● Applied on firewall mangle ● Need to define classifier. Can be based on: ○ Source or destination address only ○ Both addresses ○ Etc ● Define connection number and total connection 21 Total connection Connection identifier
  • 22.
    www.glcnetworks.com Lets play withPCC classifier... ● Apply different classifier and check the result 22
  • 23.
    www.glcnetworks.com Website with multipleobjects, LB with classifier: both address 2323 ISP1 ISP2 LAN ether5 ether6 ISP3 Connect ion 1 Connect ion 2 Connect ion 3
  • 24.
  • 25.
    www.glcnetworks.com Some issues &recommendations Issues: ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> page will not displayed correctly (as it is considered illegal session) ● Beware of NATed connection -> webserver will see inbound connection from 2 ip public addresses -> banking / https pages will not allow you to access their website Recommendations ● If you use NAT, Better to use classifier based on source IP address only -> will give client consistent path to the destination ● Avoid NAT if possible -> using public IP address end-to-end -> use BGP -> better performance 25
  • 26.
  • 27.
    www.glcnetworks.com Some info ● Hopeyou are more curious now ● These materials are part of Mikrotik Certified Traffic Control Engineer (MTCTCE) course ● If you are interested, you can sign up to our website 27
  • 28.
    www.glcnetworks.com End of slides ●Thank you for your attention ● Please submit your feedback: http://bit.ly/glcfeedback ● Like our facebook page: “GLC networks” ● Stay tune with our schedule 28