The document is a presentation for a webinar hosted by GLC Networks on ISP load balancing techniques, specifically focusing on the Nth method. It covers prerequisites, load balancing definitions, various methods, and issues that may arise with load balancing, including NAT considerations. Additionally, it invites participants to introduce themselves, partake in a demo, and provides resources for further learning and engagement.

1. www.glcnetworks.com
ISP load balancing with
GLC webinar, 19 october 2017
Achmad Mardiansyah
achmad@glcnetworks.com
GLC Networks, Indonesia
1
Nth
(nth)

2. www.glcnetworks.com
Agenda
● Introduction
● Prerequisite
● Load balancing
● Nth method
● Demo
● Q & A
2

3. www.glcnetworks.com
What is GLC?
● Garda Lintas Cakrawala (www.glcnetworks.com)
● An Indonesian company
● Located in Bandung
● Areas: Training, IT Consulting
● Mikrotik Certified Training Partner/Consultant/Distributor
● Ubiquiti Certified Trainer/Consultant
● RedHat Certified Trainer
3

4. www.glcnetworks.com
About GLC webinar?
● First webinar: january 1, 2010 (title:
tahun baru bersama solaris - new
year with solaris OS)
● As a sharing event with various
topics: linux, networking, wireless,
database, programming, etc
● Regular schedule: every 2 weeks
● Irregular schedule: as needed
● Checking schedule:
http://www.glcnetworks.com/main/sc
hedule
● You are invited to be a presenter
○ No need to be an expert
○ This is a forum for sharing: knowledge,
experiences, information
4

5. www.glcnetworks.com
Trainer Introduction
● Name: Achmad Mardiansyah
● Base: bandung, Indonesia
● Linux user (since 1999), Mikrotik user (since 2007),
ubnt user (since 2011)
● Certified Trainer (Mikrotik, Ubiquiti, Redhat)
● Certified Consultant
● Work: Telco engineer, Sysadmin, PHP programmer,
and Lecturer
● Personal website: http://achmadjournal.com
● More info:
http://au.linkedin.com/in/achmadmardiansyah
5

6. www.glcnetworks.com
Please introduce yourself
● Your name
● Your company/university?
● Your networking experience?
● Your mikrotik experience?
● Your expectation from this course?
6

7. www.glcnetworks.com
Prerequisite
7

8. www.glcnetworks.com
But hey, load balancing is easy...
● Lots of tutorials in internet!!!
● Tons of pages, tutorial, videos
Questions to reader:
● Do you really understand what its
written?
● Did the writer understand what
they wrote?
● Is it really works as expected in
real environment?
8

9. www.glcnetworks.com
Well if it's easy, why these do not work?
● Information overloaded… which
one suits you?
● Perhaps they have different
environment on their network
● You need to understand how it
works...
9

10. www.glcnetworks.com
You should understand
● Firewall mangle. See GLC webinar: Mikrotik
firewall mangle
● The differences between:
○ Packet vs Connection
○ Mark: packet / connection / routing
● How routing works: see GLC webinar:
Routing with mikrotik
● How NAT works: see GLC webinar: Mikrotik
firewall NAT
10

11. www.glcnetworks.com
Load balancing
11

12. www.glcnetworks.com
What is (traffic) load balancing?
● Is a process to forward traffic on several
links
● Applied on router
● Load balancing != failover
● Can be done on per-packet or
per-connection basis
● This doesnt increase your data rate.
4mbps ISP1 + 4mbps ISP2 -> your
download rate = 8mbps (WRONG!)
Benefits:
● Increase utilisation of upstream links
12
ISP1 ISP2
LAN
ether1 ether2
webserver
ISP3
ether4
R1

13. www.glcnetworks.com
Load balancing techniques
13
Method Per-connection per-packet
Firewall marking YES YES
ECMP YES NO
PCC YES NO
Nth (our focus) YES YES
Bonding NO YES
OSPF YES NO
BGP YES NO

14. www.glcnetworks.com
Website contents: single connection
Website with single connection:
http://test.glcnetworks.com
1414
ISP1 ISP2
LAN
ether1 ether2
ISP3
ether4
R1

15. www.glcnetworks.com
Website contents: multi connection
1515
ISP1 ISP2
LAN
ether1 ether2
ISP3
● Client will open multiple connections to get
website components
Connect
ion 1
Connect
ion 2
Connect
ion 3
ether4
R1

16. www.glcnetworks.com
Nth
(NTH) technique
16

17. www.glcnetworks.com
How Nth
(NTH) works?
NTH method matches a particular Nth
packet received
by the rule. Format: (E,P). See below
● Every - match every Every Nth
packet. For
example, if Every=2 then rule will check every 2
packet
● Packet - match on the given packet number.
○ Must not be 0
○ Must be less or equal to every
17
ISP1
LAN
ether1
ISP3
packet
1
packet 2
packet 3

18. www.glcnetworks.com
Nth
example. nth=Every,Packet
Original packet:
nth=2,1 -> 50% of traffic
nth=2,2 -> 50% of traffic
nth=3,1 -> 1/3 of traffic
nth=4,2 -> 1/4 of traffic
18
1 2 3 4 5 6 7 8 9 10
1 2 1 2 1 2 1 2 1 2
1 2 1 2 1 2 1 2 1 2
1 2 3 1 2 3 1 2 3 1
1 2 3 4 1 2 3 4 1 2

19. www.glcnetworks.com
Example Nth
firewall rules (per-packet basis)
● Matching every 2 packets, first-packet only
/ip firewall mangle add action=mark-packet chain=prerouting
new-packet-mark=AAA nth=2,1;
● Matching every 3 packets
/ip firewall mangle
add action=mark-packet chain=prerouting new-packet-mark=AAA nth=3,1
passthrough=yes;
add action=mark-packet chain=prerouting new-packet-mark=BBB nth=3,2
passthrough=yes;
add action=mark-packet chain=prerouting new-packet-mark=CCC nth=3,3
passthrough=yes;
19

20. www.glcnetworks.com
Important to note
● Marking the packets is just half of the process of doing load balancing
● The next step is to route the marked packets to different gateway. See
prerequisite
●
20

21. www.glcnetworks.com
Some issues & recommendations
Issues:
● Per-connection vs per-packet
○ Check your topology, which one is best suite you
● Beware of NATed connection
○ webserver will see inbound connection from 2 ip public addresses
○ webpage will not displayed correctly (as it is considered illegal session)
○ banking / https / game websites will not allow you to access their website. Sometimes you
need to do authentication again
Recommendations
● If you use NAT, Better to use classifier based on source IP address only ->
will give client consistent path to the destination
● Avoid NAT if possible -> using public IP address end-to-end -> use BGP ->
better performance
21

22. www.glcnetworks.com
Interested?
Just come to our
training...
Special price for webinar
attendees…
http://www.glcnetworks.c
om/main/schedule
22

23. www.glcnetworks.com
End of slides
● Thank you for your attention
● Please submit your feedback: http://bit.ly/glcfeedback
● Like our facebook page: “GLC networks”
● Slide: http://www.slideshare.net/r41nbuw
● Recording: https://www.youtube.com/channel/UCI611_IIkQC0rsLWIFIx_yg
● Stay tune with our schedule
23