Router OS - mangle 2 connections

[.anon]

I have been searching the internet for this, but I don't see a nice tutorial anywhere.

 

We got 2 wan connections comming in 500/30 and 200/70. We use the MIKROTIK CRS354-48G-4S+2Q+RM managed switch.

At the moment it is just plug and play. So when we place both wan connections in, it would seem to do load balancing automatically. Which is great.

 

But I want to mangle and pool both connections to work as one, for that there needs to be a buch of rules set in place. 

I did find this:

https://forum.mikrotik.com/viewtopic.php?t=135991

 

But it might as well be in Klingon.. I've never worked with managed switches before.

 

Any help?

[Husky]

Have a look at MikroTik's official documentation on load-balancing and mangling: https://help.mikrotik.com/docs/display/ROS/Firewall+Marking (you may be interested in examples 2, 3, or 4)

 

Due to you having a CRS (Switch), don't expect very good performance with firewall or mangling operations as the CPU is optimized more for switching applications than firewall applications. But it will still work. You may have to switch to RouterOS on your CRS instead of SwOS, which is very simple.

 

Also beware that "combining" two WAN links into one isn't as simple or straightforward as it may sound - you cannot send packets randomly out both at the same time for a single packet stream as the destination will be very confused as it doesn't expect out-of-order packets coming from two difference sources. So usually the connections or packet streams are all kept together, and separate streams are balanced across the two links. Because of this - you won't usually be able to simply get 500+200 = 700 Mbps download speed because you "combined" them - unless you are downloading multiple streams of data at the same time, then it can work and get you that higher speed.

[.anon]

On 6/1/2022 at 11:35 AM, Husky said:

Have a look at MikroTik's official documentation on load-balancing and mangling: https://help.mikrotik.com/docs/display/ROS/Firewall+Marking (you may be interested in examples 2, 3, or 4)

 

Due to you having a CRS (Switch), don't expect very good performance with firewall or mangling operations as the CPU is optimized more for switching applications than firewall applications. But it will still work. You may have to switch to RouterOS on your CRS instead of SwOS, which is very simple.

 

Also beware that "combining" two WAN links into one isn't as simple or straightforward as it may sound - you cannot send packets randomly out both at the same time for a single packet stream as the destination will be very confused as it doesn't expect out-of-order packets coming from two difference sources. So usually the connections or packet streams are all kept together, and separate streams are balanced across the two links. Because of this - you won't usually be able to simply get 500+200 = 700 Mbps download speed because you "combined" them - unless you are downloading multiple streams of data at the same time, then it can work and get you that higher speed.

Thanks for the heads up! So basically there is not a lot of difference between magle and load balancing? Since it won't be able to use both at the same time anyways?

[Husky]

47 minutes ago, .anon said:

Thanks for the heads up! So basically there is not a lot of difference between magle and load balancing? Since it won't be able to use both at the same time anyways?

Mangling and load balancing are different things. Mangling is simply a way of marking packets so that you can do some special processing with them later (it's a general thing that allows you to do lots of cool tricks). Load balancing is trying to balance the load evenly across multiple links (either for redundancy or extra throughput or speed). Some types of load balancing setups make use of mangling to make them work, some others do not use mangling. It depends on load balancing setup.

 

In general - if you have two links and want to load balance a single stream of packets (such as a single TCP connection), it's not going to work very well. It works better for multiple streams (or multiple TCP connections). If you for example download a file using HTTP in your web browser, it will only utilize one of your links. But if someone else on your network starts another download, then their connection should be balanced to the other link. Your router will be able to tell the two streams apart and put each one on a separate link. Then you will be pulling down 500 Mbps on one link and they will be pulling down 200 Mbps on the other link for a nice 700 Mbps total. Instead of that other user sharing your 500 Mbps link, they were automatically balanced to the 200Mbps link because the router knew that the 500 Mbps link was busy and the 200 Mbps link was free. This is works very well in a business environment where there are multiple users all sharing the load-balanced internet connections, the load is able to be balanced quite evenly across them to increase total throughput (and provide redundancy in case one internet link goes down) instead of everyone hogging one single link and congesting it to a crawl.

 

So yes, you can use multiple links at the same time - just not for a single stream. It works well for when you have multiple downloads/uploads happening at once (torrents can take advantage of this!), then it's able to split them across your links and you get full speed which is awesome. I think you should follow whichever example fits your needs best from that documentation and enjoy your network.

[.anon]

On 6/3/2022 at 10:16 AM, Husky said:

Mangling and load balancing are different things. Mangling is simply a way of marking packets so that you can do some special processing with them later (it's a general thing that allows you to do lots of cool tricks). Load balancing is trying to balance the load evenly across multiple links (either for redundancy or extra throughput or speed). Some types of load balancing setups make use of mangling to make them work, some others do not use mangling. It depends on load balancing setup.

 

In general - if you have two links and want to load balance a single stream of packets (such as a single TCP connection), it's not going to work very well. It works better for multiple streams (or multiple TCP connections). If you for example download a file using HTTP in your web browser, it will only utilize one of your links. But if someone else on your network starts another download, then their connection should be balanced to the other link. Your router will be able to tell the two streams apart and put each one on a separate link. Then you will be pulling down 500 Mbps on one link and they will be pulling down 200 Mbps on the other link for a nice 700 Mbps total. Instead of that other user sharing your 500 Mbps link, they were automatically balanced to the 200Mbps link because the router knew that the 500 Mbps link was busy and the 200 Mbps link was free. This is works very well in a business environment where there are multiple users all sharing the load-balanced internet connections, the load is able to be balanced quite evenly across them to increase total throughput (and provide redundancy in case one internet link goes down) instead of everyone hogging one single link and congesting it to a crawl.

 

So yes, you can use multiple links at the same time - just not for a single stream. It works well for when you have multiple downloads/uploads happening at once (torrents can take advantage of this!), then it's able to split them across your links and you get full speed which is awesome. I think you should follow whichever example fits your needs best from that documentation and enjoy your network.

Awesome!

Thanks for the help!