Bonding Two ADSL

Because I must wait 1-2 months to upgrade my Intercity Leased Line (LL) between Indonesia Internet Exchange (IIX) locate in Cyber Building, South Jakarta with my remote site with distance 266km so i try using Mikrotik Interface Bonding Solution, and it works.

So this is the configuration for Mikrotik Router locate in remote site:

I used two ADSL connection

/interface pppoe-client
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=ether1_adsl1 max-mru=1480 max-mtu=\
1480 mrru=disabled name=telkom1 password=123456 profile=pppoe \
service-name="" use-peer-dns=no user=adsl1@telkom.net
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \
dial-on-demand=no disabled=no interface=ether3_adsl2 max-mru=1480 max-mtu=\
1480 mrru=disabled name=telkom2 password=123456 profile=pppoe \
service-name="" use-peer-dns=no user=adsl2@telkom.net

note:

1. password=123456 , this is just example you must using your own password
2. user=adsl1@telkom.net, this is just example you must using your own user

[Me@RemoteSite] /ip address print detail
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; BONDING PDA1 D3
address=1.2.3.62/30 network=1.2.3.60
interface=BONDING_PDA1_D3_EOIP actual-interface=BONDING_PDA1_D3_EOIP

5 D address=1.2.255.218/32 network=1.2.255.1 interface=telkom2
actual-interface=telkom2

6 D address=1.2.251.170/32 network=1.2.250.1 interface=telkom1
actual-interface=telkom1

note:

1. address=1.2.3.63/30 , this is point-to-point ip address between bonding interface jakarta with remote site
2. address=1.2.255.218/32 and address=1.2.250.170/32, this is ip address from ADSL provider, this is good because between telkom1 and telkom2 using different gateway and network so we can create different routing statick for two eoip connection for each ADSL

/ip route
add check-gateway=ping comment="DEFAULT GATEWAY via BONDING RO JAKARTA" \
disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.2.3.61 scope=30 \
target-scope=10
add comment="ROUTING To LOOPBACK1 RO JAKARTA via ADSL 1" \
disabled=no distance=1 dst-address=1.2.3.38/32 gateway=1.2.250.1 \
scope=30 target-scope=10
add comment="ROUTING To LOOPBACK2 RO JAKARTA via ADSL 2" \
disabled=no distance=1 dst-address=1.2.3.41/32 gateway=1.2.255.1 \
scope=30 target-scope=10
add comment="DNS ADSL1" disabled=no distance=1 dst-address=202.134.0.155/32 \
gateway=1.2.250.1,118.96.255.1 scope=30 target-scope=10
add comment="DNS ADSL2" disabled=no distance=1 dst-address=202.134.1.10/32 \
gateway=1.2.250.1,118.96.255.1 scope=30 target-scope=10

note:

1. LOOPBACK1 and LOOPBACK2 is the ip address on lobridge1 and lobridge2 interface at Jakarta Router, just to make sure each eoip interface have their remote-address

/interface eoip
add arp=enabled comment="remote address 1.2.3.38 ip loopback rb1000 jkt" \
disabled=no l2mtu=65535 mac-address=02:83:30:AC:C5:18 mtu=1500 name=\
EOIP_PDA1_D3_4793 remote-address=1.2.3.38 tunnel-id=4793
add arp=enabled comment="remote address 1.2.3.41 ip loopback rb1000 jkt" \
disabled=no l2mtu=65535 mac-address=02:83:30:AC:C5:18 mtu=1500 name=\
EOIP_PDA1_D3_7814 remote-address=1.2.3.41 tunnel-id=7814

note:

1. I using two EOIP interface , each EOIP connected using ADSL to Jakarta Router, because my Jakarta Router directly connected to IIX so from Jakarta Router to RemoteSite Router connected through IIX to ADSL provider

/interface bonding
add arp=enabled arp-interval=100ms arp-ip-targets=1.2.3.61 disabled=no \
down-delay=0ms lacp-rate=30secs link-monitoring=arp mii-interval=100ms \
mode=balance-rr mtu=1500 name=BONDING_PDA1_D3_EOIP primary=none slaves=\
EOIP_PDA1_D3_4793,EOIP_PDA1_D3_7814 transmit-hash-policy=layer-2 up-delay=\
0ms

note:

1. arp-ip-targets=1.2.3.61, this is ip monitoring on Jakarta Router
2. mode=balance-rr, this is bonding mode i used, balance-rr its mean the data will tx and rx using round-robin and give balance and fail-over between slave interface

I using NAT to masquerade all traffic out through Bonding interface to make sure the src-address from my remote-site is replace with IP 1.2.3.62

/ip firewall nat
add action=masquerade chain=srcnat comment="NAT via BONDING" disabled=no \
out-interface=BONDING_PDA1_D3_EOIP


And this is configuration for Mikrotik Router locate in Jakarta:

/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
comment="" disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s \
mtu=1500 name=lobridge1 priority=0x8000 protocol-mode=none \
transmit-hold-count=6
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
comment="" disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s \
mtu=1500 name=lobridge2 priority=0x8000 protocol-mode=none \
transmit-hold-count=6

note:

1. lobridge interface using for ip loopback for remote-address eoip from RemoteSite

/interface eoip
add arp=enabled comment="" disabled=no l2mtu=65535 mac-address=\
02:8B:E1:15:7E:C5 mtu=1500 name=EOIP_4793 remote-address=\
1.2.251.170 tunnel-id=4793
add arp=enabled comment="" disabled=no l2mtu=65535 mac-address=\
02:8B:E1:15:7E:C5 mtu=1500 name=EOIP_7814 remote-address=\
1.2.255.218 tunnel-id=7814


/interface bonding
add arp=enabled arp-interval=100ms arp-ip-targets=1.2.3.62 comment="" \
disabled=no down-delay=0s lacp-rate=30secs link-monitoring=arp \
mii-interval=100ms mode=balance-rr mtu=1500 name=BONDING_PDA1_D3_EOIP \
primary=none slaves=EOIP_PDA1_D3_4793,EOIP_PDA1_D3_7814 \
transmit-hash-policy=layer-2 up-delay=0s


[Me@Jakarta] > /ip address print
Flags: X - disabled, I - invalid, D - dynamic
1 ;;; IIX BGP Peering
1.2.3.22/30 1.2.3.20 1.2.3.23 ether2_OIXP
5 ;;; IP Loopback1
1.2.3.38/32 1.2.3.38 1.2.3.38 lobridge1
6 ;;; IP Loopback2
1.2.3.41/32 1.2.3.41 1.2.3.41 lobridge2
11 ;;; BONDING
1.2.3.61/30 1.2.3.60 1.2.3.63 BONDING_PDA1_D3_EOIP


Note:

1. Jakarta Router directly connected to IIX so routing table from Jakarta to ADSL at RemoteSite is through IIX and the routing table is using BGP protocol between Jakarta Router to IIX Router