General • Triple WAN PCC Load Balancing validation - debloat

/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/routing tableadd fib name=to_ISP1add fib name=to_ISP2add fib name=to_ISP3/interface bridge portadd bridge="Lan Bridge" interface=ether4add bridge="Lan Bridge" interface=ether5/ip firewall connection trackingset tcp-established-timeout=12h loose-tcp-tracking=no/ip settingsset max-neighbor-entries=4096 rp-filter=loose/interface list memberadd interface=ether1 list=WANadd interface=ether2 list=WANadd interface=ether3 list=WANadd interface="Lan Bridge" list=LAN/ip dhcp-clientadd comment="ISP1 - DHCP Client" interface=ether1 script=":if (\$bound=1) do={/ip route set [find routing-table=to_ISP1] gateway=\$\"gateway-address\" }" add-default-route=yes use-peer-dns=no use-peer-ntp=noadd comment="ISP2 - DHCP Client" interface=ether2 script=":if (\$bound=1) do={/ip route set [find routing-table=to_ISP2] gateway=\$\"gateway-address\" }" add-default-route=yes default-route-distance=2 use-peer-dns=no use-peer-ntp=noadd comment="ISP3 - DHCP Client" interface=ether3 script=":if (\$bound=1) do={/ip route set [find routing-table=to_ISP3] gateway=\$\"gateway-address\" }" add-default-route=yes default-route-distance=3 use-peer-dns=no use-peer-ntp=no/ip firewall mangleadd action=accept chain=prerouting comment="Lan Bridge access" dst-address-list=expected-address-from-LAN in-interface-list=LANadd action=mark-connection chain=prerouting comment="mark all new incoming connections" connection-mark=no-mark connection-state=new in-interface=ether1 new-connection-mark=ISP1_conn passthrough=yesadd action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new in-interface=ether2 new-connection-mark=ISP2_conn passthrough=yesadd action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new in-interface=ether3 new-connection-mark=ISP3_conn passthrough=yesadd action=mark-connection chain=prerouting comment="divide traffic into three groups" connection-mark=no-mark connection-state=new dst-address-type=!local in-interface-list=LAN new-connection-mark=ISP1_conn passthrough=yes per-connection-classifier=src-address-and-port:3/0add action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new dst-address-type=!local in-interface-list=LAN new-connection-mark=ISP2_conn passthrough=yes per-connection-classifier=src-address-and-port:3/1add action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new dst-address-type=!local in-interface-list=LAN new-connection-mark=ISP3_conn passthrough=yes per-connection-classifier=src-address-and-port:3/2add action=mark-routing chain=prerouting comment="distribute traffic across ISP's" connection-mark=ISP1_conn in-interface-list=LAN new-routing-mark=to_ISP1 passthrough=yesadd action=mark-routing chain=prerouting connection-mark=ISP2_conn in-interface-list=LAN new-routing-mark=to_ISP2 passthrough=yesadd action=mark-routing chain=prerouting connection-mark=ISP3_conn in-interface-list=LAN new-routing-mark=to_ISP3 passthrough=yesadd action=mark-routing chain=output comment="force connection to table" connection-mark=ISP1_conn new-routing-mark=to_ISP1 passthrough=noadd action=mark-routing chain=output connection-mark=ISP2_conn new-routing-mark=to_ISP2 passthrough=noadd action=mark-routing chain=output connection-mark=ISP3_conn new-routing-mark=to_ISP3 passthrough=no/ip firewall natadd action=masquerade chain=srcnat comment="ISP1 - Masquerade" out-interface=ether1add action=masquerade chain=srcnat comment="ISP2 - Masquerade" out-interface=ether2add action=masquerade chain=srcnat comment="ISP3 - Masquerade" out-interface=ether3/ip routeadd check-gateway=ping gateway=ISP1-IP routing-table=to_ISP1 distance=1 comment="ISP1 - Routing Table to_ISP1"add check-gateway=ping gateway=ISP2-IP routing-table=to_ISP2 distance=1 comment="ISP2 - Routing Table to_ISP2"add check-gateway=ping gateway=ISP3-IP routing-table=to_ISP3 distance=1 comment="ISP3 - Routing Table to_ISP3"