I installed 180 3proxy containers on MIkrotik 8G RAM (they consume about 7GB RAM, that's suck).
I once saw a developer rewrite 3proxy to run on multiple WAN interfaces. Only one 3proxy container will listen on multiple ports, each port will go out to the internet on a different WAN interface.
How can they do that?
Inside a container, can we choose pppoe-outX gateway somehow?
Is there any solution that solve this case (use only one container to create proxy server with multiple WAN interface).

Run a separate proxy container for each inbound route. Each gets a different veth IP, allowing you to put each in a different subnet, which then lets you use all the power of RouterOS outside the container boundary.

Run a separate proxy container for each inbound route. Each gets a different veth IP, allowing you to put each in a different subnet, which then lets you use all the power of RouterOS outside the container boundary.

That is the easy way but it consume too much RAM and NOT easy to control, my 8gb RAM rig not enough for my 550 pppoe line

If you ask a question with key details missing, you can expect inapplicable answers all day long. Your diagram shows 6 routes, only 2 of which need special handling. My answer is perfectly reasonable — even, dare I say it, brilliant — under that condition.

My intention isn’t to scold you but to justify this polite demand: tell us what end goal you’re attempting to accomplish, not about the trouble you’re having implementing the solution you conceived before posting. Otherwise, this is shaping up to be a fine instance of the XY Problem.

Your “8GB” clue suggests CHR, which then makes me wonder why you don’t put the proxy out on the hypervisor. One of the many tagging/labeling schemes RouterOS supports — likely either VLAN, VXLAN, or MPLS — can then be used to identify which PPPoE client the traffic came from, turning the proxy layer into a router-on-a-stick scheme so that it doesn’t need to make routing decisions at all, merely obey the ones the CHR applied to these labeled packets.

Or, maybe proxies aren’t the right answer at all. We won’t be able to suggest better solutions as long as you keep withholding key details.

If you ask a question with key details missing, you can expect inapplicable answers all day long.

Sorry for not describing in detail. Thank you very much for your valuable suggestions. I've edited the post and added more details. If you don't mind, could you help me again, thank you so so much.

Your “8GB” clue suggests CHR, which then makes me wonder why you don’t put the proxy out on the hypervisor.

Unfortunately, I could not seperate proxyserver out of Mikrotik.

I've edited the post and added more details.

While I will readily agree that this forum's post editing feature is quite useful, it's better used when there are no replies yet or when you're fixing errors with minor consequences, as with spelling or grammar. It's also fine to add clarifications for the benefit of people making later replies. The problem comes when you make material edits to a post with replies, because that makes them invalid, and you can't expect the people who replied to go back and edit their replies in turn to make the thread consistent.

When thoughts are evolving in a thread like this, it's better to show the evolution linearly so that later readers can understand what happened, even if that means the initial post remains "wrong" in some sense.

I'm not asking you to go back and try to untangle things now. I'm just telling you this for the future.

Unfortunately, I could not seperate proxyserver out of Mikrotik.

Because…?

Your edited initial post is still missing key details, such as what you're using this "3proxy" thing for in the first place.

I will therefore make a wild-assed guess that you are attempting to give each PPPoE client a different view of the web, so that HTTP connections on port 80 go to a different server on the backend based on where it came in from. If that guess is wrong, you have only yourself to blame.

If you don't want us to guess, give us the details that avoid the need. If you can't give us all the details, then at least give us enough that our guesses become sufficiently accurate as to be useful.

With that and your edited initial post in mind, I offer this alternative solution: use destination NATting to transform connections from, for example, the virtual pppoe-123 network interface on TCP port 80 to the container's veth IP on TCP port 8000 + 123 = 8123. Then you configure 3proxy to listen on each of these 500 TCP ports, one for each PPPoE interface, along with what it connects to on the backend. Thus:


Step and repeat.

I will therefore make a wild-assed guess that you are attempting to give each PPPoE client a different view of the web…

Previously I used Linux to dial pppoe and sell proxies (ip:port:user:pwd). Currently some of my partners only run Mikrotik, some use x86 with large amount of RAM, others use RB5009 with only 1G of RAM.
I have to find the way to install only one container on their device.
I saw one developer rewrite 3proxy to do that but don't know which routing method he use inside the containers.
That is it.

Do you have a link to the container with the desired code? It bit hard to go from "someone made this work" to what you'd might need in this context.

My guess is they might be using a privileged container, and require access to all interfaces. But in Mikrotik ALL networking happens via the VETH interface and a container CANNOT access any other raw network interfaces directly. This is why @tangent is steering you towards some port mapping scheme on BOTH ends (proxy-side and PPPoE-side), on the VETH, because that's what's possible in RouterOS here.

Container can have VLAN interfaces according to this post: viewtopic.php?t=194185 (never tried). Maybe it would be possible to create VLANs on containers bridge and setup 3proxy to listen on each VLAN interface, eth0.100, eth0.101... and setup firewall rules and routing on ROS for each VLAN to desired WAN?