-
Lentidão depois do PCC
Olá Srs...
Apos termos implantado o Load Balance em PCC sentimos uma lentidão tremenda principalmente nos horarios de pico, não foi eu quem configurou pois um amigo meu é quem cuida disso pra mim, porem conversei com ele e ele diz que fez tudo certo. Ja procurei informações no forum que possa me dar uma luz e não encontrei nada. Antes eu estava com problema no msn e downloads de arquivos grandes e isso o PCC resolveu, agora o que realmente esta tirando o meu sono é a lentidão na navegação. Os clientes estão nos ligando a todo instante, pois nunca tivemos problema de lentidão na rede, pelo contrario sempre elogiaram.
Tenho 3 adsl um de 4 mega e dois de 2 mega eu acompanho o consumo de bandala pela interfaces e o consumo TX fica ocilando de 2 a 3.8 mb que me deixa tranquilo com relação ao uso da banda.
Tenho um pc que faz o load balance e fazia web proxi, segundo esse meu amigo não é mais possivel fazer web proxi na mesma maquina do load balance devido ao pcc. procurei isso e não achei nada que confirme isso e não estamos cacheando nada, por isso venho expor o meu problema pois tenho certeza que os amigos me darão caminho. Ja estou montando um pc para fazer cache full com o Thundercache porem vai demorar alguns dias e não posso deixar os clientes usando uma internet tão lenta até esse servidor ficar pronto.
Amigos não tenho tanto conhecimento em MK e preciso da ajuda de vcs e que seja uma coisa bem didatica de preferencia passo a passo. rsrsrs
Obrigado
Evilazio
[email protected]
www.evinet.com.br
-
PCC
Bom dia amigo, eu presto consultoria a provedores wireless, uso o balanceamento PCC em varios deles e ainda nao me foi relatado problemas desse tipo. Precisaria ver suas regras pra dar uma analizada, obter mais alguns detalhes.
Qual versão do Mikrotik? quais pacotes estão ativados e instalados?
Se possivel posta aki o resultado desses comandos
/ip firewall mangle export
/ip firewall nat export
/ip route export
/system package print
/system hardware print
Att.
Gabriel Siena
-
O Load PCC, precisa ser estudado pra ser implantando, exige uma analise prévia.
Poste os dados solicitados pelo gsiena e dae analizamos pra vc .
-
Olá GSiena agradeço desde já e vou tentar lhes passar o que vc me pedui.
resultado dos comandos:
[evilazio@LBFOCPFW] > /ip firewall mangle export
# jul/31/2009 22:34:53 by RouterOS 3.27
# software id = 6J6Z-R0J2
#
/ip firewall mangle
add action=mark-connection chain=input comment="" disabled=no in-interface=ether2 new-connection-mark=ether2_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=ether4 new-connection-mark=ether4_conn passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=ether2_conn disabled=no new-routing-mark=to_ether2 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=ether3_conn disabled=no new-routing-mark=to_ether3 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=ether4_conn disabled=no new-routing-mark=to_ether4 passthrough=yes
add action=accept chain=prerouting comment="" disabled=no dst-address=201.13.255.0/24 in-interface=ether1
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.205.0/24 in-interface=ether1
add action=accept chain=prerouting comment="" disabled=no dst-address=10.0.0.0/24 in-interface=ether1
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=ether1 new-connection-mark=ether2_conn passthrough=yes \
per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=ether1 new-connection-mark=ether3_conn passthrough=yes \
per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=ether1 new-connection-mark=ether4_conn passthrough=yes \
per-connection-classifier=both-addresses:3/2
add action=mark-routing chain=prerouting comment="" connection-mark=ether2_conn disabled=no in-interface=ether1 new-routing-mark=to_ether2 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=ether3_conn disabled=no in-interface=ether1 new-routing-mark=to_ether3 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=ether4_conn disabled=no in-interface=ether1 new-routing-mark=to_ether4 passthrough=yes
[evilazio@LBFOCPFW] > /ip firewall nat export
# jul/31/2009 22:35:48 by RouterOS 3.27
# software id = 6J6Z-R0J2
#
/ip firewall nat
add action=dst-nat chain=dstnat comment="" disabled=no dst-port=80 in-interface=ether2 protocol=tcp to-addresses=192.168.1.60 to-ports=80
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=201.13.255.190 dst-port=3389 protocol=tcp to-addresses=192.168.1.60 to-ports=3389
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=201.13.255.190 dst-port=0-65535 protocol=tcp to-addresses=192.168.1.60 to-ports=0-65535
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=201.13.255.190 dst-port=0-65535 protocol=udp to-addresses=192.168.1.60 to-ports=0-65535
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=192.168.205.2 dst-port=3389 protocol=tcp to-addresses=192.168.1.60 to-ports=3389
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=192.168.205.2 dst-port=0-65535 protocol=tcp to-addresses=192.168.1.60 to-ports=0-65535
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=192.168.205.2 dst-port=0-65535 protocol=udp to-addresses=192.168.1.60 to-ports=0-65535
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=10.0.0.138 dst-port=3389 protocol=tcp to-addresses=192.168.1.60 to-ports=3389
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=10.0.0.138 dst-port=0-65535 protocol=tcp to-addresses=192.168.1.60 to-ports=0-65535
add action=dst-nat chain=dstnat comment="" disabled=no dst-address=10.0.0.138 dst-port=0-65535 protocol=udp to-addresses=192.168.1.60 to-ports=0-65535
add action=redirect chain=dstnat comment=Proxy disabled=yes dst-address-list=!sem_proxy dst-port=80 protocol=tcp to-ports=3128
add action=masquerade chain=srcnat comment=NAT disabled=yes
add action=masquerade chain=srcnat comment="" disabled=no out-interface=ether2
add action=masquerade chain=srcnat comment="" disabled=no out-interface=ether5
add action=masquerade chain=srcnat comment="" disabled=no out-interface=ether4
[evilazio@LBFOCPFW] >> /ip route export
# jul/31/2009 22:36:11 by RouterOS 3.27
# software id = 6J6Z-R0J2
#
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.0.0.138 routing-mark=to_ether4 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=201.13.255.1 routing-mark=to_ether2 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=201.13.255.1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.205.1 routing-mark=to_ether3 scope=30 target-scope=10
add check-gateway=ping comment="" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=192.168.205.1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=3 dst-address=0.0.0.0/0 gateway=10.0.0.138 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.155.80.0/24 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.155.84.0/24 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.155.88.0/24 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.155.91.0/24 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.155.93.0/24 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.160.2.3/32 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.173.18.0/24 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.173.19.105/32 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.186.158.150/32 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.186.158.194/32 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.201.166.200/32 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.201.169.119/32 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.205.78.0/24 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.232.57.0/24 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.246.208.0/24 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=200.246.211.105/32 gateway=201.13.255.1 scope=30 target-scope=10
add comment=Bradesco disabled=yes distance=1 dst-address=201.63.54.0/24 gateway=201.13.255.1 scope=30 target-scope=10
[evilazio@LBFOCPFW] >> system package print
Flags: X - disabled
# NAME VERSION SCHEDULED
0 system 3.27
1 wireless 3.27
2 ups 3.27
3 synchronous 3.27
4 security 3.27
5 routing 3.27
6 routerboard 3.27
7 ppp 3.27
8 ntp 3.27
9 multicast 3.27
10 advanced-tools 3.27
[evilazio@LBFOCPFW] >> system hardware print
multi-cpu: yes
[evilazio@LBFOCPFW] >>
no aguardo, um abraço!
-
segue o script que foi rodado para o load balance:
/ ip address
add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=ether1
add address=201.13.255.190/24 interface=ether2
add address=192.168.205.2/24 interface=ether3
add address=10.0.0.200/24 interface=ether4
/ ip firewall mangle
add chain=input in-interface=ether2 action=mark-connection new-connection-mark=ether2_conn
add chain=input in-interface=ether3 action=mark-connection new-connection-mark=ether3_conn
add chain=input in-interface=ether4 action=mark-connection new-connection-mark=ether4_conn
add chain=output connection-mark=ether2_conn action=mark-routing new-routing-mark=to_ether2
add chain=output connection-mark=ether3_conn action=mark-routing new-routing-mark=to_ether3
add chain=output connection-mark=ether4_conn action=mark-routing new-routing-mark=to_ether4
add chain=prerouting dst-address=10.111.0.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=10.112.0.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=10.113.0.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=10.114.0.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses:4/0 action=mark-connection new-connection-mark=ether2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses:4/1 action=mark-connection new-connection-mark=ether3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses:4/2 action=mark-connection new-connection-mark=ether4_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses:4/3 action=mark-connection new-connection-mark=ether5_conn passthrough=yes
add chain=prerouting connection-mark=ether2_conn in-interface=ether1 action=mark-routing new-routing-mark=to_ether2
add chain=prerouting connection-mark=ether3_conn in-interface=ether1 action=mark-routing new-routing-mark=to_ether3
add chain=prerouting connection-mark=ether4_conn in-interface=ether1 action=mark-routing new-routing-mark=to_ether4
add chain=prerouting connection-mark=ether5_conn in-interface=ether1 action=mark-routing new-routing-mark=to_ether5
/ ip route
add dst-address=0.0.0.0/0 gateway=10.111.0.1 routing-mark=to_ether2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 routing-mark=to_ether3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.113.0.1 routing-mark=to_ether4 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.114.0.1 routing-mark=to_ether5 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.111.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.113.0.1 distance=3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.114.0.1 distance=4 check-gateway=ping
/ ip firewall nat
add chain=srcnat out-interface=ether2 action=masquerade
add chain=srcnat out-interface=ether3 action=masquerade
add chain=srcnat out-interface=ether4 action=masquerade
add chain=srcnat out-interface=ether5 action=masquerade
e ai? alguma novidade rsrsrs