Bem lembrado, os meus que sao tudo diferente
Versão Imprimível
Bem lembrado, os meus que sao tudo diferente
hum vc faz o load pcc?? ou nth??
Olá a todos!
Alguém pode me ajudar?
tô com o seguinte problema, uso a rb1100, com 4 links adsl de 10mb, mas quase todo trafego sai pelo link 1, enquanto os outros 3 ficam baixissimo o consumo, e quando o link 1 ja esta no gargalo, causa lentidão na rede, e não puxa banda dos outros 3 links.
não entendo muito bem como configurar o pcc mikrotik.
alguém pode olhar minhas configurações e verificar onde está errado?
segue o endereço com a tela mostrando as rotas e o trafego das interfaces;
ImageShack
segue também um export das minhas configurações ip/firewall;
/ip firewall address-list
add address=192.168.100.0/24 disabled=no list=rede-interna
add address=200.155.80.0-200.155.255.255 comment=BRADESCO disabled=no list=loopback
add address=200.220.186.0/24 comment=BRADESCO disabled=no list=loopback
add address=200.220.178.0/24 comment=BRADESCO disabled=no list=loopback
add address=200.159.128.0/24 comment=BRADESCO disabled=no list=loopback
add address=192.168.100.0/24 disabled=no list=loopback
add address=189.72.217.102 comment="COLOCAR O IP PARA FICAR FORA DO BALANCE" disabled=no list=loopback
add address=201.7.176.0/20 comment=Globo disabled=no list=loopback
add address=201.88.207.50 disabled=no list=loopback
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=drop chain=virus comment="bloqueio de VIRUS conhecidos" disabled=no dst-port=445 protocol=tcp
add action=drop chain=virus disabled=no dst-port=445 protocol=udp
add action=drop chain=virus disabled=no dst-port=593 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1080 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1363 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1364 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1373 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1377 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1368 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1433-1434 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1024-1030 protocol=tcp
add action=drop chain=virus disabled=no dst-port=1214 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=135-139 protocol=tcp
add action=drop chain=virus comment="Drop Messenger Worm" disabled=no dst-port=135-139 protocol=udp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=445 protocol=tcp
add action=drop chain=virus comment="Drop Blaster Worm" disabled=no dst-port=445 protocol=udp
add action=drop chain=virus comment=________ disabled=no dst-port=593 protocol=tcp
add action=drop chain=virus comment=________ disabled=no dst-port=1024-1030 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom" disabled=no dst-port=1080 protocol=tcp
add action=drop chain=virus comment=________ disabled=no dst-port=1214 protocol=tcp
add action=drop chain=virus comment="ndm requester" disabled=no dst-port=1363 protocol=tcp
add action=drop chain=virus comment="ndm server" disabled=no dst-port=1364 protocol=tcp
add action=drop chain=virus comment="screen cast" disabled=no dst-port=1368 protocol=tcp
add action=drop chain=virus comment=hromgrafx disabled=no dst-port=1373 protocol=tcp
add action=drop chain=virus comment=cichlid disabled=no dst-port=1377 protocol=tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=1433-1434 protocol=tcp
add action=drop chain=virus comment="Bagle Virus" disabled=no dst-port=2745 protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" disabled=no dst-port=2283 protocol=tcp
add action=drop chain=virus comment="Drop Beagle" disabled=no dst-port=2535 protocol=tcp
add action=drop chain=virus comment="Drop Beagle.C-K" disabled=no dst-port=2745 protocol=tcp
add action=drop chain=virus comment="Drop porta proxy" disabled=no dst-port=3127-3128 protocol=tcp
add action=drop chain=virus comment="Drop Backdoor OptixPro" disabled=no dst-port=3410 protocol=tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=4444 protocol=tcp
add action=drop chain=virus comment=Worm disabled=no dst-port=4444 protocol=udp
add action=drop chain=virus comment="Drop Sasser" disabled=no dst-port=5554 protocol=tcp
add action=drop chain=virus comment="Drop Beagle.B" disabled=no dst-port=8866 protocol=tcp
add action=drop chain=virus comment="Drop Dabber.A-B" disabled=no dst-port=9898 protocol=tcp
add action=drop chain=virus comment="Drop Dumaru.Y" disabled=no dst-port=10000 protocol=tcp
add action=drop chain=virus comment="Drop MyDoom.B" disabled=no dst-port=10080 protocol=tcp
add action=drop chain=virus comment="Drop NetBus" disabled=no dst-port=12345 protocol=tcp
add action=drop chain=virus comment="Drop SubSeven" disabled=no dst-port=27374 protocol=tcp
add action=drop chain=virus comment="Drop Kuang2" disabled=no dst-port=17300 protocol=tcp
add action=drop chain=virus comment="Drop PhatBot, Agobot, Gaobot" disabled=no dst-port=65506 protocol=tcp
add action=drop chain=input comment=FTP disabled=yes dst-port=21 protocol=tcp
add action=drop chain=input comment=SSH disabled=no dst-port=22 protocol=tcp
add action=drop chain=input comment=TELNET disabled=no dst-port=23 protocol=tcp
add action=accept chain=input comment="Accept established connections" connection-state=established disabled=no
add action=accept chain=input comment="Accept related connections" connection-state=related disabled=no
add action=drop chain=input comment="Drop invalid connections" connection-state=invalid disabled=no
add action=accept chain=input comment="Allow limited pings" disabled=no limit=50/5s,2 protocol=icmp
add action=drop chain=input comment="Drop excess pings" disabled=no protocol=icmp
/ip firewall mangle
add action=accept chain=prerouting comment="out load DST" disabled=no dst-address-list=rede-interna in-interface=Clientes
add action=accept chain=prerouting comment="FORA DO LOADBALACED" disabled=no dst-address-list=loopback in-interface=Clientes
add action=mark-connection chain=input comment="Make the packet leaves via same interface" connection-state=new disabled=no in-interface=LINK1-pppoe new-connection-mark=LINK1_conn \
passthrough=yes
add action=mark-connection chain=input connection-state=new disabled=no in-interface=LINK2-pppoe new-connection-mark=LINK2_conn passthrough=yes
add action=mark-connection chain=input connection-state=new disabled=no in-interface=LINK3-pppoe new-connection-mark=LINK3_conn passthrough=yes
add action=mark-connection chain=input connection-state=new disabled=no in-interface=LINK4-pppoe new-connection-mark=LINK4_conn passthrough=yes
add action=mark-routing chain=output connection-mark=LINK1_conn connection-state=new disabled=no new-routing-mark=to_LINK1 passthrough=no
add action=mark-routing chain=output connection-mark=LINK2_conn connection-state=new disabled=no new-routing-mark=to_LINK2 passthrough=no
add action=mark-routing chain=output connection-mark=LINK3_conn connection-state=new disabled=no new-routing-mark=to_LINK3 passthrough=no
add action=mark-routing chain=output connection-mark=LINK4_conn connection-state=new disabled=no new-routing-mark=to_LINK4 passthrough=no
add action=mark-connection chain=prerouting comment="PCC Balance" disabled=no dst-address-type=!local in-interface=Clientes new-connection-mark=LINK1_conn passthrough=yes \
per-connection-classifier=both-addresses:4/0
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local in-interface=Clientes new-connection-mark=LINK2_conn passthrough=yes per-connection-classifier=\
both-addresses:4/1
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local in-interface=Clientes new-connection-mark=LINK3_conn passthrough=yes per-connection-classifier=\
both-addresses:4/2
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local in-interface=Clientes new-connection-mark=LINK4_conn passthrough=yes per-connection-classifier=\
both-addresses:4/3
add action=mark-routing chain=prerouting comment="Marking all the packets" connection-mark=LINK1_conn disabled=no in-interface=Clientes new-routing-mark=to_LINK1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=LINK2_conn disabled=no in-interface=Clientes new-routing-mark=to_LINK2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=LINK3_conn disabled=no in-interface=Clientes new-routing-mark=to_LINK3 passthrough=no
add action=mark-routing chain=prerouting connection-mark=LINK4_conn disabled=no in-interface=Clientes new-routing-mark=to_LINK4 passthrough=no
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat disabled=no out-interface=LINK1-pppoe
add action=masquerade chain=srcnat disabled=no out-interface=LINK2-pppoe
add action=masquerade chain=srcnat disabled=no out-interface=LINK3-pppoe
add action=masquerade chain=srcnat disabled=no out-interface=LINK4-pppoe
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
Por favor me ajudem!
Desde ja muito Obrigado!
bhyll