galera tenho um ano de Experiencia com o mikrotik
vou passar o q eu sei de balanceamento espero que ajudem muitas pessoas
LOAD BALANCE 1
e o mais simples de todos, onde vc coloca dois gatewey e redireciona a porta do msn e https!!
exemplo:
Interfaces
Rede ip - 192.168.0.1/24
Link1 ip - 10.10.10.1/24
Link2 ip - 20.20.20.1/24
regras:
/ip firewall mangle
add action=mark-routing chain=prerouting comment=msn disabled=no dst-port=\
1863 new-routing-mark=msn passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" disabled=no \
new-packet-mark=msn passthrough=yes routing-mark=extra
add action=mark-routing chain=prerouting comment=https disabled=no dst-port=\
443 new-routing-mark=https passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" disabled=no \
new-packet-mark=https passthrough=yes routing-mark=extra
/ip route
add comment=balanceamento disabled=no dst-address=0.0.0.0/0 \
gateway=10.10.10.1,20.20.20.1 scope=255 target-scope=\
10
add comment=extras disabled=no distance=1 dst-address=0.0.0.0/0 \
gateway=20.20.20.1 routing-mark="extra" scope=255 target-scope=\
10
LOAD BALANCE 2
Esse vc separa por grupos de usuarios da sua rede.
Exemplo:
Interface
Rede ip - 192.168.0.1/24
Link1 ip - 10.10.10.1/24
Link2 ip - 20.20.20.1/24
regras:
/ip firewall mangle
add action=mark-routing chain=prerouting comment="GrupA" \
disabled=no new-routing-mark=GrupA passthrough=no src-address=\
192.168.0.2-192.168.0.128
add action=mark-routing chain=prerouting comment="GrupB" \
disabled=no new-routing-mark=GrupB passthrough=no src-address=\
192.168.0.129-192.168.0.254
/ip route
add comment=GrupA disabled=no dst-address=0.0.0.0/0 gateway=\
10.10.10.1 routing-mark=GrupA scope=255 target-scope=10
add comment=GrupB disabled=no dst-address=0.0.0.0/0 gateway=\
20.20.20.1 routing-mark=GrupoB scope=255 target-scope=10
galera agora vou colocar uns sripts para se for o caso de algum link cair:
Regras:
/system script
add name=link1-on policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff source=\
"/ip route {set [find comment=GrupA] gateway=10.10.10.1 }"
add name=link1-off policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff source=\
"/ip route {set [find comment=GrupA] gateway=20.20.20.1 }"
add name=link2-on policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff source=\
"/ip route {set [find comment=GrupB] gateway=20.20.20.1 }"
add name=link2-off policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff source=\
"/ip route {set [find comment=GrupB] gateway=10.10.10.1 }"
/tool netwatch
add comment="Rota - Grupo A" disabled=no down-script=link1-off host=\
10.10.10.1 interval=5m timeout=1s up-script=link1-on
add comment="Rota - Grupo B" disabled=no down-script=link2-off \
host=20.20.20.1 interval=5m timeout=1s up-script=link2-on
exemplo 2
Rede ip - 192.168.0.1/24
Link1 ip - 10.10.10.1/24
Link2 ip - 20.20.20.1/24
Link3 ip - 30.30.30.1/24
Link4 ip - 40.40.40.1/24
Regras
/ip firewall mangle
add action=mark-routing chain=prerouting comment="GrupA" \
disabled=no new-routing-mark=GrupA passthrough=no src-address=\
192.168.0.2-192.168.0.64
add action=mark-routing chain=prerouting comment="GrupB" \
disabled=no new-routing-mark=GrupB passthrough=no src-address=\
192.168.0.65-192.168.0.128
add action=mark-routing chain=prerouting comment="GrupC" \
disabled=no new-routing-mark=GrupC passthrough=no src-address=\
192.168.0.129-192.168.0.192
add action=mark-routing chain=prerouting comment="GrupD" \
disabled=no new-routing-mark=GrupD passthrough=no src-address=\
192.168.0.193-192.168.0.254
/ip route
add comment=GrupA disabled=no dst-address=0.0.0.0/0 gateway=\
10.10.10.1 routing-mark=GrupA scope=255 target-scope=10
add comment=GrupB disabled=no dst-address=0.0.0.0/0 gateway=\
20.20.20.1 routing-mark=GrupoB scope=255 target-scope=10
add comment=GrupA disabled=no dst-address=0.0.0.0/0 gateway=\
30.30.30.1 routing-mark=GrupC scope=255 target-scope=10
add comment=GrupB disabled=no dst-address=0.0.0.0/0 gateway=\
40.40.40.1 routing-mark=GrupoD scope=255 target-scope=10
LOAD BALANCE 3
esse um load que o mikrotik distribui por pacotes de conexão ja e mais um pouca complicada de se explicar mas vamos lá.
Mikrotik Versão 2.9
exemplo:
Rede ip - 192.168.0.1/24
Link1 ip - 10.10.10.1/24
Link2 ip - 20.20.20.1/24
Regras
/ ip firewall mangle
add chain=prerouting in-interface= Rede connection-state=new nth=1,1,0 action=mark-connection new-connection-mark=odd passthrough=yes comment="Balanceamento de carga" disabled=no
add chain=prerouting in-interface= Rede connection-mark=odd action=mark-routing new-routing-mark=odd passthrough=no comment="" disabled=no
add chain=prerouting in-interface= Rede connection-state=new nth=1,1,1 action=mark-connection new-connection-mark=even passthrough=yes comment="" disabled=no
add chain=prerouting in-interface= Rede connection-mark=even action=mark-routing new-routing-mark=even passthrough=no comment="" disabled=no
/ ip firewall nat
add chain=srcnat connection-mark=odd action=src-nat to-addresses=10.10.10.1 to-ports=0-65535 comment="Balanceamento de carga" disabled=no
add chain=srcnat connection-mark=even action=src-nat to-addresses=20.20.20.1 to-ports=0-65535 comment="" disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=10.10.10.1 scope=255 target-scope=10 routing-mark=odd comment="Gateway link1" disabled=no
add dst-address=0.0.0.0/0 gateway=20.20.20.1 scope=255 target-scope=10 routing-mark=even comment="Gateway link2" disabled=no
add dst-address=0.0.0.0/0 gateway=20.20.20.1 scope=255 target-scope=10 comment="principal" disabled=yes
Mikrotik 3.10 contendo 5 Links
Interfaces
Rede ip - 192.168.0.1/24
Link1 ip - 10.10.10.1/24
Link2 ip - 20.20.20.1/24
Link3 ip - 30.30.30.1/24
Link4 ip - 40.40.40.1/24
Link5 ip - 50.50.50.1/24
Regras
/ip firewall mangle
add action=mark-connection chain=prerouting comment=Link1 connection-state=\
new disabled=no dst-address-list=!ips in-interface=Rede \
new-connection-mark=link1 nth=4,0 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=link1 \
disabled=no in-interface=Rede new-routing-mark=link1 passthrough=no
add action=mark-connection chain=prerouting comment=Link2 connection-state=\
new disabled=no dst-address-list=!ips in-interface=Rede \
new-connection-mark=link2 nth=4,1 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=link2 \
disabled=no in-interface=Rede new-routing-mark=link2 passthrough=yes
add action=mark-connection chain=prerouting comment=Link3 connection-state=\
new disabled=no dst-address-list=!ips in-interface=Rede \
new-connection-mark=link3 nth=4,2 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=link3 \
disabled=no in-interface=Rede new-routing-mark=link3 passthrough=no
add action=mark-connection chain=prerouting comment=Link4 connection-state=\
new disabled=no dst-address-list=!ips in-interface=Rede \
new-connection-mark=link4 nth=4,3 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=link4 \
disabled=no in-interface=Rede new-routing-mark=link4 passthrough=no
add action=mark-connection chain=prerouting comment=Link5 connection-state=\
new disabled=no dst-address-list=!ips in-interface=Rede \
new-connection-mark=link5 nth=4,4 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=link5 \
disabled=no in-interface=Rede new-routing-mark=link5 passthrough=no
add action=mark-routing chain=prerouting comment=msn disabled=no dst-port=\
1863 new-routing-mark=link2 passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting comment="" disabled=no \
new-packet-mark=link2 passthrough=yes routing-mark=link2
add action=add-src-to-address-list address-list=ips address-list-timeout=0s \
chain=prerouting comment="" disabled=no in-interface=Rede
/ip firewall nat
add action=src-nat chain=srcnat comment="" connection-mark=link1 disabled=no \
to-addresses=10.10.10.1 to-ports=0-65535
add action=src-nat chain=srcnat comment="" connection-mark=link2 disabled=no \
to-addresses=20.20.20.1 to-ports=0-65535
add action=src-nat chain=srcnat comment="" connection-mark=link3 disabled=no \
to-addresses=30.30.30.1 to-ports=0-65535
add action=src-nat chain=srcnat comment="" connection-mark=link4 disabled=no \
to-addresses=40.40.40.1 to-ports=0-65535
add action=src-nat chain=srcnat comment="" connection-mark=link5 disabled=no \
to-addresses=50.50.50.1 to-ports=0-65535
/ip route
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
10.10.10.1 routing-mark=link1 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
20.20.20.1 routing-mark=link2 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
30.30.30.1 routing-mark=link3 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
40.40.40.1 routing-mark=link4 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
50.50.50.1 routing-mark=link5 scope=30 target-scope=10
Espero que ajude muita gente, qualquer duvida e so postar obrigado