Mestres, boa noite!
Por favor preço a ajuda de vocês, porque sozinho não consegui fazer o balanceamento. Sei o básico de mikrotik e tenho uma boa noção de roteamento, mas só sei manusear bem o mikrotik pelo winbox.
Já pesquisei bastante aqui no forum, mas não consegui resolver. um tópico que achei legal foi esse https://under-linux.org/showthread.php?t=152913, mas utilizei também estes dois vídeos:
http://www.4shared.com/get/QviDY6ZJ/pcc2rout.html
Enfim, não consigo fazer o ballance PCC funcionar e preciso muito da ajuda de vocês por favor.
Meu cenário é o seguinte:
<Clientes> 10.0.0.0/24 e 192.168.0../24 (na mesma interface) ---> 192.168.0.10 <Mikrotik PPPOe> 192.168.88.2/30 ----> 192.168.88.1/30 <Mikrotik Ballance>
O vídeo mais completo que vi foi o mostrando como fazer com os modems roteados, mas já vi modem roteado travando aqui e queria fazer com eles em PPPoe.
Essas são as regras do Firewall do mikrotik do balanceamento (utilizei o comando 'export'):
# jan/02/1970 01:24:39 by RouterOS 5.6
# software id = 54HR-17TT
#
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d tcp-fin-wait-timeout=\
10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=5s \
tcp-syn-sent-timeout=5s tcp-syncookie=no tcp-time-wait-timeout=10s \
udp-stream-timeout=3m udp-timeout=10s
/ip firewall mangle
add action=accept chain=prerouting comment=\
"Aceitar todo o tr\E1fego para redes conectadas" disabled=no dst-address=\
192.168.88.0/30 src-address=192.168.88.0/30
add action=mark-connection chain=police_router disabled=no dst-address-type=\
!local new-connection-mark=ISP3_conn passthrough=yes \
per-connection-classifier=both-addresses:6/3
add action=mark-routing chain=prerouting comment=\
"RADIUSNET SAINDO SEMPRE PELO MESMO LINK - DEIXAR NO INICIO DA MANGLE" \
disabled=no dst-address=186.202.62.75 new-routing-mark=ISP1_trafic \
passthrough=no
add action=accept chain=prerouting comment=\
"Aceitar conex\E3o entre os tr\EAs ISPs" disabled=yes dst-address=\
10.0.10.0/30 src-address=192.168.88.0/30
add action=accept chain=prerouting disabled=yes dst-address=10.0.20.0/30 \
src-address=192.168.88.0/30
add action=accept chain=prerouting disabled=yes dst-address=10.0.30.0/30 \
src-address=192.168.88.0/30
add action=mark-connection chain=prerouting comment=\
"Regras que fazem a marca\E7\E3o das conex\F5es que vem dos tr\EAs ISPs" \
connection-mark=no-mark disabled=yes in-interface=ISP1 new-connection-mark=\
ISP1_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
yes in-interface=ISP2 new-connection-mark=ISP2_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
yes in-interface=ISP3 new-connection-mark=ISP3_conn passthrough=yes
add action=jump chain=prerouting comment=\
"Pol\EDtica de encaminhamento personalizado" connection-mark=no-mark \
disabled=yes in-interface=local jump-target=police_router
add action=mark-routing chain=prerouting comment=\
"Marca de roteamento para enviar pacotes a partir de conex\F5es marcadas" \
connection-mark=ISP1_conn disabled=yes new-routing-mark=ISP1_trafic \
passthrough=yes src-address=192.168.88.0/30
add action=mark-routing chain=prerouting connection-mark=ISP2_conn disabled=yes \
new-routing-mark=ISP2_trafic passthrough=yes src-address=192.168.88.0/30
add action=mark-routing chain=prerouting connection-mark=ISP3_conn disabled=yes \
new-routing-mark=ISP3_trafic passthrough=yes src-address=192.168.88.0/30
add action=mark-routing chain=output comment="Marca de roteamento" \
connection-mark=ISP1_conn disabled=yes new-routing-mark=ISP1_trafic \
passthrough=yes
add action=mark-routing chain=output connection-mark=ISP2_conn disabled=yes \
new-routing-mark=ISP2_trafic passthrough=yes
add action=mark-routing chain=output connection-mark=ISP3_conn disabled=yes \
new-routing-mark=ISP3_trafic passthrough=yes
add action=mark-connection chain=police_router comment=\
"Regras que fazem o equil\EDbrio de carga entre os links" disabled=yes \
dst-address-type=!local new-connection-mark=ISP1_conn passthrough=yes \
per-connection-classifier=both-addresses:6/0
add action=mark-connection chain=police_router disabled=yes dst-address-type=\
!local new-connection-mark=ISP2_conn passthrough=yes \
per-connection-classifier=both-addresses:6/1
add action=mark-connection chain=police_router disabled=yes dst-address-type=\
!local new-connection-mark=ISP2_conn passthrough=yes \
per-connection-classifier=both-addresses:6/2
add action=mark-connection chain=police_router disabled=yes dst-address-type=\
!local new-connection-mark=ISP3_conn passthrough=yes \
per-connection-classifier=both-addresses:6/4
add action=mark-connection chain=police_router disabled=yes dst-address-type=\
!local new-connection-mark=ISP3_conn passthrough=yes \
per-connection-classifier=both-addresses:6/5
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out1
add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out2
add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out3
add action=dst-nat chain=dstnat comment="REDIRECIONAMENTO RB INTERNA" disabled=\
no dst-port=8999 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.2 to-ports=8291
add action=dst-nat chain=dstnat comment="REDIRECIONAMENTO RADIUSNET RB INTERNA" \
disabled=no dst-port=32323 in-interface=pppoe-out1 protocol=tcp \
to-addresses=192.168.88.2 to-ports=32323
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061 sip-direct-media=yes
set pptp disabled=no
Estas são as regras das rotas:
# jan/02/1970 01:26:11 by RouterOS 5.6
# software id = 54HR-17TT
#
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 \
routing-mark=ISP1_trafic scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out2 \
routing-mark=ISP2_trafic scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out3 \
routing-mark=ISP3_trafic scope=30 target-scope=10
add comment=5MB disabled=no distance=3 dst-address=0.0.0.0/0 gateway=pppoe-out1 \
scope=30 target-scope=10
add comment=10MB disabled=no distance=4 dst-address=0.0.0.0/0 gateway=\
pppoe-out2 scope=30 target-scope=10
add comment=15MB disabled=no distance=5 dst-address=0.0.0.0/0 gateway=\
pppoe-out3 scope=30 target-scope=10
add comment="ROTA REDE INTERNA - CLIENTES" disabled=no distance=1 dst-address=\
10.0.0.0/24 gateway=192.168.88.2 scope=30 target-scope=10
add comment="ROTA REDE INTERNA" disabled=no distance=1 dst-address=\
192.168.0.0/24 gateway=192.168.88.2 scope=30 target-scope=10
Desde já fico muito agradecido pela ajuda!
Obrigado!