Bom dia
Um abraço ae a alguns amigos Minelli e o Andre Proença
Voltei ao grupo depois de alguns anos afastado, e ja chego logo com uma polemica, montei uma estrutura com o balance da seguinte forma:
RB 1100 ah link1 120mb, link2 120mb, a duvida como sao 3 ptps pra torres criei uma bridge para as 3 ethers e coloquei elas
nessa bridge atribui um endereço e liguei os ptps nela sendo a bridge o gw das torres, agora a ducida fazer a bridge é besteira
fica ruim? ou é melhor eu fazer uma nat pra cada ptp com ip e etc?
segue as minhas confs ja que estou meio enferrujado vai que tem algo errado ne...
Link1 =ISP1 Link2 = ISP2
Local = Bridge com e 3thers
/ip address
add address=10.0.0.1/24 interface=Local network=10.0.0.0
add address=192.168.250.2/24 comment="gw 192.168.250.1" interface=ISP1 network=\
192.168.250.0
add address=192.168.251.2/24 comment="gw 192.168.251.1" interface=ISP2 network=\
192.168.251.0
add address=172.200.10.1/24 interface=Local network=172.200.10.0
/ip dns
set allow-remote-requests=yes servers=208.67.222.222,8.8.8.8,187.22.0.15
/ip dns static
add address=10.0.0.1 name=powernet.net
/ip firewall address-list
add address=200.155.80.0-200.155.255.255 comment=BRADESCO list=loopback
add address=200.220.186.0/24 comment=BRADESCO list=loopback
add address=200.220.178.0/24 comment=BRADESCO list=loopback
add address=200.155.86.0/24 comment="BRADESCO PJ" list=loopback
add address=200.155.82.0/23 comment="BRADESCO PJ" list=loopback
add address=187.6.86.0/24 comment="ISSNET ONLINE" list=loopback
add address=189.86.4.0/24 comment="ISSNET ONLINE" list=loopback
add address=161.148.231.0/24 comment="RECEITA FEDERAL" list=loopback
add address=72.46.128.0/19 comment="FILMES - VIDIG.BIZ" list=loopback
add address=77.247.176.0/21 comment="Vidig Videos" list=loopback
add address=200.201.166.0/24 comment="CONECTIVIDADE SOCIAL" list=loopback
add address=200.201.173.0/24 comment="CONECTIVIDADE SOCIAL" list=loopback
add address=200.201.174.0/24 comment="CONECTIVIDADE SOCIAL" list=loopback
add address=85.159.232.0/21 comment="Vidig Videos" list=loopback
add address=200.175.132.200/29 comment="ISSNET ONLINE" list=loopback
add address=187.45.224.0/19 comment="ISSNET ONLINE" list=loopback
add address=189.86.4.48/28 comment="NOTA CONTROL" list=loopback
add address=78.140.0.0/16 comment=VIDIG list=loopback
add address=94.75.192.0/18 comment=VIDIG list=loopback
add address=72.21.80.0/20 comment=VIDIG list=loopback
add address=93.174.88.0/21 comment=VIDIG list=loopback
add address=108.166.56.0/22 comment=VIDIG list=loopback
add address=201.73.169.55 list=loopback
add address=85.159.237.0/24 comment=CloudZilla list=loopback
add address=37.59.0.0/18 comment=CloudZilla list=loopback
add address=46.166.184.0/21 comment=CloudZilla list=loopback
/ip firewall connection tracking
set tcp-established-timeout=30m
/ip firewall filter
add action=drop chain=forward connection-state=invalid,new disabled=yes
add chain=forward connection-state=established disabled=yes
add chain=forward connection-state=new disabled=yes
add chain=forward connection-state=related disabled=yes
/ip firewall mangle
add chain=prerouting dst-address=192.168.250.0/24
add chain=prerouting dst-address=192.168.251.0/24
add chain=prerouting comment="Sem Balance" disabled=yes dst-address-list=\
loopback in-interface=Local
add action=mark-connection chain=input in-interface=ISP1 new-connection-mark=\
Link1_conn
add action=mark-connection chain=input in-interface=ISP2 new-connection-mark=\
Link2_conn
add action=mark-routing chain=output connection-mark=Link1_conn \
new-routing-mark=to_Link1
add action=mark-routing chain=output connection-mark=Link2_conn \
new-routing-mark=to_Link2
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=Local new-connection-mark=Link1_conn \
per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting dst-address-type=!local \
in-interface=Local new-connection-mark=Link2_conn \
per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=Link1_conn \
new-routing-mark=to_Link1
add action=mark-routing chain=prerouting connection-mark=Link2_conn \
new-routing-mark=to_Link2
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ISP1
add action=masquerade chain=srcnat out-interface=ISP2
add action=masquerade chain=srcnat comment="### MASQUERADE ###"
/ip route
add check-gateway=ping comment=LINK1 distance=1 gateway=192.168.250.1 \
routing-mark=to_Link1
add check-gateway=ping comment=LINK2 distance=1 gateway=192.168.251.1 \
routing-mark=to_Link2
add check-gateway=ping comment=LINK1 distance=1 gateway=192.168.250.1
add check-gateway=ping comment=LINK2 distance=2 gateway=192.168.251.1
/ip route
add check-gateway=ping comment=LINK1 distance=1 gateway=192.168.250.1 \
routing-mark=to_Link1
add check-gateway=ping comment=LINK2 distance=1 gateway=192.168.251.1 \
routing-mark=to_Link2
add check-gateway=ping comment=LINK1 distance=1 gateway=192.168.250.1
add check-gateway=ping comment=LINK2 distance=2 gateway=192.168.251.1