Página 1 de 2 12 ÚltimoÚltimo
+ Responder ao Tópico



  1. PessoALL,

    Tenho dois Links, Dinamico X Fixo

    Os dois são Roteados da mesma Empresa, um estou usando um ROTEADOR para mudar os GW, com isso ter dois GW diferentes.

    Então estou tentando configurar minha rede dessa forma:

    /ip firewall mangle
    add chain=prerouting in-interface=GANTZM1 connection-state=new nth=1,1,0 action=mark-connection new-connection-mark=con110 passthrough=yes comment="BALANCEAMENTO DE ROTAS"
    add chain=prerouting in-interface=GANTZM1 connection-mark=con110 action=mark-routing new-routing-mark=con110 passthrough=no
    add chain=prerouting in-interface=GANTZM2 connection-state=new nth=1,1,1 action=mark-connection new-connection-mark=con111 passthrough=yes
    add chain=prerouting in-interface=GANTZM2 connection-mark=con111 action=mark-routing new-routing-mark=con111 passthrough=no

    /ip firewall nat
    add chain=srcnat routing-mark=con110 action=src-nat to-addresses=LINK1 disabled=no comment="NAT PARA BALANCEAMENTO"
    add chain=srcnat routing-mark=con111 action=src-nat to-addresses=LINK2 disabled=no

    /ip route
    add dst-address=0.0.0.0/0 gateway=189.1.10.1 check-gateway=arp interface=LINK1 gateway-state=reachable scope=255 target-scope=10 routing-mark=con110
    add dst-address=0.0.0.0/0 gateway=192.168.10.1 check-gateway=arp interface=LINK2 gateway-state=reachable scope=255 target-scope=10 routing-mark=con111


    Ainda muito novato, estou tentando fazer por minha conta através de leituras aqui no nosso fórum.

    Agradeço a todos.

  2. Segue as regras com algumas alterações.. testa ai e posta o resultado pra gente:

    /ip firewall mangle
    add chain=prerouting in-interface=Local connection-state=new nth=1,1,0 action=mark-connection new-connection-mark=con110 passthrough=yes comment="BALANCEAMENTO DE ROTAS"
    add chain=prerouting in-interface=Local connection-mark=con110 action=mark-routing new-routing-mark=con110 passthrough=no
    add chain=prerouting in-interface=Local connection-state=new nth=1,1,1 action=mark-connection new-connection-mark=con111 passthrough=yes
    add chain=prerouting in-interface=Local connection-mark=con111 action=mark-routing new-routing-mark=con111 passthrough=no

    /ip firewall nat
    add chain=srcnat connection-mark=con110 action=src-nat to-addresses=189.1.10.1 to-ports=0-65535 disabled=no comment="NAT PARA BALANCEAMENTO"
    add chain=srcnat connection-mark=con111 action=src-nat to-addresses=192.168.10.1 to-ports=0-65535 disabled=no

    /ip route
    add dst-address=0.0.0.0/0 gateway=189.1.10.1 check-gateway=ping scope=255 target-scope=10 routing-mark=con110
    add dst-address=0.0.0.0/0 gateway=192.168.10.1 check-gateway=ping scope=255 target-scope=10 routing-mark=con111
    add dst-address=0.0.0.0/0 gateway=189.1.10.1 check-gateway=ping scope=255 target-scope=10

    Onde Local é a interface onde estao os clientes. Essa ultima rota é para o proprio servidor, conexoes geradas nele proprio, sem essa rota não funciona.

    Espero que resolva seu problema.. qualquer coisa post
    ATT. Gabriel Siena



  3. Olá gsiena, as interfaces GANTZM1 e GANTZM2 são meus cartões onde os clientes se conectam...

    Não seriam elas?

  4. Olá,

    Estou tentando colocar um LB para funcionar na minha rede, tenho dois links de 650k cada:

    Minha Rede:


    Range: 192.168.20.1, Interface GANTZM2 (cartão + antena)
    Range: 192.168.30.1, Interface GANTZM1 (cartão + antena)

    Link1: IP: 192.168.10.105, GW: 192.168.10.1
    Link2: IP: 189.1.10.142, GW: 189.1.10.129

    Meu LB:


    /ip firewall mangle
    add chain=prerouting in-interface=GANTZM1 connection-state=new nth=1,1,0 action=mark-connection new-connection-mark=con110 passthrough=yes comment="BALANCEAMENTO DE ROTAS G1"
    add chain=prerouting in-interface=GANTZM1 connection-mark=con110 action=mark-routing new-routing-mark=con110 passthrough=no
    add chain=prerouting in-interface=GANTZM1 connection-state=new nth=1,1,1 action=mark-connection new-connection-mark=con111 passthrough=yes
    add chain=prerouting in-interface=GANTZM1 connection-mark=con111 action=mark-routing new-routing-mark=con111 passthrough=no

    add chain=prerouting in-interface=GANTZM2 connection-state=new nth=1,2,0 action=mark-connection new-connection-mark=con120 passthrough=yes comment="BALANCEAMENTO DE ROTAS G2"
    add chain=prerouting in-interface=GANTZM2 connection-mark=con120 action=mark-routing new-routing-mark=con120 passthrough=no
    add chain=prerouting in-interface=GANTZM2 connection-state=new nth=1,2,1 action=mark-connection new-connection-mark=con121 passthrough=yes
    add chain=prerouting in-interface=GANTZM2 connection-mark=con121 action=mark-routing new-routing-mark=con121 passthrough=no


    /ip firewall nat
    add chain=srcnat connection-mark=con110 action=src-nat to-addresses=192.168.10.105 to-ports=0-65535 disabled=no comment="NAT PARA BALANCEAMENTO"
    add chain=srcnat connection-mark=con111 action=src-nat to-addresses=189.1.10.142 to-ports=0-65535 disabled=no
    add chain=srcnat connection-mark=con120 action=src-nat to-addresses=192.168.10.105 to-ports=0-65535 disabled=no
    add chain=srcnat connection-mark=con121 action=src-nat to-addresses=189.1.10.142 to-ports=0-65535 disabled=no
    add chain=srcnat action=src-nat to-addresses=189.1.10.142 to-ports=0-65535 disabled=no


    /ip route
    add dst-address=0.0.0.0/0 gateway=192.168.10.1 check-gateway=ping scope=255 target-scope=10 routing-mark=con110
    add dst-address=0.0.0.0/0 gateway=189.1.10.129 check-gateway=ping scope=255 target-scope=10 routing-mark=con111
    add dst-address=0.0.0.0/0 gateway=192.168.10.1 check-gateway=ping scope=255 target-scope=10 routing-mark=con120
    add dst-address=0.0.0.0/0 gateway=189.1.10.129 check-gateway=ping scope=255 target-scope=10 routing-mark=con121

    add dst-address=0.0.0.0/0 gateway=189.1.10.129 check-gateway=ping scope=255 target-scope=10 disabled=no



    Nas imagens, aparece um desenquelibriu muito grande nos links, embora o Mangle e o NAT estejam enquilibrados:

    Clique na imagem para uma versão maior

Nome:	         interfaces.JPG
Visualizações:	82
Tamanho: 	29,8 KB
ID:      	1878
    Clique na imagem para uma versão maior

Nome:	         rotas.JPG
Visualizações:	70
Tamanho: 	39,7 KB
ID:      	1879
    Clique na imagem para uma versão maior

Nome:	         nat.JPG
Visualizações:	56
Tamanho: 	14,2 KB
ID:      	1880
    Clique na imagem para uma versão maior

Nome:	         mangle.JPG
Visualizações:	61
Tamanho: 	34,6 KB
ID:      	1881

    Como pode ter há um problema que não consigo identificar por falta mesmo de experiencia, é meu primeiro LB com ajuda do amigo mson77 os quais agradeço muito!

    Abraços!



  5. Ola amigo, eu ainda nao tinha feito um LB com duas ranges, duas interfaces... mas vamos la, tente fazer dessa forma:

    Range: 192.168.20.0, Interface GANTZM2 (cartão + antena)
    Range: 192.168.30.0, Interface GANTZM1 (cartão + antena)

    Link1: IP: 192.168.10.105, GW: 192.168.10.1
    Link2: IP: 189.1.10.142, GW: 189.1.10.129

    Meu LB:


    /ip firewall mangle
    add chain=prerouting in-interface=GANTZM1 connection-state=new nth=1,1,0 action=mark-connection new-connection-mark=con110_r1 passthrough=yes comment="BALANCEAMENTO DE ROTAS G1"
    add chain=prerouting in-interface=GANTZM1 connection-mark=con110_r1 action=mark-routing new-routing-mark=con110_r1 passthrough=no
    add chain=prerouting in-interface=GANTZM1 connection-state=new nth=1,1,1 action=mark-connection new-connection-mark=con111_r1 passthrough=yes
    add chain=prerouting in-interface=GANTZM1 connection-mark=con111_r1 action=mark-routing new-routing-mark=con111_r1 passthrough=no

    add chain=prerouting in-interface=GANTZM2 connection-state=new nth=1,1,0 action=mark-connection new-connection-mark=con110_r2 passthrough=yes comment="BALANCEAMENTO DE ROTAS G2"
    add chain=prerouting in-interface=GANTZM2 connection-mark=con110_r2 action=mark-routing new-routing-mark=con110_r2 passthrough=no
    add chain=prerouting in-interface=GANTZM2 connection-state=new nth=1,1,1 action=mark-connection new-connection-mark=con111_r2 passthrough=yes
    add chain=prerouting in-interface=GANTZM2 connection-mark=con111_r2 action=mark-routing new-routing-mark=con111_r2 passthrough=no


    /ip firewall nat
    add chain=srcnat connection-mark=con110_r1 action=src-nat to-addresses=192.168.10.105 to-ports=0-65535 disabled=no comment="NAT PARA BALANCEAMENTO"
    add chain=srcnat connection-mark=con111_r1 action=src-nat to-addresses=189.1.10.142 to-ports=0-65535 disabled=no
    add chain=srcnat connection-mark=con110_r2 action=src-nat to-addresses=192.168.10.105 to-ports=0-65535 disabled=no
    add chain=srcnat connection-mark=con111_r2 action=src-nat to-addresses=189.1.10.142 to-ports=0-65535 disabled=no

    /ip route
    add dst-address=0.0.0.0/0 gateway=192.168.10.1 check-gateway=ping scope=255 target-scope=10 routing-mark=con110_r1
    add dst-address=0.0.0.0/0 gateway=189.1.10.129 check-gateway=ping scope=255 target-scope=10 routing-mark=con111_r1
    add dst-address=0.0.0.0/0 gateway=192.168.10.1 check-gateway=ping scope=255 target-scope=10 routing-mark=con110_r2
    add dst-address=0.0.0.0/0 gateway=189.1.10.129 check-gateway=ping scope=255 target-scope=10 routing-mark=con111_r2

    add dst-address=0.0.0.0/0 gateway=189.1.10.129 check-gateway=ping scope=255 target-scope=10 disabled=no


    Entendeu? as configurações de NTH devem ser iguais pras duas interfaces, entao definimos o nome das connection-marks como con110_r1, con111_r1, con110_r2 e con111_r2. Esse r1 e r2 quer dizer, rede1 e rede2 ..só abreviei. Teste ai e poste os resultados!
    ATT. Gabriel Siena






Tópicos Similares

  1. Respostas: 2
    Último Post: 04-04-2011, 15:17
  2. Squid. O que tem de errado?
    Por jadirorza no fórum Servidores de Rede
    Respostas: 22
    Último Post: 16-07-2005, 15:21
  3. O que tem de errado???
    Por Futuremax no fórum Servidores de Rede
    Respostas: 3
    Último Post: 19-11-2003, 12:15
  4. O que a de errado nesta regra
    Por ualex no fórum Servidores de Rede
    Respostas: 3
    Último Post: 28-07-2003, 07:44
  5. Respostas: 3
    Último Post: 25-11-2002, 18:22

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L