+ Responder ao Tópico



  1. Citação Postado originalmente por tiagomatias Ver Post
    Estranho amigo, pq tenho dois loadbalaced desse grande, com 7 links, mais de 3 mil clientes, e só tive problema com banco do bradesco, e não vi nenhum outro relato aqui no forum de outri site de banco q n seja esse q eu disse.
    amigo, mudei as minhas regras, que era de acordo com o wiki da mikrotik, mas não rodava junto com o hotspot para usar igual as do m4d3, com a difereça que adptei para 2 links, vou postar abaixo meu ,firewall mangle,nat, route ,ip address, para que vocês possa olhar e ver o que tem de errado ..

    Código :
    /ip address
    add address=172.16.0.254/24 broadcast=172.16.0.255 comment="Rede Local - Clientes Prefeitura" disabled=no interface="Rede Local" network=\
        172.16.0.0
    add address=189.80.16.82/29 broadcast=189.80.16.87 comment="Ip Link 256" disabled=no interface="Oi UP 256" network=189.80.16.80
    add address=189.80.219.82/29 broadcast=189.80.219.87 comment="Ip Link 512" disabled=no interface="Oi UP 512" network=189.80.219.80
    add address=10.10.10.1/24 broadcast=10.10.10.255 comment="Rede Local - Clientes Rua" disabled=no interface="Rede Local" network=10.10.10.0

    Código :
    /ip firewall mangle
    add action=mark-connection chain=forward comment="" disabled=no new-connection-mark=conexao-p2p p2p=all-p2p passthrough=yes
    add action=mark-packet chain=forward comment="" connection-mark=conexao-p2p disabled=no new-packet-mark=pacotes-p2p passthrough=no
    add action=accept chain=prerouting comment="SEM BALANCE" disabled=no dst-address-list=sem_balance in-interface="Rede Local"
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface="Oi UP 256" new-connection-mark=conn_na \
        passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface="Oi UP 512" new-connection-mark=conn_na \
        passthrough=yes
    add action=mark-routing chain=output comment="" connection-mark=conn_na disabled=no new-routing-mark=to_ra passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_nb disabled=no new-routing-mark=to_rb passthrough=no
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface="Rede Local" new-connection-mark=conn_ma0 \
        passthrough=yes per-connection-classifier=both-addresses:2/0
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface="Rede Local" new-connection-mark=conn_mb1 \
        passthrough=yes per-connection-classifier=both-addresses:2/1
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_ma0 disabled=no in-interface="Rede Local" new-routing-mark=to_nra \
        passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_mb1 disabled=no in-interface="Rede Local" new-routing-mark=to_nrb \
        passthrough=no

    Código :
    /ip firewall nat
    add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
    add action=masquerade chain=srcnat comment="masquerade hotspot network" disabled=no src-address=10.10.10.0/24
    add action=redirect chain=dstnat comment="Redirecionar para Proxy" disabled=yes dst-address-list=sem_proxy dst-port=80 protocol=tcp to-ports=8080
    add action=masquerade chain=srcnat comment="MASCARAMENTO PCC" disabled=no out-interface="Oi UP 512"
    add action=masquerade chain=srcnat comment="" disabled=no out-interface="Oi UP 256"
    add action=masquerade chain=srcnat comment="" disabled=no

    Código :
    /ip route
    add comment="" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=189.80.219.81 scope=30 target-scope=10
    add comment="" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=189.80.16.81 scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=189.80.219.81 routing-mark=to_nra scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=189.80.16.81 routing-mark=to_nrb scope=30 target-scope=10

  2. Parabéns Paulo.


    [quote=paulojrandrade;437082]
    Citação Postado originalmente por m4d3 Ver Post
    PCC LOADBALANCE - 3 LINKS SIMÉTRICOS (TESTADO DE 2 ATÉ 16 LINKS)
    MKV: 3.x
    MKR: 3.28

    EthLinkA = Interface do primeiro link
    EthLinkB = Interface do segundo link
    EthLinkC = Interface do terceiro link
    EthClientes = Interface dos clientes
    #################################

    Instalado e rodando até agora 1000%.
    Obrigado Luciano e Andre Prinou !!!!





  3. poste seu nat

    Citação Postado originalmente por marsilba Ver Post
    Conforme falei somente um link fica lá em cima, o outro fica no zero quase o tempo todo.Alguém pode ajudar?

    http://www.newnetinternet.com.br/site/foto01.jpg

    As conecções parecem estar sendo marcadas corretamente, mas o link 2 não "sobe"

    http://newnetinternet.com.br/site/foto02.jpg

    Ajuda aí gente.

  4. Amigo exclusivenet, faça as modificções do seu PCC para igual a este que vou postar a vc abaixo.

    Código :
    /ip firewall mangle
    add action=mark-connection chain=input comment="Mark new inbound connection wan1" connection-state=new disabled=no in-interface=wan1-pppoe new-connection-mark=wan1 \
        passthrough=yes
    add action=mark-connection chain=input comment="Mark new inbound connection wan2" connection-state=new disabled=no in-interface=wan2-pppoe new-connection-mark=wan2 \
        passthrough=yes
    add action=mark-connection chain=input comment="Mark new inbound connection wan3" connection-state=new disabled=no in-interface=wan3-pppoe new-connection-mark=wan3 \
        passthrough=yes
    add action=mark-connection chain=prerouting comment="Mark established inbound connection wan1" connection-state=established disabled=no in-interface=wan1-pppoe \
        new-connection-mark=wan1 passthrough=yes
    add action=mark-connection chain=prerouting comment="Mark established inbound connection wan2" connection-state=established disabled=no in-interface=wan2-pppoe \
        new-connection-mark=wan2 passthrough=yes
    add action=mark-connection chain=prerouting comment="Mark established inbound connection wan3" connection-state=established disabled=no in-interface=wan3-pppoe \
        new-connection-mark=wan3 passthrough=yes
    add action=mark-connection chain=prerouting comment="Mark related inbound connection wan1" connection-state=related disabled=no in-interface=wan1-pppoe \
        new-connection-mark=wan2 passthrough=yes
    add action=mark-connection chain=prerouting comment="Mark related inbound connection wan2" connection-state=related disabled=no in-interface=wan2-pppoe \
        new-connection-mark=wan2 passthrough=yes
    add action=mark-connection chain=prerouting comment="Mark related inbound connection wan3" connection-state=related disabled=no in-interface=wan3-pppoe \
        new-connection-mark=wan3 passthrough=yes
    add action=mark-routing chain=output comment="Mark new inbound route wan1" connection-mark=wan1 disabled=no new-routing-mark=wan1 passthrough=no
    add action=mark-routing chain=output comment="Mark new inbound route wan2" connection-mark=wan2 disabled=no new-routing-mark=wan2 passthrough=no
    add action=mark-routing chain=output comment="Mark new inbound route wan3" connection-mark=wan3 disabled=no new-routing-mark=wan3 passthrough=no
    add action=mark-connection chain=prerouting comment="Mark traffic that isn't local with PCC mark rand (3 possibilities) - option 1" connection-state=new disabled=no \
        dst-address-type=!local in-interface=hotspot-bridge new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/0
    add action=mark-connection chain=prerouting comment="Mark traffic that isn't local with PCC mark rand (3 possibilities) - option 2" connection-state=new disabled=no \
        dst-address-type=!local in-interface=hotspot-bridge new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/1
    add action=mark-connection chain=prerouting comment="Mark traffic that isn't local with PCC mark rand (3 possibilities) - option 3" connection-state=new disabled=no \
        dst-address-type=!local in-interface=hotspot-bridge new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/2
    add action=mark-connection chain=prerouting comment="Mark established traffic that isn't local with PCC mark rand (3 possibilities) - option 1" connection-state=\
        established disabled=no dst-address-type=!local in-interface=hotspot-bridge new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=\
        both-addresses:3/0
    add action=mark-connection chain=prerouting comment="Mark established traffic that isn't local with PCC mark rand (3 possibilities) - option 2" connection-state=\
        established disabled=no dst-address-type=!local in-interface=hotspot-bridge new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=\
        both-addresses:3/1
    add action=mark-connection chain=prerouting comment="Mark established traffic that isn't local with PCC mark rand (3 possibilities) - option 3" connection-state=\
        established disabled=no dst-address-type=!local in-interface=hotspot-bridge new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=\
        both-addresses:3/2
    add action=mark-connection chain=prerouting comment="Mark related traffic that isn't local with PCC mark rand (3 possibilities) - option 1" connection-state=related \
        disabled=no dst-address-type=!local in-interface=hotspot-bridge new-connection-mark=wan1_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/0
    add action=mark-connection chain=prerouting comment="Mark related traffic that isn't local with PCC mark rand (3 possibilities) - option 2" connection-state=related \
        disabled=no dst-address-type=!local in-interface=hotspot-bridge new-connection-mark=wan2_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/1
    add action=mark-connection chain=prerouting comment="Mark related traffic that isn't local with PCC mark rand (3 possibilities) - option 3" connection-state=related \
        disabled=no dst-address-type=!local in-interface=hotspot-bridge new-connection-mark=wan3_pcc_conn passthrough=yes per-connection-classifier=both-addresses:3/2
    add action=mark-routing chain=prerouting comment="Mark routing for  PCC mark - option 1" connection-mark=wan1_pcc_conn disabled=no new-routing-mark=wan1 passthrough=\
        yes
    add action=mark-routing chain=prerouting comment="Mark routing for  PCC mark - option 2" connection-mark=wan2_pcc_conn disabled=no new-routing-mark=wan2 passthrough=\
        yes
    add action=mark-routing chain=prerouting comment="Mark routing for  PCC mark - option 3" connection-mark=wan3_pcc_conn disabled=no new-routing-mark=wan3 passthrough=\
        yes
    Última edição por tiagomatias; 25-09-2009 às 16:28.



  5. Segue aí pessoal

    /ip firewall mangle
    add action=accept chain=prerouting comment="SEM BALANCE" disabled=no \
    dst-address-list=sem_balance in-interface=EthClientes
    add action=mark-connection chain=input comment="" connection-state=new \
    disabled=no in-interface=EthLinkA new-connection-mark=conn_na \
    passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new \
    disabled=no in-interface=EthLinkB new-connection-mark=conn_nb \
    passthrough=yes
    add action=mark-routing chain=output comment="" connection-mark=conn_na \
    disabled=no new-routing-mark=to_ra passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_nb \
    disabled=no new-routing-mark=to_rb passthrough=no
    add action=mark-connection chain=prerouting comment="" disabled=no \
    dst-address-type=!local in-interface=EthClientes new-connection-mark=\
    conn_ma0 passthrough=yes per-connection-classifier=both-addresses:2/0
    add action=mark-connection chain=prerouting comment="" disabled=no \
    dst-address-type=!local in-interface=EthClientes new-connection-mark=\
    conn_mb1 passthrough=yes per-connection-classifier=both-addresses:2/1
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_ma0 \
    disabled=no in-interface=EthClientes new-routing-mark=to_nra passthrough=\
    no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_mb1 \
    disabled=no in-interface=EthClientes new-routing-mark=to_nrb passthrough=\
    no

    /ip firewall nat
    add action=accept chain=srcnat comment="MASCARAMENTO PCC" disabled=no \
    out-interface=EthLinkA
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
    EthLinkB
    add action=masquerade chain=srcnat comment="MASCARAMENTO PCC" disabled=no \
    src-address=10.1.1.0/24

    /ip route
    add comment="" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=EthLinkA
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=EthLinkA \
    routing-mark=to_nra
    add comment="" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=EthLinkB
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=EthLinkB \
    routing-mark=to_nrb

    /ip address
    add address=10.1.1.1/24 broadcast=10.1.1.255 comment="" disabled=no \
    interface=EthClientes network=10.1.1.0


    A propósito estou utilizando uma rb450g somente para balanceamento. Minha máquina que faz o controle de mac, banda, proxy etc está com ip 10.1.1.5 Ajuda aí pessoal. Não canso de falar isso.






Tópicos Similares

  1. Respostas: 12
    Último Post: 15-05-2015, 17:14
  2. Respostas: 6
    Último Post: 08-03-2015, 02:04
  3. Respostas: 2
    Último Post: 18-06-2014, 16:27
  4. Respostas: 273
    Último Post: 20-09-2012, 10:39
  5. duvida sobre link dedicado por balance de operadora
    Por boneco no fórum Servidores de Rede
    Respostas: 13
    Último Post: 05-05-2011, 18:07

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L