+ Responder ao Tópico



  1. #1

    Lightbulb PCC LOADBALANCE COM 8 LINKS SIMÉTRICOS

    TENHO 8 MODENS PRECISO FAZER O LOADBALANCE COM ESSES LINKS,
    HÁ UM TUTORIAL NO FÓRUM COMO FAZER COM ATÉ 16 LINKS,
    SÓ QUE NO TUTORIAL MOSTRA COM 3 LINKS.
    MONTEI AS REGRAS COM OS 8 MODENS GOSTARIA QUE ME DIGAM SE ESTA CORRETA ESSAS REGRAS..
    DESDE JÁ AGRADEÇO..

    VERSAO 3.X
    EthLinkA = Interface do primeiro link
    EthLinkB = Interface do segundo link
    EthLinkC = Interface do terceiro link
    EthLinkD = Interface do quarto link
    EthLinkE = Interface do quinto link
    EthLinkF = Interface do sexto link
    EthLinkG = Interface do setimo link
    EthLinkH = Interface do oitavo link


    EthClientes = Interface dos clientes

    Quando em modo roteado:
    10.1.10.129 = Ip do modem A
    10.1.10.161 = Ip do modem B
    10.1.10.193 = Ip do modem C
    10.1.10.171 = Ip do modem D
    10.1.10.182 = Ip do modem E
    10.1.10.131 = Ip do modem F
    10.1.10.141 = Ip do modem G
    10.1.10.151 = Ip do modem H


    Endereços das interfaces no Mikrotik ROS
    10.1.10.130/27 = Ip da interface EthLinkA
    10.1.10.162/27 = Ip da interface EthLinkB
    10.1.10.194/27 = Ip da interface EthLinkC
    10.1.10.172/27 = Ip da interface EthLinkD
    10.1.10.183/27 = Ip da interface EthLinkE
    10.1.10.132/27 = Ip da interface EthLinkF
    10.1.10.142/27 = Ip da interface EthLinkG
    10.1.10.152/27 = Ip da interface EthLinkH


    =========

    Vamos as regras e explanações sobre o sistema PCC

    Em mangle
    add action=accept chain=prerouting comment="SEM BALANCE" disabled=no dst-address-list=sem_balance in-interface=EthClientes
    esta primera regra aceita as conexões para todos os ips de destino que se encontrarem na lista 'sem_balance' que irão sair pela rota padrão

    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkA new-connection-mark=conn_na passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkB new-connection-mark=conn_nb passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkC new-connection-mark=conn_nc passthrough=yes

    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkD new-connection-mark=conn_na passthrough=yes

    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkE new-connection-mark=conn_na passthrough=yes

    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkF new-connection-mark=conn_na passthrough=yes

    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkG new-connection-mark=conn_na passthrough=yes

    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkH new-connection-mark=conn_na passthrough=yes

    cria as marcas (conn_na, conn_nb, conn_nc) para novas conexões em cada uma das interfaces (EthLinkA, EthLinkB, EthLinkC)

    add action=mark-routing chain=output comment="" connection-mark=conn_na disabled=no new-routing-mark=to_ra passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_nb disabled=no new-routing-mark=to_rb passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_nc disabled=no new-routing-mark=to_rc passthrough=no
    utiliza as marcações (conn_na, conn_nb, conn_nc) para criar as marcações das respectivas rotas (to_ra, to_rb, to_rc)

    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_ma0 passthrough=yes per-connection-classifier=both-addresses:8/0
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_mb1 passthrough=yes per-connection-classifier=both-addresses:8/1
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_mc2 passthrough=yes per-connection-classifier=both-addresses:8/2

    agora utilizando os classificadores (0,1,2 e portanto são 3) na interface de clientes criamos novas marcas de conexão (conn_ma0, conn_mb1, conn_mc2), notem que se tivessemos 4 links seria aquie que fariamos as alterações para (0,1,2,3 e portanto são 4) ficando 4/0, 4/1, 4/2, 4/3 ou ainda se tivessemos links assimétricos onde por exemplo:

    LinkX de 512k
    LinkY de 1024k
    LinkZ de 2048k

    somariamos todos os links e dividiriamos pelo valor do menor link então teriamos 3584k/512k=7 então teriamos 7 marcações de pcc indo de 7/0 até 7/6 das quais devemos direcionar a primeira pro link X, a segunda e terceira pro link Y e as quatro restantes para o link Z fazendo nosso sistema perfeitamente equilibrado, vale resaltar que sistemas do tipo ADSL não garantem a banda e portanto devemos fazer testes em cada um dos links para aferir as velocidades possíveis em cada um, já vi muitos casos onde um link desse tipo de 2Mb era melhor do que o de 4Mb da mesma operadora instalada no mesmo local, também se deve criar as marcações para input e output.

    add action=mark-routing chain=prerouting comment="" connection-mark=conn_ma0 disabled=no in-interface=EthClientes new-routing-mark=to_nra passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_mb1 disabled=no in-interface=EthClientes new-routing-mark=to_nrb passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_mc2 disabled=no in-interface=EthClientes new-routing-mark=to_nrc passthrough=no
    utilizando das novas marcações (conn_ma0, conn_mb1, conn_mc2) criamos uma nova marcação de rota na interface de clientes como (to_nra, to_nrb, to_nrc)

    ============================== ============================== ==========

    Em nat
    add action=masquerade chain=srcnat comment="MASCARAMENTO PCC" disabled=no out-interface=EthLinkA
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkB
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkC
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkD
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkE
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkF
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkG
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkH

    vale resaltar que o mascaramento pode ser feito de várias formas, indicando por exempo o ip da interface em src-nat, pela range de ips dos clientes e pela interface do link como acima.

    ========

    Em rotas
    add comment="" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=10.1.10.129 scope=30 target-scope=10
    add comment="" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=10.1.10.161 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.10.193 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.10.171 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.10.182 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.10.131 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.10.141 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.10.151 scope=30 target-scope=10

    definimos 3 rotas padrão sendo que cada uma tem um custo diferente e portanto a primeira terá a preferencia, caso venha a faltar a segunda assume, em seguida a terceira

    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.10.129 routing-mark=to_nra scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.10.161 routing-mark=to_nrc scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.10.193 routing-mark=to_nrb scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.10.171 routing-mark=to_nrb scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.10.182 routing-mark=to_nrb scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.10.131 routing-mark=to_nrb scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.10.141 routing-mark=to_nrb scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.10.151 routing-mark=to_nrb scope=30 target-scope=10
    em seguida todas as 3 rotas que utilizam marca de rotas (to_nra, to_nrb, to_nrc) dividem a carga que foi previamente marcada pelo mangle

    ==============

    Ainda é possível fazer com que o próprio Mikrotik ROS disque as conexões do tipo ADSL aumentando a eficiência do sistema (MODENS EM BRIDGE), sendo que neste caso é recomendado fazer o mascaramento por range de ips e não por interface e a indicação dos gateways por interface e não por ip, no caso de links dedicados é recomendável fazer a indicação do ip do gateway e não da interface.

    Em nat
    add action=masquerade chain=srcnat src-address=10.0.0.0/24 comment="MASCARAMENTO PCC" disabled=no

    Em rotas
    add comment="" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=EthLinkA scope=30 target-scope=10
    add comment="" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=EthLinkB scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=EthLinkC scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=EthLinkA routing-mark=to_nra
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=EthLinkB routing-mark=to_nrb
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=EthLinkC routing-mark=to_nrc

  2. #2

    Padrão Re: PCC LOADBALANCE COM 8 LINKS SIMÉTRICOS

    Citação Postado originalmente por adrianocurvelo Ver Post
    TENHO 8 MODENS PRECISO FAZER O LOADBALANCE COM ESSES LINKS,
    HÁ UM TUTORIAL NO FÓRUM COMO FAZER COM ATÉ 16 LINKS,
    SÓ QUE NO TUTORIAL MOSTRA COM 3 LINKS.
    MONTEI AS REGRAS COM OS 8 MODENS GOSTARIA QUE ME DIGAM SE ESTA CORRETA ESSAS REGRAS..
    DESDE JÁ AGRADEÇO..

    VERSAO 3.X
    EthLinkA = Interface do primeiro link
    EthLinkB = Interface do segundo link
    EthLinkC = Interface do terceiro link
    EthLinkD = Interface do quarto link
    EthLinkE = Interface do quinto link
    EthLinkF = Interface do sexto link
    EthLinkG = Interface do setimo link
    EthLinkH = Interface do oitavo link


    EthClientes = Interface dos clientes

    Quando em modo roteado:
    em bridge fica melhor!

    10.1.1.1/30 = Ip do modem A
    10.1.2.1/30 = Ip do modem B
    10.1.3.1/30 = Ip do modem C
    10.1.4.1/30 = Ip do modem D
    10.1.5.1/30 = Ip do modem E
    10.1.6.1/30 = Ip do modem F
    10.1.7.1/30 = Ip do modem G
    10.1.8.1/30 = Ip do modem H


    Endereços das interfaces no Mikrotik ROS
    10.1.1.2/30 = Ip da interface EthLinkA
    10.1.2.2/30 = Ip da interface EthLinkB
    10.1.3.2/30 = Ip da interface EthLinkC
    10.1.4.2/30 = Ip da interface EthLinkD
    10.1.5.2/30 = Ip da interface EthLinkE
    10.1.6.2/30 = Ip da interface EthLinkF
    10.1.7.2/30 = Ip da interface EthLinkG
    10.1.8.2/30 = Ip da interface EthLinkH


    =========

    Vamos as regras e explanações sobre o sistema PCC

    Em mangle
    add action=accept chain=prerouting comment="SEM BALANCE" disabled=no dst-address-list=sem_balance in-interface=EthClientes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkA new-connection-mark=conn_na passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkB new-connection-mark=conn_nb passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkC new-connection-mark=conn_nc passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkD new-connection-mark=conn_nd passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkE new-connection-mark=conn_ne passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkF new-connection-mark=conn_nf passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkG new-connection-mark=conn_ng passthrough=yes
    add action=mark-connection chain=input comment="" connection-state=new disabled=no in-interface=EthLinkH new-connection-mark=conn_nh passthrough=yes

    add action=mark-routing chain=output comment="" connection-mark=conn_na disabled=no new-routing-mark=to_ra passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_nb disabled=no new-routing-mark=to_rb passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_nc disabled=no new-routing-mark=to_rc passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_nd disabled=no new-routing-mark=to_rd passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_ne disabled=no new-routing-mark=to_re passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_nf disabled=no new-routing-mark=to_rf passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_ng disabled=no new-routing-mark=to_rg passthrough=no
    add action=mark-routing chain=output comment="" connection-mark=conn_nh disabled=no new-routing-mark=to_rh passthrough=no

    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_ma0 passthrough=yes per-connection-classifier=both-addresses-and-ports:8/0
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_mb1 passthrough=yes per-connection-classifier=both-addresses-and-ports:8/1
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_mc2 passthrough=yes per-connection-classifier=both-addresses-and-ports:8/2
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_md3 passthrough=yes per-connection-classifier=both-addresses-and-ports:8/3
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_me4 passthrough=yes per-connection-classifier=both-addresses-and-ports:8/4
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_mf5 passthrough=yes per-connection-classifier=both-addresses-and-ports:8/5
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_mg6 passthrough=yes per-connection-classifier=both-addresses-and-ports:8/6
    add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local in-interface=EthClientes new-connection-mark=conn_mh7 passthrough=yes per-connection-classifier=both-addresses-and-ports:8/7

    add action=mark-routing chain=prerouting comment="" connection-mark=conn_ma0 disabled=no in-interface=EthClientes new-routing-mark=to_nra passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_mb1 disabled=no in-interface=EthClientes new-routing-mark=to_nrb passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_mc2 disabled=no in-interface=EthClientes new-routing-mark=to_nrc passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_md3 disabled=no in-interface=EthClientes new-routing-mark=to_nrd passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_me4 disabled=no in-interface=EthClientes new-routing-mark=to_nre passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_mf5 disabled=no in-interface=EthClientes new-routing-mark=to_nrf passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_mg6 disabled=no in-interface=EthClientes new-routing-mark=to_nrg passthrough=no
    add action=mark-routing chain=prerouting comment="" connection-mark=conn_mh7 disabled=no in-interface=EthClientes new-routing-mark=to_nrh passthrough=no

    Em nat
    add action=masquerade chain=srcnat comment="MASCARAMENTO PCC" disabled=no out-interface=EthLinkA
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkB
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkC
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkD
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkE
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkF
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkG
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=EthLinkH

    Em rotas
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.1.1 scope=30 target-scope=10
    add comment="" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=10.1.2.1 scope=30 target-scope=10
    add comment="" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=10.1.3.1 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.4.1 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.5.1 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.6.1 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.7.1 scope=30 target-scope=10
    add comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=10.1.8.1 scope=30 target-scope=10

    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.1.1 routing-mark=to_nra scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.2.1 routing-mark=to_nrb scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.3.1 routing-mark=to_nrc scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.4.1 routing-mark=to_nrd scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.5.1 routing-mark=to_nre scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.6.1 routing-mark=to_nrf scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.7.1 routing-mark=to_nrg scope=30 target-scope=10
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.8.1 routing-mark=to_nrh scope=30 target-scope=10
    Ta errado cara, segue a lógica da coisa, se vc tem 8 links de pesos iguais.
    Segue as correções, ve se consegue visualizar a lógica.
    Última edição por Geeek; 14-02-2011 às 12:31.



  3. #3

    Padrão Re: PCC LOADBALANCE COM 8 LINKS SIMÉTRICOS

    Citação Postado originalmente por Geeek Ver Post
    Ta errado cara, segue a lógica da coisa, se vc tem 8 links de pesos iguais.
    Segue as correções, ve se consegue visualizar a lógica.
    vlw pela correção...
    e quanto a configuração em bridge como ficaria as regras?
    obrigado

  4. #4

    Padrão Re: PCC LOADBALANCE COM 8 LINKS SIMÉTRICOS

    Amigo a parte de marcação é igual o que muda e nas rotas aonde vc tera que colocar o nome do ppoe que esta e na nat tb ao invez de out-interface=EthLinkH vc coloca out-interface=pppoe-out1

    vou colocar um exmplo de rota tb

    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    pppoe-out1 routing-mark=to_nra scope=30 target-scope=10


    Se gostou estrela se nao fazer o que kkkkk , vai devagar que vc consegue basta fazer isso e nada mais , claro ele esta dando exmplo de 8 links caso vc tenha menos basta diminuir as marcações , rotas nat etc



  5. #5

    Padrão Re: PCC LOADBALANCE COM 8 LINKS SIMÉTRICOS

    Sim amigo eu tenho 8 link com essa configuração..
    apliquei as regras,mas nao consegui fazer funcionar no modo roteado.
    agradeço a ajuda de todos , pois sou iniciante e nao tenho experiencia no sistema..
    Obrigado a todos aqueles que dedicam seu tempo para ajudar quem precisa.
    Se puder me ajudar com essa configuração ficarei grato.

  6. #6

    Padrão Re: PCC LOADBALANCE COM 8 LINKS SIMÉTRICOS

    amigo caso vc ainda nao conseguiu fazer leia esse post
    https://under-linux.org/f227/program...49/#post558016
    com ele vc tera uma ideia com ficar a configuração e modifica conforme a sua necessidade



  7. #7

    Padrão Re: PCC LOADBALANCE COM 8 LINKS SIMÉTRICOS

    Amigo, este links sao da mesma operadora? todos modens estao roteador e mandam DHCP na mesma range?

  8. #8

    Padrão Re: PCC LOADBALANCE COM 8 LINKS SIMÉTRICOS

    Amigos,
    aproveitando inside do amigo do topico, coloco uma regra de pcc para 4 links que pretendo utilizar numa rb750 que faz o ppoe das adsls com um link 2mega dedicado . esta rb tera a saida LAn para um server cache que passara para outro server Mk responsavel pelo dhcp, controle de banda com saidas em bridge para as rbs, ptp..

    A duvida seria, tenho duas regras de distribuicao de conexoes, qual delas devo eliminar? por favor se encontrarem alguma coisa errada falem!! Agradeco a atencao de todos!



    ;;; SEM BALANCE
    chain=prerouting action=accept dst-address-list=sem_balance in-interface=REDE LAN


    ;;; Marca conex o do link1
    chain=input action=mark-connection new-connection-mark=conn_na passthrough=yes connection-state=new in-interface=LINK 2M


    ;;; Marca Conex o do link2
    chain=input action=mark-connection new-connection-mark=conn_nb passthrough=yes connection-state=new in-interface=Link2 10M


    ;;; Marca Conex o do link3
    chain=input action=mark-connection new-connection-mark=conn_nc passthrough=yes connection-state=new in-interface=Link3 15M


    ;;; Marca Conex o do link4
    chain=input action=mark-connection new-connection-mark=conn_nd passthrough=yes connection-state=new in-interface=Link4 15M


    ;;; Load Balance Proxy A
    chain=output action=mark-connection new-connection-mark=conn_na passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/0


    ;;; Load Balance Proxy B
    chain=output action=mark-connection new-connection-mark=conn_nb passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/1


    ;;; Load Balance Proxy C
    chain=output action=mark-connection new-connection-mark=conn_nb passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/2


    ;;; Load Balance Proxy D
    chain=output action=mark-connection new-connection-mark=conn_nb passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/3


    ;;; Load Balance Proxy E
    chain=output action=mark-connection new-connection-mark=conn_nc passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/4


    ;;; Load Balance Proxy F
    chain=output action=mark-connection new-connection-mark=conn_nc passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/5


    ;;; Load Balance Proxy G
    chain=output action=mark-connection new-connection-mark=conn_nc passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/6


    ;;; Load Balance Proxy H
    chain=output action=mark-connection new-connection-mark=conn_nc passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/7


    ;;; Load Balance Proxy I
    chain=output action=mark-connection new-connection-mark=conn_nd passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/8


    ;;; Load Balance Proxy J
    chain=output action=mark-connection new-connection-mark=conn_nd passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/9


    ;;; Load Balance Proxy K
    chain=output action=mark-connection new-connection-mark=conn_nd passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/10


    ;;; Load Balance Proxy L
    chain=output action=mark-connection new-connection-mark=conn_nd passthrough=yes connection-state=new dst-address=!192.168.30.0/24
    per-connection-classifier=both-addresses:12/11


    ;;; Rota da conexao A
    chain=output action=mark-routing new-routing-mark=to_ra passthrough=no connection-mark=conn_na


    ;;; Rota da conexao B
    chain=output action=mark-routing new-routing-mark=to_rb passthrough=no connection-mark=conn_nb


    ;;; Rota da conexao C
    chain=output action=mark-routing new-routing-mark=to_rc passthrough=no connection-mark=conn_nc


    ;;; Rota da conexao d
    chain=output action=mark-routing new-routing-mark=to_rd passthrough=no connection-mark=conn_nd


    ;;; Classifica o da rota A
    chain=prerouting action=mark-connection new-connection-mark=conn_ma0 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/0


    ;;; Classifica o da rota B
    chain=prerouting action=mark-connection new-connection-mark=conn_mb1 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/1


    ;;; Classifica o da rota C
    chain=prerouting action=mark-connection new-connection-mark=conn_mb1 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/2


    ;;; Classifica o da rota D
    chain=prerouting action=mark-connection new-connection-mark=conn_mb1 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/3


    ;;; Classificador da Rota E
    chain=prerouting action=mark-connection new-connection-mark=conn_mc2 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/4


    ;;; Classificador da Rota F
    chain=prerouting action=mark-connection new-connection-mark=conn_mc2 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/5


    ;;; Classificador da Rota G
    chain=prerouting action=mark-connection new-connection-mark=conn_mc2 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/6


    ;;; Classificador da Rota H
    chain=prerouting action=mark-connection new-connection-mark=conn_mc2 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/7


    ;;; Classificador da Rota I
    chain=prerouting action=mark-connection new-connection-mark=conn_md3 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/8


    ;;; Classificador da Rota J
    chain=prerouting action=mark-connection new-connection-mark=conn_md3 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/9


    ;;; Classificador da Rota K
    chain=prerouting action=mark-connection new-connection-mark=conn_md3 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/10


    ;;; Classificador da Rota L
    chain=prerouting action=mark-connection new-connection-mark=conn_md3 passthrough=yes dst-address-type=!local in-interface=REDE LAN
    per-connection-classifier=both-addresses:12/11


    ;;; Rota de saida 1
    chain=prerouting action=mark-routing new-routing-mark=to_nra passthrough=yes in-interface=REDE LAN connection-mark=conn_ma0


    ;;; Rota de saida 2
    chain=prerouting action=mark-routing new-routing-mark=to_nrb passthrough=yes in-interface=REDE LAN connection-mark=conn_mb1


    ;;; Rota de saida 3
    chain=prerouting action=mark-routing new-routing-mark=to_nrc passthrough=yes in-interface=REDE LAN connection-mark=conn_mc2


    ;;; Rota de saida 4
    chain=prerouting action=mark-routing new-routing-mark=to_nrd passthrough=yes in-interface=REDE LAN connection-mark=conn_md3