Página 1 de 3 123 ÚltimoÚltimo
+ Responder ao Tópico



  1. Bom dia tenho um balanceamento rodando no meu servidor, mais notei que agora ele trava constantimente, será por calsa das regras? Segue regras, fico agradecido se derem um feedback sobre elas.

    /ip firewall nat
    add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" disabled=yes
    add action=masquerade chain=srcnat comment="NAT do HotSpot" disabled=no src-address=10.50.0.0/24
    add action=masquerade chain=srcnat comment="NAT range 70" disabled=no src-address=10.70.0.0/24
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=Link1
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=Link2
    /ip firewall mangle
    add action=mark-connection chain=input comment="" disabled=no in-interface=Link1 new-connection-mark=wan1_conn passthrough=yes
    add action=mark-connection chain=input comment="" disabled=no in-interface=Link2 new-connection-mark=wan2_conn passthrough=yes
    add action=mark-routing chain=output comment="" connection-mark=wan1_conn disabled=no new-routing-mark=to_wan1 passthrough=yes
    add action=mark-routing chain=output comment="" connection-mark=wan2_conn disabled=no new-routing-mark=to_wan2 passthrough=yes
    /ip route
    add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_wan1 scope=30 target-scope=10
    add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_wan2 scope=30 target-scope=10
    add check-gateway=ping comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.2.1,192.168.2.1.1,192.168.1.1 scope=30 target-scope=10

    OBS: Está rodando intel 2.4 + 512 + 40gb

  2. Cabra tem algo errado que não esta certo ai (gostou???), se nesse balance vc usa uma maquina ta gastando energia, se quiser usar uma rb750 no lugar te mando o script ja configurado pra ela.

    De preferencia que não seja a 750G e sim a comum ok.



  3. Vamos la, configurando um load balance com PCC, forçando alguns sites saindo por alguns links.
    Estrutura, RB 750G. 5 ETHER Mikrotik versão 4.10
    4 Modem ADSL. Em modo pppoe
    1 Ether Cliente “Link-Gerenciado”
    1 Ether Cliente “Modem adsl 1”

    1 Ether Cliente “Modem adsl 2”
    1 Ether Cliente “Modem adsl 3”
    1 Ether Cliente “Modem adsl 4”

    PPPOE
    1 “Internet1” discando pelo interface Modem adsl 1
    2 “Internet2” discando pelo interface Modem adsl 2
    3 “Internet3” discando pelo interface Modem adsl 3
    4 “Internet4” discando pelo interface Modem adsl 4

    Nas configurações deixe desmarcado Dial On Demand e add defauld Router e User Peer DNS.
    Somente numa interface escolhida por vc deixe marcado User Peer DNS.

    1 Primeira
    /system ntp client
    set enabled=yes mode=unicast primary-ntp=200.192.232.8 secondary-ntp=200.160.0.8

    2 Segunda
    Deixe seu Clock do mk sempre com horario certo.

    3 Terceira Route.




    /ip route
    add check-gateway=ping comment=link1 disabled=no distance=1 dst-address=\
    0.0.0.0/0 gateway=Internet1 routing-mark=to_ether1 scope=30 target-scope=\
    10
    add check-gateway=ping comment=link2 disabled=no distance=1 dst-address=\
    0.0.0.0/0 gateway=Internet2 routing-mark=to_ether2 scope=30 target-scope=\
    10
    add check-gateway=ping comment=link3 disabled=no distance=1 dst-address=\
    0.0.0.0/0 gateway=Internet3 routing-mark=to_ether3 scope=30 target-scope=\
    10
    add check-gateway=ping comment=link4 disabled=no distance=1 dst-address=\
    0.0.0.0/0 gateway=Internet4 routing-mark=to_ether4 scope=30 target-scope=\
    10
    add check-gateway=ping comment=link1 disabled=no distance=1 dst-address=\
    0.0.0.0/0 gateway=Internet1 scope=30 target-scope=10
    add check-gateway=ping comment=link2 disabled=no distance=2 dst-address=\
    0.0.0.0/0 gateway=Internet2 scope=30 target-scope=10
    add check-gateway=ping comment=link3 disabled=no distance=3 dst-address=\
    0.0.0.0/0 gateway=Internet3 scope=30 target-scope=10
    add check-gateway=ping comment=link4 disabled=no distance=4 dst-address=\
    0.0.0.0/0 gateway=Internet4 scope=30 target-scope=10



  4. Agora as configurações de Firewall

    /ip firewall nat
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=Internet1
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=Internet2
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=Internet3
    add action=masquerade chain=srcnat comment="" disabled=no out-interface=Internet4
    add action=masquerade chain=srcnat comment="" disabled=no
    add action=masquerade chain=srcnat comment=Remoto disabled=no

    Dica Redirecionamento para o MK controle.

    /ip firewall nat
    add action=dst-nat chain=dstnat comment="MK Controle" disabled=yes dst-port=8282 protocol=tcp to-addresses=192.168.110.58 to-ports=8291

    o IP 192.168.110.58 e o ip de Saida para o MK Controle, na Interface “Link-Gerenciado”

    Agora vamos a marcação dos links

    /ip firewall mangle

    add action=mark-connection chain=input comment=ether1_conn disabled=no \
    in-interface=Internet1 new-connection-mark=ether1_conn passthrough=yes
    add action=mark-connection chain=input comment=ether2_conn disabled=no \
    in-interface=Internet2 new-connection-mark=ether2_conn passthrough=yes
    add action=mark-connection chain=input comment=ether3_conn disabled=no \
    in-interface=Internet3 new-connection-mark=ether3_conn passthrough=yes
    add action=mark-connection chain=input comment=ether4_conn disabled=no \
    in-interface=Internet4 new-connection-mark=ether4_conn passthrough=yes
    add action=mark-routing chain=output comment=to_ether1 connection-mark=\
    ether1_conn disabled=no new-routing-mark=to_ether1 passthrough=no
    add action=mark-routing chain=output comment=to_ether2 connection-mark=\
    ether2_conn disabled=no new-routing-mark=to_ether2 passthrough=no
    add action=mark-routing chain=output comment=to_ether3 connection-mark=\
    ether3_conn disabled=no new-routing-mark=to_ether3 passthrough=no
    add action=mark-routing chain=output comment=to_ether4 connection-mark=\
    ether4_conn disabled=no new-routing-mark=to_ether4 passthrough=no
    add action=accept chain=prerouting comment="fora load DST" disabled=no \
    dst-address-list=loopback in-interface=Link-Gerenciado
    add action=mark-connection chain=prerouting comment=ether1_conn disabled=no \
    dst-address-type=!local in-interface=Link-Gerenciado new-connection-mark=\
    ether1_conn passthrough=yes per-connection-classifier=both-addresses:4/0
    add action=mark-connection chain=prerouting comment=ether2_conn disabled=no \
    dst-address-type=!local in-interface=Link-Gerenciado new-connection-mark=\
    ether2_conn passthrough=yes per-connection-classifier=both-addresses:4/1
    add action=mark-connection chain=prerouting comment=ether3_conn disabled=no \
    dst-address-type=!local in-interface=Link-Gerenciado new-connection-mark=\
    ether3_conn passthrough=yes per-connection-classifier=both-addresses:4/2
    add action=mark-connection chain=prerouting comment=ether4_conn disabled=no \
    dst-address-type=!local in-interface=Link-Gerenciado new-connection-mark=\
    ether4_conn passthrough=yes per-connection-classifier=both-addresses:4/3
    add action=mark-routing chain=prerouting comment=to_ether1 connection-mark=\
    ether1_conn disabled=no in-interface=Link-Gerenciado new-routing-mark=\
    to_ether1 passthrough=no
    add action=mark-routing chain=prerouting comment=to_ether2 connection-mark=\
    ether2_conn disabled=no in-interface=Link-Gerenciado new-routing-mark=\
    to_ether2 passthrough=no
    add action=mark-routing chain=prerouting comment=to_ether3 connection-mark=\
    ether3_conn disabled=no in-interface=Link-Gerenciado new-routing-mark=\
    to_ether3 passthrough=no
    add action=mark-routing chain=prerouting comment=to_ether4 connection-mark=\
    ether4_conn disabled=no in-interface=Link-Gerenciado new-routing-mark=\
    to_ether4 passthrough=no

    Só Lembrando que os links são simétricos, caso não seja ajuste as configurações em Per Connection Classifier, dividindo a carga.




  5. Agora vamos ao site que fica fora do balance.

    /ip firewall address-list
    add address=66.96.239.0/24 comment="Minha Conexao " disabled=no list=loopback
    add address=200.196.144.0/20 comment="BANCO - ITAU" disabled=no list=loopback
    add address=200.220.176.0/20 comment="BANCO - SANTANDER / REAL / BANESPA" disabled=no list=loopback
    add address=200.201.160.0/20 comment="BANCO - CAIXA" disabled=no list=loopback
    add address=201.33.144.0/20 comment="BANCO - BB" disabled=no list=loopback
    add address=170.66.0.0/16 comment="BANCO - BB" disabled=no list=loopback
    add address=200.252.0.0/16 comment="BANCO - SICOOB" disabled=no list=loopback
    add address=200.251.0.0/16 comment="BANCO - MERCANTIL DO BRASIL" disabled=no list=loopback
    add address=161.113.0.0/16 comment="BANCO - HSBC" disabled=no list=loopback
    add address=200.155.107.0/24 comment="BANCO - UNIBANCO" disabled=no list=loopback
    add address=69.17.117.207 comment=SPEED_TEST disabled=no list=loopback
    add address=200.159.128.189 comment=RJNET disabled=no list=loopback
    add address=200.195.144.42 comment=COPEL disabled=no list=loopback
    add address=189.45.12.3 comment="SPEED TEST - RJ" disabled=no list=loopback
    add address=209.85.153.85 comment=ORKUT disabled=no list=loopback
    add address=64.4.20.169 comment="" disabled=no list=loopback
    add address=62.212.84.0/24 comment="YAP TUBE" disabled=no list=loopback
    add address=85.17.79.0/24 comment="" disabled=no list=loopback
    add address=67.195.0.0/24 comment=YAHOO disabled=no list=loopback
    add address=200.220.186.0/24 comment=BRADESCO disabled=no list=loopback
    add address=200.220.178.0/24 comment=BRADESCO disabled=no list=loopback
    add address=64.38.29.0/24 comment=RapidShare disabled=no list=loopback
    add address=208.69.32.0/24 comment="" disabled=no list=loopback
    add address=208.67.217.0/24 comment="" disabled=no list=loopback
    add address=208.84.247.0/24 comment="Vdeos - terratv" disabled=no list=loopback
    add address=200.201.166.0/24 comment="" disabled=no list=loopback
    add address=200.201.173.0/24 comment="" disabled=no list=loopback
    add address=200.201.174.0/24 comment="" disabled=no list=loopback
    add address=200.141.207.3 comment=Detran disabled=no list=loopback
    add address=69.5.88.0/24 comment=Megaupload disabled=no list=loopback
    add address=200.220.190.0/24 comment="" disabled=no list=loopback
    add address=187.60.39.98 comment="Servidor SKY" disabled=no list=loopback
    add address=200.154.56.0/24 comment=terra disabled=no list=loopback
    add address=201.7.178.0/24 comment=globo disabled=no list=loopback
    add address=200.155.80.0-200.155.255.255 comment=bradesco disabled=no list=loopback
    add address=201.7.180.0/24 comment=globo disabled=no list=loopback
    add address=201.7.176.0/24 comment=globo disabled=no list=loopback
    add address=200.155.80.0-200.155.255.255 comment=BRADESCO disabled=no list=loopback
    add address=186.192.80.0/24 comment="globo fash" disabled=no list=loopback


    Ate aqui o load esta pronto para ser operado.






Tópicos Similares

  1. Pedido de ajuda no balanceamento no mikrotik
    Por innoscent no fórum Redes
    Respostas: 1
    Último Post: 06-05-2013, 02:43
  2. Respostas: 0
    Último Post: 29-01-2011, 13:16
  3. Utilização de peso em balanceamento no mikrotik
    Por marcelofabio no fórum Redes
    Respostas: 3
    Último Post: 27-11-2010, 12:39
  4. Respostas: 12
    Último Post: 28-10-2008, 11:02
  5. winbox lento e travando Mikrotik 3.2
    Por delorto no fórum Redes
    Respostas: 3
    Último Post: 13-02-2008, 21:54

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L