+ Responder ao Tópico



  1. 17-07-2012, 14:16 #1
    ellandson
    ellandson está desconectado
    Avatar de ellandson
    Ingresso
    Mar 2011
    Posts
    5

    Padrão Ajuda PCC 3 Links + Fail over

    olá pessoal me desculpe se eu estou postando um topico que ja exista, mas cancei de procura e nao encontrei,
    tenho uma rb 750, e gostaria de fazer um pcc com 3 linksl, na verdade no pcc mesmo so 2,
    1 LINK CABO 2.5mb >DHCP dinamico ip privado.
    1 LINK Velox 1mb > Pode ser ppoe, ou entao ele adsl roteado.
    1 LINK RAdio 1mb > nesse caso ip publico e dinamico, este link radio nao gostaria de colocar no pcc.
    A WAN 1 e 2 Ficaria com pcc com link cabo e link velox na lan1
    e a WAN3 ficaria na lan 2 sem pcc livre.
    nesse caso gostaria de fazer um failover nos links cabo e velox,
    ja tentei aki de varias formas fazer isso mas nao consegui fazer com failover, olhei uns script so com ppoe tem como agente colocar dhcp ao inves do ppoe.
    este link gostei da explicação mais nao consegui adptar o ppoe para dhcp, se alguem conseguir axo que da certo.
    agradeço.
    Citação Citação
  2. 18-07-2012, 14:25 #2
    Claudineibj
    Claudineibj está desconectado
    Avatar de Claudineibj
    Ingresso
    Jun 2009
    Posts
    331

    Padrão Re: Ajuda PCC 3 Links + Fail over

    Porq a ether3 ficaria fora do pcc?
    Citação Citação
  3. 18-07-2012, 14:31 #3
    Claudineibj
    Claudineibj está desconectado
    Avatar de Claudineibj
    Ingresso
    Jun 2009
    Posts
    331

    Padrão Re: Ajuda PCC 3 Links + Fail over

    # ip address --------------------------
    /ip address add address=192.168.88.1/30 interface=Local
    /ip address add address=177.15.95.150/30 interface=etherlink2

    # interface pppoe-client ---------------
    /interface pppoe-client add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 dial-on-demand=no disabled=no interface=etherlink1 max-mru=1480 max-mtu=1480 mrru=disabled name=adsl_etherlink1 password=velox profile=default service-name="" use-peer-dns=no user=vrlox@velox

    # ip dns --------------------------------
    /ip dns set primary-dns=8.8.8.8
    /ip dns set secondary-dns=8.8.4.4
    /ip dns set allow-remote-requests=yes

    # ip dns statico------------------------
    /ip dns static add address=192.168.88.1 comment="" disabled=no name=192.168.88.1.meuprovedor ttl=1d

    # ip firewall Filter------------------------
    /ip firewall filter add action=accept chain=input disabled=no in-interface=!etherlink2 src-address=192.168.88.0/30

    # ip firewall nat--------------------------
    /ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=adsl_etherlink1
    /ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=etherlink2

    # ip firewall mangle------------------------

    # LoopBack por link-------------------------
    / ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK0 in-interface=Local new-connection-mark=Sites0 passthrough=yes
    / ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites0 disabled=no in-interface=Local new-routing-mark=Rota0 passthrough=no
    / ip route add gateway=adsl_etherlink1 routing-mark=Rota0
    / ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK1 in-interface=Local new-connection-mark=Sites1 passthrough=yes
    / ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites1 disabled=no in-interface=Local new-routing-mark=Rota1 passthrough=no
    / ip route add gateway=177.15.95.148 routing-mark=Rota1

    /ip firewall address-list add address=200.155.80.0-200.155.255.255 comment="BRADESCO" disabled=no list=LINK0
    /ip firewall address-list add address=200.220.186.0/24 comment="" disabled=no list=LINK0
    /ip firewall address-list add address=200.220.178.0/24 comment="" disabled=no list=LINK0
    /ip firewall address-list add address=64.38.29.0/24 comment="RapidShare" disabled=no list=LINK1
    /ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=LINK1
    /ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=LINK1
    /ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=LINK1
    /ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=LINK1
    # Fim LoopBack por link----------------------

    /ip firewall mangle add action=accept chain=prerouting comment="HTTPS FORA DO LOADBALACED" disabled=no protocol=tcp dst-port=443 in-interface=Local
    /ip firewall mangle add action=accept chain=prerouting comment="FORA DO LOADBALACED" disabled=no dst-address-list=loopback in-interface=Local
    /ip firewall mangle add action=change-ttl chain=forward comment="Filtro Tracert / Traceroute" disabled=no new-ttl=set:30 protocol=icmp
    /ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=adsl_etherlink1 new-connection-mark=adsl_etherlink1_conn passthrough=yes
    /ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=etherlink2 new-connection-mark=etherlink2_conn passthrough=yes
    /ip firewall mangle add action=mark-routing chain=output connection-mark=adsl_etherlink1_conn disabled=no new-routing-mark=to_adsl_etherlink1 passthrough=yes
    /ip firewall mangle add action=mark-routing chain=output connection-mark=etherlink2_conn disabled=no new-routing-mark=to_etherlink2 passthrough=yes
    /ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=177.15.95.149/30 in-interface=Local
    /ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=Local new-connection-mark=adsl_etherlink1_conn passthrough=yes per-connection-classifier=both-addresses:5/0
    /ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=Local new-connection-mark=etherlink2_conn passthrough=yes per-connection-classifier=both-addresses:5/1
    /ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=Local new-connection-mark=etherlink2_conn passthrough=yes per-connection-classifier=both-addresses:5/2
    /ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=Local new-connection-mark=etherlink2_conn passthrough=yes per-connection-classifier=both-addresses:5/3
    /ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=Local new-connection-mark=etherlink2_conn passthrough=yes per-connection-classifier=both-addresses:5/4
    /ip firewall mangle add action=mark-routing chain=prerouting connection-mark=adsl_etherlink1_conn disabled=no in-interface=Local new-routing-mark=to_adsl_etherlink1 passthrough=yes
    /ip firewall mangle add action=mark-routing chain=prerouting connection-mark=etherlink2_conn disabled=no in-interface=Local new-routing-mark=to_etherlink2 passthrough=yes

    # ip route----------------------------------
    /ip route add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=adsl_etherlink1 routing-mark=to_adsl_etherlink1 comment="Link0"
    /ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=177.15.95.148 routing-mark=to_etherlink2 comment="Link1"
    /ip route add comment="Link0" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=adsl_etherlink1 scope=30 target-scope=10
    /ip route add check-gateway=ping comment="Link1" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=177.15.95.148 scope=30 target-scope=10

    # ip firewall address-list-----------------------------
    /ip firewall address-list add address=200.155.80.0-200.155.255.255 comment=BRADESCO disabled=no list=loopback
    /ip firewall address-list add address=200.220.186.0/24 comment=BRADESCO disabled=no list=loopback
    /ip firewall address-list add address=200.220.178.0/24 comment=BRADESCO disabled=no list=loopback
    /ip firewall address-list add address=64.38.29.0/24 comment=RapidShare disabled=no list=loopback
    /ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=loopback
    /ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=loopback
    /ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=loopback
    /ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=loopback
    /ip firewall address-list add address=200.159.128.0/24 comment=BRADESCO disabled=no list=loopback
    /ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=loopback
    /ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=loopback
    /ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=loopback
    /ip firewall address-list add address=200.201.160.0/24 comment="Caixa Economica Federal" disabled=no list=loopback
    /ip firewall address-list add address=200.201.166.0/24 comment="" disabled=no list=loopback
    /ip firewall address-list add address=200.201.173.0/24 comment="" disabled=no list=loopback
    /ip firewall address-list add address=200.201.174.0/24 comment="" disabled=no list=loopback
    /ip firewall address-list add address=200.141.207.3 comment=Detran disabled=no list=loopback

    # /system script--------------------------------------
    /system script add name=Link0Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link0\"] disabled=yes;"
    /system script add name=Link1Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link1\"] disabled=yes;"
    /system script add name=Link0Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=no;\r\ \n/ip route set [find comment=\"Link0\"] disabled=no;"
    /system script add name=Link1Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=no;\r\ \n/ip route set [find comment=\"Link1\"] disabled=no;"


    Se o motivo é usar esse terceiro link pra vc use eu ip sem controle de banda no seu servidor, bom assim é o que imagino que queira fazer.
    Citação Citação
  4. 19-07-2012, 02:09 #4
    m4d3
    m4d3 está desconectado
    Avatar de m4d3
    Ingresso
    Aug 2007
    Localização
    Paraná
    Posts
    919
    Posts de Blog
    9

    Padrão Re: Ajuda PCC 3 Links + Fail over

    https://under-linux.org/f227/pcc-bal...ad+balance+pcc
    Citação Citação



« Tópico Anterior | Próximo Tópico »