Página 1 de 2 12 ÚltimoÚltimo
+ Responder ao Tópico



  1. to com um balance em uma rb493 tem 4 ads de 10mb ativos e outro para ser configurado, como podem ver ta muito pobre de configuração toda a rede é baseada no link 1 o acesso a bancos ta ficando cada vez mais lento gostaria de uma ajuda em relação a isso, não sei talvez bancos saindo por qualquer link e oque mais vcs poderem fazer por mim desde já agradeço.

  2. /ip firewall connection tracking
    set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
    tcp-close-wait-timeout=10s tcp-established-timeout=10h \
    tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s tcp-syn-received-timeout=\
    5s tcp-syn-sent-timeout=5s tcp-syncookie=yes tcp-time-wait-timeout=10s \
    udp-stream-timeout=3m udp-timeout=10s
    /ip firewall filter
    add action=drop chain=input comment=PC.INVALID connection-state=invalid \
    disabled=no
    add action=drop chain=input comment=PC.INVALID disabled=no dst-port=\
    8080,8090,53 in-interface=!ether1-lan protocol=tcp
    add action=add-src-to-address-list address-list=sem-balance \
    address-list-timeout=1h10s chain=input comment=PC.WB disabled=no \
    in-interface=!ether1-lan port=18299,8282,220,8291 protocol=tcp
    /ip firewall mangle
    add action=accept chain=prerouting comment=sem-balance disabled=no \
    dst-address-list=sem-balance in-interface=ether1-lan
    add action=mark-connection chain=input comment=balance-nova_conexao-link1 \
    connection-state=new disabled=no in-interface=pppoe-link1 \
    new-connection-mark=balance-nova-link1 passthrough=yes
    add action=mark-connection chain=input comment=balance-nova_conexao-link2 \
    connection-state=new disabled=no in-interface=pppoe-link2 \
    new-connection-mark=balance-nova-link2 passthrough=yes
    add action=mark-connection chain=input comment=balance-nova_conexao-link3 \
    connection-state=new disabled=no in-interface=pppoe-link3 \
    new-connection-mark=balance-nova-link3 passthrough=yes
    add action=mark-connection chain=input comment=balance-nova_conexao-link4 \
    connection-state=new disabled=no in-interface=pppoe-link4 \
    new-connection-mark=balance-nova-link4 passthrough=yes
    add action=mark-routing chain=output comment=balance-route-link1 \
    connection-mark=balance-nova-link1 disabled=no dst-address-list=!intranet \
    new-routing-mark=balance-route-link1 passthrough=no
    add action=mark-routing chain=output comment=balance-route-link2 \
    connection-mark=balance-nova-link2 disabled=no dst-address-list=!intranet \
    new-routing-mark=balance-route-link2 passthrough=no
    add action=mark-routing chain=output comment=balance-route-link3 \
    connection-mark=balance-nova-link3 disabled=no dst-address-list=!intranet \
    new-routing-mark=balance-route-link3 passthrough=no
    add action=mark-routing chain=output comment=balance-route-link4 \
    connection-mark=balance-nova-link4 disabled=no dst-address-list=!intranet \
    new-routing-mark=balance-route-link4 passthrough=no
    add action=mark-connection chain=prerouting comment=balance-conexao-link1 \
    disabled=no dst-address-list=!intranet dst-address-type=!local \
    in-interface=ether1-lan new-connection-mark=balance-conexao-link1 \
    passthrough=yes
    add action=mark-connection chain=prerouting comment=balance-conexao-link2 \
    disabled=no dst-address-list=!intranet dst-address-type=!local \
    in-interface=ether1-lan new-connection-mark=balance-conexao-link2 \
    passthrough=yes per-connection-classifier=both-addresses:4/1
    add action=mark-connection chain=prerouting comment=balance-conexao-link3 \
    disabled=no dst-address-list=!intranet dst-address-type=!local \
    in-interface=ether1-lan new-connection-mark=balance-conexao-link3 \
    passthrough=yes per-connection-classifier=both-addresses:4/2
    add action=mark-connection chain=prerouting comment=balance-conexao-link4 \
    disabled=no dst-address-list=!intranet dst-address-type=!local \
    in-interface=ether1-lan new-connection-mark=balance-conexao-link4 \
    passthrough=yes per-connection-classifier=both-addresses:4/3
    add action=mark-routing chain=prerouting comment=balance-para-link1 \
    connection-mark=balance-conexao-link1 disabled=no in-interface=ether1-lan \
    new-routing-mark=balance-para-link1 passthrough=yes
    add action=mark-routing chain=prerouting comment=balance-para-link2 \
    connection-mark=balance-conexao-link2 disabled=no in-interface=ether1-lan \
    new-routing-mark=balance-para-link2 passthrough=yes
    add action=mark-routing chain=prerouting comment=balance-para-link3 \
    connection-mark=balance-conexao-link3 disabled=no in-interface=ether1-lan \
    new-routing-mark=balance-para-link3 passthrough=yes
    add action=mark-routing chain=prerouting comment=balance-para-link4 \
    connection-mark=balance-conexao-link4 disabled=no in-interface=ether1-lan \
    new-routing-mark=balance-para-link4 passthrough=yes
    /ip firewall nat
    add action=dst-nat chain=dstnat comment=PC.CRUSHER disabled=no dst-port=18299 \
    in-interface=!ether1-lan protocol=tcp to-addresses=10.30.30.2 to-ports=8291
    add action=masquerade chain=srcnat comment=balance-masquerade-link1 disabled=no \
    out-interface=pppoe-link1
    add action=masquerade chain=srcnat comment=balance-masquerade-link2 disabled=no \
    out-interface=pppoe-link2
    add action=masquerade chain=srcnat comment=balance-masquerade-link3 disabled=no \
    out-interface=pppoe-link3
    add action=masquerade chain=srcnat comment=balance-masquerade-link4 disabled=no \
    out-interface=pppoe-link4



  3. /ip firewall address-list
    add address=200.198.182.152 comment=F2b disabled=no list=sem-balance
    add address=74.201.74.0/24 comment=Logmein disabled=no list=sem-balance
    add address=200.155.0.0/24 comment=HIPERCARD disabled=no list=sem-balance
    add address=200.155.0.0/16 comment=Bradesco disabled=no list=sem-balance
    add address=200.201.0.0/16 comment=Cef disabled=no list=sem-balance
    add address=170.66.0.0/16 comment=BB disabled=no list=sem-balance
    add address=200.220.0.0/16 comment=Santander disabled=no list=sem-balance
    add address=200.196.0.0/16 comment=Itau disabled=no list=sem-balance
    add address=189.56.0.0/16 comment=NCNB disabled=no list=sem-balance
    add address=161.113.0.0/24 comment=HSBC disabled=no list=sem-balance
    add address=200.201.0.0/16 comment="Conectividade Social" disabled=no list=\
    sem-balance
    add address=200.238.0.0/16 comment=e-FiscoPE disabled=no list=sem-balance
    add address=200.178.0.0/16 comment=Condutor disabled=no list=sem-balance
    add address=200.157.0.0/16 comment="Receita Federal - Site e Receitanet" \
    disabled=no list=sem-balance
    add address=161.148.0.0/16 disabled=no list=sem-balance
    add address=189.111.6.37 disabled=no list=sem-balance
    add address=201.7.176.0/20 comment=Globo disabled=no list=sem-balance
    add address=200.174.72.154 comment=Consul disabled=no list=sem-balance
    add address=201.7.178.0/27 comment=Globo disabled=no list=sem-balance
    add address=186.192.80.0/20 comment=Globo disabled=no list=sem-balance
    add address=200.130.0.0/16 comment=";;;Sisu Aluno" disabled=no list=sem-balance
    add address=201.7.180.0/24 comment=Globo disabled=no list=sem-balance
    add address=64.151.87.25 comment=Globo disabled=no list=sem-balance
    add address=200.147.0.0/16 comment="Videos uol" disabled=no list=sem-balance
    add address=65.54.85.0/24 comment="MSN Videos" disabled=no list=sem-balance
    add address=200.221.0.0/16 disabled=no list=sem-balance
    add address=8.23.224.0/24 comment="no-ip - renato" disabled=no list=sem-balance
    add address=187.86.8.0/24 comment="REDE LENILSON" disabled=no list=sem-balance
    add address=192.167.0.0/16 disabled=no list=intranet
    add address=10.40.0.0/16 disabled=no list=intranet
    add address=192.168.10.0/24 disabled=no list=intranet
    add address=10.50.0.0/16 disabled=no list=intranet
    add address=10.30.30.2 disabled=no list=intranet
    add address=187.6.18.61 disabled=no list=sem-balance
    add address=187.6.100.115 disabled=no list=sem-balance
    add address=216.224.178.11 comment=THUNDER disabled=no list=sem-balance

  4. Esse seu balance é modelo antigo, tenho um que não precisa mais adiciona essa regras de sites de banco nem https.

    Ele aqui roda normal sem nenhuma problema.



  5. Citação Postado originalmente por wagnersn Ver Post
    Esse seu balance é modelo antigo, tenho um que não precisa mais adiciona essa regras de sites de banco nem https.

    Ele aqui roda normal sem nenhuma problema.
    envia ai então.






Tópicos Similares

  1. balance pcc em rb 493 quem faz ?
    Por lednet no fórum Redes
    Respostas: 13
    Último Post: 30-09-2013, 09:26
  2. Load Balance em rb 435G com 2 adsl oi
    Por SalvadorDanczuk no fórum Redes
    Respostas: 2
    Último Post: 03-04-2012, 08:07
  3. Respostas: 9
    Último Post: 29-04-2011, 20:51
  4. Load balance em RB ou no PC ?
    Por jardelalmeida no fórum Redes
    Respostas: 9
    Último Post: 23-11-2010, 16:54
  5. Respostas: 3
    Último Post: 29-04-2010, 12:32

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L