+ Responder ao Tópico



  1. #1

    Padrão Balance de Cargas Diferente - Podem conferir por favor?

    Pessoal,
    tudo bem voces?
    Mas uma vez, antes que eu possa fazer alguma coisa gostaria que os mestres dessem uma olhada neste balance para ver possíveis erros, melhoras e outras coisas que talvez esteja faltando.


    # O mesmo foi feito em maquina virtual em caráter de testes e aprendizado.


    Os link são respectivamente de 10MB e 15MB. Fiz a divisão proporcional, gostaria de saber se está correto. fiz 2 marcações para o link de 10MB e 3 para o Link de 15MB.

    Link1 = 10MB com o IP 187.100.100.0/24
    Link2 = 15MB com o IP 187.200.200.0/24
    Lan = com o range de IP 192.168.0.0/16


    a opção passthrough=yes ou no, ela influencia em que? qual a importância dela?


    segue as regras separadamente:




    Código :
    =========================================== REGRAS DO MANGLE ============================================
     
     
    0   ;;; ========== FORA DO BALLANCE ==========
         chain=prerouting action=accept protocol=tcp in-interface=ether3 dst-port=443 
     
     
     1   chain=prerouting action=accept dst-address-list=sembalance in-interface=ether3 
     
     
     2   ;;; ========== ACEITAR TODO TRAFEGO PARA REDE INTERNA ==========
         chain=prerouting action=accept src-address=192.168.0.0/16 dst-address=192.168.0.0/16 
     
     
     3   ;;; ========== MARCAR CONEXAO DOS LINKS 1 E 2 ==========
         chain=prerouting action=mark-connection new-connection-mark=conn_link1 passthrough=yes protocol=tcp in-interface=ether1 connection-mark=no-mark 
     
     
     4   chain=prerouting action=mark-connection new-connection-mark=conn_link2 passthrough=yes protocol=tcp in-interface=ether2 connection-mark=no-mark 
     
     
     5   ;;; ========== DIVISAO DAS CARGAS 10MB ==========
         chain=prerouting action=mark-connection new-connection-mark=conn_link1 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/0 
     
     
     6   chain=prerouting action=mark-connection new-connection-mark=conn_link1 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/1 
     
     
     7   ;;; ========== DIVISAO DE CARGAS LINK 15MB ==========
         chain=prerouting action=mark-connection new-connection-mark=conn_link2 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/2 
     
     
     8   chain=prerouting action=mark-connection new-connection-mark=conn_link2 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/3 
     
     
     9   chain=prerouting action=mark-connection new-connection-mark=conn_link2 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/4 
     
     
    10   ;;; ========== MARCACAO DA ROTA DO LINK 1 E 2 ==========
         chain=prerouting action=mark-routing new-routing-mark=rota_link1 passthrough=yes in-interface=ether3 connection-mark=conn_link1 
     
     
    11   chain=prerouting action=mark-routing new-routing-mark=rota_link2 passthrough=yes in-interface=ether3 connection-mark=conn_link2 
     
     
    12   ;;; ========== MARCAR ROTA DE SAIDA PARA LINK 1  E 2 ==========
         chain=output action=mark-routing new-routing-mark=rota_link1 passthrough=yes connection-mark=conn_link1 
     
     
    13   chain=output action=mark-routing new-routing-mark=rota_link2 passthrough=yes connection-mark=conn_link2


    Código :
    ============================================ ROTAS ============================================
     
     
    #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
     0   S  dst-address=0.0.0.0/0 gateway=187.200.200.1 gateway-status=187.200.200.1 unreachable 
            check-gateway=ping distance=1 scope=30 target-scope=10 routing-mark=rota_link2 
     
     
     1   S  dst-address=0.0.0.0/0 gateway=187.100.100.1 gateway-status=187.100.100.1 unreachable 
            check-gateway=ping distance=1 scope=30 target-scope=10 routing-mark=rota_link1 
     
     
     2   S  dst-address=0.0.0.0/0 gateway=187.100.100.1 gateway-status=187.100.100.1 unreachable distance=>
            scope=30 target-scope=10 
     
     
     3   S  dst-address=0.0.0.0/0 gateway=187.200.200.1 gateway-status=187.200.200.1 unreachable distance=>
            scope=30 target-scope=10 
     
     
     4 ADC  dst-address=187.100.100.0/24 pref-src=187.100.100.254 gateway=ether1 
            gateway-status=ether1 reachable distance=0 scope=10 
     
     
     5 ADC  dst-address=187.200.200.0/24 pref-src=187.200.200.254 gateway=ether2 
            gateway-status=ether2 reachable distance=0 scope=10 
     
     
     6 ADC  dst-address=192.168.0.0/16 pref-src=192.168.0.254 gateway=ether3 
            gateway-status=ether3 reachable distance=0 scope=10
    Código :
    ============================================ MASCARAMENTO ============================================
     
     
     0   ;;; ====== LINK1-10MB ======
         chain=srcnat action=masquerade out-interface=ether1 
     
     
     1   ;;; ====== LINK2-15MB =======
         chain=srcnat action=masquerade out-interface=ether2


    Código :
    ============ DNS ================
    ip dns print             
                    servers: 8.8.8.8,8.8.4.4
            dynamic-servers: 
      allow-remote-requests: no
        max-udp-packet-size: 4096
                 cache-size: 20480KiB
              cache-max-ttl: 1w
                 cache-used: 8KiB




    havendo erros podem corrigir.
    obrigado.

  2. #2

    Padrão Re: Balance de Cargas Diferente - Podem conferir por favor?

    Citação Postado originalmente por Pedroh Ver Post
    Pessoal,
    tudo bem voces?
    Mas uma vez, antes que eu possa fazer alguma coisa gostaria que os mestres dessem uma olhada neste balance para ver possíveis erros, melhoras e outras coisas que talvez esteja faltando.


    # O mesmo foi feito em maquina virtual em caráter de testes e aprendizado.


    Os link são respectivamente de 10MB e 15MB. Fiz a divisão proporcional, gostaria de saber se está correto. fiz 2 marcações para o link de 10MB e 3 para o Link de 15MB.

    Link1 = 10MB com o IP 187.100.100.0/24
    Link2 = 15MB com o IP 187.200.200.0/24
    Lan = com o range de IP 192.168.0.0/16


    a opção passthrough=yes ou no, ela influencia em que? qual a importância dela?


    segue as regras separadamente:




    Código :
    =========================================== REGRAS DO MANGLE ============================================
     
     
    0   ;;; ========== FORA DO BALLANCE ==========
         chain=prerouting action=accept protocol=tcp in-interface=ether3 dst-port=443 
     
     
     1   chain=prerouting action=accept dst-address-list=sembalance in-interface=ether3 
     
     
     2   ;;; ========== ACEITAR TODO TRAFEGO PARA REDE INTERNA ==========
         chain=prerouting action=accept src-address=192.168.0.0/16 dst-address=192.168.0.0/16 
     
     
     3   ;;; ========== MARCAR CONEXAO DOS LINKS 1 E 2 ==========
         chain=prerouting action=mark-connection new-connection-mark=conn_link1 passthrough=yes protocol=tcp in-interface=ether1 connection-mark=no-mark 
     
     
     4   chain=prerouting action=mark-connection new-connection-mark=conn_link2 passthrough=yes protocol=tcp in-interface=ether2 connection-mark=no-mark 
     
     
     5   ;;; ========== DIVISAO DAS CARGAS 10MB ==========
         chain=prerouting action=mark-connection new-connection-mark=conn_link1 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/0 
     
     
     6   chain=prerouting action=mark-connection new-connection-mark=conn_link1 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/1 
     
     
     7   ;;; ========== DIVISAO DE CARGAS LINK 15MB ==========
         chain=prerouting action=mark-connection new-connection-mark=conn_link2 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/2 
     
     
     8   chain=prerouting action=mark-connection new-connection-mark=conn_link2 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/3 
     
     
     9   chain=prerouting action=mark-connection new-connection-mark=conn_link2 passthrough=yes dst-address-type=!local in-interface=ether3 connection-mark=no-mark 
         per-connection-classifier=both-addresses:5/4 
     
     
    10   ;;; ========== MARCACAO DA ROTA DO LINK 1 E 2 ==========
         chain=prerouting action=mark-routing new-routing-mark=rota_link1 passthrough=yes in-interface=ether3 connection-mark=conn_link1 
     
     
    11   chain=prerouting action=mark-routing new-routing-mark=rota_link2 passthrough=yes in-interface=ether3 connection-mark=conn_link2 
     
     
    12   ;;; ========== MARCAR ROTA DE SAIDA PARA LINK 1  E 2 ==========
         chain=output action=mark-routing new-routing-mark=rota_link1 passthrough=yes connection-mark=conn_link1 
     
     
    13   chain=output action=mark-routing new-routing-mark=rota_link2 passthrough=yes connection-mark=conn_link2


    Código :
    ============================================ ROTAS ============================================
     
     
    #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
     0   S  dst-address=0.0.0.0/0 gateway=187.200.200.1 gateway-status=187.200.200.1 unreachable 
            check-gateway=ping distance=1 scope=30 target-scope=10 routing-mark=rota_link2 
     
     
     1   S  dst-address=0.0.0.0/0 gateway=187.100.100.1 gateway-status=187.100.100.1 unreachable 
            check-gateway=ping distance=1 scope=30 target-scope=10 routing-mark=rota_link1 
     
     
     2   S  dst-address=0.0.0.0/0 gateway=187.100.100.1 gateway-status=187.100.100.1 unreachable distance=>
            scope=30 target-scope=10 
     
     
     3   S  dst-address=0.0.0.0/0 gateway=187.200.200.1 gateway-status=187.200.200.1 unreachable distance=>
            scope=30 target-scope=10 
     
     
     4 ADC  dst-address=187.100.100.0/24 pref-src=187.100.100.254 gateway=ether1 
            gateway-status=ether1 reachable distance=0 scope=10 
     
     
     5 ADC  dst-address=187.200.200.0/24 pref-src=187.200.200.254 gateway=ether2 
            gateway-status=ether2 reachable distance=0 scope=10 
     
     
     6 ADC  dst-address=192.168.0.0/16 pref-src=192.168.0.254 gateway=ether3 
            gateway-status=ether3 reachable distance=0 scope=10
    Código :
    ============================================ MASCARAMENTO ============================================
     
     
     0   ;;; ====== LINK1-10MB ======
         chain=srcnat action=masquerade out-interface=ether1 
     
     
     1   ;;; ====== LINK2-15MB =======
         chain=srcnat action=masquerade out-interface=ether2


    Código :
    ============ DNS ================
    ip dns print             
                    servers: 8.8.8.8,8.8.4.4
            dynamic-servers: 
      allow-remote-requests: no
        max-udp-packet-size: 4096
                 cache-size: 20480KiB
              cache-max-ttl: 1w
                 cache-used: 8KiB




    havendo erros podem corrigir.
    obrigado.
    Coloca o link de 15mgs como default, não precisa jogar carga a mais em nenhum link, use uma marcação pra cada, pois o link default ja usa mais carga que os outros, então colocando o de 15mgs como default ja estara balanceado!!

  3. #3

    Padrão Re: Balance de Cargas Diferente - Podem conferir por favor?

    no caso, colocar a distancia dele em 1? a do de 10MB em 2?

  4. #4

    Padrão Re: Balance de Cargas Diferente - Podem conferir por favor?

    Citação Postado originalmente por Pedroh Ver Post
    no caso, colocar a distancia dele em 1? a do de 10MB em 2?
    Sim, isso mesmo!!