+ Responder ao Tópico



  1. Pessoal implantei um balance diferente que encontrei no MUM 2011!
    Atualmente funciona perfeito abrindo HTTPS e Sites de bancos normal!
    Porem dentro da minha rede possuo um servidor de Tarifação Voip e o mesmo não consegue registrar seus troncos nas operadoras pq acredito eu. a requisição ta saindo por um link e voltando por outro, ja add a regrar para o ip das operadoras saírem pelo mesmo link, porem mesmo assim sem sucesso!
    Dando um traceroute do servidor vejo q ele esta saindo pelo link 2 e na regra obrigo ele a sair pelo link 1, não sei mais o que fazer, se alguém tiver uma dica.. agradeço!
    Grato!

    Abaixo as Regras do Mangle;

    /ip firewall mangle
    add action=accept chain=prerouting comment="--" disabled=no dst-address=000.00.00.000/29 \
    src-address=172.17.37.0/29
    add action=accept chain=prerouting disabled=no dst-address=000.00.00.000/29 \
    src-address=172.17.37.0/29
    add action=accept chain=prerouting disabled=no dst-address=172.17.37.0/29 \
    src-address=172.17.37.0/29
    add action=mark-connection chain=prerouting comment=\
    "====================================================================" \
    connection-mark=no-mark disabled=no in-interface=ether1-LINKMAXIWEB \
    new-connection-mark=mxweb_conn passthrough=yes
    add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
    no in-interface=pppoe-GVT new-connection-mark=gvt_conn passthrough=yes
    add action=jump chain=prerouting comment=\
    "====================================================================" \
    connection-mark=no-mark disabled=no in-interface=ether3-SAIDALAN \
    jump-target=policy_routing
    add action=mark-routing chain=prerouting comment=\
    "====================================================================" \
    connection-mark=gvt_conn disabled=no new-routing-mark=gvt_traffic \
    passthrough=yes src-address=172.17.37.0/29
    add action=mark-routing chain=prerouting connection-mark=mxweb_conn disabled=\
    no new-routing-mark=mxweb_traffic passthrough=yes src-address=\
    172.17.37.0/29
    add action=mark-routing chain=output connection-mark=gvt_conn disabled=no \
    new-routing-mark=gvt_traffic passthrough=yes
    add action=mark-routing chain=output connection-mark=mxweb_conn disabled=no \
    new-routing-mark=mxweb_traffic passthrough=yes
    add action=mark-connection chain=policy_routing comment=PCC-BALANCE disabled=\
    no dst-address-type=!local new-connection-mark=gvt_conn passthrough=yes \
    per-connection-classifier=both-addresses:2/0
    add action=mark-connection chain=policy_routing disabled=no dst-address-type=\
    !local new-connection-mark=mxweb_conn passthrough=yes \
    per-connection-classifier=both-addresses:2/1
    add action=mark-routing chain=prerouting comment="PROTOCOLO SIP" disabled=no \
    dst-port=5060-5070 new-routing-mark=mxweb_traffic passthrough=no \
    protocol=udp
    add action=mark-routing chain=prerouting comment="PROTOCOLO SIP" disabled=no \
    dst-port=10000-20000 new-routing-mark=mxweb_traffic passthrough=no \
    protocol=udp
    Última edição por goplex; 12-05-2014 às 15:15.

  2. Citação Postado originalmente por goplex Ver Post
    Pessoal implantei um balance diferente que encontrei no MUM 2011!
    Atualmente funciona perfeito abrindo HTTPS e Sites de bancos normal!
    Porem dentro da minha rede possuo um servidor de Tarifação Voip e o mesmo não consegue registrar seus troncos nas operadoras pq acredito eu. a requisição ta saindo por um link e voltando por outro, ja add a regrar para o ip das operadoras saírem pelo mesmo link, porem mesmo assim sem sucesso!
    Dando um traceroute do servidor vejo q ele esta saindo pelo link 2 e na regra obrigo ele a sair pelo link 1, não sei mais o que fazer, se alguém tiver uma dica.. agradeço!
    Grato!

    Abaixo as Regras do Mangle;

    /ip firewall mangle
    add action=accept chain=prerouting comment="--" disabled=no dst-address=187.49.37.200/29 \
    src-address=172.17.37.0/29
    add action=accept chain=prerouting disabled=no dst-address=187.115.132.79 \
    src-address=172.17.37.0/29
    add action=accept chain=prerouting disabled=no dst-address=172.17.37.0/29 \
    src-address=172.17.37.0/29
    add action=mark-connection chain=prerouting comment=\
    "====================================================================" \
    connection-mark=no-mark disabled=no in-interface=ether1-LINKMAXIWEB \
    new-connection-mark=mxweb_conn passthrough=yes
    add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
    no in-interface=pppoe-GVT new-connection-mark=gvt_conn passthrough=yes
    add action=jump chain=prerouting comment=\
    "====================================================================" \
    connection-mark=no-mark disabled=no in-interface=ether3-SAIDALAN \
    jump-target=policy_routing
    add action=mark-routing chain=prerouting comment=\
    "====================================================================" \
    connection-mark=gvt_conn disabled=no new-routing-mark=gvt_traffic \
    passthrough=yes src-address=172.17.37.0/29
    add action=mark-routing chain=prerouting connection-mark=mxweb_conn disabled=\
    no new-routing-mark=mxweb_traffic passthrough=yes src-address=\
    172.17.37.0/29
    add action=mark-routing chain=output connection-mark=gvt_conn disabled=no \
    new-routing-mark=gvt_traffic passthrough=yes
    add action=mark-routing chain=output connection-mark=mxweb_conn disabled=no \
    new-routing-mark=mxweb_traffic passthrough=yes
    add action=mark-connection chain=policy_routing comment=PCC-BALANCE disabled=\
    no dst-address-type=!local new-connection-mark=gvt_conn passthrough=yes \
    per-connection-classifier=both-addresses:2/0
    add action=mark-connection chain=policy_routing disabled=no dst-address-type=\
    !local new-connection-mark=mxweb_conn passthrough=yes \
    per-connection-classifier=both-addresses:2/1
    add action=mark-routing chain=prerouting comment="PROTOCOLO SIP" disabled=no \
    dst-port=5060-5070 new-routing-mark=mxweb_traffic passthrough=no \
    protocol=udp
    add action=mark-routing chain=prerouting comment="PROTOCOLO SIP" disabled=no \
    dst-port=10000-20000 new-routing-mark=mxweb_traffic passthrough=no \
    protocol=udp
    DICA: não poste Ips da sua rede em fóruns amigo pode ter dar problemas.



  3. DDoS, Scanner, SCANN em 3.2.1....






Tópicos Similares

  1. Load balance pcc com links ip dinamico , como fazer?
    Por julinribeiro no fórum Redes
    Respostas: 21
    Último Post: 25-10-2017, 08:41
  2. Respostas: 35
    Último Post: 01-07-2016, 12:22
  3. Load Balance pcc com 3 links em bridge
    Por Auilker no fórum Redes
    Respostas: 1
    Último Post: 27-05-2016, 11:46
  4. Problema Balance PCC com Jogo PES 2013
    Por halves no fórum Redes
    Respostas: 7
    Último Post: 23-02-2013, 17:55
  5. Load Balance pcc com Lentidão!
    Por maninho03 no fórum Redes
    Respostas: 26
    Último Post: 24-07-2012, 08:46

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L