Página 1 de 4 1234 ÚltimoÚltimo
+ Responder ao Tópico



  1. Galera bom dia, estou com problemas na configuração do meu MK para 3 links pppoe, não consigo navegar, segue configuração. link assim 20mb, e 2 links vivo de 8mb



    # jan/01/2002 01:43:28 by RouterOS 6.28
    # software id = RI27-0WZL
    #
    /interface ethernet
    set [ find default-name=ether1 ] name=ether1-link-assim
    set [ find default-name=ether2 ] name=ether2-link-vivo1
    set [ find default-name=ether3 ] name=ether3-link-vivo2
    set [ find default-name=ether5 ] name=ether5-lan
    /interface pppoe-client
    add disabled=no interface=ether1-link-assim max-mru=1480 max-mtu=1480 mrru=\
    1600 name=pppoe-assim password=********* user=**********
    add disabled=no interface=ether2-link-vivo1 max-mru=1480 max-mtu=1480 mrru=\
    1600 name=pppoe-out1 password=****** user=***********
    add disabled=no interface=ether3-link-vivo2 max-mru=1480 max-mtu=1480 mrru=\
    1600 name=pppoe-out2 password=****** user=**********
    /ip pool
    add name=dhcp_pool1 ranges=192.168.0.2-192.168.0.254
    add name=dhcp_pool2 ranges=192.168.0.2-192.168.0.254
    /ip dhcp-server
    add add-arp=yes address-pool=dhcp_pool2 disabled=no interface=ether5-lan \
    name=dhcp1
    /tool user-manager customer
    set admin access=\
    own-routers,own-users,own-profiles,own-limits,config-payment-gw
    /ip address
    add address=192.168.0.1/24 interface=ether5-lan network=192.168.0.0
    /ip cloud
    set ddns-enabled=yes
    /ip dhcp-server network
    add address=192.168.0.0/24 gateway=192.168.0.1
    /ip dns
    set allow-remote-requests=yes servers=200.204.0.10,200.204.0.138
    /ip firewall filter
    add action=add-dst-to-address-list address-list=P_SCAN_BANK \
    address-list-timeout=30m chain=forward comment=SSL dst-port=443 protocol=\
    tcp
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="Link 1 - Assim" \
    in-interface=ether5-lan new-connection-mark=link1_conn \
    per-connection-classifier=both-addresses-and-ports:9/0
    add action=mark-connection chain=prerouting in-interface=ether5-lan \
    new-connection-mark=link1_conn per-connection-classifier=\
    both-addresses-and-ports:9/1
    add action=mark-connection chain=prerouting in-interface=ether5-lan \
    new-connection-mark=link1_conn per-connection-classifier=\
    both-addresses-and-ports:9/2
    add action=mark-connection chain=prerouting in-interface=ether5-lan \
    new-connection-mark=link1_conn per-connection-classifier=\
    both-addresses-and-ports:9/3
    add action=mark-connection chain=prerouting in-interface=ether5-lan \
    new-connection-mark=link1_conn per-connection-classifier=\
    both-addresses-and-ports:9/4
    add action=mark-connection chain=prerouting comment="Link 2 - Vivo" \
    in-interface=ether5-lan new-connection-mark=link2_conn \
    per-connection-classifier=both-addresses-and-ports:9/5
    add action=mark-connection chain=prerouting in-interface=ether5-lan \
    new-connection-mark=link2_conn per-connection-classifier=\
    both-addresses-and-ports:9/6
    add action=mark-connection chain=prerouting comment="Link 3 - Vivo" \
    in-interface=ether5-lan new-connection-mark=link3_conn \
    per-connection-classifier=both-addresses-and-ports:9/7
    add action=mark-connection chain=prerouting in-interface=ether5-lan \
    new-connection-mark=link3_conn per-connection-classifier=\
    both-addresses-and-ports:9/8
    add action=mark-routing chain=prerouting comment="Marca\E7\F5es de Rotas" \
    connection-mark=link1_conn in-interface=ether5-lan new-routing-mark=\
    link1_routing
    add action=mark-routing chain=prerouting connection-mark=link2_conn \
    in-interface=ether5-lan new-routing-mark=link2_routing
    add action=mark-routing chain=prerouting connection-mark=link3_conn \
    in-interface=ether5-lan new-routing-mark=link3_routing
    add action=mark-routing chain=prerouting comment=SSL dst-port=443 \
    new-routing-mark=P_SCAN_BANK passthrough=no protocol=tcp
    /ip firewall nat
    add action=masquerade chain=srcnat out-interface=ether1-link-assim
    add action=masquerade chain=srcnat out-interface=ether2-link-vivo1
    add action=masquerade chain=srcnat out-interface=ether3-link-vivo2
    /ip ipsec policy
    set 0 dst-address=0.0.0.0/0 src-address=0.0.0.0/0
    /ip route
    add distance=1 gateway=ether1-link-assim routing-mark=link1_routing
    add distance=2 gateway=ether2-link-vivo1 routing-mark=link2_routing
    add distance=3 gateway=ether3-link-vivo2 routing-mark=link3_routing
    add distance=1 gateway=ether1-link-assim
    add distance=2 gateway=ether2-link-vivo1
    add distance=3 gateway=ether3-link-vivo2
    /romon port
    add disabled=no
    #error exporting /tool user-manager database

  2. Boa tarde,

    Você fez NAT?



  3. Boa tarde @zamorabott

    Aparentemente o seu PCC está incorreto. Eu reescrevi as regras baseadas nas suas interfaces, digitei num bloco de notas aqui, portanto pode ter algum erro.

    As regras a seguir são referentes ao mangle, que fará o load balance entre os 3 links utilizando PCC. Você pode deletar todas suas regras e substituir por essas para testar, sempre lembrando de tirar um backup de tudo antes pra caso não funcione nada do que eu postar aqui você poder voltar ao ponto que estava.

    Código :
    /ip firewall mangle
        add chain=input in-interface=pppoe-assim connection-mark=no-mark action=mark-connection new-connection-mark=link1_to_ros
        add chain=input in-interface=pppoe-out1 connection-mark=no-mark action=mark-connection new-connection-mark=link2_to_ros
        add chain=input in-interface=pppoe-out2 connection-mark=no-mark action=mark-connection new-connection-mark=link3_to_ros
        add chain=output connection-mark=link1_to_ros action=mark-routing new-routing-mark=link1_routing
        add chain=output connection-mark=link2_to_ros action=mark-routing new-routing-mark=link2_routing
        add chain=output connection-mark=link3_to_ros action=mark-routing new-routing-mark=link3_routing
        add chain=forward in-interface=pppoe-assim connection-mark=no-mark action=mark-connection new-connection-mark=from_link1
        add chain=forward in-interface=pppoe-out1 connection-mark=no-mark action=mark-connection new-connection-mark=from_link2
        add chain=forward in-interface=pppoe-out2 connection-mark=no-mark action=mark-connection new-connection-mark=from_link3
        add chain=prerouting connection-mark=from_link1 action=mark-routing new-routing-mark=link1_routing
        add chain=prerouting connection-mark=from_link2 action=mark-routing new-routing-mark=link2_routing
        add chain=prerouting connection-mark=from_link3 action=mark-routing new-routing-mark=link3_routing
        add chain=prerouting connection-mark=no-mark dst-address-type=!local new-connection-mark=lan_to_wan
        add chain=prerouting connection-mark=lan_to_wan per-connection-classifier=both-addresses-and-ports:3/0 action=mark-routing new-connection-mark=link1_routing
        add chain=prerouting connection-mark=lan_to_wan per-connection-classifier=both-addresses-and-ports:3/1 action=mark-routing new-connection-mark=link2_routing
        add chain=prerouting connection-mark=lan_to_wan per-connection-classifier=both-addresses-and-ports:3/2 action=mark-routing new-connection-mark=link3_routing
        add chain=prerouting connection-mark=lan_to_wan routing-mark=link1_routing action=mark-connection new-connection-mark=sticky_to_link1
        add chain=prerouting connection-mark=lan_to_wan routing-mark=link2_routing action=mark-connection new-connection-mark=sticky_to_link2
        add chain=prerouting connection-mark=lan_to_wan routing-mark=link3_routing action=mark-connection new-connection-mark=sticky_to_link3
        add chain=prerouting connection-mark=sticky_to_link1 new-routing-mark=link1_routing
        add chain=prerouting connection-mark=sticky_to_link2 new-routing-mark=link2_routing
        add chain=prerouting connection-mark=sticky_to_link3 new-routing-mark=link3_routing

    As suas rotas, vale notar que, para cada tabela de roteamento na qual você só tem 1 item, não tem porque você alterar a distância deles. Por enquanto, vamos testar sem fail-over deste tipo, então você adiciona um item para cada tabela. Nas configurações da interface pppoe-cliente, lembre-se de usar a opção "add-default-route=yes" (pelo menos por enquanto, senão seu DNS não vai ter uma rota padrão na tabela main para funcionar, e nem o próprio routeros vai ter acesso direto a internet).

    Código :
    /ip route
        add dst-address=0.0.0.0/0 gateway=pppoe-assim routing-mark=link1_routing
        add dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=link2_routing
        add dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=link3_routing

    Vale notar também que as suas regras de mascaramento, estão (também), nas interfaces erradas. Elas deveriam estar nas interfaces pppoe, e não nas interfaces LAN sobre as quais os tuneis são criados. O túnel, depois de criado, funciona como se fosse uma interface física, portanto, mude suas 3 regras de nat assim:

    Código :
    /ip firewall nat
        add action=masquerade chain=srcnat out-interface=pppoe-assim
        add action=masquerade chain=srcnat out-interface=pppoe-out1
        add action=masquerade chain=srcnat out-interface=pppoe-out2

    Eu nunca fiz um PCC entre interfaces pppoe-client, não sei como se comporta as rotas quando configuradas nos tuneis pppoe. Mas testa ai, a vai dando retorno, por nada tem solução.

  4. Amigo PCC se faz com poucas regras rsrs. No caso vc não precisar marcar a opção da rota default no pppoe client faça vc manualmente utilizando por rota em ip/route após isso add add e em gateway vc colocar lá os pesos do link.



  5. Fora a parte do mangle o resto vc faz o código da caixa 2 e 3 do amigo que fica show sim sempre lembrando que vc tem que setar a src-address origem do cliente: No caso o seu DHCP






Tópicos Similares

  1. mikrotik pinga, porém pc não navega.....
    Por SalvadorDanczuk no fórum Redes
    Respostas: 9
    Último Post: 06-05-2015, 08:59
  2. Mikrotik em modo cliente não navega!!!
    Por SalvadorDanczuk no fórum Redes
    Respostas: 1
    Último Post: 27-07-2010, 07:42
  3. Radio APRouter WISP + MK pppoe nao navega !!!
    Por paulojrandrade no fórum Redes
    Respostas: 2
    Último Post: 09-03-2009, 09:00
  4. Mikrotik PPPOE - Windows Vista não navega!
    Por Marzio no fórum Redes
    Respostas: 13
    Último Post: 16-06-2008, 09:39
  5. Seu Speedy é PPPOE ? Não conecta? Não navega??
    Por zerocoolll no fórum Servidores de Rede
    Respostas: 0
    Último Post: 24-03-2003, 09:09

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L