+ Responder ao Tópico



  1. 06-01-2017, 05:28 #1
    antoniocesarluz
    antoniocesarluz está desconectado
    Avatar de antoniocesarluz
    Ingresso
    Feb 2008
    Localização
    Recife/PE
    Posts
    19

    Padrão Publicar servidor atrás de um balance PCC

    Pessoal, estou precisando de uma ajuda para publicar alguns servidores atrás de um balance PCC.

    Atualmente tenho 2 links com IP fixo e gostaria de acessar o servidor acessando por cada um dos 2 IPs.

    Dados:
    LAN 172.16.0.0/24
    WAN1 192.168.0.0/24 (200.200.200.2)
    WAN2 192.168.25.0/24 (199.199.199.2)

    /ip firewall nat
    add action=dst-nat chain=dstnat dst-port=33389 protocol=tcp to-addresses=172.16.0.253 to-ports=3389

    /ip firewall mangle
    add action=accept chain=prerouting dst-address=172.16.0.0/24 src-address=192.168.25.0/24
    add action=accept chain=prerouting dst-address=172.16.0.0/24 src-address=192.168.0.0/24
    add action=accept chain=prerouting dst-address=192.168.0.0/24 src-address=172.16.0.0/24
    add action=accept chain=prerouting dst-address=192.168.25.0/24 src-address=172.16.0.0/24
    add action=mark-connection chain=input connection-mark=no-mark in-interface=WAN1 new-connection-mark=IN-WAN1 passthrough=no
    add action=mark-connection chain=input connection-mark=no-mark connection-state="" in-interface=WAN2 new-connection-mark=IN-WAN2 passthrough=no
    add action=mark-routing chain=output connection-mark=IN-WAN1 new-routing-mark=LINK1 out-interface=WAN1 passthrough=no
    add action=mark-routing chain=output connection-mark=IN-WAN2 new-routing-mark=LINK2 out-interface=WAN2 passthrough=no
    add action=mark-connection chain=prerouting dst-address-type=!local new-connection-mark=IN-WAN1 passthrough=yes per-connection-classifier=both-addresses:3/0 \
    src-address-list=REDELOCAL
    add action=mark-connection chain=prerouting dst-address-type=!local new-connection-mark=IN-WAN1 passthrough=yes per-connection-classifier=both-addresses:3/1 \
    src-address-list=REDELOCAL
    add action=mark-connection chain=prerouting dst-address-type=!local new-connection-mark=IN-WAN2 passthrough=yes per-connection-classifier=both-addresses:3/2 \
    src-address-list=REDELOCAL
    add action=mark-routing chain=prerouting connection-mark=IN-WAN1 new-routing-mark=LINK1 passthrough=no src-address-list=REDELOCAL
    add action=mark-routing chain=prerouting connection-mark=IN-WAN2 new-routing-mark=LINK2 passthrough=no src-address-list=REDELOCAL
    Citação Citação
  2. 07-01-2017, 01:00 #2
    jordangehres
    jordangehres está desconectado
    Avatar de jordangehres
    Ingresso
    Nov 2016
    Posts
    1

    Padrão Re: Publicar servidor atrás de um balance PCC

    Olá, tuas regras estão certas, porém pelo que vejo o link entra no teu mikrotik já roteado, sendo assim tu deve abrir as portas no modem tbm.
    O correto é um ASN, com ips BGP e lalalala, porém se tu ainda não tem isso te aconselho fazer com que o link entre em bridge pra dentro da tua rb.
    Citação Citação



« Tópico Anterior | Próximo Tópico »