+ Responder ao Tópico



  1. Bom dia
    Um abraço ae a alguns amigos Minelli e o Andre Proença
    Voltei ao grupo depois de alguns anos afastado, e ja chego logo com uma polemica, montei uma estrutura com o balance da seguinte forma:

    RB 1100 ah link1 120mb, link2 120mb, a duvida como sao 3 ptps pra torres criei uma bridge para as 3 ethers e coloquei elas
    nessa bridge atribui um endereço e liguei os ptps nela sendo a bridge o gw das torres, agora a ducida fazer a bridge é besteira
    fica ruim? ou é melhor eu fazer uma nat pra cada ptp com ip e etc?

    segue as minhas confs ja que estou meio enferrujado vai que tem algo errado ne...


    Link1 =ISP1 Link2 = ISP2
    Local = Bridge com e 3thers

    /ip address
    add address=10.0.0.1/24 interface=Local network=10.0.0.0
    add address=192.168.250.2/24 comment="gw 192.168.250.1" interface=ISP1 network=\
    192.168.250.0
    add address=192.168.251.2/24 comment="gw 192.168.251.1" interface=ISP2 network=\
    192.168.251.0
    add address=172.200.10.1/24 interface=Local network=172.200.10.0
    /ip dns
    set allow-remote-requests=yes servers=208.67.222.222,8.8.8.8,187.22.0.15
    /ip dns static
    add address=10.0.0.1 name=powernet.net
    /ip firewall address-list
    add address=200.155.80.0-200.155.255.255 comment=BRADESCO list=loopback
    add address=200.220.186.0/24 comment=BRADESCO list=loopback
    add address=200.220.178.0/24 comment=BRADESCO list=loopback
    add address=200.155.86.0/24 comment="BRADESCO PJ" list=loopback
    add address=200.155.82.0/23 comment="BRADESCO PJ" list=loopback
    add address=187.6.86.0/24 comment="ISSNET ONLINE" list=loopback
    add address=189.86.4.0/24 comment="ISSNET ONLINE" list=loopback
    add address=161.148.231.0/24 comment="RECEITA FEDERAL" list=loopback
    add address=72.46.128.0/19 comment="FILMES - VIDIG.BIZ" list=loopback
    add address=77.247.176.0/21 comment="Vidig Videos" list=loopback
    add address=200.201.166.0/24 comment="CONECTIVIDADE SOCIAL" list=loopback
    add address=200.201.173.0/24 comment="CONECTIVIDADE SOCIAL" list=loopback
    add address=200.201.174.0/24 comment="CONECTIVIDADE SOCIAL" list=loopback
    add address=85.159.232.0/21 comment="Vidig Videos" list=loopback
    add address=200.175.132.200/29 comment="ISSNET ONLINE" list=loopback
    add address=187.45.224.0/19 comment="ISSNET ONLINE" list=loopback
    add address=189.86.4.48/28 comment="NOTA CONTROL" list=loopback
    add address=78.140.0.0/16 comment=VIDIG list=loopback
    add address=94.75.192.0/18 comment=VIDIG list=loopback
    add address=72.21.80.0/20 comment=VIDIG list=loopback
    add address=93.174.88.0/21 comment=VIDIG list=loopback
    add address=108.166.56.0/22 comment=VIDIG list=loopback
    add address=201.73.169.55 list=loopback
    add address=85.159.237.0/24 comment=CloudZilla list=loopback
    add address=37.59.0.0/18 comment=CloudZilla list=loopback
    add address=46.166.184.0/21 comment=CloudZilla list=loopback
    /ip firewall connection tracking
    set tcp-established-timeout=30m
    /ip firewall filter
    add action=drop chain=forward connection-state=invalid,new disabled=yes
    add chain=forward connection-state=established disabled=yes
    add chain=forward connection-state=new disabled=yes
    add chain=forward connection-state=related disabled=yes
    /ip firewall mangle
    add chain=prerouting dst-address=192.168.250.0/24
    add chain=prerouting dst-address=192.168.251.0/24
    add chain=prerouting comment="Sem Balance" disabled=yes dst-address-list=\
    loopback in-interface=Local
    add action=mark-connection chain=input in-interface=ISP1 new-connection-mark=\
    Link1_conn
    add action=mark-connection chain=input in-interface=ISP2 new-connection-mark=\
    Link2_conn
    add action=mark-routing chain=output connection-mark=Link1_conn \
    new-routing-mark=to_Link1
    add action=mark-routing chain=output connection-mark=Link2_conn \
    new-routing-mark=to_Link2
    add action=mark-connection chain=prerouting dst-address-type=!local \
    in-interface=Local new-connection-mark=Link1_conn \
    per-connection-classifier=both-addresses:2/0
    add action=mark-connection chain=prerouting dst-address-type=!local \
    in-interface=Local new-connection-mark=Link2_conn \
    per-connection-classifier=both-addresses:2/1
    add action=mark-routing chain=prerouting connection-mark=Link1_conn \
    new-routing-mark=to_Link1
    add action=mark-routing chain=prerouting connection-mark=Link2_conn \
    new-routing-mark=to_Link2
    /ip firewall nat
    add action=masquerade chain=srcnat out-interface=ISP1
    add action=masquerade chain=srcnat out-interface=ISP2
    add action=masquerade chain=srcnat comment="### MASQUERADE ###"
    /ip route
    add check-gateway=ping comment=LINK1 distance=1 gateway=192.168.250.1 \
    routing-mark=to_Link1
    add check-gateway=ping comment=LINK2 distance=1 gateway=192.168.251.1 \
    routing-mark=to_Link2
    add check-gateway=ping comment=LINK1 distance=1 gateway=192.168.250.1
    add check-gateway=ping comment=LINK2 distance=2 gateway=192.168.251.1

    /ip route
    add check-gateway=ping comment=LINK1 distance=1 gateway=192.168.250.1 \
    routing-mark=to_Link1
    add check-gateway=ping comment=LINK2 distance=1 gateway=192.168.251.1 \
    routing-mark=to_Link2
    add check-gateway=ping comment=LINK1 distance=1 gateway=192.168.250.1
    add check-gateway=ping comment=LINK2 distance=2 gateway=192.168.251.1

  2. Uma sugestão:

    Faça 02 ranges de IP diferentes e crie uma rota para cada Link, assim você evita muita dor de cabeça.



  3. Bom dia, como assim não entendi

  4. Resumindo o q o amigo acima disse acredito q disse para vc fazer redistribuiçao de link e nao balance.
    Procure por htb.






Tópicos Similares

  1. Respostas: 35
    Último Post: 01-07-2016, 12:22
  2. Load Balance PCC passando apenas por um Link
    Por MarcosGabriel21 no fórum Redes
    Respostas: 5
    Último Post: 23-12-2013, 08:38
  3. Respostas: 3
    Último Post: 04-04-2012, 18:39
  4. Respostas: 1
    Último Post: 01-12-2010, 18:58
  5. Tutorial Load Balance 2 links e 1 saida
    Por hdfuture no fórum Redes
    Respostas: 14
    Último Post: 04-09-2008, 10:01

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L