+ Responder ao Tópico



  1. 10-04-2017, 09:04 #1
    powernetscm
    powernetscm está desconectado
    Avatar de powernetscm
    Ingresso
    Jun 2007
    Posts
    218

    Padrão Meu PCC esta assim o que melhorar

    Código :
    # ip address --------------------------
/ip address add address=10.0.0.1/24  interface=Local
/ip address add address=172.17.10.2/24  interface=WAN1
/ip address add address=172.16.10.2/24  interface=WAN2
 
# interface pppoe-client ---------------
 
# ip dns --------------------------------
/ip dns set primary-dns=187.22.0.15
/ip dns set secondary-dns=187.22.0.16
/ip dns set allow-remote-requests=yes
 
 
# ip firewall Filter------------------------
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=velox.user.com.br disabled=no
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=speed.user.com.br disabled=no
/ip firewall filter add action=accept chain=input disabled=no in-interface=!WAN1 src-address=10.0.0.0/24
/ip firewall filter add action=accept chain=input disabled=no in-interface=!WAN2 src-address=10.0.0.0/24
/ip firewall filter add action=accept chain=input disabled=no in-interface=!WAN1 src-address=172.0.0.0/8
/ip firewall filter add action=accept chain=input disabled=no in-interface=!WAN2 src-address=172.0.0.0/8
/ip firewall filter add action=accept chain=input disabled=no in-interface=!WAN1 src-address=192.168.0.0/16
/ip firewall filter add action=accept chain=input disabled=no in-interface=!WAN2 src-address=192.168.0.0/16
 
 
# ip firewall nat--------------------------
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=WAN1
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=WAN2
 
# ip firewall mangle------------------------
 
# LoopBack por link-------------------------
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK0 in-interface=Local new-connection-mark=Sites0 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites0 disabled=no in-interface=Local new-routing-mark=Rota0 passthrough=no
/ ip route add gateway=172.17.10.1 routing-mark=Rota0
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK1 in-interface=Local new-connection-mark=Sites1 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites1 disabled=no in-interface=Local new-routing-mark=Rota1 passthrough=no
/ ip route add gateway=172.16.10.1 routing-mark=Rota1
 
/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment="BRADESCO" disabled=no list=LINK0
/ip firewall address-list add address=200.220.186.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=200.220.178.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=64.38.29.0/24 comment="RapidShare" disabled=no list=LINK1
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=LINK1
# Fim LoopBack por link----------------------
 
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=WAN1 new-connection-mark=WAN1_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=WAN2 new-connection-mark=WAN2_conn passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=172.17.10.0/24 in-interface=Local
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=172.16.10.0/24 in-interface=Local
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=Local new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=Local new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=WAN1_conn disabled=no in-interface=Local new-routing-mark=to_WAN1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=WAN2_conn disabled=no in-interface=Local new-routing-mark=to_WAN2 passthrough=yes
 
# ip route----------------------------------
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=172.17.10.1 routing-mark=to_WAN1 comment="Link0"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=172.16.10.1 routing-mark=to_WAN2 comment="Link1"
/ip route add check-gateway=ping comment="Link0" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=172.17.10.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link1" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=172.16.10.1 scope=30 target-scope=10
    Última edição por ab5x2; 10-04-2017 às 16:28.
    Citação Citação
  2. 11-04-2017, 11:46 #2
    junior.corazza
    junior.corazza está desconectado
    Avatar de junior.corazza
    Ingresso
    Nov 2013
    Posts
    224

    Padrão Re: Meu PCC esta assim o que melhorar

    Balance em si não eh bom... faça da maneira certa, crie 2 redes e cada uma sai por um link, quando o link da rede A cai você joga tudo para o link da rede B.
    Citação Citação
  3. 29-04-2017, 13:18 #3
    icarooo
    icarooo está desconectado
    Avatar de icarooo
    Ingresso
    Mar 2009
    Posts
    114

    Padrão Re: Meu PCC esta assim o que melhorar

    o pessoal pode dizer o problema do PCC? tenho 3 links com pcc, gostaria de saber quais os problemas para eu analisar se vale a pena outra forma de roteamento
    Citação Citação



« Tópico Anterior | Próximo Tópico »