+ Responder ao Tópico



  1. #1

    Thumbs up Pessoal vamos fazer boa Ação - Load Balecend Completo para 5 Links Parte - 1

    e o seguinte se vc tem 5 link e precisa dividilo da seguinte forma, este exemplo que vou colocar aqui e para o seguinte links
    2 de 1024/512 ADSL (10.2.1.1/24, 10.3.1.1/24)
    1 de 800/300 ADSL (10.4.1.1/24)
    1 de 600/150 ADSL (10.5.1.1/24)

    1 de 512/512 IP DEDICADO (200.89.72.33/27)
    e o seguinte eu faço o baleciamento com um controle de porta alta tipo assim pego o trafego de porta alta e jogo no link de 800/300 e o restante eu coloca por rota
    exemplo de como fazer este controle de por porta alta?

    add chain=prerouting dst-address=11.0.0.0-200.89.72.31 protocol=udp \
    dst-port=1024-65535 action=mark-routing new-routing-mark=UDP-1024-65535/1 \
    passthrough=yes comment="" disabled=no

    e o mais importa deste load balacend e o seguinte e quando um link ele redistribui para os outros que esta ativo

    / tool netwatch
    add host=201.10.209.185 timeout=1s interval=45s up-script=link-1M-3613-UP \
    down-script=link-1M-3613-DOWN comment="link-1M-3613" disabled=no
    add host=201.10.249.53 timeout=1s interval=40s up-script=link-1M-5581-UP \
    down-script=link-1M-5581-DOWN comment="link-1M-5581" disabled=no
    add host=200.160.2.3 timeout=1s interval=45s up-script=link-800-5314-UP \
    down-script=link-800-5314-DOWN comment="link-800-5314" disabled=no
    add host=201.10.209.189 timeout=1s interval=45s up-script=link-600-4876-UP \
    down-script=link-600-4876-DOWN comment="link-600-4876" disabled=no
    add host=201.10.249.57 timeout=1s interval=40s up-script=link-1M-5581-UP \
    down-script=link-1M-5581-DOWN comment="link-Dedicado" disabled=no


    / system script
    add name="link-800-5314-UP" source="/ip route set \[/ip route find \
    gateway=10.4.1.1\] disabled=no" policy=ftp,reboot,read,write,test,winbox
    add name="link-800-5314-DOWN" source="/ip route set \[/ip route find \
    gateway=10.4.1.1\] disabled=yes" policy=ftp,reboot,read,write,test,winbox
    add name="link-600-4876-UP" source="/ip route set \[/ip route find \
    gateway=10.5.1.1\] disabled=no" policy=ftp,reboot,read,write,test,winbox
    add name="link-600-4876-DOWN" source="/ip route set \[/ip route find \
    gateway=10.5.1.1\] disabled=yes" policy=ftp,reboot,read,write,test,winbox
    add name="link-1M-5581-UP" source="/ip route set \[/ip route find \
    gateway=10.2.1.1\] disabled=no" policy=ftp,reboot,read,write,test,winbox
    add name="link-1M-5581-DOWN" source="/ip route set \[/ip route find \
    gateway=10.2.1.1\] disabled=yes" policy=ftp,reboot,read,write,test,winbox
    add name="link-1M-3613-UP" source="/ip route set \[/ip route find \
    gateway=10.3.1.1\] disabled=no" policy=ftp,reboot,read,write,test,winbox
    add name="link-1M-3613-DOWN" source="/ip route set \[/ip route find \
    gateway=10.3.1.1\] disabled=yes" policy=ftp,reboot,read,write,test,winbox
    add name="link-Dedicado-UP" source="/ip route set \[/ip route find \
    gateway=201.89.72.33\] disabled=no" policy=ftp,reboot,read,write,test,winbox
    add name="link-Dedicado-DOWN" source="/ip route set \[/ip route find \
    gateway=201.89.72.33\] disabled=yes" policy=ftp,reboot,read,write,test,winbox

    e o ip router

    vc tbm coloca o seguinte codigo pra que o este script faça a checagem

    dd dst-address=200.160.2.3/32 gateway=10.4.1.1,10.4.1.1 scope=255 target-scope=10 comment="TESTE link-800-5314 N REMOVER" \
    disabled=no
    add dst-address=201.10.209.185/32 gateway=10.3.1.1,10.3.1.1 scope=255 target-scope=10 comment="TESTE link-1M-3613 N \
    REMOVER" disabled=no
    add dst-address=201.10.209.189/32 gateway=10.5.1.1,10.5.1.1 scope=255 target-scope=10 comment="TESTE link-600-4876 N \
    REMOVER" disabled=no
    add dst-address=201.10.249.53/32 gateway=10.2.1.1,10.2.1.1 scope=255 target-scope=10 comment="TESTE link-1M-5581 N \
    REMOVER" disabled=no
    add dst-address=201.15.2.5/32 gateway=201.89.72.33,201.89.72.33 scope=255 target-scope=10 comment="TESTE IP-Dedicado N \
    REMOVER" disabled=no


    o o restante do ip router e a sim


    / ip route
    add dst-address=12.0.0.0/6 gateway=10.3.1.1 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=32.0.0.0/3 gateway=10.5.1.1 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=64.0.0.0/8 gateway=201.89.72.33 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=65.0.0.0/8 gateway=201.89.72.33 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=72.0.0.0/8 gateway=201.89.72.33 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=64.0.0.0/2 gateway=10.3.1.1 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=128.0.0.0/3 gateway=10.5.1.1 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=201.15.110.85/32 gateway=201.89.72.33 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=207.0.0.0/8 gateway=201.89.72.33 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=208.0.0.0/4 gateway=10.3.1.1 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=192.0.0.0/3 gateway=10.3.1.1 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=224.0.0.0/3 gateway=10.3.1.1 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=UDP-111-1023/2 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=TCP-5910-65535/1 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=TCP-111-1862/1 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=UDP-1024-65535/1 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=TCP-1864-1998/1 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.2.1.1 distance=5 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.3.1.1 distance=4 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.5.1.1 distance=6 scope=255 target-scope=10 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=TCP-111-1862/2 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=TCP-1864-1998/2 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=UDP-1024-65535/2 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=UDP-111-1023/1 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=TCP-2000-5899/1 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=TCP-2000-5899/2 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.4.1.1 scope=255 target-scope=10 routing-mark=TCP-5910-65535/2 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.2.1.1 scope=255 target-scope=10 routing-mark=TCP-0-110/200 comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=10.2.1.1 scope=255 target-scope=10 routing-mark=TCP-0-110/201 comment="" disabled=no

  2. #2

    Padrão PARTE - 2 Continuação

    e esta aqui tbm e o mangle


    add chain=prerouting dst-address=200.0.0.0/8 protocol=tcp dst-port=0-110 action=mark-routing \
    new-routing-mark=TCP-0-110/200 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=201.0.0.0/8 protocol=tcp dst-port=0-110 action=mark-routing \
    new-routing-mark=TCP-0-110/201 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=11.0.0.0-201.89.72.31 protocol=tcp dst-port=111-1862 action=mark-routing \
    new-routing-mark=TCP-111-1862/1 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=11.0.0.0-201.89.72.31 protocol=tcp dst-port=1864-1998 action=mark-routing \
    new-routing-mark=TCP-1864-1998/1 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=11.0.0.0-201.89.72.31 protocol=tcp dst-port=2000-5899 action=mark-routing \
    new-routing-mark=TCP-2000-5899/1 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=11.0.0.0-201.89.72.31 protocol=tcp dst-port=5910-65535 action=mark-routing \
    new-routing-mark=TCP-5910-65535/1 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=201.89.72.64-255.255.255.254 protocol=tcp dst-port=111-1862 action=mark-routing \
    new-routing-mark=TCP-111-1862/2 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=201.89.72.64-255.255.255.254 protocol=tcp dst-port=1864-1998 action=mark-routing \
    new-routing-mark=TCP-1864-1998/2 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=201.89.72.64-255.255.255.254 protocol=tcp dst-port=2000-5899 action=mark-routing \
    new-routing-mark=TCP-2000-5899/2 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=201.89.72.64-255.255.255.254 protocol=tcp dst-port=5910-65535 action=mark-routing \
    new-routing-mark=TCP-5910-65535/2 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=11.0.0.0-201.89.72.31 protocol=udp dst-port=111-1023 action=mark-routing \
    new-routing-mark=UDP-111-1023/1 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=11.0.0.0-201.89.72.31 protocol=udp dst-port=1024-65535 action=mark-routing \
    new-routing-mark=UDP-1024-65535/1 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=201.89.72.64-255.255.255.254 protocol=udp dst-port=1024-65535 action=mark-routing \
    new-routing-mark=UDP-1024-65535/2 passthrough=yes comment="" disabled=no
    add chain=prerouting dst-address=201.89.72.64-255.255.255.254 protocol=udp dst-port=111-1023 action=mark-routing \
    new-routing-mark=UDP-111-1023/2 passthrough=yes comment="" disabled=no


    agora se vc não fizer um load balacend decente ai pode para.


    Olha amigo isto aqui eu aprendi vendo algunas configurações em outros amigos e grande parte foi ideia minha acho que tem muitos aqui do forum que tem ideias boas mais não compartilhão por egoismo e tbm por olha grande de querer explorar as pessoas, então vamos compartilha as ideias e crescer na vida.

  3. #3

    Padrão

    Parabens pela iniciativa brother, é de pessoas assim que precisamos!!!
    mais uma vez, meus parabens!!!

  4. #4
    Avatar de marcelomg
    Ingresso
    Jan 2006
    Localização
    São Lourenço do Sul, Brazil
    Posts
    1.471

    Padrão

    Parabéns brother, atitude louvável, ai vai um Thanks pra ti!

  5. #5

    Padrão

    Que maravilha se todos fossem assim seria otimo. muito bom mesmo gafanhoto meus parabens seja sempre assim

  6. #6
    vagner.dominici
    Visitante

    Padrão

    Muitoo bomm msmo esse tutorial meu amigo....

    so me diz uma coisa ele vai funcionar com o proxy tbm???

  7. #7

    Padrão

    Tenho aqui 3 adsl + 1 frame. Ta tudo indo pelo slackware mesmo com aquele texto "nano.txt" (soh procurar no google que vcs acham).

    Mas tenho uma dúvida, qual placa mãe é boa para colocar 5 interfaces de rede??
    Valeu!

  8. #8

    Padrão

    muito bo, acho que e isso mesmo que esta faltndo aqui, alguem que compartilhe o que aprendeu..
    e o que falavamos em outro post, os caras aprendem aqui e em outros lugares de graça , e depois querem cobrar, po fica dificil asim.
    nos que estamos na luta para aprender alguma coisa somos constantemente preseguido por eses mercenarios que so querem no esfolar vivos jejeje..
    abraço a todos e vamo la galera, posta ai o que funciona!!!!

  9. #9

    Padrão

    Mandou bem o Pro2. Agora cabe a cada um estudar o script pra enteder o real funcionamento dele, pra quando forem adaptadar à sua realidade, não ter dificuldades e fazer funcionar sabendo o que fez.
    è só ler o script. Bravo Pro2. Valeu continue assim .... Parabéns !

  10. #10
    Moderador Avatar de ederamboni
    Ingresso
    Oct 2004
    Localização
    Montes Claros
    Posts
    885
    Posts de Blog
    13

    Padrão

    up... parabens cara puts apavorou isso e oq todos queriam heheheh

  11. #11

    Padrão

    Salve!
    Que placa mae vcs usam para colocar várias placas de rede? tenho uma asus aqui com 5 placas mas nao acho que roda redondo...
    abraco!

  12. #12

    Padrão

    kara vc so precisa de 2 placa de rede 1 para os clientes e outra para os links, so isto que usar isto desta forma e ruim pq vc não controla quanto cada link esta sendo consulmido pq ele soma de todos