Página 2 de 7 PrimeiroPrimeiro 123456 ... ÚltimoÚltimo
+ Responder ao Tópico



  1. Veja se consegue compreender isso:

    ip address
    add address=1.1.1.50/24 network=1.1.1.0 broadcast=1.1.1.255 interface=Local comment="" disabled=no
    add address=10.111.0.2/24 network=10.111.0.0 broadcast=10.111.0.255 interface=wlan2 comment="" disabled=no
    add address=10.112.0.2/24 network=10.112.0.0 broadcast=10.112.0.255 interface=wlan1 comment="" disabled=no

    / ip firewall mangle
    add chain=prerouting in-interface= NOME1 connection-state=new nth=1,1,0 action=mark-connection new-connection-mark=odd passthrough=yes comment="" disabled=no
    add chain=prerouting in-interface= NOME1 connection-mark=odd action=mark-routing new-routing-mark=odd passthrough=no comment="" disabled=no
    add chain=prerouting in-interface= NOME1 connection-state=new nth=1,1,1 action=mark-connection new-connection-mark=even passthrough=yes comment="" disabled=no
    add chain=prerouting in-interface= NOME1 connection-mark=even action=mark-routing new-routing-mark=even passthrough=no comment="" disabled=no

    / ip firewall nat
    add chain=srcnat connection-mark=odd action=src-nat to-addresses=10.1.1.3 to-ports=0-65535 comment="" disabled=no
    add chain=srcnat connection-mark=even action=src-nat to-addresses=200.xxx.xxx.xxx to-ports=0-65535 comment="" disabled=no

    Obs: Trocar o ODD por EVEN entre os 2 NAT´s


    / ip route
    add dst-address=0.0.0.0/0 gateway=10.1.1.1 scope=255 target-scope=10 routing-mark=odd comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=200.xxx.xxx.xxx scope=255 target-scope=10 routing-mark=even comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=200.xxx.xxx.xxx scope=255 target-scope=10 comment="TESTE2" disabled=yes

  2. Citação Postado originalmente por liandrocarniel Ver Post
    Veja se consegue compreender isso:

    ip address
    add address=1.1.1.50/24 network=1.1.1.0 broadcast=1.1.1.255 interface=Local comment="" disabled=no
    add address=10.111.0.2/24 network=10.111.0.0 broadcast=10.111.0.255 interface=wlan2 comment="" disabled=no
    add address=10.112.0.2/24 network=10.112.0.0 broadcast=10.112.0.255 interface=wlan1 comment="" disabled=no

    / ip firewall mangle
    add chain=prerouting in-interface= NOME1 connection-state=new nth=1,1,0 action=mark-connection new-connection-mark=odd passthrough=yes comment="" disabled=no
    add chain=prerouting in-interface= NOME1 connection-mark=odd action=mark-routing new-routing-mark=odd passthrough=no comment="" disabled=no
    add chain=prerouting in-interface= NOME1 connection-state=new nth=1,1,1 action=mark-connection new-connection-mark=even passthrough=yes comment="" disabled=no
    add chain=prerouting in-interface= NOME1 connection-mark=even action=mark-routing new-routing-mark=even passthrough=no comment="" disabled=no

    / ip firewall nat
    add chain=srcnat connection-mark=odd action=src-nat to-addresses=10.1.1.3 to-ports=0-65535 comment="" disabled=no
    add chain=srcnat connection-mark=even action=src-nat to-addresses=200.xxx.xxx.xxx to-ports=0-65535 comment="" disabled=no

    Obs: Trocar o ODD por EVEN entre os 2 NAT´s


    / ip route
    add dst-address=0.0.0.0/0 gateway=10.1.1.1 scope=255 target-scope=10 routing-mark=odd comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=200.xxx.xxx.xxx scope=255 target-scope=10 routing-mark=even comment="" disabled=no
    add dst-address=0.0.0.0/0 gateway=200.xxx.xxx.xxx scope=255 target-scope=10 comment="TESTE2" disabled=yes
    / ip address
    add address=192.168.254.100/24 network=192.168.254.0 broadcast=192.168.254.255 \
    interface=Publica comment="Link Internet Telemar" disabled=no
    add address=10.50.0.1/24 network=10.50.0.0 broadcast=10.50.0.255 \
    interface=Local comment="Link Cabeado" disabled=no
    add address=172.16.0.1/24 network=172.16.0.0 broadcast=172.16.0.255 \
    interface=Local comment="Link Wireless" disabled=no
    add address=192.168.173.100/24 network=192.168.173.0 broadcast=192.168.173.255 \
    interface=Publica2 comment="Link Internet Telemar2" disabled=no


    #
    / ip firewall mangle
    add chain=prerouting src-address=10.50.0.0/24 action=mark-routing \
    new-routing-mark=GroupA passthrough=no comment="Grupo A" disabled=no
    add chain=prerouting src-address=172.16.0.0/24 action=mark-routing \
    new-routing-mark=GroupB passthrough=no comment="Grupo B" disabled=no
    add chain=prerouting protocol=tcp dst-port=22-23 \
    action=add-src-to-address-list address-list=drop_port_22_23 \
    address-list-timeout=0s comment="Ajuste de Bloqueio SSH e Telnet" \
    disabled=yes
    add chain=postrouting out-interface=Local p2p=all-p2p action=mark-packet \
    new-packet-mark=p2p-down-mark passthrough=yes comment="Marca Todo Trafego \
    p2p" disabled=no
    add chain=forward out-interface=Publica p2p=all-p2p action=mark-packet \
    new-packet-mark=p2p-up-mark passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=tcp src-port=1863 action=mark-packet \
    new-packet-mark=msn-out passthrough=yes comment="Msn" disabled=no
    add chain=prerouting protocol=tcp dst-port=1863 action=mark-packet \
    new-packet-mark=msn-in passthrough=yes comment="" disabled=no
    add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=1360 \
    comment="Msn" disabled=no
    add chain=prerouting protocol=udp dst-port=5060 action=mark-connection \
    new-connection-mark=voip_in passthrough=yes comment="VOIP-IN" disabled=no
    add chain=prerouting connection-mark=voip_in action=mark-packet \
    new-packet-mark=VOIP_IN passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=udp src-port=5060 action=mark-connection \
    new-connection-mark=voip_out passthrough=yes comment="VOIP-OUT" \
    disabled=no
    add chain=prerouting connection-mark=voip_out action=mark-packet \
    new-packet-mark=VOIP_OUT passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=80 action=mark-connection \
    new-connection-mark=http-down passthrough=yes comment="HTTP" disabled=no
    add chain=prerouting connection-mark=http-down action=mark-packet \
    new-packet-mark=HTTP passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=tcp dst-port=443 action=mark-connection \
    new-connection-mark=443_conn passthrough=yes comment="SSL" disabled=no
    add chain=prerouting p2p=all-p2p action=mark-connection \
    new-connection-mark=p2p_conn passthrough=yes comment="Marca o de Pacotes \
    p2p" disabled=no
    add chain=prerouting connection-mark=p2p_conn action=mark-packet \
    new-packet-mark=p2p passthrough=yes comment="" disabled=no
    add chain=prerouting protocol=udp action=mark-connection \
    new-connection-mark=udp_teste passthrough=yes comment="Marca o de Udp" \
    disabled=no
    add chain=prerouting connection-mark=udp_teste action=mark-packet \
    new-packet-mark=udp passthrough=yes comment="" disabled=no


    / ip firewall nat
    add chain=srcnat src-address=10.50.0.0/24 action=masquerade \
    comment="masquerade hotspot network" disabled=no
    add chain=srcnat src-address=172.16.0.0/24 action=masquerade comment="" \
    disabled=no
    add chain=srcnat out-interface=Publica action=masquerade comment="Nat" \
    disabled=no
    add chain=srcnat out-interface=Publica2 action=masquerade comment="" \
    disabled=no
    add chain=dstnat in-interface=Local protocol=tcp dst-port=80 action=redirect \
    to-ports=3128 comment="Proxy Rede Interna" disabled=no


    / ip route
    add dst-address=0.0.0.0/0 gateway=192.168.254.254 scope=255 target-scope=10 \
    comment="" disabled=yes
    add dst-address=0.0.0.0/0 gateway=192.168.173.254 scope=255 target-scope=10 \
    comment="" disabled=no



    o meu esta assim, sera q poderia dar uma olhada pra ver se tem algo de errado e me mostrar o q eu tenho de acrescentar por favor...



  3. Falta simplesmente o essencial no teu Mangle

    Tem um monte de regras, mas nenhuma que trate o balanceamento (uma conexão sai uma hora por um link, na outra por outro)...
    Veja as regras que postei...

    O Mangle é o que faz tudo... e das regras que coloquei você nao tem nada parecido.

  4. Citação Postado originalmente por liandrocarniel Ver Post
    Falta simplesmente o essencial no teu Mangle

    Tem um monte de regras, mas nenhuma que trate o balanceamento (uma conexão sai uma hora por um link, na outra por outro)...
    Veja as regras que postei...

    O Mangle é o que faz tudo... e das regras que coloquei você nao tem nada parecido.
    Vou testa mais tarde pq agora é horario de pico e depois eu posto aqui se funcionou ou nao, mesmo assim vlw...



  5. nao consegui fazer, seu exemplo nao esta claro.






Tópicos Similares

  1. Load balance pcc com links ip dinamico , como fazer?
    Por julinribeiro no fórum Redes
    Respostas: 21
    Último Post: 25-10-2017, 08:41
  2. Respostas: 35
    Último Post: 01-07-2016, 12:22
  3. Load Balance pcc com 3 links em bridge
    Por Auilker no fórum Redes
    Respostas: 1
    Último Post: 27-05-2016, 11:46
  4. Load Balance pcc com Lentidão!
    Por maninho03 no fórum Redes
    Respostas: 26
    Último Post: 24-07-2012, 08:46
  5. LOAD BALANCING JUNTO com WEB PROXY
    Por mson77 no fórum Redes
    Respostas: 7
    Último Post: 16-06-2008, 08:35

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L