-
Tenho estado tentando realizar a configuracion vendo os exemplos, mas fazem-no com ADSL da mesma capacidade, em m i caso tenho meus ADSL como segue:
Interface do links:
ADSL 4 MB = Ether3-ADSL1(2WIRE-1)-main
ADSL 2 MB = Ether4-ADSL2(2WIRE-2)-second
Interface Clientes= Ether1-MKT TOWER
Modem ADSL em modo ruteador
100.10.1.254 = Ip do modem A (ADSL 4MB)
100.10.2.254 = Ip do modem B (ADSL 2 MB)
Endereços das interfaces no Mikrotik ROS
100.10.1.8 = Ip da interface Ether3-ADSL1(2WIRE-1)-main
100.10.2.10 = Ip da interface ADSL2(2WIRE-2)-second
Mangle:
add action=accept chain=prerouting comment="SEM BALANCE" disabled=no dst-address-list=sem_balance in-interface=Ether1-MKT TOWER
add action=mark-connection chain=input comment="ADSL1_conn" connection-state=new disabled=no in-interface=Ether3-ADSL1(2WIRE-1)-main new-connection-mark=ADSL1_conn passthrough=yes
add action=mark-connection chain=input comment="ADSL2_conn" connection-state=new disabled=no in-interface= Ether4-ADSL2(2WIRE-2)-second new-connection-mark=ADSL2_conn passthrough=yes
add action=mark-routing chain=output comment="to_ADSL1" connection-mark= ADSL1_conn disabled=no new-routing-mark=to_ADSL1 passthrough=no
add action=mark-routing chain=output comment="to_ADSL2" connection-mark= ADSL2_conn disabled=no new-routing-mark=to_ADSL2 passthrough=no
(Nesta seccion que segue é onde tenho dúvidas ao igual que em ROUTES, agradecere a ajuda para completar as instruções nesta seccion considerando a informacion proporcionada ao princípio)
Nat:
add action=masquerade chain=srcnat comment="MASCARAMENTO PCC ADSL1" disabled=no out-interface= Ether3-ADSL1(2WIRE-1)-main
add action=masquerade chain=srcnat comment=" MASCARAMENTO PCC ADSL2" disabled=no out-interface= Ether4-ADSL2(2WIRE-2)-second
Rotas:
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=100.10.1.254 scope=30 target-scope=10
add comment="" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=100.10.2.254 scope=30 target-scope=10
aqui em rotas esta correcto ou falta-me algo?
agradecere a ajuda
saludos
-
pcc
/ip firewall mangle
add action=mark-connection chain=input comment=ether1_conn connection-state=new disabled=no in-interface=ether1 new-connection-mark=ether1_conn passthrough=yes
add action=mark-connection chain=input comment=ether2_conn connection-state=new disabled=no in-interface=ether2 new-connection-mark=ether2_conn passthrough=yes
add action=mark-routing chain=output comment=to_ether1 connection-mark=ether1_conn connection-state=new disabled=no new-routing-mark=to_ether1 passthrough=no
add action=mark-routing chain=output comment=to_ether2 connection-mark=ether2_conn connection-state=new disabled=no new-routing-mark=to_ether2 passthrough=no
add action=mark-connection chain=prerouting comment=ether1_conn disabled=no dst-address-type=!local in-interface=ether9-Clientes new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting comment=ether1_conn disabled=no dst-address-type=!local in-interface=ether9-Clientes new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting comment=ether2_conn disabled=no dst-address-type=!local in-interface=ether9-Clientes new-connection-mark=ether2_conn passthrough=yes per-connection-classifier=both-addresses:3/2
add action=mark-routing chain=prerouting comment=to_ether1 connection-mark=ether1_conn disabled=no in-interface=ether9-Clientes new-routing-mark=to_ether1 passthrough=no
add action=mark-routing chain=prerouting comment=to_ether2 connection-mark=ether2_conn disabled=no in-interface=ether9-Clientes new-routing-mark=to_ether2 passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=ether1
add action=masquerade chain=srcnat comment="" disabled=no out-interface=ether2
/ip route
add comment=link1 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=100.10.1.254 scope=30 target-scope=10
add comment=link2 disabled=no distance=2 dst-address=0.0.0.0/0 gateway=100.10.2.254 scope=30 target-scope=10
add comment=link1 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=100.10.1.254 routing-mark=to_ether1 scope=30 target-scope=10
add comment=link2 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=100.10.2.254 routing-mark=to_ether2 scope=30 target-scope=10
segue as regras so foi mudado pra sua estrutura de dois links um de 4mb e outro de 2mb as regras sao as mesmas postadas aki mesmo pelo tiago matias so adptadas pra sua realidade contando 2 pro link maior e 1 pro link menor...
-
hola aprinou, muito obrigado por responder
segui as regras que me indicaste e se consigo navegar, somente que em IP ROUTE me ficaram umas regras em azul, o que fiz foi criar um bridge com os ether1, ether2 e ether3 ao que chame CLIENTES, e no ether8 e ether9 pus meus ADSL
/ip firewall mangle
add action=accept chain=prerouting comment="SIN BALANCE" disabled=no \
dst-address-list=sem_balance in-interface=CLIENTES
add action=mark-connection chain=input comment="marca conexion ADSL1_conn" \
connection-state=new disabled=no in-interface=Ether8-ADSL1 \
new-connection-mark=ADSL1_conn passthrough=yes
add action=mark-connection chain=input comment="marca conexion ADSL2_conn" \
connection-state=new disabled=no in-interface=Ether9-ADSL2 \
new-connection-mark=ADSL2_conn passthrough=yes
add action=mark-routing chain=output comment="pone marca de ruteo to_ADSL1" \
connection-mark=ADSL1_conn disabled=no new-routing-mark=to_ADSL1 \
passthrough=no
add action=mark-routing chain=output comment="pone marca de ruteo to_ADSL2" \
connection-mark=ADSL2_conn disabled=no new-routing-mark=to_ADSL2 \
passthrough=no
add action=mark-connection chain=prerouting comment=ether1_conn disabled=no \
dst-address-type=!local in-interface=CLIENTES new-connection-mark=\
ADSL1_conn passthrough=yes per-connection-classifier=both-addresses:3/0
add action=mark-connection chain=prerouting comment=ether1_conn disabled=no \
dst-address-type=!local in-interface=CLIENTES new-connection-mark=\
ADSL1_conn passthrough=yes per-connection-classifier=both-addresses:3/1
add action=mark-connection chain=prerouting comment=ether2_conn disabled=no \
dst-address-type=!local in-interface=CLIENTES new-connection-mark=\
ADSL2_conn passthrough=yes per-connection-classifier=both-addresses:3/2
add action=mark-routing chain=prerouting comment=to_ether1 connection-mark=\
ADSL1_conn disabled=no in-interface=CLIENTES new-routing-mark=to_ADSL1 \
passthrough=no
add action=mark-routing chain=prerouting comment=to_ether2 connection-mark=\
ADSL2_conn disabled=no in-interface=CLIENTES new-routing-mark=to_ADSL2 \
passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat comment="enmascara PCC ADSL1" disabled=no \
out-interface=Ether8-ADSL1
add action=masquerade chain=srcnat comment="enmascara PCC ADSL2" disabled=no \
out-interface=Ether9-ADSL2
add action=masquerade chain=srcnat comment="enmascara interface CLIENTES" \
disabled=no out-interface=CLIENTES
/ip route
(estas regras ficam em cor azul)
add comment=link2 disabled=no distance=2 dst-address=0.0.0.0/0 gateway=\
100.10.2.254 scope=30 target-scope=10
add comment=link1 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
100.10.1.254 scope=30 target-scope=10
(estas regras aparecem bem)
add comment=link2 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
100.10.2.254 routing-mark=to_ADSL2 scope=30 target-scope=10
add comment=link1 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
100.10.1.254 routing-mark=to_ADSL1 scope=30 target-scope=10
agradecere a ajuda para corrigir este balanço, como te comento no bridge chamado CLIENTES concte um computador e estou a navegar mas essas regras seguem em azul...
saludos
-
pcc
sim ficao em azul pois elas ficam em standy by pois elas podem ser monitoradas via chek ping ou netwatch verificando a atividade dos links caso um saia fora vai pro outro link por isso tem as distancias neles, caso use modem em modo roteado use o netwatch pra monitorar seus links e rodar regras de desativar etc...esssa regras que postem e apenas um exemplo que vc deve claro adptar pro nos de suas interfaces...
-
Aprinou, vc comentou que elas ficam em Stanby by para serem monitoradas, isso em modo chek ping é para os modems em router, e para quem ta usando em modo bridge, o MK discando, como seria esse monitoramento em ping, ja que so tem interfaces ativas? no caso os discadores pppoe´s.