series do mega filmes nao sai for do balance

[wesleydialmeida]

Ola amigos, tenho as regras para tirar sites do balance, todos os outros funcionam normal, mas algumas series de filmes online nao consigo tirar, alguém pode me ajudar?

[AndrioPJ]

isso ai é balance mal configurado ou falta de atualização.

antes de tirar o site do balance, experimente atualizar a versão mk da sua RB
E o firmware.

para atualizar a versão do mk, acesse o site e baixe a versão mais atual.
para atualizar o firmware, abra o winbox, new terminal... digite:
/system routerboard print
/system routerboard upgrade

[wesleydialmeida]

Acho que vou ter que procurar um outro script, pois ja revisei todas as regras, mas nao consigo ver o defeito, a rb ja esta atualizada, se alguem puder postar um script atualizado fico agradecido.

[emilidani]

Nao creio seja o script.

[AndrioPJ]

Acho que vou ter que procurar um outro script, pois ja revisei todas as regras, mas nao consigo ver o defeito, a rb ja esta atualizada, se alguem puder postar um script atualizado fico agradecido.

o firmware também está atualizado?

como está o connection tracking?

post seu script ai??

[wesleydialmeida]

o contrack ta automatico, a rb ta toda atualizada (firm e soft)

no balance tenho a seguinte estrutura:

porta 2,3 e 4 = adsl 50megas

porta 5 = link dedicado 25megas

essas sao minhas configuraçoes:

/ip firewall mangle




add action=mark-connection chain=prerouting connection-state=new \
dst-address-list=LINK0 in-interface=PCC new-connection-mark=Sites0


add action=mark-routing chain=prerouting connection-mark=Sites0 in-interface=\
PCC new-routing-mark=Rota0 passthrough=no


add action=mark-connection chain=prerouting connection-state=new \
dst-address-list=LINK1 in-interface=PCC new-connection-mark=Sites1


add action=mark-routing chain=prerouting connection-mark=Sites1 in-interface=\
PCC new-routing-mark=Rota1 passthrough=no


add action=mark-connection chain=prerouting connection-state=new \
dst-address-list=LINK2 in-interface=PCC new-connection-mark=Sites2


add action=mark-routing chain=prerouting connection-mark=Sites2 in-interface=\
PCC new-routing-mark=Rota2 passthrough=no


-----------------------------------------------------------------------------------------------




add chain=prerouting comment="FORA DO LOADBALACED" dst-address-list=loopback \
in-interface=PCC




add action=mark-connection chain=prerouting connection-state=new in-interface=\
ether5 new-connection-mark=ether5_conn


add action=mark-connection chain=prerouting connection-state=new in-interface=\
adsl_ether2 new-connection-mark=adsl_ether2_conn


add action=mark-connection chain=prerouting connection-state=new in-interface=\
adsl_ether3 new-connection-mark=adsl_ether3_conn


add action=mark-connection chain=prerouting connection-state=new in-interface=\
adsl_ether4 new-connection-mark=adsl_ether4_conn


add action=mark-routing chain=output connection-mark=ether5_conn \
new-routing-mark=to_ether5


add action=mark-routing chain=output connection-mark=adsl_ether2_conn \
new-routing-mark=to_adsl_ether2


add action=mark-routing chain=output connection-mark=adsl_ether3_conn \
new-routing-mark=to_adsl_ether3


add action=mark-routing chain=output connection-mark=adsl_ether4_conn \
new-routing-mark=to_adsl_ether4


add chain=prerouting dst-address=189.59.78.152/29 in-interface=PCC


add action=mark-connection chain=prerouting connection-state=new \
dst-address-type=!local in-interface=PCC new-connection-mark=ether5_conn \
per-connection-classifier=both-addresses-and-ports:7/0


add action=mark-connection chain=prerouting connection-state=new \
dst-address-type=!local in-interface=PCC new-connection-mark=\
adsl_ether2_conn per-connection-classifier=both-addresses-and-ports:7/1


add action=mark-connection chain=prerouting connection-state=new \
dst-address-type=!local in-interface=PCC new-connection-mark=\
adsl_ether2_conn per-connection-classifier=both-addresses-and-ports:7/2


add action=mark-connection chain=prerouting connection-state=new \
dst-address-type=!local in-interface=PCC new-connection-mark=\
adsl_ether3_conn per-connection-classifier=both-addresses-and-ports:7/3


add action=mark-connection chain=prerouting connection-state=new \
dst-address-type=!local in-interface=PCC new-connection-mark=\
adsl_ether3_conn per-connection-classifier=both-addresses-and-ports:7/4


add action=mark-connection chain=prerouting connection-state=new \
dst-address-type=!local in-interface=PCC new-connection-mark=\
adsl_ether4_conn per-connection-classifier=both-addresses-and-ports:7/5


add action=mark-connection chain=prerouting connection-state=new \
dst-address-type=!local in-interface=PCC new-connection-mark=\
adsl_ether4_conn per-connection-classifier=both-addresses-and-ports:7/6


add action=mark-routing chain=prerouting connection-mark=ether5_conn \
in-interface=PCC new-routing-mark=to_ether5


add action=mark-routing chain=prerouting connection-mark=adsl_ether2_conn \
in-interface=PCC new-routing-mark=to_adsl_ether2


add action=mark-routing chain=prerouting connection-mark=adsl_ether3_conn \
in-interface=PCC new-routing-mark=to_adsl_ether3


add action=mark-routing chain=prerouting connection-mark=adsl_ether4_conn \
in-interface=PCC new-routing-mark=to_adsl_ether4


/ip route


add distance=1 gateway=189.59.78.153 routing-mark=Rota0
add distance=1 gateway=adsl_ether2 routing-mark=Rota1
add distance=1 gateway=adsl_ether3 routing-mark=Rota2


add check-gateway=ping comment=Link0 distance=1 gateway=189.59.78.153 \
routing-mark=to_ether5


add comment=Link1 distance=1 gateway=adsl_ether2 routing-mark=to_adsl_ether2
add comment=Link2 distance=1 gateway=adsl_ether3 routing-mark=to_adsl_ether3
add comment=Link3 distance=1 gateway=adsl_ether4 routing-mark=to_adsl_ether4
add check-gateway=ping comment=Link0 distance=1 gateway=189.59.78.153
add comment=Link1 distance=2 gateway=adsl_ether2
add comment=Link2 distance=3 gateway=adsl_ether3
add comment=Link3 distance=4 gateway=adsl_ether4


/ip firewall address-list
add address=200.155.80.0-200.155.255.255 list=loopback
add address=200.220.186.0/24 list=loopback
add address=200.220.178.0/24 list=loopback
add address=200.159.128.0/24 list=loopback
add address=200.155.0.0/16 list=loopback
add address=201.7.176.0/20 list=loopback
add address=201.7.178.0/24 list=loopback
add address=201.7.180.0/24 list=loopback
add address=201.7.0.0/16 list=loopback
add address=201.30.0.0/16 list=loopback
add address=186.192.0.0/16 list=loopback
add address=200.201.174.0/24 list=loopback
add address=200.201.173.0/24 list=loopback
add address=10.10.30.0/24 list=loopback
add address=200.155.80.0-200.155.255.255 comment=BRADESCO list=LINK0
add address=200.220.186.0/24 list=LINK0
add address=200.220.178.0/24 list=LINK0
add address=64.38.29.0/24 comment=RapidShare list=LINK1
add address=208.69.32.0/24 list=LINK1
add address=208.67.217.0/24 list=LINK1
add address=201.7.178.0/24 list=LINK1
add address=201.7.176.0/24 list=LINK1
add address=201.7.176.0/20 comment="Vdeos - Globo" list=LINK2
add address=208.84.247.0/24 comment="Vdeos - terratv" list=LINK2
add address=200.154.56.0/24 comment="Vdeos - terratv" list=LINK2
add address=64.38.29.0/24 comment=RapidShare list=loopback
add address=208.69.32.0/24 list=loopback
add address=208.67.217.0/24 list=loopback
add address=201.7.176.0/24 list=loopback
add address=208.84.247.0/24 comment="Vdeos - terratv" list=loopback
add address=200.154.56.0/24 comment="Vdeos - terratv" list=loopback
add address=200.201.160.0/24 comment="Caixa Economica Federal" list=loopback
add address=200.201.166.0/24 list=loopback
add address=200.141.207.3 comment=Detran list=loopback
add address=138.91.0.0/16 list=loopback
add address=161.148.0.0/16 comment="Receita Feredal" list=loopback
add address=186.234.0.0/16 comment=Uol list=loopback
add address=201.48.0.0/17 comment=UniUbe list=loopback
add address=199.67.0.0/16 comment=Credcard list=loopback
add address=198.41.128.0/18 comment=megafilmes list=LINK2
add address=198.41.184.0/21 comment=megafilmes list=LINK2
add address=198.41.184.0/21 comment=megafilmes disabled=yes list=loopback
add address=198.41.128.0/18 comment=megafilmes disabled=yes list=loopback

ja vi e revi varias vezes , mas nao consigo enxergar o problema, muitos outros sites saem do balance, mas alguns video nao, se alguem puder me dar uma luz fico agradecido, obrigado.

[AndrioPJ]

Os ips dos clientes chegam até a RB?

[wld.net1]

Amigo qual é o site? postar aí.

[wld.net1]

Isso é seu ballance que só falta uma configuraçãozinha...

[wesleydialmeida]

Os ips dos clientes chegam até a RB?

do balance mando o link para as torres onde tem rbs que autenticam os clientes pppoe

[AndrioPJ]

do balance mando o link para as torres onde tem rbs que autenticam os clientes pppoe

sim, mas os IPs dos clientes chegam até o balance ou voce faz NAT no meio do caminho?

[wesleydialmeida]

tem um nat em cada autenticador que fica nas torres.

[wesleydialmeida]

nao entendo, eu deveria ter somente o nat do balance? pois se for assim o webmikrotik esta criandos os servidores de autenticaçao errado, pois todo servidor que crio, o webmikrotik ja cria as regras de nat autmaticamente no servidor em questao.

[wesleydialmeida]

Se desativo o nat do servidor ou do LB fico sem net, qual a melhor forma de resolver isso?

[wesleydialmeida]

Você tem que manter o NAT no LB, precisa fazer os IPs dos clientes chegarem ao teu LB. Faça isso usando roteamento estático ou OSPF.

Criei vlans do meu balance para os concentradores, vou procurar as regras onde o https saem por todos os links, depois vou remover as vlans e testar rotas estaticas.

[wld.net1]

Utilizo aqui LB sem nat roteamento estático.

[wesleydialmeida]

Deu certo, fiz esse balance onde o concentrador fica sem nat, e os https saem por link diferentes, ficou otimo! Obrigado.