+ Responder ao Tópico



  1. #1

    Padrão PCC (wiki da mikrotik) não funciona com interfaces dinâmicas

    Peguei o exemplo do PCC do wiki da Mikrotik e como tenho 4 interfaces com IP dinâmico fiz a adaptação abaixo.

    Ele aceitou mas só consigo acessar as redes diretamente localizadas (que seja na LAN quer seja nas WANs). Para testar coloquei um cabo na minha máquina na LAN do RB750G e dois cabos da WAN ligados a um servidor de DHCP.

    Eu desliguei o add default route das interfaces que pegam IP dinâmico. E retirei as portas 3,4 e 5 do slave da porta 2.

    / ip firewall mangle
    add chain=input in-interface=ether1-gateway action=mark-connection new-connection-mark=ether1_gateway_conn
    add chain=input in-interface=ether3-gateway action=mark-connection new-connection-mark=ether3_gateway_conn
    add chain=input in-interface=ether4-gateway action=mark-connection new-connection-mark=ether4_gateway_conn
    add chain=input in-interface=ether5-gateway action=mark-connection new-connection-mark=ether5_gateway_conn

    add chain=output connection-mark=ether1_gateway_conn action=mark-routing new-routing-mark=to_ether1_gateway
    add chain=output connection-mark=ether3_gateway_conn action=mark-routing new-routing-mark=to_ether3_gateway
    add chain=output connection-mark=ether4_gateway_conn action=mark-routing new-routing-mark=to_ether4_gateway
    add chain=output connection-mark=ether5_gateway_conn action=mark-routing new-routing-mark=to_ether5_gateway

    add chain=prerouting dst-address-type=!local action=accept in-interface=ether2-local-master
    add chain=prerouting dst-address-type=!local action=accept in-interface=ether2-local-master
    add chain=prerouting dst-address-type=!local action=accept in-interface=ether2-local-master
    add chain=prerouting dst-address-type=!local action=accept in-interface=ether2-local-master

    add chain=prerouting dst-address-type=!local in-interface=ether2-local-master per-connection-classifier=both-addresses:4/0 \
    action=mark-connection new-connection-mark=ether1_gateway_conn passthrough=yes
    add chain=prerouting dst-address-type=!local in-interface=ether2-local-master per-connection-classifier=both-addresses:4/1 \
    action=mark-connection new-connection-mark=ether3_gateway_conn passthrough=yes
    add chain=prerouting dst-address-type=!local in-interface=ether2-local-master per-connection-classifier=both-addresses:4/2 \
    action=mark-connection new-connection-mark=ether4_gateway_conn passthrough=yes
    add chain=prerouting dst-address-type=!local in-interface=ether2-local-master per-connection-classifier=both-addresses:4/3 \
    action=mark-connection new-connection-mark=ether5_gateway_conn passthrough=yes

    add chain=prerouting connection-mark=ether1_gateway_conn in-interface=ether2-local-master action=mark-routing new-routing-mark=to_ether1_gateway
    add chain=prerouting connection-mark=ether3_gateway_conn in-interface=ether2-local-master action=mark-routing new-routing-mark=to_ether3_gateway
    add chain=prerouting connection-mark=ether4_gateway_conn in-interface=ether2-local-master action=mark-routing new-routing-mark=to_ether4_gateway
    add chain=prerouting connection-mark=ether5_gateway_conn in-interface=ether2-local-master action=mark-routing new-routing-mark=to_ether5_gateway

    / ip route
    add dst-address=0.0.0.0/0 gateway=ether1-gateway routing-mark=to_ether1_gateway check-gateway=arp
    add dst-address=0.0.0.0/0 gateway=ether3-gateway routing-mark=to_ether3_gateway check-gateway=arp
    add dst-address=0.0.0.0/0 gateway=ether4-gateway routing-mark=to_ether4_gateway check-gateway=arp
    add dst-address=0.0.0.0/0 gateway=ether5-gateway routing-mark=to_ether5_gateway check-gateway=arp

    add dst-address=0.0.0.0/0 gateway=ether1-gateway distance=1 check-gateway=arp
    add dst-address=0.0.0.0/0 gateway=ether3-gateway distance=2 check-gateway=arp
    add dst-address=0.0.0.0/0 gateway=ether4-gateway distance=3 check-gateway=arp
    add dst-address=0.0.0.0/0 gateway=ether5-gateway distance=4 check-gateway=arp


    / ip firewall nat
    add chain=srcnat out-interface=ether1-gateway action=masquerade
    add chain=srcnat out-interface=ether3-gateway action=masquerade
    add chain=srcnat out-interface=ether4-gateway action=masquerade
    add chain=srcnat out-interface=ether5-gateway action=masquerade

  2. #2

    Padrão Re: PCC (wiki da mikrotik) não funciona com interfaces dinâmicas

    Meu camarada, vc deu um export no seu New Terminal e postou ou vc copiou só o que achou necessário?
    Seguinte estava com alguns problemas antes com o PCC. Só consegui implementá-lo usando o software que tem aqui no forum que gera as configurações automáticas.
    https://under-linux.org/f227/program...to-pcc-134749/
    Espero ter ajudado de alguma forma...


    Ivan Galves