+ Responder ao Tópico



  1. 10-05-2017, 23:33 #1
    AyslanAlves
    AyslanAlves está desconectado
    Avatar de AyslanAlves
    Ingresso
    Jun 2011
    Posts
    21

    Question Acesso roteadores em loand balance

    Tenho um ambiente corporativo e balance de 3 links:
    port1= dedicado oi 8MB
    port2 = velox 10mb
    port5 = roteado 8mb

    Balance funcionando normalmente.

    Tenho duas faixas de IP na porta de saída
    10.0.0.1/24 - rede interna
    10.0.10.1/24 - hostpot wifi

    Acontece que eu só consigo acessar os roteadores quando estou conectado com a faixa de Ip do hostpot (10.0.10.x). Se eu tentar acessar os roteadores de dentro da rede interna (10.0.0.x) não consigo acesso.

    Alguém sabe dizer o que tá errado? Segue as configurações da rb.

    Código :
    # may/09/2017 22:21:02 by RouterOS 6.39.1
# software id = ZKT9-LFIL
#
/interface ethernet
set [ find default-name=ether1 ] comment="Link Dedicado (1)" name=internet-01
set [ find default-name=ether2 ] comment="Link Velox (2)" name=internet-02
set [ find default-name=ether5 ] comment="Link Itnet (5)" name=internet-05
set [ find default-name=ether3 ] comment="Saida(3)" name=saida-03
set [ find default-name=ether4 ] name=saida-04
 
 
/interface pppoe-client
add comment="Link Velox (2)" disabled=no interface=internet-02 name=oi-velox \
    password=oi [email protected]
 
 
/interface ethernet switch port
set 0 vlan-mode=fallback
set 1 vlan-mode=fallback
set 2 vlan-mode=fallback
set 3 vlan-mode=fallback
set 4 vlan-mode=fallback
set 5 vlan-mode=fallback
 
 
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
add dns-name=login.wifi hotspot-address=10.0.10.1 html-directory=\
    flash/hotspot login-by=http-chap,mac-cookie name=hsprof1
 
 
/ip hotspot
add disabled=no idle-timeout=6h interface=saida-03 name=hotspot1 profile=\
    hsprof1
 
 
/ip hotspot user profile
set [ find default=yes ] shared-users=2
 
 
/ip pool
add name=pool_10.0.10.0 ranges=10.0.10.20-10.0.10.250
add name=pool_10.0.0.0 ranges=10.0.0.10-10.0.0.250
 
 
/ip dhcp-server
add address-pool=pool_10.0.10.0 authoritative=after-2sec-delay disabled=no \
    interface=saida-03 lease-time=2d name=dhcp1
 
 
/ip address
add address=192.168.30.10/24 comment=" ## Acesso Ao Modem Dedicado" \
    interface=internet-01 network=192.168.30.0
add address=187.12.X.X comment="Link dedicado" interface=\
    internet-01 network=187.12.X.X
add address=192.168.1.50/24 comment="Link Roteado" interface=\
    internet-05 network=192.168.1.0
add address=192.168.10.2/24 comment="Modem Velox Roteado" interface=\
    internet-02 network=192.168.10.0
add address=10.0.10.1/24 interface=saida-03 network=10.0.10.0
add address=10.0.0.1/24 interface=saida-03 network=10.0.0.0
 
 
/ip dhcp-server config
set store-leases-disk=2d
 
 
/ip dhcp-server network
add address=10.0.0.0/24 dns-server=\
    208.67.222.222,208.67.220.220,8.8.8.8,8.8.4.4 gateway=10.0.0.1
add address=10.0.10.0/24 comment="hotspot network" dns-server=\
    208.67.222.222,208.67.220.220,8.8.8.8,8.8.4.4 gateway=10.0.10.1
 
 
/ip dns
set allow-remote-requests=yes cache-max-ttl=12h max-udp-packet-size=2048 \
    servers="208.67.222.222,208.67.220.220,8.8.8.8,8.8.4.4,189.38.95.95,189.38\
    .95.96,200.149.55.142,200.222.0.39"
 
 
/ip firewall mangle
add action=mark-connection chain=input comment="========================" \
    in-interface=internet-01 new-connection-mark=link1_dedicado_conn \
    passthrough=yes
add action=mark-connection chain=input in-interface=oi-velox \
    new-connection-mark=link2_velox_conn passthrough=yes
add action=mark-connection chain=input in-interface=internet-05 \
    new-connection-mark=link3_itnet_conn passthrough=yes
add action=mark-routing chain=output comment="========================" \
    new-routing-mark=link1_dedicado_route out-interface=internet-01 \
    passthrough=yes
add action=mark-routing chain=output new-routing-mark=link3_itnet_route \
    out-interface=internet-05 passthrough=yes
add action=mark-routing chain=output new-routing-mark=link2_velox_route \
    out-interface=oi-velox passthrough=yes
add action=mark-connection chain=prerouting comment=\
    "======================== 13 marcacoes" in-interface=saida-03 \
    new-connection-mark=link1_dedicado_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/0
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link1_dedicado_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/1
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link1_dedicado_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/2
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link1_dedicado_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/3
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link3_itnet_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/4
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link3_itnet_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/5
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link3_itnet_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/6
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link3_itnet_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/7
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link2_velox_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/8
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link2_velox_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/9
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link2_velox_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/10
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link2_velox_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/11
add action=mark-connection chain=prerouting in-interface=saida-03 \
    new-connection-mark=link2_velox_conn passthrough=yes \
    per-connection-classifier=both-addresses:13/12
add action=mark-routing chain=prerouting comment="========================" \
    connection-mark=link1_dedicado_conn in-interface=saida-03 \
    new-routing-mark=link1_dedicado_route passthrough=yes
add action=mark-routing chain=prerouting connection-mark=link2_velox_conn \
    in-interface=saida-03 new-routing-mark=link2_velox_route passthrough=yes
add action=mark-routing chain=prerouting connection-mark=link3_itnet_conn \
    in-interface=saida-03 new-routing-mark=link3_itnet_route passthrough=yes
add action=mark-packet chain=prerouting comment=\
    "======================== Queues Rede Internet" in-interface=internet-01 \
    new-packet-mark=Internet passthrough=yes
add action=mark-packet chain=prerouting in-interface=oi-velox \
    new-packet-mark=Internet passthrough=yes
add action=mark-packet chain=prerouting in-interface=internet-05 \
    new-packet-mark=Internet passthrough=yes
 
 
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="Masquerade Hotspot Network" \
    src-address=10.0.0.0/24
add action=masquerade chain=srcnat src-address=10.0.10.0/24
add action=redirect chain=dstnat comment="Redirecionamento DNS" dst-port=53 \
    in-interface=saida-03 protocol=udp to-ports=53
 
 
 
 
/ip route
add comment="Balance ==========================================" distance=1 \
    gateway=187.12.X.X routing-mark=link1_dedicado_route
add distance=1 gateway=192.168.1.1 routing-mark=link3_itnet_route
add distance=1 gateway=oi-velox routing-mark=link2_velox_route
add check-gateway=ping comment="Link dedicado" distance=1 gateway=\
    187.12.X.X
add check-gateway=ping comment="Link Velox" distance=2 gateway=oi-velox
add check-gateway=ping comment="Link Itnet" distance=3 gateway=192.168.1.1
    Citação Citação
  2. 10-05-2017, 23:36 #2
    rimaraujo
    rimaraujo está desconectado
    Avatar de rimaraujo
    Ingresso
    Aug 2015
    Posts
    655

    Padrão Re: Acesso roteadores em loand balance

    O hotspot faz um roteamento na rede. Por esse motivo você consegue acessar. Quando você não está no hotspot falta rota. Com isso não existe comunicação entre as interfaces por causa do mangle e route mark
    Citação Citação
  3. 10-05-2017, 23:55 #3
    AyslanAlves
    AyslanAlves está desconectado
    Avatar de AyslanAlves
    Ingresso
    Jun 2011
    Posts
    21

    Padrão Re: Acesso roteadores em loand balance

    Há alguma forma de fazer isso na rede interna sem prejudicar algo? Ou não vale a pena?
    Citação Citação
  4. 12-05-2017, 01:54 #4
    rimaraujo
    rimaraujo está desconectado
    Avatar de rimaraujo
    Ingresso
    Aug 2015
    Posts
    655

    Padrão Re: Acesso roteadores em loand balance

    Você terá que criar algumas rotas estáticas para isso.
    Citação Citação
  5. 12-05-2017, 06:16 #5
    AyslanAlves
    AyslanAlves está desconectado
    Avatar de AyslanAlves
    Ingresso
    Jun 2011
    Posts
    21

    Padrão Re: Acesso roteadores em loand balance

    Citação Postado originalmente por rimaraujo Ver Post
    Você terá que criar algumas rotas estáticas para isso.
    Como faço isso, amigo?

    Desculpa a ignorância. Poderia dar um exemplo?

    Creio que é IP / Routes mas o que preciso adicionar?
    Citação Citação
  6. 13-05-2017, 09:39 #6
    AyslanAlves
    AyslanAlves está desconectado
    Avatar de AyslanAlves
    Ingresso
    Jun 2011
    Posts
    21

    Padrão Re: Acesso roteadores em loand balance

    up
    Citação Citação



« Tópico Anterior | Próximo Tópico »