Conectar-se

Esqueci minha senha

Estatísticas
Temos 31153 usuários registrados
O último usuário registrado atende pelo nome de Merlin.J

Os nossos membros postaram um total de 38072 mensagens em 5746 assuntos

Load Balance (Preciso de Ajuda)

Ir em baixo

Load Balance (Preciso de Ajuda)

Mensagem por augustopletsch em Qua 27 Fev - 17:16

Prezados amigos,

Estou começando a trabalhar com RB e to tentando fazer um load balance numa RB 750 com o programinha PCC 1.5, tenho 3 adsl de 2 megas e 01 dedicado de 01 mega... a questão é a seguinte:

Só funcionam as adsls, o dedicado nao funciona de jeito nenhum... veja as configurações:


Código:
# ip address --------------------------
/ip address add address=192.168.200.1/30 interface=ether5
/ip address add address=192.168.190.21/24 interface=ether1
/ip address add address=201.18.63.105/29 interface=ether2
/ip address add address=192.168.189.21/24 interface=ether3
/ip address add address=192.168.188.21/24 interface=ether4

# interface pppoe-client ---------------

# ip dns --------------------------------
/ip dns set primary-dns=8.8.8.8
/ip dns set secondary-dns=8.8.4.4
/ip dns set allow-remote-requests=yes

# ip dns statico------------------------
/ip dns static add address=192.168.200.1 comment="" disabled=no name=192.168.200.1.giga ttl=1d

# ip firewall Filter------------------------
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=velox.user.com.br disabled=no
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=speed.user.com.br disabled=no
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether1 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether2 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether3 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether4 src-address=255.255.255.252/30

# ip firewall nat--------------------------
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether1
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether2
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether3
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether4

# ip firewall mangle------------------------

# LoopBack por link-------------------------
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK0 in-interface=ether5 new-connection-mark=Sites0 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites0 disabled=no in-interface=ether5 new-routing-mark=Rota0 passthrough=no
/ ip route add gateway=192.168.190.1 routing-mark=Rota0
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK1 in-interface=ether5 new-connection-mark=Sites1 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites1 disabled=no in-interface=ether5 new-routing-mark=Rota1 passthrough=no
/ ip route add gateway=201.18.63.104 routing-mark=Rota1
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK2 in-interface=ether5 new-connection-mark=Sites2 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites2 disabled=no in-interface=ether5 new-routing-mark=Rota2 passthrough=no
/ ip route add gateway=192.168.189.1 routing-mark=Rota2

/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment="BRADESCO" disabled=no list=LINK0
/ip firewall address-list add address=200.220.186.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=200.220.178.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=64.38.29.0/24 comment="RapidShare" disabled=no list=LINK1
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=LINK2
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
# Fim LoopBack por link----------------------

/ip firewall mangle add action=accept chain=prerouting comment="HTTPS FORA DO LOADBALACED" disabled=no protocol=tcp dst-port=443 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting comment="FORA DO LOADBALACED" disabled=no dst-address-list=loopback in-interface=ether5
/ip firewall mangle add action=change-ttl chain=forward comment="Filtro Tracert / Traceroute" disabled=no new-ttl=set:30 protocol=icmp
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether1 new-connection-mark=ether1_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether2 new-connection-mark=ether2_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether3 new-connection-mark=ether3_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether4 new-connection-mark=ether4_conn passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether1_conn disabled=no new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether2_conn disabled=no new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether3_conn disabled=no new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether4_conn disabled=no new-routing-mark=to_ether4 passthrough=yes
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.248/29 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/0
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/1
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether2_conn passthrough=yes per-connection-classifier=both-addresses:7/2
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/3
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/4
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/6
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether1_conn disabled=no in-interface=ether5 new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether2_conn disabled=no in-interface=ether5 new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether3_conn disabled=no in-interface=ether5 new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether4_conn disabled=no in-interface=ether5 new-routing-mark=to_ether4 passthrough=yes

# ip route----------------------------------
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 routing-mark=to_ether1 comment="Link0"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=201.18.63.104 routing-mark=to_ether2 comment="Link1"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.189.1 routing-mark=to_ether3 comment="Link2"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.188.1 routing-mark=to_ether4 comment="Link3"
/ip route add check-gateway=ping comment="Link0" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link1" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=201.18.63.104 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link2" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.189.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link3" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=192.168.188.1 scope=30 target-scope=10

# ip firewall address-list-----------------------------
/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.186.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.178.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=64.38.29.0/24 comment=RapidShare disabled=no list=loopback
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.159.128.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=loopback
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.201.160.0/24 comment="Caixa Economica Federal" disabled=no list=loopback
/ip firewall address-list add address=200.201.166.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.173.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.174.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.141.207.3 comment=Detran disabled=no list=loopback

# /system script--------------------------------------
/system script add name=Link0Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link0\"] disabled=yes;"
/system script add name=Link1Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link1\"] disabled=yes;"
/system script add name=Link2Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link2\"] disabled=yes;"
/system script add name=Link3Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link3\"] disabled=yes;"
/system script add name=Link0Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=no;\r\ \n/ip route set [find comment=\"Link0\"] disabled=no;"
/system script add name=Link1Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=no;\r\ \n/ip route set [find comment=\"Link1\"] disabled=no;"
/system script add name=Link2Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=no;\r\ \n/ip route set [find comment=\"Link2\"] disabled=no;"
/system script add name=Link3Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=no;\r\ \n/ip route set [find comment=\"Link3\"] disabled=no;"

# ip address --------------------------
/ip address add address=192.168.200.1/30 interface=ether5
/ip address add address=192.168.190.21/24 interface=ether1
/ip address add address=201.18.63.105/29 interface=ether2
/ip address add address=192.168.189.21/24 interface=ether3
/ip address add address=192.168.188.21/24 interface=ether4

# interface pppoe-client ---------------

# ip dns --------------------------------
/ip dns set primary-dns=8.8.8.8
/ip dns set secondary-dns=8.8.4.4
/ip dns set allow-remote-requests=yes

# ip dns statico------------------------
/ip dns static add address=192.168.200.1 comment="" disabled=no name=192.168.200.1.giga ttl=1d

# ip firewall Filter------------------------
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=velox.user.com.br disabled=no
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=speed.user.com.br disabled=no
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether1 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether2 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether3 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether4 src-address=255.255.255.252/30

# ip firewall nat--------------------------
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether1
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether2
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether3
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether4

# ip firewall mangle------------------------

# LoopBack por link-------------------------
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK0 in-interface=ether5 new-connection-mark=Sites0 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites0 disabled=no in-interface=ether5 new-routing-mark=Rota0 passthrough=no
/ ip route add gateway=192.168.190.1 routing-mark=Rota0
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK1 in-interface=ether5 new-connection-mark=Sites1 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites1 disabled=no in-interface=ether5 new-routing-mark=Rota1 passthrough=no
/ ip route add gateway=201.18.63.104 routing-mark=Rota1
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK2 in-interface=ether5 new-connection-mark=Sites2 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites2 disabled=no in-interface=ether5 new-routing-mark=Rota2 passthrough=no
/ ip route add gateway=192.168.189.1 routing-mark=Rota2

/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment="BRADESCO" disabled=no list=LINK0
/ip firewall address-list add address=200.220.186.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=200.220.178.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=64.38.29.0/24 comment="RapidShare" disabled=no list=LINK1
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=LINK2
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
# Fim LoopBack por link----------------------

/ip firewall mangle add action=accept chain=prerouting comment="HTTPS FORA DO LOADBALACED" disabled=no protocol=tcp dst-port=443 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting comment="FORA DO LOADBALACED" disabled=no dst-address-list=loopback in-interface=ether5
/ip firewall mangle add action=change-ttl chain=forward comment="Filtro Tracert / Traceroute" disabled=no new-ttl=set:30 protocol=icmp
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether1 new-connection-mark=ether1_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether2 new-connection-mark=ether2_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether3 new-connection-mark=ether3_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether4 new-connection-mark=ether4_conn passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether1_conn disabled=no new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether2_conn disabled=no new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether3_conn disabled=no new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether4_conn disabled=no new-routing-mark=to_ether4 passthrough=yes
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=201.18.63.104/29 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/0
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/1
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether2_conn passthrough=yes per-connection-classifier=both-addresses:7/2
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/3
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/4
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/6
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether1_conn disabled=no in-interface=ether5 new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether2_conn disabled=no in-interface=ether5 new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether3_conn disabled=no in-interface=ether5 new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether4_conn disabled=no in-interface=ether5 new-routing-mark=to_ether4 passthrough=yes

# ip route----------------------------------
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 routing-mark=to_ether1 comment="Link0"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=201.18.63.104 routing-mark=to_ether2 comment="Link1"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.189.1 routing-mark=to_ether3 comment="Link2"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.188.1 routing-mark=to_ether4 comment="Link3"
/ip route add check-gateway=ping comment="Link0" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link1" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=201.18.63.104 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link2" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.189.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link3" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=192.168.188.1 scope=30 target-scope=10

# ip firewall address-list-----------------------------
/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.186.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.178.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=64.38.29.0/24 comment=RapidShare disabled=no list=loopback
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.159.128.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=loopback
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.201.160.0/24 comment="Caixa Economica Federal" disabled=no list=loopback
/ip firewall address-list add address=200.201.166.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.173.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.174.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.141.207.3 comment=Detran disabled=no list=loopback

# /system script--------------------------------------
/system script add name=Link0Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link0\"] disabled=yes;"
/system script add name=Link1Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link1\"] disabled=yes;"
/system script add name=Link2Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link2\"] disabled=yes;"
/system script add name=Link3Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link3\"] disabled=yes;"
/system script add name=Link0Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=no;\r\ \n/ip route set [find comment=\"Link0\"] disabled=no;"
/system script add name=Link1Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=no;\r\ \n/ip route set [find comment=\"Link1\"] disabled=no;"
/system script add name=Link2Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=no;\r\ \n/ip route set [find comment=\"Link2\"] disabled=no;"
/system script add name=Link3Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=no;\r\ \n/ip route set [find comment=\"Link3\"] disabled=no;"

# ip address --------------------------
/ip address add address=192.168.200.1/30 interface=ether5
/ip address add address=192.168.190.21/24 interface=ether1
/ip address add address=201.18.63.105/29 interface=ether2
/ip address add address=192.168.189.21/24 interface=ether3
/ip address add address=192.168.188.21/24 interface=ether4

# interface pppoe-client ---------------

# ip dns --------------------------------
/ip dns set primary-dns=8.8.8.8
/ip dns set secondary-dns=8.8.4.4
/ip dns set allow-remote-requests=yes

# ip dns statico------------------------
/ip dns static add address=192.168.200.1 comment="" disabled=no name=192.168.200.1.giga ttl=1d

# ip firewall Filter------------------------
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=velox.user.com.br disabled=no
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=speed.user.com.br disabled=no
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether1 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether2 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether3 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether4 src-address=255.255.255.252/30

# ip firewall nat--------------------------
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether1
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether2
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether3
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether4

# ip firewall mangle------------------------

# LoopBack por link-------------------------
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK0 in-interface=ether5 new-connection-mark=Sites0 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites0 disabled=no in-interface=ether5 new-routing-mark=Rota0 passthrough=no
/ ip route add gateway=192.168.190.1 routing-mark=Rota0
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK1 in-interface=ether5 new-connection-mark=Sites1 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites1 disabled=no in-interface=ether5 new-routing-mark=Rota1 passthrough=no
/ ip route add gateway=201.18.63.104 routing-mark=Rota1
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK2 in-interface=ether5 new-connection-mark=Sites2 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites2 disabled=no in-interface=ether5 new-routing-mark=Rota2 passthrough=no
/ ip route add gateway=192.168.189.1 routing-mark=Rota2

/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment="BRADESCO" disabled=no list=LINK0
/ip firewall address-list add address=200.220.186.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=200.220.178.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=64.38.29.0/24 comment="RapidShare" disabled=no list=LINK1
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=LINK2
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
# Fim LoopBack por link----------------------

/ip firewall mangle add action=accept chain=prerouting comment="HTTPS FORA DO LOADBALACED" disabled=no protocol=tcp dst-port=443 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting comment="FORA DO LOADBALACED" disabled=no dst-address-list=loopback in-interface=ether5
/ip firewall mangle add action=change-ttl chain=forward comment="Filtro Tracert / Traceroute" disabled=no new-ttl=set:30 protocol=icmp
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether1 new-connection-mark=ether1_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether2 new-connection-mark=ether2_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether3 new-connection-mark=ether3_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether4 new-connection-mark=ether4_conn passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether1_conn disabled=no new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether2_conn disabled=no new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether3_conn disabled=no new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether4_conn disabled=no new-routing-mark=to_ether4 passthrough=yes
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=201.18.63.104/29 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/0
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/1
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether2_conn passthrough=yes per-connection-classifier=both-addresses:7/2
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/3
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/4
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/6
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether1_conn disabled=no in-interface=ether5 new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether2_conn disabled=no in-interface=ether5 new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether3_conn disabled=no in-interface=ether5 new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether4_conn disabled=no in-interface=ether5 new-routing-mark=to_ether4 passthrough=yes

# ip route----------------------------------
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 routing-mark=to_ether1 comment="Link0"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=201.18.63.104 routing-mark=to_ether2 comment="Link1"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.189.1 routing-mark=to_ether3 comment="Link2"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.188.1 routing-mark=to_ether4 comment="Link3"
/ip route add check-gateway=ping comment="Link0" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link1" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=201.18.63.104 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link2" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.189.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link3" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=192.168.188.1 scope=30 target-scope=10

# ip firewall address-list-----------------------------
/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.186.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.178.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=64.38.29.0/24 comment=RapidShare disabled=no list=loopback
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.159.128.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=loopback
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.201.160.0/24 comment="Caixa Economica Federal" disabled=no list=loopback
/ip firewall address-list add address=200.201.166.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.173.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.174.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.141.207.3 comment=Detran disabled=no list=loopback

# /system script--------------------------------------
/system script add name=Link0Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link0\"] disabled=yes;"
/system script add name=Link1Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link1\"] disabled=yes;"
/system script add name=Link2Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link2\"] disabled=yes;"
/system script add name=Link3Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link3\"] disabled=yes;"
/system script add name=Link0Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=no;\r\ \n/ip route set [find comment=\"Link0\"] disabled=no;"
/system script add name=Link1Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=no;\r\ \n/ip route set [find comment=\"Link1\"] disabled=no;"
/system script add name=Link2Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=no;\r\ \n/ip route set [find comment=\"Link2\"] disabled=no;"
/system script add name=Link3Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=no;\r\ \n/ip route set [find comment=\"Link3\"] disabled=no;"


Se alguem puder me ajudar....

augustopletsch
Baby
Baby

Mensagens : 1
Pontos : 3
Reputação : 0
Data de inscrição : 08/02/2013
Idade : 37
Localização Localização : brasil

Voltar ao Topo Ir em baixo

Re: Load Balance (Preciso de Ajuda)

Mensagem por Gerônimo em Qua 27 Fev - 20:30

Da uma olhada no link a seguir ve se te ajuda.
[Você precisa estar registrado e conectado para ver este link.]

__________________________________________________
A VIDA SO É DIGNA DE SER VIVIDA SE VOCÊ FIZER ALGO PELA VIDA EM VIDA.
MUDE A VIDA DE UMA CRIANÇA APADRINHE COM APENAS R$ 50,00 ACESSE [Você precisa estar registrado e conectado para ver este link.]
avatar
Gerônimo
Power User
Power User

Mensagens : 684
Pontos : 1454
Reputação : 722
Data de inscrição : 29/05/2010
Idade : 44
Localização Localização : Brasil

http://www.overnix.com/

Voltar ao Topo Ir em baixo

Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum