Conectar-se

Esqueci minha senha

lateral
Estatísticas
Temos 30344 usuários registrados
O último usuário registrado atende pelo nome de atilajf

Os nossos membros postaram um total de 37737 mensagens em 5673 assuntos

Load Balance (Preciso de Ajuda)

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Load Balance (Preciso de Ajuda)

Mensagem por augustopletsch em Qua 27 Fev - 17:16

Prezados amigos,

Estou começando a trabalhar com RB e to tentando fazer um load balance numa RB 750 com o programinha PCC 1.5, tenho 3 adsl de 2 megas e 01 dedicado de 01 mega... a questão é a seguinte:

Só funcionam as adsls, o dedicado nao funciona de jeito nenhum... veja as configurações:


Código:
# ip address --------------------------
/ip address add address=192.168.200.1/30 interface=ether5
/ip address add address=192.168.190.21/24 interface=ether1
/ip address add address=201.18.63.105/29 interface=ether2
/ip address add address=192.168.189.21/24 interface=ether3
/ip address add address=192.168.188.21/24 interface=ether4

# interface pppoe-client ---------------

# ip dns --------------------------------
/ip dns set primary-dns=8.8.8.8
/ip dns set secondary-dns=8.8.4.4
/ip dns set allow-remote-requests=yes

# ip dns statico------------------------
/ip dns static add address=192.168.200.1 comment="" disabled=no name=192.168.200.1.giga ttl=1d

# ip firewall Filter------------------------
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=velox.user.com.br disabled=no
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=speed.user.com.br disabled=no
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether1 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether2 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether3 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether4 src-address=255.255.255.252/30

# ip firewall nat--------------------------
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether1
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether2
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether3
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether4

# ip firewall mangle------------------------

# LoopBack por link-------------------------
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK0 in-interface=ether5 new-connection-mark=Sites0 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites0 disabled=no in-interface=ether5 new-routing-mark=Rota0 passthrough=no
/ ip route add gateway=192.168.190.1 routing-mark=Rota0
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK1 in-interface=ether5 new-connection-mark=Sites1 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites1 disabled=no in-interface=ether5 new-routing-mark=Rota1 passthrough=no
/ ip route add gateway=201.18.63.104 routing-mark=Rota1
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK2 in-interface=ether5 new-connection-mark=Sites2 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites2 disabled=no in-interface=ether5 new-routing-mark=Rota2 passthrough=no
/ ip route add gateway=192.168.189.1 routing-mark=Rota2

/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment="BRADESCO" disabled=no list=LINK0
/ip firewall address-list add address=200.220.186.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=200.220.178.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=64.38.29.0/24 comment="RapidShare" disabled=no list=LINK1
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=LINK2
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
# Fim LoopBack por link----------------------

/ip firewall mangle add action=accept chain=prerouting comment="HTTPS FORA DO LOADBALACED" disabled=no protocol=tcp dst-port=443 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting comment="FORA DO LOADBALACED" disabled=no dst-address-list=loopback in-interface=ether5
/ip firewall mangle add action=change-ttl chain=forward comment="Filtro Tracert / Traceroute" disabled=no new-ttl=set:30 protocol=icmp
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether1 new-connection-mark=ether1_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether2 new-connection-mark=ether2_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether3 new-connection-mark=ether3_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether4 new-connection-mark=ether4_conn passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether1_conn disabled=no new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether2_conn disabled=no new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether3_conn disabled=no new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether4_conn disabled=no new-routing-mark=to_ether4 passthrough=yes
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.248/29 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/0
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/1
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether2_conn passthrough=yes per-connection-classifier=both-addresses:7/2
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/3
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/4
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/6
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether1_conn disabled=no in-interface=ether5 new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether2_conn disabled=no in-interface=ether5 new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether3_conn disabled=no in-interface=ether5 new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether4_conn disabled=no in-interface=ether5 new-routing-mark=to_ether4 passthrough=yes

# ip route----------------------------------
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 routing-mark=to_ether1 comment="Link0"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=201.18.63.104 routing-mark=to_ether2 comment="Link1"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.189.1 routing-mark=to_ether3 comment="Link2"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.188.1 routing-mark=to_ether4 comment="Link3"
/ip route add check-gateway=ping comment="Link0" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link1" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=201.18.63.104 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link2" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.189.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link3" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=192.168.188.1 scope=30 target-scope=10

# ip firewall address-list-----------------------------
/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.186.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.178.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=64.38.29.0/24 comment=RapidShare disabled=no list=loopback
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.159.128.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=loopback
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.201.160.0/24 comment="Caixa Economica Federal" disabled=no list=loopback
/ip firewall address-list add address=200.201.166.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.173.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.174.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.141.207.3 comment=Detran disabled=no list=loopback

# /system script--------------------------------------
/system script add name=Link0Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link0\"] disabled=yes;"
/system script add name=Link1Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link1\"] disabled=yes;"
/system script add name=Link2Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link2\"] disabled=yes;"
/system script add name=Link3Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link3\"] disabled=yes;"
/system script add name=Link0Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=no;\r\ \n/ip route set [find comment=\"Link0\"] disabled=no;"
/system script add name=Link1Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=no;\r\ \n/ip route set [find comment=\"Link1\"] disabled=no;"
/system script add name=Link2Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=no;\r\ \n/ip route set [find comment=\"Link2\"] disabled=no;"
/system script add name=Link3Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=no;\r\ \n/ip route set [find comment=\"Link3\"] disabled=no;"

# ip address --------------------------
/ip address add address=192.168.200.1/30 interface=ether5
/ip address add address=192.168.190.21/24 interface=ether1
/ip address add address=201.18.63.105/29 interface=ether2
/ip address add address=192.168.189.21/24 interface=ether3
/ip address add address=192.168.188.21/24 interface=ether4

# interface pppoe-client ---------------

# ip dns --------------------------------
/ip dns set primary-dns=8.8.8.8
/ip dns set secondary-dns=8.8.4.4
/ip dns set allow-remote-requests=yes

# ip dns statico------------------------
/ip dns static add address=192.168.200.1 comment="" disabled=no name=192.168.200.1.giga ttl=1d

# ip firewall Filter------------------------
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=velox.user.com.br disabled=no
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=speed.user.com.br disabled=no
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether1 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether2 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether3 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether4 src-address=255.255.255.252/30

# ip firewall nat--------------------------
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether1
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether2
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether3
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether4

# ip firewall mangle------------------------

# LoopBack por link-------------------------
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK0 in-interface=ether5 new-connection-mark=Sites0 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites0 disabled=no in-interface=ether5 new-routing-mark=Rota0 passthrough=no
/ ip route add gateway=192.168.190.1 routing-mark=Rota0
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK1 in-interface=ether5 new-connection-mark=Sites1 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites1 disabled=no in-interface=ether5 new-routing-mark=Rota1 passthrough=no
/ ip route add gateway=201.18.63.104 routing-mark=Rota1
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK2 in-interface=ether5 new-connection-mark=Sites2 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites2 disabled=no in-interface=ether5 new-routing-mark=Rota2 passthrough=no
/ ip route add gateway=192.168.189.1 routing-mark=Rota2

/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment="BRADESCO" disabled=no list=LINK0
/ip firewall address-list add address=200.220.186.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=200.220.178.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=64.38.29.0/24 comment="RapidShare" disabled=no list=LINK1
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=LINK2
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
# Fim LoopBack por link----------------------

/ip firewall mangle add action=accept chain=prerouting comment="HTTPS FORA DO LOADBALACED" disabled=no protocol=tcp dst-port=443 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting comment="FORA DO LOADBALACED" disabled=no dst-address-list=loopback in-interface=ether5
/ip firewall mangle add action=change-ttl chain=forward comment="Filtro Tracert / Traceroute" disabled=no new-ttl=set:30 protocol=icmp
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether1 new-connection-mark=ether1_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether2 new-connection-mark=ether2_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether3 new-connection-mark=ether3_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether4 new-connection-mark=ether4_conn passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether1_conn disabled=no new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether2_conn disabled=no new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether3_conn disabled=no new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether4_conn disabled=no new-routing-mark=to_ether4 passthrough=yes
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=201.18.63.104/29 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/0
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/1
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether2_conn passthrough=yes per-connection-classifier=both-addresses:7/2
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/3
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/4
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/6
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether1_conn disabled=no in-interface=ether5 new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether2_conn disabled=no in-interface=ether5 new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether3_conn disabled=no in-interface=ether5 new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether4_conn disabled=no in-interface=ether5 new-routing-mark=to_ether4 passthrough=yes

# ip route----------------------------------
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 routing-mark=to_ether1 comment="Link0"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=201.18.63.104 routing-mark=to_ether2 comment="Link1"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.189.1 routing-mark=to_ether3 comment="Link2"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.188.1 routing-mark=to_ether4 comment="Link3"
/ip route add check-gateway=ping comment="Link0" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link1" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=201.18.63.104 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link2" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.189.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link3" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=192.168.188.1 scope=30 target-scope=10

# ip firewall address-list-----------------------------
/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.186.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.178.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=64.38.29.0/24 comment=RapidShare disabled=no list=loopback
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.159.128.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=loopback
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.201.160.0/24 comment="Caixa Economica Federal" disabled=no list=loopback
/ip firewall address-list add address=200.201.166.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.173.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.174.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.141.207.3 comment=Detran disabled=no list=loopback

# /system script--------------------------------------
/system script add name=Link0Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link0\"] disabled=yes;"
/system script add name=Link1Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link1\"] disabled=yes;"
/system script add name=Link2Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link2\"] disabled=yes;"
/system script add name=Link3Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link3\"] disabled=yes;"
/system script add name=Link0Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=no;\r\ \n/ip route set [find comment=\"Link0\"] disabled=no;"
/system script add name=Link1Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=no;\r\ \n/ip route set [find comment=\"Link1\"] disabled=no;"
/system script add name=Link2Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=no;\r\ \n/ip route set [find comment=\"Link2\"] disabled=no;"
/system script add name=Link3Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=no;\r\ \n/ip route set [find comment=\"Link3\"] disabled=no;"

# ip address --------------------------
/ip address add address=192.168.200.1/30 interface=ether5
/ip address add address=192.168.190.21/24 interface=ether1
/ip address add address=201.18.63.105/29 interface=ether2
/ip address add address=192.168.189.21/24 interface=ether3
/ip address add address=192.168.188.21/24 interface=ether4

# interface pppoe-client ---------------

# ip dns --------------------------------
/ip dns set primary-dns=8.8.8.8
/ip dns set secondary-dns=8.8.4.4
/ip dns set allow-remote-requests=yes

# ip dns statico------------------------
/ip dns static add address=192.168.200.1 comment="" disabled=no name=192.168.200.1.giga ttl=1d

# ip firewall Filter------------------------
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=velox.user.com.br disabled=no
/ip firewall filter add action=drop chain=forward comment="BLOQUEIO DE DNS REVERSO" content=speed.user.com.br disabled=no
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether1 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether2 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether3 src-address=255.255.255.252/30
/ip firewall filter add action=accept chain=input disabled=no in-interface=!ether4 src-address=255.255.255.252/30

# ip firewall nat--------------------------
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether1
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether2
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether3
/ip firewall nat add action=masquerade chain=srcnat disabled=no out-interface=ether4

# ip firewall mangle------------------------

# LoopBack por link-------------------------
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK0 in-interface=ether5 new-connection-mark=Sites0 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites0 disabled=no in-interface=ether5 new-routing-mark=Rota0 passthrough=no
/ ip route add gateway=192.168.190.1 routing-mark=Rota0
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK1 in-interface=ether5 new-connection-mark=Sites1 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites1 disabled=no in-interface=ether5 new-routing-mark=Rota1 passthrough=no
/ ip route add gateway=201.18.63.104 routing-mark=Rota1
/ ip firewall mangle add action=mark-connection chain=prerouting comment="" connection-state=new disabled=no dst-address-list=LINK2 in-interface=ether5 new-connection-mark=Sites2 passthrough=yes
/ ip firewall mangle add action=mark-routing chain=prerouting comment="" connection-mark=Sites2 disabled=no in-interface=ether5 new-routing-mark=Rota2 passthrough=no
/ ip route add gateway=192.168.189.1 routing-mark=Rota2

/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment="BRADESCO" disabled=no list=LINK0
/ip firewall address-list add address=200.220.186.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=200.220.178.0/24 comment="" disabled=no list=LINK0
/ip firewall address-list add address=64.38.29.0/24 comment="RapidShare" disabled=no list=LINK1
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=LINK1
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=LINK2
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=LINK2
# Fim LoopBack por link----------------------

/ip firewall mangle add action=accept chain=prerouting comment="HTTPS FORA DO LOADBALACED" disabled=no protocol=tcp dst-port=443 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting comment="FORA DO LOADBALACED" disabled=no dst-address-list=loopback in-interface=ether5
/ip firewall mangle add action=change-ttl chain=forward comment="Filtro Tracert / Traceroute" disabled=no new-ttl=set:30 protocol=icmp
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether1 new-connection-mark=ether1_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether2 new-connection-mark=ether2_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether3 new-connection-mark=ether3_conn passthrough=yes
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no in-interface=ether4 new-connection-mark=ether4_conn passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether1_conn disabled=no new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether2_conn disabled=no new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether3_conn disabled=no new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=output connection-mark=ether4_conn disabled=no new-routing-mark=to_ether4 passthrough=yes
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=201.18.63.104/29 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address=255.255.255.0/24 in-interface=ether5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/0
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether1_conn passthrough=yes per-connection-classifier=both-addresses:7/1
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether2_conn passthrough=yes per-connection-classifier=both-addresses:7/2
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/3
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether3_conn passthrough=yes per-connection-classifier=both-addresses:7/4
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/5
/ip firewall mangle add action=mark-connection connection-state=new chain=prerouting disabled=no dst-address-type=!local in-interface=ether5 new-connection-mark=ether4_conn passthrough=yes per-connection-classifier=both-addresses:7/6
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether1_conn disabled=no in-interface=ether5 new-routing-mark=to_ether1 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether2_conn disabled=no in-interface=ether5 new-routing-mark=to_ether2 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether3_conn disabled=no in-interface=ether5 new-routing-mark=to_ether3 passthrough=yes
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ether4_conn disabled=no in-interface=ether5 new-routing-mark=to_ether4 passthrough=yes

# ip route----------------------------------
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 routing-mark=to_ether1 comment="Link0"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=201.18.63.104 routing-mark=to_ether2 comment="Link1"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.189.1 routing-mark=to_ether3 comment="Link2"
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.188.1 routing-mark=to_ether4 comment="Link3"
/ip route add check-gateway=ping comment="Link0" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.190.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link1" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=201.18.63.104 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link2" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.189.1 scope=30 target-scope=10
/ip route add check-gateway=ping comment="Link3" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=192.168.188.1 scope=30 target-scope=10

# ip firewall address-list-----------------------------
/ip firewall address-list add address=200.155.80.0-200.155.255.255 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.186.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=200.220.178.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=64.38.29.0/24 comment=RapidShare disabled=no list=loopback
/ip firewall address-list add address=208.69.32.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=208.67.217.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.178.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.159.128.0/24 comment=BRADESCO disabled=no list=loopback
/ip firewall address-list add address=201.7.176.0/20 comment="Vídeos - Globo" disabled=no list=loopback
/ip firewall address-list add address=208.84.247.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.154.56.0/24 comment="Vídeos - terratv" disabled=no list=loopback
/ip firewall address-list add address=200.201.160.0/24 comment="Caixa Economica Federal" disabled=no list=loopback
/ip firewall address-list add address=200.201.166.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.173.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.201.174.0/24 comment="" disabled=no list=loopback
/ip firewall address-list add address=200.141.207.3 comment=Detran disabled=no list=loopback

# /system script--------------------------------------
/system script add name=Link0Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link0\"] disabled=yes;"
/system script add name=Link1Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link1\"] disabled=yes;"
/system script add name=Link2Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link2\"] disabled=yes;"
/system script add name=Link3Dow policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=yes;\r\ \n/ip route set [find comment=\"Link3\"] disabled=yes;"
/system script add name=Link0Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link0\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link0\"] disabled=no;\r\ \n/ip route set [find comment=\"Link0\"] disabled=no;"
/system script add name=Link1Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link1\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link1\"] disabled=no;\r\ \n/ip route set [find comment=\"Link1\"] disabled=no;"
/system script add name=Link2Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link2\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link2\"] disabled=no;\r\ \n/ip route set [find comment=\"Link2\"] disabled=no;"
/system script add name=Link3Up policy=\ ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source="\ /ip firewall filter set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall nat set [find comment=\"Link3\"] disabled=no;\r\ \n/ip firewall mangle set [find comment=\"Link3\"] disabled=no;\r\ \n/ip route set [find comment=\"Link3\"] disabled=no;"


Se alguem puder me ajudar....

augustopletsch
Baby
Baby

Mensagens : 1
Pontos : 3
Reputação : 0
Data de inscrição : 08/02/2013
Idade : 37
Localização Localização : brasil

Voltar ao Topo Ir em baixo

Re: Load Balance (Preciso de Ajuda)

Mensagem por Gerônimo em Qua 27 Fev - 20:30

Da uma olhada no link a seguir ve se te ajuda.
[Você precisa estar registrado e conectado para ver este link.]

__________________________________________________
A VIDA SO É DIGNA DE SER VIVIDA SE VOCÊ FIZER ALGO PELA VIDA EM VIDA.
MUDE A VIDA DE UMA CRIANÇA APADRINHE COM APENAS R$ 50,00 ACESSE [Você precisa estar registrado e conectado para ver este link.]
avatar
Gerônimo
Power User
Power User

Mensagens : 684
Pontos : 1454
Reputação : 722
Data de inscrição : 29/05/2010
Idade : 43
Localização Localização : Brasil

http://www.overnix.com/

Voltar ao Topo Ir em baixo

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum