Scribd Logo
Upload

Welcome to Scribd!

  • Balanceo Avanzado Con PPPoE Cliente 4 ISP v6

    Uploaded by

    Rolando Melgarejo
    104 views4 pages
    balanceo

    Original Title

    Balanceo Avanzado Con PPPoE Cliente 4 ISP v6.Txt

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    balanceo

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    104 views4 pages

    Balanceo Avanzado Con PPPoE Cliente 4 ISP v6

    Uploaded by

    Rolando Melgarejo
    balanceo

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    ***Configurar PPPoE Cliente

    ***Activar DNS

    ** Interfaces Mikrotik
    IPS1, ISP2, ISP3, ISP4. LAN

    ** Interface de PPPoE
    pppoe-out1, pppoe-out2, pppoe-out3, pppoe-out4

    ****Nat All Interfaces

    /ip firewall nat


    add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out1
    add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out2
    add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out3
    add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out4

    *** Anidir pool de IPS del LAN puede ser /24 0r /30

    /ip firewall address-list


    add address=192.168.26.0/24 disabled=no list=GW01_LAN

    ****MANGLE and First Https and second ACCEP prerouting with address-
    list=GW01_LAN*****

    /ip firewall mangle


    add action=mark-routing chain=prerouting disabled=no dst-port=443 new-routing-
    mark=HTTPS passthrough=no protocol=tcp
    add action=accept chain=prerouting disabled=no dst-address-list=GW01_LAN src-
    address-list=GW01_LAN
    add action=mark-connection chain=forward connection-mark=no-mark disabled=no in-
    interface=pppoe-out1 new-connection-mark=ISP1_conn passthrough=no
    add action=mark-connection chain=forward connection-mark=no-mark disabled=no in-
    interface=pppoe-out2 new-connection-mark=ISP2_conn passthrough=no
    add action=mark-connection chain=forward connection-mark=no-mark disabled=no in-
    interface=pppoe-out3 new-connection-mark=ISP3_conn passthrough=no
    add action=mark-connection chain=forward connection-mark=no-mark disabled=no in-
    interface=pppoe-out4 new-connection-mark=ISP4_conn passthrough=no
    add action=mark-connection chain=prerouting connection-mark=no-mark disabled=no in-
    interface=pppoe-out1 new-connection-mark=ISP1_conn passthrough=yes
    add action=mark-connection chain=prerouting connection-mark=no-mark disabled=no in-
    interface=pppoe-out2 new-connection-mark=ISP2_conn passthrough=yes
    add action=mark-connection chain=prerouting connection-mark=no-mark disabled=no in-
    interface=pppoe-out3 new-connection-mark=ISP3_conn passthrough=yes
    add action=mark-connection chain=prerouting connection-mark=no-mark disabled=no in-
    interface=pppoe-out4 new-connection-mark=ISP4_conn passthrough=yes
    add action=jump chain=prerouting connection-mark=no-mark disabled=no in-
    interface=LAN jump-target=policy_routing
    add action=mark-routing chain=prerouting connection-mark=ISP1_conn disabled=no new-
    routing-mark=ISP1_traffic passthrough=yes src-address-list=GW01_LAN
    add action=mark-routing chain=prerouting connection-mark=ISP2_conn disabled=no new-
    routing-mark=ISP2_traffic passthrough=yes src-address-list=GW01_LAN
    add action=mark-routing chain=prerouting connection-mark=ISP3_conn disabled=no new-
    routing-mark=ISP3_traffic passthrough=yes src-address-list=GW01_LAN
    add action=mark-routing chain=prerouting connection-mark=ISP4_conn disabled=no new-
    routing-mark=ISP4_traffic passthrough=yes src-address-list=GW01_LAN
    add action=mark-routing chain=output connection-mark=ISP1_conn disabled=no new-
    routing-mark=ISP1_traffic passthrough=yes
    add action=mark-routing chain=output connection-mark=ISP2_conn disabled=no new-
    routing-mark=ISP2_traffic passthrough=yes
    add action=mark-routing chain=output connection-mark=ISP3_conn disabled=no new-
    routing-mark=ISP3_traffic passthrough=yes
    add action=mark-routing chain=output connection-mark=ISP4_conn disabled=no new-
    routing-mark=ISP4_traffic passthrough=yes
    add action=mark-connection chain=policy_routing dst-address-type=!local new-
    connection-mark=ISP1_conn per-connection-classifier=both-addresses-and-ports:4/0
    add action=mark-connection chain=policy_routing dst-address-type=!local new-
    connection-mark=ISP2_conn per-connection-classifier=both-addresses-and-ports:4/1
    add action=mark-connection chain=policy_routing dst-address-type=!local new-
    connection-mark=ISP3_conn per-connection-classifier=both-addresses-and-ports:4/2
    add action=mark-connection chain=policy_routing dst-address-type=!local new-
    connection-mark=ISP4_conn per-connection-classifier=both-addresses-and-ports:4/3

    ***NOTA Importante***
    Opcin: both-addresses
    add action=mark-connection chain=policy_routing dst-address-type=!local new-
    connection-mark=ISP1_conn per-connection-classifier=both-addresses:4/0
    add action=mark-connection chain=policy_routing dst-address-type=!local new-
    connection-mark=ISP2_conn per-connection-classifier=both-addresses:4/1
    add action=mark-connection chain=policy_routing dst-address-type=!local new-
    connection-mark=ISP3_conn per-connection-classifier=both-addresses:4/2
    add action=mark-connection chain=policy_routing dst-address-type=!local new-
    connection-mark=ISP4_conn per-connection-classifier=both-addresses:4/3

    ************************
    ##Difinicin##
    both-addresses = ambas-direcciones IP
    both-addresses: La peticin de origen y destino IP entre el mismo cliente y el
    servidor siempre ser la misma, por lo que todo el trfico
    entre un cliente especfico y un servidor especfico (por ejemplo, su computadora
    porttil y servidor 67.89.2.5) siempre que coincida con el
    mismo matcher PCC , y siempre ser puesto en el mismo enlace.

    both-addresses = ambas-direcciones IP ,se refiere a src-address y dst-address


    Como el clasificador. Aunque esto va a cambiar aleatoriamente cosas la teora ms y
    le dar la asignacin ms justa de ancho de banda,
    pero tambin hay una buena probabilidad de que se rompa ciertas cosas como los
    sitios web bancarios y algunos foros.
    Esto se debe a las peticiones muchas veces un HTTP generarn varias conexiones, por
    lo que existe la posibilidad de
    que algunas solicitudes podrn salir una ruta diferente a la inicial, y que se
    rompern los sitios web seguros.

    Mas informacin: http://wiki.mikrotik.com/wiki/How_PCC_works_%28beginner%29


    ************************

    ***Failover

    /ip route
    add check-gateway=arp distance=1 gateway=pppoe-out1 routing-mark=ISP1_traffic
    add check-gateway=arp distance=1 gateway=pppoe-out2 routing-mark=ISP2_traffic
    add check-gateway=arp distance=1 gateway=pppoe-out3 routing-mark=ISP3_traffic
    add check-gateway=arp distance=1 gateway=pppoe-out4 routing-mark=ISP4_traffic
    add check-gateway=arp distance=1 gateway=pppoe-out1
    add check-gateway=arp distance=1 gateway=pppoe-out2
    add check-gateway=arp distance=1 gateway=pppoe-out3
    add check-gateway=arp distance=1 gateway=pppoe-out4

    ***For HTTPS...

    /ip route
    add check-gateway=arp disabled=no distance=2 dst-address=0.0.0.0/0 gateway=pppoe-
    out1 routing-mark=HTTPS scope=30 target-scope=10
    add check-gateway=arp disabled=no distance=3 dst-address=0.0.0.0/0 gateway=pppoe-
    out2 routing-mark=HTTPS scope=30 target-scope=10
    add check-gateway=arp disabled=no distance=4 dst-address=0.0.0.0/0 gateway=pppoe-
    out3 routing-mark=HTTPS scope=30 target-scope=10
    add check-gateway=arp disabled=no distance=5 dst-address=0.0.0.0/0 gateway=pppoe-
    out4 routing-mark=HTTPS scope=30 target-scope=10

    ##Trafico Por Proveedor ISP1


    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="Https port 443 trafico ISP1
    by cmw" disabled=yes dst-port=443 in-interface=LAN new-connection-mark=Https
    protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=Https disabled=yes in-
    interface=LAN new-routing-mark=ISP1_traffic passthrough=no
    add action=mark-connection chain=prerouting comment="http port 80 Trafico ISP1 by
    cmw" disabled=yes dst-port=80 in-interface=LAN new-connection-mark=http
    protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=http disabled=yes in-
    interface=LAN new-routing-mark=ISP1_traffic passthrough=no

    ##Trafico Por Proveedor ISP2


    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="Https port 443 trafico ISP2
    by cmw" disabled=yes dst-port=443 in-interface=LAN new-connection-mark=Https
    protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=Https disabled=yes in-
    interface=LAN new-routing-mark=ISP2_traffic passthrough=no
    add action=mark-connection chain=prerouting comment="http port 80 Trafico ISP2 by
    cmw" disabled=yes dst-port=80 in-interface=LAN new-connection-mark=http
    protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=http disabled=yes in-
    interface=LAN new-routing-mark=ISP2_traffic passthrough=no

    ##Trafico Por Proveedor ISP3


    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="Https port 443 trafico ISP3
    by cmw " disabled=yes dst-port=443 in-interface=LAN new-connection-mark=Https
    protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=Https disabled=yes in-
    interface=LAN new-routing-mark=ISP3_traffic passthrough=no
    add action=mark-connection chain=prerouting comment="http port 80 Trafico ISP3 by
    cmw" disabled=yes dst-port=80 in-interface=LAN new-connection-mark=http
    protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=http disabled=yes in-
    interface=LAN new-routing-mark=ISP3_traffic passthrough=no

    ##Trafico Por Proveedor ISP3


    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="Https port 443 trafico ISP4
    by cmw" disabled=yes dst-port=443 in-interface=LAN new-connection-mark=Https
    protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=Https disabled=yes in-
    interface=LAN new-routing-mark=ISP4_traffic passthrough=no
    add action=mark-connection chain=prerouting comment="http port 80 Trafico ISP4 by
    cmw" disabled=yes dst-port=80 in-interface=LAN new-connection-mark=http
    protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=http disabled=yes in-
    interface=LAN new-routing-mark=ISP4_traffic passthrough=no

    By: Rodrigo Anrrango

    You might also like