load balsing nth
/ ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
add address=192.168.1.5/24 network=192.168.1.0 broadcast=192.168.1.255 interface=wlan2
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.1.255 interface=wlan1
/ ip firewall mangle
add chain=prerouting src-address-list=odd in-interface=Local action=mark-connection \
new-connection-mark=odd passthrough=yes
add chain=prerouting src-address-list=odd in-interface=Local action=mark-routing \
new-routing-mark=odd passthrough=no
add chain=prerouting src-address-list=even in-interface=Local action=mark-connection \
new-connection-mark=even passthrough=yes
add chain=prerouting src-address-list=even in-interface=Local action=mark-routing \
new-routing-mark=even passthrough=no
add chain=prerouting in-interface=Local connection-state=new nth=2,1 \
action=mark-connection new-connection-mark=odd passthrough=yes
add chain=prerouting in-interface=Local action=add-src-to-address-list \
address-list=odd address-list-timeout=1d connection-mark=odd passthrough=yes
add chain=prerouting in-interface=Local connection-mark=odd action=mark-routing \
new-routing-mark=odd passthrough=no
add chain=prerouting in-interface=Local connection-state=new nth=2,2 \
action=mark-connection new-connection-mark=even passthrough=yes
add chain=prerouting in-interface=Local action=add-src-to-address-list \
address-list=even address-list-timeout=1d connection-mark=even passthrough=yes
add chain=prerouting in-interface=Local connection-mark=even action=mark-routing \
new-routing-mark=even passthrough=no
/ ip firewall nat
add chain=srcnat out-interface=wlan1 action=masquerade
add chain=srcnat out-interface=wlan2 action=masquerade
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 routing-mark=odd
add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 routing-mark=even
add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10
======================================================================================================================
pcc 2 wan link
/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface=WAN1
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 interface=WAN2
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Local
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Local
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
=========================================================================================================================================================================================================
/ ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=LAN
add address=10.111.0.2/24 network=10.111.0.0 broadcast=10.111.0.255 interface=wan1
add address=10.112.0.2/24 network=10.112.0.0 broadcast=10.112.0.255 interface=wan2
add address=192.168.1.2/24 network=192.168.1.0 briadcast=192.168.1.255 interface=wan3
add address=192.168.2.2/24 network=192.168.2.0 briadcast=192.168.2.255 interface=wan4
add address=192.168.3.2/24 network=192.168.3.0 briadcast=192.168.3.255 interface=wan5
add address=192.168.4.2/24 network=192.168.4.0 briadcast=192.168.4.255 interface=wan6
add address=192.168.5.2/24 network=192.168.5.0 briadcast=192.168.5.255 interface=wan7
add address=192.168.6.2/24 network=192.168.6.0 briadcast=192.168.6.255 interface=wan8
add address=192.168.7.2/24 network=192.168.7.0 briadcast=192.168.7.255 interface=wan9
add address=192.168.8.2/24 network=192.168.8.0 briadcast=192.168.8.255 interface=wan10
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=221.132.112.8,8.8.8.8
/ ip firewall mangle
add chain=prerouting dst-address=10.111.0.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=10.112.0.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.5.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.6.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.7.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=192.168.8.0/24 action=accept in-interface=LAN
/ip firewall mangle
add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=conn_1
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=conn_2
add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=conn_3
add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=conn_4
add chain=input in-interface=wan5 action=mark-connection new-connection-mark=conn_5
add chain=input in-interface=wan6 action=mark-connection new-connection-mark=conn_6
add chain=input in-interface=wan7 action=mark-connection new-connection-mark=conn_7
add chain=input in-interface=wan8 action=mark-connection new-connection-mark=conn_8
add chain=input in-interface=wan9 action=mark-connection new-connection-mark=conn_9
add chain=input in-interface=wan10 action=mark-connecion new-connection-mark=conn_10
/ip firewall mangle
add chain=output connection-mark=conn_1 action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=conn_2 action=mark-routing new-routing-mark=to_WAN2
add chain=output connection-mark=conn_3 action=mark-routing new-routing-mark=to_WAN3
add chain=output connection-mark=conn_4 action=mark-routing new-routing-mark=to_WAN4
add chain=output connection-mark=conn_5 action=mark-routing new-routing-mark=to_WAN5
add chain=output connection-mark=conn_6 action=mark-routing new-routing-mark=to_WAN6
add chain=output connection-mark=conn_7 action=mark-routing new-routing-mark=to_WAN7
add chain=output connection-mark=conn_8 action=mark-routing new-routing-mark=to_WAN8
add chain=output connection-mark=conn_9 action=mark-routing new-routing-mark=to_WAN9
add chain=output connection-mark=conn_10 action=mark-routing new-routing-mark=to_WAN10
/ip firewall mangle
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/2 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/3 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/4 action=mark-connection new-connection-mark=WAN5_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/5 action=mark-connection new-connection-mark=WAN6_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/6 action=mark-connection new-connection-mark=WAN7_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/7 action=mark-connection new-connection-mark=WAN8_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/8 action=mark-connection new-connection-mark=WAN9_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=Local per-connection-classifier=both-addresses-and-ports:10/9 action=mark-connection new-connection-mark=WAN10_conn passthrough=yes
/ip firewall mangle
add chain=prerouting connection-mark=WAN1_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN4
add chain=prerouting connection-mark=WAN5_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN5
add chain=prerouting connection-mark=WAN6_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN6
add chain=prerouting connection-mark=WAN7_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN7
add chain=prerouting connection-mark=WAN8_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN8
add chain=prerouting connection-mark=WAN9_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN9
add chain=prerouting connection-mark=WAN10_conn in-interface=Local action=mark-routing new-routing-mark=to_WAN10
/ ip route
add dst-address=0.0.0.0/0 gateway=10.111.0.1 routing-mark=to_wan1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 routing-mark=to_wan2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN4 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 routing-mark=to_WAN5 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 routing-mark=to_WAN6 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.5.1 routing-mark=to_WAN7 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.6.1 routing-mark=to_WAN8 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.7.1 routing-mark=to_WAN9 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.8.1 routing-mark=to_WAN10 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.111.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 distance=3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 distance=4 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.5.1 distance=5 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.6.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.7.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.8.1 distance=4 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN1 action=masquerade
add chain=srcnat out-interface=WAN2 action=masquerade
add chain=srcnat out-interface=WAN3 action=masquerade
add chain=srcnat out-interface=WAN4 action=masquerade
add chain=srcnat out-interface=WAN5 action=masquerade
add chain=srcnat out-interface=WAN6 action=masquerade
add chain=srcnat out-interface=WAN7 action=masquerade
add chain=srcnat out-interface=WAN8 action=masquerade
add chain=srcnat out-interface=WAN9 action=masquerade
add chain=srcnat out-interface=WAN10 action=masquerade
========================================================================================================
=============================================================================================================================
--------------------------------------------------------------------------------------------------------------------------------------
===========================================================================================================================================
/ ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=LAN
add address=10.111.0.2/24 network=10.111.0.0 broadcast=10.111.0.255 interface=ISP1
add address=10.112.0.2/24 network=10.112.0.0 broadcast=10.112.0.255 interface=ISP2
/ ip firewall mangle
add chain=prerouting dst-address=10.111.0.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=10.112.0.0/24 action=accept in-interface=LAN
add chain=prerouting in-interface=ISP1 connection-mark=no-mark action=mark-connection \
new-connection-mark=ISP1_conn
add chain=prerouting in-interface=ISP2 connection-mark=no-mark action=mark-connection \
new-connection-mark=ISP2_conn
add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local \
per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting in-interface=LAN connection-mark=no-mark dst-address-type=!local \
per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting connection-mark=ISP1_conn in-interface=LAN action=mark-routing \
new-routing-mark=to_ISP1
add chain=prerouting connection-mark=ISP2_conn in-interface=LAN action=mark-routing \
new-routing-mark=to_ISP2
add chain=output connection-mark=ISP1_conn action=mark-routing new-routing-mark=to_ISP1
add chain=output connection-mark=ISP2_conn action=mark-routing new-routing-mark=to_ISP2
/ ip route
add dst-address=0.0.0.0/0 gateway=10.111.0.1 routing-mark=to_ISP1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 routing-mark=to_ISP2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.111.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 distance=2 check-gateway=ping
/ ip firewall nat
add chain=srcnat out-interface=ISP1 action=masquerade
add chain=srcnat out-interface=ISP2 action=masquerade
No comments:
Post a Comment