Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Balanceo Avanzado PCC 3 WAN Con Failover Profesional v6

    Încărcat de

    Actionnet Soporte
    4K vizualizări3 pagini
    balanceo de linea

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    TXT, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    balanceo de linea

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    4K vizualizări3 pagini

    Balanceo Avanzado PCC 3 WAN Con Failover Profesional v6

    Încărcat de

    Actionnet Soporte
    balanceo de linea

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 3

    Bienvenido a este entrenamiento

    Por: Rodrigo Anrrango


    www.ConfigurarMikrotikWireless.com
    ***NOTA***
    1 # Asegrese de cambiar los nombres de las interfaces y las
    erdo a su red,
    2 # En la seccin DNS, utilizar las direcciones IP DNS de tu
    8.8 y 8.8.4.4
    3 # Puede utilizar diferentes direcciones de host IP para la
    blemente servidores confiables de su ISP primaria como DNS u
    Puede utilizar otros sitios web IPS tambin.

    direcciones IP de acu
    ISP o DNS google 8.8.
    vigilancia, preferi
    otro.

    Las interfaces deben estar Renombradas en el RB tal Cual en Mayusculas asi:


    WAN1
    WAN2
    WAN3
    LAN
    ***Recuerda Modificar tus IP de tu proveedor.
    /ip address
    add address=192.168.5.2/24 interface=WAN1 network=192.168.5.0
    add address=192.168.6.2/24 interface=WAN2 network=192.168.6.0
    add address=192.168.7.2/24 interface=WAN3 network=192.168.7.0
    add address=192.168.26.1/30 interface=LAN network=192.168.26.0
    /ip
    add
    add
    add

    firewall nat
    action=masquerade chain=srcnat out-interface=WAN1
    action=masquerade chain=srcnat out-interface=WAN2
    action=masquerade chain=srcnat out-interface=WAN3

    /ip firewall mangle


    add action=mark-connection chain=input in-interface=WAN1 new-connection-mark=WAN
    1_conn
    add action=mark-connection chain=input in-interface=WAN2 new-connection-mark=WAN
    2_conn
    add action=mark-connection chain=input in-interface=WAN3 new-connection-mark=WAN
    3_conn
    add action=mark-routing chain=output connection-mark=WAN1_conn new-routing-mark=
    to_WAN1
    add action=mark-routing chain=output connection-mark=WAN2_conn new-routing-mark=
    to_WAN2
    add action=mark-routing chain=output connection-mark=WAN3_conn new-routing-mark=
    to_WAN3
    add chain=prerouting dst-address=192.168.5.0/24 in-interface=LAN
    add chain=prerouting dst-address=192.168.6.0/24 in-interface=LAN
    add chain=prerouting dst-address=192.168.7.0/24 in-interface=LAN
    add action=mark-connection chain=prerouting dst-address-type=!local in-interface
    =LAN new-connection-mark=WAN1_conn per-connection-classifier=both-addresses:3/0
    add action=mark-connection chain=prerouting dst-address-type=!local in-interface
    =LAN new-connection-mark=WAN2_conn per-connection-classifier=both-addresses:3/1
    add action=mark-connection chain=prerouting dst-address-type=!local in-interface
    =LAN new-connection-mark=WAN3_conn per-connection-classifier=both-addresses:3/2
    **NOTA IMPORTANTE
    ***INICIO: both-addresses-and-ports
    /ip firewall mangle
    add action=mark-connection chain=prerouting dst-address-type=!local in-interface

    =LAN new-connection-mark=WAN1_conn per-connection-classifier=both-addresses-andports:3/0


    add action=mark-connection chain=prerouting dst-address-type=!local in-interface
    =LAN new-connection-mark=WAN2_conn per-connection-classifier=both-addresses-andports:3/1
    add action=mark-connection chain=prerouting dst-address-type=!local in-interface
    =LAN new-connection-mark=WAN3_conn per-connection-classifier=both-addresses-andports:3/2
    ***FIN
    /ip
    add
    LAN
    add
    LAN
    add
    LAN

    firewall mangle
    action=mark-routing chain=prerouting connection-mark=WAN1_conn in-interface=
    new-routing-mark=to_WAN1
    action=mark-routing chain=prerouting connection-mark=WAN2_conn in-interface=
    new-routing-mark=to_WAN2
    action=mark-routing chain=prerouting connection-mark=WAN3_conn in-interface=
    new-routing-mark=to_WAN3

    ***Importante***
    /ip route
    add check-gateway=ping distance=1 gateway=8.8.8.8 routing-mark=to_WAN1
    add check-gateway=ping distance=2 gateway=8.8.4.4 routing-mark=to_WAN2
    add check-gateway=ping distance=3 gateway=4.2.2.2 routing-mark=to_WAN3
    add distance=1 gateway=10.0.0.1 routing-mark=to_WAN1
    add distance=2 gateway=10.0.0.2 routing-mark=to_WAN2
    add distance=3 gateway=10.0.0.3 routing-mark=to_WAN3
    add distance=1 gateway=10.0.0.1
    add distance=2 gateway=10.0.0.2
    add distance=3 gateway=10.0.0.3
    add distance=1 dst-address=8.8.8.8/32 gateway=192.168.5.1 scope=10
    add distance=1 dst-address=8.8.4.4/32 gateway=192.168.6.1 scope=10
    add distance=1 dst-address=4.2.2.2/32 gateway=192.168.7.1 scope=10
    add check-gateway=ping distance=1 dst-address=10.0.0.1/32 gateway=8.8.8.8 scope=
    10
    add check-gateway=ping distance=1 dst-address=10.0.0.2/32 gateway=8.8.4.4 scope=
    10
    add check-gateway=ping distance=1 dst-address=10.0.0.3/32 gateway=4.2.2.2 scope=
    10
    Fuente para failover: http://wiki.mikrotik.com/wiki/Manual:Using_scope_and_targe
    t-scope_attributes
    Trafico Por Proveedor WAN1
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="Https port 443 trafico sep
    arado by WAN1" disabled=yes dst-port=443 in-interface=LAN new-connection-mark=Ht
    tps protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=Https disabled=yes in-i
    nterface=LAN new-routing-mark=to_WAN1 passthrough=no
    add action=mark-connection chain=prerouting comment="http port 80 Trafico separa
    do by WAN1" disabled=yes dst-port=80 in-interface=LAN new-connection-mark=http p
    rotocol=tcp
    add action=mark-routing chain=prerouting connection-mark=http disabled=yes in-in
    terface=LAN new-routing-mark=to_WAN1 passthrough=no
    Trafico Por Proveedor WAN2
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment="Https port 443 trafico sep
    arado by WAN2" dst-port=443 in-interface=LAN new-connection-mark=Https protocol=

    tcp
    add action=mark-routing chain=prerouting connection-mark=Https in-interface=LAN
    new-routing-mark=to_WAN2 passthrough=no
    add action=mark-connection chain=prerouting comment="http port 80 Trafico separa
    do by WAN2" dst-port=80 in-interface=LAN new-connection-mark=http protocol=tcp
    add action=mark-routing chain=prerouting connection-mark=http in-interface=LAN n
    ew-routing-mark=to_WAN2 passthrough=no
    ************************
    ##Difinicin##
    both-addresses = ambas-direcciones IP
    both-addresses: La peticin de origen y destino IP entre el mismo cliente y el ser
    vidor siempre ser la misma, por lo que todo el trfico
    entre un cliente especfico y un servidor especfico (por ejemplo, su computadora po
    rttil y servidor 67.89.2.5) siempre que coincida con el
    mismo matcher PCC , y siempre ser puesto en el mismo enlace.
    both-addresses = ambas-direcciones IP ,se refiere a src-address y dst-address
    Como el clasificador. Aunque esto va a cambiar aleatoriamente cosas la teora ms y
    le dar la asignacin ms justa de ancho de banda,
    pero tambin hay una buena probabilidad de que se rompa ciertas cosas como los sit
    ios web bancarios y algunos foros.
    Esto se debe a las peticiones muchas veces un HTTP generarn varias conexiones, po
    r lo que existe la posibilidad de
    que algunas solicitudes podrn salir una ruta diferente a la inicial, y que se rom
    pern los sitios web seguros.
    Mas informacin: http://wiki.mikrotik.com/wiki/How_PCC_works_%28beginner%29
    ************************

    S-ar putea să vă placă și