4 WAN Распределение нагрузки в 2 отдельных локальных сетях на одном и том же RB

Question

4 WAN Распределение нагрузки в 2 отдельных локальных сетях на одном и том же RB

Я пытаюсь выполнить балансировку нагрузки 4-х провайдеров на 2-х ЛВС на одной маршрутизаторе с помощью RB1100xa4: эта топология объясняет, чего я пытаюсь достичь

Это работает, но иногда Bridge2 может достигать ISP_1 & ISP_2 и загружать с них только вместо загрузки только с ISP_3 & ISP_4

Вот мои конфигурации: Балансировка нагрузки для Bridge1:

/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address-list=balance in-interface=Bridge1
/ip address add address=192.168.111.1/24 interface=Bridge1
/ip address add address=192.168.1.33/24 interface=ISP_1
/ip address add address=192.168.2.33/24 interface=ISP_2
/ip firewall mangle add chain=input in-interface=ISP_1 action=mark-connection new-connection-mark=ISP1_conn
/ip firewall mangle add chain=input in-interface=ISP_2 action=mark-connection new-connection-mark=ISP2_conn
/ip firewall mangle add chain=output connection-mark=ISP1_conn action=mark-routing new-routing-mark=to_ISP1
/ip firewall mangle add chain=output connection-mark=ISP2_conn action=mark-routing new-routing-mark=to_ISP2
/ip firewall mangle add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=Bridge1
/ip firewall mangle add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=Bridge1
/ip firewall mangle add chain=prerouting dst-address-type=!local in-interface=Bridge1 per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=ISP3_conn passthrough=yes
/ip firewall mangle add chain=prerouting dst-address-type=!local in-interface=Bridge1 per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-mark=ISP4_conn passthrough=yes
/ip firewall mangle add chain=prerouting connection-mark=ISP3_conn in-interface=Bridge1 action=mark-routing new-routing-mark=to_ISP1
/ip firewall mangle add chain=prerouting connection-mark=ISP4_conn in-interface=Bridge1 action=mark-routing new-routing-mark=to_ISP2
/ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_ISP1 check-gateway=ping
/ip route add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_ISP2 check-gateway=ping
/ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
/ip route add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
/ip firewall nat add action=masquerade chain=srcnat src-address=192.168.111.0/24  disabled=no
/ip firewall nat add chain=srcnat out-interface=ISP_1 action=masquerade
/ip firewall nat add chain=srcnat out-interface=ISP_2 action=masquerade

Балансировка нагрузки для Bridge2:

/ip firewall mangle add action=accept chain=prerouting disabled=no dst-address-list=balance in-interface=Bridge2
/ip address add address=192.168.112.1/24 interface=Bridge2
/ip address add address=192.168.3.33/24 interface=ISP_3
/ip address add address=192.168.4.33/24 interface=ISP_4
/ip firewall mangle add chain=input in-interface=ISP_3 action=mark-connection new-connection-mark=ISP3_conn
/ip firewall mangle add chain=input in-interface=ISP_4 action=mark-connection new-connection-mark=ISP4_conn
/ip firewall mangle add chain=output connection-mark=ISP3_conn action=mark-routing new-routing-mark=to_ISP3
/ip firewall mangle add chain=output connection-mark=ISP4_conn action=mark-routing new-routing-mark=to_ISP4
/ip firewall mangle add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=Bridge2
/ip firewall mangle add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=Bridge2
/ip firewall mangle add chain=prerouting dst-address-type=!local in-interface=Bridge2 per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=ISP1_conn passthrough=yes
/ip firewall mangle add chain=prerouting dst-address-type=!local in-interface=Bridge2 per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-mark=ISP2_conn passthrough=yes
/ip firewall mangle add chain=prerouting connection-mark=ISP3_conn in-interface=Bridge2 action=mark-routing new-routing-mark=to_ISP3
/ip firewall mangle add chain=prerouting connection-mark=ISP4_conn in-interface=Bridge2 action=mark-routing new-routing-mark=to_ISP4
/ip route add dst-address=0.0.0.0/0 gateway=192.168.3.1 routing-mark=to_ISP3 check-gateway=ping
/ip route add dst-address=0.0.0.0/0 gateway=192.168.4.1 routing-mark=to_ISP4 check-gateway=ping
/ip route add dst-address=0.0.0.0/0 gateway=192.168.3.1 distance=1 check-gateway=ping
/ip route add dst-address=0.0.0.0/0 gateway=192.168.4.1 distance=2 check-gateway=ping
/ip firewall nat add action=masquerade chain=srcnat src-address=192.168.112.0/24  disabled=no
/ip firewall nat add chain=srcnat out-interface=ISP_3 action=masquerade
/ip firewall nat add chain=srcnat out-interface=ISP_4 action=masquerade

Это правильно, что я сделал? или есть лучший способ?

0

routing mikrotik-routeros

Источник

Ayman 29 апр '19 в 10:00

0 ответов

Другие вопросы по тегам routing mikrotik-routeros