mfkx 发表于 2006-4-14 20:37:22

各位好,请帮我改一下这道题,谢谢

一、我的网络现状:
1、Man=教育局城域网(电信):IP:192.168.188.253/24,Gat:192.168.188.1
2、Wan=电信固定IP:202.98.153.AA/24,Gat:202.98.153.1
3、Lan=192.168.0.0/24,Gat:192.168.0.1(这是目的,即将以上两电信外网路由为192.168.0.0/24)

二、我是这样做的,敬请指教,谢谢!

1、宽带线路
/ip address
add address 192.168.0.1 mask 24 interface Lan
add address 192.168.188.253 mask 24 interface Man
add address 202.98.153.AA mask 24 interface Wan

2、路由
/ip route
add dst 0.0.0.0/0 gat 192.168.188.1,202.98.153.1

3、IP伪装
/ ip firewall nat
add chain=srcnat src-address=192.168.0.0/24 action=masquerade comment="" disabled=no

/ ip firewall mangle
add chain=prerouting src-address=192.168.0.0/24 protocol=tcp tcp-flags=syn \
    tcp-mss=1448 action=accept comment="" disabled=no
add chain=prerouting src-address=192.168.0.0/24 action=mark-routing \
    new-routing-mark=lan passthrough=yes comment="" disabled=no

4、自动切换脚本:
/ system script
add name="Mandown" source=":if \(\ status\]=\"down\"\) do {/ip route set \ gateway \ network\]} else {/ip route set \ gateway 202.98.153.1}" policy=ftp,reboot,read,write,policy,test
add name="Wanup" source="/ip route set \ gateway 202.98.153.1\n" policy=ftp,reboot,read,write,policy,test
add name="Wandown" source=":if \(\ status\]=\"down\"\) do {/ip route set \ gateway \ network\]} else {/ip route set \ gateway 192.168.188.1}" policy=ftp,reboot,read,write,policy,test
add name="Manup" source="/ip route set \ gateway 192.168.188.1\n" policy=ftp,reboot,read,write,policy,test

5、监控开关
/tool netwatch
add host=202.98.153.1 timeout=1s interval=5s up-script=Wanup down-script=Wandown comment="Wan" disabled=no
add host=192.168.188.1 timeout=1s interval=5s up-script=Manup down-script=Mandown comment="Man" disabled=no
页: [1]
查看完整版本: 各位好,请帮我改一下这道题,谢谢