kice 发表于 2012-7-14 20:56:42

ROS双线在同一网关上做的负载端口映射,怎么都设定不成功呢?

具体情况如下:
Ros 5.18版本,共装3块网卡:
ether1------------内网,ip:172.16.0.254;
ether2------------外网,ip:10.0.0.2;网关:10.0.0.254
ether1------------内网,ip:10.0.0.3;网关:10.0.0.254
外网同网关:10.0.0.254
已经成功做成了pcc负载均衡,内网上网没有任何问题,
脚本如下:/ip firewall address-list
add address=172.16.0.0/24 disabled=no list=All_IP

/ip firewall mangle
#路由原路返回策略
add action=mark-connection chain=input comment=\
    "\C2\B7\D3\C9\D4\AD\C2\B7\B7\B5\BB\D8\B2\DF\C2\D4" disabled=yes \
    in-interface=ether2 new-connection-mark=ether2_conn passthrough=yes
add action=mark-routing chain=output connection-mark=ether2_conn disabled=yes \
    new-routing-mark=ether2_rout passthrough=yes
add action=mark-connection chain=input disabled=yes in-interface=ether3 \
    new-connection-mark=ether3_conn passthrough=yes
add action=mark-routing chain=output connection-mark=ether3_conn disabled=yes \
    new-routing-mark=ether3_rout passthrough=yes
#标记ether2
add action=mark-connection chain=prerouting comment="\B1\EA\BC\C7ether2" \
    disabled=no dst-address-type=!local new-connection-mark=ether2_conn \
    passthrough=yes per-connection-classifier=both-addresses:2/0 \
    src-address-list=All_IP
add action=mark-routing chain=prerouting connection-mark=ether2_conn disabled=\
    no new-routing-mark=ether2_rout passthrough=yes src-address-list=All_IP
#标记ether3
add action=mark-connection chain=prerouting comment="\B1\EA\BC\C7ether3" \
    disabled=no dst-address-type=!local new-connection-mark=ether3_conn \
    passthrough=yes per-connection-classifier=both-addresses:2/1 \
    src-address-list=All_IP
add action=mark-routing chain=prerouting connection-mark=ether3_conn disabled=\
    no new-routing-mark=ether3_rout passthrough=yes src-address-list=All_IP

/ip firewall nat
add action=src-nat chain=srcnat comment="ether2\BF\DANat" disabled=no \
    out-interface=ether2 src-address-list=All_IP to-addresses=10.0.0.3
add action=src-nat chain=srcnat comment="ether3\BF\DANat" disabled=no \
    out-interface=ether3 src-address-list=All_IP to-addresses=10.0.0.2

/ip route
#添加外网1线到10.0.0.254的路由
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.0.0.254%ether2 \
    routing-mark=ether2_rout scope=30 target-scope=10
#添加外网2线到10.0.0.254的路由
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.0.0.254%ether3 \
    routing-mark=ether3_rout scope=30 target-scope=10
#添加默认路由
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.0.0.254 scope=30 \
    target-scope=10可是,端口映射怎么也做不成,出现,在外网,有的机器可以用10.0.0.2访问内网服务器,有的机器只可以用10.0.0.3访问内网服务器,请问大师,如何设置此类同网关多线pcc负载下的端口映射呢??
恳请赐教!!

kice 发表于 2012-7-14 20:58:12

本帖最后由 kice 于 2012-7-14 21:01 编辑

我需要在外网都能够通过10.0.0.2和10.0.0.3访问内网服务器,影射的端口是:80,我用winbox可以正常在外网登陆ros服务器!
愿意付铜板购买,谢谢·

peckpock 发表于 2012-7-14 21:25:23

你确定你的外网80端口可以用?电信没封?
可以试下做哪进哪出策略!

kice 发表于 2012-7-14 21:58:54

外网的80端口没有封,具体怎么设置呢?求教!
页: [1]
查看完整版本: ROS双线在同一网关上做的负载端口映射,怎么都设定不成功呢?