http://www.minitw.com/archives/409
要在 RouterOS 中實現多條 ADSL 負載平衡與自動備援並不困難
但是主要的問題會是 ADSL 的 閘道(Gateway),都是同一個位置(假設是同一家ISP)
要解決這個問題必需使用 Mangle 裡的標記(mark) 且配合 nth,請看以下範例
使用 Mangle 裡的標記(mark) 且配合 nth 可以解決ADSL 負載平衡的問題。
而自動備援的問題,則是在 NAT 裡加入一行不指定條件的 masquerade 即可(需放置於正常有指定條件masquerade的後面)
設定檔的使用方式很簡單,先在 Winbox 的左邊點選 New Terminal
然後把下面的設定檔貼上就可以了
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59 |
#以下設定檔在 RouterOS 3.20 下測試通過
/interface pppoe-client
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 comment=\
"" dial-on-demand=no disabled=no interface=掛載ADSL-1的網卡 max-mru=1480 max-mtu=1480 \
mrru=disabled name=ADSL-1 password=ADSL-1密碼 profile=default service-name="" \
use-peer-dns=yes user=ADSL-1帳號
add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 comment=\
"" dial-on-demand=no disabled=no interface=掛載ADSL-2的網卡 max-mru=1480 max-mtu=1480 \
mrru=disabled name=ADSL-2 password=ADSL-2密碼 profile=default service-name="" \
use-peer-dns=yes user=ADSL-2帳號
/ip firewall mangle
#讓外部可以連通本機多條 ADSL
add action=mark-connection chain=input comment=\
"\C5\FD\A5~\B3\A1\A5i\A5H\B3s\B3q\A5\BB\BE\F7\A6h\B1\F8 ADSL" disabled=no \
in-interface=ADSL-1 new-connection-mark=from_adsl_1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=from_adsl_1 \
disabled=no new-routing-mark=to_adsl_1 passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=\
ADSL-2 new-connection-mark=from_adsl_2 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=from_adsl_2 \
disabled=no new-routing-mark=to_adsl_2 passthrough=yes
#內部網路負載平衡
add action=mark-connection chain=prerouting comment=\
"\A4\BA\B3\A1\BA\F4\B8\F4\ADt\B8\FC\A5\AD\BF\C5" connection-state=new \
disabled=no in-interface=請改成你的內部網卡 new-connection-mark=nth_1 nth=2,1 \
passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=nth_1 \
disabled=no in-interface=請改成你的內部網卡 new-routing-mark=to_adsl_1 passthrough=no
add action=mark-connection chain=prerouting comment="" connection-state=new \
disabled=no in-interface=請改成你的內部網卡 new-connection-mark=nth_2 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=nth_2 \
disabled=no in-interface=請改成你的內部網卡 new-routing-mark=to_adsl_2 passthrough=no
/ip firewall nat
#線路正常時,依負載平衡走不一樣的 ADSL 線路出去
add action=masquerade chain=srcnat comment="\BDu\B8\F4\A5\BF\B1`\AE\C9\A1A\A8\
\CC\ADt\B8\FC\A5\AD\BF\C5\A8\AB\A4\A3\A4@\BC\CB\AA\BA ADSL \BDu\B8\F4\A5X\
\A5h" disabled=no out-interface=ADSL-1 routing-mark=to_adsl_1
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
ADSL-2 routing-mark=to_adsl_2
#ADSL 斷線自動備援
add action=masquerade chain=srcnat comment=\
"ADSL \C2_\BDu\A6\DB\B0\CA\B3\C6\B4\A9" disabled=no
/ip route
#設定 ADSL 路由
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ADSL-1 \
routing-mark=to_adsl_1
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ADSL-2 \
routing-mark=to_adsl_2
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
ADSL-1,ADSL-2
/ip route print |
|Archiver|手机版|小黑屋|软路由 ( 渝ICP备15001194号-1|渝公网安备 50011602500124号 )
GMT+8, 2024-11-21 20:57 , Processed in 0.044529 second(s), 5 queries , Gzip On, Redis On.
Powered by Discuz! X3.5 Licensed
© 2001-2024 Discuz! Team.