找回密码
 注册

QQ登录

只需一步,快速开始

搜索
楼主: yftg

[其它] 我的ROS快要1000个小时了~

[复制链接]
发表于 2004-12-28 23:55:21 | 显示全部楼层
这个主题很有价值啊!正在实际测试的朋友可否按照如下范本将你的情况描述一下,对大家对自己也是提高啊。别回一个贴都跟灌水似的。---------------ROS版本:硬件配置:----CPU:----内存:----网卡:----主板型号:----存储设备:『MOD   CF   硬盘』INTERNET带宽:高峰时间最大用户数量:所有用户数量:最后再发一张资源占用图  ,这样便于斑竹最后收集整理!
routeros
回复

使用道具 举报

发表于 2004-12-29 00:47:23 | 显示全部楼层
顶!支持!
routeros
回复

使用道具 举报

发表于 2004-12-29 21:39:58 | 显示全部楼层
QUOTE (lzbnet @ Dec 28 2004, 11:01 PM)
楼上的带了多少用户?是否加载了带宽分配和复杂的防火墙规则?  
  请看

QUOTE
ip firewall rule input> printFlags: X - disabled, I - invalid, D - dynamic  0   ;;; Drop telnet or ssh from public     in-interface=PublicNIC dst-address=:22-23 protocol=tcp action=drop      log=yes  1   ;;; drop SNMP Trap(TCP)     in-interface=PublicNIC dst-address=:161-162 protocol=tcp action=drop      log=yes  2   ;;; drop SNMP Trap(UDP)     in-interface=PublicNIC dst-address=:161-162 protocol=udp action=drop      log=yes  3   ;;; Reject proxy connections     dst-address=:8080 protocol=tcp action=reject log=yes  4   ;;; Allow established TCP connections     protocol=tcp connection-state=established action=accept  5   ;;; Related connections     connection-state=related action=accept  6   ;;; Drop Blaster Worm.     dst-address=:135-139 protocol=tcp action=drop log=yes  7   ;;; Drop Blaster Worm     dst-address=:445 protocol=tcp action=drop  8   ;;; Drop Messenger Worm     dst-address=:135-139 protocol=udp action=drop log=yes  9   ;;; Drop DNS Query from WAN     in-interface=PublicNIC dst-address=:53 protocol=udp action=drop log=yes 10   ;;; Allow UDP connections     protocol=udp action=accept 11   ;;; Allow limited pings     protocol=icmp limit-count=100 limit-burst=2 limit-time=5s action=accept 12   ;;; Drop excess pings     protocol=icmp action=drop 13   ;;; Allow access from 'trusted' network 192.168.1.0/24     src-address=192.168.1.0/24 action=accept 14   ;;; Reject and log everything else     action=reject log=yes


QUOTE
ip firewall rule forward> printFlags: X - disabled, I - invalid, D - dynamic  0   ;;; drop p2p track 6969     in-interface=LocalNIC dst-address=:6969 out-interface=PublicNIC      protocol=tcp action=drop  1   ;;; drop p2p track 8080     in-interface=LocalNIC dst-address=:8080 out-interface=PublicNIC      protocol=tcp action=drop  2   ;;; drop all p2p application packets     p2p=all-p2p action=drop  3   ;;; drop p2p tcp port range: 16881-16889     in-interface=LocalNIC dst-address=:16881-16889 out-interface=PublicNIC      protocol=tcp action=drop  4   ;;; drop blaster worm     dst-address=:135-139 protocol=tcp action=drop log=yes  5   ;;; drop messenger worm     dst-address=:135-139 protocol=udp action=drop log=yes  6   in-interface=LocalNIC dst-address=61.135.128.208/30      out-interface=PublicNIC protocol=tcp action=accept  7   in-interface=LocalNIC dst-address=61.135.128.212/30      out-interface=PublicNIC protocol=tcp action=accept  8   in-interface=LocalNIC dst-address=202.165.102.113/32      out-interface=PublicNIC protocol=tcp action=accept  9   in-interface=LocalNIC dst-address=202.165.102.114/32      out-interface=PublicNIC protocol=tcp action=accept 10   in-interface=LocalNIC dst-address=202.165.102.136/29      out-interface=PublicNIC protocol=tcp action=accept 11   ;;; Block 3721     in-interface=LocalNIC out-interface=PublicNIC protocol=tcp content=3721      action=drop log=yes 12   ;;; Block 3721-CnsMinH.cab     in-interface=LocalNIC out-interface=PublicNIC protocol=tcp      content=CnsMinH.cab action=drop log=yes 13   ;;; Block 3721 IP     in-interface=LocalNIC dst-address=61.135.128.208/29      out-interface=PublicNIC protocol=tcp action=drop 14   in-interface=LocalNIC dst-address=202.165.102.127/32      out-interface=PublicNIC protocol=tcp action=drop 15   in-interface=LocalNIC dst-address=202.165.102.128/32      out-interface=PublicNIC protocol=tcp action=drop 16   in-interface=LocalNIC dst-address=202.165.102.112/28      out-interface=PublicNIC protocol=tcp action=drop 17   in-interface=LocalNIC dst-address=202.165.102.128/28      out-interface=PublicNIC protocol=tcp action=drop 18   in-interface=LocalNIC dst-address=202.43.217.32/32 out-interface=PublicNI>     protocol=tcp action=drop 19   in-interface=LocalNIC dst-address=202.43.217.33/32 out-interface=PublicNI>     protocol=tcp action=drop 20   in-interface=LocalNIC dst-address=202.43.217.107/32      out-interface=PublicNIC protocol=tcp action=drop 21   in-interface=LocalNIC dst-address=202.43.217.108/32      out-interface=PublicNIC protocol=tcp action=drop 22   in-interface=LocalNIC dst-address=202.43.217.115/32      out-interface=PublicNIC protocol=tcp action=drop 23   in-interface=LocalNIC dst-address=202.43.217.116/32      out-interface=PublicNIC protocol=tcp action=drop 24   ;;; Block POPUP window of taobao1 (this URL is  www.unionsky.cn)     in-interface=LocalNIC out-interface=PublicNIC protocol=tcp      content=unionsky.cn action=drop log=yes 25   ;;; Block POPUP window of taobao1 (this IP is  218.108.245.135)     in-interface=LocalNIC dst-address=218.108.245.135/32      out-interface=PublicNIC protocol=tcp action=drop 26   ;;; Block POPUP window of taobao2 (this URL is  www.allyes.com)     in-interface=LocalNIC out-interface=PublicNIC protocol=tcp      content=allyes.com action=drop log=yes 27   ;;; Block POPUP window of taobao2 (this ip is  210.52.214.204)     in-interface=LocalNIC dst-address=210.52.214.204/32      out-interface=PublicNIC protocol=tcp action=drop 28   ;;; Block hotbar.com (this URL is hotbar.com)     in-interface=LocalNIC out-interface=PublicNIC protocol=tcp      content=hotbar action=drop log=yes 29   ;;; Block hotbar.com (this ip is 165.254.12.100)     in-interface=LocalNIC dst-address=165.254.12.100/32      out-interface=PublicNIC protocol=tcp action=drop 30   ;;; Drop fere2.com     in-interface=LocalNIC out-interface=PublicNIC protocol=tcp      content=fere2.com action=drop log=yes 31   ;;; Drop joyrain.com     in-interface=LocalNIC out-interface=PublicNIC protocol=tcp      content=joyrain.com action=drop log=yes 32   ;;; Drop 3322.org     in-interface=LocalNIC out-interface=PublicNIC content=3322.org      action=drop 33   ;;; Block netpassword.net     in-interface=LocalNIC out-interface=PublicNIC protocol=tcp      content=netpassword.net action=drop log=yes 34   ;;; Drop MMS online video     in-interface=LocalNIC dst-address=:1755 out-interface=PublicNIC      protocol=tcp action=drop 35   ;;; Block sina-nmGamex.cab     in-interface=LocalNIC out-interface=PublicNIC protocol=tcp      content=nmGamex.cab action=drop log=yes


QUOTE
ip firewall mangle> printFlags: X - disabled, I - invalid, D - dynamic  0   ;;; Mark p2p connections (192.168.1.0/24)     src-address=192.168.1.0/24 in-interface=LocalNIC p2p=all-p2p      action=passthrough mark-connection=p2p_con  1   ;;; Mark p2p Flow     connection=p2p_con action=accept mark-flow=p2p_limit


QUOTE
queue tree> printFlags: X - disabled, I - invalid, D - dynamic  0    name="p2p_down_limit" parent=LocalNIC flow=p2p_limit limit-at=0       queue=pcq-download priority=8 max-limit=0 burst-limit=0       burst-threshold=0 burst-time=0  1    name="p2p_up_limit" parent=PublicNIC flow=p2p_limit limit-at=0       queue=pcq-upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0       burst-time=0


QUOTE
queue simple> printFlags: X - disabled, I - invalid, D - dynamic  0    name="From Asante 256/128 kbps" target-address=0.0.0.0/0       dst-address=192.168.1.13/32 interface=PublicNIC queue=default       priority=8 limit-at=0/0 max-limit=262144/131072  1    name=".155 256/64 kbps" target-address=0.0.0.0/0       dst-address=192.168.1.155/32 interface=PublicNIC queue=default       priority=8 limit-at=0/0 max-limit=262144/65536  2    name=".154 384/64 kbps" target-address=0.0.0.0/0       dst-address=192.168.1.154/32 interface=PublicNIC queue=default       priority=8 limit-at=0/0 max-limit=393216/65536  3    name=".153 256/64 kbps" target-address=0.0.0.0/0       dst-address=192.168.1.153/32 interface=PublicNIC queue=default       priority=8 limit-at=0/0 max-limit=262144/65536  4    name=".152 256/64 kbps" target-address=0.0.0.0/0       dst-address=192.168.1.152/32 interface=PublicNIC queue=default       priority=8 limit-at=0/0 max-limit=262144/65536  5    name=".151 256/64 kbps" target-address=0.0.0.0/0       dst-address=192.168.1.151/32 interface=PublicNIC queue=default       priority=8 limit-at=0/0 max-limit=262144/65536 ...... 30  name=".185 256/64 kbps" target-address=0.0.0.0/0       dst-address=192.168.1.185/32 interface=PublicNIC queue=default       priority=8 limit-at=0/0 max-limit=262144/65536
30个客户端,内网服务器3台,分别提供内外网email, web, sql服务
routeros
回复

使用道具 举报

发表于 2005-1-6 20:49:42 | 显示全部楼层
楼主透露一下防火墙设置吧
routeros
回复

使用道具 举报

发表于 2005-1-10 09:46:40 | 显示全部楼层
运行上千小时的xd能贴一下主板和网卡的具体型号啊?这样参考价值会比较大,谢谢了!
routeros
回复

使用道具 举报

发表于 2005-1-10 10:10:14 | 显示全部楼层
楼主说说你的配置
routeros
回复

使用道具 举报

发表于 2005-1-10 10:13:45 | 显示全部楼层
QUOTE (voatec @ Dec 28 2004, 09:22 PM)
看图吧,一目了然   
  带30个机器有点浪费 不过2000多个小时不重新启动 也值得了 呵呵
routeros
回复

使用道具 举报

发表于 2005-1-11 20:11:04 | 显示全部楼层
600台机子的。想知道一下你的怎么分网段的。用三层交换要还是用软件分的。。
routeros
回复

使用道具 举报

发表于 2005-1-13 18:04:58 | 显示全部楼层
关注此贴
routeros
回复

使用道具 举报

 楼主| 发表于 2005-1-15 16:06:32 | 显示全部楼层
最近出差了,呵呵现在路由一直都没有挂过~非常稳定~600台机器用的是三层的交换,联想的3524G路由配置intel 865pe(原)DDR 400 256mp4-3.06intel 100pro服务器网卡 建议大家买好点的电源,台达300W不错,做工非常好,一看就是好东西,价格很实惠!cpu风扇一定要选好的~别不舍得花钱~我现在用的是超大的热管散热器,机器就扔在机柜里的3524G交换机上!
routeros
回复

使用道具 举报

发表于 2005-1-24 01:51:26 | 显示全部楼层
cpu 3.06G昏倒~~~~~~~~~
routeros
回复

使用道具 举报

发表于 2005-1-24 11:36:00 | 显示全部楼层
QUOTE (yftg @ Jan 15 2005, 04:06 PM)
最近出差了,呵呵现在路由一直都没有挂过~非常稳定~600台机器用的是三层的交换,联想的3524G路由配置intel 865pe(原)DDR 400 256mp4-3.06intel 100pro服务器网卡 建议大家买好点的电源,台达300W不错,做工非常好,一看就是好东西,价格很实惠!cpu风扇一定要选好的~别不舍得花钱~我现在用的是超大的热管散热器,机器就扔在机柜里的3524G交换机上!  
  强烈谴责此种浪费行为!!!!
routeros
回复

使用道具 举报

发表于 2005-1-24 12:27:20 | 显示全部楼层
我的LINUX9 NAT:C800(纯铜散热片)SD 128M8139*3客户机200台2条10M光纤运行了两个月了...  硬盘40G(加风扇)
routeros
回复

使用道具 举报

您需要登录后才可以回帖 登录 | 注册

本版积分规则

QQ|Archiver|手机版|小黑屋|软路由 ( 渝ICP备15001194号-1|渝公网安备 50011602500124号 )

GMT+8, 2024-12-23 18:01 , Processed in 0.054401 second(s), 3 queries , Gzip On, Redis On.

Powered by Discuz! X3.5 Licensed

© 2001-2024 Discuz! Team.

快速回复 返回顶部 返回列表