请教双线加小包优先

xuxi3201

去年改了双线，


上个月弄了个小包优先。

基本正常。
四个网卡，2个wan，2个lan
192.168.33.0/24走PPPOE-1
192.168.99.0/24走PPPOE-2

现在，我在防火墙里测试：
add action=log chain=forward  log=yes out-interface=PPPOE-1 src-address=192.168.99.0/24log里看见很多记录。意思就是lan2的有很多数据走PPPOE-1
请高手分析一下， 我怎么让lan2 全部走PPPOE-2

cspm333

/interface pppoe-client
add allow=pap interface=Wan1 max-mru=1492 max-mtu=1492 name=pppoe-out1 password=aaaa user=11111
add allow=pap interface=Wan2 max-mru=1492 max-mtu=1492 name=pppoe-out2 password=bbbb user=22222

/ip firewall address-list
add list=Lan address=192.168.33.0/24
add list=Lan address=192.168.99.0/24

/ip firewall mangle
#遇標記時例外的情況
add action=accept chain=prerouting src-address-list=Lan dst-address-list=Lan
add action=accept chain=prerouting src-address-list=Lan dst-address-type=local
add action=accept chain=output dst-address-list=Lan

#從PPPoE進入的封包,要從原PPPoE路線返回
add action=mark-connection chain=prerouting in-interface=pppoe-out1 new-connection-mark=pppoe1_conn passthrough=yes
add action=mark-connection chain=prerouting in-interface=pppoe-out2 new-connection-mark=pppoe2_conn passthrough=yes

add action=mark-routing chain=output connection-mark=pppoe1_conn new-routing-mark=to_pppoe1 passthrough=no
add action=mark-routing chain=output connection-mark=pppoe2_conn new-routing-mark=to_pppoe2 passthrough=no

add action=mark-routing chain=prerouting connection-mark=pppoe1_conn new-routing-mark=to_pppoe1 \
  src-address-list=Lan passthrough=no
add action=mark-routing chain=prerouting connection-mark=pppoe2_conn new-routing-mark=to_pppoe2 \
  src-address-list=Lan passthrough=no

#搭配的Lan與PPPoE
add action=mark-routing chain=prerouting new-routing-mark=to_pppoe1 src-address=192.168.33.0/24 passthrough=no
add action=mark-routing chain=prerouting new-routing-mark=to_pppoe2 src-address=192.168.99.0/24 passthrough=no

#標記從PPPoE進入,packet size大於512的封包
add action=mark-packet chain=forward in-interface=pppoe-out1 packet-size=!0-512 \
  new-packet-mark=pppoe1_big_packets passthrough=yes
add action=mark-packet chain=forward in-interface=pppoe-out2 packet-size=!0-512 \
  new-packet-mark=pppoe2_big_packets passthrough=yes

/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
add action=masquerade chain=srcnat out-interface=pppoe-out2

/ip route
#策略路由
add  dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_pppoe1 distance=4
add  dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=to_pppoe2 distance=4
#預設路由
add  dst-address=0.0.0.0/0 gateway=pppoe-out1 distance=5

/queue tree
#將大封包從原本可用的頻寬60M限制為52M後,剩餘的8M自然是小封包的保證頻寬(小封包優先)
add max-limit=52M name="PPPoE1_big_packets_limit" packet-mark=pppoe1_big_packets parent=global queue=default
add max-limit=52M name="PPPoE2_big_packets_limit" packet-mark=pppoe2_big_packets parent=global queue=default