Привет! Спасибо за публикацию. У меня есть две проблемы с PCC. У нас 4 неравных WAN-соединения от разных провайдеров. Я настроил наш RB2011U для балансировки нагрузки PCC согласно статье на сайте MikroTik (), и все работает хорошо. Но у меня есть 2 вопроса:
Как я могу маршрутизировать трафик конкретного хоста (192.168.1.50) из LAN в WAN1-соединение навсегда?
Как я могу заставить FTP-трафик проходить через WAN2-соединение и использовать WAN3-соединение в качестве резервного канала?
Вот моя конфигурация:
`/interface`
`set name=LAN numbers=5`
`set name=WAN1 numbers=6`
`set name=WAN2 numbers=7`
`set name=WAN3 numbers=8`
`set name=WAN4 numbers=9`
`/ip address`
`add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=LAN`
`add address=10.10.10.1/29 network=10.10.10.0 broadcast=10.10.10.7 interface=WAN1`
`add address=10.10.20.1/29 network=10.10.20.0 broadcast=10.10.20.7 interface=WAN2`
`add address=10.10.30.1/29 network=10.10.30.0 broadcast=10.10.30.7 interface=WAN3`
`add address=10.10.40.1/29 network=10.10.40.0 broadcast=10.10.40.7 interface=WAN4`
`/ip firewall mangle`
`add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_Connection`
`add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_Connection`
`add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_Connection`
`add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=WAN4_Connection`
`add chain=output connection-mark=WAN1_Connection action=mark-routing new-routing-mark=Route_To_WAN1`
`add chain=output connection-mark=WAN2_Connection action=mark-routing new-routing-mark=Route_To_WAN2`
`add chain=output connection-mark=WAN3_Connection action=mark-routing new-routing-mark=Route_To_WAN3`
`add chain=output connection-mark=WAN4_Connection action=mark-routing new-routing-mark=Route_To_WAN4`
`add chain=prerouting in-interface=LAN dst-address=10.10.20.0/29 action=accept`
`add chain=prerouting in-interface=LAN dst-address=10.10.30.0/29 action=accept`
`add chain=prerouting in-interface=LAN dst-address=10.10.40.0/29 action=accept`
`add chain=prerouting in-interface=LAN dst-address=10.10.50.0/29 action=accept`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/0 action=mark-connection new-connection-mark=WAN1_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/1 action=mark-connection new-connection-mark=WAN1_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/2 action=mark-connection new-connection-mark=WAN1_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/3 action=mark-connection new-connection-mark=WAN1_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/4 action=mark-connection new-connection-mark=WAN2_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/5 action=mark-connection new-connection-mark=WAN2_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/6 action=mark-connection new-connection-mark=WAN2_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/7 action=mark-connection new-connection-mark=WAN2_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/8 action=mark-connection new-connection-mark=WAN3_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/9 action=mark-connection new-connection-mark=WAN3_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/10 action=mark-connection new-connection-mark=WAN4_Connection passthrough=yes`
`add chain=prerouting connection-mark=WAN1_Connection in-interface=LAN action=mark-routing new-routing-mark=Route_To_WAN1`
`add chain=prerouting connection-mark=WAN2_Connection in-interface=LAN action=mark-routing new-routing-mark=Route_To_WAN2`
`add chain=prerouting connection-mark=WAN3_Connection in-interface=LAN action=mark-routing new-routing-mark=Route_To_WAN3`
`add chain=prerouting connection-mark=WAN4_Connection in-interface=LAN action=mark-routing new-routing-mark=Route_To_WAN4`
`/ip route`
`add dst-address=0.0.0.0/0 routing-mark=Route_To_WAN1 gateway=10.10.10.6 check-gateway=ping`
`add dst-address=0.0.0.0/0 routing-mark=Route_To_WAN2 gateway=10.10.20.6 check-gateway=ping`
`add dst-address=0.0.0.0/0 routing-mark=Route_To_WAN3 gateway=10.10.30.6 check-gateway=ping`
`add dst-address=0.0.0.0/0 routing-mark=Route_To_WAN4 gateway=10.10.40.6 check-gateway=ping`
`add dst-address=0.0.0.0/0 gateway=10.10.10.6 distance=1 check-gateway=ping`
`add dst-address=0.0.0.0/0 gateway=10.10.20.6 distance=2 check-gateway=ping`
`add dst-address=0.0.0.0/0 gateway=10.10.30.6 distance=3 check-gateway=ping`
`add dst-address=0.0.0.0/0 gateway=10.10.40.6 distance=4 check-gateway=ping`
`/ip firewall nat`
`add chain=srcnat out-interface=WAN1 action=masquerade`
`add chain=srcnat out-interface=WAN2 action=masquerade`
`add chain=srcnat out-interface=WAN3 action=masquerade`
`add chain=srcnat out-interface=WAN4 action=masquerade`
Как я могу маршрутизировать трафик конкретного хоста (192.168.1.50) из LAN в WAN1-соединение навсегда?
Как я могу заставить FTP-трафик проходить через WAN2-соединение и использовать WAN3-соединение в качестве резервного канала?
Вот моя конфигурация:
`/interface`
`set name=LAN numbers=5`
`set name=WAN1 numbers=6`
`set name=WAN2 numbers=7`
`set name=WAN3 numbers=8`
`set name=WAN4 numbers=9`
`/ip address`
`add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=LAN`
`add address=10.10.10.1/29 network=10.10.10.0 broadcast=10.10.10.7 interface=WAN1`
`add address=10.10.20.1/29 network=10.10.20.0 broadcast=10.10.20.7 interface=WAN2`
`add address=10.10.30.1/29 network=10.10.30.0 broadcast=10.10.30.7 interface=WAN3`
`add address=10.10.40.1/29 network=10.10.40.0 broadcast=10.10.40.7 interface=WAN4`
`/ip firewall mangle`
`add chain=input in-interface=WAN1 action=mark-connection new-connection-mark=WAN1_Connection`
`add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_Connection`
`add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_Connection`
`add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=WAN4_Connection`
`add chain=output connection-mark=WAN1_Connection action=mark-routing new-routing-mark=Route_To_WAN1`
`add chain=output connection-mark=WAN2_Connection action=mark-routing new-routing-mark=Route_To_WAN2`
`add chain=output connection-mark=WAN3_Connection action=mark-routing new-routing-mark=Route_To_WAN3`
`add chain=output connection-mark=WAN4_Connection action=mark-routing new-routing-mark=Route_To_WAN4`
`add chain=prerouting in-interface=LAN dst-address=10.10.20.0/29 action=accept`
`add chain=prerouting in-interface=LAN dst-address=10.10.30.0/29 action=accept`
`add chain=prerouting in-interface=LAN dst-address=10.10.40.0/29 action=accept`
`add chain=prerouting in-interface=LAN dst-address=10.10.50.0/29 action=accept`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/0 action=mark-connection new-connection-mark=WAN1_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/1 action=mark-connection new-connection-mark=WAN1_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/2 action=mark-connection new-connection-mark=WAN1_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/3 action=mark-connection new-connection-mark=WAN1_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/4 action=mark-connection new-connection-mark=WAN2_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/5 action=mark-connection new-connection-mark=WAN2_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/6 action=mark-connection new-connection-mark=WAN2_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/7 action=mark-connection new-connection-mark=WAN2_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/8 action=mark-connection new-connection-mark=WAN3_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/9 action=mark-connection new-connection-mark=WAN3_Connection passthrough=yes`
`add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:11/10 action=mark-connection new-connection-mark=WAN4_Connection passthrough=yes`
`add chain=prerouting connection-mark=WAN1_Connection in-interface=LAN action=mark-routing new-routing-mark=Route_To_WAN1`
`add chain=prerouting connection-mark=WAN2_Connection in-interface=LAN action=mark-routing new-routing-mark=Route_To_WAN2`
`add chain=prerouting connection-mark=WAN3_Connection in-interface=LAN action=mark-routing new-routing-mark=Route_To_WAN3`
`add chain=prerouting connection-mark=WAN4_Connection in-interface=LAN action=mark-routing new-routing-mark=Route_To_WAN4`
`/ip route`
`add dst-address=0.0.0.0/0 routing-mark=Route_To_WAN1 gateway=10.10.10.6 check-gateway=ping`
`add dst-address=0.0.0.0/0 routing-mark=Route_To_WAN2 gateway=10.10.20.6 check-gateway=ping`
`add dst-address=0.0.0.0/0 routing-mark=Route_To_WAN3 gateway=10.10.30.6 check-gateway=ping`
`add dst-address=0.0.0.0/0 routing-mark=Route_To_WAN4 gateway=10.10.40.6 check-gateway=ping`
`add dst-address=0.0.0.0/0 gateway=10.10.10.6 distance=1 check-gateway=ping`
`add dst-address=0.0.0.0/0 gateway=10.10.20.6 distance=2 check-gateway=ping`
`add dst-address=0.0.0.0/0 gateway=10.10.30.6 distance=3 check-gateway=ping`
`add dst-address=0.0.0.0/0 gateway=10.10.40.6 distance=4 check-gateway=ping`
`/ip firewall nat`
`add chain=srcnat out-interface=WAN1 action=masquerade`
`add chain=srcnat out-interface=WAN2 action=masquerade`
`add chain=srcnat out-interface=WAN3 action=masquerade`
`add chain=srcnat out-interface=WAN4 action=masquerade`
