0% found this document useful (0 votes)

112 views3 pages

Balanceo PCC

This document contains firewall mangle rules and routing configurations for load balancing traffic across two internet connections. Connection marks are applied based on the ingress interface and destination address. These marks are then used to route traffic over the appropriate internet gateway, implementing basic policy-based routing. Exemptions are provided to steer specific clients exclusively to one connection.

Uploaded by

Julio Antonio Brenis LLaguento

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

112 views3 pages

Balanceo PCC

Uploaded by

Julio Antonio Brenis LLaguento

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 3

/ip firewall mangle

add action=mark-connection chain=prerouting connection-state=new in-

interface=pppoe-out1 new-connection-mark=ISP1_conn
add action=mark-connection chain=prerouting connection-state=new in-
interface=pppoe-out2 new-connection-mark=ISP2_conn

add action=mark-connection chain=prerouting connection-state=new dst-address-type=!

local in-interface=ether5 new-connection-mark=ISP1_conn per-connection-
classifier=both-addresses:2/0
add action=mark-connection chain=prerouting connection-state=new dst-address-type=!
local in-interface=ether5 new-connection-mark=ISP2_conn per-connection-
classifier=both-addresses:2/1

add action=mark-routing chain=prerouting connection-mark=ISP1_conn in-

interface=ether5 new-routing-mark=to_ISP1
add action=mark-routing chain=prerouting connection-mark=ISP2_conn in-
interface=ether5 new-routing-mark=to_ISP2
add action=mark-routing chain=output connection-mark=ISP1_conn new-routing-
mark=to_ISP1
add action=mark-routing chain=output connection-mark=ISP2_conn new-routing-
mark=to_ISP2

/ ip route
add dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_ISP1 check-
gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=to_ISP2 check-
gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=pppoe-out2 distance=2 check-gateway=ping

/ ip firewall nat
add chain=srcnat out-interface=pppoe-out1 action=masquerade
add chain=srcnat out-interface=pppoe-out2 action=masquerade

===================================================================================
==========================================
script

/ip address
add address=192.168.1.2/24 comment="Wan 1" interface=ether1 network=192.168.1.0
add address=192.168.9.2/24 comment="Wan 2" interface=ether2 network=192.168.9.0
add address=10.10.10.1/24 comment=Lan interface=ether5 network=10.10.10.0

/ip firewall nat

add action=masquerade chain=srcnat comment="Wan 1" out-interface=ether1
add action=masquerade chain=srcnat comment="Wan 2" out-interface=ether2

/ip route
add check-gateway=ping comment="Ruteo wan 1" distance=1 gateway=192.168.1.1
routing-mark=to_ether1
add check-gateway=ping comment="Ruteo wan 2" distance=1 gateway=192.168.9.1
routing-mark=to_ether2
add check-gateway=ping comment="Wan 1" distance=1 gateway=192.168.1.1
add check-gateway=ping comment="Wan 2" distance=2 gateway=192.168.9.1

/ip firewall mangle

add action=mark-connection chain=prerouting comment="Marca de conexiones" in-
interface=ether1 new-connection-mark=ether1_conn
add action=mark-connection chain=prerouting in-interface=ether2 new-connection-
mark=ether2_conn

add action=mark-routing chain=output comment=Salida connection-mark=ether1_conn

new-routing-mark=to_ether1
add action=mark-routing chain=output connection-mark=ether2_conn new-routing-
mark=to_ether2

add action=mark-connection chain=prerouting comment="Wan (1) 10 megas" connection-

mark=no-mark dst-address-type=!local in-interface=ether5 new-connection-
mark=ether1_conn per-connection-classifier=both-addresses:4/0
add action=mark-connection chain=prerouting comment="Wan (2) 30 megas" connection-
mark=no-mark dst-address-type=!local in-interface=ether5 new-connection-
mark=ether2_conn per-connection-classifier=both-addresses:4/1
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-
type=!local in-interface=ether5 new-connection-mark=ether2_conn per-connection-
classifier=both-addresses:4/2
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-
type=!local in-interface=ether5 new-connection-mark=ether2_conn per-connection-
classifier=both-addresses:4/3

add action=mark-routing chain=prerouting connection-mark=ether1_conn in-

interface=ether5 new-routing-mark=to_ether1
add action=mark-routing chain=prerouting connection-mark=ether2_conn in-
interface=ether5 new-routing-mark=to_ether2

-----------------------------------------------------------------------------------
------------------------------------------
Excluir a clientes del balanceo de carga

Ahora bien en algunos casos se quiere excluir a un cliente del balanceo y hacer
que salga por una linea wan espesifica, en caso una linea tenga mas prioridad o
tenga alguna intermitencia por una por alguna razon , o se quiera digijir un
segmento de red por una linea y otro segmento de red por la otra linea para esto
nos dirijiremos ip/firewall/mangle

simulando que la ip 192.168.80.239 es el cliente a trabajar, en caso sean algunas

ips se trabajarian con Address List

Script de la regla

add action=mark-routing chain=prerouting disabled=yes dst-address-type=!local new-

routing-mark=to_ether2 passthrough=yes src-address=192.168.80.239

to_ether2 = indica la marca de ruteo que se puso en ip/route lo cual esta

vinculado a una linea wan
esta regla se coloca delante del balanceo para que el firewall machee primero esa
regla y el trafico que tenga como origen esa ip no pase por el balanceo.

===================================================================================
=============================================
/ ip address
add address=192.168.37.1/24 network=192.168.37.0 broadcast=192.168.37.255
interface=LAN
add address=12.25.20.2/24 network=12.25.20.0 broadcast=12.25.20.255 interface=ADSL1
add address=19.74.30.2/24 network=19.74.30.0 broadcast=19.74.30.255 interface=ADSL2
/ ip firewall mangle
add chain=input in-interface=ADSL1 action=mark-connection new-connection-
mark=ADSL1_conn
add chain=input in-interface=ADSL2 action=mark-connection new-connection-
mark=ADSL2_conn
add chain=output connection-mark=ADSL1_conn action=mark-routing new-routing-
mark=to_ADSL1
add chain=output connection-mark=ADSL2_conn action=mark-routing new-routing-
mark=to_ADSL2
add chain=prerouting dst-address=12.25.20.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address=19.74.30.0/24 action=accept in-interface=LAN
add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-
classifier=both-addresses:2/0 \
action=mark-connection new-connection-mark=ADSL1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=LAN per-connection-
classifier=both-addresses:2/1 \
action=mark-connection new-connection-mark=ADSL2_conn passthrough=yes
add chain=prerouting connection-mark=ADSL1_conn in-interface=LAN action=mark-
routing new-routing-mark=to_ADSL1
add chain=prerouting connection-mark=ADSL2_conn in-interface=LAN action=mark-
routing new-routing-mark=to_ADSL2

/ ip route
add dst-address=0.0.0.0/0 gateway=12.25.20.1 routing-mark=to_ADSL1 check-
gateway=ping
add dst-address=0.0.0.0/0 gateway=19.74.30.1 routing-mark=to_ADSL2 check-
gateway=ping
add dst-address=0.0.0.0/0 gateway=12.25.20.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=19.74.30.1 distance=2 check-gateway=ping

/ ip firewall nat
add chain=srcnat out-interface=ADSL1 action=masquerade
add chain=srcnat out-interface=ADSL2 action=masquerade

http://configurarmikrotikwireless.com/detalles

Balanceo PCC v7
100% (1)
Balanceo PCC v7
4 pages
Ppt-4 Socket Programming
No ratings yet
Ppt-4 Socket Programming
30 pages
PDF Balanceo Avanzado Pcc 3 Wan Con Failover Profesional v6 Compress
No ratings yet
PDF Balanceo Avanzado Pcc 3 Wan Con Failover Profesional v6 Compress
3 pages
FortiGate Infrastructure 6.0 Study Guide V2-Online PDF
100% (2)
FortiGate Infrastructure 6.0 Study Guide V2-Online PDF
409 pages
200-301 Exam – Free Actual Q&As, Page 1 _ ExamTopics1-100
100% (2)
200-301 Exam – Free Actual Q&As, Page 1 _ ExamTopics1-100
49 pages
Balanceo 4 Lineas PPPOE
No ratings yet
Balanceo 4 Lineas PPPOE
2 pages
دمج 3 خطوط
No ratings yet
دمج 3 خطوط
13 pages
سكربت تغيير السرعات
No ratings yet
سكربت تغيير السرعات
1 page
V7.0.0a ReleaseNotes v6.0 PDF
No ratings yet
V7.0.0a ReleaseNotes v6.0 PDF
43 pages
Address
No ratings yet
Address
1 page
Lesson1 LAN Port Configuration
No ratings yet
Lesson1 LAN Port Configuration
60 pages
Configurar direcciones IP para cada interfaz WAN
No ratings yet
Configurar direcciones IP para cada interfaz WAN
3 pages
Firewall
No ratings yet
Firewall
4 pages
QOS BY Tecno - Net
No ratings yet
QOS BY Tecno - Net
5 pages
Mobility Management - Presentation
No ratings yet
Mobility Management - Presentation
19 pages
02balanceo+de+Carga+Ppc+Router+Modo+Bridge
No ratings yet
02balanceo+de+Carga+Ppc+Router+Modo+Bridge
3 pages
4 Wan Load Balancing PCC Method
No ratings yet
4 Wan Load Balancing PCC Method
2 pages
5 L
No ratings yet
5 L
2 pages
Netgear FVX538 FullManual
No ratings yet
Netgear FVX538 FullManual
179 pages
9 Lines NTH
No ratings yet
9 Lines NTH
2 pages
Balanceo de Carga Usando PCC (Per Connection Classifier) : (ISP1) (ISP2)
No ratings yet
Balanceo de Carga Usando PCC (Per Connection Classifier) : (ISP1) (ISP2)
3 pages
PCQ Address List by Rodrigo
No ratings yet
PCQ Address List by Rodrigo
3 pages
Manual-balanceo-De-carga PCC Router Bridge 4 ADLS
No ratings yet
Manual-balanceo-De-carga PCC Router Bridge 4 ADLS
3 pages
Balanceonuevo
No ratings yet
Balanceonuevo
1 page
PCQ Prueba
No ratings yet
PCQ Prueba
1 page
Chapter-5-Fundamentals of Ethernet
No ratings yet
Chapter-5-Fundamentals of Ethernet
22 pages
01 Ip Seeting Bandwith
No ratings yet
01 Ip Seeting Bandwith
9 pages
Multiple PPPoE Configuration
No ratings yet
Multiple PPPoE Configuration
4 pages
Using Security Certificates On Yealink IP Phones - V83 - 10
No ratings yet
Using Security Certificates On Yealink IP Phones - V83 - 10
25 pages
Queue Tree + Mangle
No ratings yet
Queue Tree + Mangle
2 pages
Load balancing
No ratings yet
Load balancing
2 pages
Manual-balanceo-De-carga PCC Router Neutro 3 ADSL
No ratings yet
Manual-balanceo-De-carga PCC Router Neutro 3 ADSL
3 pages
Mikrotik Load Balancing 5
100% (1)
Mikrotik Load Balancing 5
10 pages
MST UNIT I r20 Iot
100% (1)
MST UNIT I r20 Iot
40 pages
Balanceo PPPoE Modo Bridge
No ratings yet
Balanceo PPPoE Modo Bridge
2 pages
BALANCEO - FAILOVER
No ratings yet
BALANCEO - FAILOVER
1 page
MT Good Config
No ratings yet
MT Good Config
2 pages
Recursividad
No ratings yet
Recursividad
5 pages
Manual Modbus v1.1
No ratings yet
Manual Modbus v1.1
9 pages
Load Balance
No ratings yet
Load Balance
1 page
CIR 209 (Lecture 4f) OSI - Model
No ratings yet
CIR 209 (Lecture 4f) OSI - Model
16 pages
Asignando IP's A Las Interfaces de Red: CODE, HTML o PHP Insertado
No ratings yet
Asignando IP's A Las Interfaces de Red: CODE, HTML o PHP Insertado
2 pages
LB by Idn MDN
No ratings yet
LB by Idn MDN
2 pages
300-810-CLICA
No ratings yet
300-810-CLICA
2 pages
interface Ethernet
No ratings yet
interface Ethernet
4 pages
3 Lineas Balanceo Mixto (Jhon)
No ratings yet
3 Lineas Balanceo Mixto (Jhon)
3 pages
LB by Idn MDN Museum
No ratings yet
LB by Idn MDN Museum
1 page
CA Module 17
No ratings yet
CA Module 17
28 pages
Balanceo
No ratings yet
Balanceo
1 page
Balanceo 7 Lineas Ppoe
No ratings yet
Balanceo 7 Lineas Ppoe
5 pages
Mark Packet
No ratings yet
Mark Packet
1 page
Mikrotik 2 Wan 1 Lan Income
No ratings yet
Mikrotik 2 Wan 1 Lan Income
2 pages
Balanceo 3 Adsl Pppoe
No ratings yet
Balanceo 3 Adsl Pppoe
2 pages
WonoByte Channel Load Balance
No ratings yet
WonoByte Channel Load Balance
1 page
Firewall
No ratings yet
Firewall
6 pages
NET201 Lab Experiment # 2 - Configuring and Troubleshooting VLANs and Trunking
No ratings yet
NET201 Lab Experiment # 2 - Configuring and Troubleshooting VLANs and Trunking
23 pages
Load Balance PCC 3 ISP
No ratings yet
Load Balance PCC 3 ISP
1 page
Nexus VPN l3vpn Configuration Guide
No ratings yet
Nexus VPN l3vpn Configuration Guide
60 pages
Interface Ethernet
No ratings yet
Interface Ethernet
2 pages
FCF - Technical Introduction to Cybersecurity 1 0 Self-Paced Module 3 Authentication and Access Control
No ratings yet
FCF - Technical Introduction to Cybersecurity 1 0 Self-Paced Module 3 Authentication and Access Control
2 pages
Script Geral para Ler
No ratings yet
Script Geral para Ler
3 pages
Cpi Odata: Integration Flow
No ratings yet
Cpi Odata: Integration Flow
12 pages
Cisco CP-7841-K9 Datasheet
No ratings yet
Cisco CP-7841-K9 Datasheet
11 pages
Balanceo Gorka
100% (1)
Balanceo Gorka
4 pages
Experiment 4
No ratings yet
Experiment 4
4 pages
Juniper EX2300 PDF
No ratings yet
Juniper EX2300 PDF
11 pages
Manual Mikrotik: Balanceo de Carga de Dos Lineas
No ratings yet
Manual Mikrotik: Balanceo de Carga de Dos Lineas
6 pages
Balanceo de Carga NTH
100% (1)
Balanceo de Carga NTH
3 pages
Scripts Mikrotik de Darato
No ratings yet
Scripts Mikrotik de Darato
10 pages
OLT Cisco
No ratings yet
OLT Cisco
8 pages
Ipc2324lb Adzk G
No ratings yet
Ipc2324lb Adzk G
4 pages
Assignment-3 Data Communication
No ratings yet
Assignment-3 Data Communication
2 pages
Balanceo Hibrido Pppoe-Ipestatica v7
No ratings yet
Balanceo Hibrido Pppoe-Ipestatica v7
3 pages
Loadbalance PCC +NTH
100% (1)
Loadbalance PCC +NTH
1 page
EGA CHANEL Load Balance
No ratings yet
EGA CHANEL Load Balance
1 page
Scrip Load Balance PCC
No ratings yet
Scrip Load Balance PCC
1 page
Using PCC To Load Balance Across Multiple Wan in Mikrotik
No ratings yet
Using PCC To Load Balance Across Multiple Wan in Mikrotik
4 pages
Datasheet 2X00 Series
No ratings yet
Datasheet 2X00 Series
2 pages
Regras Firewall
No ratings yet
Regras Firewall
2 pages
Balanceo PCC Failover
No ratings yet
Balanceo PCC Failover
4 pages
TCP Socket Connection Close
No ratings yet
TCP Socket Connection Close
3 pages
CS0060002 - Meter Data Integration With SCADA Using DLMS To IEC61850 Gateway V1.01.012015
No ratings yet
CS0060002 - Meter Data Integration With SCADA Using DLMS To IEC61850 Gateway V1.01.012015
2 pages
PCC LoadBalance3WANs
No ratings yet
PCC LoadBalance3WANs
4 pages
AJP Question Bank Class Test 5 Nov 2020
No ratings yet
AJP Question Bank Class Test 5 Nov 2020
7 pages
MIKROTIK - FIREWALL - Firewall Marking
No ratings yet
MIKROTIK - FIREWALL - Firewall Marking
4 pages
4.3.4 Lab - Linux Servers
No ratings yet
4.3.4 Lab - Linux Servers
7 pages
CCNA Training NTP Questions
No ratings yet
CCNA Training NTP Questions
2 pages
Load PCC+NTH
No ratings yet
Load PCC+NTH
1 page
Mikrotik Loadbalance Hotspot
No ratings yet
Mikrotik Loadbalance Hotspot
1 page
First Hop Redundancy Protocol: Network Redundancy Protocol
From Everand
First Hop Redundancy Protocol: Network Redundancy Protocol
Mulayam Singh
No ratings yet

Balanceo PCC

Uploaded by

Balanceo PCC

Uploaded by

/ip firewall mangle

add action=mark-connection chain=prerouting connection-state=new in-

add action=mark-connection chain=prerouting connection-state=new dst-address-type=!

add action=mark-routing chain=prerouting connection-mark=ISP1_conn in-

/ip firewall nat

/ip firewall mangle

add action=mark-routing chain=output comment=Salida connection-mark=ether1_conn

add action=mark-connection chain=prerouting comment="Wan (1) 10 megas" connection-

add action=mark-routing chain=prerouting connection-mark=ether1_conn in-

simulando que la ip 192.168.80.239 es el cliente a trabajar, en caso sean algunas

add action=mark-routing chain=prerouting disabled=yes dst-address-type=!local new-

to_ether2 = indica la marca de ruteo que se puso en ip/route lo cual esta

You might also like