banner0

วันพฤหัสบดีที่ 12 กันยายน พ.ศ. 2556

โค้ด Mikrotik 2 wan 1 lan

#|
#|
#| Define all parameters
#|
#|
:global wanAddress1 192.168.1.102/24
:global wanNetwork1 192.168.1.1
:global wanNetwork1Subnet 192.168.1.1/24
:global wanBroadcast1 192.168.1.255
:global wanGateway1 192.168.1.1

:global wanAddress2 192.168.0.105/24
:global wanNetwork2 192.168.0.0
:global wanNetwork2Subnet 192.168.0.1/24
:global wanBroadcast2 192.168.0.255
:global wanGateway2 192.168.0.1
this is some text after the jump break




:global localAddress 192.168.88.1/24
:global localNetwork 192.168.88.0
:global localNetwork2 192.168.88.0/24
:global localBroadcast 192.168.88.255
:global localGateway 192.168.88.1
:global localDNS 192.168.88.1
:global localPool 192.168.88.10-192.168.88.200

:global dnsServer 8.8.8.8,8.8.4.4

#|
#|
#| Assign interace's name
#|
#|
/interface set "ether1" name="PORT1_WAN"
/interface set "ether2" name="PORT2_WAN"
/interface set "ether3" name="PORT3_LAN"
/interface set "ether4" name="PORT4_LAN"
/interface set "ether5" name="PORT5_LAN"


#|
#|
#| Assign master port switch
#|
#|
/interface ethernet set PORT4_LAN,PORT5_LAN master-port=PORT3_LAN


#|
#|
#| Assign ipaddress to our interfaces
#|
#|

#| Port 1 -> WAN 1
/ip address add address=$wanAddress1 network=$wanNetwork1 broadcast=$wanBroadcast1 interface=PORT1_WAN

#| Port 2 -> WAN 2
/ip address add address=$wanAddress2 network=$wanNetwork2 broadcast=$wanBroadcast2 interface=PORT2_WAN

#| Port 3 -> Local LAN
#| Port 4 -> Local LAN
#| Port 5 -> Local LAN
/ip address add address=$localAddress network=$localNetwork broadcast=$localBroadcast interface=PORT3_LAN


#|
#| Mark incoming package on input's chain
#|
/ip firewall mangle add chain=input in-interface=PORT1_WAN action=mark-connection new-connection-mark=PORT1_WAN_conn
/ip firewall mangle add chain=input in-interface=PORT2_WAN action=mark-connection new-connection-mark=PORT2_WAN_conn


#|
#| Mark routing package on output's chain
#|
/ip firewall mangle add chain=output connection-mark=PORT1_WAN_conn action=mark-routing new-routing-mark=to_PORT1_WAN
/ip firewall mangle add chain=output connection-mark=PORT2_WAN_conn action=mark-routing new-routing-mark=to_PORT2_WAN


#|
#| Accept all packages if they come from local
#|
/ip firewall mangle add chain=prerouting dst-address=$wanNetwork1Subnet action=accept in-interface=PORT3_LAN
/ip firewall mangle add chain=prerouting dst-address=$wanNetwork2Subnet action=accept in-interface=PORT3_LAN

#|
#| Do the load balance package
#|
/ip firewall mangle add chain=prerouting dst-address-type=!local in-interface=PORT3_LAN per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=PORT1_WAN_conn passthrough=yes
/ip firewall mangle add chain=prerouting dst-address-type=!local in-interface=PORT3_LAN per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=PORT2_WAN_conn passthrough=yes

#|
#| Mark output network for packages
#|
/ip firewall mangle add chain=prerouting connection-mark=PORT1_WAN_conn in-interface=PORT3_LAN action=mark-routing new-routing-mark=to_PORT1_WAN
/ip firewall mangle add chain=prerouting connection-mark=PORT2_WAN_conn in-interface=PORT3_LAN action=mark-routing new-routing-mark=to_PORT2_WAN


#|
#| Add routing table
#|
/ip route add dst-address=0.0.0.0/0 gateway=$wanGateway1 routing-mark=to_PORT1_WAN check-gateway=ping
/ip route add dst-address=0.0.0.0/0 gateway=$wanGateway1 distance=1 check-gateway=ping


/ip route add dst-address=0.0.0.0/0 gateway=$wanGateway2 routing-mark=to_PORT2_WAN check-gateway=ping
/ip route add dst-address=0.0.0.0/0 gateway=$wanGateway2 distance=2 check-gateway=ping


#|
#|
#| Assign NAT
#|
#|
/ip firewall nat add chain=srcnat out-interface=PORT1_WAN action=masquerade
/ip firewall nat add chain=srcnat out-interface=PORT2_WAN action=masquerade


#|
#|
#| Assign allow DNS
#|
#|
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=$dnsServer


#|
#|
#| Assign DHCP server
#|
#|
/ip pool add name=default-dhcp ranges=$localPool
/ip dhcp-server add name=default address-pool=default-dhcp interface=PORT3_LAN disabled=no
/ip dhcp-server network add address=$localNetwork2 gateway=$localGateway dns-server=$localDNS

ไม่มีความคิดเห็น:

แสดงความคิดเห็น