我要將 3 條網路線路綁定到一個網路。
我正在使用 Mikrotik RB750 路由器,我這樣設定該路由器:
/ip firewall mangle
add chain=input in-interface=WAN2 action=mark-connection new-connection-mark=WAN2_conn
add chain=input in-interface=WAN3 action=mark-connection new-connection-mark=WAN3_conn
add chain=input in-interface=WAN4 action=mark-connection new-connection-mark=WAN4_conn
add chain=input in-interface=WAN5 action=mark-connection new-connection-mark=WAN5_conn
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=output connection-mark=WAN3_conn action=mark-routing new-routing-mark=to_WAN3
add chain=output connection-mark=WAN4_conn action=mark-routing new-routing-mark=to_WAN4
add chain=output connection-mark=WAN5_conn action=mark-routing new-routing-mark=to_WAN5
add chain=prerouting dst-address=192.168.2.0/24 action=accept in-interface=bridge1
add chain=prerouting dst-address=192.168.3.0/24 action=accept in-interface=bridge1
add chain=prerouting dst-address=192.168.4.0/24 action=accept in-interface=bridge1
add chain=prerouting dst-address=192.168.5.0/24 action=accept in-interface=bridge1
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:4/0 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:4/1 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:4/2 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:4/3 action=mark-connection new-connection-mark=WAN5_conn passthrough=yes
add chain=prerouting connection-mark=WAN2_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN4
add chain=prerouting connection-mark=WAN5_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN5
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 routing-mark=to_WAN3 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 routing-mark=to_WAN4 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.5.1 routing-mark=to_WAN5 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.4.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.5.1 distance=2 check-gateway=ping
/ip firewall nat
add chain=srcnat out-interface=WAN2 action=masquerade
add chain=srcnat out-interface=WAN3 action=masquerade
add chain=srcnat out-interface=WAN4 action=masquerade
add chain=srcnat out-interface=WAN5 action=masquerade
附註:路由器有 5 個實體連接埠(WAN1、WAN2、WAN3、WAN4、WAN5)和 1 個無線連接埠。 WAN1和無線連接埠透過連接在一起Bridge1,網路中的所有節點都連接到Bridge1(WAN1或無線),現在網路綁定沒有問題,而且運作正常。但是當該網路中的節點想要存取某個網站(例如:google.com)時,請求將從所有網路線路發送到 google.com!因此,對於每個節點,我們將向單一網站發送 2 個以上請求!
我想在網路節點之間劃分這些互聯網線路,例如每個 IP 範圍使用特定的互聯網線路,如下所示:
192.168.1.1 - 192.168.1.64: Use first Internet line
192.168.1.65 - 192.168.1.128: Use second Internet line
192.168.1.129 - 192.168.1.254: Use third Internet line
是否可以?你能幫助我嗎?
答案1
您正在嘗試使用 PCC(每連接分類器),但您要求的是基於來源 IP 位址範圍的負載平衡。
從您的配置中刪除以下規則:
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:4/0 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:4/1 action=mark-connection new-connection-mark=WAN3_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:4/2 action=mark-connection new-connection-mark=WAN4_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:4/3 action=mark-connection new-connection-mark=WAN5_conn passthrough=yes
add chain=prerouting connection-mark=WAN2_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting connection-mark=WAN3_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN3
add chain=prerouting connection-mark=WAN4_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN4
add chain=prerouting connection-mark=WAN5_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN5
並添加以下內容:
add chain=prerouting src-address=192.168.1.0/26 in-interface=bridge1 dst-address=!192.168.1.0/24 action=mark-routing disabled=no new-routing-mark=to_WAN2 passthrough=no
add chain=prerouting src-address=192.168.1.64/26 in-interface=bridge1 dst-address=!192.168.1.0/24 action=mark-routing disabled=no new-routing-mark=to_WAN3 passthrough=no
add chain=prerouting src-address=192.168.1.128/25 in-interface=bridge1 dst-address=!192.168.1.0/24 action=mark-routing disabled=no new-routing-mark=to_WAN4 passthrough=no
無需標記連接,然後再進行路由標記。您可以直接根據來源位址範圍進行路由標記。