Balanceo varios WAN

Configuración de routers, antenas y dispositivos de la marca MikroTik.
Responder
cyclopsld
Mensajes: 2
Registrado: 24 May 2018, 22:12

Balanceo varios WAN

Mensaje por cyclopsld » 24 May 2018, 22:31

Buenas noches ! estimados aquí esta un código de balanceo de un RB configurado con alguien de ML, fue complicado sacar la info del RB ya que lo bloquean para no editar absolutamente nada, si pueden echarle un ojo y hacer las sugerencias con la idea de ir puliendo la configuración, esta configuración es para 3 WAN dinámicas con soporte de acceso a bancos y algunas reglas de firewall básicas , seria bueno poder agregarle QOS pero no se si se pueda en este mismo router.

Código: Seleccionar todo

/interface bridge
add fast-forward=no name=Local

/interface ethernet
set [ find default-name=ether4 ] name=LAN4
set [ find default-name=ether1 ] name=WAN1
set [ find default-name=ether2 ] name=WAN2
set [ find default-name=ether3 ] name=WAN3

/ip pool
add name=dhcp_pool1 ranges=10.1.100.10-10.1.100.254

/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay disabled=no interface=Local lease-time=3d name=dhcp1

/interface bridge port
add bridge=Local interface=LAN4

/ip address
add address=10.1.100.1/24 interface=Local network=10.1.100.0

/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid interface=WAN1
add default-route-distance=0 dhcp-options=hostname,clientid interface=WAN2
add default-route-distance=0 dhcp-options=hostname,clientid interface=WAN3

/ip dhcp-server network
add address=10.1.100.0/24 dns-server=10.1.100.1 gateway=10.1.100.1

/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4

/ip firewall address-list
add address=200.3.0.0/21 comment="Banco Mercantil" list=bancos
add address=200.6.27.0/24 comment=Banesco list=bancos
add address=190.216.248.0/24 comment="Banco Provincial" list=bancos
add address=200.59.184.0/21 comment="BOD Corp Banca" list=bancos
add address=10.1.100.0/24 list=red_local
add address=190.9.44.0/24 comment="Hosting Paginas" list=bancos
add address=198.106.0.0/15 comment="PS3 SERVER" list=bancos
add address=198.107.156.0/22 comment="PS3 SERVER" list=bancos
add address=200.44.48.72/29 comment="Banco de Venezuela Empresas" list=bancos
add address=200.109.128.0/17 comment="Banco de Venezuela Personas Bancaribe" list=bancos
add address=200.16.95.0/24 comment="Banco Exterior" list=bancos
add address=190.9.128.0/19 comment="Banco de Venezuela" list=bancos
add address=200.47.79.0/24 comment="BNC Personas" list=bancos
add address=200.62.19.218 comment="BNC Empresas" list=bancos
add address=190.202.127.114 comment="Fondo Comun Personas" list=bancos
add address=190.202.127.115 comment="Fondo Comun Empresas" list=bancos
add address=199.16.236.0/22 comment="Banco BOD" list=bancos
add address=200.3.4.0/24 comment="Banco Mercantil2" list=bancos
add address=191.232.0.0/13 comment="Banesco y Bancaribe" list=bancos
add address=190.202.48.0/20 comment="Banco Bicentenario" list=bancos
add address=190.202.0.0/20 comment="Banco del Tesoro" list=bancos
add address=137.135.0.0/16 comment=BANCARIBE list=bancos
add address=40.64.0.0/10 comment="BANESCO UNIVERSAL" list=bancos
add address=200.109.240.0/20 comment=VENEZUELA_PERSONA list=bancos
add address=200.75.144.0/24 comment="BANCARIBE 2" list=bancos
add address=200.11.128.0/17 comment=Pasaportes list=bancos
add address=13.64.0.0/11 comment=Bancaribe list=bancos
add address=200.109.236.0/22 comment="Bancaribe Juridico" list=bancos
add address=200.59.184.0/24 comment="BOD BANCA DIGITAL" list=bancos
add address=199.83.131.0/24 comment=INBOXDOLLARS.COM list=bancos



/ip firewall filter
add action=drop chain=input comment="Bloqueo webproxy externo" dst-port=8080 in-interface=WAN1 protocol=tcp
add action=drop chain=input comment="Bloqueo webproxy externo" dst-port=8080 in-interface=WAN2 protocol=tcp
add action=drop chain=input comment="Bloqueo webproxy externo" dst-port=8080 in-interface=WAN3 protocol=tcp
add action=drop chain=input comment="Bloqueo DNS cache externo" dst-port=53 in-interface=WAN1 protocol=udp
add action=drop chain=input comment="Bloqueo DNS cache externo" dst-port=53 in-interface=WAN2 protocol=udp
add action=drop chain=input comment="Bloqueo DNS cache externo" dst-port=53 in-interface=WAN3 protocol=udp
add action=accept chain=output dst-address=8.8.8.8 out-interface=WAN1
add action=accept chain=output dst-address=8.8.4.4 out-interface=WAN2
add action=accept chain=output dst-address=4.2.2.1 out-interface=WAN3
add action=drop chain=output dst-address=8.8.8.8
add action=drop chain=output dst-address=8.8.4.4
add action=drop chain=output dst-address=4.2.2.1
add action=accept chain=input dst-port=8292 protocol=tcp
add action=accept chain=input dst-port=8292 protocol=tcp
add action=accept chain=input dst-port=8728 protocol=tcp
add action=accept chain=input dst-port=8070 protocol=tcp
add action=drop chain=input connection-state=invalid
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=accept chain=input protocol=icmp
add action=accept chain=input in-interface=Local
add action=drop chain=forward connection-state=invalid
add action=accept chain=forward connection-state=established
add action=accept chain=forward connection-state=related
add action=accept chain=forward

/ip firewall mangle
add action=mark-connection chain=prerouting dst-address-list=bancos dst-port=443,80 in-interface=Local new-connection-mark=bancos passthrough=no protocol=tcp
add action=mark-connection chain=prerouting dst-port=444 in-interface=Local new-connection-mark=banco_del_tesoro passthrough=no protocol=tcp
add action=mark-connection chain=prerouting dst-port=1443 in-interface=Local new-connection-mark=bod passthrough=no protocol=tcp
add action=mark-connection chain=prerouting dst-port=53 in-interface=Local new-connection-mark=dns passthrough=no protocol=udp
add action=mark-routing chain=prerouting connection-mark=in_WAN1 in-interface=Local new-routing-mark=to_WAN1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=in_WAN2 in-interface=Local new-routing-mark=to_WAN2 passthrough=no
add action=mark-routing chain=prerouting connection-mark=in_WAN3 in-interface=Local new-routing-mark=to_WAN3 passthrough=no
add action=mark-routing chain=output connection-mark=WAN2_conn new-routing-mark=to_WAN2 passthrough=no
add action=mark-routing chain=output connection-mark=WAN3_conn new-routing-mark=to_WAN3 passthrough=no
add action=mark-routing chain=output connection-mark=WAN1_conn new-routing-mark=to_WAN1 passthrough=no
add action=mark-connection chain=prerouting comment=to_WAN1 dst-address-list=!red_local in-interface=Local new-connection-mark=WAN1_conn passthrough=yes
 \ src-address-list=to_WAN1
add action=mark-connection chain=prerouting comment=to_WAN2 dst-address-list=!red_local in-interface=Local new-connection-mark=WAN2_conn 
passthrough=yes \
    src-address-list=to_WAN2
add action=mark-connection chain=prerouting comment=to_WAN3 dst-address-list=!red_local in-interface=Local new-connection-mark=WAN3_conn 
passthrough=yes \
    src-address-list=to_WAN3
add action=mark-connection chain=prerouting comment=WAN1 connection-mark=no-mark disabled=yes dst-address-list=!red_local dst-address-type=unicast \
    in-interface=Local new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:3/0
add action=mark-connection chain=prerouting comment=WAN2 connection-mark=no-mark disabled=yes dst-address-list=!red_local dst-address-type=unicast \
    in-interface=Local new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:3/1
add action=mark-connection chain=prerouting comment=WAN3 connection-mark=no-mark disabled=yes dst-address-list=!red_local dst-address-type=unicast \
    in-interface=Local new-connection-mark=WAN3_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:3/2
add action=mark-routing chain=prerouting connection-mark=WAN1_conn in-interface=Local new-routing-mark=to_WAN1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=WAN3_conn in-interface=Local new-routing-mark=to_WAN3 passthrough=no
add action=mark-routing chain=prerouting connection-mark=WAN2_conn in-interface=Local new-routing-mark=to_WAN2 passthrough=no

/ip firewall nat
add action=masquerade chain=srcnat comment=WAN1 out-interface=WAN1
add action=masquerade chain=srcnat comment=WAN2 out-interface=WAN2
add action=masquerade chain=srcnat comment=WAN3 out-interface=WAN3
add action=masquerade chain=srcnat comment=Local out-interface=Local


/ip route
add comment=WAN1 disabled=yes distance=1 gateway=192.168.35.1%WAN1 routing-mark=to_WAN1
add comment=WAN2 disabled=yes distance=1 gateway=190.198.64.1%WAN2 routing-mark=to_WAN2
add comment=WAN3 disabled=yes distance=1 gateway=192.168.0.1%WAN3 routing-mark=to_WAN3
add comment=WAN1 disabled=yes distance=1 gateway=192.168.35.1%WAN1
add comment=WAN2 disabled=yes distance=1 gateway=190.198.64.1%WAN2
add comment=WAN3 disabled=yes distance=1 gateway=192.168.0.1%WAN3
add comment=ping_WAN3 distance=1 dst-address=4.2.2.1/32 gateway=WAN3
add comment=ping_WAN2 distance=1 dst-address=8.8.4.4/32 gateway=WAN2
add comment=ping_WAN1 distance=1 dst-address=8.8.8.8/32 gateway=WAN1

/system identity
set name="Balanceador 3 WAN"

/system scheduler
add interval=1m name=CHKStatus on-event="/system script run CHKStatus" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-

time=startup
add interval=30s name=MC_F_WAN1 on-event="/system script run MC_F_WAN1" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-

time=startup
add interval=30s name=MC_F_WAN2 on-event="/system script run MC_F_WAN2" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-

time=startup
add interval=30s name=MC_F_WAN3 on-event="/system script run MC_F_WAN3" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-

time=startup
add interval=2m name="Reboot por Picos" on-event="/system script run Reboot por Picos" 

policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
    start-time=startup
add disabled=yes interval=2m name=dyndns on-event="/system script run dyndns" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive 

start-time=\
    startup
add interval=1d name=Reinicio on-event="/system script run Reinicio" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-

/system script
add name=MC_F_WAN1 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source=":local inter (\"WAN1\")\r\
    \n:local ipPing (\"8.8.8.8\")\r\
    \n:global oldGatewayETHER1WAN1\r\
    \n:global totalrunETHER1WAN1\r\
    \n:global infoETHER1WAN1\r\
    \n:global statsETHER1WAN1\r\
    \n\r\
    \n:if ([:len [\$totalrunETHER1WAN1]] = 0) do={\r\
    \n\t:set totalrunETHER1WAN1 \"1\"\r\
    \n} else={\r\
    \n\r\
    \n\t:set totalrunETHER1WAN1 (\$totalrunETHER1WAN1+1)\r\
    \n}\r\
    \n\r\
    \n:if ([:len [\$statsETHER1WAN1]] = 0) do={\r\
    \n\t:set statsETHER1WAN1 \"x\"\r\
    \n} else={\r\
    \n\t:set statsETHER1WAN1 (\"\$infoETHER1WAN1 / \$totalrunETHER1WAN1\")\r\
    \n}\r\
    \n\r\
    \n:if ([:len [\$oldGatewayETHER1WAN1]] < 3) do={\r\
    \n\t:set oldGatewayETHER1WAN1 \"0.0.0.0\"\r\
    \n}\r\
    \n:log info (\"\$inter: \$inter\" . \": PARTE 1\")\r\
    \n/ip dhcp-client enable [find interface=\$inter]\r\
    \n:delay 10s\r\
    \n:local pingip\r\
    \n:local cGateway [/ip dhcp-client get [find interface=\$inter] gateway]\r\
    \n:log info (\"\$inter: cGateway --> \$cGateway\")\r\
    \n/ip route {\r\
    \n\t:foreach i in=[find comment=(\"ping_\$inter\")] do={\r\
    \n\t\t:log info (\"\$inter: ping_\$inter\")\r\
    \n\t\t/ip route remove \$i\r\
    \n\t}\r\
    \n}\r\
    \n/ip route add distance=1 dst-address=\$ipPing gateway=(\"\$cGateway%\$inter\") comment=(\"ping_\$inter\")\r\
    \n:set pingip [/ping \$ipPing count=10]\r\
    \n:log info (\"\$inter --> begin pinging\")\r\
    \n:if (\$pingip = 0) do={\r\
    \n\t:set infoETHER1WAN1 (\$infoETHER1WAN1+1)\r\
    \n\t:log info (\"\$inter --> pinging: \$pingip\")\r\
    \n\t/ip dhcp-client disable [find interface=\$inter]\r\
    \n\t/ip route disable [find comment=\$inter]\r\
    \n\t/ip firewall mangle disable [find comment=\$inter]\r\
    \n} else={\r\
    \n\t/ip route enable [find comment=\$inter]\r\
    \n\t/ip firewall mangle enable [find comment=\$inter]\r\
    \n}\r\
    \n:log info (\"\$inter --> end pinging\")\r\
    \n:log info (\"\$inter: \$inter\" . \": PARTE 2\")\r\
    \n:local j\r\
    \n:local cGateway [/ip dhcp-client get [find interface=\$inter] gateway]\r\
    \n:local cWlan (\$inter . \"-\" . \$cGateway)\r\
    \n:local fWlan (\$inter . \"-\" . \$oldGatewayETHER1WAN1)\r\
    \n:log info (\"\$inter: Gateway in file: \" . \$oldGatewayETHER1WAN1)\r\
    \n:log info (\"\$inter: Actual Gateway: \" . \$cGateway)\r\
    \n:log info (\"\$inter: \$cGateway%\$inter\")\r\
    \n:if (\$oldGatewayETHER1WAN1 != \$cGateway) do={\r\
    \n\t:set oldGatewayETHER1WAN1 \"0.0.0.0\"\r\
    \n\t/ip route {\r\
    \n\t\t:foreach i in=[find comment=\$inter] do={\r\
    \n\t\t\t:log info (\"\$inter: \$inter\")\r\
    \n\t\t\t/ip route remove \$i\r\
    \n\t\t}\r\
    \n\t}\r\
    \n\t/ip route add distance=1 dst-address=0.0.0.0/0 gateway=(\"\$cGateway%\$inter\") routing-mark=(\"to_\$inter\") comment=\$inter\r\
    \n\t/ip route add distance=1 dst-address=0.0.0.0/0 gateway=(\"\$cGateway%\$inter\") comment=\$inter\r\
    \n\t:set oldGatewayETHER1WAN1 \$cGateway\r\
    \n}\r\
    \n:local getdate [/system clock get date]\r\
    \n:local gettime [/system clock get time]\r\
    \n:global timeETHER1WAN1 \"\$getdate - \$gettime\""

add name=MC_F_WAN2 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source=":local inter (\"WAN2\")\r\
    \n:local ipPing (\"8.8.4.4\")\r\
    \n:global oldGatewayETHER2WAN2\r\
    \n:global totalrunETHER2WAN2\r\
    \n:global infoETHER2WAN2\r\
    \n:global statsETHER2WAN2\r\
    \n\r\
    \n:if ([:len [\$totalrunETHER2WAN2]] = 0) do={\r\
    \n\t:set totalrunETHER2WAN2 \"1\"\r\
    \n} else={\r\
    \n\t:set totalrunETHER2WAN2 (\$totalrunETHER2WAN2+1)\r\
    \n}\r\
    \n\r\
    \n:if ([:len [\$statsETHER2WAN2]] = 0) do={\r\
    \n\t:set statsETHER2WAN2 \"x\"\r\
    \n} else={\r\
    \n\t:set statsETHER2WAN2 (\"\$infoETHER2WAN2 / \$totalrunETHER2WAN2\")\r\
    \n}\r\
    \n\r\
    \n:if ([:len [\$oldGatewayETHER2WAN2]] < 3) do={\r\
    \n\t:set oldGatewayETHER2WAN2 \"0.0.0.0\"\r\
    \n}\r\
    \n:log info (\"\$inter: \$inter\" . \": PARTE 1\")\r\
    \n/ip dhcp-client enable [find interface=\$inter]\r\
    \n:delay 10s\r\
    \n:local pingip\r\
    \n:local cGateway [/ip dhcp-client get [find interface=\$inter] gateway]\r\
    \n:log info (\"\$inter: cGateway --> \$cGateway\")\r\
    \n/ip route {\r\
    \n\t:foreach i in=[find comment=(\"ping_\$inter\")] do={\r\
    \n\t\t:log info (\"\$inter: ping_\$inter\")\r\
    \n\t\t/ip route remove \$i\r\
    \n\t}\r\
    \n}\r\
    \n/ip route add distance=1 dst-address=\$ipPing gateway=(\"\$cGateway%\$inter\") comment=(\"ping_\$inter\")\r\
    \n:set pingip [/ping \$ipPing count=10]\r\
    \n:log info (\"\$inter --> begin pinging\")\r\
    \n:if (\$pingip = 0) do={\r\
    \n\t:set infoETHER2WAN2 (\$infoETHER2WAN2+1)\r\
    \n\t:log info (\"\$inter --> pinging: \$pingip\")\r\
    \n\t/ip dhcp-client disable [find interface=\$inter]\r\
    \n\t/ip route disable [find comment=\$inter]\r\
    \n\t/ip firewall mangle disable [find comment=\$inter]\r\
    \n} else={\r\
    \n\t/ip route enable [find comment=\$inter]\r\
    \n\t/ip firewall mangle enable [find comment=\$inter]\r\
    \n}\r\
    \n:log info (\"\$inter --> end pinging\")\r\
    \n:log info (\"\$inter: \$inter\" . \": PARTE 2\")\r\
    \n:local j\r\
    \n:local cGateway [/ip dhcp-client get [find interface=\$inter] gateway]\r\
    \n:local cWlan (\$inter . \"-\" . \$cGateway)\r\
    \n:local fWlan (\$inter . \"-\" . \$oldGatewayETHER2WAN2)\r\
    \n:log info (\"\$inter: Gateway in file: \" . \$oldGatewayETHER2WAN2)\r\
    \n:log info (\"\$inter: Actual Gateway: \" . \$cGateway)\r\
    \n:log info (\"\$inter: \$cGateway%\$inter\")\r\
    \n:if (\$oldGatewayETHER2WAN2 != \$cGateway) do={\r\
    \n\t:set oldGatewayETHER2WAN2 \"0.0.0.0\"\r\
    \n\t/ip route {\r\
    \n\t\t:foreach i in=[find comment=\$inter] do={\r\
    \n\t\t\t:log info (\"\$inter: \$inter\")\r\
    \n\t\t\t/ip route remove \$i\r\
    \n\t\t}\r\
    \n\t}\r\
    \n\t/ip route add distance=1 dst-address=0.0.0.0/0 gateway=(\"\$cGateway%\$inter\") routing-mark=(\"to_\$inter\") comment=\$inter\r\
    \n\t/ip route add distance=1 dst-address=0.0.0.0/0 gateway=(\"\$cGateway%\$inter\") comment=\$inter\r\
    \n\t:set oldGatewayETHER2WAN2 \$cGateway\r\
    \n}\r\
    \n:local getdate [/system clock get date]\r\
    \n:local gettime [/system clock get time]\r\
    \n:global timeETHER2WAN2 \"\$getdate - \$gettime\""

add name=MC_F_WAN3 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source=":local inter (\"WAN3\")\r\
    \n:local ipPing (\"4.2.2.1\")\r\
    \n:global oldGatewayETHER3WAN3\r\
    \n:global totalrunETHER3WAN3\r\
    \n:global infoETHER3WAN3\r\
    \n:global statsETHER3WAN3\r\
    \n\r\
    \n:if ([:len [\$totalrunETHER3WAN3]] = 0) do={\r\
    \n\t:set totalrunETHER3WAN3 \"1\"\r\
    \n} else={\r\
    \n\t:set totalrunETHER3WAN3 (\$totalrunETHER3WAN3+1)\r\
    \n}\r\
    \n\r\
    \n:if ([:len [\$statsETHER3WAN3]] = 0) do={\r\
    \n\t:set statsETHER3WAN3 \"x\"\r\
    \n} else={\r\
    \n\t:set statsETHER3WAN3 (\"\$infoETHER3WAN3 / \$totalrunETHER3WAN3\")\r\
    \n}\r\
    \n\r\
    \n:if ([:len [\$oldGatewayETHER3WAN3]] < 3) do={\r\
    \n\t:set oldGatewayETHER3WAN3 \"0.0.0.0\"\r\
    \n}\r\
    \n:log info (\"\$inter: \$inter\" . \": PARTE 1\")\r\
    \n/ip dhcp-client enable [find interface=\$inter]\r\
    \n:delay 10s\r\
    \n:local pingip\r\
    \n:local cGateway [/ip dhcp-client get [find interface=\$inter] gateway]\r\
    \n:log info (\"\$inter: cGateway --> \$cGateway\")\r\
    \n/ip route {\r\
    \n\t:foreach i in=[find comment=(\"ping_\$inter\")] do={\r\
    \n\t\t:log info (\"\$inter: ping_\$inter\")\r\
    \n\t\t/ip route remove \$i\r\
    \n\t}\r\
    \n}\r\
    \n/ip route add distance=1 dst-address=\$ipPing gateway=(\"\$cGateway%\$inter\") comment=(\"ping_\$inter\")\r\
    \n:set pingip [/ping \$ipPing count=10]\r\
    \n:log info (\"\$inter --> begin pinging\")\r\
    \n:if (\$pingip = 0) do={\r\
    \n\t:set infoETHER3WAN3 (\$infoETHER3WAN3+1)\r\
    \n\t:log info (\"\$inter --> pinging: \$pingip\")\r\
    \n\t/ip dhcp-client disable [find interface=\$inter]\r\
    \n\t/ip route disable [find comment=\$inter]\r\
    \n\t/ip firewall mangle disable [find comment=\$inter]\r\
    \n} else={\r\
    \n\t/ip route enable [find comment=\$inter]\r\
    \n\t/ip firewall mangle enable [find comment=\$inter]\r\
    \n}\r\
    \n:log info (\"\$inter --> end pinging\")\r\
    \n:log info (\"\$inter: \$inter\" . \": PARTE 2\")\r\
    \n:local j\r\
    \n:local cGateway [/ip dhcp-client get [find interface=\$inter] gateway]\r\
    \n:local cWlan (\$inter . \"-\" . \$cGateway)\r\
    \n:local fWlan (\$inter . \"-\" . \$oldGatewayETHER3WAN3)\r\
    \n:log info (\"\$inter: Gateway in file: \" . \$oldGatewayETHER3WAN3)\r\
    \n:log info (\"\$inter: Actual Gateway: \" . \$cGateway)\r\
    \n:log info (\"\$inter: \$cGateway%\$inter\")\r\
    \n:if (\$oldGatewayETHER3WAN3 != \$cGateway) do={\r\
    \n\t:set oldGatewayETHER3WAN3 \"0.0.0.0\"\r\
    \n\t/ip route {\r\
    \n\t\t:foreach i in=[find comment=\$inter] do={\r\
    \n\t\t\t:log info (\"\$inter: \$inter\")\r\
    \n\t\t\t/ip route remove \$i\r\
    \n\t\t}\r\
    \n\t}\r\
    \n\t/ip route add distance=1 dst-address=0.0.0.0/0 gateway=(\"\$cGateway%\$inter\") routing-mark=(\"to_\$inter\") comment=\$inter\r\
    \n\t/ip route add distance=1 dst-address=0.0.0.0/0 gateway=(\"\$cGateway%\$inter\") comment=\$inter\r\
    \n\t:set oldGatewayETHER3WAN3 \$cGateway\r\
    \n}\r\
    \n:local getdate [/system clock get date]\r\
    \n:local gettime [/system clock get time]\r\
    \n:global timeETHER3WAN3 \"\$getdate - \$gettime\""

add name="Reboot por Picos" owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="local sede (WineTSL x86)\r\
    \n\r\
    \nlocal minMemory (25)\r\
    \nlocal maxCPU (85)\r\
    \n\r\
    \nlocal date [system clock get date]\r\
    \nlocal time [system clock get time]\r\
    \n\r\
    \nlocal fMemory [system resource get free-memory]\r\
    \nlocal CPUload [system resource get cpu-load]\r\
    \nlocal percentfree ((100  [system resource get free-memory])  [system resource get total-memory])\r\
    \nlocal subject (\$sede .  reboot at  . \$time .  -  . \$date)\r\
    \nlocal body (Free memory  . \$percentfree .  &  . CPU load  . \$CPUload)\r\
    \n\r\
    \nlog info ( Begin MemoryCPU check )\r\
    \nlog info (Free memory  . \$percentfree)\r\
    \nlog info (CPU load  . \$CPUload)\r\
    \nlog info (minMemory  . \$minMemory)\r\
    \nlog info (maxCPU  . \$maxCPU)\r\
    \nlog info (\$subject)\r\
    \nlog info (\$body)\r\
    \n\r\
    \nif (\$percentfree  \$minMemory) do={\r\
    \n\tsystem reboot\r\
    \n}\r\
    \n\r\
    \nlocal CPUload [system resource get cpu-load]\r\
    \nif (\$CPUload  \$maxCPU) do={\r\
    \n\tlog info (CPU over  . \$maxCPU . % 13)\r\
    \n\tdelay 5s\r\
    \n\tlocal CPUload [system resource get cpu-load]\r\
    \n\tif (\$CPUload  \$maxCPU) do={\r\
    \n\t\tlog info (CPU over  . \$maxCPU . % 23)\r\
    \n\t\tdelay 5s\r\
    \n\t\tlocal CPUload [system resource get cpu-load]\r\
    \n\t\tif (\$CPUload  \$maxCPU) do={\r\
    \n\t\t\tsystem reboot\r\
    \n\t\t}\r\
    \n\t}\r\
    \n}\r\
    \nlog info ( End MemoryCPU check )"

add name=CHKStatus owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source=":global X (6);\r\
    \n:for i from=1 to=\$X do={\r\
    \n:local statusForce [/ip dhcp-client get [find interface=\"WAN\$i\"] status ];\r\r\
    \n:if (\$statusForce=\"renewing...\") do={\r\r\
    \n#\t/ip dhcp-client release [find interface=\"WAN\$i\"];\r\
    \n\t/ip dhcp-client renew [find interface=\"WAN\$i\"];\r\r\
    \n\tdelay 15;\r\r\
    \n}\r\r\
    \n:if (\$statusForce=\"rebinding...\") do={\r\r\
    \n#\t/ip dhcp-client release [find interface=\"WAN\$i\"];\r\
    \n\t/ip dhcp-client renew [find interface=\"WAN\$i\"];\r\r\
    \n\tdelay 15;\r\r\
    \n}\r\r\
    \n:if (\$statusForce=\"searching...\") do={\r\r\
    \n#\t/ip dhcp-client release [find interface=\"WAN\$i\"];\r\
    \n\t/ip dhcp-client renew [find interface=\"WAN\$i\"];\r\r\
    \n\tdelay 15;\r\r\
    \n}\r\r\
    \n:if (\$statusForce=\"\") do={\r\r\
    \n#\t/ip dhcp-client release [find interface=\"WAN\$i\"];\r\
    \n\t/ip dhcp-client renew [find interface=\"WAN\$i\"];\r\r\
    \n\tdelay 15;\r\r\
    \n}\r\
    \n}"

add name=Reinicio owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive source="/system reboot"

Avatar de Usuario
DigitAllFran
Site Admin
Mensajes: 23
Registrado: 16 Abr 2018, 21:20

Re: Balanceo varios WAN

Mensaje por DigitAllFran » 25 May 2018, 12:55

Hola amigo, voy a chequear ese código, generalmente se usa un balanceador aparte y un administrador en otro RB de todas formas no es una limitante pero a veces hacer todo en un mismo router es difícil porque los que los configuramos no sabemos todas las areas y muchos menos combinar unas con otras.

Te agradezco por compartirlo en la comunidad. Estaré escribiendo luego de probar que tal funciona.

Saludos

cyclopsld
Mensajes: 2
Registrado: 24 May 2018, 22:12

Re: Balanceo varios WAN

Mensaje por cyclopsld » 25 May 2018, 21:53

si va ! pruebalo y me dices que tal, no tengo varios enlaces en mi oficina para hacer pruebas, una de las limitantes con los balanceadores es al momento de caerse la conexion sigue enviando trafico por esa interfaz a menos que se le quite el cable, cosa que no es muy funcional, con los script que aparecen ahi segun se corrige esa falla, en tus videos esta el balanceo nth con unos script que si no me equivoco hace la misma función ?

Responder