您的位置:360文档中心› Ros3.30PCC多线负载均衡脚本脚本

Ros3.30PCC多线负载均衡脚本脚本

合集下载

ROS3.30ADSL双线PCC及NTH负载均衡图文教程

ROS3.30ADSL双线PCC及NTH负载均衡图文教程

ROS3.30ADSL双线PCC及NTH负载均衡图文教程第一篇:ROS3.30 ADSL双线PCC及NTH负载均衡图文教程1、内网IP设置:2、添加pppoe 去掉 Add Default Route 我们后期手动进行路由设置。

4、标记先标记New Connection Mark 名称为1st_conn,然后用Connection 标记New routing Mark min名称为:1st_route5、设置PCCNTH的设置方法:7、设置备用路由最终效果图8、伪装设置:第二篇:ROS 典型PCC负载脚本ROS 典型PCC负载脚本:global num:set num 38:for szwm from=1 to=$num do={ :global type:set type(“both-addresses:”.$num.“/”.($szwm-1))#设置网卡名字 name中的wlan可以改成#/interface set(“ether”.$szwm)name=(“wlan”.$szwm)#建立pppoe拨号,并禁用/interface pppoe-client add name=(“pppoe-out”.$szwm)user=(“user”.$szwm)password=(“pass”.$szwm) interface=(“wlan”.$szwm)comment=(“ADSL_”.$szwm)di sabled=no # NAT伪装/ip firewall nat add chain=srcnat out-inte rface=(“pppoe-out”.$szwm)action=masqueradecomment=(“NAT_ADSL”.$szwm)# 标记从哪里来/ ip firewall mangleadd chain=input in-interface=(“pppoe-out”.$szwm)action=mark-connection new-connection-mark=(“adsl”.$szwm.“_conn”)passthrough=yescomment=(“From_ADSL”.$szwm)#标记从哪里来,回哪里去/ ip firewall mangle add chain=output connection-mark=(“adsl”.$szwm.“_conn”)action=mark-routing new-routing-mark=(“to_adsl”.$szwm)passthrough=yescomment=(“To_ADSL”.$szwm)#PCC设置/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=(“adsl”.$szwm.“_conn”)dst-address-type=!local in-interface=Local per-connection-classifier=$type passthrough=yes comment=(“ADSL_PCC”.$szwm)#标记路由/ip firewall mangle add chain=prerouting connection-mark=(“adsl”.$szwm.“_conn”)in-interface=Localaction=mark-routing new-routing-mark=(“to_adsl”.$szwm)comment=(“Route_To_ADSL”.$szw m)#添加路由/ip route add dst-address=0.0.0.0/0 gateway=(“pppoe-out”.$szwm)routing-mark=(“to_adsl”.$szwm)check-gateway=pingcomment=(“To_ADSL”.$szwm)add dst-address=0.0.0.0/0 gateway=(“pppoe-out”.$szwm)distance=$szwm check-gateway=ping comment=(“ECMP_”.$szwm)}配合这个掉线后自动修改脚本很好用以4线为例,其中某条线路断了后,会自动判断剩余可用的线路数量然后修改PCC规则的参数,线路恢复正常后会自动把参数修改回正常状态,注意连接标记名称一定要以纯数字“1、2、3、4...”来命名。

ROS3.30全套多线负载平衡设置脚本

ROS3.30全套多线负载平衡设置脚本

ROS3.30全套多线负载平衡设置脚本ROS3.30设置脚本如果你是菜鸟,下面的脚本也许会帮了,如果你是高高手,请你多指证,谢谢下面是我花了一整天的时间整理出来的,第一次用ROS3.30,走了很多弯路,还好以前有点2.9的基础,结合在网上找些前辈门的脚本,终于测试一切正常,我自己在我的线路上测试通过,如果到你机器上有问题,请嘴上留情,别骂我,请仔细检查,相信你也一定能行的。

如果有问题实在搞不懂,可以加我QQ307237303(请先自己多钻研一下在加我)# dec/03/2011 20:55:29 by RouterOS 3.30# software id = K6BP-MUXD#/interface ethernetset 0 arp=enabled auto-negotiation=yes cable-settings=default comment="" \disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:03:47:95:C8:66 mtu=1500 name=W AN3 speed=100Mbpsset 1 arp=enabled auto-negotiation=yes cable-settings=default comment="" \disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:03:47:95:C2:FC mtu=1500 name=LAN speed=100Mbpsset 2 arp=enabled auto-negotiation=yes cable-settings=default comment="" \disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:20:ED:1C:B3:90 mtu=1500 name=W AN1 speed=100Mbpsset 3 arp=enabled auto-negotiation=yes cable-settings=default comment="" \disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:20:ED:1C:B3:91 mtu=1500 name=W AN2 speed=100Mbps以上是网卡名称设置/ip pooladd name=PPPOE-IP ranges=10.0.0.5-10.0.0.200以上是PPPOE拔号地址池/portset 0 baud-rate=9600 data-bits=8 flow-control=hardware name=serial0 parity=\none stop-bits=1set 1 baud-rate=9600 data-bits=8 flow-control=hardware name=serial1 parity=\none stop-bits=1以上是导出后不知用处的/ppp profileset default change-tcp-mss=yes comment="" name=default only-one=default \use-compression=default use-encryption=default use-vj-compression=defaultadd change-tcp-mss=default comment="" dns-server=210.21.196.6 local-address=\10.0.0.1 name=PPPOE-1 only-one=yes rate-limit=\"108k/1400k 128k/1600k 90k/1m" remote-address=PPPOE-IP use-compression=\default use-encryption=default use-vj-compression=default wins-server=\221.5.88.88add change-tcp-mss=default comment="" dns-server=210.21.196.6 local-address=\10.0.0.1 name=LOW only-one=yes rate-limit="88k/900k 108k/1100k 90k/1m" \remote-address=PPPOE-IP use-compression=default use-encryption=default \use-vj-compression=default wins-server=221.5.88.88set default-encryption change-tcp-mss=yes comment="" name=default-encryption \ only-one=default use-compression=default use-encryption=yes \use-vj-compression=default以上是PPPOE服务建立/interface pppoe-clientadd ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 comment="" \ dial-on-demand=no disabled=no interface=WAN1 max-mru=1480 max-mtu=1480 \ mrru=disabled name=pppoe-out1 password=123 profile=default \service-name="" use-peer-dns=no user=123add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 comment="" \ dial-on-demand=no disabled=no interface=WAN2 max-mru=1480 max-mtu=1480 \ mrru=disabled name=pppoe-out2 password=123456 profile=default \service-name="" use-peer-dns=no user=123add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 comment="" \ dial-on-demand=no disabled=no interface=WAN3 max-mru=1480 max-mtu=1480 \ mrru=disabled name=pppoe-out3 password=3 profile=default service-name="" \ use-peer-dns=no user=3 以上是ADSL拔号上网的建立/queue treeadd burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \ max-limit=12M name=totaldown parent=global-in priority=8/queue typeset default kind=pfifo name=default pfifo-limit=50set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \sfq-perturb=5set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \ red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\ 5add kind=pcq name=PCQ-up pcq-classifier=src-address pcq-limit=50 pcq-rate=\ 1000000 pcq-total-limit=10000 add kind=pcq name=PCQ-down pcq-classifier=dst-address pcq-limit=50 pcq-rate=\ 1000000 pcq-total-limit=10000 add kind=pcq name=80-Down pcq-classifier=dst-address pcq-limit=50 pcq-rate=\ 800000 pcq-total-limit=10000 add kind=pcq name=other_down pcq-classifier=dst-address pcq-limit=50 \ pcq-rate=0 pcq-total-limit=2000 add kind=pcq name=server_down pcq-classifier=dst-address pcq-limit=50 \ pcq-rate=0 pcq-total-limit=2000add kind=pcq name=game-down pcq-classifier=dst-address pcq-limit=50 pcq-rate=\ 400000 pcq-total-limit=10000 set default-small kind=pfifo name=default-small pfifo-limit=10/queue treeadd burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1M \ max-limit=10M name=otherdown packet-mark=Port_Packet parent=totaldown \ priority=8 queue=defaultadd burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=1M \ max-limit=12M name=portdown packet-mark=Port_Packet parent=totaldown \priority=1 queue=defaultadd burst-limit=0 burst-threshold=0 burst-time=3s disabled=no limit-at=5M \ max-limit=12M name=80down packet-mark=80_packet parent=totaldown \priority=2 queue=defaultadd burst-limit=0 burst-threshold=0 burst-time=3s disabled=yes limit-at=0 \ max-limit=18M name=totalup packet-mark=PCQ-up parent=global-out priority=\7 queue=default以上是网络优先设置,感觉用处不大,我是3*4M AD/snmpset contact="" enabled=no engine-boots=0 engine-id="" location="" \time-window=15 trap-sink=0.0.0.0 trap-version=1/snmp communityset public address=0.0.0.0/0 authentication-password="" \ authentication-protocol=MD5 encryption-password="" encryption-protocol=\DES name=public read-access=yes security=none write-access=no/system logging actionset memory memory-lines=100 memory-stop-on-full=no name=memory target=memory set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100 \disk-stop-on-full=no name=disk target=diskset echo name=echo remember=yes target=echoset remote bsd-syslog=no name=remote remote=0.0.0.0:514 src-address=0.0.0.0 \ syslog-facility=daemon syslog-severity=auto target=remote /user groupadd comment="" name=read policy="local,telnet,ssh,reboot,read,test,winbox,pass\word,web,sniff,sensitive,!ftp,!write,!policy"add comment="" name=write policy="local,telnet,ssh,reboot,read,write,test,winb\ox,password,web,sniff,sensitive,!ftp,!policy"add comment="" name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy\ ,test,winbox ,password,web,sniff,sensitive"/interface bridge settingsset use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\ no/interface ethernet mirrorset/interface l2tp-server serverset authentication=pap,chap,mschap1,mschap2 default-profile=\default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled/interface ovpn-server serverset auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\ default enabled=no keepalive-timeout=60 mac-address=FE:46:57:28:66:CB \max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no/interface pppoe-server serveradd authentication=pap,chap,mschap1,mschap2 default-profile=PPPOE-1 disabled=\ yes interface=LAN keepalive-timeout=10 max-mru=1480 max-mtu=1480 \max-sessions=0 mrru=disabled one-session-per-host=no service-name=\service1/interface pptp-server serverset authentication=mschap1,mschap2 default-profile=default-encryption \ enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled /ip accounting set account-local-traffic=no enabled=no threshold=256/ip accounting web-accessset accessible-via-web=no address=0.0.0.0/0以上也是不知的东东/ip addressadd address=192.168.2.1/24 broadcast=192.168.2.255 comment="" disabled=no \ interface=LAN network=192.168.2.0 以上是设置ROS的内网IP/ip dhcp-server configset store-leases-disk=5m/ip dnsset allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \ max-udp-packet-size=512 primary-dns=210.21.196.6 secondary-dns=\221.5.88.88以上是设置DNS,你的可能不一样/ip firewall connection trackingset enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \ tcp-close-wait-timeout=10s tcp-established-timeout=1d \tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s以上是系统默认值/ip firewall mangleadd action=change-mss chain=postrouting comment="" disabled=yes new-mss=1460 \ protocol=tcp tcp-flags=syn add action=mark-routing chain=prerouting comment="" disabled=yes \ new-routing-mark=add passthrough=no src-address-list=src1add action=mark-connection chain=prerouting comment=1 disabled=yes \ in-interface=LAN new-connection-mark=1 passthrough=yes \per-connection-classifier=src-address-and-port:3/0add action=mark-routing chain=prerouting comment="" connection-mark=1 \ disabled=yes in-interface=LAN new-routing-mark=1 passthrough=noadd action=mark-connection chain=prerouting comment=2 disabled=yes \ in-interface=LAN new-connection-mark=2passthrough=yes \per-connection-classifier=src-address-and-port:3/1add action=mark-routing chain=prerouting comment="" connection-mark=2 \ disabled=yes in-interface=LAN new-routing-mark=2 passthrough=noadd action=mark-connection chain=prerouting comment=3 disabled=yes \ in-interface=LAN new-connection-mark=3 passthrough=yes \per-connection-classifier=src-address-and-port:3/2add action=mark-routing chain=prerouting comment="" connection-mark=3 \ disabled=yes in-interface=LAN new-routing-mark=3 passthrough=noadd action=change-mss chain=forward comment="" disabled=no new-mss=1400 \ protocol=tcp tcp-flags=syn add action=add-src-to-address-list address-list=src1 address-list-timeout=5s \ chain=prerouting comment="" disabled=no dst-port=80 protocol=tcp \src-address-list=!src2add action=add-src-to-address-list address-list=src2 address-list-timeout=3h \ chain=prerouting comment="" disabled=no dst-port=80 protocol=tcp \src-address-list=!src2add action=accept chain=prerouting comment="" disabled=no dst-port=443 \in-interface=LAN protocol=tcpadd action=mark-connection chain=input comment="" disabled=no in-interface=\pppoe-out1 new-connection-mark=1 passthrough=yesadd action=mark-connection chain=input comment="" disabled=no in-interface=\pppoe-out2 new-connection-mark=2 passthrough=yesadd action=mark-connection chain=input comment="" disabled=no in-interface=\pppoe-out3 new-connection-mark=3 passthrough=yesadd action=mark-routing chain=output comment="" connection-mark=1 disabled=no \new-routing-mark=to_1 passthrough=yesadd action=mark-routing chain=output comment="" connection-mark=2 disabled=no \new-routing-mark=to_2 passthrough=yesadd action=mark-routing chain=output comment="" connection-mark=3 disabled=no \new-routing-mark=to_3 passthrough=yesadd action=mark-connection chain=prerouting comment="" disabled=no \dst-address-type=!local new-connection-mark=1 passthrough=yes \per-connection-classifier=both-addresses:3/0 src-address=10.0.0.0/24add action=mark-connection chain=prerouting comment="" disabled=no \dst-address-type=!local new-connection-mark=2 passthrough=yes \per-connection-classifier=both-addresses:3/1 src-address=10.0.0.0/24add action=mark-connection chain=prerouting comment="" disabled=no \dst-address-type=!local new-connection-mark=3 passthrough=yes \per-connection-classifier=both-addresses:3/2 src-address=10.0.0.0/24add action=mark-routing chain=prerouting comment="" connection-mark=1 \disabled=no new-routing-mark=to_1 passthrough=yes src-address=10.0.0.0/24add action=mark-routing chain=prerouting comment="" connection-mark=2 \disabled=no new-routing-mark=to_2 passthrough=yes src-address=10.0.0.0/24add action=mark-routing chain=prerouting comment="" connection-mark=3 \disabled=no new-routing-mark=to_3 passthrough=yes src-address=10.0.0.0/24以上是PPPOE 负载平衡,为both-addresses形式的(好像和PCC一样,不明白,还有就是我没做IP负载平衡,我用不着,做了也删了)add action=mark-connection chain=prerouting comment="" disabled=no dst-port=\8291 in-interface=pppoe-out3 new-connection-mark=in_3 passthrough=yes \protocol=tcpadd action=mark-routing chain=output comment="" connection-mark=in_3 \disabled=no new-routing-mark=3 passthrough=yes以上是指定外网访问ROS的线路和端口,我这样理解,具体也不明白add action=mark-connection chain=prerouting comment=\ "\D3\C5\CF\C8\B6\CB\BF\DA" disabled=no dst-port=443 new-connection-mark=\Port_Conn passthrough=yes protocol=tcpadd action=mark-connection chain=prerouting comment="" disabled=no dst-port=\3724 new-connection-mark=Port_Conn passthrough=yes protocol=tcpadd action=mark-connection chain=prerouting comment="" disabled=no dst-port=\8000 new-connection-mark=Port_Conn passthrough=yes protocol=udpadd action=mark-packet chain=prerouting comment="" connection-mark=Port_Conn \disabled=no new-packet-mark=Port_Packet passthrough=noadd action=mark-connection chain=prerouting comment="web\B6\CB\BF\DA" \disabled=no dst-port=80 new-connection-mark=80_Conn passthrough=yes \protocol=tcpadd action=mark-connection chain=prerouting comment="" disabled=no dst-port=\53 new-connection-mark=80_Conn passthrough=yes protocol=udpadd action=mark-packet chain=prerouting comment="" connection-mark=80_Conn \ disabled=no new-packet-mark=80_packet passthrough=noadd action=mark-connection chain=prerouting comment=\ "\C6\E4\CB\FB\CA\FD\BE\DD" disabled=no new-connection-mark=Other_Conn \passthrough=yesadd action=mark-packet chain=prerouting comment="" connection-mark=Other_Conn \ disabled=no new-packet-mark=Other_Packet passthrough=no以上是端口优先标记,和前面的一起使用,不用就都不要加/ip firewall natadd action=masquerade chain=srcnat comment=10 disabled=no out-interface=\pppoe-out1add action=masquerade chain=srcnat comment=11 disabled=no out-interface=\pppoe-out2add action=masquerade chain=srcnat comment=12 disabled=no out-interface=\pppoe-out3以上是IP伪装,我是三知AD,和2.9的不一样,开始这里按2.9的搞,搞了很久上不了网/ip firewall service-portset ftp disabled=no ports=21set tftp disabled=no ports=69set irc disabled=no ports=6667set h323 disabled=noset sip disabled=no ports=5060,5061set pptp disabled=no/ip neighbor discoveryset WAN3 discover=yesset LAN discover=yesset WAN1 discover=yesset WAN2 discover=yesset pppoe-out1 discover=noset pppoe-out2 discover=noset pppoe-out3 discover=no/ip proxyset always-from-cache=no cache-administrator=webmastercache-hit-dscp=4 \cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \parent-proxy-port=0 port=8080 serialize-connections=no src-address=\0.0.0.0以上是不知用的东东/ip routeadd check-gateway=ping comment="" disabled=yes distance=1 dst-address=\0.0.0.0/0 gateway=pppoe-out2 routing-mark=2add check-gateway=ping comment="" disabled=yes distance=1 dst-address=\0.0.0.0/0 gateway=pppoe-out3 routing-mark=3add check-gateway=ping comment="" disabled=yes distance=1 dst-address=\0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment="" disabled=yes distance=1 dst-address=\0.0.0.0/0 gateway=pppoe-out1 routing-mark=1add check-gateway=ping comment="" disabled=yes distance=2 dst-address=\0.0.0.0/0 gateway=pppoe-out2add comment=WAN1 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\pppoe-out1 routing-mark=to_1add comment=WAN3 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\pppoe-out3 routing-mark=to_3add check-gateway=ping comment="" disabled=yes distance=2 dst-address=\0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment=WAN2 disabled=no distance=10 dst-address=\0.0.0.0/0 gateway=pppoe-out2add check-gateway=ping comment="" disabled=yes distance=2 dst-address=\0.0.0.0/0 gateway=pppoe-out3add comment=WAN2 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\pppoe-out2 routing-mark=to_2add check-gateway=ping comment=WAN1 disabled=no distance=10 dst-address=\0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment=WAN3 disabled=no distance=10 dst-address=\0.0.0.0/0 gateway=pppoe-out3以上这里就是路由了,看着有点长,设好后其实就只有3*2+1条了,为什么?我这样理解的,3条AD+3条备用+1条默认/ip serviceset telnet address=0.0.0.0/0 disabled=no port=23set ftp address=0.0.0.0/0 disabled=no port=21set www address=0.0.0.0/0 disabled=no port=80set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443set api address=0.0.0.0/0 disabled=yes port=8728set winbox address=0.0.0.0/0 disabled=no port=8291/ip socksset connection-idle-timeout=2m enabled=no max-connections=200 port=1080/ip traffic-flowset active-flow-timeout=30m cache-entries=4k enabled=no \inactive-flow-timeout=15s interfaces=all/ip upnpset allow-disable-external-interface=yes enabled=yes show-dummy-rule=yes以上这些也是不知用的东东,也不用管吧/ppp aaaset accounting=yes interim-update=0s use-radius=no/ppp secretadd caller-id="" comment="" disabled=no limit-bytes-in=0 limit-bytes-out=0 \name=ADSC110 password=110110 profile=LOW routes="" service=anyadd caller-id="" comment="" disabled=no limit-bytes-in=0 limit-bytes-out=0 \name=ADSC207 password=207207 profile=default routes="" service=any以上是我拔号上网的用户名和密码,按自己的加,PPPOE服务前面已建立好了set WAN3 queue=ethernet-defaultset LAN queue=ethernet-defaultset WAN1 queue=ethernet-defaultset WAN2 queue=ethernet-defaultset pppoe-out1 queue=defaultset pppoe-out2 queue=defaultset pppoe-out3 queue=default/radius incomingset accept=no port=3799/storeadd comment="" disabled=no disk=primary-master name=web-proxy1 type=web-proxy /system clockset time-zone-name=manual/system clock manualset dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\"jan/01/1970 00:00:00" time-zone=+00:00/system consoleadd disabled=no port=serial0 term=vt102set [ find vcno=1 ] disabled=no term=linuxset [ find vcno=2 ] disabled=no term=linuxset [ find vcno=3 ] disabled=no term=linuxset [ find vcno=4 ] disabled=no term=linuxset [ find vcno=5 ] disabled=no term=linuxset [ find vcno=6 ] disabled=no term=linuxset [ find vcno=7 ] disabled=no term=linuxset [ find vcno=8 ] disabled=no term=linux/system console screenset line-count=25/system hardwareset multi-cpu=yes/system healthset state-after-reboot=enabled/system identityset name=MikroTik/system loggingadd action=memory disabled=no prefix="" topics=infoadd action=memory disabled=no prefix="" topics=erroradd action=memory disabled=no prefix="" topics=warning add action=echo disabled=no prefix="" topics=critical/system noteset note="" show-at-login=yes/system ntp clientset enabled=no mode=broadcast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0上面的我也没搞明白是什么,也不用去理会/system scheduleradd comment="" disabled=no interval=30s name=getadsl on-event=":global assign\ \r\\n:global new\r\\n:global status\r\\n:global x\r\\n:set x 3\r\(红字3改成你的AD条数)\n:for i from=1 to=\$x do={\r\\n :set status [/interface get [/interface find name=(\"pppoe-out\" . \\$i)] running]\r\\n :if (\$status=true) do={\r\\n :set new [/ip address get [/ip address find dynamic=yes interface=(\\"pppoe-out\" . \$i)] address]\r\\n :set new [:pick \$new 0 ([:len \$new] -3)]\r\\n :set assign [/ip address get [/ip address find dynamic=no interface\=(\"pppoe-out\" . \$i)] address]\r\\n :set assign [:pick \$assign 0 ([:len \$assign] -3)]\r\\n :if (\$assign != \$new) do={ /ip address set [/ip addressfind c\omment=(\"adsl\" . \$i)] address=\$new network=\$new broadcast=\$new\r\\n /ip route set [/ip route find comment=(\"adsl\" . \$i)] gateway\=\$new\r\\n }\r\\n }\r\\n} \r\\n" start-time=startup以上是刷网关的脚本,很重点的哟add comment="" disabled=no interval=5m name=DDNS on-event=":log info \"DDNS: B\ egin\"\r\\n:global ddns-user \"123456\"\r\\n:global ddns-pass \"123456\"\r\\n:global ddns-host \"/doc/143656614.html,\"\r\(将红字改成你的)\n:global ddns-interface \"pppoe-out1\"\r\(这个是用那条线做DDNS)\n:global ddns-ip [ /ip address get [/ip address find interface=\$ddns-int\erface] address ] \r\\n:log info \"DDNS: Sending UPDATE!\"\r\\n:log info [ /tool dns-update name=\$ddns-host address=[:pick \$ddns-ip 0\\_[:find \$ddns-ip \"/\"] ] key-name=\$ddns-user key=\$ddns-pass ]\r\\n:log info \"DDNS: End\"" start-time=startup以上是DDNS,很好用的/system scriptadd name=ADSL policy=\ftp,reboot,read,write,policy,test,winbox,password,sniff,sensit ive source="\:global assign\r\\n:global new\r\\n:global status\r\\n:global x\r\\n:set x 2\r\\n:for i from=1 to=\$x do={\r\\n :set status [/interface get [/interface find name=(\"pppoe-out\" . \\$i)] running]\r\\n :if (\$status=true) do={\r\\n :set new [/ip address get [/ip address find dynamic=yes interface=(\\"pppoe-out\" . \$i)] address]\r\\n :set new [:pick \$new 0 ([:len \$new] -3)]\r\\n :set assign [/ip address get [/ip address find dynamic=no interface\=(\"pppoe-out\" . \$i)] address]\r\\n :set assign [:pick \$assign 0 ([:len \$assign] -3)]\r\\n :if (\$assign != \$new) do={ /ip address set [/ip address find c\omment=(\"adsl\" . \$i)] address=\$new network=\$new broadcast=\$new\r\\n /ip route set [/ip route find comment=(\"adsl\" . \$i)] gateway\=\$new\r\\n }\r\\n }\r\\n} \r\\n"/system upgrade mirrorset check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\0.0.0.0 user=""/system watchdogset auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\ none watchdog-timer=yes /tool bandwidth-serverset allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=\ 100/tool e-mailset from=<> password="" server=0.0.0.0:25 username=""/tool graphingset page-refresh=300 store-every=5min/tool graphing interfaceadd allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes/tool mac-serveradd disabled=no interface=all/tool mac-server pingset enabled=yes/tool smsset allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret="" /tool snifferset file-limit=10 file-name="" filter-address1=0.0.0.0/0:0-65535 \filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=\yes interface=all memory-limit=10 only-headers=no streaming-enabled=no \ streaming-server=0.0.0.0/useradd address=0.0.0.0/0 comment="system default user" disabled=no group=full \ name=admin/user aaaset accounting=yes default-group=read interim-update=0s use-radius=no以上的我还是搞不懂的。

ROS 多线PCC负载均衡

ROS 多线PCC负载均衡

ROS 多线PCC负载均衡-宽带分租教程提示:PCC匹配器允许分离传输流做到平衡流量的功能(能指定这个属性选择src-address, src-port, dst-address,dst-port) PCC原理 PCC从一定范围内分析选择IP数据包头,通过哈西散列算法的帮助下,将选定的区域转换为32bit值PCC匹配器允许分离传输流做到平衡流量的功能(能指定这个属性选择src-address, src-port, dst-address,dst-port)PCC原理PCC从一定范围内分析选择IP数据包头,通过哈西散列算法的帮助下,将选定的区域转换为32bit值。

这个值除以指定Denominator(分母),余数将比较一个指定的余数(Remainder),如果相等这时数据包将会被捕获,你可以选择src-address, dst-address, src-port, dst-port等使用此操作。

per-connection-classifier= PerConnectionClassifier ::=[!]ValuesToHash:Denominator/Remainder Remainder ::= 0..4294967295 (integer number) Denominator ::= 1..4294967295 (integer number) ValuesToHash ::=src-address|dst-address|src-port|dst-port[,ValuesToHash*] per-connection-classifier分类器,通过判断源地址、目标地址、源端口和目标端口,对数据进行分类,如事例:这个配置将所有连接基于源地址和端口分类的3个组:/ip firewall mangle add chain=prerouting action=mark-connectionnew-connection-mark=1st_connper-connection-classifier=both-addresses:3/0 /ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=2nd_conn per-connection-classifier=both-addresses:3/1 /ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=3rd_conn per-connection-classifier=both-addresses:3/2per-connection-classifier=both-addresses:3/0,这条规则的含义为我们对原地址的端口进行分类,3/0为一共有3条出口,定义第一条,3/1则是第二条,以此类推。

2018-rospcc负载均衡-范文模板 (6页)

2018-rospcc负载均衡-范文模板 (6页)

本文部分内容来自网络整理,本司不为其真实性负责,如有异议或侵权请及时联系,本司将立即删除!== 本文为word格式,下载后可方便编辑和修改! ==rospcc负载均衡篇一:ROS_PCC负载均衡案例40条线路PCC负载均衡RouterOS支持多线路的负载均衡,某小区为了节约费用,采用40条2M带宽的AD通过做汇聚实现高带宽的小区带宽,为解决接口问题采用一台Cisco的48口的交换机做VLAN接入40条AD,让后通过VLAN连接到RouterOS进行拨号,再做PCC负载均衡,网络拓扑图如下:外网接入的方法是在交换机和RouterOS路由器上划分VLAN,然后在ROS对应的VLAN上做PPPoE-CLIENT。

1、首先划分VLAN(我们这里是从2开始排序的),脚本如下:[admin@MikroTik] > :for i fro(来自: : rospcc负载均衡 )m=2 to=41 do= {interface vlan add name=("vlan".$i) vlan-id=$i interface=ether2-wan }2、然后添加PPPOE拨号(先添加拨号再手动输入每个AD的帐号和密码,40条AD设置还是要花点时间了),脚本如下:[admin@MikroTik] > :for i from=2 to=41 do= {interface pppoe-clientadd name=("pppoe-out".$i) user=$i password=$i interface=("vlan".$i)}3、我们这里采用PCC的负载均衡,在ip firewall mangle里添加相应的PCC规则,通过一些脚本添加PCC的规则,注意:如果PPPoE客户端拨号没有成功,那么添加的规则则为红色的,拨号成功后自动正常[admin@MikroTik] > :for i from=2 to=41 do={/ip firewall mangle add chain=inputaction=mark-connection new-connection-mark=conn1 in-interface=("pppoe-out".$i)}4.然后标记路由让从哪个接口进来的数据就从哪个接口出去:[admin@MikroTik] > :for i from=2 to=41 do= {ip firewall mangle add chain=outputconnection-mark=("conn".$i) action=mark-routing new-routing-mark=("rout".$i)}[admin@MikroTik] >5.然后将所有内网出来的数据通过pcc的both-addresses分成40分并标记连接和路由:[admin@MikroTik] > :for i from=2 to=41 do= {/ip firewall mangle add chain=prerouting src-address-list=lan-add action=mark-connection new-connection-mark=("conn".$i)per-connection-classifier=("both-addresses:40/".$i) comment=$i{... /ip firewall mangle add chain=prerouting src-address-list=lan-add action=mark-routingnew-routing-mark=("rout".($i-2)) connection-mark=("conn".$i)}篇二:RouterOS多线PCC负载均衡RouterOS多线PCC负载均衡核心提示:PCC匹配器允许分离传输流做到平衡流量的功能(能指定这个属性选择src-address, src-port, dst-address,dst-port) PCC原理 PCC从一定范围内分析选择IP数据包头,通过哈西散列算法的帮助下,将选定的区域转换为32bit值PCC匹配器允许分离传输流做到平衡流量的功能(能指定这个属性选择src-address, src-port, dst-address,dst-port)PCC原理PCC从一定范围内分析选择IP数据包头,通过哈西散列算法的帮助下,将选定的区域转换为32bit值。

ROS双线检测掉线自动切换实现

ROS双线检测掉线自动切换实现

ROS双线检测掉线自动切换实现ROS双线负载均衡自动切换/ system scriptadd name="dxup" source="/ip route set \[/ip route find comment=tel\] gateway=电信网关;\n\n/ip route set \[/ip route find comment=tel\] disable=no;"policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncup" source="/ip route enable \[/ip route find gateway=网通网关\]" policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="dxdown" source="/ip route set \[/ip route find comment=tel\] gateway=网通网关" policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncdown" source="/ip route disable \[/ip route find gateway=网通网关\]" policy=ftp,reboot,read,write,policy,test,winbox,password/tool netwatch add host=电信网关timeout=1s interval=5s up-script=dxupdown-script=dxdown/tool netwatch add host=网通网关timeout=1s interval=5s up-script=cncupdown-script=cncdown更详细:电信或网通双线之一掉线自动切换的功能实现首先,需要配制netwatch检测功能,左侧tools->netwatch,+号,HOST添电信的网关,UP中添dxup,DOWN中添dxdown,OK,同样再添加网通的网关,和cncup,cncdown.然后添加执行的脚本文件,下面的这个是我自己用的,差点,不过能用就好..呵呵....将红字部分添上自己的网关,注意,我是在router list中电信0.0.0.0/0做了comment注释为tel./ system scriptadd name="dxup" source="/ip route set \[/ip route find comment=tel\] \gateway=电信网关;\n/ip route set \[/ip route find comment=tel\] \disable=no;" policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncup" source="/ip route enable \[/ip route find \gateway=网通网关\]" \policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="dxdown" source="/ip route set \[/ip route find comment=tel\] \gateway=网通网关" \policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncdown" source="/ip route disable \[/ip route find \gateway=网通网关\]" \policy=ftp,reboot,read,write,policy,test,winbox,password在new terminal 中右键paste回车就可以了~~切换的原理是dxup 修改comment为tel的项的gateway为电信(电信可用时默认0.0.0.0/0为电信网关) dxdown 修改comment为tel的项gateway为网通(电信不可用修改0.0.0.0/0为网通) cncup 启用所有gateway为网通的项(当网通可用进行路由选择~)cncdown 禁用所有gateway 为网通的项~ (当网通不可用走默认线路不经过选择)。

Ros 双ADSL、NTH负载均衡实际操作设置(脚本化操作)

Ros 双ADSL、NTH负载均衡实际操作设置(脚本化操作)

建立PPP拨号,把其中一条拨号名命名为ADSL1,另一个命明为ADSL2,并把内网网卡命名为LAN,然后等待拨号成功,设置参考下图拨号成功后,PPPOE会自动添加IP地址和网关,找到地址和网关,复制下来,替换到下面脚本中把A1IP替换成ADSL1的IP,A1网关替换成ADSL1的网关,把A2IP替换成ADSL2的IP,A2网关替换成ADSL2的网关.之后慢慢添脚本,添完成功后,把拨号的Add Default Route 的勾去掉,看负载均衡是否可以正常工作!1.普通脚本设置程序代码/ ip firewall natadd chain=srcnat action=masquerade comment="3" disabled=yes/ ip addressadd address=A1IP interface=ADSL1 comment="1" disabled=noadd address=A2IP interface=ADSL2 comment="2" disabled=no/ ip routeadd dst-address=0.0.0.0/0 gateway=A1网关routing-mark=1 comment="1"add dst-address=0.0.0.0/0 gateway=A2网关routing-mark=2 comment="2"add dst-address=0.0.0.0/0 gateway=A1网关comment="3"2.添加NAT,NTH脚本程序代码/ ip firewall mangleadd chain=prerouting in-interface=LAN protocol=tcp connection-state=new nth=1,1,0action=mark-connection \new-connection-mark=1 passthrough=yes comment="A1 NTH" disabled=noadd chain=prerouting in-interface=LAN protocol=tcp connection-mark=1 action=mark-routing new-routing-mark=1 \passthrough=no comment="A1 NTH" disabled=noadd chain=prerouting in-interface=LAN protocol=tcp connection-state=new nth=1,1,1action=mark-connection \new-connection-mark=2 passthrough=yes comment="A2 NTH" disabled=noadd chain=prerouting in-interface=LAN protocol=tcp connection-mark=2 action=mark-routing new-routing-mark=2 \passthrough=no comment="A2 NTH" disabled=no/ ip firewall natadd chain=srcnat connection-mark=1 action=src-nat to-addresses=A1IP to-ports=0-65535 comment="1" disabled=noadd chain=srcnat connection-mark=2 action=src-nat to-addresses=A2IP to-ports=0-65535 comment="2" disabled=no3.同步NAT,ADSL动态IP,网关脚本:位置winbox-system-script 点“+ ”号,改name为sync,然后复制下面的脚本到source里程序代码:local assign-address:local new-address:local status:local x:set x 2:for i from=1 to=$x do={:set status [/interface get [/interface find name=("ADSL" . $i)] running]:if ($status=true) do={:set new-address [/ip address get [/ip address find dynamic=yes interface=("ADSL" . $i)] address]:set new-address [:pick $new-address 0 ([:len $new-address] -3)]:set assign-address [/ip address get [/ip address find dynamic=no interface=("ADSL" . $i)] address]:set assign-address [:pick $assign-address 0 ([:len $assign-address] -3)]:set new-gateway [/ip address get [/ip address find dynamic=yes interface=("ADSL" . $i)] network] :set adckip [/tool netwatch get [/tool netwatch find comment=$i] host]:if ($assign-address != $new-address) do={ /ip address set [/ip address find comment=$i] address=$new-address network=$new-address broadcast=$new-address/ip route set [/ip route find comment=$i] gateway=$new-gateway]/ip firewall nat set [/ip firewall nat find comment=$i] to-addresses=$new-address/ip route set [/ip route find comment=$i] gateway=$new-gateway]}:if ($new-gateway != $adckip) do={/tool netwatch set [/tool netwatch find comment=$i]host=$new-gateway]}}}4.添加ADSL1当线脚本A1Down,自动停用NTH负载所需的参数,并将标记3的网关设为ADSL2的网关位置winbox-system-script 点“+ ”号,改name为A1Down,然后复制下面的脚本到source里程序代码:local new-gateway:set new-gateway [/ ip address get [/ip address find dynamic=yes interface=ADSL2] network]/ip route set [/ip route find comment=3] gateway=$new-gateway/ip route enable [/ip route find comment=3]/ip route disabled [/ip route find comment=1]/ip route disabled [/ip route find comment=2]/ip firewall nat enable [/ip firewall nat find comment=3]/ip firewall nat disabled [/ip firewall nat find comment=1]/ip firewall nat disabled [/ip firewall nat find comment=2]5.添加ADSL2当线脚本A2Down,自动停用NTH负载所需的参数,并将标记3的网关设为ADSL1的网关位置winbox-system-script 点“+ ”号,改name为A2Down,然后复制下面的脚本到source里程序代码:local new-gateway:set new-gateway [/ ip address get [/ip address find dynamic=yes interface=ADSL1] network]/ip route set [/ip route find comment=3] gateway=$new-gateway/ip route enable [/ip route find comment=3]/ip route disabled [/ip route find comment=1]/ip route disabled [/ip route find comment=2]/ip firewall nat enable [/ip firewall nat find comment=3]/ip firewall nat disabled [/ip firewall nat find comment=1]/ip firewall nat disabled[/ip firewall nat find comment=2]6.添加ADSL掉线判断NETWATCH程序代码/ tool netwatchadd host=A1网关timeout=1s interval=1m up-script="" down-script="A1Down"comment="1" add host=A2网关timeout=1s interval=1m up-script="" down-script="A2Down" comment="2"7.添加双线判断正常脚本allup。

【均衡】Routeros双线负载均衡自动切换

【均衡】Routeros双线负载均衡自动切换

【关键字】均衡Routeros双线负载均衡自动切换Routeros双线负载均衡自动切换/systemscriptadd name=cncdown policy=\ftp,reboot,read,write,policy,test,winbox,password,sniffsource=\"/ip routedisable [/ip route find gateway=网通网关]"add name=cncuppolicy=ftp,reboot,read,write,policy,test,winbox,password,sniff\source="/iproute enable [/ip route find gateway=网通网关]"add name=dxdown policy=\ftp,reboot,read,write,policy,test,winbox,password,sniffsource=\"/ip routeset [/ip route find comment=tel] gateway=电信网关"add name=dxuppolicy=ftp,reboot,read,write,policy,test,winbox,password,sniff\source="/iproute set [/ip route find comment=tel] gateway=电信网关;\\n\\n/ip routeset [/ip route find comment=tel] disable=no;"/tool netwatch add host=电信网关timeout=1s interval=5s up-script=dxupdown-script=dxdown/tool netwatch add host=网通网关timeout=1s interval=5s up-script=cncupdown-script=cncdown-------------------------------------------------------------------------------------------------#以上信息剪贴到终端即可#更详细:#电信或网通双线之一掉线自动切换的功能实现#首先,需要配制netwatch检测功能,#左侧tools-&gt;netwatch,+号,HOST添电信的网关,UP中添dxup,DOWN中添dxdown,OK, #同样再添加网通的网关,和cncup,cncdown.#然后添加执行的脚本文件,下面的这个是我自己用的,差点,不过能用就好..呵呵....#注意,我是在routerlist中电信#dxup 修改comment为tel的项的gateway为电信(电信可用时默认#dxdown 修改comment为tel的项gateway为网通(电信不可用修改#cncup 启用所有gateway为网通的项(当网通可用进行路由选择~)#cncdown 禁用所有gateway 为网通的项~ (当网通不可用走默认线路不经过选择)---------------------------------------------------------------------------------------------------下面是2.X的请分开复制-----------------------------------------------------------------------------------------------------ROS双线负载均衡自动切换/ system scriptadd name="dxup" source="/ip route set \[/ip route findcomment=tel\] gateway=电信网关;\n\n/ip route set \[/ip route findcomment=tel\] disable=no;"policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncup" source="/ip route enable \[/ip route findgateway=网通网关\]"policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="dxdown" source="/ip route set \[/ip route find comment=tel\] gateway=网通网关"policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncdown" source="/ip route disable \[/ip route find gateway=网通网关\]"policy=ftp,reboot,read,write,policy,test,winbox,password/tool netwatch add host=电信网关timeout=1s interval=5sup-script=dxupdown-script=dxdown/tool netwatch add host=网通网关timeout=1s interval=5sup-script=cncupdown-script=cncdown更详细:电信或网通双线之一掉线自动切换的功能实现首先,需要配制netwatch检测功能,左侧tools-&gt;netwatch,+号,HOST添电信的网关,UP中添dxup,DOWN中添dxdown,OK,同样再添加网通的网关,和cncup,cncdown.然后添加执行的脚本文件,下面的这个是我自己用的,差点,不过能用就好..呵呵....将红字部分添上自己的网关,注意,我是在router list中电信/ system scriptadd name="dxup" source="/ip route set \[/ip route find comment=tel\] \gateway=电信网关;\n/ip route set \[/ip route find comment=tel\] \disable=no;"policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncup" source="/ip route enable \[/ip route find \ gateway=网通网关\]" \policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="dxdown" source="/ip route set \[/ip route find comment=tel\] \gateway=网通网关" \policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncdown" source="/ip route disable \[/ip route find \gateway=网通网关\]" \policy=ftp,reboot,read,write,policy,test,winbox,password在new terminal 中右键paste回车就可以了~~切换的原理是dxup 修改comment为tel的项的gateway为电信(电信可用时默认dxdown 修改comment为tel的项gateway为网通(电信不可用修改cncup 启用所有gateway为网通的项(当网通可用进行路由选择~)cncdown 禁用所有gateway 为网通的项~ (当网通不可用走默认线路不经过选择)此文档是由网络收集并进行重新排版整理.word可编辑版本!。

我写的负载均衡

我写的负载均衡

ROS 双线负载均衡实例(PCC)
最近朋友的宾馆申请了两条4M的ADSL线路,需要做负载均衡,满足客人上网需求。

配置如下
一:准备条件:ros 3.3
二、步骤:
1、新建PPPOE拨号账户(注意:不要添加默认路由)
拨号账户1
拨号账户2
2、定义数据包
3、把刚定义的数据包定义路由走向
同理,对于第二个数据包,也是先定义数据包,然后定义路由走向
定义后的效果如图所示
三、对于刚才定义好的数据包和路由,在路由里面选择指定路径。

当然,为了防止一条线路中断影响网络,可以添加一条备份的路由,distance改为2(默认下该路由不生效,但链路中断后,会生效),如图
路由效果图如下:
四、最后,做ip伪装
五、完成效果图
总结:
改负载均衡方法采用ros pcc的负载均衡,提供负载均衡的同时提供冗余功能,路由器会根据线路的状态自动选择出口。

时间紧迫,没有很好整理,测试成功,有问题可联系我。

多线ADSL拨出动态IP自动负载均衡脚本

多线ADSL拨出动态IP自动负载均衡脚本

用ROS已经十多天了,俺就不信做不了这个喜欢的请顶一下不管是双网通、还是双电信,还是一个网通一个电信还是更多的ADSL线路,只要动态分配IP,通吃。

设计包含了根据动态分配的IP自动更新为静态IP,然后再设为负载均衡的网关。

所有拨通、断开、禁用等均可自动设置。

如果没有变化不会有设置命令执行,对上网无任何影响。

工作流程概述:1、查找所有断开状态的PPPoE线路,删除未连接的静态IP设置;2、查找所有结连的PPPoE线路,检查动态IP、更新静态IP;3、计算出多线均衡的网关设置,然后用/ip route add gateway ip1,ip2,ip3....形式加入网关完成!!使用方法:建一个脚本,起一个名字;在计划中每几秒执行一次;基本不会对CPU加重负载。

有图为证,4线拨出:脚本源码::local gw "":local js 0:foreach k in=[/inter pppoe-c find running=false] do={:set n [/inter pppoe-c get $k name]:set ipi [/ip addr find interface=$n dynamic=false]:if ($ipi != "") do={/ip addr remove $ipi}}:foreach k in=[/inter pppoe-c find running=true] do={:set n [/inter pppoe-c get $k name]:set dip [/ip address get [find interface=$n dynamic=true] address]:set diip [:pick $dip 0 [:find $dip /]]:if ($js=0) do={:set gw $diip} else={:set gw ($gw . "," . $diip)}:set js ($js+1):set ipi [/ip addr find interface=$n dynamic=false]:if ($ipi="") do={/ip addr add address=$diip netmask=255.255.255.255 network=$diip broadcast=$diip interface=$n} else={ :set sip [/ip addr get $ipi address]:set siip [:pick $sip 0 [:find $sip /]]:if ($diip != $siip) do={/ip addr set $ipi addr=$diip netmask=255.255.255.255 network=$diip broadcast=$diip}}}:set i [/ip route find comm=ecmp]:if ($gw = "") do={:if ($i != "") do={/ip route remove $i}} else={:if ($i="") do={/ip route add gateway $gw comment=ecmp} else={:set ogw [/ip route get $i gateway]:if ($ogw != $gw) do={/ip route set $i gateway $gw}}}给脚本加注解,希望想学习者不走弯路:因为只有使用形如/ip route gateway ip1,ip2,ip3 .... 才得得到负载均衡,但拨号的IP不固定,因此必须检查并设置为拨号得到的IP地址为静态,再设到网关中去才起作用。

Ros3.30PCC多线负载均衡脚本脚本

Ros3.30PCC多线负载均衡脚本脚本

Ros 3.30 PCC双线负载均衡脚本脚本如下/ip address add address=内网网关IP/内网子网掩码interface=内网网卡名称comment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38"/ip dns set primary-dns=首选DNS secondary-dns=备用DNSallow-remote-requests=yes/interface pppoe-client add name="pppoe-out1" interface=外网网卡1名称user="PPPoE帐号1" password="密码1" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out2" interface=外网网卡2名称user="PPPoE帐号2" password="密码2" add-default-route=no disabled=no/ip firewall mangleadd action=change-mss chain=forwardcomment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38" disabled=no new-mss=1440 protocol=tcp tcp-flags=synadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out2 new-connection-mark=pppoe-out2_conn passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out1_conn disabled=nonew-routing-mark=to_pppoe-out1 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out2_conn disabled=nonew-routing-mark=to_pppoe-out2 passthrough=yesadd action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out1_conn passthrough=yesper-connection-classifier=both-addresses:2/0 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out2_conn passthrough=yesper-connection-classifier=both-addresses:2/1 src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out1_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out1 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out2_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out2 passthrough=yes src-address=内网网断/内网子网掩码/ip routeadd comment=1 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out1 routing-mark=to_pppoe-out1 check-gateway=pingadd comment=2 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out2 routing-mark=to_pppoe-out2 check-gateway=pingadd check-gateway=ping comment="pppoe-out1" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment="pppoe-out2" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out2/ip firewall natadd action=masquerade chain=srcnat comment="1" disabled=noout-interface=pppoe-out1add action=masquerade chain=srcnat comment="2" disabled=noout-interface=pppoe-out2Ros 3.30 PCC三线负载均衡脚本脚本如下/ip address add address=内网网关IP/内网子网掩码interface=内网网卡名称comment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38"/ip dns set primary-dns=首选DNS secondary-dns=备用DNSallow-remote-requests=yes/interface pppoe-client add name="pppoe-out1" interface=外网网卡1名称user="PPPoE帐号1" password="密码1" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out2" interface=外网网卡2名称user="PPPoE帐号2" password="密码2" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out3" interface=外网网卡3名称user="PPPoE帐号3" password="密码3" add-default-route=no disabled=no/ip firewall mangleadd action=change-mss chain=forwardcomment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38" disabled=no new-mss=1440 protocol=tcp tcp-flags=synadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out2 new-connection-mark=pppoe-out2_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out3 new-connection-mark=pppoe-out3_conn passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out1_conn disabled=nonew-routing-mark=to_pppoe-out1 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out2_conn disabled=nonew-routing-mark=to_pppoe-out2 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out3_conn disabled=nonew-routing-mark=to_pppoe-out3 passthrough=yesadd action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out1_conn passthrough=yesper-connection-classifier=both-addresses:3/0 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out2_conn passthrough=yesper-connection-classifier=both-addresses:3/1 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out3_conn passthrough=yesper-connection-classifier=both-addresses:3/2 src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out1_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out1 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out2_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out2 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out3 passthrough=yes src-address=内网网断/内网子网掩码/ip routeadd comment=1 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out1 routing-mark=to_pppoe-out1 check-gateway=pingadd comment=2 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out2 routing-mark=to_pppoe-out2 check-gateway=ping add comment=3 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out3 routing-mark=to_pppoe-out3 check-gateway=ping add check-gateway=ping comment="pppoe-out1" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment="pppoe-out2" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out2add check-gateway=ping comment="pppoe-out3" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out3/ip firewall natadd action=masquerade chain=srcnat comment="1" disabled=noout-interface=pppoe-out1add action=masquerade chain=srcnat comment="2" disabled=noout-interface=pppoe-out2add action=masquerade chain=srcnat comment="3" disabled=noout-interface=pppoe-out3Ros 3.30 PCC四线负载均衡脚本脚本如下/ip address add address=内网网关IP/内网子网掩码interface=内网网卡名称comment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38"/ip dns set primary-dns=首选DNS secondary-dns=备用DNSallow-remote-requests=yes/interface pppoe-client add name="pppoe-out1" interface=外网网卡1名称user="PPPoE帐号1" password="密码1" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out2" interface=外网网卡2名称user="PPPoE帐号2" password="密码2" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out3" interface=外网网卡3名称user="PPPoE帐号3" password="密码3" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out4" interface=外网网卡4名称user="PPPoE帐号4" password="密码4" add-default-route=no disabled=no/ip firewall mangleadd action=change-mss chain=forwardcomment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38" disabled=nonew-mss=1440 protocol=tcp tcp-flags=synadd action=mark-connection chain=input comment="" disabled=no in-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=no in-interface=pppoe-out2 new-connection-mark=pppoe-out2_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=no in-interface=pppoe-out3 new-connection-mark=pppoe-out3_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=no in-interface=pppoe-out4 new-connection-mark=pppoe-out4_conn passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out1_conn disabled=nonew-routing-mark=to_pppoe-out1 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out2_conn disabled=nonew-routing-mark=to_pppoe-out2 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out3_conn disabled=nonew-routing-mark=to_pppoe-out3 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out4_conn disabled=nonew-routing-mark=to_pppoe-out4 passthrough=yesadd action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out1_conn passthrough=yesper-connection-classifier=both-addresses:4/0 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out2_conn passthrough=yesper-connection-classifier=both-addresses:4/1 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out3_conn passthrough=yesper-connection-classifier=both-addresses:4/2 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out4_conn passthrough=yesper-connection-classifier=both-addresses:4/3 src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out1_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out1 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out2_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out2 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out3 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out4 passthrough=yes src-address=内网网断/内网子网掩码/ip routeadd comment=1 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out1 routing-mark=to_pppoe-out1 check-gateway=pingadd comment=2 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out2 routing-mark=to_pppoe-out2 check-gateway=pingadd comment=3 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out3 routing-mark=to_pppoe-out3 check-gateway=pingadd comment=4 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out4 routing-mark=to_pppoe-out4 check-gateway=pingadd check-gateway=ping comment="pppoe-out1" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment="pppoe-out2" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out2add check-gateway=ping comment="pppoe-out3" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out3add check-gateway=ping comment="pppoe-out4" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out4/ip firewall natadd action=masquerade chain=srcnat comment="1" disabled=noout-interface=pppoe-out1add action=masquerade chain=srcnat comment="2" disabled=noout-interface=pppoe-out2add action=masquerade chain=srcnat comment="3" disabled=noout-interface=pppoe-out3add action=masquerade chain=srcnat comment="4" disabled=noout-interface=pppoe-out4Ros 3.30 PCC五线负载均衡脚本脚本如下/ip address add address=内网网关IP/内网子网掩码interface=内网网卡名称comment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38"/ip dns set primary-dns=首选DNS secondary-dns=备用DNSallow-remote-requests=yes/interface pppoe-client add name="pppoe-out1" interface=外网网卡1名称user="PPPoE帐号1" password="密码1" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out2" interface=外网网卡2名称user="PPPoE帐号2" password="密码2" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out3" interface=外网网卡3名称user="PPPoE帐号3" password="密码3" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out4" interface=外网网卡4名称user="PPPoE帐号4" password="密码4" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out5" interface=外网网卡5名称user="PPPoE帐号5" password="密码5" add-default-route=no disabled=no/ip firewall mangleadd action=change-mss chain=forwardcomment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38" disabled=no new-mss=1440 protocol=tcp tcp-flags=synadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out2 new-connection-mark=pppoe-out2_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out3 new-connection-mark=pppoe-out3_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out4 new-connection-mark=pppoe-out4_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out5 new-connection-mark=pppoe-out5_conn passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out1_conn disabled=nonew-routing-mark=to_pppoe-out1 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out2_conn disabled=nonew-routing-mark=to_pppoe-out2 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out3_conn disabled=nonew-routing-mark=to_pppoe-out3 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out4_conn disabled=nonew-routing-mark=to_pppoe-out4 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out5_conn disabled=nonew-routing-mark=to_pppoe-out5 passthrough=yesadd action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out1_conn passthrough=yesper-connection-classifier=both-addresses:5/0 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out2_conn passthrough=yesper-connection-classifier=both-addresses:5/1 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out3_conn passthrough=yesper-connection-classifier=both-addresses:5/2 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out4_conn passthrough=yesper-connection-classifier=both-addresses:5/3 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out5_conn passthrough=yesper-connection-classifier=both-addresses:5/4 src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out1_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out1 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out2_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out2 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out3 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out4 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out5 passthrough=yes src-address=内网网断/内网子网掩码/ip routeadd comment=1 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out1 routing-mark=to_pppoe-out1 check-gateway=pingadd comment=2 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out2 routing-mark=to_pppoe-out2 check-gateway=pingadd comment=3 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out3 routing-mark=to_pppoe-out3 check-gateway=pingadd comment=4 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out4 routing-mark=to_pppoe-out4 check-gateway=pingadd comment=5 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out5 routing-mark=to_pppoe-out5 check-gateway=pingadd check-gateway=ping comment="pppoe-out1" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment="pppoe-out2" disabled=no distance=10dst-address=0.0.0.0/0 gateway=pppoe-out2add check-gateway=ping comment="pppoe-out3" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out3add check-gateway=ping comment="pppoe-out4" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out4add check-gateway=ping comment="pppoe-out5" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out5/ip firewall natadd action=masquerade chain=srcnat comment="1" disabled=noout-interface=pppoe-out1add action=masquerade chain=srcnat comment="2" disabled=noout-interface=pppoe-out2add action=masquerade chain=srcnat comment="3" disabled=noout-interface=pppoe-out3add action=masquerade chain=srcnat comment="4" disabled=noout-interface=pppoe-out4add action=masquerade chain=srcnat comment="5" disabled=noout-interface=pppoe-out5。

ROS_PCC负载均衡案例

ROS_PCC负载均衡案例

ROS_PCC负载均衡案例40条线路PCC负载均衡RouterOS支持多线路的负载均衡,某小区为了节约费用,采用40条2M带宽的AD通过做汇聚实现高带宽的小区带宽,为解决接口问题采用一台Cisco的48口的交换机做VLAN接入40条AD,让后通过VLAN 连接到RouterOS进行拨号,再做PCC负载均衡,网络拓扑图如下:外网接入的方法是在交换机和RouterOS路由器上划分VLAN,然后在ROS对应的VLAN上做PPPoE-CLIENT。

1、首先划分VLAN(我们这里是从2开始排序的),脚本如下:[admin@MikroTik] > :for i from=2 to=41 do= {interface vlan add name=("vlan".$i) vlan-id=$i interface=ether2-wan }2、然后添加PPPOE拨号(先添加拨号再手动输入每个AD的帐号和密码,40条AD设置还是要花点时间了),脚本如下:[admin@MikroTik] > :for i from=2 to=41 do= {interface pppoe-client add name=("pppoe-out".$i) user=$i password=$i interface=("vlan".$i)}3、我们这里采用PCC的负载均衡,在ip firewall mangle里添加相应的PCC规则,通过一些脚本添加PCC的规则,注意:如果PPPoE 客户端拨号没有成功,那么添加的规则则为红色的,拨号成功后自动正常[admin@MikroTik] > :for i from=2 to=41 do={/ip firewall mangle add chain=inputaction=mark-connection new-connection-mark=conn1 in-interface=("pppoe-out".$i)}4.然后标记路由让从哪个接口进来的数据就从哪个接口出去:[admin@MikroTik] > :for i from=2 to=41 do= {ip firewall mangle add chain=output connection-mark=("conn".$i) action=mark-routing new-routing-mark=("rout".$i)} [admin@MikroTik] >5.然后将所有内网出来的数据通过pcc的both-addresses分成40分并标记连接和路由:[admin@MikroTik] > :for i from=2 to=41 do= {/ip firewall mangle add chain=preroutingsrc-address-list=lan-add action=mark-connection new-connection-mark=("conn".$i)per-connection-classifier=("both-addresses:40/".$i) comment=$i{... /ip firewall mangle add chain=prerouting src-address-list=lan-add action=mark-routingnew-routing-mark=("rout".($i-2)) connection-mark=("conn".$i)}6.为每个路由标记添加路由并添加pppoe-out41为默认路由:[admin@MikroTik] > :for i from=2 to=41 do= {ip route add dst-address=0.0.0.0/0 gateway=("pppoe-out".$i) routing-mark=("rout".$i)}[admin@MikroTik] >ip routed add dst-address=0.0.0.0/0 gateway=pppoe-out417.最后做NAT伪装,一般最好是对每个出口进行伪装:[admin@MikroTik] > ip firewall nat add chain=srcnat action=masquerade。

ROS配置脚本

ROS配置脚本

ROS 配置脚本1口的IP 地址为192.168.0.2 2口的IP 地址为192.168.0.693口的IP 地址为192.168.3.1 4口的IP 地址为192.168.3.2PC1-PC2的IP 地址处于192.168.3.0/24的网段Pc3-pc4的IP 地址处于192.168.4.0/24的网段ROS1是PPPOE 服务器 ROS2是PPPOE 客户端 ROS3是通过ROS2拨号使得与其连接的客户机能正常上网负载均衡:三线ADSL 叠加实现负载均衡NTH--匹配特定的第N 次收到的数据包的规则Every--匹配每every 个数据包Packet---匹配给定的数据数ROS2的配置如下:/interface ethernetset 0 arp=enabled auto-negotiation=yes cable-settings=default comment="" \disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:0C:29:71:AE:6E mtu=1500 name=lan1 speed=100Mbpsset 1 arp=enabled auto-negotiation=yes cable-settings=default comment="" \disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:0C:29:71:AE:78 mtu=1500 name=wan1 speed=100Mbpsset 2 arp=enabled auto-negotiation=yes cable-settings=default comment="" \disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:0C:29:71:AE:82 mtu=1500 name=wan2 speed=100Mbpsset 3 arp=enabled auto-negotiation=yes cable-settings=default comment="" \disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:0C:29:71:AE:8C mtu=1500 name=wan3 speed=100Mbps 1 ROS1ROS2 ROS3 32 4 PC1 PC4 PC3 PC21、建立PPPOE拨号/interface pppoe-clientadd ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 comment=\ "" dial-on-demand=no disabled=no interface=wan1 max-mru=1480 max-mtu=1480 \mrru=disabled name=pppoe-out1 password=adsl1 profile=default \service-name="" use-peer-dns=yes user=adsl1add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 comment=\ "" dial-on-demand=no disabled=no interface=wan2 max-mru=1480 max-mtu=1480 \mrru=disabled name=pppoe-out2 password=adsl2 profile=default \service-name="" use-peer-dns=yes user=adsl2add ac-name="" add-default-route=yes allow=pap,chap,mschap1,mschap2 comment=\ "" dial-on-demand=no disabled=no interface=wan3 max-mru=1480 max-mtu=1480 \mrru=disabled name=pppoe-out3 password=test profile=default service-name=\"" use-peer-dns=yes user=test2、Mangle标记/ip firewall mangleadd action=change-mss chain=forward comment="chage mss" disabled=no new-mss=\ 1440 protocol=tcp tcp-flags=synadd action=mark-connection chain=prerouting comment=nth-1 connection-state=\ new disabled=no new-connection-mark=adsl-nth-1 nth=3,1 passthrough=yes \src-address=192.168.3.0/24add action=mark-routing chain=prerouting comment="" connection-mark=\adsl-nth-1 disabled=no new-routing-mark=rout-1 passthrough=yes \src-address=192.168.3.0/24add action=mark-connection chain=prerouting comment=nth-2 connection-state=\ new disabled=no new-connection-mark=adsl-nth-2 nth=3,2 passthrough=yes \src-address=192.168.3.0/24add action=mark-routing chain=prerouting comment="" connection-mark=\adsl-nth-2 disabled=no new-routing-mark=rout-2 nth=3,2 passthrough=yes \src-address=192.168.3.0/24add action=mark-connection chain=prerouting comment=nth-3 connection-state=\ new disabled=no new-connection-mark=adsl-nth-3 nth=3,3 passthrough=yes \src-address=192.168.3.0/24add action=mark-routing chain=prerouting comment="" connection-mark=\adsl-nth-3 disabled=no new-routing-mark=rout-3 passthrough=yes \src-address=192.168.3.0/243、NAT伪装,同时做路由标记/ip firewall natadd action=masquerade chain=srcnat comment="" disabled=no out-interface=\ pppoe-out1 routing-mark=rout-1add action=masquerade chain=srcnat comment="" disabled=no out-interface=\pppoe-out2 routing-mark=rout-2add action=masquerade chain=srcnat comment="" disabled=no out-interface=\ pppoe-out3 routing-mark=rout-3add action=masquerade chain=srcnat comment="" disabled=yes out-interface=\ pppoe-out1 src-address=192.168.40.0/24add action=masquerade chain=srcnat comment="" disabled=yes out-interface=\ pppoe-out2 src-address=192.168.40.0/24add action=masquerade chain=srcnat comment="" disabled=yes out-interface=\ pppoe-out3 src-address=192.168.40.0/244、设置路由/ip routeadd check-gateway=ping comment="" disabled=no distance=1 dst-address=\0.0.0.0/0 gateway=pppoe-out1 routing-mark=rout-1 scope=30 target-scope=10 add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\ pppoe-out2 routing-mark=rout-2 scope=30 target-scope=10add check-gateway=ping comment="" disabled=no distance=1 dst-address=\0.0.0.0/0 gateway=pppoe-out3 routing-mark=rout-3 scope=30 target-scope=10 add comment="" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=\ pppoe-out1 scope=30 target-scope=10add comment="" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=\ pppoe-out3 scope=30 target-scope=10add comment="" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=\ pppoe-out2 scope=30 target-scope=10add comment="" disabled=no distance=1 dst-address=192.168.40.0/24 gateway=\ lan1 scope=30 target-scope=10简单队列限速/queue simpleadd burst-limit=0/1M burst-threshold=0/800k burst-time=0s/10s comment="" \ direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=\0/256k max-limit=0/512k name=queue1 parent=none priority=8 queue=\default-small/default-small target-addresses=192.168.3.30/32 time=\0s-1d,sun,mon,tue,wed,thu,fri,sat total-queue=default-small add burst-limit=0/1M burst-threshold=0/900k burst-time=0s/10s comment="" \ direction=both disabled=yes dst-address=0.0.0.0/0 interface=all limit-at=\0/0 max-limit=256k/512k name=ROS parent=none priority=8 queue=\default-small/default-small target-addresses=192.168.40.0/24 total-queue=\default-smallPCQ限速限制上传512K,下载800K/ip firewall mangleadd chain=prerouting src-address=192.168.3.0/24 action=mark-packet new-packet-mark=/ upload passthrough=noadd chain=prerouting dst-address=192.168.3.0/24 action=mark-packet new-packet-mark=/ download passthrough=no/queue typeadd name="download" kind=pcq pcq-rate=800000 pcq-classifier=dst-addressadd name="upload" kind=pcq pcq-rate=512000 pcq-classifier=src-address/queue treeadd parent=global-out queue=download packet-mark=downloadadd parent=global-in queue=upload packet-mark=upload接入控制,添加防火墙规则,封杀PPS/ip firewall filteradd action=drop chain=forward comment="\B7\E2PPS" disabled=no dst-port=17788 \ protocol=udp src-address=192.168.3.30add action=drop chain=forward comment="" disabled=no dst-port=8400 protocol=\ udp src-address=192.168.3.8ROS3脚本配置配置Ip地址/ ip addressadd address=192.168.3.20/24 network=192.168.3.0 broadcast=192.168.3.255 \ interface=wan comment="" disabled=noadd address=192.168.40.1/24 network=192.168.40.0 broadcast=192.168.40.255 \ interface=lan comment="" disabled=noadd address=11.11.11.2/24 network=11.11.11.0 broadcast=11.11.11.255 \interface=vlan11 comment="" disabled=no设置路由及防火墙规则/ ip routeadd dst-address=192.168.0.0/16 gateway=192.168.3.1 check-gateway=ping \ scope=255 target-scope=10 comment="" disabled=yesadd dst-address=0.0.0.0/0 gateway=192.168.3.1 scope=255 target-scope=10 \ comment="" disabled=no/ ip firewall natadd chain=srcnat out-interface=wan action=masquerade comment="" disabled=no对其连接的电脑进行限速/queue simpleadd burst-limit=0/1M burst-threshold=0/800k burst-time=0s/10s comment="" \ direction=both disabled=no dst-address=0.0.0.0/0 interface=all limit-at=\0/256k max-limit=0/512k name=queue1 parent=none priority=8 queue=\default-small/default-small target-addresses=192.168.4.30/32 time=\0s-1d,sun,mon,tue,wed,thu,fri,sat total-queue=default-small接入控制,添加防火墙规则,封杀PPS/ip firewall filteradd action=drop chain=forward comment="\B7\E2PPS" disabled=no dst-port=17788 \ protocol=udp src-address=192.168.40.30add action=drop chain=forward comment="" disabled=no dst-port=8400 protocol=\ udp src-address=192.168.40.30。

ROS多线负载均衡

ROS多线负载均衡

ROS2.9多线叠加核心提示:如今ROS在网吧当中的应用普及程度非常高,原因就是用这软件做个路由太便宜了,我曾经在心里盘算过,如果还能找到全新P3的主板和CPU,那么配一台全新超稳定的路由仅需硬件成本300元之内,而加上普遍应用的多条ADSL叠加后总成本不过1千元之内,而这仅1千元的成本却能让一家小型网吧拥有10M以上的宽带网络,网费却只有光纤的1/4左右。

我想,就是凭着在各方面都能省的特点,软路由风靡中国网吧行业是理所应当的事。

曾经有一个在县城里开了一家70台机器网吧的朋友问过我,他说:“现在我们县城拉一条4M光纤每月要交2千以上,现在我们这ADSL拉一条100多元,你能不能帮我做一个8条ADSL叠加的方法啊,这样算来每条ADSL有2M左右的下行和512K上行,8条加起来就有十几M下载和4M的上传,应该足够我的网吧用了,而且这样每个月费用才1千元以内,如果能做就太适合网吧了。

”听了朋友说完,我发现已经有很多人在开发这种自制的8WAN口软件路由器了。

当然,如果做到8条线叠加不太容易,因为一般很少有主板能插8块网卡的,但是5-6条线应该问题不大。

以下我将以实例操作为大家详解如何在ROS2.9版本当中配置多线软路由,也许城市当中的大型网吧根本用不到这些技术,但在一些乡镇当中,尤其是网管朋友自己回家开一间小网吧却用处很大,而且目前这种技术还是很值钱的,听说找人做一台这样的路由器单软件成本就要1千以上,以下以双线为例,配置整体过程然后再解释其中道理,自然就可以实现“多线均衡负载”这种路由技术了。

另外讲一些题外话,目前配置多WAN软路由很流行,学会了这个可以算得上一门手艺,到哪都有饭吃了。

第一步设置PPPOE拔号:外网(WAN1WAN2)两个网卡添加pppoe client第一个命名为ADSL1 并且加上拔号的用户名和密码,第二条命名为ADSL2 同时加上拔号的用户名和密码,这里要注意把Add Default Route 去掉. 如图,就是填好ADSL账号和密码,如下图:以下是用命令行配置ADSL帐号和密码的过程,相对来说比较易懂:#设置ADSL拔号/ interface pppoe-client add name="pppoe-out1" interface=wan1 user="ADSL账号" password="ADSL密码" add-default-route=no disabled=no/ interface pppoe-client enable pppoe-out1/ interface pppoe-client add name="pppoe-out2" interface=wan2 user="ADSL账号" password="ADSL密码" add-default-route=no disabled=no/ interface pppoe-client enable pppoe-out2第二步标记连接和路由:配置MANGLE来实现为每个数据包做标记,并配置相应的路由信息,这里的路由信息指的就是“池”,然后在后面的路由表当中实现将“池”中的包分配到相应的线路当中。

ros PCC负载均衡

ros PCC负载均衡

ROS PCC负载均衡一:标记PCC和路由:/ip firewall mangle add chain=forward tcp-flags=syn action=change-mss new-mss=1440 comment="Change MSS"/ip firewall mangle add chain=prerouting in-interface=lan dst-address-type=!local per-connection-classifier=both-addresses:5/0 action=mark-connection new-connection-mark=pcc_1 passthrough=yes comment=PCC_1/ip firewall mangle add chain=prerouting in-interface=lan connection-mark=pcc_1 action=mark-routing new-routing-mark=pcc_route_1 passthrough=no/ip firewall mangle add chain=prerouting in-interface=lan dst-address-type=!local per-connection-classifier=both-addresses:5/1 action=mark-connection new-connection-mark=pcc_1 passthrough=yes comment=PCC_2/ip firewall mangle add chain=prerouting in-interface=lan connection-mark=pcc_1 action=mark-routing new-routing-mark=pcc_route_2 passthrough=no/ip firewall mangle add chain=prerouting in-interface=lan dst-address-type=!local per-connection-classifier=both-addresses:5/2 action=mark-connection new-connection-mark=pcc_1 passthrough=yes comment=PCC_3/ip firewall mangle add chain=prerouting in-interface=lan connection-mark=pcc_1 action=mark-routing new-routing-mark=pcc_route_3 passthrough=no/ip firewall mangle add chain=prerouting in-interface=lan dst-address-type=!local per-connection-classifier=both-addresses:5/3 action=mark-connection new-connection-mark=pcc_1 passthrough=yes comment=PCC_4/ip firewall mangle add chain=prerouting in-interface=lan connection-mark=pcc_1 action=mark-routing new-routing-mark=pcc_route_4 passthrough=no/ip firewall mangle add chain=prerouting in-interface=lan dst-address-type=!local per-connection-classifier=both-addresses:5/4 action=mark-connection new-connection-mark=pcc_1 passthrough=yes comment=PCC_5/ip firewall mangle add chain=prerouting in-interface=lan connection-mark=pcc_1 action=mark-routing new-routing-mark=pcc_route_5 passthrough=no注:在标记PCC时将“in-interface=lan”取消并换成“src-address=网段”效果好像比较好。

ROS对接VLAN交换机多线设置,可用于多线拔号,里面超多脚本

ROS对接VLAN交换机多线设置,可用于多线拔号,里面超多脚本

ROS对接VLAN交换机多线设置,可用于多线拔号,里面超多脚本# oct/16/2011 08:49:03 by RouterOS 3.30# software id = 4NFS-WNWC##我的QQ307237303#以下为网卡设置/interface ethernetset 0 arp=enabled auto-negotiation=yes cable-settings=default comment="" \ disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:07:E9:0E:A3:1C mtu=1500 name=LAN speed=100Mbps set 1 arp=enabled auto-negotiation=yes cable-settings=default comment="" \ disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:10:DC:D4:6D:18 mtu=1500 name=W AN_KONG speed=100Mbpsset 2 arp=enabled auto-negotiation=yes cable-settings=default comment="" \ disable-running-check=yes disabled=no full-duplex=yes mac-address=\00:07:E9:0E:A3:0A mtu=1500 name=W AN speed=100Mbps /interface bridgeadd admin-mac=00:90:27:74:FF:A3 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s \ mtu=1500 name=bridge2 priority=0x8000 protocol-mode=none \ transmit-hold-count=6add admin-mac=00:90:27:74:FF:A4 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=no forward-name=bridge3 priority=0x8000 protocol-mode=none \ transmit-hold-count=6add admin-mac=00:90:27:74:FF:A5 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s \ mtu=1500 name=bridge5 priority=0x8000 protocol-mode=none \ transmit-hold-count=6add admin-mac=00:90:27:74:FF:A6 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=yes forward-delay=15s max-message-age=20s mtu=1500 \ name=bridge6 priority=0x8000 protocol-mode=none transmit-hold-count=6add admin-mac=00:90:27:74:FF:A7 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=yes forward-delay=15s max-message-age=20s mtu=1500 \ name=bridge7 priority=0x8000 protocol-mode=none transmit-hold-count=6add admin-mac=00:90:27:74:FF:A8 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=yes forward-delay=15s max-message-age=20s mtu=1500 \ name=bridge8 priority=0x8000 protocol-mode=none transmit-hold-count=6add admin-mac=00:91:27:74:FF:A5 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s \ mtu=1500 name=bridge4 priority=0x8000 protocol-mode=none \ transmit-hold-count=6add admin-mac=00:90:27:74:FF:A2 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=no forward-name=bridge1 priority=0x8000 protocol-mode=none \ transmit-hold-count=6add admin-mac=00:90:27:74:FF:A9 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=yes forward-delay=15s max-message-age=20s mtu=1500 \ name=bridge9 priority=0x8000 protocol-mode=none transmit-hold-count=6add admin-mac=00:90:27:74:F1:A9 ageing-time=5m arp=enabled auto-mac=no \ comment="" disabled=no forward-delay=15s l2mtu=65535 max-message-age=20s \ mtu=1500 name=bridge10 priority=0x8000 protocol-mode=none \ transmit-hold-count=6#以下为VLAN设置/interface vlanadd arp=enabled comment="" disabled=no interface=W AN mtu=1500 name=vlan2 \ use-service-tag=no vlan-id=2 add arp=enabled comment="" disabled=no interface=W AN mtu=1500 name=vlan3 \ use-service-tag=no vlan-id=3 add arp=enabled comment="" disabled=no interface=W AN mtu=1500 name=vlan5 \ use-service-tag=no vlan-id=5 add arp=enabled comment="" disabled=yes interface=W AN mtu=1500 name=vlan6 \ use-service-tag=no vlan-id=6 add arp=enabled comment="" disabled=yes interface=W AN mtu=1500 name=vlan7 \ use-service-tag=no vlan-id=7 add arp=enabled comment="" disabled=yes interface=W AN mtu=1500 name=vlan8 \ use-service-tag=no vlan-id=8 add arp=enabled comment="" disabled=no interface=W AN mtu=1500 name=vlan1 \ use-service-tag=no vlan-id=1 add arp=enabled comment="" disabled=yes interface=WAN mtu=1500 name=vlan9 \ use-service-tag=no vlan-id=9 add arp=enabled comment="\BD\D3AD1" disabled=no interface=W AN mtu=1500 name=\ vlan10 use-service-tag=no vlan-id=10add arp=enabled comment="" disabled=no interface=W AN mtu=1500 name=vlan4 \ use-service-tag=no vlan-id=4 #以下为ROS默认设置/interface wireless security-profilesset default authentication-types="" eap-methods=passthrough group-ciphers="" \ group-key-update=5m interim-update=0s mode=none name=default \ radius-eap-accounting=no radius-mac-accounting=no \radius-mac-authentication=no radius-mac-caching=disabled \radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \static-sta-private-algo=none static-sta-private-key="" \static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=\none tls-mode=no-certificates unicast-ciphers="" wpa-pre-shared-key="" \wpa2-pre-shared-key=""#以下为L7脚本设置/ip firewall layer7-protocoladd comment="" name=Kugoo regexp=\"^(\\x64.....\\x70....\\x50\\x37|\\x65.+)\r\\n"add comment="" name="Kugou 2010" regexp=\"^(\\x31..\\x8e|\\x64.+\\x74\\x47\\x50\\x37)"add comment="" name=File regexp=\"^.*get.+(\\.iso|\\.exe|\\.zip|\\.rar|\\.7z|\\.gho|\\.mp4|\\.mp3). *\$"add comment="" name=Swf regexp="^.*(post|POST|get|GET).+\\.swf.+\\http"add comment="" name=Tudou regexp=\"^.*(post|POST|get|GET).+\\tudouui.+\\.swf.+\\http"add comment="" name=Youku regexp="^get.+\\/youku.+\\qplayer.swf"add comment="" name=PPS regexp="^.\?.\?\\c.+\\c"add comment="" name=Ku6 regexp="^get.+\\f4v.+\\ku6"add comment="" name=Qiyi regexp="^get.+\\qiyi.+\\swf"add comment="" name=QQsp regexp=\"(^\\x03.\?\\xE1\\x8D|^\\x02\\x02|^\\x04\\x1E)"add comment="" name=QQMusic regexp=\"(^\\xFE.\?.\?.\?.\?\\xCF|^get.+\\qqmusic.\?\\qq.+\\qqmusic )"add comment="" name=Vod_f4v regexp="^.*get.+\\.f4v.*\$"add comment="" name=WebTV regexp="^.*get.+\\.(f4v|flv).*\$"add comment="" name=Vod_mp3 regexp="\"^.*get.+\\\\.mp3.*\\\$\""add comment="" name=QQLive regexp="(^get.+\\video.\?\\qq.+\\flv|^\\xFE.\?.\?.\\?.\?\\xD3|^get.+\\video.\?\\qq.+\\mp4)"add comment="" name=PPLiveregexp="(\\x06\\x02\\xA8\\xC0\\xB1\\x13|\\xA8\\x02\\\x06\\x19\\x1A\\x5F\\x1B\\x6F\\xAE\\xE1|^get.+\\mp4.\?\\key. +\\pplive)"add comment="" name=Kugou regexp=\"(^post.+\\x0D\\x0A\\x0D\\x0A|^http.+\\x0D\\x0A\\x0D\\x 0A|^e)"add comment="" name=edonkey regexp="^[\C5\D4\E3-\E5].\?.\?.\?.\?([\01\02\05\14\\15\16\18\19\1A\1B\1C !234568@ABCFGHIJKLMNOPQRSTUVW X[`\81\82\90\91\93\96\\97\98\99\9A\9B\9C\9E\A0\A1\A2\A3\A4]|Y................\?[ -~]|\96....\$)"add comment="" name=goboogy regexp="|^get /getfilebyhash\\.cgi\\\?|^\ get /queue_register\\.cgi\\\?|^get /getupdowninfo\\.cgi\\\?"add comment="" name=soribada regexp="^GETMP3\r\\nFilename|^\01.\?.\?.\?(Q:\\+|Q2:)|^\10[\14-\16]\10[\15-\17].\?.\?.\?.\?\\$"add comment="" name=rdp regexp=rdpdr.*cliprdr.*rdpsnd add comment="" name=gnutella regexp="^(gnd[\01\02]\?.\?.\?\01|gnutella connect\ /[012]\\.[0-9]\r\\n|get /uri-res/n2r\\\?urn:sha1:|get /.*user-agent: (gtk-gnutella|bearshar\e|mactella|gnucleus|gnotella|limewire|imesh)|get /.*content-type: applicat\ion/x-gnutella-packets|giv [0-9]*:[0-9a-f]*/|queue [0-9a-f]* [1-9][0-9]\?[\0-9]\?\\.[1-9][0-9]\?[0-9]\?\\.[1-9][0-9]\?[0-9]\?\\.[1-9][0-9]\?[0-9]\?:[\1-9][0-9]\?[0-9]\?[0-9]\?|gnutella.*content-type: application/x-gnutella|.\..................\?lime)"add comment="" name=cvs regexp="^BEGIN (AUTH|VERIFICATION|GSSAPI) REQUEST\ \n"add comment="" name=nbns regexp="\01\10\01|\\)\10\01\01|0\10\01"add comment="" name=shoutcast regexp=\"icy [1-5][0-9][0-9] [\t-\r -~]*(content-type:audio|icy-)"add comment="" name=DNS regexp="^.\?.\?.\?.\?[\01\02].\?.\?.\?.\?.\?.\?[\01-\?\ ][a-z0-9][\01-\?a-z]*[\02-\06][a-z][a-z][fglmoprstuvz]\?[aeop]\?(um)\?[\01\-\10\1C][\01\03\04\FF]"add comment="" name=quake-halflife regexp="^\FF\FF\FF\FFget(info|challenge)"add comment="" name=poco regexp="^\80\94\\n\01....\1F\9E"add comment="" name=ciscovpn regexp="^\01\F4\01\F4"add comment="" name=x11 regexp="^[lb].\?\0B"add comment="" name=xboxlive regexp="^X\80........\F3|^\06XN"add comment="" name=applejuice regexp="^ajprot\r\\n"add comment="" name=zmaap regexp="^\1B\D7;H[\01\02]\01\?\01"add comment="" name=live365 regexp=membername.*session.*playeradd comment="" name=rlogin regexp=\"^[a-z][a-z0-9][a-z0-9]+/[1-9][0-9]\?[0-9]\?[0-9]\?00"add comment="" name=http regexp="http/(0\\.9|1\\.0|1\\.1) [1-5][0-9][0-9] [\t-\ \r -~]*(connection:|content-type:|content-length:|date:)|post [\t-\r -~]* \http/[01]\\.[019]"add comment="" name=sip regexp=\"^(invite|register|cancel) sip[\t-\r -~]*sip/[0-2]\\.[0-9]"add comment="" name=pop3 regexp="^(\\+ok |-err )"add comment="" name=smb regexp="\FFsmb[r%]"add comment="" name=quake1 regexp="^\80\0C\01quake\03"add comment="" name=lpd regexp="^(\01[!-~]+|\02[!-~]+\\n.[\01\02\03][\01-\\n -~]*|[\03\04][!-~]+[\t-\r]+[a-z][\t-\r -~]*|\05[!-~]+[\t-\r]+([a-z][!-~\]*[\t-\r]+[1-9][0-9]\?[0-9]\?|root[\t-\r]+[!-~]+).*)\\n\$"add comment="" name=mute regexp=\"^(Public|AES)Key: [0-9a-f]*\\nEnd(Public|AES)Key\\n\$"add comment="" name=ssh regexp="^ssh-[12]\\.[0-9]"add comment="" name=jabber regexp=\"add comment="" name=bittorrent regexp="^(\13bittorrent protocol|azver\01\$|get\\_/scrape\\\?info_hash=)|d1:ad2:id20:|\08'7P\\)[RP]"add comment="" name=ncp regexp="^(dmdt.*\01.*(\"\"|\11\11|uu)|tncp.*33)"add comment="" name=tls regexp=\"^(.\?.\?\16\03.*\16\03|.\?.\?\01\03\01\?.*\0B)"add comment="" name=directconnect regexp="^(\\\$mynick |\\\$lock |\\\$key )"add comment="" name=netbios regexp="\81.\?.\?.[A-P][A-P][A-P][A-P][A-P][A-P][A\ -P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][\ A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P][A-P]\ [A-P][A-P][A-P][A-P]"add comment="" name=tftp regexp="^(\01|\02)[ -~]*(netascii|octet|mail)"add comment="" name=subspace regexp="^\01....\11\10........\01\$"add comment="" name=hotline regexp="^....................TRTPHOTL\01\02"add comment="" name=doom3 regexp="^\FF\FFchallenge"add comment="" name=ftp regexp="^220[\t-\r -~]*ftp"add comment="" name=kugoo regexp="^1..\8E"add comment="" name=tsp regexp=\"^[\01-\13\16-\$]\01.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?[ -~]+"add comment="" name=battlefield1942 regexp="^\01\11\10\\|\F8\02\10@\06"add comment="" name=ssdp regexp="^notify[\t-\r ]\\*[\t-\r ]http/1\\.1[\t-\r -~\ ]*ssdp:(alive|byebye)|^m-search[\t-\r ]\\*[\t-\r ]http/1\\.1[\t-\r -~]*ssd\p:discover"add comment="" name=imap regexp="^(\\* ok|a[0-9]+ noop)"add comment="" name=ares regexp="^\03[]Z].\?.\?\05\$"add comment="" name=fasttrack regexp="^get(/.download/[ -~]*|/.supernode[ -~]\ |/.status[ -~]|/.network[ -~]*|/.files|/.hash=[0-9a-f]*/[ -~]*) http/1.1|u\ser-agent: kazaa|x-kazaa(-username|-network|-ip|-supernodeip|-xferid|-xfer\uid|tag)|^give [0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]\?[0-9]\?[0-9]\?"add comment="" name=qq regexp="^.\?\02.+\03\$"add comment="" name=100bao regexp="^\01\01\05\\n"add comment="" name=aim regexp=\"^(\\*[\01\02].*\03\0B|\\*\01.\?.\?.\?.\?\01)|flapon|toc_signo n.*0x"add comment="" name=unknown regexp=.add comment="" name=msn-filetransfer regexp=\"^(ver [ -~]*msnftp\r\\nver msnftp\r\\nusr|method msnmsgr:)"add comment="" name=yahoo regexp=\"^(ymsg|ypns|yhoo).\?.\?.\?.\?.\?.\?.\?[lwt].*\C0\80"add comment="" name=validcertssl regexp="^(.\?.\?\16\03.*\16\03|.\?.\?\01\03\\01\?.*\0B).*(thawte|equifax secure|rsa data security, inc|verisign, inc|g\te cybertrust root|entrust\\.net limited)"add comment="" name=ntp regexp="^([\13\1B#\D3\DB\E3]|[\14\1C\$].......\?.\?.\?\ .\?.\?.\?.\?. \?.\?[\C6-\FF])"add comment="" name=gnucleuslan regexp=\"gnuclear connect/[\t-\r -~]*user-agent: gnucleus [\t-\r -~]*lan:"add comment="" name=vnc regexp="^rfb 00[1-9]\\.00[0-9]\\n\$"add comment="" name=bgp regexp=\"^\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF\FF..\?\01[\ 03\04]"add comment="" name=tesla regexp="\03\9A\89\"111\\.00 Beta |\E2<="" add="" bdsfid="238" comment="" name="openft" p="" regexp="x-openftalias: [-)(0-9a-z ~.]"> add comment="" name=h323 regexp=\"^\03..\?\08...\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?\05"add comment="" name=finger regexp=\"^[a-z][a-z0-9\\-_]+|login: [\t-\r -~]* name: [\t-\r -~]* Directory:"add comment="" name=ident regexp="^[1-9][0-9]\?[0-9]\?[0-9]\?[0-9]\?[\t-\r]*,[\ \t-\r]*[1-9][0-9]\?[0-9]\?[0-9]\?[0-9]\?(\r\\n|[\r\\n])\?\$"add comment="" name=gkrellm regexp="^gkrellm [23].[0-9].[0-9]\\n\$"add comment="" name=hddtemp regexp=\"^\\|/dev/[a-z][a-z][a-z]\\|[0-9a-z]*\\|[0-9][0-9]\\|[cfk]\\|"add comment="" name=socks regexp="\05[\01-\08]*\05[\01-\08]\?.*\05[\01-\03][\ \01\03].*\05[\01-\08]\?[\01\03]"add comment="" name=biff regexp="^[a-z][a-z0-9]+@[1-9][0-9]+\$"add comment="" name=dhcpregexp="^[\01\02][\01- ]\06.*c\82sc"add comment="" name=smtp regexp="^220[\t-\r -~]* (e\?smtp|simple mail)"add comment="" name=ipp regexp=ipp://add comment="" name=msnmessenger regexp="ver [0-9]+ msnp[1-9][0-9]\? [\t-\r -~\ ]*cvr0\r\\n\$|usr 1 [!-~]+ [0-9. ]+\r\\n\$|ans 1 [!-~]+ [0-9. ]+\r\\n\$"add comment="" name=irc regexp="^(nick[\t-\r -~]*user[\t-\r -~]*:|user[\t-\r -\ ~]*:[\02-\r -~]*nick[\t-\r -~]*\r\\n)"add comment="" name=gopher regexp="^[\t-\r]*[1-9,+tgi][\t-\r -~]*\t[\t-\r -~]*\ \t[a-z0-9.]*\\.[a-z][a-z].\?.\?\t[1-9]"add comment="" name=telnet regexp="^\FF[\FB-\FE].\FF[\FB-\FE].\FF[\FB-\FE]"add comment="" name=snmp regexp="^\02\01\04.+([\A0-\A3]\02[\01-\04].\?.\?.\?.\\?\02\01.\?\02\01.\?0|\A4\06.+@\04.\?.\?.\?.\?\02\01.\?\02\01.\?C)"add comment="" name=nntp regexp=\"^(20[01][\t-\r -~]*AUTHINFO USER|20[01][\t-\r -~]*news)"add comment="" name=aimwebcontent regexp=user-agent:aim/add comment="" name=rtsp regexp="rtsp/1.0 200 ok"add comment="" name=skypeout regexp="^(\01.\?.\?.\?.\?.\?.\?.\?.\?\01|\02.\?.\\?.\?.\?.\?.\?.\?.\?\02|\03.\?.\?.\?.\?.\?.\?.\?.\?\03|\04.\?.\?.\?.\?.\?.\ \?.\?.\?\04|\05.\?.\?.\?.\?.\?.\?.\?.\?\05|\06.\?.\?.\?.\?.\?.\?.\?.\?\ 06|\\?.\\?.\?.\?.\?.\?\t|\\n.\?.\?.\?.\?.\?.\?.\?.\?\\n|\0B.\?.\?.\?.\?.\?.\?.\?.\?\0B|\0C.\?.\?.\?.\?.\?.\?.\?.\?\0C|\r.\? .\?.\\?.\?.\?.\?.\?.\?\r|\0E.\?.\?.\?.\?.\?.\?.\?.\?\0E|\0F.\?.\?.\?.\?.\?.\?. \\?.\?\0F|\10.\?.\?.\?.\?.\?.\?.\?.\?\10|\11.\?.\?.\?.\?.\?.\?.\?.\?\11 |\12\.\?.\?.\?.\?.\?.\?.\?.\?\12|\13.\?.\?.\?.\?.\?.\?.\?.\?\13|\14.\?.\?.\? .\?\.\?.\?.\?.\?\14|\15.\?.\?.\?.\?.\?.\?.\?.\?\15|\16.\?.\?.\?.\?.\?.\?.\? .\?\\16|\17.\?.\?.\?.\?.\?.\?.\?.\?\17|\18.\?.\?.\?.\?.\?.\?.\?.\?\18|\19 .\?.\\?.\?.\?.\?.\?.\?.\?\19|\1A.\?.\?.\?.\?.\?.\?.\?.\?\1A|\1B.\?.\?.\?.\? .\?.\\?.\?.\?\1B|\1C.\?.\?.\?.\?.\?.\?.\?.\?\1C|\1D.\?.\?.\?.\?.\?.\?.\?.\? \1D|\\1E.\?.\?.\?.\?.\?.\?.\?.\?\1E|\1F.\?.\?.\?.\?.\?.\?.\?.\?\1F| .\?.\?.\? .\\?.\?.\?.\?.\? |!.\?.\?.\?.\?.\?.\?.\?.\?!|\".\?.\?.\?.\?.\?.\?.\?.\?\"|#.\ \?.\?.\?.\?.\?.\?.\?.\?#|\\\$.\?.\?.\?.\?.\?.\?.\?.\?\\\$|%.\?.\?.\?.\?. \?\.\?.\?.\?%|&.\?.\?.\?.\?.\?.\?.\?.\?&|'.\?.\?.\?.\?.\?.\?.\?.\?'|\\(.\?.\ \.\?.\?.\?.\?.\?.\?\\(|\\).\?.\?.\?.\?.\?.\?.\?.\?\\)|\\*.\?.\?.\?.\?.\?.\?\ .\?.\?\\*|\\+.\?.\?.\?.\?.\?.\?.\?.\?\\+|,.\?.\?.\?.\?.\?.\?.\?.\?,|-.\?.\ \?.\?.\?.\?.\?.\?.\?-|\\..\?.\?.\?.\?.\?.\?.\?.\?\\.|/.\?.\?.\?.\?.\?.\?.\\.\?.\?.\?.\?2|3.\?.\?.\?.\?.\?.\?.\?.\?3|4.\?.\?.\?.\?.\?.\?.\?.\?4|5.\?. \\?.\?.\?.\?.\?.\?.\?5|6.\?.\?.\?.\?.\?.\?.\?.\?6|7.\?.\?.\?.\?.\?.\?.\?.\ \7|8.\?.\?.\?.\?.\?.\?.\?.\?8|9.\?.\?.\?.\?.\?.\?.\?.\?9|:.\?.\?.\?.\?.\?.\ \?.\?.\?:|;.\?.\?.\?.\?.\?.\?.\?.\?;|<.\?.\?.\?.\?.\?.\?.\?.\?<|=.\?.\?.\? \.\?.\?.\?.\?.\?=|>.\?.\?.\?.\?.\?.\?.\?.\?>|\\\?.\?.\?.\?.\?.\?.\?.\?.\? \\\\?|@.\?.\?.\?.\?.\?.\?.\?.\?@|A.\?.\?.\?.\?.\?.\?.\?.\?A|B.\?.\?.\?.\? .\?.\\?.\?.\?B|C.\?.\?.\?.\?.\?.\?.\?.\?C|D.\?.\?.\?.\?.\?.\?.\?.\?D|E.\?.\?. \?\.\?.\?.\?.\?.\?E|F.\?.\?.\?.\?.\?.\?.\?.\?F|G.\?.\?.\?.\?.\?.\?.\?.\?G|H .\\?.\?.\?.\?.\?.\?.\?.\?H|I.\?.\?.\?.\?.\?.\?.\?.\?I|J.\?.\?.\?.\?.\?.\?.\?\ .\?J|K.\?.\?.\?.\?.\?.\?.\?.\?K|L.\?.\?.\?.\?.\?.\?.\?.\?L|M.\?.\?.\?.\?. \\?.\?.\?.\?M|N.\?.\?.\?.\?.\?.\?.\?.\?N|O.\?.\?.\?.\?.\?.\?.\?.\?O|P.\ .\\.\?.\?.\?.\?.\?.\?P|Q.\?.\?.\?.\?.\?.\?.\?.\?Q|R.\?.\?.\?.\?.\?.\?.\?.\? R|\S.\?.\?.\?.\?.\?.\?.\?.\?S|T.\?.\?.\?.\?.\?.\?.\?.\?T|U.\?.\?.\?.\?.\?.\? .\\?.\?U|V.\?.\?.\?.\?.\?.\?.\?.\?V|W.\?.\?.\?.\?.\?.\?.\?.\?W|X.\?.\?.\ .\\.\?.\?.\?.\?X|Y.\?.\?.\?.\?.\?.\?.\?.\?Y|Z.\?.\?.\?.\?.\?.\?.\?.\?Z|\\[.\ \.\?.\?.\?.\?.\?.\?.\?\\[|\\].\?.\?.\?.\?.\?.\?.\?.\?\\]|\\].\?.\?.\?.\?.\?\ .\?.\?.\?\\]|\\^.\?.\?.\?.\?.\?.\?.\?.\?\\^|_.\?.\?.\?.\?.\?.\?.\?.\?_|`.\ \?.\?.\?.\?.\?.\?.\?.\?`|a.\?.\?.\?.\?.\?.\?.\?.\?a|b.\?.\?.\?.\?.\?.\?.\? \.\?b|c.\?.\?.\?.\?.\?.\?.\?.\?c|d.\?.\?.\?.\?.\?.\?.\?.\?d|e.\?.\?.\?.\?. \\?.\?.\?.\?e|f.\?.\?.\?.\?.\?.\?.\?.\?f|g.\?.\?.\?.\?.\?.\?.\?.\?g|h.\?.\? \.\?.\?.\?.\?.\?.\?h|i.\?.\?.\?.\?.\?.\?.\?.\?i|j.\?.\?.\?.\?.\?.\?.\?.\?j|\ k.\?.\?.\?.\?.\?.\?.\?.\?k|l.\?.\?.\?.\?.\?.\?.\?.\?l|m.\?.\?.\?.\?.\?.\?. \\?.\?m|n.\?.\?.\?.\?.\?.\?.\?.\?n|o.\?.\?.\?.\?.\?.\?.\?.\?o|p.\?.\?.\? .\?\.\?.\?.\?.\?p|q.\?.\?.\?.\?.\?.\?.\?.\?q|r.\?.\?.\?.\?.\?.\?.\?.\?r|s.\?.\ \?.\?.\?.\?.\?.\?.\?s|t.\?.\?.\?.\?.\?.\?.\?.\?t|u.\?.\?.\?.\?.\?.\?.\?.\?\ u|v.\?.\?.\?.\?.\?.\?.\?.\?v|w.\?.\?.\?.\?.\?.\?.\?.\?w|x.\?.\?.\?.\?.\?. \ \?.\?.\?x|y.\?.\?.\?.\?.\?.\?.\?.\?y|z.\?.\?.\?.\?.\?.\?.\?.\?z|\\{.\?.\?.\ \?.\?.\?.\?.\?.\?\\{|\\|.\?.\?.\?.\?.\?.\?.\?.\?\\||\\}.\?.\?.\?.\?.\?.\?.\ \?.\?\\}|~.\?.\?.\?.\?.\?.\?.\?.\?~|\7F.\?.\?.\?.\?.\?.\?.\?.\?\7F|\80. \?.\\?.\?.\?.\?.\?.\?.\?\80|\81.\?.\?.\?.\?.\?.\?.\?.\?\81|\82.\?.\?.\?.\?.\?.\ \?.\?.\?\82|\83.\?.\?.\?.\?.\?.\?.\?.\?\83|\84.\?.\?.\?.\?.\?.\?.\?.\?\84|\ \85.\?.\?.\?.\?.\?.\?.\?.\?\85|\86.\?.\?.\?.\?.\?.\?.\?.\?\86|\87.\?.\ .\\.\?.\?.\?.\?.\?\87|\88.\?.\?.\?.\?.\?.\?.\?.\?\88|\89.\?.\?.\?.\?.\?.\? .\?\.\?\89|\8A.\?.\?.\?.\?.\?.\?.\?.\?\8A|\8B.\?.\?.\?.\?.\?.\?.\?.\?\8B| \8C.\\?.\?.\?.\?.\?.\?.\?.\?\8C|\8D.\?.\?.\?.\?.\?.\?.\?.\?\8D|\8E.\?.\?.\?.\?.\ \?.\?.\?.\?\8E|\8F.\?.\?.\?.\?.\?.\?.\?.\?\8F|\90.\?.\?.\?.\?.\?.\?.\?.\?\.\?.\\?.\?.\?.\?.\?.\?.\?\93|\94.\?.\?.\?.\?.\?.\?.\?.\?\94|\95.\?.\?.\?.\?.\?.\ \?.\?.\?\95|\96.\?.\?.\?.\?.\?.\?.\?.\?\96|\97.\?.\?.\?.\?.\?.\?.\?.\?\97|\ \98.\?.\?.\?.\?.\?.\?.\?.\?\98|\99.\?.\?.\?.\?.\?.\?.\?.\?\99|\9A.\?.\ .\\.\?.\?.\?.\?.\?\9A|\9B.\?.\?.\?.\?.\?.\?.\?.\?\9B|\9C.\?.\?.\?.\?.\?.\ .\\.\?\9C|\9D.\?.\?.\?.\?.\?.\?.\?.\?\9D|\9E.\?.\?.\?.\?.\?.\?.\?.\?\9E| \9F.\\?.\?.\?.\?.\?.\?.\?.\?\9F|\A0.\?.\?.\?.\?.\?.\?.\?.\?\A0|\A1.\?.\?.\?.\?.\ \?.\?.\?.\?\A1|\A2.\?.\?.\?.\?.\?.\?.\?.\?\A2|\A3.\?.\?.\?.\?.\?.\?.\?.\?\ \A3|\A4.\?.\?.\?.\?.\?.\?.\?.\?\A4|\A5.\?.\?.\?.\?.\?.\?.\?.\?\A5|\A 6.\?.\\?.\?.\?.\?.\?.\?.\?\A6|\A7.\?.\?.\?.\?.\?.\?.\?.\?\A7|\A8.\?.\?.\?.\?.\?.\ \?.\?.\?\A8|\A9.\?.\?.\?.\?.\?.\?.\?.\?\A9|\AA.\?.\?.\?.\?.\?.\?.\?.\?\AA |\\AB.\?.\?.\?.\?.\?.\?.\?.\?\AB|\AC.\?.\?.\?.\?.\?.\?.\?.\?\AC|\AD.\?.\?.\ \ .\?.\?.\?.\?.\?\AD|\AE.\?.\?.\?.\?.\?.\?.\?.\?\AE|\AF.\?.\?.\?.\?.\?.\?. \?\ .\?\AF|\B0.\?.\?.\?.\?.\?.\?.\?.\?\B0|\B1.\?.\?.\?.\?.\?.\?.\?.\?\B1|\ B2.\\?.\?.\?.\?.\?.\?.\?.\?\B2|\B3.\?.\?.\?.\?.\?.\?.\?.\?\B3|\B4.\?.\?.\?.\?.\ \?.\?.\?.\?\B4|\B5.\?.\?.\?.\?.\?.\?.\?.\?\B5|\B6.\?.\?.\?.\?.\?.\?.\?.\?\ \B6|\B7.\?.\?.\?.\?.\?.\?.\?.\?\B7|\B8.\?.\?.\?.\?.\?.\?.\?.\?\B8|\B 9.\?.\\?.\?.\?.\?.\?.\?.\?\B9|\BA.\?.\?.\?.\?.\?.\?.\?.\?\BA|\BB.\?.\?.\?.\?.\?.\ \?.\?.\?\BB|\BC.\?.\?.\?.\?.\?.\?.\?.\?\BC|\BD.\?.\?.\?.\?.\?.\?.\?.\?\BD |\\BE.\?.\?.\?.\?.\?.\?.\?.\?\BE|\BF.\?.\?.\?.\?.\?.\?.\?.\?\BF|\C0.\?.\?.\?\ .\?.\?.\?.\?.\?\C0|\C1.\?.\?.\?.\?.\?.\?.\?.\?\C1|\C2.\?.\?.\?.\?.\?.\?.\?\\C5.\\?.\?.\?.\?.\?.\?.\?.\?\C5|\C6.\?.\?.\?.\?.\?.\?.\?.\?\C6|\C7.\?.\?.\?.\?.\ \?.\?.\?.\?\C7|\C8.\?.\?.\?.\?.\?.\?.\?.\?\C8|\C9.\?.\?.\?.\?.\?.\?.\?.\?\ \C9|\CA.\?.\?.\?.\?.\?.\?.\?.\?\CA|\CB.\?.\?.\?.\?.\?.\?.\?.\?\CB|\ CC.\?.\\?.\?.\?.\?.\?.\?.\?\CC|\CD.\?.\?.\?.\?.\?.\?.\?.\?\CD|\CE.\?.\?.\?.\?.\?.\ \?.\?.\?\CE|\CF.\?.\?.\?.\?.\?.\?.\?.\?\CF|\D0.\?.\?.\?.\?.\?.\?.\?.\?\D0| \\D1.\?.\?.\?.\?.\?.\?.\?.\?\D1|\D2.\?.\?.\?.\?.\?.\?.\?.\?\D2|\D3.\?.\?.\ \ .\.\.\.\.\\D3|\D4.\.\.\.\.\.\.\.\\D4|\D5.\.\.\.\.\.\. \?\.\?\D5|\D6.\?.\?.\?.\?.\?.\?.\?.\?\D6|\D7.\?.\?.\?.\?.\?.\?.\?.\?\D7 |\D8.\\?.\?.\?.\?.\?.\?.\?.\?\D8|\D9.\?.\?.\?.\?.\?.\?.\?.\?\D9|\DA.\?.\?.\?.\?. \\?.\?.\?.\?\DA|\DB.\?.\?.\?.\?.\?.\?.\?.\?\DB|\DC.\?.\?.\?.\?.\?.\?.\?.\? \\DC|\DD.\?.\?.\?.\?.\?.\?.\?.\?\DD|\DE.\?.\?.\?.\?.\?.\?.\?.\?\DE|\DF.\ .\\?.\?.\?.\?.\?.\?.\?\DF|\E0.\?.\?.\?.\?.\?.\?.\?.\?\E0|\E1.\?.\?.\?.\?.\?.\ \?.\?.\?\E1|\E2.\?.\?.\?.\?.\?.\?.\?.\?\E2|\E3.\?.\?.\?.\?.\?.\?.\?.\?\E3|\ \E4.\?.\?.\?.\?.\?.\?.\?.\?\E4|\E5.\?.\?.\?.\?.\?.\?.\?.\?\E5|\E6.\?.\ .\\.\?.\?.\?.\?.\?\E6|\E7.\?.\?.\?.\?.\?.\?.\?.\?\E7|\E8.\?.\?.\?.\?.\?.\?. \?\.\?\E8|\E9.\?.\?.\?.\?.\?.\?.\?.\?\E9|\EA.\?.\?.\?.\?.\?.\?.\?.\?\EA|\ EB.\\?.\?.\?.\?.\?.\?.\?.\?\EB|\EC.\?.\?.\?.\?.\?.\?.\?.\?\EC|\ED.\?.\?.\?. \?.\\?.\?.\?.\?\ED|\EE.\?.\?.\?.\?.\?.\?.\?.\?\EE|\EF.\?.\?.\?.\?.\?.\?.\?. \?\\EF|\F0.\?.\?.\?.\?.\?.\?.\?.\?\F0|\F1.\?.\?.\?.\?.\?.\?.\?.\?\F1|\F2. \?.\\?.\?.\?.\?.\?.\?.\?\F2|\F3.\?.\?.\?.\?.\?.\?.\?.\?\F3|\F4.\?.\?.\?.\?.\ .\\?.\?.\?\F4|\F5.\?.\?.\?.\?.\?.\?.\?.\?\F5|\F6.\?.\?.\?.\?.\?.\?.\?.\?\ F6|\\F7.\?.\?.\?.\?.\?.\?.\?.\?\F7|\F8.\?.\?.\?.\?.\?.\?.\?.\?\F8|\F9.\?.\? .\?\.\?.\?.\?.\?.\?\F9|\FA.\?.\?.\?.\?.\?.\?.\?.\?\FA|\FB.\?.\?.\?.\?.\?.\?. \?\.\?\FB|\FC.\?.\?.\?.\?.\?.\?.\?.\?\FC|\FD.\?.\?.\?.\?.\?.\?.\?.\?\FD|\ FE.\\?.\?.\?.\?.\?.\?.\?.\?\FE|\FF.\?.\?.\?.\?.\?.\?.\?.\?\FF)"add comment="" name=skypetoskype regexp="^..\02............."add comment="" name=counterstrike-source regexp=\"^\FF\FF\FF\FF.*cstrikeCounter-Strike"add comment="" name=halflife2-deathmatch regexp=\"^\FF\FF\FF\FF.*hl2mpDeathmatch"add comment="" name=freenet regexp="^\01[\08\t][\03\04]"add comment="" name=battlefield2 regexp="^(\11 \01...\?\11|\FE\FD.\?.\?.\?.\?.\\?.\?(\14\01\06|\FF\FF\FF))|[]\01].\?battlefield2"add comment="" name=napster regexp="^(.[\02\06][!-~]+ [!-~]+ [0-9][0-9]\?[0-9]\ \?[0-9]\?[0-9]\? \"[\t-\r -~]+\" ([0-9]|10)|1(send|get)[!-~]+ \"[\t-\r -~]\+\")"add comment="" name=soulseek regexp=\"^(\05..\?|.\01.[ -~]+\01F..\?.\?.\?.\?.\?.\?.\?)\$"add comment="" name=xunlei regexp="^[()]...\?.\?.\?(reg|get|query)"add comment="" name=ssl regexp=\"^(.\?.\?\16\03.*\16\03|.\?.\?\01\03\01\?.*\0B)"add comment="" name=citrix regexp="2&\85\92X"add comment="" name=whois regexp="^[ !-~]+\r\\n\$"add comment="" name=dayofdefeat-source regexp=\"^\FF\FF\FF\FF.*dodDay of Defeat"add comment="" name=teamspeak regexp="^\F4\BE\03.*teamspeak"add comment="" name=worldofwarcraft regexp="^\06\EC\01"add comment="" name=ventrilo regexp="^..\?v\\\$\CF"add comment="" name=http-rtsp regexp="^(get[\t-\r -~]* Accept: application/x-r\ tsp-tunnelled|http/(0\\.9|1\\.0|1\\.1) [1-5][0-9][0-9] [\t-\r -~]*a=contro\l:rtsp://)"add comment="" name=thecircle regexp=\"^t\03ni.\?[\01-\06]\?t[\01-\05]s[\\n\0B](glob|who are you\$|query data)"add comment="" name=uucp regexp="^\10here="add comment="" name=pcanywhere regexp="^(nq|st)\$"add comment="" name=subversion regexp="^\\( success \\( 1 2 \\("add comment="" name=imesh regexp="^(post[\t-\r -~]*.............\ ...................|4\80\?\r\?\FC\FF\04|get[\t-\\r -~]*Host: imsh\\.download-prod\\.musicnet\\.com|\02(\01|\02)\83.\?.\?.\\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?.\?\ .\?\02(\01|\02)\83)"add comment="" name=cimd regexp="\02[0-4][0-9]:[0-9]+.*\03\$"add comment="" name=mohaa regexp="^\FF\FF\FF\FFgetstatus\\n"add comment="" name=stun regexp="^[\01\02]................\?\$"add comment="" name=tor regexp=TOR1.*add comment="" name=radmin regexp="^\01\01(\08\08|\1B\1B)\$"add comment="" name=unset regexp=.add comment="" name=chikka regexp="^CTPv1.[123] Kamusta.*\r\\n\$"add comment="" name=replaytv-ivs regexp="^(get /ivs-IVSGetFileChunk|http/(0\\.\ 9|1\\.0|1\\.1) [1-5][0-9][0-9] [\t-\r -~]*#####REPLAY_CHUNK_START#####)" add comment="" name=armagetron regexp=YCLC_E|CYELadd comment="" name=Jpg regexp="^.*(post|POST|get|GET).+\\.jpg.+\\http"add comment="" name=Htm regexp="^.*(post|POST|get|GET).+\\.htm.+\\http"/ip hotspot profileset default dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot \ http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap \name=default rate-limit="" smtp-server=0.0.0.0 split-user-domain=no \use-radius=no#以下为ROS默订设置/ip hotspot user profileset default idle-timeout=none keepalive-timeout=2m name=default shared-users=\1 status-autorefresh=1m transparent-proxy=no/ip ipsec proposalset default auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m \ name=default pfs-group=modp1024#以下为地址池设置,有正常拔号的,到期通知的,DHCP的/ip pooladd name=POOL_PPPOE ranges=10.0.0.5-10.0.0.200add name=4day ranges=20.0.0.5-20.0.0.200add name=tongzhi ranges=30.30.30.0/24add name=dhcp ranges=192.168.10.5-192.168.10.200add name=dhcp_pool1 ranges=192.168.10.2-192.168.10.200#以下为DHCP服务设置/ip dhcp-serveradd address-pool=dhcp authoritative=after-2sec-delay bootp-support=static \ disabled=yes interface=LAN lease-time=1h name=dhcp1 relay=255.255.255.0/portset 0 baud-rate=9600 data-bits=8 flow-control=hardware name=serial0 parity=\ none stop-bits=1set 1 baud-rate=9600 data-bits=8 flow-control=hardware name=serial1 parity=\ none stop-bits=1#以下为PPPOE设置,分几种,有正常拔号的,到期的,不同网。

ROS的脚本多拨

ROS的脚本多拨

ROS的脚本多拨ros设置单⽹卡拨多ADSL 使⽤vrrp 有些版本有问题,使⽤5.2破解版本测试成功。

1.创建100个vrrp,并绑定到wan⼝下for i from 1 to 100 do={/interface vrrp add comment=("RP".$i) interface=wan interval=1 name=("vrrp".$i) vrid=$i}2.修改vrrp 协议for i from 1 to 100 do={/interface vrrp set v3-protocol=ipv6 numbers=("vrrp".$i)}3.创建pppoe,(这⾥需要注意你的adsl ⽤户和密码),并绑定到对应的vrrpfor i from 1 to 100 do={/interface pppoe-client add add-default-route=yes allow=pap,chap comment=($i) interface=("vrrp".$i) max-mtu=1480 name=("pppoe-out".$i) user=$i password=$i }设置pppoe 的为取消默认路由for i from 0 to 99 do={/interface pppoe-client set numbers=$i add-default-route=no }设置PCC负载均衡(原来的PPPOE需要取消默认路由,后边收到设置路由)1.设置NATfor i from 1 to 100 do={/ip firewall nat add chain=srcnat action=masquerade out-interface=("pppoe-out".$i) comment=("pppoe".$i)}2.设置inputfor i from 1 to 100 do={/ip firewall mangle add chain=input action=mark-connection new-connection-mark=("pppoe-out".$i."_conn") passthrough=yes in-interface=("pppoe-out".$i) comment=("input".$i)}3.设置outputfor i from 1 to 100 do={/ip firewall mangle add chain=output action=mark-routing new-routing-mark=("to_pppoe_out".$i) passthrough=yes connection-mark=("pppoe-out".$i."_conn") comment=("output".$i)}4.设置连接标记for i from 6 to 100 do={/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=("pppoe-out".$i."_conn") passthrough=yes src-address=10.0.0.0/8 dst-address-type=!local in-interface=ether1-lan per-connection-classifier=("both-addresses:100/".$i-1) comment=("pcc".$i)}5.设置路由标记for i from 6 to 100 do={/ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=("to_pppoe_out".$i) passthrough=yes src-address=10.0.0.0/8 in-interface=ether1-lan connection-mark=("pppoe-out".$i."_conn") comment=("pcc".$i)}6.⼿动设置路由for i from 6 to 100 do={/ip route add comment=$i disabled=no distance=1 dst-address="0.0.0.0/0" gateway=("pppoe-out".$i) routing-mark= ("to_pppoe_out".$i) check-gateway=("ping")}7.设置路由ping 监控for i from 8 to 100 do={/ip route add check-gateway="ping" comment=("pppoe-out".$i) disabled=no distance="10" dst-address="0.0.0.0/0" gateway=("pppoe-out".$i)}。

ROS双线检测掉线自动切换实现

ROS双线检测掉线自动切换实现

ROS双线检测掉线自动切换实现ROS双线负载均衡自动切换/ system scriptadd name="dxup" source="/ip route set \[/ip route find comment=tel\] gateway=电信网关;\n\n/ip route set \[/ip route find comment=tel\] disable=no;"policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncup" source="/ip route enable \[/ip route find gateway=网通网关\]" policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="dxdown" source="/ip route set \[/ip route find comment=tel\] gateway=网通网关" policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncdown" source="/ip route disable \[/ip route find gateway=网通网关\]" policy=ftp,reboot,read,write,policy,test,winbox,password/tool netwatch add host=电信网关timeout=1s interval=5s up-script=dxupdown-script=dxdown/tool netwatch add host=网通网关timeout=1s interval=5s up-script=cncupdown-script=cncdown更详细:电信或网通双线之一掉线自动切换的功能实现首先,需要配制netwatch检测功能,左侧tools->netwatch,+号,HOST添电信的网关,UP中添dxup,DOWN中添dxdown,OK,同样再添加网通的网关,和cncup,cncdown.然后添加执行的脚本文件,下面的这个是我自己用的,差点,不过能用就好..呵呵....将红字部分添上自己的网关,注意,我是在router list中电信0.0.0.0/0做了comment注释为tel./ system scriptadd name="dxup" source="/ip route set \[/ip route find comment=tel\] \gateway=电信网关;\n/ip route set \[/ip route find comment=tel\] \disable=no;" policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncup" source="/ip route enable \[/ip route find \gateway=网通网关\]" \policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="dxdown" source="/ip route set \[/ip route find comment=tel\] \gateway=网通网关" \policy=ftp,reboot,read,write,policy,test,winbox,passwordadd name="cncdown" source="/ip route disable \[/ip route find \gateway=网通网关\]" \policy=ftp,reboot,read,write,policy,test,winbox,password在new terminal 中右键paste回车就可以了~~切换的原理是dxup 修改comment为tel的项的gateway为电信(电信可用时默认0.0.0.0/0为电信网关) dxdown 修改comment为tel的项gateway为网通(电信不可用修改0.0.0.0/0为网通) cncup 启用所有gateway为网通的项(当网通可用进行路由选择~)cncdown 禁用所有gateway 为网通的项~ (当网通不可用走默认线路不经过选择)。

  1. 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
  2. 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
  3. 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。

Ros 3.30 PCC双线负载均衡脚本脚本如下/ip address add address=内网网关IP/内网子网掩码interface=内网网卡名称comment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38"/ip dns set primary-dns=首选DNS secondary-dns=备用DNSallow-remote-requests=yes/interface pppoe-client add name="pppoe-out1" interface=外网网卡1名称user="PPPoE帐号1" password="密码1" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out2" interface=外网网卡2名称user="PPPoE帐号2" password="密码2" add-default-route=no disabled=no/ip firewall mangleadd action=change-mss chain=forwardcomment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38" disabled=no new-mss=1440 protocol=tcp tcp-flags=synadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out2 new-connection-mark=pppoe-out2_conn passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out1_conn disabled=nonew-routing-mark=to_pppoe-out1 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out2_conn disabled=nonew-routing-mark=to_pppoe-out2 passthrough=yesadd action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out1_conn passthrough=yesper-connection-classifier=both-addresses:2/0 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out2_conn passthrough=yesper-connection-classifier=both-addresses:2/1 src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out1_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out1 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out2_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out2 passthrough=yes src-address=内网网断/内网子网掩码/ip routeadd comment=1 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out1 routing-mark=to_pppoe-out1 check-gateway=pingadd comment=2 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out2 routing-mark=to_pppoe-out2 check-gateway=pingadd check-gateway=ping comment="pppoe-out1" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment="pppoe-out2" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out2/ip firewall natadd action=masquerade chain=srcnat comment="1" disabled=noout-interface=pppoe-out1add action=masquerade chain=srcnat comment="2" disabled=noout-interface=pppoe-out2Ros 3.30 PCC三线负载均衡脚本脚本如下/ip address add address=内网网关IP/内网子网掩码interface=内网网卡名称comment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38"/ip dns set primary-dns=首选DNS secondary-dns=备用DNSallow-remote-requests=yes/interface pppoe-client add name="pppoe-out1" interface=外网网卡1名称user="PPPoE帐号1" password="密码1" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out2" interface=外网网卡2名称user="PPPoE帐号2" password="密码2" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out3" interface=外网网卡3名称user="PPPoE帐号3" password="密码3" add-default-route=no disabled=no/ip firewall mangleadd action=change-mss chain=forwardcomment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38" disabled=no new-mss=1440 protocol=tcp tcp-flags=synadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out2 new-connection-mark=pppoe-out2_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out3 new-connection-mark=pppoe-out3_conn passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out1_conn disabled=nonew-routing-mark=to_pppoe-out1 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out2_conn disabled=nonew-routing-mark=to_pppoe-out2 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out3_conn disabled=nonew-routing-mark=to_pppoe-out3 passthrough=yesadd action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out1_conn passthrough=yesper-connection-classifier=both-addresses:3/0 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out2_conn passthrough=yesper-connection-classifier=both-addresses:3/1 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out3_conn passthrough=yesper-connection-classifier=both-addresses:3/2 src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out1_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out1 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out2_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out2 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out3 passthrough=yes src-address=内网网断/内网子网掩码/ip routeadd comment=1 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out1 routing-mark=to_pppoe-out1 check-gateway=pingadd comment=2 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out2 routing-mark=to_pppoe-out2 check-gateway=ping add comment=3 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out3 routing-mark=to_pppoe-out3 check-gateway=ping add check-gateway=ping comment="pppoe-out1" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment="pppoe-out2" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out2add check-gateway=ping comment="pppoe-out3" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out3/ip firewall natadd action=masquerade chain=srcnat comment="1" disabled=noout-interface=pppoe-out1add action=masquerade chain=srcnat comment="2" disabled=noout-interface=pppoe-out2add action=masquerade chain=srcnat comment="3" disabled=noout-interface=pppoe-out3Ros 3.30 PCC四线负载均衡脚本脚本如下/ip address add address=内网网关IP/内网子网掩码interface=内网网卡名称comment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38"/ip dns set primary-dns=首选DNS secondary-dns=备用DNSallow-remote-requests=yes/interface pppoe-client add name="pppoe-out1" interface=外网网卡1名称user="PPPoE帐号1" password="密码1" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out2" interface=外网网卡2名称user="PPPoE帐号2" password="密码2" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out3" interface=外网网卡3名称user="PPPoE帐号3" password="密码3" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out4" interface=外网网卡4名称user="PPPoE帐号4" password="密码4" add-default-route=no disabled=no/ip firewall mangleadd action=change-mss chain=forwardcomment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38" disabled=nonew-mss=1440 protocol=tcp tcp-flags=synadd action=mark-connection chain=input comment="" disabled=no in-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=no in-interface=pppoe-out2 new-connection-mark=pppoe-out2_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=no in-interface=pppoe-out3 new-connection-mark=pppoe-out3_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=no in-interface=pppoe-out4 new-connection-mark=pppoe-out4_conn passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out1_conn disabled=nonew-routing-mark=to_pppoe-out1 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out2_conn disabled=nonew-routing-mark=to_pppoe-out2 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out3_conn disabled=nonew-routing-mark=to_pppoe-out3 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out4_conn disabled=nonew-routing-mark=to_pppoe-out4 passthrough=yesadd action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out1_conn passthrough=yesper-connection-classifier=both-addresses:4/0 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out2_conn passthrough=yesper-connection-classifier=both-addresses:4/1 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out3_conn passthrough=yesper-connection-classifier=both-addresses:4/2 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out4_conn passthrough=yesper-connection-classifier=both-addresses:4/3 src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out1_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out1 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out2_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out2 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out3 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out4 passthrough=yes src-address=内网网断/内网子网掩码/ip routeadd comment=1 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out1 routing-mark=to_pppoe-out1 check-gateway=pingadd comment=2 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out2 routing-mark=to_pppoe-out2 check-gateway=pingadd comment=3 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out3 routing-mark=to_pppoe-out3 check-gateway=pingadd comment=4 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out4 routing-mark=to_pppoe-out4 check-gateway=pingadd check-gateway=ping comment="pppoe-out1" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment="pppoe-out2" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out2add check-gateway=ping comment="pppoe-out3" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out3add check-gateway=ping comment="pppoe-out4" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out4/ip firewall natadd action=masquerade chain=srcnat comment="1" disabled=noout-interface=pppoe-out1add action=masquerade chain=srcnat comment="2" disabled=noout-interface=pppoe-out2add action=masquerade chain=srcnat comment="3" disabled=noout-interface=pppoe-out3add action=masquerade chain=srcnat comment="4" disabled=noout-interface=pppoe-out4Ros 3.30 PCC五线负载均衡脚本脚本如下/ip address add address=内网网关IP/内网子网掩码interface=内网网卡名称comment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38"/ip dns set primary-dns=首选DNS secondary-dns=备用DNSallow-remote-requests=yes/interface pppoe-client add name="pppoe-out1" interface=外网网卡1名称user="PPPoE帐号1" password="密码1" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out2" interface=外网网卡2名称user="PPPoE帐号2" password="密码2" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out3" interface=外网网卡3名称user="PPPoE帐号3" password="密码3" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out4" interface=外网网卡4名称user="PPPoE帐号4" password="密码4" add-default-route=no disabled=no/interface pppoe-client add name="pppoe-out5" interface=外网网卡5名称user="PPPoE帐号5" password="密码5" add-default-route=no disabled=no/ip firewall mangleadd action=change-mss chain=forwardcomment="\D1\CC\C9\F1\B6\E0\CF\DF\50\43\43\BD\C5\B1\BE\52\6F\73\BC\BC\ CA\F5\BD\BB\C1\F7\C8\BA\A3\BA\31\30\32\38\37\32\30\35\38" disabled=no new-mss=1440 protocol=tcp tcp-flags=synadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out2 new-connection-mark=pppoe-out2_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out3 new-connection-mark=pppoe-out3_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out4 new-connection-mark=pppoe-out4_conn passthrough=yesadd action=mark-connection chain=input comment="" disabled=noin-interface=pppoe-out5 new-connection-mark=pppoe-out5_conn passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out1_conn disabled=nonew-routing-mark=to_pppoe-out1 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out2_conn disabled=nonew-routing-mark=to_pppoe-out2 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out3_conn disabled=nonew-routing-mark=to_pppoe-out3 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out4_conn disabled=nonew-routing-mark=to_pppoe-out4 passthrough=yesadd action=mark-routing chain=output comment=""connection-mark=pppoe-out5_conn disabled=nonew-routing-mark=to_pppoe-out5 passthrough=yesadd action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out1_conn passthrough=yesper-connection-classifier=both-addresses:5/0 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out2_conn passthrough=yesper-connection-classifier=both-addresses:5/1 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out3_conn passthrough=yesper-connection-classifier=both-addresses:5/2 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out4_conn passthrough=yesper-connection-classifier=both-addresses:5/3 src-address=内网网断/内网子网掩码add action=mark-connection chain=prerouting comment="" disabled=nodst-address-type=!local in-interface=ether1new-connection-mark=pppoe-out5_conn passthrough=yesper-connection-classifier=both-addresses:5/4 src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out1_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out1 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out2_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out2 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out3 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out4 passthrough=yes src-address=内网网断/内网子网掩码add action=mark-routing chain=prerouting comment=""connection-mark=pppoe-out3_conn disabled=no in-interface=ether1new-routing-mark=to_pppoe-out5 passthrough=yes src-address=内网网断/内网子网掩码/ip routeadd comment=1 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out1 routing-mark=to_pppoe-out1 check-gateway=pingadd comment=2 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out2 routing-mark=to_pppoe-out2 check-gateway=pingadd comment=3 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out3 routing-mark=to_pppoe-out3 check-gateway=pingadd comment=4 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out4 routing-mark=to_pppoe-out4 check-gateway=pingadd comment=5 disabled=no distance=1 dst-address=0.0.0.0/0gateway=pppoe-out5 routing-mark=to_pppoe-out5 check-gateway=pingadd check-gateway=ping comment="pppoe-out1" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out1add check-gateway=ping comment="pppoe-out2" disabled=no distance=10dst-address=0.0.0.0/0 gateway=pppoe-out2add check-gateway=ping comment="pppoe-out3" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out3add check-gateway=ping comment="pppoe-out4" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out4add check-gateway=ping comment="pppoe-out5" disabled=no distance=10 dst-address=0.0.0.0/0 gateway=pppoe-out5/ip firewall natadd action=masquerade chain=srcnat comment="1" disabled=noout-interface=pppoe-out1add action=masquerade chain=srcnat comment="2" disabled=noout-interface=pppoe-out2add action=masquerade chain=srcnat comment="3" disabled=noout-interface=pppoe-out3add action=masquerade chain=srcnat comment="4" disabled=noout-interface=pppoe-out4add action=masquerade chain=srcnat comment="5" disabled=noout-interface=pppoe-out5。

相关文档
最新文档