miércoles, 5 de junio de 2013

Load Balancer - Balancero de Carga con dos Wan usando router EdgeMax de ubiquiti

set protocols static route 0.0.0.0/0 next-hop 192.168.2.1
set protocols static route 0.0.0.0/0 next-hop 192.168.1.1
set protocols static table 1 mark 1
set protocols static table 1 route 0.0.0.0/0 next-hop 192.168.2.1
set protocols static table 2 mark 2
set protocols static table 2 route 0.0.0.0/0 next-hop 192.168.1.1

set firewall modify balance rule 10 action modify
 set firewall modify balance rule 10 description 'restore mark from connection'
 set firewall modify balance rule 10 modify connmark restore-mark

 set firewall modify balance rule 20 action accept
 set firewall modify balance rule 20 description 'accept the packet if the mark isnt zero'
 set firewall modify balance rule 20 mark !0

 set firewall modify balance rule 30 action modify
 set firewall modify balance rule 30 description 'for new connections mark 50% with mark 1'
 set firewall modify balance rule 30 modify mark 1
 set firewall modify balance rule 30 protocol tcp_udp
 set firewall modify balance rule 30 state new enable
 set firewall modify balance rule 30 statistic probability 50%

 set firewall modify balance rule 40 action modify
 set firewall modify balance rule 40 description 'for packets with mark zero, mark with 2'
 set firewall modify balance rule 40 mark 0
 set firewall modify balance rule 40 modify mark 2
 set firewall modify balance rule 40 protocol tcp_udp
 set firewall modify balance rule 40 state new enable

 set firewall modify balance rule 50 action modify
 set firewall modify balance rule 50 description 'save the packet mark to the connection mark'
 set firewall modify balance rule 50 modify connmark save-mark

 set interfaces ethernet eth2 firewall in modify balance

 set firewall modify ISP1_IN rule 1 description 'use mark 1 for new ISP1 connections'
 set firewall modify ISP1_IN rule 1 action modify
 set firewall modify ISP1_IN rule 1 log enable
 set firewall modify ISP1_IN rule 1 modify connmark set-mark 1
 set firewall modify ISP1_IN rule 1 protocol tcp_udp
 set firewall modify ISP1_IN rule 1 state new enable

 set firewall modify ISP2_IN rule 1 description 'use mark 2 for new ISP2 connections'
 set firewall modify ISP2_IN rule 1 action modify
 set firewall modify ISP2_IN rule 1 log enable
 set firewall modify ISP2_IN rule 1 modify connmark set-mark 2
 set firewall modify ISP2_IN rule 1 protocol tcp_udp
 set firewall modify ISP2_IN rule 1 state new enable

 set interfaces ethernet eth0 firewall in modify ISP1_IN
 set interfaces ethernet eth1 firewall in modify ISP2_IN
Publicado por en

1 comentario:

Suscribirse a: Enviar comentarios (Atom)