网纵论坛

标题: ROS+流控分流详细设置方案 [打印本页]

作者: yucheng    时间: 2014-3-22 15:54
标题: ROS+流控分流详细设置方案
基于带宽环境(联通100M,6条20M ADSL),把联通作为默认线路,AD做分流为客户配置策略。

ROS配置
先为联通线路配上IP,routes,DNS,NAT转发
/ip address
add address=218.1.1.2/29 broadcast=218.1.1.55 comment="\C1\AA\CD\A8100M" \
disabled=no interface=unicom network=218.1.1.48
/ip route
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=218.1.1.54 scope=30 target-scope=10
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=512KiB max-udp-packet-size=50 servers=222.1.1.85,222.1.1.88
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no
为AD做pcc并加上分流ip(192.168.1.100)
/ip firewall mangle
add action=change-mss chain=forward comment="" disabled=no new-mss=1440 \
    protocol=tcp tcp-flags=syn tcp-mss=1441-65535
add action=mark-connection chain=prerouting comment="" disabled=no \
    new-connection-mark=con1 passthrough=yes per-connection-classifier=\
    both-addresses:6/0 src-address=192.168.1.100
add action=mark-routing chain=prerouting comment="" connection-mark=con1 \
    disabled=no new-routing-mark=rou1 passthrough=no src-address=\
    192.168.1.100
add action=mark-connection chain=prerouting comment="" disabled=no \
    new-connection-mark=con2 passthrough=yes per-connection-classifier=\
    both-addresses:6/1 src-address=192.168.1.100
add action=mark-routing chain=prerouting comment="" connection-mark=con2 \
    disabled=no new-routing-mark=rou2 passthrough=no src-address=\
    192.168.1.100
add action=mark-connection chain=prerouting comment="" disabled=no \
    new-connection-mark=con3 passthrough=yes per-connection-classifier=\
    both-addresses:6/2 src-address=192.168.1.100
add action=mark-routing chain=prerouting comment="" connection-mark=con3 \
    disabled=no new-routing-mark=rou3 passthrough=no src-address=\
    192.168.1.100
add action=mark-connection chain=prerouting comment="" disabled=no \
    new-connection-mark=con4 passthrough=yes per-connection-classifier=\
    both-addresses:6/3 src-address=192.168.1.100
add action=mark-routing chain=prerouting comment="" connection-mark=con4 \
    disabled=no new-routing-mark=rou4 passthrough=no src-address=\
    192.168.1.100
add action=mark-connection chain=prerouting comment="" disabled=no \
    new-connection-mark=con5 passthrough=yes per-connection-classifier=\
    both-addresses:6/4 src-address=192.168.1.100
add action=mark-routing chain=prerouting comment="" connection-mark=con5 \
    disabled=no new-routing-mark=rou5 passthrough=no src-address=\
    192.168.1.100
add action=mark-connection chain=prerouting comment="" disabled=no \
    new-connection-mark=con6 passthrough=yes per-connection-classifier=\
    both-addresses:6/5 src-address=192.168.1.100
add action=mark-routing chain=prerouting comment="" connection-mark=con6 \
    disabled=no new-routing-mark=rou6 passthrough=no src-address=\
  192.168.1.100
/ip route
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    pppoe-out1 routing-mark=rou1 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    pppoe-out2 routing-mark=rou2 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    pppoe-out3 routing-mark=rou3 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    pppoe-out6 routing-mark=rou6 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    pppoe-out5 routing-mark=rou5 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
  pppoe-out4 routing-mark=rou4 scope=30 target-scope=10


配置内网lan IP
/ip address
add address=192.168.1.1/24 broadcast=192.168.1.255 comment="added by setup" \
  disabled=no interface=lan network=192.168.1.0

接下来做流控配置
流控接线:ros lan口接流控外网口,流控内网口接核心交换机,流控管理口接核心交换机。
管理口设置为192.168.1.105,掩码255.255.255.0.



增加分流代理,192.168.1.100 网关192.168.1.1


然后用策略向导增加策略。详细步骤请点流控大师--策略向导
http://bbs.netzone.com/thread-1170-1-1.html

PS,建议在所有地址都确保正后调用策略,否则分流失败会导致分流的应用无法正常联网


作者: 呦呦妹子05    时间: 2017-7-18 16:39

国外uu,国产uu最新地址开放注册了,网站难找



iujlb.com





欢迎光临 网纵论坛 (http://media.netzone.com/) Powered by Discuz! X3.2