Scribd
Upload
40 views1 page

Load Balance

The document outlines network configuration commands for setting IP addresses, firewall rules, NAT, and routing on a router. It includes specific settings for two WAN interfaces (wan1 and wan2) and establishes connection marking and routing rules based on source addresses. Additionally, it implements netwatch scripts to monitor the availability of external DNS servers and enable or disable routes accordingly.

Uploaded by

Luis Veiga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
40 views1 page

Load Balance

The document outlines network configuration commands for setting IP addresses, firewall rules, NAT, and routing on a router. It includes specific settings for two WAN interfaces (wan1 and wan2) and establishes connection marking and routing rules based on source addresses. Additionally, it implements netwatch scripts to monitor the availability of external DNS servers and enable or disable routes accordingly.

Uploaded by

Luis Veiga
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

/ip address

add address=[Link]/24 interface=local network=[Link]


add address=[Link]/24 interface=wan1 network=[Link]
add address=[Link]/24 interface=wan2 network=[Link]

/ip firewall mangle


add action=mark-connection chain=prerouting in-interface=local\
new-connection-mark=wan1 passthrough=yes src-address-list=wan1
add action=mark-routing chain=prerouting in-interface=local\
new-routing-mark=wan1 passthrough=no src-address-list=wan1
add action=mark-connection chain=prerouting in-interface=local\
new-connection-mark=wan2 passthrough=yes src-address-list=wan2
add action=mark-routing chain=prerouting in-interface=local\
new-routing-mark=wan2 passthrough=no src-address-list=wan2
add action=mark-connection chain=prerouting connection-state=new\
in-interface=local new-connection-mark=wan1 nth=2,1 passthrough=yes
add action=add-src-to-address-list address-list=wan1\
address-list-timeout=1d chain=prerouting connection-mark=wan1\
in-interface=local
add action=mark-routing chain=prerouting connection-mark=wan1\
in-interface=local new-routing-mark=wan1 passthrough=no
add action=mark-connection chain=prerouting connection-state=new\
in-interface=local new-connection-mark=wan2 nth=2,2 passthrough=yes
add action=add-src-to-address-list address-list=wan2\
address-list-timeout=1d chain=prerouting connection-mark=wan2\
in-interface=local
add action=mark-routing chain=prerouting connection-mark=wan2\
in-interface=local new-routing-mark=wan2 passthrough=no

/ip firewall nat


add action=masquerade chain=srcnat out-interface=wan1
add action=masquerade chain=srcnat out-interface=wan2

/ip route
add check-gateway=ping comment="wan1" distance=1\
gateway=[Link] routing-mark=wan1 scope=255
add check-gateway=ping comment="wan2" distance=1\
gateway=[Link] routing-mark=wan2 scope=255
add check-gateway=ping comment="wan1" distance=2\
gateway=[Link] routing-mark=wan2 scope=255
add check-gateway=ping comment="wan2" distance=2\
gateway=[Link] routing-mark=wan1 scope=255
add check-gateway=ping distance=1 gateway=[Link] scope=255
add check-gateway=ping distance=2 gateway=[Link] scope=255
add comment="netwatch opendns wan1" distance=1\
dst-address=[Link]/32 gateway=[Link]
add comment="netwatch opendns wan2" distance=1\
dst-address=[Link]/32 gateway=[Link]

/tool netwatch
add down-script="/ip route disable [find comment=wan1]"\
host=[Link] up-script="/ip route enable [find comment=wan1]"
add down-script="/ip route disable [find comment=wan2]"\
host=[Link] up-script="/ip route enable [find comment=wan2]"

You might also like