Após a configuração, os tráfegos do Grupo A ou PC-1 passarão pela conexão LINK-1 e o tráfego Grupo B ou PC-2 passará pela conexão LINK-2.
MK | WAN1 | WAN2 | PC-1 | PC-2 |
v6.49.6 | 192.168.1.2 | 192.168.2.2 | 100.100.0.2 | 200.200.0.2 |
Configurando as interfaces
/interface ethernet
set [ find default-name=ether1 ] comment=":: Link-1 ::"
set [ find default-name=ether3 ] comment=":: Link-2 ::"
Configurando a internet
/ip address
add address=192.168.1.2/24 comment="Link-1" interface=ether1 network=192.168.1.0
add address=100.100.0.1/24 comment="Rede Link-1" interface=ether2 network=100.100.0.0
add address=192.168.2.2/24 comment="Link-2" interface=ether3 network=192.168.2.0
add address=200.200.0.1/24 comment="Rede Link-2" interface=ether4 network=200.200.0.0
Coloque o IP do seu servidor DNS fornecido pelo seu provedor de serviços de Internet ou coloque o campo de entrada dos servidores públicos:
Google DNS (8.8.8.8 e 8.8.4.4)
OpenDNS (208.67.222.222 e 208.67.220.220)
Cloudflare DNS (1.1.1.1 e 1.0.0.1)
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
Interface list
/interface list
add name=WAN
/interface list member
add interface=ether1 list=WAN
add interface=ether3 list=WAN
NAT
/ip firewall nat
add action=masquerade chain=srcnat comment=":: NAT ::" out-interface-list=WAN
Rotas
*Defina a rota do seu link principal alterando a “distance=1”
/ip route
add comment=":: Default GW - Link-1 ::" distance=1 gateway=192.168.1.1
add comment=":: Default GW - Link-2 ::" distance=2 gateway=192.168.2.1
add check-gateway=ping comment=":: Rota recursiva - Link-2 ::" distance=1 gateway=208.67.222.222 routing-mark=LINK-2
add check-gateway=ping distance=2 gateway=208.67.220.220 routing-mark=LINK-2
add check-gateway=ping comment=":: Rota recursiva - Link-1 ::" distance=1 gateway=1.1.1.1 routing-mark=LINK-1
add check-gateway=ping distance=1 gateway=1.0.0.1 routing-mark=LINK-1
add check-gateway=ping dst-address=1.1.1.1/32 gateway=192.168.1.1 scope=10
add check-gateway=ping dst-address=208.67.222.222/32 gateway=192.168.2.1 scope=10
/ip route rule
add src-address=100.100.0.2/32 table=LINK-1
add src-address=200.200.0.2/32 table=LINK-2
add action=lookup-only-in-table comment=":: For\E7a o IP ou Rede passar pelo link 2, e caso o link 2 ficar indisponivel os hosts ficar\E3o sem internet ::" disabled=yes src-address=100.100.0.100/32 table=LINK-2
Breve explicação
Se a conexão do Link 1 cair, todos os tráfegos de rede (Grupo A ou PC-1 e Grupo B ou PC-2) passarão pela conexão do Link 2 e se a conexão do Link 2 ficar inativa, o tráfego passará pela conexão do Link 1
Monitoramento
/tool netwatch
add comment="Monitoramento Link-2" down-script="log error Link-2 DOWN" host=208.67.222.222 interval=10s up-script="log warning Link-2 UP"
add comment="Monitoramento Link-1" down-script="log error Link-1 DOWN" host=1.1.1.1 interval=10s up-script="log warning Link-1 UP"
/ip firewall filter
add action=drop chain=output comment="Drop OpenDNS IP | Monitoramento Link-2" dst-address=208.67.222.222 out-interface=ether1 protocol=icmp
add action=drop chain=output comment="Drop OpenDNS IP | Monitoramento Link-1" dst-address=1.1.1.1 out-interface=ether2 protocol=icmp