ROS軟路由論壇 ROSABC.com

 找回密碼
 會員注冊
查看: 122|回復: 2
打印 上一主題 下一主題

[求助] 關于ROS設置一線多撥再映射內網IP端口的問題,請教高手了...

[復制鏈接]
跳轉到指定樓層
樓主
發表于 2020-7-5 10:51:06 | 只看該作者 回帖獎勵 |倒序瀏覽 |閱讀模式
ROS軟路由論壇
ros版本6.46.1
主機:192.168.8.100(可上外網)
內網機:192.168.8.101 需要映射的端口13456

ROS:
網卡:
ether1
wan (pppoe)

建立vrrp1 vrrp2 vrrp3

adsl撥號三路  一線多撥
pppoe-out1 對應vrrp1
pppoe-out2 對應vrrp2
pppoe-out3 對應vrrp3

wan vrrp1 vrrp2都設置同一網段的IP

然后就是作標記,加路由
再端口映射

現在的問題是,用第一個pppoe產生的IP,訪問時,成功映射到內網,其它的幾路都不行,幫忙看一下是哪里設置不對了, 謝謝了!!!
具體腳本:


/interface vrrp
add name=vrrp1 arp=enabled authentication=none disabled=no interface=wan interval=1 mtu=1500 preemption-mode=yes priority=100 vrid=1
add name=vrrp2 arp=enabled authentication=none disabled=no interface=wan interval=1 mtu=1500 preemption-mode=yes priority=100 vrid=2
add name=vrrp3 arp=enabled authentication=none disabled=no interface=wan interval=1 mtu=1500 preemption-mode=yes priority=100 vrid=3



/ip address
add address=1.1.1.1/24 disabled=no interface=wan
add address=1.1.1.10/24 disabled=no interface=vrrp1
add address=1.1.1.11/24 disabled=no interface=vrrp2
add address=1.1.1.12/24 disabled=no interface=vrrp3

/interface pppoe-client #填上你的寬帶賬號ID和密碼
add name="pppoe-out1" interface="vrrp1" user="1" password="2" disabled=no
add name="pppoe-out2" interface="vrrp2" user="1" password="2" disabled=no
add name="pppoe-out3" interface="vrrp3" user="1" password="2" disabled=no

/ip firewall mangle
add action=change-mss chain=forward comment=change-mss disabled=no new-mss=1440 protocol=tcp tcp-flags=syn

/ip firewall mangle
add chain=prerouting action=mark-connection dst-address-type=!local in-interface=lan per-connection-classifier=both-addresses:3/0 new-connection-mark=PCC_1 passthrough=yes comment="PCC1"
add action=mark-routing chain=prerouting connection-mark=PCC_1 disabled=no in-interface=lan new-routing-mark=PCC_ROUT1 passthrough=yes

add chain=prerouting action=mark-connection dst-address-type=!local in-interface=lan per-connection-classifier=both-addresses:3/1 new-connection-mark=PCC_2 passthrough=yes comment="PCC2"
add action=mark-routing chain=prerouting connection-mark=PCC_2 disabled=no in-interface=lan new-routing-mark=PCC_ROUT2 passthrough=yes

add chain=prerouting action=mark-connection dst-address-type=!local in-interface=lan per-connection-classifier=both-addresses:3/2 new-connection-mark=PCC_3 passthrough=yes comment="PCC3"
add action=mark-routing chain=prerouting connection-mark=PCC_3 disabled=no in-interface=lan new-routing-mark=PCC_ROUT3 passthrough=yes

/ip firewall mangle
add action=mark-connection chain=input disabled=no in-interface=pppoe-out1 new-connection-mark=PCC_1 passthrough=yes comment="INOUT1"
add action=mark-routing chain=output connection-mark=PCC_1 disabled=no new-routing-mark=PCC_ROUT1 passthrough=yes

add action=mark-connection chain=input disabled=no in-interface=pppoe-out2 new-connection-mark=PCC_2 passthrough=yes comment="INOUT2"
add action=mark-routing chain=output connection-mark=PCC_2 disabled=no new-routing-mark=PCC_ROUT2 passthrough=yes

add action=mark-connection chain=input disabled=no in-interface=pppoe-out3 new-connection-mark=PCC_3 passthrough=yes comment="INOUT3"
add action=mark-routing chain=output connection-mark=PCC_3 disabled=no new-routing-mark=PCC_ROUT3 passthrough=yes

/ip firewall nat

add action=masquerade chain=srcnat comment=1 disabled=no out-interface=pppoe-out1
add action=masquerade chain=srcnat comment=2 disabled=no out-interface=pppoe-out2
add action=masquerade chain=srcnat comment=3 disabled=no out-interface=pppoe-out3

/ip route
add comment=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=PCC_ROUT1 check-gateway=ping disabled=no distance=1
add comment=2 dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=PCC_ROUT2 check-gateway=ping disabled=no distance=1
add comment=3 dst-address=0.0.0.0/0 gateway=pppoe-out3 routing-mark=PCC_ROUT3 check-gateway=ping disabled=no distance=1

add comment=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 check-gateway=ping disabled=no distance=1
add comment=2 dst-address=0.0.0.0/0 gateway=pppoe-out2 check-gateway=ping disabled=no distance=2
add comment=3 dst-address=0.0.0.0/0 gateway=pppoe-out3 check-gateway=ping disabled=no distance=3


/ip firewall nat
add chain=dstnat in-interface=wan protocol=tcp dst-port=13456 action=dst-nat  to-addresses=192.168.8.101 to-ports=13456
add action=masquerade chain=srcnat comment="" disabled=no


沙發
 樓主| 發表于 2020-7-5 20:21:53 | 只看該作者
ROS軟路由論壇
求高手指教呀!!!
板凳
發表于 2020-7-7 22:13:04 | 只看該作者
端口映射的數據經過PCC了,要排除出去。或者再標記一次端口映射的數據,把前面PCC打上的mark覆蓋掉。
您需要登錄后才可以回帖 登錄 | 會員注冊

本版積分規則

ROS教程版塊已全面開放,
即使是新注冊的初級會員也可閱讀全部內容。

不良信息舉報Q:2000617

不良信息舉報Q:2000617|Archiver|小黑屋|ROS軟路由論壇 ROSABC.com

GMT+8, 2020-7-16 01:24 , Processed in 0.101436 second(s), 14 queries .

Powered by Discuz! X3.4

© 2001-2017 Comsenz Inc.

快速回復 返回頂部 返回列表
又黄又刺激的免费视频-又黄又免费的美女视频