ROS 典型PCC负载脚本

ROS 典型PCC负载脚本

:global num

:set num 38

:for szwm from=1 to=$num do={ :global type

:set type (\ . $num . \ . ($szwm-1)) #设置网卡名字 name中的wlan可以改成

#/interface set (\ . $szwm) #建立pppoe拨号，并禁用

/interface pppoe-client add

name=(\ . $szwm) user=(\wm) \\

interface=(\ .$szwm) comment=(\ . $szwm) disabled=no # NAT伪装

/ip firewall nat add chain=srcnat out-interface=(\ . $szwm) action=masquerade \\ comment=(\ . $szwm) # 标记从哪里来

/ ip firewall mangle \\

add chain=input in-interface=(\ . $szwm) action=mark-connection \\ new-connection-mark=(\comment=(\ . $szwm) #标记从哪里来，回哪里去

/ ip firewall mangle add chain=output

connection-mark=(\

action=mark-routing new-routing-mark=( \ . $szwm) passthrough=yes comment=(\ . $szwm) #PCC设置

/ip firewall mangle add chain=prerouting

action=mark-connection new-connection-mark=(\ dst-address-type=!local in-interface=Local per-connection-classifier=$type passthrough=yes comment=(\ . $szwm) #标记路由

/ip firewall mangle add chain=prerouting

connection-mark=(\action=mark-routing new-routing-mark=( \ . $szwm) \\ comment=(\ . $szwm) #添加路由 /ip route add

dst-address=0.0.0.0/0 gateway=(\ . $szwm) routing-mark=( \

. $szwm) check-gateway=ping comment=(\ . $szwm)

add dst-address=0.0.0.0/0 gateway=(\ . $szwm) distance=$szwm check-gateway=ping comment=(\ . $szwm) }

配合这个掉线后自动修改脚本很好用

以4线为例，其中某条线路断了后，会自动判断剩余可用的线路数量然后修改PCC规则的参数，线路恢复正常后会自动把参数修改回正常状态，注意连接标记名称一定要以纯数字“1、2、3、4...”来命名。一般该脚本设置30秒间隔就比较合适。 #pcc掉线后自动修改参数脚本 {

:local status :local i \ :local x \ :local y \ :local z \

:set x [:len [/interface pppoe-client find running=yes]] :if ($x<$i) do={

:for ii from=1 to=$i do={

:set status [/interface get [find name=(\ :if ($status=true) do={ /ip fir man set [find new-connection-mark=$ii]

per-connection-classifier=(\ y ($y+1)} else={

/ip fir man set [find new-connection-mark=$ii] disable=yes}}} :if ($x=$i) do={

:set z [:len [/ip fir man find action=\ disabled=yes chain=prerouting]]

:if ($z>0) do={

:for ii from=1 to=$i do={

/ip fi man set [find new-connection-mark=$ii]

per-connection-classifier=(\ y ($y+1)}}}}

以上是PPPOE环境下的，下面的这个是固定IP相同网关的环境，2条线

/ip address

add address=192.168.1.1/24 comment=\ disabled=no interface=lan \\ network=192.168.1.0

add address=10.10.10.10/32 disabled=no interface=wan1 add address=20.20.20.20/32 disabled=no interface=wan2

/ip firewall mangle

add action=accept chain=prerouting disabled=no dst-address=10.10.10.10 \\ in-interface=wan1

add action=accept chain=prerouting disabled=no dst-address=20.20.20.20 \\ in-interface=wan2

add action=mark-connection chain=input comment=\\

\ disabled=no \\ in-interface=wan1 new-connection-mark=wan1_conn passthrough=yes

add action=mark-routing chain=output connection-mark=wan1_conn disabled=no \\ new-routing-mark=wan1_rout passthrough=yes

add action=mark-connection chain=input disabled=no in-interface=wan2 \\ new-connection-mark=wan2_conn passthrough=yes

add action=mark-routing chain=output connection-mark=wan2_conn disabled=no \\ new-routing-mark=wan2_rout passthrough=yes

add action=mark-connection chain=prerouting comment=wan1 disabled=no \\

dst-address-type=!local new-connection-mark=wan1_conn passthrough=yes \\ per-connection-classifier=both-addresses:2/0 src-address-list=192.168.1.0/24

add action=mark-routing chain=prerouting connection-mark=wan1_conn disabled=\\ no new-routing-mark=wan1_rout passthrough=yes src-address-list=192.168.1.0/24

add action=mark-connection chain=prerouting comment=wan2 disabled=no \\

dst-address-type=!local new-connection-mark=wan2_conn passthrough=yes \\ per-connection-classifier=both-addresses:2/1 src-address-list=192.168.1.0/24

add action=mark-routing chain=prerouting connection-mark=wan2_conn disabled=\\ no new-routing-mark=wan2_rout passthrough=yes src-address-list=192.168.1.0/24

add action=change-mss chain=forward comment=\\

\ disabled=yes new-mss=1440 \\ passthrough=yes protocol=tcp tcp-flags=syn

/ip firewall nat

add action=src-nat chain=srcnat comment=\ disabled=no \\

out-interface=wan1 src-address-list=192.168.1.0/24 to-addresses=10.10.10.10 add action=src-nat chain=srcnat comment=\ disabled=no \\

out-interface=wan2 src-address-list=192.168.1.0/24 to-addresses=20.20.20.20 add action=masquerade chain=srcnat comment=\ disabled=no src-address-list=192.168.1.0/24 \\ to-addresses=0.0.0.0

/ip route

add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1%wan1 \\ routing-mark=wan1_rout scope=30 target-scope=10

add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1%wan2 \\ routing-mark=wan2_rout scope=30 target-scope=10

add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1%wan1 \\ scope=255 target-scope=10

add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=1.1.1.1%wan2 \\ scope=255 target-scope=10

add comment=\ disabled=yes distance=1 dst-address=0.0.0.0/0 \\ gateway=192.168.1.1 scope=30 target-scope=10

这上5.x的双线同网关固定IP的pcc脚本 ，lan为局域网口，wan1和wan2为两个外网口。把1.1.1.1改成网关，10.10.10.10改成外网1IP，20.20.20.20改成外网2IP，192.168.1.1为局域网，看着改成自已的ip就行了

批量设置脚本 设置VLAN命令

:for i from=2 to=25 do= {/interface vlan add name=(\interface=WAN} 设置桥用于拔号

:for i from=2 to=25 do= {/interface bridge add name=(\admin-mac=(\把VLAN加入到桥

:for i from=2 to=25 do= {/interface bridge port add interface=(\bridge=(\设置PPP拔号

:for i from=2 to=25 do= {/interface pppoe-client add name=(%user=(\ 这些我都都做好了,那现在开始进行对线路进行标记与PCC设置 标记从哪条线路进就从哪条线路出

:for i from=1 to=192 do= { /ip firewall mangle

add chain=input action=mark-connection new-connection-mark=(\in-interface=(\

add chain=output connection-mark=(\new-routing-mark=(\}

从哪进从哪出我们已经做好,现在设置PCC

这里由于有些LAN拔号也设了VLAN的,我们进行可移植的统一配置

/ip firewall address-list add address=1.2.3.4/24 disabled=no list=mark_route :for i from=2 to=25 do= { /ip firewall mangle

add chain=prerouting src-address-list=mark_route action=mark-connection comment=(\

new-connection-mark=(\

per-connection-classifier=(\

add chain=prerouting src-address-list=mark_route action=mark-routing new-routing-mark=(\}

好了,PCC我们也已经设置好了

现在我们设置PCC的路由与标记的路由

:for i from=1 to=192 do= {/ip route add dst-address=0.0.0.0/0 gateway=(\routing-mark=(\

另外一个带VRRP的脚本 :do {

#adsl线路数 :local adsl 4

#负载的内网地址列表 :local lanlis lanlist #外网卡名称 :local ether ether2 #NAT的源地址段

:local lanip 172.168.1.0/24 /interface vrrp

:for a from=1 to=$adsl do={

add name=(“adsl-“.$a) interface=$ether vrid=$a preemption-mode=no disabled=no} /ip address

add address=11.11.11.11/28 interface=$ether disabled=no :for a from=1 to=$adsl do={

add address=(“10.10.”.$a.”.1/28”) interface=(“adsl-“.$a) disabled=no} /interface pppoe-client

:for a from=1 to=$adsl do= {

add add-default-route=no dial-on-demand=no use-peer-dns=no name=(%user=(“q”.$a) password=$a interface=(\-“.$a)} /ip firewall mangle

:for a from=1 to=$adsl do={

add action=mark-connection chain=prerouting dst-address-type=!local

src-address-list=$lanlis passthrough=yes new-connection-mark=(\per-connection-classifier=(\addresses:”.($adsl-($a-1)).”/\comment=(\

add action=mark-routing chain=prerouting src-address-list=$lanlis passthrough=no connection-mark=(\/ip firewall mangle

:for a from=1 to=$adsl do={

add chain=input action=mark-connection new-connection-mark=(\in-interface=(\add chain=output connection-mark=(\new-routing-mark=(\/ip firewall nat

:for a from=1 to=$adsl do={

add action=masquerade chain=srcnat out-interface=(\disabled=no comment=$a} /ip route

:for a from=1 to=$adsl do= {

add check-gateway=ping gateway=(\comment=(\

add check-gateway=ping distance=$a gateway=(“pppoe-out”.$a)}}

百度搜索“77cn”或“免费范文网”即可找到本站免费阅读全部范文。收藏本站方便下次阅读，免费范文网，提供经典小说综合文库ROS 典型PCC负载脚本在线全文阅读。