命令行：

/ ip firewall mangle
1、保證訪問局域網(wǎng)IP的時(shí)候不被PCC了。
add chain=prerouting dst-address=10.1.1.0/24 action=accept in-interface=ether1
add chain=prerouting dst-address=10.2.2.0/24 action=accept in-interface=ether1

2、保證上網(wǎng)流量從哪進(jìn)就從哪出，所以必須比如對(duì)從wan口進(jìn)來的流量進(jìn)行標(biāo)識(shí)。為避免上下流量出錯(cuò)connection-mark=no-mark不可少！
add chain=prerouting in-interface=wlan1 connection-mark=no-mark action=mark-connection new-connection-mark=1
add chain=prerouting in-interface=wlan2 connection-mark=no-mark action=mark-connection new-connection-mark=2

3、對(duì)于從局域網(wǎng)進(jìn)的連接，目的地址為非局域網(wǎng)IP的流量進(jìn)行連接標(biāo)記，每個(gè)1/2。為避免上下流量出錯(cuò)connection-mark=no-mark不可少！
add chain=prerouting in-interface=ether1 connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=1
add chain=prerouting in-interface=ether1 connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-mark=2

4、對(duì)于之前進(jìn)行連接的標(biāo)識(shí)進(jìn)行，分別標(biāo)識(shí)不同的路由標(biāo)記。這里注意in-interface=ether1不可少，因?yàn)橹暗倪B接標(biāo)記為雙向的，有進(jìn)有出，這里如果沒有in-interface配置，out流量也會(huì)被PCC！
add chain=prerouting connection-mark=1 in-interface=ether1 action=mark-routing new-routing-mark=1
add chain=prerouting connection-mark=2 in-interface=ether1 action=mark-routing new-routing-mark=2

5、保證上網(wǎng)流量從哪進(jìn)就從哪出，所以必須比如對(duì)從wan口出去的流量進(jìn)行標(biāo)識(shí)。
add chain=output connection-mark=1 action=mark-routing new-routing-mark=1
add chain=output connection-mark=2 action=mark-routing new-routing-mark=2

6、對(duì)不同的路由標(biāo)記走不同的外網(wǎng)網(wǎng)關(guān)出去，后面兩個(gè)為備用網(wǎng)關(guān)
/ ip route
add dst-address=0.0.0.0/0 gateway=10.1.1.88 routing-mark=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.2.2.88 routing-mark=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.1.1.88 distance=2
add dst-address=0.0.0.0/0 gateway=10.2.2.88 distance=3

7、對(duì)兩條外網(wǎng)進(jìn)行偽裝
/ ip firewall nat
add chain=srcnat out-interface=wlan1 action=masquerade
add chain=srcnat out-interface=wlan2 action=masquerade

?

轉(zhuǎn)載于:https://www.cnblogs.com/itfat/p/10731567.html

總結(jié)

以上是生活随笔為你收集整理的ROS多根adsl叠加负载均衡PCC的做法的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。