Iniciando Wisp - desde 0 ¿esta bien?

Publicado por hackwik, Mayo 19, 2018, 05:29:11 PM

Tema anterior - Siguiente tema
Imprimir
Ir Abajo Páginas1
Acciones del Usuario

hackwik

Mayo 19, 2018, 05:29:11 PM
Estoy instalando una Wisp,  esta vez como un negocio con toda la buena :D actitud solo que lo único que tengo de conocimiento  sobre esta temática  es baaasico muy básico, bueno pues hasta aquí voy ¿que opinan? voy  bien eh hecho algo mal.
Su  comentario/critica  sera de gran ayuda ;)

actualmente la red la  tengo conectada con 15 Clientes (cpe), con 2 lineas de telmex adsl de 10MB c/u.  balanceada en un RB750Gl (script 4 wan+failover/completo al final)



por momentos eh visto algunos clientes desconectados o la navegación pasa de ser  buena a malisima, tiene  marcado de paquete para HTTP/Youtube/whattsapp - PCQ/simple queues

Balanceador Dinámico:
Código [Seleccionar]
/system identity
set name="Balanceador Dinamico"

/interface ethernet
set [ find default-name=ether1 ] comment="***Proveedor ISP 1***" name=Wan1
set [ find default-name=ether2 ] comment="***Proveedor ISP 2***" name=Wan2
set [ find default-name=ether3 ] comment="***Proveedor ISP 3***" name=Wan3
set [ find default-name=ether4 ] comment="***Proveedor ISP 4***" name=Wan4
set [ find default-name=ether5 ] comment="Red de Area Local" name=LAN

/ip dhcp-client
add default-route-distance=1 dhcp-options=hostname,clientid disabled=no interface=Wan1 use-peer-dns=no use-peer-ntp=no
add default-route-distance=1 dhcp-options=hostname,clientid disabled=no interface=Wan2 use-peer-dns=no use-peer-ntp=no
add default-route-distance=1 dhcp-options=hostname,clientid disabled=no interface=Wan3 use-peer-dns=no use-peer-ntp=no
add default-route-distance=1 dhcp-options=hostname,clientid disabled=no interface=Wan4 use-peer-dns=no use-peer-ntp=no

/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4

/ip address
add address=192.168.0.1/24 interface=LAN network=192.168.0.0

/ip pool
add name=dhcp_pool1 ranges=192.168.0.2-192.168.0.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=LAN name=dhcp1
/ip dhcp-server network
add address=192.168.0.0/24 gateway=192.168.0.1

/ip firewall nat
add action=masquerade chain=srcnat connection-mark=conn1 out-interface=Wan1
add action=masquerade chain=srcnat connection-mark=conn2 out-interface=Wan2
add action=masquerade chain=srcnat connection-mark=conn3 out-interface=Wan3
add action=masquerade chain=srcnat connection-mark=conn4 out-interface=Wan4

/ip firewall mangle
add action=mark-connection chain=prerouting connection-state=new in-interface=LAN new-connection-mark=conn1 nth=4,1
add action=mark-routing chain=prerouting connection-mark=conn1 in-interface=LAN new-routing-mark=conn1 passthrough=no
add action=mark-connection chain=prerouting connection-state=new in-interface=LAN new-connection-mark=conn2 nth=4,2
add action=mark-routing chain=prerouting connection-mark=conn2 in-interface=LAN new-routing-mark=conn2 passthrough=no
add action=mark-connection chain=prerouting connection-state=new in-interface=LAN new-connection-mark=conn3 nth=4,3
add action=mark-routing chain=prerouting connection-mark=conn3 in-interface=LAN new-routing-mark=conn3 passthrough=no
add action=mark-connection chain=prerouting connection-state=new in-interface=LAN new-connection-mark=conn4 nth=4,4
add action=mark-routing chain=prerouting connection-mark=conn4 in-interface=LAN new-routing-mark=conn4 passthrough=no

/system scheduler
add interval=10s name=Busqueda_Wan_1 on-event="\r\
    /system script run ether1_force" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=startup
add interval=10s name=Busqueda_Wan_2 on-event="\r\
    \n/system script run ether2_force" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=startup
add interval=10s name=Busqueda_Wan_3 on-event="\r\
    \n/system script run ether3_force" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=startup
add interval=10s name=Busqueda_Wan_4 on-event="\r\
    \n/system script run ether4_force" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=startup
add name=Enable-All-Schedules on-event=" /system scheduler set [find name=\"Busqueda_Wan_1\"] disable=no;\r\
    \n\r\
    \n /system scheduler set [find name=\"Busqueda_Wan_2\"] disable=no;\r\
    \n\r\
    \n /system scheduler set [find name=\"Busqueda_Wan_3\"] disable=no;\r\
    \n\r\
    \n /system scheduler set [find name=\"Busqueda_Wan_4\"] disable=no;\r\
    \n" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive start-time=startup


/system script
add name=ether1_force owner=admin policy=read,write source=":if ([/interface find name=\"Wan1\"] = \"\") do={\r\
    \n\t:error \"La Interface No Esta Conectada\";\r\
    \n\t}\r\
    \n\t\r\
    \n:if ([/interface get [find name=\"Wan1\"] disabled ]) do={\r\
    \n\t:error \"La Interface Wan1 esta Deshabilitada.\";\r\
    \n\t}\r\
    \n\r\
    \n:if ([/ip dhcp-client find interface=\"Wan1\"] = \"\") do={\r\
    \n\t:error \"La Interface Wan1 No tiene activo el DHCP Cliente.\";\r\
    \n\t}\r\
    \n\r\
    \n:if ([/ip dhcp-client get [find interface=\"Wan1\"] status] != \"bound\") do={\r\
    \n\t:error \"DHCP cliente no tiene asignada una dirección.\";\r\
    \n\t}\r\
    \n\t\r\
    \n:local dhcpgateway [/ip dhcp-client get [find interface=\"Wan1\"] gateway];\r\
    \n:if (\$dhcpgateway = \"\") do={\r\
    \n\t:error \"La Interface no tiene asignada una dirección de gateway.\";\r\
    \n\t}\r\
    \n\t\r\
    \n:local oldgatewayid [/ip route find comment=\"ether1_force\"];\r\
    \n\r\
    \n:if (\"\$oldgatewayid\" = \"\") do={\r\
    \n\t:log warning \"Adding route\";\r\
    \n\t:execute \"/ip route add \\\r\
    \n\t\tdst-address=0.0.0.0/0 \\\r\
    \n\t\tcomment=ether1_force \\\r\
    \n\t\trouting-mark=conn1 \\\r\
    \n\t\tgateway=\$dhcpgateway\";\r\
    \n\t:error \"All done.\";\r\
    \n\t}\r\
    \n\r\
    \n:local oldgateway [/ip route get number=\"\$oldgatewayid\" gateway];\r\
    \n:if (\"\$oldgateway\" != \"\$dhcpgateway\") do={\r\
    \n\t/ip route set numbers=\"\$oldgatewayid\" gateway=\"\$dhcpgateway\";\r\
    \n\t}\r\
    \n\r\
    \n#The Same IP Gatway\r\
    \n\r\
    \n:local dhcpgateway [/ip dhcp-client get [find interface=\"Wan1\"] gateway];\r\
    \n\r\
    \n /ip route set [find comment=\"ether1_force\"] gateway=(\$dhcpgateway.\"%Wan1\")\r\
    \n\r\
    \n# Disable Schedule\r\
    \n\r\
    \n:local RCount [/system scheduler get [find name =Busqueda_Wan_1] run-count]\r\
    \n\r\
    \n:if (\$RCount >2) do={\r\
    \n/system scheduler set [find name=\"Busqueda_Wan_1\"] disable=yes\r\
    \n#: log warning DigitAllFran;\r\
    \n}"
add name=ether2_force owner=admin policy=read,write source=":if ([/interface find name=\"Wan2\"] = \"\") do={\r\
    \n\t:error \"La Interface No Esta Conectada\";\r\
    \n\t}\r\
    \n\t\r\
    \n:if ([/interface get [find name=\"Wan2\"] disabled ]) do={\r\
    \n\t:error \"La Interface Wan2 esta Deshabilitada.\";\r\
    \n\t}\r\
    \n\r\
    \n:if ([/ip dhcp-client find interface=\"Wan2\"] = \"\") do={\r\
    \n\t:error \"La Interface Wan2 No tiene activo el DHCP Cliente.\";\r\
    \n\t}\r\
    \n\r\
    \n:if ([/ip dhcp-client get [find interface=\"Wan2\"] status] != \"bound\") do={\r\
    \n\t:error \"DHCP cliente no tiene asignada una dirección.\";\r\
    \n\t}\r\
    \n\t\r\
    \n:local dhcpgateway [/ip dhcp-client get [find interface=\"Wan2\"] gateway];\r\
    \n:if (\$dhcpgateway = \"\") do={\r\
    \n\t:error \"La Interface no tiene asignada una dirección de gateway.\";\r\
    \n\t}\r\
    \n\t\r\
    \n:local oldgatewayid [/ip route find comment=\"ether2_force\"];\r\
    \n\r\
    \n:if (\"\$oldgatewayid\" = \"\") do={\r\
    \n\t:log warning \"Adding route\";\r\
    \n\t:execute \"/ip route add \\\r\
    \n\t\tdst-address=0.0.0.0/0 \\\r\
    \n\t\tcomment=ether2_force \\\r\
    \n\t\trouting-mark=conn2 \\\r\
    \n\t\tgateway=\$dhcpgateway\";\r\
    \n\t:error \"All done.\";\r\
    \n\t}\r\
    \n\r\
    \n:local oldgateway [/ip route get number=\"\$oldgatewayid\" gateway];\r\
    \n:if (\"\$oldgateway\" != \"\$dhcpgateway\") do={\r\
    \n\t/ip route set numbers=\"\$oldgatewayid\" gateway=\"\$dhcpgateway\";\r\
    \n\t}\r\
    \n\r\
    \n#The Same IP Gatway\r\
    \n\r\
    \n:local dhcpgateway [/ip dhcp-client get [find interface=\"Wan2\"] gateway];\r\
    \n\r\
    \n /ip route set [find comment=\"ether2_force\"] gateway=(\$dhcpgateway.\"%Wan2\")\r\
    \n\r\
    \n# Disable Schedule\r\
    \n\r\
    \n:local RCount [/system scheduler get [find name =Busqueda_Wan_2] run-count]\r\
    \n\r\
    \n:if (\$RCount >2) do={\r\
    \n/system scheduler set [find name=\"Busqueda_Wan_2\"] disable=yes\r\
    \n#: log warning DigitAllFran;\r\
    \n}"
add name=ether3_force owner=admin policy=read,write source=":if ([/interface find name=\"Wan3\"] = \"\") do={\r\
    \n\t:error \"La Interface No Esta Conectada\";\r\
    \n\t}\r\
    \n\t\r\
    \n:if ([/interface get [find name=\"Wan3\"] disabled ]) do={\r\
    \n\t:error \"La Interface Wan3 esta Deshabilitada.\";\r\
    \n\t}\r\
    \n\r\
    \n:if ([/ip dhcp-client find interface=\"Wan3\"] = \"\") do={\r\
    \n\t:error \"La Interface Wan3 No tiene activo el DHCP Cliente.\";\r\
    \n\t}\r\
    \n\r\
    \n:if ([/ip dhcp-client get [find interface=\"Wan3\"] status] != \"bound\") do={\r\
    \n\t:error \"DHCP cliente no tiene asignada una dirección.\";\r\
    \n\t}\r\
    \n\t\r\
    \n:local dhcpgateway [/ip dhcp-client get [find interface=\"Wan3\"] gateway];\r\
    \n:if (\$dhcpgateway = \"\") do={\r\
    \n\t:error \"La Interface no tiene asignada una dirección de gateway.\";\r\
    \n\t}\r\
    \n\t\r\
    \n:local oldgatewayid [/ip route find comment=\"ether3_force\"];\r\
    \n\r\
    \n:if (\"\$oldgatewayid\" = \"\") do={\r\
    \n\t:log warning \"Adding route\";\r\
    \n\t:execute \"/ip route add \\\r\
    \n\t\tdst-address=0.0.0.0/0 \\\r\
    \n\t\tcomment=ether3_force \\\r\
    \n\t\trouting-mark=conn3 \\\r\
    \n\t\tgateway=\$dhcpgateway\";\r\
    \n\t:error \"All done.\";\r\
    \n\t}\r\
    \n\r\
    \n:local oldgateway [/ip route get number=\"\$oldgatewayid\" gateway];\r\
    \n:if (\"\$oldgateway\" != \"\$dhcpgateway\") do={\r\
    \n\t/ip route set numbers=\"\$oldgatewayid\" gateway=\"\$dhcpgateway\";\r\
    \n\t}\r\
    \n\r\
    \n#The Same IP Gatway\r\
    \n\r\
    \n:local dhcpgateway [/ip dhcp-client get [find interface=\"Wan3\"] gateway];\r\
    \n\r\
    \n /ip route set [find comment=\"ether3_force\"] gateway=(\$dhcpgateway.\"%Wan3\")\r\
    \n\r\
    \n# Disable Schedule\r\
    \n\r\
    \n:local RCount [/system scheduler get [find name =Busqueda_Wan_3] run-count]\r\
    \n\r\
    \n:if (\$RCount >2) do={\r\
    \n/system scheduler set [find name=\"Busqueda_Wan_3\"] disable=yes\r\
    \n#: log warning DigitAllFran;\r\
    \n}"
add name=ether4_force owner=admin policy=read,write source=":if ([/interface find name=\"Wan4\"] = \"\") do={\r\
    \n\t:error \"La Interface No Esta Conectada\";\r\
    \n\t}\r\
    \n\t\r\
    \n:if ([/interface get [find name=\"Wan4\"] disabled ]) do={\r\
    \n\t:error \"La Interface Wan4 esta Deshabilitada.\";\r\
    \n\t}\r\
    \n\r\
    \n:if ([/ip dhcp-client find interface=\"Wan4\"] = \"\") do={\r\
    \n\t:error \"La Interface Wan4 No tiene activo el DHCP Cliente.\";\r\
    \n\t}\r\
    \n\r\
    \n:if ([/ip dhcp-client get [find interface=\"Wan4\"] status] != \"bound\") do={\r\
    \n\t:error \"DHCP cliente no tiene asignada una dirección.\";\r\
    \n\t}\r\
    \n\t\r\
    \n:local dhcpgateway [/ip dhcp-client get [find interface=\"Wan4\"] gateway];\r\
    \n:if (\$dhcpgateway = \"\") do={\r\
    \n\t:error \"La Interface no tiene asignada una dirección de gateway.\";\r\
    \n\t}\r\
    \n\t\r\
    \n:local oldgatewayid [/ip route find comment=\"ether4_force\"];\r\
    \n\r\
    \n:if (\"\$oldgatewayid\" = \"\") do={\r\
    \n\t:log warning \"Adding route\";\r\
    \n\t:execute \"/ip route add \\\r\
    \n\t\tdst-address=0.0.0.0/0 \\\r\
    \n\t\tcomment=ether4_force \\\r\
    \n\t\trouting-mark=conn4 \\\r\
    \n\t\tgateway=\$dhcpgateway\";\r\
    \n\t:error \"All done.\";\r\
    \n\t}\r\
    \n\r\
    \n:local oldgateway [/ip route get number=\"\$oldgatewayid\" gateway];\r\
    \n:if (\"\$oldgateway\" != \"\$dhcpgateway\") do={\r\
    \n\t/ip route set numbers=\"\$oldgatewayid\" gateway=\"\$dhcpgateway\";\r\
    \n\t}\r\
    \n\r\
    \n#The Same IP Gatway\r\
    \n\r\
    \n:local dhcpgateway [/ip dhcp-client get [find interface=\"Wan4\"] gateway];\r\
    \n\r\
    \n /ip route set [find comment=\"ether4_force\"] gateway=(\$dhcpgateway.\"%Wan4\")\r\
    \n\r\
    \n# Disable Schedule\r\
    \n\r\
    \n:local RCount [/system scheduler get [find name =Busqueda_Wan_4] run-count]\r\
    \n\r\
    \n:if (\$RCount >2) do={\r\
    \n/system scheduler set [find name=\"Busqueda_Wan_4\"] disable=yes\r\
    \n#: log warning DigitAllFran;\r\
    \n}"

-------------------------------------------------------------------------------------------

/system ntp client
set enabled=yes primary-ntp=192.6.15.28 secondary-ntp=192.6.15.29
/system routerboard settings
set silent-boot=no

/ip route
add comment=ether1_force distance=1 gateway=192.168.12.254%Wan1 routing-mark=\
    conn1
add comment=ether2_force distance=1 gateway=192.168.1.254%Wan2 routing-mark=\
    conn2
add comment=ether3_force distance=1 gateway=192.168.12.254%Wan3 routing-mark=\
    conn3
add comment=ether4_force distance=1 gateway=192.168.1.254%Wan4 routing-mark=\
    conn4

/ip firewall mangle
add action=mark-connection chain=prerouting comment=ICMP disabled=yes \
    new-connection-mark=Icmp_C passthrough=yes protocol=icmp
add action=mark-packet chain=prerouting connection-mark=Icmp_C disabled=yes \
    new-packet-mark=Icmp passthrough=no
add action=mark-connection chain=prerouting comment="dns connection" \
    disabled=yes dst-port=53 new-connection-mark=DNS_C passthrough=yes \
    protocol=udp
add action=mark-packet chain=prerouting connection-mark=DNS_C disabled=yes \
    new-packet-mark=DNS passthrough=no
add action=mark-connection chain=prerouting comment=YOUTUBE content=\
    youtube.com new-connection-mark=Youtube_C passthrough=yes
add action=mark-packet chain=prerouting connection-mark=Youtube_C \
    new-packet-mark=Youtube passthrough=no
add action=mark-connection chain=prerouting comment=HTTP_WEB dst-port=80 \
    new-connection-mark=HTTP_C passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=HTTP_C \
    new-packet-mark=HTTP passthrough=no protocol=tcp
add action=mark-connection chain=prerouting comment=HTTPS dst-port=443 \
    new-connection-mark=Facebook_C passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=Facebook_C \
    new-packet-mark=Facebook passthrough=yes
add action=mark-connection chain=prerouting comment=Whatsap disabled=yes \
    dst-port=5222,5223,5228,5242 new-connection-mark=Whatsapp_C passthrough=\
    yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=Whatsapp_C disabled=\
    yes new-packet-mark=Whatsapp passthrough=no
add action=mark-connection chain=prerouting comment=Otros disabled=yes \
    new-connection-mark=Otros_C passthrough=yes
add action=mark-packet chain=prerouting connection-mark=Otros_C disabled=yes \
    new-packet-mark=Otros passthrough=no
add action=mark-connection chain=forward comment=pcq disabled=yes \
    new-connection-mark=users-con passthrough=yes src-address=192.168.0.0/24
add action=mark-packet chain=forward connection-mark=users-con disabled=yes \
    new-packet-mark=users passthrough=no

/queue tree
add max-limit=20M name=Descargas parent=LAN priority=1
add disabled=yes max-limit=256k name=Subida parent=Wan1
add disabled=yes name=ICMP_D packet-mark=Icmp parent=Descargas priority=1
add disabled=yes name=ICMP_S packet-mark=Icmp parent=Subida priority=1
add disabled=yes name=DNS_D packet-mark=DNS parent=Descargas priority=2
add disabled=yes name=DNS_S packet-mark=DNS parent=Subida priority=2
add max-limit=1M name=Youtube_D packet-mark=Youtube parent=Descargas \
    priority=3
add disabled=yes name=Youtube_S packet-mark=Youtube parent=Subida priority=3
add max-limit=712k name=HTTP_D packet-mark=HTTP parent=Descargas priority=4
add disabled=yes name=HTTP_S packet-mark=HTTP parent=Subida priority=4
add max-limit=512k name=HTTPS_D packet-mark=Facebook parent=Descargas \
    priority=5
add disabled=yes name=HTTPS_S packet-mark=Facebook parent=Subida priority=5
add disabled=yes name=whatsap_D packet-mark=Whatsapp parent=Descargas \
    priority=6
add disabled=yes name=whatsapp_s packet-mark=Whatsapp parent=Subida priority=\
    6
add disabled=yes max-limit=2M name=otros_D packet-mark=Otros parent=Descargas \
    priority=7
add disabled=yes name=Otros_S packet-mark=Otros parent=Subida priority

/queue type
add kind=pcq name="download pcq" pcq-classifier=dst-address
add kind=pcq name="upload pcq" pcq-classifier=src-address

/queue simple
add name=Lan-1 queue="upload pcq/download pcq" target=192.168.0.0/24
/queue tree
add disabled=yes name=queue4 packet-mark=users parent=Descargas queue=\
    "download pcq"
/ip address
add address=192.168.0.1/24 interface=LAN network=192.168.0.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=Wan1 use-peer-dns=no \
    use-peer-ntp=no
add dhcp-options=hostname,clientid disabled=no interface=Wan2 use-peer-dns=no \
    use-peer-ntp=no
add dhcp-options=hostname,clientid disabled=no interface=Wan3 use-peer-dns=no \
    use-peer-ntp=no
add dhcp-options=hostname,clientid disabled=no interface=Wan4 use-peer-dns=no \
    use-peer-ntp=no



Creo que es todo.. inhabilite algunos marcado de paquetes que la conexion se volvio muuy lenta y no supe reconocer el problema :( ... 

¿voy bien?
Imprimir
Ir Arriba Páginas1
Acciones del Usuario