Salve a tutti, avrei bisogno del vostro aiuto per configurare questo switch, di cui allego file di configurazione attuale.
Premetto che è stato configurato da un amico, per 3wan e 1 lan, con load balance e failover.
Questa configurazione ha funzionato bene per alcuni mesi, poi giorni fa ho collegato un xvr con 4 ip cam e improvvisamente dai pc non riuscivo più a navigare, la connessione era lentissima.
Ho subito pensato ad una congestione dello switch ed ho quindi staccato l'nvr ma.....la connessione era sempre lentissima anche dopo aver riavviato switch e modems.
Ho dovuto rimettere router cisco x gestire le wan ed uno switch netgear a 24 porte per riavere tutto prestante ma devo rimettere il mikrotik e quindi spero in un vs aiuto.
# mar/06/2018 16:57:06 by RouterOS 6.41.2
# software id =
#
# model = CRS125-24G-1S
# serial number =
/interface bridge
add admin-mac=xx:xx:xx:xx:xx:xx auto-mac=no comment=\
"created from master port" name=bridge1 protocol-mode=none
/interface ethernet
set [ find default-name=ether4 ] comment="Non disabilitare mai" name=Local
set [ find default-name=ether1 ] comment="xxx.xx.0.1 Tiscali" name=WAN1
set [ find default-name=ether2 ] comment="xxx.xx.1.1 Infostrada" name=WAN2
set [ find default-name=ether3 ] comment="xxx.xxx.1.1 Huawei" name=WAN3
set [ find default-name=ether9 ] comment=xxx.168.0.99 name="eth9 Server HP"
set [ find default-name=ether21 ] comment=xxx.168.0.92 name=\
"ether21 Qnap 253a"
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=ADSL-Coupler3
/ip pool
add name=dhcp_pool1 ranges=192.168.0.11-192.168.0.254
/ip dhcp-server
add address-pool=dhcp_pool1 authoritative=after-2sec-delay disabled=no \
interface=bridge1 name=dhcp1
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/interface bridge port
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8
add bridge=bridge1 interface="eth9 Server HP"
add bridge=bridge1 interface=ether10
add bridge=bridge1 interface=ether11
add bridge=bridge1 interface=ether12
add bridge=bridge1 interface=ether13
add bridge=bridge1 interface=ether14
add bridge=bridge1 interface=ether15
add bridge=bridge1 interface=ether16
add bridge=bridge1 interface=ether17
add bridge=bridge1 interface=ether18
add bridge=bridge1 interface=ether19
add bridge=bridge1 interface=ether20
add bridge=bridge1 interface="ether21 Qnap 253a"
add bridge=bridge1 interface=ether22
add bridge=bridge1 interface=ether23
add bridge=bridge1 interface=ether24
add bridge=bridge1 interface=Local
/ip address
add address=xxx.xxx.0.10/24 interface=bridge1 network=192.168.0.0
add address=xxx.xxx.0.65/24 interface=WAN1 network=xxx.xx.0.0
add address=xxx.xxx.1.65/24 interface=WAN2 network=xxx.xx.1.0
add address=192.168.1.65/24 interface=WAN3 network=xxx.xxx.1.0
/ip dhcp-server network
add address=xxx.xxx.0.0/24 gateway=xxx.xxx.0.10
/ip dns
set allow-remote-requests=yes cache-size=5000KiB max-udp-packet-size=512 \
servers=221.132.112.8,8.8.8.8
/ip firewall filter
add action=accept chain=input comment="winbox Wan1" dst-port=xxxx \
in-interface=WAN1 protocol=tcp
add action=accept chain=input comment="winbox wan2" dst-port=xxxx \
in-interface=WAN2 protocol=tcp
add action=accept chain=input comment="winbox wan3" dst-port=xxxx \
in-interface=WAN3 protocol=tcp
/ip firewall mangle
add action=mark-connection chain=input in-interface=WAN1 new-connection-mark=\
WAN1_conn passthrough=yes
add action=mark-connection chain=input in-interface=WAN2 new-connection-mark=\
WAN2_conn passthrough=yes
add action=mark-connection chain=input in-interface=WAN3 new-connection-mark=\
WAN3_conn passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn \
new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn \
new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN3_conn \
new-routing-mark=to_WAN3 passthrough=yes
add action=mark-connection chain=forward connection-state=new in-interface=\
WAN1 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=forward connection-state=new in-interface=\
WAN2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-connection chain=forward connection-state=new in-interface=\
WAN3 new-connection-mark=WAN3_conn passthrough=yes
add chain=forward connection-mark=WAN1_conn action=mark-packet new-packet-mark=WAN1_conn passthrough=no
add action=mark-routing chain=prerouting connection-mark=WAN1_conn \
in-interface=bridge1 new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn \
in-interface=bridge1 new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN3_conn \
in-interface=bridge1 new-routing-mark=to_WAN3 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=WAN1
add action=masquerade chain=srcnat out-interface=WAN2
add action=masquerade chain=srcnat out-interface=WAN3
add action=dst-nat chain=dstnat dst-port=18600 in-interface=WAN2 \
in-interface-list=all protocol=tcp to-addresses=xxx.xxx.0.11 to-ports=\
xxxxx
add action=dst-nat chain=dstnat dst-port=18600 in-interface=WAN1 \
in-interface-list=all protocol=tcp to-addresses=xxx.xxx.0.11 to-ports=\
xxxxx
/ip route
add check-gateway=ping distance=1 gateway=xxx.xxx.0.1 routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=xxx.xxx.1.1 routing-mark=to_WAN2
add check-gateway=ping distance=1 gateway=xxx.xxx.1.1 routing-mark=to_WAN3
add comment="Script Testing Default Route" distance=2 gateway=\
xxx.xxx.0.1,xxx.xxx.1.1,xxx.xxx.1.1 routing-mark=TEST
add comment="Default Route - Script Checked" distance=1 gateway=\
xxx.xxx.0.1,xxx.xxx.1.1,xxx.xxx.1.1
add check-gateway=ping comment="Check ECMP Gateway WAN3" distance=1 \
dst-address=255.255.255.252/32 gateway=xxx.xxx.1.1
add check-gateway=ping comment="Check ECMP Gateway WAN2" distance=1 \
dst-address=255.255.255.253/32 gateway=xxx.xxx.1.1
add check-gateway=ping comment="Check ECMP Gateway WAN1" distance=1 \
dst-address=255.255.255.254/32 gateway=xxx.xxx.0.1
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=WAN2 type=internal
/lcd interface
add interface=bridge1
/lcd interface pages
set 2 interfaces=sfp1
/system clock
set time-zone-name=Europe/Rome
/system identity
set name=ADSL-Coupler3
/system ntp client
set enabled=yes primary-ntp=193.204.114.232 secondary-ntp=8.8.8.8
/system scheduler
add interval=5s name=ECMPDefaultRouteCheck on-event=ECMPDefaultRouteCheck \
policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-time=startup
/system script
add name=ECMPDefaultRouteCheck owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="\
\n# ------------------- header -------------------\
\n# Script by Mattia Siviero, version 1.0.0\
\n# If you use this script, or edit and\
\n# re-use it, please keep the header intact.\
\n\
\n# This script is intended to be used in an ECMP \
\n# environment, with a maximum of three \
\n# default gateways.\
\n# It will check if the gateways are online\
\n# and it will modify the ECMP default route\
\n# accordingly.\
\n# ------------------- header -------------------\
\n\
\n\
\n# ------------- start editing here -------------\
\n# Edit the variables below to suit your needs\
\n\
\n# Please fill the WAN interface names\
\n:local InterfaceISP1 WAN1\
\n:local InterfaceISP2 WAN2\
\n:local InterfaceISP3 WAN3\
\n\
\n# Please fill the gateway IPs (or interface names in case of PPP)\
\n:local GatewayISP1 xxx.xxx.0.1\
\n:local GatewayISP2 xxx.xxx.1.1\
\n:local GatewayISP3 xxx.xxx.1.1\
\n\
\n# Please fill the ping check host - currently: resolver1.opendns.com\
\n:local PingTarget 208.67.222.222\
\n\
\n# Please fill how many ping failures are allowed before fail-over happen\
ds\
\n:local FailTreshold 3\
\n\
\n# Text used in this variable MUST be used as comment on Default Route\
\n:local DRComment \"Default Route - Script Checked\"\
\n\
\n# Editing the script after this point may break it\
\n# -------------- stop editing here --------------\
\n\
\n# Declare the global variables\
\n:global PingFailCountISP1\
\n:global PingFailCountISP2\
\n:global PingFailCountISP3\
\n:global FailResult\
\n\
\n# This inicializes the global variables, in case this is the 1st time th\
e script has ran\
\n:if ([:typeof \$PingFailCountISP1] = \"nothing\") do={:set PingFailCount\
ISP1 0}\
\n:if ([:typeof \$PingFailCountISP2] = \"nothing\") do={:set PingFailCount\
ISP2 0}\
\n:if ([:typeof \$PingFailCountISP3] = \"nothing\") do={:set PingFailCount\
ISP3 0}\
\n:if ([:typeof \$FailResult] = \"nothing\") do={:set FailResult 0}\
\n\
\n# These variables will be used to keep results of individual ping attemp\
ts\
\n:local PingResult1\
\n:local PingResult2\
\n:local PingResult3\
\n\
\n:local Fail1\
\n:local Fail2\
\n:local Fail3\
\n\
\n:local ScriptFailResult\
\n\
\n# Local variables with actions in the event of failure\
\n# Case0 - Everything Online\
\n:local ISPCase0 (\$GatewayISP1,\$GatewayISP2,\$GatewayISP3)\
\n# Case1 - ISP1 Failure\
\n:local ISPCase1 (\$GatewayISP2,\$GatewayISP3)\
\n# Case2 - ISP2 Failure\
\n:local ISPCase2 (\$GatewayISP1,\$GatewayISP3)\
\n# Case4 - ISP3 Failure\
\n:local ISPCase4 (\$GatewayISP1,\$GatewayISP2)\
\n# Case3 - ISP1 + ISP2 Failure\
\n:local ISPCase3 (\$GatewayISP3)\
\n# Case5 - ISP1 + ISP3 Failure\
\n:local ISPCase5 (\$GatewayISP2)\
\n# Case6 - ISP2 + ISP3 Failure\
\n:local ISPCase6 (\$GatewayISP1)\
\n# Case7 - Global Failure\
\n:local ISPCase7 (\$GatewayISP1,\$GatewayISP2,\$GatewayISP3)\
\n\
\n# Local variables with log entries in the event of failure\
\n# Case0 - Everything Online\
\n:local LogCase0 \"No more problems on Default Gateways - Everything Onli\
ne!\"\
\n# Case1 - ISP1 Failure\
\n:local LogCase1 \"Ouch! ISP1 seems to be down. Check it out!\"\
\n# Case2 - ISP2 Failure\
\n:local LogCase2 \"Ouch! ISP2 seems to be down. Check it out!\"\
\n# Case4 - ISP3 Failure\
\n:local LogCase4 \"Ouch! ISP3 seems to be down. Check it out!\"\
\n# Case3 - ISP1 + ISP2 Failure\
\n:local LogCase3 \"Ouch! ISP1 and ISP2 seems to be down. Check it out!\"\
\n# Case5 - ISP1 + ISP3 Failure\
\n:local LogCase5 \"Ouch! ISP1 and ISP3 seems to be down. Check it out!\"\
\n# Case6 - ISP2 + ISP3 Failure\
\n:local LogCase6 \"Ouch! ISP2 and ISP3 seems to be down. Check it out!\"\
\n# Case7 - Global Failure\
\n:local LogCase7 \"Critical! ISP1, ISP2 and ISP3 seems to be down. You ar\
e offline. Check it out!\"\
\n\
\n\
\n# Check ISPs - default route with \"TEST\" routing-mark must be present!\
!!\
\n:set PingResult1 [ping \$PingTarget count=1 interface=\$InterfaceISP1 ro\
uting-table=TEST]\
\n:set PingResult2 [ping \$PingTarget count=1 interface=\$InterfaceISP2 ro\
uting-table=TEST]\
\n:set PingResult3 [ping \$PingTarget count=1 interface=\$InterfaceISP3 ro\
uting-table=TEST]\
\n\
\n:if (\$PingResult1 = 0) do={\
\n:if (\$PingFailCountISP1 < (\$FailTreshold+2)) do={\
\n:set PingFailCountISP1 (\$PingFailCountISP1 + 1)\
\n}\
\n}\
\n\
\n:if (\$PingResult2 = 0) do={\
\n:if (\$PingFailCountISP2 < (\$FailTreshold+2)) do={\
\n:set PingFailCountISP2 (\$PingFailCountISP2 + 1)\
\n}\
\n}\
\n\
\n:if (\$PingResult3 = 0) do={\
\n:if (\$PingFailCountISP3 < (\$FailTreshold+2)) do={\
\n:set PingFailCountISP3 (\$PingFailCountISP3 + 1)\
\n}\
\n}\
\n\
\n:if (\$PingResult1 = 1) do={\
\n:if (\$PingFailCountISP1 > 0) do={\
\n:set PingFailCountISP1 (\$PingFailCountISP1 - 1)\
\n}\
\n}\
\n\
\n:if (\$PingResult2 = 1) do={\
\n:if (\$PingFailCountISP2 > 0) do={\
\n:set PingFailCountISP2 (\$PingFailCountISP2 - 1)\
\n}\
\n}\
\n\
\n:if (\$PingResult3 = 1) do={\
\n:if (\$PingFailCountISP3 > 0) do={\
\n:set PingFailCountISP3 (\$PingFailCountISP3 - 1)\
\n}\
\n}\
\n\
\n:if (\$PingFailCountISP1 >= \$FailTreshold) do={\
\n:set \$Fail1 1\
\n} else={\
\n:set \$Fail1 0\
\n}\
\n\
\n:if (\$PingFailCountISP2 >= \$FailTreshold) do={\
\n:set \$Fail2 2\
\n} else={\
\n:set \$Fail2 0\
\n}\
\n\
\n:if (\$PingFailCountISP3 >= \$FailTreshold) do={\
\n:set \$Fail3 4\
\n} else={\
\n:set \$Fail3 0\
\n}\
\n\
\n:set \$ScriptFailResult (\$Fail1 + \$Fail2 + \$Fail3)\
\n\
\n:foreach k,i in={\$ISPCase0;\$ISPCase1;\$ISPCase2;\$ISPCase3;\$ISPCase4;\
\$ISPCase5;\$ISPCase6;\$ISPCase7} do={\
\n:if (\$k = \$ScriptFailResult && \$ScriptFailResult != \$FailResult) do=\
{\
\n/ip route set [find comment=\$DRComment] gateway=\$i\
\n}\
\n}\
\n\
\n:foreach k,l in={\$LogCase0;\$LogCase1;\$LogCase2;\$LogCase3;\$LogCase4;\
\$LogCase5;\$LogCase6;\$LogCase7} do={\
\n:if (\$k = \$ScriptFailResult && \$ScriptFailResult != \$FailResult) do=\
{\
\n:log warning \$l\
\n}\
\n}\
\n\
\n:set \$FailResult \$ScriptFailResult"
