Wan 1 : 192.168.10.2
Wan 2 : 192.168.20.2
Il load balancing funziona ma il NAT funziona solo se disabilito una delle due interfacce. Altrimenti un po' funziona un po' no.. ma con le due WAN abilitate è lentissimo.
Il nat serve per un webserver che ha IP 192.168.1.200, risponde sulla porta interna 443 (https). All'esterno è mappato sulla porta 35000 del modem Wan 1.
Impostazioni Mangle
- Codice: Seleziona tutto
Flags: X - disabled, I - invalid, D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=prerouting action=passthrough
1 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
2 D ;;; special dummy rule to show fasttrack counters
chain=postrouting action=passthrough
3 ;;; Accept da WAN1
chain=prerouting action=accept dst-address=192.168.178.0/24 log=no
log-prefix=""
4 ;;; Accept da WAN2
chain=prerouting action=accept dst-address=10.0.2.0/24
5 ;;; PCC stream WAN1
chain=prerouting action=mark-connection new-connection-mark=WAN1
passthrough=yes dst-address-type=!local connection-mark=no-mark
in-interface=bridge per-connection-classifier=both-addresses:2/0
6 ;;; PCC stream WAN2
chain=prerouting action=mark-connection new-connection-mark=WAN2
passthrough=yes dst-address-type=!local connection-mark=no-mark
in-interface=bridge per-connection-classifier=both-addresses:2/1
7 chain=prerouting action=mark-routing new-routing-mark=WAN1-mark
passthrough=yes connection-mark=WAN1 in-interface=bridge
8 chain=prerouting action=mark-routing new-routing-mark=WAN2-mark
passthrough=yes connection-mark=WAN2 in-interface=bridge
9 chain=output action=mark-routing new-routing-mark=WAN1-mark passthrough=ye>
connection-mark=WAN1
10 chain=output action=mark-routing new-routing-mark=WAN2-mark passthrough=ye>
connection-mark=WAN2
11 chain=prerouting action=mark-connection new-connection-mark=WAN1
passthrough=yes connection-mark=no-mark in-interface=WAN1
12 chain=prerouting action=mark-connection new-connection-mark=WAN2
passthrough=yes connection-mark=no-mark in-interface=WAN2
13 chain=forward action=mark-connection new-connection-mark=WAN1
in-interface=WAN1
14 chain=forward action=mark-connection new-connection-mark=WAN2
in-interface=WAN2
Impostazioni NAT
- Codice: Seleziona tutto
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN
ipsec-policy=out,none
2 chain=dstnat action=dst-nat to-addresses=192.168.1.200 to-ports=443
protocol=tcp in-interface=WAN1 dst-port=35000
3 chain=dstnat action=dst-nat to-addresses=192.168.1.200 to-ports=443
protocol=udp in-interface=WAN1 dst-port=35000 log=no log-prefix=""
Avete qualche idea sul perchè non funziona ?