電訊茶室's Archiver

bubblestar 發表於 2013-6-15 13:00

【RB2011UAS-2HnD-IN】- Failover checking script using Netwatch

目的: 以 [url=http://www.telecom-cafe.com/forum/viewthread.php?tid=5684]【RB2011UAS-2HnD-IN】- Dual WAN Dual Gateway 及 分流[/url] 作為藍本,作進一步優化,以確保一旦其中一個Gateway 斷線後,所有內部 IP 都可以自動診斷出來,並可自動經另一條正常的ISP 管道上網,此處是以 /tool netwatch 作監察,然後自動failover 的。

設定完畢後,可以在Windows cmd prompt 鍵入 tracert [url]www.google.com[/url] 作測試,然後拔走其中一條ISP WAN 線,人為地disable WAN 連線,此時,tracert [url]www.google.com[/url] 的結果將會顯示你走出去的線路,已經自動轉了另一條備用的ISP了。[code]/system script
add name="HKBN-Down" source="/ip route set HKBN gateway=pppoe-out1" \
    policy=ftp,reboot,read,write,policy,test,winbox,password
add name="HKBN-Up" source="/ip route set HKBN gateway=WAN1" \
    policy=ftp,reboot,read,write,policy,test,winbox,password
add name="PCCW-Up" source="/ip route set PCCW gateway=pppoe-out1" \
    policy=ftp,reboot,read,write,policy,test,winbox,password
add name="PCCW-Down" source="/ip route set PCCW gateway=WAN1" \
        policy=ftp,reboot,read,write,policy,test,winbox,password

/tool netwatch
add host=61.123.100.123 timeout=30ms interval=1s up-script=HKBN-Up \
    down-script=HKBN-Down comment="" disabled=no
add host=116.123.11.128 timeout=30ms interval=1s up-script=PCCW-Up \
    down-script=PCCW-Down comment="" disabled=no[/code]

角色 發表於 2013-6-16 13:34

最近非常忙,所以都沒有去弄我的兩台【RB2011UAS-2HnD-IN】了,所以突然間都完了怎樣入手。

Qnewbie 發表於 2013-6-25 03:39

[i=s] 本帖最後由 Qnewbie 於 2013-6-25 04:25 編輯 [/i]

I have one question, which might be not relative this fail-over scheme:

1. ISP1 is used as main internet supplier.
2. ISP2 (3G modem) is used as fail-over for important servers, such as asterisk server due to the expansive data plan.

One possible solution is to use firewall to block traffic towards ISP2 except those from important servers.

Any other suggestions?

bubblestar 發表於 2013-6-25 12:02

[b]回復 [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=34009&ptid=5685]3#[/url] [i]Qnewbie[/i] [/b]


    You may allow ONLY certain server (such as Astersik) IP to go out via specific ISP by adding rules in /IP >> Routes >> Rules.  Example can be find at [url]http://www.hkepc.com/forum/redirect.php?goto=findpost&ptid=1909013&pid=29193770[/url]

Qnewbie 發表於 2013-6-25 23:08

[b]回復 [url=http://www.telecom-cafe.com/forum/redirect.php?goto=findpost&pid=34011&ptid=5685]4#[/url] [i]bubblestar[/i] [/b]

OK, I know what you mean.

PCs reach out only through ISP1, which follows your links. Dual-wan are set for all but as the PCs are sticked with ISP1...:handshake

The problem is to assign static IP to each PC:L  It is OK for home use. Maybe it should be better with IP pool...

頁: [1]

Powered by Discuz! Archiver 7.2  © 2001-2009 Comsenz Inc.