ROS 典型PCC负载脚本_ros各种脚本

ROS 典型PCC负载脚本由刀豆文库小编整理，希望给你工作、学习、生活带来方便，猜你可能喜欢“ros各种脚本”。

ROS 典型PCC负载脚本

:global num

:set num 38

:for szwm from=1 to=$num do={ :global type

:set type(“both-addrees:”.$num.“/”.($szwm-1))#设置网卡名字 name中的wlan可以改成#/interface set(“ether”.$szwm)name=(“wlan”.$szwm)#建立pppoe拨号，并禁用

/interface pppoe-client add name=(“pppoe-out”.$szwm)user=(“user”.$szwm)paword=(“pa”.$szwm)

interface=(“wlan”.$szwm)comment=(“ADSL_”.$szwm)disabled=no # NAT伪装

/ip firewall nat add chain=srcnat out-interface=(“pppoe-out”.$szwm)action=masquerade comment=(“NAT_ADSL”.$szwm)# 标记从哪里来

/ ip firewall mangle

add chain=input in-interface=(“pppoe-out”.$szwm)action=mark-connection new-connection-mark=(“adsl”.$szwm.“_conn”)pathrough=yes comment=(“From_ADSL”.$szwm)#标记从哪里来，回哪里去

/ ip firewall mangle add chain=output connection-mark=(“adsl”.$szwm.“_conn”)

action=mark-routing new-routing-mark=(“to_adsl”.$szwm)pathrough=yes comment=(“To_ADSL”.$szwm)#PCC设置

/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=(“adsl”.$szwm.“_conn”)dst-addre-type=!local in-interface=Local per-connection-claifier=$type pathrough=yes comment=(“ADSL_PCC”.$szwm)#标记路由

/ip firewall mangle add chain=prerouting connection-mark=(“adsl”.$szwm.“_conn”)in-interface=Local action=mark-routing new-routing-mark=(“to_adsl”.$szwm)comment=(“Route_To_ADSL”.$szwm)#添加路由 /ip route add dst-addre=0.0.0.0/0 gateway=(“pppoe-out”.$szwm)routing-mark=(“to_adsl”.$szwm)check-gateway=ping comment=(“To_ADSL”.$szwm)

add dst-addre=0.0.0.0/0 gateway=(“pppoe-out”.$szwm)distance=$szwm check-gateway=ping comment=(“ECMP_”.$szwm)

}

配合这个掉线后自动修改脚本很好用

以4线为例，其中某条线路断了后，会自动判断剩余可用的线路数量然后修改PCC规则的参数，线路恢复正常后会自动把参数修改回正常状态，注意连接标记名称一定要以纯数字“1、2、3、4...”来命名。一般该脚本设置30秒间隔就比较合适。#pcc掉线后自动修改参数脚本 {

:local status :local i “4” :local x “0” :local y “0” :local z “0”

:set x [:len [/interface pppoe-client find running=yes]] :if($x

:for ii from=1 to=$i do={

:set status [/interface get [find name=(“pppoe-out”.$ii)] running] :if($status=true)do={

/ip fir man set [find new-connection-mark=$ii] per-connection-claifier=(“both-addrees:”.$x.“/”.$y)disable=no;:set y($y+1)} else={

/ip fir man set [find new-connection-mark=$ii] disable=yes}}} :if($x=$i)do={

:set z [:len [/ip fir man find action=“mark-connection” disabled=yes chain=prerouting]]

:if($z>0)do={

:for ii from=1 to=$i do={

/ip fi man set [find new-connection-mark=$ii] per-connection-claifier=(“both-addrees:”.$x.“/”.$y)disable=no;:set y($y+1)}}}}

以上是PPPOE环境下的，下面的这个是固定IP相同网关的环境，2条线

/ip addre

add addre=192.168.1.1/24 comment=“shan” disabled=no interface=lan network=192.168.1.0

add addre=10.10.10.10/32 disabled=no interface=wan1

add addre=20.20.20.20/32 disabled=no interface=wan2

/ip firewall mangle add action=accept chain=prerouting disabled=no dst-addre=10.10.10.10 in-interface=wan1

add action=accept chain=prerouting disabled=no dst-addre=20.20.20.20 in-interface=wan2

add action=mark-connection chain=input comment=

“C2B7D3C9D4ADC2B7B7B5BBD8B2DFC2D4” disabled=no in-interface=wan1 new-connection-mark=wan1_conn pathrough=yes

add action=mark-routing chain=output connection-mark=wan1_conn disabled=no new-routing-mark=wan1_rout pathrough=yes

add action=mark-connection chain=input disabled=no in-interface=wan2 new-connection-mark=wan2_conn pathrough=yes

add action=mark-routing chain=output connection-mark=wan2_conn disabled=no new-routing-mark=wan2_rout pathrough=yes

add action=mark-connection chain=prerouting comment=wan1 disabled=no

dst-addre-type=!local new-connection-mark=wan1_conn pathrough=yes per-connection-claifier=both-addrees:2/0 src-addre-list=192.168.1.0/24

add action=mark-routing chain=prerouting connection-mark=wan1_conn disabled= no new-routing-mark=wan1_rout pathrough=yes src-addre-list=192.168.1.0/24

add action=mark-connection chain=prerouting comment=wan2 disabled=no

dst-addre-type=!local new-connection-mark=wan2_conn pathrough=yes per-connection-claifier=both-addrees:2/1 src-addre-list=192.168.1.0/24

add action=mark-routing chain=prerouting connection-mark=wan2_conn disabled= no new-routing-mark=wan2_rout pathrough=yes src-addre-list=192.168.1.0/24

add action=change-m chain=forward comment=

“============D0DEB8C4MMS=============shan” disabled=yes new-m=1440 pathrough=yes protocol=tcp tcp-flags=syn

/ip firewall nat

add action=src-nat chain=srcnat comment=“wan1BFDANat” disabled=no

out-interface=wan1 src-addre-list=192.168.1.0/24 to-addrees=10.10.10.10 add action=src-nat chain=srcnat comment=“wan2BFDANat” disabled=no

out-interface=wan2 src-addre-list=192.168.1.0/24 to-addrees=20.20.20.20 add action=masquerade chain=srcnat comment=“shan” disabled=no src-addre-list=192.168.1.0/24 to-addrees=0.0.0.0

/ip route

add disabled=no distance=1 dst-addre=0.0.0.0/0 gateway=1.1.1.1%wan1 routing-mark=wan1_rout scope=30 target-scope=10 add disabled=no distance=1 dst-addre=0.0.0.0/0 gateway=1.1.1.1%wan2 routing-mark=wan2_rout scope=30 target-scope=10

add disabled=no distance=1 dst-addre=0.0.0.0/0 gateway=1.1.1.1%wan1 scope=255 target-scope=10

add disabled=no distance=2 dst-addre=0.0.0.0/0 gateway=1.1.1.1%wan2 scope=255 target-scope=10

add comment=“shan” disabled=yes distance=1 dst-addre=0.0.0.0/0 gateway=192.168.1.1 scope=30 target-scope=10

这上5.x的双线同网关固定IP的pcc脚本，lan为局域网口，wan1和wan2为两个外网口。把1.1.1.1改成网关，10.10.10.10改成外网1IP，20.20.20.20改成外网2IP，192.168.1.1为局域网，看着改成自已的ip就行了

批量设置脚本 设置VLAN命令

:for i from=2 to=25 do= {/interface vlan add name=(“VLAN”.$i)vlan-id=$i interface=WAN} 设置桥用于拔号

:for i from=2 to=25 do= {/interface bridge add name=(“bridge”.$i)auto-mac=no admin-mac=(“AA:AB:AC:AD:AE:”.($i+10))} 把VLAN加入到桥

:for i from=2 to=25 do= {/interface bridge port add interface=(“VLAN”.$i)bridge=(“bridge”.$i)} 设置PPP拔号

:for i from=2 to=25 do= {/interface pppoe-client add name=(“pppoe-out”.$i)user=(“user”)paword=(“pawd”)interface=(“bridge”.$i)} 这些我都都做好了,那现在开始进行对线路进行标记与PCC设置 标记从哪条线路进就从哪条线路出

:for i from=1 to=192 do= {

/ip firewall mangle

add chain=input action=mark-connection new-connection-mark=(“input”.$i)in-interface=(“pppoe-out”.$i)comment=(“Input”.$i)

add chain=output connection-mark=(“input”.$i)action=mark-routing new-routing-mark=(“route”.$i)} 从哪进从哪出我们已经做好,现在设置PCC 这里由于有些LAN拔号也设了VLAN的,我们进行可移植的统一配置

/ip firewall addre-list add addre=1.2.3.4/24 disabled=no list=mark_route :for i from=2 to=25 do= {

/ip firewall mangle

add chain=prerouting src-addre-list=mark_route action=mark-connection comment=(“Route”.$i)

new-connection-mark=(“conn”.$i)per-connection-claifier=(“both-addrees-and-ports:24/”.($i-2))

add chain=prerouting src-addre-list=mark_route action=mark-routing new-routing-mark=(“route”.$i)connection-mark=(“conn”.$i)}

好了,PCC我们也已经设置好了

现在我们设置PCC的路由与标记的路由

:for i from=1 to=192 do= {/ip route add dst-addre=0.0.0.0/0 gateway=(“pppoe-out”.$i)routing-mark=(“route”.$i)}

另外一个带VRRP的脚本

:do { #adsl线路数 :local adsl 4 #负载的内网地址列表 :local lanlis lanlist #外网卡名称 :local ether ether2 #NAT的源地址段

:local lanip 172.168.1.0/24 /interface vrrp :for a from=1 to=$adsl do={ add name=(“adsl-“.$a)interface=$ether vrid=$a preemption-mode=no disabled=no} /ip addre add addre=11.11.11.11/28 interface=$ether disabled=no :for a from=1 to=$adsl do={ add addre=(“10.10.”.$a.”.1/28”)interface=(“adsl-“.$a)disabled=no} /interface pppoe-client :for a from=1 to=$adsl do= { add add-default-route=no dial-on-demand=no use-peer-dns=no name=(“pppoe-out”.$a)user=(“q”.$a)paword=$a interface=(“adsl-“.$a)} /ip firewall mangle :for a from=1 to=$adsl do={ add action=mark-connection chain=prerouting dst-addre-type=!local src-addre-list=$lanlis pathrough=yes new-connection-mark=(”c-“.($adsl-($a-1)))per-connection-claifier=(”both-addrees:”.($adsl-($a-1)).”/“.0)comment=(”pcc-“.($adsl-($a-1)))add action=mark-routing chain=prerouting src-addre-list=$lanlis pathrough=no connection-mark=(”c-“.($adsl-($a-1)))new-routing-mark=(”r-“.($adsl-($a-1)))} /ip firewall mangle :for a from=1 to=$adsl do={ add chain=input action=mark-connection new-connection-mark=(”c-“.($adsl-($a-1)))in-interface=(”pppoe-out“.($adsl-($a-1)))comment=(”in-out-“.($adsl-($a-1)))add chain=output connection-mark=(”c-“.($adsl-($a-1)))action=mark-routing new-routing-mark=(”r-“.($adsl-($a-1)))pathrough=no} /ip firewall nat :for a from=1 to=$adsl do={ add action=masquerade chain=srcnat out-interface=(”pppoe-out“.$a)src-addre=$lanip disabled=no comment=$a} /ip route :for a from=1 to=$adsl do= { add check-gateway=ping gateway=(”pppoe-out“.$a)routing-mark=(”r-“.$a)comment=(”r-".$a)add check-gateway=ping distance=$a gateway=(“pppoe-out”.$a)}}