Scribd
Upload
244 views1 page

Scrip Load Balance PCC

The document configures firewall rules for address lists, NAT, routing, and connection/routing marking on a MikroTik router. Local IP ranges are added to an address list. NAT and routing tables are set up for two external interfaces to masquerade and route traffic. Connection and routing marks are applied based on source addresses and incoming interfaces to direct traffic flows.

Uploaded by

Candra Goptha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
244 views1 page

Scrip Load Balance PCC

The document configures firewall rules for address lists, NAT, routing, and connection/routing marking on a MikroTik router. Local IP ranges are added to an address list. NAT and routing tables are set up for two external interfaces to masquerade and route traffic. Connection and routing marks are applied based on source addresses and incoming interfaces to direct traffic flows.

Uploaded by

Candra Goptha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

/ip firewall address-list

add address=192.168.0.0/16 list=LOCAL-IP


add address=172.16.0.0/12 list=LOCAL-IP
add address=10.0.0.0/8 list=LOCAL-IP
/ip firewall nat
add chain=srcnat out-interface="36.95.3.122" action=masquerade
add chain=srcnat out-interface="192.168.1.2" action=masquerade
/ip route
add check-gateway=ping distance=1 gateway="36.95.3.121" routing-mark="to-
36.95.3.122"
add check-gateway=ping distance=1 gateway="192.168.1.1" routing-mark="to-
192.168.1.2"
add check-gateway=ping distance=1 gateway="36.95.3.121"
add check-gateway=ping distance=2 gateway="192.168.1.1"
/ip firewall mangle
add action=accept chain=prerouting dst-address-list=LOCAL-IP src-address-
list=LOCAL-IP
add action=accept chain=postrouting dst-address-list=LOCAL-IP src-address-
list=LOCAL-IP
add action=accept chain=forward dst-address-list=LOCAL-IP src-address-list=LOCAL-IP
add action=accept chain=input dst-address-list=LOCAL-IP src-address-list=LOCAL-IP
add action=accept chain=output dst-address-list=LOCAL-IP src-address-list=LOCAL-IP
add action=mark-connection chain=input in-interface="36.95.3.122" new-connection-
mark="cm-36.95.3.122" passthrough=yes
add action=mark-connection chain=input in-interface="192.168.1.2" new-connection-
mark="cm-192.168.1.2" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-36.95.3.122" new-routing-
mark="to-36.95.3.122" passthrough=yes
add action=mark-routing chain=output connection-mark="cm-192.168.1.2" new-routing-
mark="to-192.168.1.2" passthrough=yes
add action=mark-connection chain=prerouting dst-address-type=!local new-connection-
mark="cm-36.95.3.122" passthrough=yes per-connection-classifier=both-addresses-and-
ports:2/0 dst-address-list=!LOCAL-IP src-address-list=LOCAL-IP
add action=mark-connection chain=prerouting dst-address-type=!local new-connection-
mark="cm-192.168.1.2" passthrough=yes per-connection-classifier=both-addresses-and-
ports:2/1 dst-address-list=!LOCAL-IP src-address-list=LOCAL-IP
add action=mark-routing chain=prerouting connection-mark="cm-36.95.3.122" new-
routing-mark="to-36.95.3.122" passthrough=yes dst-address-list=!LOCAL-IP src-
address-list=LOCAL-IP
add action=mark-routing chain=prerouting connection-mark="cm-192.168.1.2" new-
routing-mark="to-192.168.1.2" passthrough=yes dst-address-list=!LOCAL-IP src-
address-list=LOCAL-IP

You might also like