/ip address
add address=172.16.0.1/16 broadcast=172.16.255.255 comment="" disabled=no interface=Local network=172.16.0.0
add address=192.168.1.2/24 broadcast=192.168.1.255 comment="" disabled=no interface=WAN1 network=192.168.1.0
add address=192.168.2.2/24 broadcast=192.168.2.255 comment="" disabled=no interface=WAN2 network=192.168.2.0
add address=192.168.3.2/24 broadcast=192.168.3.255 comment="" disabled=no interface=WAN3 network=192.168.3.0
add address=192.168.4.2/24 broadcast=192.168.4.255 comment="" disabled=no interface=WAN4 network=192.168.4.0
/ip pool
add name=dhcp_pool1 ranges=172.16.0.70-172.16.0.254
add name=pppoe-users-pool ranges=10.0.0.1-10.0.0.255
/ip dhcp-server add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=static disabled=no interface=Local lease-time=12h name="My DHCP Server"
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=172.16.0.0/16 comment="" dns-server=172.16.0.1,221.132.112.8
/interface pppoe-server server
add
authentication=pap default-profile=default disabled=no interface=Local
keepalive-timeout=10 max-mru=1480 max-mtu=1480 max-sessions=1
mrru=disabled one-session-per-host=yes service-name=aacable
/ppp profile add change-tcp-mss=default dns-server=172.16.0.1 local-address=172.16.0.1 name=pppoe-profile only-one=default remote-address=pppoe-users-pool use-compression=default use-encryption=default use-vj-compression=default
/ppp secret add caller-id=”" disabled=no limit-bytes-in=0 limit-bytes-out=0 name=virtual password=1234 profile=pppoe-profile routes=”" service=pppoe
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=10000KiB max-udp-packet-size=512 servers=8.8.8.8,8.8.4.4
/ip firewall mangle
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN1 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN3 new-connection-mark=WAN3_conn passthrough=yes
add action=mark-connection chain=input comment="" disabled=no in-interface=WAN4 new-connection-mark=WAN4_conn passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=output comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.1.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.2.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.3.0/24
add action=accept chain=prerouting comment="" disabled=no dst-address=192.168.4.0/24
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/0 src-address=10.0.0.1-10.0.0.255
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/1 src-address=10.0.0.1-10.0.0.255
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN3_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/2 src-address=10.0.0.1-10.0.0.255
add action=mark-connection chain=prerouting comment="" disabled=no dst-address-type=!local new-connection-mark=WAN4_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:4/3 src-address=10.0.0.1-10.0.0.255
add action=mark-routing chain=prerouting comment="" connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN3_conn disabled=no new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=prerouting comment="" connection-mark=WAN4_conn disabled=no new-routing-mark=to_WAN4 passthrough=yes
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN1 src-address=10.0.0.1-10.0.0.255
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN2 src-address=10.0.0.1-10.0.0.255
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN3 src-address=10.0.0.1-10.0.0.255
add action=masquerade chain=srcnat comment="" disabled=no out-interface=WAN4 src-address=10.0.0.1-10.0.0.255
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_WAN2 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.3.1 routing-mark=to_WAN3 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=4 dst-address=0.0.0.0/0 gateway=192.168.4.1 routing-mark=to_WAN4 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=30 target-scope=10
add check-gateway=ping comment="" disabled=no distance=2 dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=30 target-scope=10
add check-gateway=ping comment="" disabled=no distance=3 dst-address=0.0.0.0/0 gateway=192.168.3.1 scope=30 target-scope=10
add check-gateway=ping comment="" disabled=no distance=4 dst-address=0.0.0.0/0 gateway=192.168.4.1 scope=30 target-scope=10
Post a Comment