/ip firewall mangle
add action=accept chain=prerouting disabled=no in-interface=pppoe-out1
add action=accept chain=prerouting disabled=no in-interface=ether2
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local new-connection-mark=wan1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address=192.168.2.0/24
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local new-connection-mark=wan2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address=192.168.2.0/24
add action=mark-routing chain=prerouting connection-mark=wan1_conn disabled=no new-routing-mark=to_wan1 passthrough=yes src-address=192.168.2.0/24
add action=mark-routing chain=prerouting connection-mark=wan2_conn disabled=no new-routing-mark=to_wan2 passthrough=yes src-address=192.168.2.0/24
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out1 src-address=192.168.2.0/24
add action=masquerade chain=srcnat disabled=no out-interface=ether2 src-address=192.168.2.0/24
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_wan1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ether2 routing-mark=to_wan2 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ether2 scope=30 target-scope=10
/ip firewall mangle
add action=accept chain=prerouting disabled=no in-interface=pppoe-out1
add action=accept chain=prerouting disabled=no in-interface=ether2
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local hotspot=auth new-connection-mark=wan1_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address=192.168.2.0/24
add action=mark-connection chain=prerouting disabled=no dst-address-type=!local hotspot=auth new-connection-mark=wan2_conn passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address=192.168.2.0/24
add action=mark-routing chain=prerouting connection-mark=wan1_conn disabled=no new-routing-mark=to_wan1 passthrough=yes src-address=192.168.2.0/24
add action=mark-routing chain=prerouting connection-mark=wan2_conn disabled=no new-routing-mark=to_wan2 passthrough=yes src-address=192.168.2.0/24
/ip firewall nat
add action=masquerade chain=srcnat disabled=no out-interface=pppoe-out1 src-address=192.168.2.0/24
add action=masquerade chain=srcnat disabled=no out-interface=ether2 src-address=192.168.2.0/24
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_wan1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ether2 routing-mark=to_wan2 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ether2 scope=30 target-scope=10
/ip firewall mangle
add chain=input in-interface=ether1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=ether2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.0.0/24 action=accept in-interface=bridge1
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=bridge1
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=2 check-gateway=ping
/ip firewall mangle
add chain=input in-interface=ether1 action=mark-connection new-connection-mark=WAN1_conn
add chain=input in-interface=ether2 action=mark-connection new-connection-mark=WAN2_conn
add chain=output connection-mark=WAN1_conn action=mark-routing new-routing-mark=to_WAN1
add chain=output connection-mark=WAN2_conn action=mark-routing new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.0.0/24 action=accept in-interface=bridge1
add chain=prerouting dst-address=192.168.1.0/24 action=accept in-interface=bridge1
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:2/0 action=mark-connection new-connection-mark=WAN1_conn passthrough=yes
add chain=prerouting dst-address-type=!local hotspot=auth in-interface=bridge1 per-connection-classifier=both-addresses-and-ports:2/1 action=mark-connection new-connection-mark=WAN2_conn passthrough=yes
add chain=prerouting connection-mark=WAN1_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN1
add chain=prerouting connection-mark=WAN2_conn in-interface=bridge1 action=mark-routing new-routing-mark=to_WAN2
/ip route
add dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-mark=to_WAN1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_WAN2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=2 check-gateway=ping
อ้างถึง/interface ethernetรบกวนช่วยดูหน่อยนะครับ :)
set [ find default-name=ether1 ] comment="LAN Interface" name=LAN
set [ find default-name=ether2 ] comment="WAN Interface ISP1" name=WAN1
set [ find default-name=ether3 ] comment="WAN Interface ISP2" name=WAN2
set [ find default-name=ether4 ] comment="WAN Interface ISP3" name=WAN3
set [ find default-name=ether5 ] comment="WAN Interface ISP4" name=WAN4
/interface pppoe-client
add add-default-route=yes comment="WAN1 pppoe-out1 on ether2" disabled=no interface=WAN1 max-mru=1480 max-mtu=1480 name=pppoe-out1 password=XXXXXXX use-peer-dns=yes user=XXXXXXX@trueisp
add add-default-route=yes comment="WAN2 pppoe-out2 on ether3" interface=WAN2 max-mru=1480 max-mtu=1480 name=pppoe-out2 password=XXXXXXX use-peer-dns=yes user=XXXXXXX@truefxip
/ip neighbor discovery
set LAN comment="LAN Interface"
set WAN1 comment="WAN Interface ISP1"
set WAN2 comment="WAN Interface ISP2"
set WAN3 comment="WAN Interface ISP3"
set WAN4 comment="WAN Interface ISP4"
set pppoe-out1 comment="WAN1 pppoe-out1 on ether2"
set pppoe-out2 comment="WAN2 pppoe-out2 on ether3"
/ip dhcp-server
add disabled=no interface=LAN lease-time=3d name=dhcp1
/port
set 0 name=serial0
/ppp profile
set [ find name=default ] name=default
set [ find name=default-encryption ] name=default-encryption
/ip address
add address=192.168.0.6/24 interface=LAN network=192.168.0.0
/ip dhcp-server network
add address=192.168.0.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.0.6 netmask=24 ntp-server=129.6.15.29,118.175.67.83
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall mangle
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=pppoe-out1 new-connection-mark=WAN1_conn
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=pppoe-out2 new-connection-mark=WAN2_conn
add action=mark-routing chain=output connection-mark=WAN1_conn new-routing-mark=to_WAN1
add action=mark-routing chain=output connection-mark=WAN2_conn new-routing-mark=to_WAN2
add chain=prerouting dst-address=192.168.0.0/24
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-connection-mark=WAN1_conn per-connection-classifier=both-addresses:2/0 src-address=192.168.0.0/24
add action=mark-connection chain=prerouting connection-mark=no-mark dst-address-type=!local new-connection-mark=WAN2_conn per-connection-classifier=both-addresses:2/1 src-address=192.168.0.0/24
add action=mark-routing chain=prerouting connection-mark=WAN1_conn new-routing-mark=to_WAN1 src-address=192.168.0.0/24
add action=mark-routing chain=prerouting connection-mark=WAN2_conn new-routing-mark=to_WAN2 src-address=192.168.0.0/24
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1 src-address=192.168.0.0/24
add action=masquerade chain=srcnat out-interface=pppoe-out2 src-address=192.168.0.0/24
/ip route
add check-gateway=ping distance=1 gateway=pppoe-out1 routing-mark=to_WAN1
add check-gateway=ping distance=1 gateway=pppoe-out2 routing-mark=to_WAN2
add check-gateway=ping distance=1 gateway=pppoe-out1
add check-gateway=ping distance=2 gateway=pppoe-out2
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www port=81
set ssh disabled=yes
set api disabled=yes
/system clock
set time-zone-autodetect=no time-zone-name=Asia/Bangkok
/system routerboard settings
set protected-routerboot=disabled
/tool romon port
add disabled=no