Cấu hình load balancing và failover trên thiết bị router Mikrotik RB1100AHx2

[binhndt]

Một cấu hình load balancing, failover 2 WAN kết hợp NAT inbound cho các ports 8000,88,554 trên router MikroTik thực tế tham khảo:

Code:

/ip firewall mangle
add chain=prerouting dst-address=192.168.1.0/24 in-interface=bridge1
add action=mark-connection chain=input connection-mark=no-mark in-interface=\
    pppoe-out1 new-connection-mark=WAN1 passthrough=no
add action=mark-connection chain=input connection-mark=no-mark in-interface=\
    pppoe-out2 new-connection-mark=WAN2 passthrough=no
add action=mark-routing chain=output connection-mark=WAN1 new-routing-mark=\
    WAN1 passthrough=no
add action=mark-routing chain=output connection-mark=WAN2 new-routing-mark=\
    WAN2 passthrough=no
add action=mark-connection chain=prerouting connection-state=new dst-port=\
    8000,88,554 in-interface=pppoe-out1 new-connection-mark=WAN1 passthrough=\
    no protocol=tcp
add action=mark-connection chain=prerouting connection-state=new dst-port=\
    8000,88,554 in-interface=pppoe-out2 new-connection-mark=WAN2 passthrough=\
    no protocol=tcp
add action=mark-connection chain=prerouting connection-mark=no-mark \
    dst-address-type=!local in-interface=bridge1 new-connection-mark=WAN1 \
    per-connection-classifier=both-addresses:2/0
add action=mark-connection chain=prerouting connection-mark=no-mark \
    dst-address-type=!local in-interface=bridge1 new-connection-mark=WAN2 \
    per-connection-classifier=both-addresses:2/1
add action=mark-routing chain=prerouting connection-mark=WAN1 in-interface=\
    bridge1 new-routing-mark=WAN1 passthrough=no
add action=mark-routing chain=prerouting connection-mark=WAN2 in-interface=\
    bridge1 new-routing-mark=WAN2 passthrough=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
add action=masquerade chain=srcnat out-interface=pppoe-out2
add action=dst-nat chain=dstnat dst-address-type=local dst-port=88 protocol=\
    tcp to-addresses=192.168.1.200 to-ports=88
add action=masquerade chain=srcnat dst-address=192.168.1.200 dst-port=88 \
    out-interface=bridge1 protocol=tcp src-address=192.168.1.0/24
add action=dst-nat chain=dstnat dst-address-type=local dst-port=8000 \
    protocol=tcp to-addresses=192.168.1.200 to-ports=8000
add action=masquerade chain=srcnat dst-address=192.168.1.200 dst-port=8000 \
    out-interface=bridge1 protocol=tcp src-address=192.168.1.0/24
add action=dst-nat chain=dstnat dst-address-type=local dst-port=554 protocol=\
    tcp to-addresses=192.168.1.200 to-ports=554
add action=masquerade chain=srcnat dst-address=192.168.1.200 dst-port=554 \
    out-interface=bridge1 protocol=tcp src-address=192.168.1.0/24