Два интернет провайдера: статический и динамический (PPPoE)
Основной провайдер - статический.
К интернету подключены несколько девайсов и виртуальных машин.
Подскажите, как подключить второго (динамического) провайдера к wireless wifi network (беспроводной сети) и к определенным адресам (девайсам и виртуалкам)?
Ниже конфигурация:
Код: Выделить всё
/interface bridge
add name=bridge_lan
/interface ethernet
set [ find default-name=ether1 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether2 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
ether2_lan
set [ find default-name=ether3 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether4 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
ether4_lan
set [ find default-name=ether5 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=\
ether5_lan
/interface pppoe-client
add disabled=no interface=ether3 name=pppoe-out1 password=*** user=***
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n channel-width=\
20/40mhz-eC country=no_country_set disabled=no frequency=auto \
frequency-mode=manual-txpower mode=ap-bridge name=wlan1_lan_2GHZ ssid=TT \
station-roaming=enabled wireless-protocol=802.11
set [ find default-name=wlan2 ] antenna-gain=0 band=5ghz-a/n/ac \
channel-width=20/40/80mhz-XXXX country=no_country_set disabled=no \
frequency=auto frequency-mode=manual-txpower mode=ap-bridge name=\
wlan2_lan_5GHZ ssid=Begemot-5 station-roaming=enabled wireless-protocol=\
802.11
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
management-protection=allowed mode=dynamic-keys supplicant-identity=\
MikroTik wpa-pre-shared-key=*** wpa2-pre-shared-key=***
/ip pool
add name=dhcp ranges=192.168.17.2-192.168.17.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge_lan name=dhcp1
/queue simple
add disabled=yes max-limit=0/1M name=192.168.17.250 target=192.168.17.250/32
add disabled=yes max-limit=0/1M name=192.168.17.249 target=192.168.17.249/32
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
sword,web,sniff,sensitive,api,romon,dude,tikapp"
/interface bridge port
add bridge=bridge_lan hw=no interface=ether2_lan
add bridge=bridge_lan hw=no interface=ether4_lan
add bridge=bridge_lan hw=no interface=ether5_lan
add bridge=bridge_lan interface=wlan1_lan_2GHZ
add bridge=bridge_lan interface=wlan2_lan_5GHZ
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface list member
add interface=bridge_lan list=LAN
add interface=pppoe-out1 list=WAN
add interface=ether3 list=WAN
/ip address
add address=192.168.17.1/24 interface=bridge_lan network=192.168.17.0
add address=10.154.42.124/25 interface=ether1 network=10.154.42.0
/ip dhcp-server lease
add address=192.168.17.250 client-id=1:a0:56:f3:76:86:69 mac-address=\
A0:56:F3:76:86:69 server=dhcp1
add address=192.168.17.251 client-id=1:90:e6:ba:1e:e1:7d mac-address=\
90:E6:BA:1E:E1:7D server=dhcp1
add address=192.168.17.249 client-id=1:7c:d1:c3:f8:7c:3d mac-address=\
7C:D1:C3:F8:7C:3D server=dhcp1
add address=192.168.17.248 client-id=1:38:aa:3c:b8:9e:10 mac-address=\
38:AA:3C:B8:9E:10 server=dhcp1
add address=192.168.17.247 client-id=1:58:11:22:b1:4c:95 comment=Main \
mac-address=58:11:22:B1:4C:95 server=dhcp1
add address=192.168.17.246 client-id=1:12:30:c8:e1:36:27 mac-address=\
12:30:C8:E1:36:27 server=dhcp1
add address=192.168.17.241 client-id=1:0:c:29:7c:48:49 mac-address=\
00:0C:29:7C:48:49 server=dhcp1
add address=192.168.17.245 client-id=1:0:c:29:26:b7:32 mac-address=\
00:0C:29:26:B7:32 server=dhcp1
add address=192.168.17.240 client-id=1:0:c:29:52:7c:24 mac-address=\
00:0C:29:52:7C:24 server=dhcp1
add address=192.168.17.239 client-id=1:0:c:29:d9:de:9a mac-address=\
00:0C:29:D9:DE:9A server=dhcp1
add address=192.168.17.238 client-id=1:0:c:29:4f:63:28 mac-address=\
00:0C:29:4F:63:28 server=dhcp1
/ip dhcp-server network
add address=192.168.17.0/24 gateway=192.168.17.1
/ip dns
set servers=91.200.216.7,91.200.216.2,217.11.190.2,193.111.11.2
/ip firewall address-list
add address=192.168.17.0/24 list=LAN-IP
/ip firewall mangle
add action=mark-routing chain=prerouting disabled=yes dst-address-list=\
allowed_ether1 new-routing-mark=to_ether1 passthrough=no
add action=mark-routing chain=prerouting dst-address-list=allowed_pppoe \
new-routing-mark=to_pppoe passthrough=no
add action=mark-routing chain=prerouting dst-address-list=YouTube-IP \
new-routing-mark=to_pppoe src-address-list=LAN-IP
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat out-interface=pppoe-out1
/ip firewall raw
add action=add-dst-to-address-list address-list=YouTube-IP \
address-list-timeout=none-dynamic chain=prerouting comment=YouTube-IP \
content=.youtube.com dst-address-list=!LAN-IP src-address-list=LAN-IP
add action=add-dst-to-address-list address-list=YouTube-IP \
address-list-timeout=none-dynamic chain=prerouting content=\
.googlevideo.com dst-address-list=!LAN-IP src-address-list=LAN-IP
add action=add-dst-to-address-list address-list=YouTube-IP \
address-list-timeout=none-dynamic chain=prerouting content=\
.youtube.googleapis.com dst-address-list=!LAN-IP src-address-list=LAN-IP
add action=add-dst-to-address-list address-list=YouTube-IP \
address-list-timeout=none-dynamic chain=prerouting content=.youtu.be \
dst-address-list=!LAN-IP src-address-list=LAN-IP
add action=add-dst-to-address-list address-list=YouTube-IP \
address-list-timeout=none-dynamic chain=prerouting content=.ytimg.com \
dst-address-list=!LAN-IP src-address-list=LAN-IP
/ip route
add check-gateway=ping distance=1 gateway=10.154.42.1 pref-src=10.154.42.124 \
routing-mark=to_ether1
add check-gateway=ping distance=1 gateway=pppoe-out1 routing-mark=to_pppoe
add check-gateway=ping comment=TTL distance=1 gateway=10.154.42.1 pref-src=\
10.154.42.124
add check-gateway=ping comment=SATURN distance=2 gateway=pppoe-out1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/system clock
set time-zone-autodetect=no time-zone-name=Asia/Dushanbe
/system identity
set name=Translator
/system scheduler
/tool traffic-monitor
add interface=wlan2_lan_5GHZ name=tmon1 threshold=0