Как маркировать, для соединений с внешки на сам микротик, на микротике есть L2TP сервер, нужно чтобы можно было снаружи поднимать сессии на разные внешние интерфейсы одновременно, сейчас получается поднять L2TP, только до AIST. Балансировка не нужна, TOTEL резервный. Настроил мангл, траффик ходит правильно, на какой интерфейс пришел, с того и ушел, но на TOTEL L2TP поднимается, только, если AIST уронить. А вот PPTP идет нормально, при всех поднятых интерфейсах, тоесть я еще и PPTP сервер поднял. Непонятно почему не ходить L2TP, что ему надоть.
Код: Выделить всё
0 X chain=prerouting action=mark-routing new-routing-mark=MAIL passthrough=no src-address=192.168.12.44
1 chain=forward action=mark-connection new-connection-mark=AIST-CON passthrough=yes in-interface=AIST
2 chain=input action=mark-connection new-connection-mark=AIST-CON passthrough=yes in-interface=AIST
3 chain=forward action=mark-connection new-connection-mark=TOTEL-CON passthrough=yes in-interface=ether2
4 chain=input action=mark-connection new-connection-mark=TOTEL-CON passthrough=yes in-interface=ether2
5 chain=output action=mark-routing new-routing-mark=AIST-RT passthrough=yes connection-mark=AIST-CON
6 chain=output action=mark-routing new-routing-mark=TOTEL-RT passthrough=yes connection-mark=TOTEL-CON
7 chain=prerouting action=mark-routing new-routing-mark=AIST-RT passthrough=yes src-address=192.168.12.0/24 connection-mark=AIST-CON
8 chain=prerouting action=mark-routing new-routing-mark=TOTEL-RT passthrough=yes src-address=192.168.12.0/24 connection-mark=TOTEL-CON
9 chain=prerouting action=mark-routing new-routing-mark=AIST-RT passthrough=yes connection-state=new dst-address-list=to-AIST
10 chain=prerouting action=mark-routing new-routing-mark=TOTEL-RT passthrough=yes connection-state=new dst-address-list=to-TOTEL
Код: Выделить всё
0 X S dst-address=0.0.0.0/0 gateway=217.113.124.219 gateway-status=217.113.124.219 inactive distance=2 scope=30 target-scope=10
routing-mark=MAIL
1 A S dst-address=0.0.0.0/0 gateway=AIST gateway-status=AIST reachable check-gateway=ping distance=1 scope=30 target-scope=10
routing-mark=AIST-RT
2 A S dst-address=0.0.0.0/0 gateway=195.144.200.81 gateway-status=195.144.200.81 reachable via ether2 check-gateway=ping distance=1 scope=30
target-scope=10 routing-mark=TOTEL-RT
3 A S dst-address=0.0.0.0/0 gateway=AIST gateway-status=AIST reachable check-gateway=ping distance=10 scope=30 target-scope=10
4 S dst-address=0.0.0.0/0 gateway=195.144.200.81 gateway-status=195.144.200.81 reachable via ether2 check-gateway=ping distance=11 scope=30
target-scope=10
5 ADS dst-address=10.0.0.0/8 gateway=10.0.156.1 gateway-status=10.0.156.1 reachable via ether1 distance=0 scope=30 target-scope=10
vrf-interface=ether1
6 ADC dst-address=10.0.156.0/26 pref-src=10.0.156.3 gateway=ether1 gateway-status=ether1 reachable distance=0 scope=10
7 ADS dst-address=62.106.124.0/24 gateway=10.0.156.1 gateway-status=10.0.156.1 reachable via ether1 distance=0 scope=30 target-scope=10
vrf-interface=ether1
8 ADS dst-address=81.28.160.0/24 gateway=10.0.156.1 gateway-status=10.0.156.1 reachable via ether1 distance=0 scope=30 target-scope=10
vrf-interface=ether1
9 ADC dst-address=109.226.96.1/32 pref-src=62.106.124.9 gateway=AIST gateway-status=AIST reachable distance=0 scope=10
10 ADS dst-address=172.16.0.0/12 gateway=10.0.156.1 gateway-status=10.0.156.1 reachable via ether1 distance=0 scope=30 target-scope=10
vrf-interface=ether1
11 A S dst-address=192.168.0.0/24 gateway=10.0.156.1 gateway-status=10.0.156.1 reachable via ether1 distance=1 scope=30 target-scope=10
12 ADC dst-address=192.168.12.0/24 pref-src=192.168.12.1 gateway=bridge1 gateway-status=bridge1 reachable distance=0 scope=10
13 ADC dst-address=192.168.12.203/32 pref-src=192.168.12.1 gateway=<l2tp-akr> gateway-status=<l2tp-akr> reachable distance=0 scope=10
14 ADC dst-address=192.168.12.205/32 pref-src=192.168.12.1 gateway=<l2tp-smr_mavrina> gateway-status=<l2tp-smr_mavrina> reachable distance=0
scope=10
15 ADC dst-address=192.168.12.227/32 pref-src=192.168.12.1 gateway=<l2tp-Bolovnev> gateway-status=<l2tp-Bolovnev> reachable distance=0 scope=10
16 ADC dst-address=192.168.12.236/32 pref-src=192.168.12.1 gateway=<l2tp-Sudarkina> gateway-status=<l2tp-Sudarkina> reachable distance=0 scope=1>
17 ADC dst-address=192.168.12.247/32 pref-src=192.168.12.1 gateway=<l2tp-samara63> gateway-status=<l2tp-samara63> reachable distance=0 scope=10
18 ADC dst-address=192.168.12.250/32 pref-src=192.168.12.1 gateway=<l2tp-MiraVPN> gateway-status=<l2tp-MiraVPN> reachable distance=0 scope=10
19 ADC dst-address=192.168.12.251/32 pref-src=192.168.12.1 gateway=<l2tp-rebrov> gateway-status=<l2tp-rebrov> reachable distance=0 scope=10
20 A S dst-address=192.168.14.0/24 gateway=192.168.12.247 gateway-status=192.168.12.247 reachable via <l2tp-samara63> distance=1 scope=30
target-scope=10
21 A S dst-address=192.168.15.0/24 gateway=192.168.12.250 gateway-status=192.168.12.250 reachable via <l2tp-MiraVPN> distance=1 scope=30
target-scope=10
22 ADC dst-address=195.144.200.80/28 pref-src=195.144.200.88 gateway=ether2 gateway-status=ether2 reachable distance=0 scope=10