История изменений
Исправление pavel38, (текущая версия) :
# may/21/2015 16:53:39 by RouterOS 6.28
# software id = 2Y2V-7BPN
#
/ip route
add comment=ZSTTK distance=1 gateway=xx.xx.71.1 routing-mark=eth1
add comment=PVSIB.RU distance=1 gateway=xx.xx.134.254 routing-mark=eth2
add comment="PVSIB.RU wan2" distance=1 gateway=xx.xx.134.254
add comment="ZSTTK wan1" distance=2 gateway=xx.xx.71.1
add action=mark-connection chain=input comment=mark_wan1 dst-port=!20,21,1111,2222,2223,2224,2225,8080,8038,25900,25800,23654,30000-35000 in-interface=\
ether2-wan1 new-connection-mark=wan1in passthrough=no protocol=tcp
add action=mark-connection chain=input comment=mark_wan2 dst-port=!20,21,1111,2222,2223,2224,2225,8080,8038,25900,25800,23654,30000-35000 in-interface=\
ether3-wan2 new-connection-mark=wan2in passthrough=no protocol=tcp
add action=mark-connection chain=input comment=mark_wan1_icmp in-interface=ether2-wan1 new-connection-mark=wan1in protocol=icmp
add action=mark-connection chain=input comment=mark_wan2_icmp in-interface=ether3-wan2 new-connection-mark=wan2in protocol=icmp
add action=mark-routing chain=output comment=output_router_mark_routing_wan1 connection-mark=wan1in new-routing-mark=eth1 passthrough=no
add action=mark-routing chain=output comment=output_router_mark_routing_wan2 connection-mark=wan2in new-routing-mark=eth2 passthrough=no
Это от микротика, что бы он мог отвечать с обеих интерфейсов, я думаю идея тебе понятна и для iptables + route ты сможешь сам сделать.
Исходная версия pavel38, :
# may/21/2015 16:53:39 by RouterOS 6.28
# software id = 2Y2V-7BPN
#
/ip route
add comment=ZSTTK distance=1 gateway=xx.xx.71.1 routing-mark=eth1
add comment=PVSIB.RU distance=1 gateway=xx.xx.134.254 routing-mark=eth2
add comment="PVSIB.RU wan2" distance=1 gateway=xx.xx.134.254
add comment="ZSTTK wan1" distance=2 gateway=xx.xx.71.1
add action=mark-connection chain=input comment=mark_wan1 dst-port=!20,21,1111,2222,2223,2224,2225,8080,8038,25900,25800,23654,30000-35000 in-interface=\
ether2-wan1 new-connection-mark=wan1in passthrough=no protocol=tcp
add action=mark-connection chain=input comment=mark_wan2 dst-port=!20,21,1111,2222,2223,2224,2225,8080,8038,25900,25800,23654,30000-35000 in-interface=\
ether3-wan2 new-connection-mark=wan2in passthrough=no protocol=tcp
add action=mark-connection chain=input comment=mark_wan1_icmp in-interface=ether2-wan1 new-connection-mark=wan1in protocol=icmp
add action=mark-connection chain=input comment=mark_wan2_icmp in-interface=ether3-wan2 new-connection-mark=wan2in protocol=icmp
add action=mark-routing chain=output comment=output_router_mark_routing_wan1 connection-mark=wan1in new-routing-mark=eth1 passthrough=no
add action=mark-routing chain=output comment=output_router_mark_routing_wan2 connection-mark=wan2in new-routing-mark=eth2 passthrough=no
Это от микротика, что бы он мог отвечать с обеих интерфейсов, я думаю идея тебе понятна и для iptables + route ты сможешь сам сделать ?