- 经验
- 26
- 分贝
- 0
- 家园分
- 80
- 在线时间:
- 18 小时
- 最后登录:
- 2024-8-8
- 帖子:
- 13
- 精华:
- 0
- 注册时间:
- 2011-7-18
- UID:
- 692105
注册:2011-7-18
|
发表于 2018-9-15 23:20:32
|显示全部楼层
MA5680T(config)#vlan 100 smart //用于承载宽带业务
MA5680T(config)#port vlan 100 0/20 0
MA5680T(config)#vlan 200 smart //用于监控业务
MA5680T(config)#port vlan 200 0/20 0
MA5680T(config)#vlan 300 smart //用于数字广播对讲业务
MA5680T(config)#port vlan 300 0/20 0
MA5680T(config)#vlan 400 smart //用于wifi上网业务
MA5680T(config)#port vlan 400 0/20 0
MA5680T(config)#vlan 500 smart //sip电话
MA5680T(config)#port vlan 500 0/20 1
MA5680T(config)#dba-profile add profile-id 10 type1 fix 102400
MA5680T(config)#ont-lineprofile gpon profile-id 10 profile-name HG8245
MA5680T(config-gpon-lineprofile-10)#commit
MA5680T(config-gpon-lineprofile-10)#quit
MA5680T(config)#ont-srvprofile gpon profile-id 10 profile-name HG8245
MA5680T(config-gpon-srvprofile-10)#ont-port eth 4 pots 2
MA5680T(config-gpon-srvprofile-10)#port vlan eth 1 100
MA5680T(config-gpon-srvprofile-10)#port vlan eth 2 200
MA5680T(config-gpon-srvprofile-10)#port vlan eth 3 300
MA5680T(config-gpon-srvprofile-10)#port vlan eth 4 400
MA5680T(config-gpon-srvprofile-10)#commit
MA5680T(config-gpon-srvprofile-10)#quit
MA5680T(config)#interface gpon 0/8
MA5680T(config-if-gpon-0/8)#port 0 ont-auto-find enable
MA5680T(config-if-gpon-0/8)#display ont autofind 0
MA5680T(config-if-gpon-0/8)#ont confirm 0 sn-auth XXXXXXXXXXXX omci ont-lineprofile-id 10
ont-srvprofile-id 10
MA5680T(config-if-gpon-0/8)#ont port native 0 0 eth 1 vlan 100
MA5680T(config-if-gpon-0/8)#ont port native 0 0 eth 2 vlan 200
MA5680T(config-if-gpon-0/8)#ont port native 0 0 eth 3 vlan 300
MA5680T(config-if-gpon-0/8)#ont port native 0 0 eth 4 vlan 400
MA5680T(config-if-gpon-0/8)#quit
MA5680T(config)#service-port vlan 100 gpon 0/8/0 ont 0 multi-service user-vlan 100
MA5680T(config)#service-port vlan 200 gpon 0/8/0 ont 0 multi-service user-vlan 200
MA5680T(config)#service-port vlan 300 gpon 0/8/0 ont 0 multi-service user-vlan 300
MA5680T(config)#service-port vlan 400 gpon 0/8/0 ont 0 multi-service user-vlan 400
MA5680T(config)#service-port vlan 500 gpon 0/8/0 ont 0 multi-service user-vlan 500
/ip address add address=192.168.1.1/24 interface=lan comment="lan"
/ip dns set allow-remote-requests=yes cache-size=2048 max-udp-packet-size=512 servers=202.102.138.68,223.6.6.6
/ip firewall mangle add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=/ip firewall mangle add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=/ip firewall mangle add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=/ip firewall mangle add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=/ip firewall mangle add chain=forward protocol=tcp tcp-flags=syn action=change-mss new-mss=1440
/interface pppoe-client add name=pppoe-out1 interface=wan5 user=001@e password=94653177 add-default-route=no disabled=no
/interface pppoe-client add name=pppoe-out2 interface=wan4 user=002@e password=965678 add-default-route=no disabled=no
/interface pppoe-client add name=pppoe-out3 interface=wan3 user=003@e password=39175608 add-default-route=no disabled=no
/interface pppoe-client add name=pppoe-out4 interface=wan2 user=004@e password=26266758 add-default-route=no disabled=no
/interface pppoe-client add name=pppoe-out5 interface=wan1 user=005@e password=90058270 add-default-route=no disabled=no
/ip firewall mangle
add chain=prerouting action=mark-connection dst-address-type=!local in-interface=wan5 new-connection-mark=pppoe-out1_conn disabled=no passthrough=yes nth=5,1 comment=NTH_5_1
add chain=prerouting action=mark-routing connection-mark=pppoe-out1_conn in-interface=wan5 new-routing-mark=to_pppoe-out1
add action=mark-connection chain=input in-interface=pppoe-out1 new-routing-mark=to_pppoe-out1
add action=mark-connection chain=input in-interface=pppoe-out1 new-connection-mark=pppoe-out1_conn
add chain=prerouting action=mark-connection dst-address-type=!local in-interface=wan4 new-connection-mark=pppoe-out2_conn disabled=no passthrough=yes nth=5,2 comment=NTH_5_2
add chain=prerouting action=mark-routing connection-mark=pppoe-out2_conn in-interface=wan4 new-routing-mark=to_pppoe-out2
add action=mark-connection chain=input in-interface=pppoe-out2 new-routing-mark=to_pppoe-out2
add action=mark-connection chain=input in-interface=pppoe-out2 new-connection-mark=pppoe-out2_conn
add chain=prerouting action=mark-connection dst-address-type=!local in-interface=wan3 new-connection-mark=pppoe-out3_conn disabled=no passthrough=yes nth=5,3 comment=NTH_5_3
add chain=prerouting action=mark-routing connection-mark=pppoe-out3_conn in-interface=wan3 new-routing-mark=to_pppoe-out3
add action=mark-connection chain=input in-interface=pppoe-out3 new-routing-mark=to_pppoe-out3
add action=mark-connection chain=input in-interface=pppoe-out3 new-connection-mark=pppoe-out3_conn
add chain=prerouting action=mark-connection dst-address-type=!local in-interface=wan2 new-connection-mark=pppoe-out4_conn disabled=no passthrough=yes nth=5,4 comment=NTH_5_4
add chain=prerouting action=mark-routing connection-mark=pppoe-out4_conn in-interface=wan2 new-routing-mark=to_pppoe-out4
add action=mark-connection chain=input in-interface=pppoe-out4 new-routing-mark=to_pppoe-out4
add action=mark-connection chain=input in-interface=pppoe-out4 new-connection-mark=pppoe-out4_conn
add chain=prerouting action=mark-connection dst-address-type=!local in-interface=wan1 new-connection-mark=pppoe-out5_conn disabled=no passthrough=yes nth=5,5 comment=NTH_5_5
add chain=prerouting action=mark-routing connection-mark=pppoe-out5_conn in-interface=wan1 new-routing-mark=to_pppoe-out5
add action=mark-connection chain=input in-interface=pppoe-out5 new-routing-mark=to_pppoe-out5
add action=mark-connection chain=input in-interface=pppoe-out5 new-connection-mark=pppoe-out5_conn
/ip route
add dst-address=0.0.0.0/0 gateway=pppoe-out1 check-gateway=ping comment=1_route disabled=no distance=1 routing-mark=to_pppoe-out1
add dst-address=0.0.0.0/0 gateway=pppoe-out1 check-gateway=ping comment=1_route disabled=no distance=1
add dst-address=0.0.0.0/0 gateway=pppoe-out2 check-gateway=ping comment=2_route disabled=no distance=1 routing-mark=to_pppoe-out2
add dst-address=0.0.0.0/0 gateway=pppoe-out2 check-gateway=ping comment=2_route disabled=no distance=2
add dst-address=0.0.0.0/0 gateway=pppoe-out3 check-gateway=ping comment=3_route disabled=no distance=1 routing-mark=to_pppoe-out3
add dst-address=0.0.0.0/0 gateway=pppoe-out3 check-gateway=ping comment=3_route disabled=no distance=3
add dst-address=0.0.0.0/0 gateway=pppoe-out4 check-gateway=ping comment=4_route disabled=no distance=1 routing-mark=to_pppoe-out4
add dst-address=0.0.0.0/0 gateway=pppoe-out4 check-gateway=ping comment=4_route disabled=no distance=4
add dst-address=0.0.0.0/0 gateway=pppoe-out5 check-gateway=ping comment=5_route disabled=no distance=1 routing-mark=to_pppoe-out5
add dst-address=0.0.0.0/0 gateway=pppoe-out5 check-gateway=ping comment=5_route disabled=no distance=5
/ip firewall natadd action=masquerade chain=srcnat comment=1 out-interface=pppoe-out1
add action=masquerade chain=srcnat comment=2 out-interface=pppoe-out2
add action=masquerade chain=srcnat comment=3 out-interface=pppoe-out3
add action=masquerade chain=srcnat comment=4 out-interface=pppoe-out4
add action=masquerade chain=srcnat comment=5 out-interface=pppoe-out5
|
|