假设网络有这样一个需求,同时拥有两条相同运营商的出口,一条8M,一条是25M,为最大化有效利用线路,将两条线路按照流量比例实现权重的路由策略,我们可以通过PCC来实现。

 

平常我们都是用PCC做多条相同带宽出口的负载均衡,而这次则通过实现比例分配到每条线路上,虽然Nth也可以实现,但Nth缺乏对每条会话的hash算法处理,不能做到相同会话走相同线路,出现不稳定情况。

实现原理比较简单,一条8M,一条是25M,后者大约是前者的3倍出口,所以约等于1:3,那就是要按照1:3的比例分配路由,策略将PCC策略看成4份,然后指定按照1:3的路由策略规则分配。

先定义用户IP地址,通过src-address-list定义

/ip firewall address-list
add address=192.168.88.0/24 list=userip
add address=192.168.80.0/24 list=userip

配置PCC规则,即把2条出口,看成4份数据进行PCC的策略配置,即我们在mangle中配置4组PCC的标记规则,和配置4条负载均衡的规则一样,下面是命令行配置:

/ip firewall mangle
add action=mark-connection chain=prerouting dst-address-type=!local new-connection-mark=pcc1 passthrough=yes per-connection-classifier=both-addresses:4/0 src-address-list=userip

add action=mark-routing chain=prerouting connection-mark=pcc1 new-routing-mark=r1 passthrough=yes src-address-list=userip

add action=mark-connection chain=prerouting dst-address-type=!local new-connection-mark=pcc2 passthrough=yes per-connection-classifier=both-addresses:4/1 src-address-list=userip

add action=mark-routing chain=prerouting connection-mark=pcc2 new-routing-mark=r2 passthrough=yes src-address-list=userip

add action=mark-connection chain=prerouting dst-address-type=!local new-connection-mark=pcc3 passthrough=yes per-connection-classifier=both-addresses:4/2 src-address-list=userip

add action=mark-routing chain=prerouting connection-mark=pcc3 new-routing-mark=r3 passthrough=yes src-address-list=userip

add action=mark-connection chain=prerouting dst-address-type=!local new-connection-mark=pcc4 passthrough=yes per-connection-classifier=both-addresses:4/3 src-address-list=userip

add action=mark-routing chain=prerouting connection-mark=pcc4 new-routing-mark=r4 passthrough=yes src-address-list=userip

路由配置

其实按照比例的分配关键就在路由设置上,这里我们把网关命名为8M和25M以示区分。将分配好的路由标记按照1:3的比例分配到各条线路上

/ip route
add check-gateway=ping gateway=wan-8M routing-mark=r1
add check-gateway=ping gateway=wan-25M routing-mark=r2
add check-gateway=ping gateway=wan-25M routing-mark=r3
add check-gateway=ping gateway=wan-25M routing-mark=r4

nat配置

配置nat规则类似的操作

/ip firewall nat
add chain=srcnat action=masquerade out-interface=wan-8M
add chain=srcnat action=masquerade out-interface=wan-25M

配置完成后流量几乎按照预想的方式运行 ,这样的操作建议使用到相同类型的出口,不建议在不同运营商出口上采用这样的规则,避免延迟和dns解析等问题。