官方视频RouterOS PCC负载均衡配置

官方介绍RouterOS v7 PCC负载均衡配置，此视频配置基于RouterOS v7版本，不适用于v7之前版本

关于PCC工作原理可以参见探讨下RouterOS PCC的工作原理与应用延伸 根据视频整理了基本的配置脚本（规则命名有所区别），按照3线pppoe拨号设置(国内建议使用相同运营商的线路做负载均衡) 创建3条pppoe拨号，并设置默认路由的优先级，分别基于ether1，ether2和ether3建立pppoe拨号 /interface pppoe-client add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 user=yusong password=yusong add add-default-route=yes default-route-distance=2 disabled=no interface=ether2 name=pppoe-out2 user=yusong password=yusong add add-default-route=yes default-route-distance=3 disabled=no interface=ether3 name=pppoe-out3 user=yusong password=yusong 创建路由表，取名route1，route2和route3 /routing table add disabled=no fib name=route1 add disabled=no fib name=route2 add disabled=no fib name=route3 创建返程的路由标记 /ip firewall mangle add chain=prerouting action=mark-connection connection-mark=no-mark connection-state=new in-interface=pppoe-out1 new-connection-mark=pcc1 \ passthrough=yes add chain=prerouting action=mark-connection connection-mark=no-mark connection-state=new in-interface=pppoe-out2 new-connection-mark=pcc2 \ passthrough=yes add chain=prerouting action=mark-connection connection-mark=no-mark connection-state=new in-interface=pppoe-out3 new-connection-mark=pcc3 \ passthrough=yes add chain=output action=mark-routing connection-mark=pcc1 new-routing-mark=route1 passthrough=yes add chain=output action=mark-routing  connection-mark=pcc3 new-routing-mark=route3 passthrough=yes add chain=output action=mark-routing  connection-mark=pcc2 new-routing-mark=route2 passthrough=yes 创建lan地址列表，个人喜欢用地址列表创建内网IP地址列表方式标记 /ip firewall address-list add address=192.168.88.0/24 list=lan 创建PCC连接标记和路由标记，both-addresses感觉更好点，能保障相同的源和目标IP走相同的线路，个人更倾向both-address，有助于目标站点对源IP的校验。 /ip firewall mangle add chain=prerouting action=mark-connection connection-mark=no-mark connection-state=new dst-address-type=!local new-connection-mark=pcc1 passthrough=yes per-connection-classifier=both-addresses:3/0 src-address-list=lan add chain=prerouting action=mark-connection connection-mark=no-mark connection-state=new dst-address-type=!local new-connection-mark=pcc2 passthrough=yes per-connection-classifier=both-addresses:3/1 src-address-list=lan add chain=prerouting action=mark-connection connection-mark=no-mark connection-state=new dst-address-type=!local new-connection-mark=pcc3 passthrough=yes per-connection-classifier=both-addresses:3/2 src-address-list=lan add chain=prerouting action=mark-routing connection-mark=pcc1 new-routing-mark=route1 passthrough=yes src-address-list=\ lan add chain=prerouting action=mark-routing connection-mark=pcc3 new-routing-mark=route3 passthrough=yes src-address-list=\ lan add chain=prerouting action=mark-routing connection-mark=pcc2 new-routing-mark=route2 passthrough=yes src-address-list=\ lan 在返程接入接口的连接标记和PCC连接标记都使用connection-state=new，目的是仅对新建立的连接进行PCC负载均衡，由于新建立标记是new，被PCC负载均衡后，后续相关连接会一直保持和原理的出口建立连接，又能减少标记连接数量和系统开销， 在ip route下完成路由标记和对应路由表的设置 /ip route add disabled=no dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-table=route1 suppress-hw-offload=no add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out2 pref-src="" routing-table=route2 scope=30 \ suppress-hw-offload=no target-scope=10 add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out3 pref-src="" routing-table=route3 scope=30 \ suppress-hw-offload=no target-scope=10 最后完成nat配置 /ip firewall nat add chain=srcnat src-address-list=lan action=masquerade