ROS VRRP虚拟MAC地址

发布于2023-10-17 15:38 阅读815次

主要用于个别区域网络运营商会检查拨号的MAC地址，如已有人使用ROS多拨，会导致MAC地址冲突不能正常拨号上网问题，这种情况则可使用RouterOS的VRRP虚拟MAC地址实现多拨。变量实例：mac1 "00:E0:4C:" 用以指定MAC地址前三段，后面会自动补充，:set bridgeName "BDG1"指定桥接名，:set wanName "ether1" 指定外网口名称。

在使用Mikrotik的RouterOS软路由系统时，很多场景都会用到叠线，多拨，分线等网络场景，个别时间我们会遇到上游PPPOE或VPN服务器会检查客户端MAC地址，如果片区内有其它的ROS设备先你一步拨号成功，则后续拨号会自动拒绝，此情况则可通过修改ROS默认的MAC地址来实现，这里主要用到在拨号加前置VRRP接口，批量修改VRRP的MAC地址以实现场景需要。 ``` :local cur :local mac1 :local mac2 :local mac3 :local vrrpmac :local vrrpcount :local vrrpname :local bridgeName :local wanName :set cur 0 :set vrrpname "vrrp" :set mac1 "00:E0:4C:" :set mac2 "10:BF:48:" :set mac3 "10:BF:39:" :set bridgeName "BDG1" :set wanName "ether1" /interface bridge add name="$bridgeName" /interface bridge port add interface="$wanName" bridge="$bridgeName" :set vrrpcount [:len [/interface vrrp find name~$vrrpname]] /interface vrrp :foreach ii in=[find name~$vrrpname] do={ /interface vrrp set $ii interface="$bridgeName" :set vrrpmac [get $ii mac-address] :if ($vrrpcount>=$cur && $cur<90) do={ /interface bridge nat add action=src-nat chain=srcnat mac-protocol=pppoe-discovery src-mac-address=("$vrrpmac" . "/FF:FF:FF:FF:FF:FF") to-src-mac-address=("$mac1".($cur+10).":34:".($cur+10)) /interface bridge nat add action=src-nat chain=srcnat mac-protocol=pppoe src-mac-address=("$vrrpmac" . "/FF:FF:FF:FF:FF:FF") to-src-mac-address=("$mac1".($cur+10).":34:".($cur+10)) /interface bridge nat add action=dst-nat chain=dstnat dst-mac-address=(("$mac1".($cur+10).":34:".($cur+10)) . "/FF:FF:FF:FF:FF:FF") mac-protocol=pppoe-discovery to-dst-mac-address=("$vrrpmac") /interface bridge nat add action=dst-nat chain=dstnat dst-mac-address=(("$mac1".($cur+10).":34:".($cur+10)) . "/FF:FF:FF:FF:FF:FF") mac-protocol=pppoe to-dst-mac-address=("$vrrpmac") } :if ($vrrpcount>=$cur && $cur>=90 && $cur<170) do={ /interface bridge nat add action=src-nat chain=srcnat mac-protocol=pppoe-discovery src-mac-address=("$vrrpmac" . "/FF:FF:FF:FF:FF:FF") to-src-mac-address=("$mac2".($cur-80).":11:".($cur-80)) /interface bridge nat add action=src-nat chain=srcnat mac-protocol=pppoe src-mac-address=("$vrrpmac" . "/FF:FF:FF:FF:FF:FF") to-src-mac-address=("$mac2".($cur-80).":11:".($cur-80)) /interface bridge nat add action=dst-nat chain=dstnat dst-mac-address=(("$mac2".($cur-80).":11:".($cur-80)) . "/FF:FF:FF:FF:FF:FF") mac-protocol=pppoe-discovery to-dst-mac-address=("$vrrpmac") /interface bridge nat add action=dst-nat chain=dstnat dst-mac-address=(("$mac2".($cur-80).":11:".($cur-80)) . "/FF:FF:FF:FF:FF:FF") mac-protocol=pppoe to-dst-mac-address=("$vrrpmac") } :if ($vrrpcount>=$cur && $cur>=170 && $cur<255) do={ /interface bridge nat add action=src-nat chain=srcnat mac-protocol=pppoe-discovery src-mac-address=("$vrrpmac" . "/FF:FF:FF:FF:FF:FF") to-src-mac-address=("$mac3".($cur-160).":51:".($cur-160)) /interface bridge nat add action=src-nat chain=srcnat mac-protocol=pppoe src-mac-address=("$vrrpmac" . "/FF:FF:FF:FF:FF:FF") to-src-mac-address=("$mac3".($cur-160).":51:".($cur-160)) /interface bridge nat add action=dst-nat chain=dstnat dst-mac-address=(("$mac3".($cur-160).":51:".($cur-160)) . "/FF:FF:FF:FF:FF:FF") mac-protocol=pppoe-discovery to-dst-mac-address=("$vrrpmac") /interface bridge nat add action=dst-nat chain=dstnat dst-mac-address=(("$mac3".($cur-160).":51:".($cur-160)) . "/FF:FF:FF:FF:FF:FF") mac-protocol=pppoe to-dst-mac-address=("$vrrpmac") } :set cur ($cur+1) } ```

文章点评

暂无任何评论

tenfei发文32篇,2人关注Ta.

作者推荐

赞助商广告位