网吧内多线路端口分流后部分游戏登录问题

KXMD

本网吧外线四条都是电信的，分别为主线固定IP光纤2M，固定IP3M，ADSL10M,ADSL4M，内网双网卡绑定做桥，按照端口分流方式走，但是部分游戏例如：起凡，CS平台游戏，穿越火线类似平台类游戏登陆后无法进入到房间里面，分析了一下应该是所有UDP连接都走那个固定IP3M线路设定造成的，禁用了此项策略后也就是说固定IP3M线路停掉，让所有UDP都走线固定IP光纤2M就OK了，但是主线带宽只有2M，这样总是突破了带宽网吧内部网游非常卡，给电信打了电话说我3M那条线路没有做任何端口限制，我在想会不会是部分游戏设计的时候要求他的所有协议的连接都必须走同一个IP才行，也就是说必须绑定，会不会有这样的游戏呢，又要走TCP又要走UDP？
请各位有经验的朋友指导一下，谢谢了！
具体策略脚本如下：（Router OS 3.13）


Flags: X - disabled, I - invalid, D - dynamic
0   chain=forward action=change-mss new-mss=1440 tcp-flags=syn
     in-interface=bonding1 protocol=tcp

1   ;;; WEB   
     chain=prerouting action=mark-connection new-connection-mark=WEB-con1
     passthrough=yes connection-state=new src-address-list=!No_Make
     dst-port=80-81,8080 protocol=tcp nth=2,1

2   chain=prerouting action=mark-connection new-connection-mark=WEB-con2
     passthrough=yes connection-state=new src-address-list=!No_Make
     dst-port=80-81,8080 protocol=tcp nth=2,2

3   chain=prerouting action=mark-routing new-routing-mark=pppoe-10m
     passthrough=no src-address-list=!No_Make dst-port=80-81,8080
     protocol=tcp connection-mark=WEB-con1

4   chain=prerouting action=mark-routing new-routing-mark=pppoe-04m
     passthrough=no src-address-list=!No_Make dst-port=80-81,8080
     protocol=tcp connection-mark=WEB-con2

5   ;;; 10M  
     chain=prerouting action=mark-connection new-connection-mark=ftp-1
     passthrough=yes connection-state=new src-address-list=!No_Make
     in-interface=bonding1 dst-port=20,21,443,9912 protocol=tcp

6   chain=prerouting action=mark-routing new-routing-mark=pppoe-10m
     passthrough=no src-address-list=!No_Make in-interface=bonding1
     dst-port=20,21,443,9912 protocol=tcp connection-mark=ftp-1

7   ;;; UDP 3M
     chain=prerouting action=mark-connection new-connection-mark=UDP-1
     passthrough=yes connection-state=new src-address-list=!No_Make
     protocol=udp

8   chain=prerouting action=mark-routing new-routing-mark=TEL-3M
     passthrough=no src-address-list=!No_Make protocol=udp
     connection-mark=UDP-1

nmwhfx

路过，看看。

WGHBOY

做ip分流吧

SAHELI

3148715

做IP或端口 分流标记吧

/ ip firewall mangle

add chain=prerouting in-interface=lan protocol=tcp dst-port=443 \

    action=add-dst-to-address-list address-list=bank address-list-timeout=3h \

    comment="" disabled=no

add chain=prerouting in-interface=lan dst-address-list=bank \

    action=mark-connection new-connection-mark=1 passthrough=yes comment="" \

    disabled=no