* Loadbalancing 2 Line Internet dengan Membagi Trafik sesuai Tipenya
*************************************************************************
- Internet 1 (e1-wan1)
- Internet 2 (e2-wan2)
- Local Lan (e5-lan3)
- Load balancing with NTH
Skenario:
---------
WAN 1 (10.19.1.99)------| |
| Mikrotik|------- Lan (192.168.2.1)
WAN 1 (10.19.1.98)------| |
---------
<> Penamaan Interface:
Script:
/queue interface
set e1-wan1 queue=ethernet-default
set e2-wan2 queue=ethernet-default
set e3-lan1 queue=ethernet-default
set e4-lan2 queue=ethernet-default
set e5-lan3 queue=ethernet-default
Output:
0 R e1-wan1 ether 1500 1526
1 R e2-wan2 ether 1500 1524
2 e3-lan1 ether 1500 1524
3 e4-lan2 ether 1500 1524
4 R e5-lan3 ether 1500 1524
<> Pemberian IP Address
Script:
/ip address
add address=10.19.1.99/24 broadcast=10.19.1.255 comment="" disabled=no \
interface=e1-wan1 network=10.19.1.0
add address=192.168.1.1/24 broadcast=192.168.1.255 comment="" disabled=no \
interface=e3-lan1 network=192.168.1.0
add address=192.168.2.1/24 broadcast=192.168.2.255 comment="" disabled=no \
interface=e5-lan3 network=192.168.2.0
add address=10.19.1.98/24 broadcast=10.19.1.255 comment="" disabled=no \
interface=e2-wan2 network=10.19.1.0
Output:
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.19.1.99/24 10.19.1.0 10.19.1.255 e1-wan1
1 192.168.1.1/24 192.168.1.0 192.168.1.255 e3-lan1
2 192.168.2.1/24 192.168.2.0 192.168.2.255 e5-lan3
3 10.19.1.98/24 10.19.1.0 10.19.1.255 e2-wan2
<> Pembuatan NAT
Script:
/ip firewall nat
add action=masquerade chain=srcnat comment="" disabled=no src-address=\
192.168.1.0/24
add action=masquerade chain=srcnat comment="" disabled=no src-address=\
192.168.2.0/24
Output:
0 chain=srcnat action=masquerade src-address=192.168.1.0/24
1 chain=srcnat action=masquerade src-address=192.168.2.0/24
<> Pembuatan DNS
Script:
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=512 servers=10.16.3.33,10.2.1.5
Output:
servers: 10.16.3.33,10.2.1.5
allow-remote-requests: yes
max-udp-packet-size: 512
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 28KiB
<> Pembuatan Mangle (Load Balancing 2 Line dgn NTH)
Script:
/ip firewall mangle
;; Pemilahan trafik koneksi menjadi 2 koneksi,dgn pcc 2/0 maka kalkulasi pcc yg bernilai 0 dr trafik akan ditandai sebagai line1
add action=mark-connection chain=prerouting comment=speedy1-cm \
connection-state=new disabled=no in-interface=e5-lan3 \
new-connection-mark=speedy1-cm passthrough=yes per-connection-classifier=\
both-addresses:2/0
;; Pemilahan trafik koneksi menjadi 2 koneksi, dgn pcc 2/1 maka kalkulasi pcc yg bernilai 1 dr trafik akan ditandai sebagai line2
add action=mark-connection chain=prerouting comment=speedy2-cm \
connection-state=new disabled=no in-interface=e5-lan3 \
new-connection-mark=speedy2-cm passthrough=yes per-connection-classifier=\
both-addresses:2/1
;; Pembuatan Route WAN1
add action=mark-routing chain=prerouting comment=speedy1-rm connection-mark=\
speedy1-cm disabled=no in-interface=e5-lan3 new-routing-mark=speedy1-rm \
passthrough=no
;; Pembuatan Route WAN2
add action=mark-routing chain=prerouting comment=speedy2-rm connection-mark=\
speedy2-cm disabled=no in-interface=e5-lan3 new-routing-mark=speedy2-rm \
passthrough=no
;; Pembuatan Koneksi yg berisi Trafik HTTP
add action=mark-connection chain=forward comment="Trafik HTTP" disabled=no \
dst-port=80,8080,3128 in-interface=e5-lan3 new-connection-mark=http-cm \
passthrough=yes protocol=tcp
;; Dari Trafik HTTP tandai paket Browsing
add action=mark-packet chain=forward comment=BROWSING connection-bytes=\
1-184320 connection-mark=http-cm disabled=no new-packet-mark=browsing-pm \
passthrough=no
;; Dari Trafik HTTP tandai paket download
add action=mark-packet chain=forward comment=DOWNLOAD connection-bytes=\
184321-4294967295 connection-mark=http-cm disabled=no new-packet-mark=\
download-pm passthrough=no
;; Penandaan Paket selain trafik HTTP
add action=mark-packet chain=forward comment=other-http connection-mark=\
!http-cm disabled=no new-packet-mark=other-http-pm passthrough=no
Output:
0 ;;; speedy1-cm
chain=prerouting action=mark-connection new-connection-mark=speedy1-cm
passthrough=yes connection-state=new in-interface=e5-lan3
per-connection-classifier=both-addresses:2/1
1 ;;; speedy2-cm
chain=prerouting action=mark-connection new-connection-mark=speedy2-cm
passthrough=yes connection-state=new in-interface=e5-lan3
per-connection-classifier=both-addresses:2/0
2 ;;; speedy1-rm
chain=prerouting action=mark-routing new-routing-mark=speedy1-rm
passthrough=no in-interface=e5-lan3 connection-mark=speedy1-cm
3 ;;; speedy2-rm
chain=prerouting action=mark-routing new-routing-mark=speedy2-rm
passthrough=no in-interface=e5-lan3 connection-mark=speedy2-cm
4 ;;; Trafik HTTP
chain=forward action=mark-connection new-connection-mark=http-cm
passthrough=yes protocol=tcp in-interface=e5-lan3 dst-port=80,8080,3128
5 ;;; BROWSING
chain=forward action=mark-packet new-packet-mark=browsing-pm
passthrough=no connection-mark=http-cm connection-bytes=1-184320
6 ;;; DOWNLOAD
chain=forward action=mark-packet new-packet-mark=download-pm
passthrough=no connection-mark=http-cm
connection-bytes=184321-4294967295
7 ;;; other-http
chain=forward action=mark-packet new-packet-mark=other-http-pm
passthrough=no connection-mark=!http-cm
<> Pembuatan Routing untuk 2 Line
Script:
/ip route
add check-gateway=ping comment="" disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=e1-wan1 routing-mark=speedy1-rm scope=30 target-scope=\
10
add check-gateway=ping comment="" disabled=no distance=1 dst-address=\
0.0.0.0/0 gateway=e2-wan2 routing-mark=speedy2-rm scope=30 target-scope=\
10
add check-gateway=ping comment="default route" disabled=no distance=1 \
dst-address=0.0.0.0/0 gateway=e1-wan1 scope=30 target-scope=10
add check-gateway=ping comment="Backup Route" disabled=no distance=2 \
dst-address=0.0.0.0/0 gateway=e2-wan2 scope=30 target-scope=10
Output:
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 e1-wan1 1
1 A S 0.0.0.0/0 e2-wan2 1
2 A S ;;; default route
0.0.0.0/0 e1-wan1 1
3 S ;;; Backup Route
0.0.0.0/0 e2-wan2 2
4 ADC 10.19.1.0/24 10.19.1.99 e1-wan1 0
e2-wan2
5 ADC 192.168.1.0/24 192.168.1.1 e3-lan1 0
6 ADC 192.168.2.0/24 192.168.2.1 e5-lan3 0
<> Pembuatan Queue Type (Menggunakan PCQ)
Script:
/queue type
add kind=pcq name=total-down pcq-classifier=dst-address pcq-limit=50 \
pcq-rate=0 pcq-total-limit=2000
add kind=pcq name=total-up pcq-classifier=src-address pcq-limit=50 pcq-rate=0 \
pcq-total-limit=2000
Output:
5 name="total-down" kind=pcq pcq-rate=0 pcq-limit=50
pcq-classifier=dst-address pcq-total-limit=2000
6 name="total-up" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address
pcq-total-limit=2000
<> Pembuatan Queue Tree (Sesuaikan Max Limit dan Prioritas sesuai keinginan anda)
Script:
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=total-up1 parent=e1-wan1 priority=8 queue=total-up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=total-up2 parent=e2-wan2 priority=8 queue=total-up
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=2M name=browsing-down packet-mark=browsing-pm parent=total-down \
priority=3 queue=total-down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=2M name=download-http packet-mark=download-pm parent=total-down \
priority=8 queue=total-down
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=1M name=other-down packet-mark=other-http-pm parent=total-down \
priority=8 queue=total-down
Output:
0 name="total-down" parent=e5-lan3 limit-at=0 priority=8 max-limit=0
burst-limit=0 burst-threshold=0 burst-time=0s
1 name="total-up1" parent=e1-wan1 limit-at=0 queue=total-up priority=8
max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
2 name="total-up2" parent=e2-wan2 limit-at=0 queue=total-up priority=8
max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
3 name="browsing-down" parent=total-down packet-mark=browsing-pm limit-at=0
queue=total-down priority=3 max-limit=2M burst-limit=0 burst-threshold=0
burst-time=0s
4 name="download-http" parent=total-down packet-mark=download-pm limit-at=0
queue=total-down priority=8 max-limit=2M burst-limit=0 burst-threshold=0
burst-time=0s
5 name="other-down" parent=total-down packet-mark=other-http-pm limit-at=0
queue=total-down priority=8 max-limit=1M burst-limit=0 burst-threshold=0
burst-time=0s
Catt: Pembuatan mangle tidak boleh memiliki policy yang tumpang tindih..
Config lengkap file test dari lb_nth_pcq_2line.rsc (folder config)
Selamat Mencoba
0 comments:
Posting Komentar