http://www.facebook.com/topic.php?uid=39125097711&topic=12919
Fit Load Balancing Speedy 4 Line + Membagi Bandwith Secara Merata + 2 Mikocok
Mikocok 1
Identitas
/system identity set name=ACS_Balancing
Password
/system password set password=katroklondo
Interface
/interface set ether1 name=speedy1
/interface set ether2 name=speedy2
/interface set ether3 name=speedy3
/interface set ether4 name=speedy4
/interface set ether5 name=local
ip address
/ip address add address=192.168.1.5/24 interface=speedy1
/ip address add address=192.168.2.5/24 interface=speedy2
/ip address add address=192.168.3.5/24 interface=speedy3
/ip address add address=192.168.4.5/24 interface=speedy4
/ip address add address=192.168.10.1/24 interface=local comment="mikrotik 1 ke mikrotik 2"
ip dns
/ip dns set allow-remote-requests=yes
/ip dns set primary-dns=203.130.193.74
/ip dns set secondary-dns=202.134.0.156
IP Firewall
/ip firewall filter add chain=input action=accept protocol=icmp
/ip firewall filter add chain=input action=accept connection-state=established in-interface=speedy1
/ip firewall filter add chain=input action=accept connection-state=related in-interface=speedy1
/ip firewall filter add chain=input action=drop in-interface=speedy1
/ip firewall filter add chain=input action=accept connection-state=established in-interface=speedy2
/ip firewall filter add chain=input action=accept connection-state=related in-interface=speedy2
/ip firewall filter add chain=input action=drop in-interface=speedy2
/ip firewall filter add chain=input action=accept connection-state=established in-interface=speedy3
/ip firewall filter add chain=input action=accept connection-state=related in-interface=speedy3
/ip firewall filter add chain=input action=drop in-interface=speedy3
/ip firewall filter add chain=input action=accept connection-state=established in-interface=speedy4
/ip firewall filter add chain=input action=accept connection-state=related in-interface=speedy4
/ip firewall filter add chain=input action=drop in-interface=speedy4
Setting Buat Mangle
/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=Athlon1 passthrough=yes connection-state=new in-interface=local nth=4,1 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=Athlon1 passthrough=no in-interface=local connection-mark=Athlon1 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=Athlon2 passthrough=yes connection-state=new in-interface=local nth=3,1 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=Athlon2 passthrough=no in-interface=local connection-mark=Athlon2 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=Athlon3 passthrough=yes connection-state=new in-interface=local nth=2,1 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=Athlon3 passthrough=no in-interface=local connection-mark=Athlon3 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=Athlon4 passthrough=yes connection-state=new in-interface=local nth=1,1 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=Athlon4 passthrough=no in-interface=local connection-mark=Athlon4 comment="" disabled=no
Setting NAT
/ip firewall nat add chain=srcnat action=masquerade out-interface=speedy1
/ip firewall nat add chain=srcnat action=masquerade out-interface=speedy2
/ip firewall nat add chain=srcnat action=masquerade out-interface=speedy3
/ip firewall nat add chain=srcnat action=masquerade out-interface=speedy4
/ip firewall nat add chain=srcnat action=masquerade src-address="192.168.10.0/24"
Setting Routenya
/ ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 routing-mark=Athlon1 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 routing-mark=Athlon2 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=192.168.3.1 scope=255 target-scope=10 routing-mark=Athlon3 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=192.168.4.1 scope=255 target-scope=10 routing-mark=Athlon4 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 comment="primary connection" disabled=no
Mikocok 2
Identitas
/system identity set name=squid_proxy
Password
/system password set password=katroklondo
Interface
/interface set ether1 name=mikocok1
/interface set ether2 name=local
/interface set ether3 name=squid
/interface set ether4 name=lokal
/interface set ether5 name=ether5
ip address
/ip address add address=192.168.10.5/24 interface=mikocok1
/ip address add address=192.168.15.1/24 interface=squid
/ip address add address=192.168.0.1/24 interface=local comment="untuk client WARNET Athlon"
/ip address add address=192.168.100.1/24 interface=lokal comment="HOTSPOT Athlon"
ip dns
/ip dns set allow-remote-requests=yes
/ip dns set primary-dns=203.130.193.74
/ip dns set secondary-dns=202.134.0.156
IP Firewall
/ip firewall filter add chain=input action=accept protocol=icmp
/ip firewall filter add chain=input action=accept connection-state=established in-interface=mikocok1
/ip firewall filter add chain=input action=accept connection-state=related in-interface=mikocok1
/ip firewall filter add chain=input action=drop in-interface=mikocok1
Setting NAT
/ip firewall nat add chain=srcnat action=masquerade out-interface=mikocok1
/ip firewall nat add chain=srcnat action=masquerade src-address="192.168.0.0/24"
/ip firewall nat add chain=srcnat action=masquerade src-address="192.168.100.0/24"
/ ip firewall nat add chain=dstnat protocol=tcp dst-port=445 action=dst-nat to-addresses=192.168.15.5 to-ports=445 comment="Untuk HTTPS IPCOP" disabled=no
/ ip firewall nat add chain=dstnat protocol=tcp dst-port=222 action=dst-nat to-addresses=192.168.15.10 to-ports=222 comment="Untuk SSH IPCOP" disabled=no
/ ip firewall nat add chain=dstnat src-address=!192.168.15.0/24 protocol=tcp dst-port=80 dst-address=!192.168.0.1 action=dst-nat to-addresses=192.168.15.5 to-ports=800 comment="" disabled=no
/ ip firewall nat add chain=dstnat src-address=!192.168.15.0/24 protocol=tcp dst-port=80 dst-address=!192.168.100.1 action=dst-nat to-addresses=192.168.15.5 to-ports=800 comment="" disabled=no
Setting Buat Mangle
/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=Athlon1 passthrough=yes connection-state=new in-interface=local nth=1,1 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=Athlon1 passthrough=no in-interface=local connection-mark=Athlon1 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-connection new-connection-mark=Athlon1 passthrough=yes connection-state=new in-interface=lokal nth=1,1 comment="" disabled=no
/ip firewall mangle add chain=prerouting action=mark-routing new-routing-mark=Athlon1 passthrough=no in-interface=lokal connection-mark=Athlon1 comment="" disabled=no
/ip firewall mangle add chain=forward content="X-Cache: HIT" action=mark-connection new-connection-mark=squid_con passthrough=yes comment="" disabled=no
/ip firewall mangle add chain=forward connection-mark=squid_con action=mark-packet new-packet-mark=squid_pkt passthrough=no comment="" disabled=no
Setting Routenya
/ ip route add dst-address=0.0.0.0/0 gateway=192.168.10.1 scope=255 target-scope=10 routing-mark=Athlon1 comment="" disabled=no
/ ip route add dst-address=0.0.0.0/0 gateway=192.168.10.1 scope=255 target-scope=10 comment="primary connection" disabled=no
Membagi Bandwith
Local Bawah
:for x from=10 to=80 do={ /ip firewall mangle add chain=prerouting src-address="192.168.0.$x" action=mark-packet new-packet-mark="Upload-0_$x" passthrough=no }
:for x from=10 to=80 do={ /ip firewall mangle add chain=postrouting dst-address="192.168.0.$x" action=mark-packet new-packet-mark="Download-0_$x" passthrough=no }
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=512000 name=ULB packet-mark="" parent=local priority=1 queue=default;
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=2048000 name=DLB packet-mark="" parent=local priority=1 queue=default;
:for x from=10 to=30 do={/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64000 max-limit=128000 name="Upload0_$x" packet-mark="Upload-0_$x" parent=ULB priority=1 queue=default }
:for x from=10 to=30 do={/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=128000 max-limit=512000 name="Download0_$x" packet-mark="Download-0_$x" parent=DLB priority=1 queue=default }
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=512000 name=ULA packet-mark="" parent=local priority=2 queue=default;
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=1536000 name=DLA packet-mark="" parent=local priority=2 queue=default;
:for x from=40 to=80 do={/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=32000 max-limit=64000 name="Upload0_$x" packet-mark="Upload-0_$x" parent=ULA priority=2 queue=default }
:for x from=40 to=80 do={/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=64000 max-limit=256000 name="Download0_$x" packet-mark="Download-0_$x" parent=DLA priority=2 queue=default }
Lokal
:for x from=59 to=62 do={ /ip firewall mangle add chain=prerouting src-address="192.168.100.$x" action=mark-packet new-packet-mark="Upload-0_$x" passthrough=no }
:for x from=59 to=62 do={ /ip firewall mangle add chain=postrouting dst-address="192.168.100.$x" action=mark-packet new-packet-mark="Download-0_$x" passthrough=no }
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=384000 name=UL1 packet-mark="" parent=lokal priority=8 queue=default;
/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=1024000 name=DL1 packet-mark="" parent=lokal priority=8 queue=default;
:for x from=59 to=62 do={/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="Upload10_$x" packet-mark="Upload-0_$x" parent=UL1 priority=1 queue=default }
:for x from=59 to=62 do={/queue tree add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=0 name="Download10_$x" packet-mark="Download-0_$x" parent=DL1 priority=1 queue=default }
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar