Searching...
Jumat, 28 Februari 2014
Home » Mikrotik » 2 Gateway dalam 1 Mikrotik & 1 External Proxy

2 Gateway dalam 1 Mikrotik & 1 External Proxy

07.17
Setelah beberapa kali kurang berhasil menggunakan teknik loadbalancing (LB) kemudian beralih menggunakan 2 (dua) gateway dalam 1 buah mikrotik router dan 1 external proxy menggunakan OS Ubuntu dengan Squid Proxy Lusca. dalam jaringan tersebut saya pergunakan untuk dua jalur input dan dua jalur output : Warnet dan Hotspot "tidak digabung" alasan : blm berhasil nyoba lb dengan hasil yang maknyuss...
Tujuan menggunakan 2 gateaway pada 1 mikrotik & 1 proxy server  disini adalah menghemat mikrotik dan proxy, akan menjadi percuma / mubadhir kalau harus perlu mikrotik sendiri-sendiri... menurut saya :-)

berikut konfigurasinya :
1. Modem 1 : setting PPPOE-Client (bridge mode) = dialup
2. Modem 2 : setting PPPOE-DialUP pada modem = 2modem
3. Proxy : Menggunakan OS Ubuntu dengan Squid Lusca
script nat :
add action=masquerade chain=srcnat comment=\
    "Masquerade PPOE-Client dialup" disabled=no out-interface=\
    dialup
add action=masquerade chain=srcnat disabled=no out-interface=2modem
add action=dst-nat chain=dstnat comment="redireck warnet to proxy" disabled=\
    no dst-port=80,3128,3129,8080 in-interface=warnet protocol=tcp \
    src-address-list=!Proxy to-addresses=192.168.2.2 to-ports=800
add action=dst-nat chain=dstnat comment="redireck hotspot to proxy" disabled=\
    no dst-port=80,3128,3129,8080 in-interface=hotspot protocol=tcp \
    src-address-list=!Proxy to-addresses=192.168.2.2 to-ports=800
script mangle :
/ip firewall mangle
add action=mark-packet chain=postrouting comment="Proxy Los" disabled=no \
    dscp=12 new-packet-mark=HIT-warnet out-interface=warnet passthrough=no
add action=mark-packet chain=postrouting disabled=no dscp=12 hotspot=auth \
    new-packet-mark=HIT-hotspot out-interface=hotspot passthrough=no
add action=mark-connection chain=preroutin \
    connection-state=new disabled=no in-interface=proxy new-connection-mark=\
    PROXY-1 passthrough=yes
add action=mark-connection chain=prerouting connection-state=new disabled=no \
    in-interface=proxy new-connection-mark=PROXY-2 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=PROXY-1 disabled=\
    no in-interface=proxy new-connection-mark=PROXY-1 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=PROXY-2 disabled=\
    no in-interface=proxy new-connection-mark=PROXY-2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=PROXY-1 disabled=no \
    in-interface=proxy new-routing-mark=Route-Proxy-1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=PROXY-2 disabled=no \
    in-interface=proxy new-routing-mark=Route-Proxy-2 passthrough=yes
add action=mark-connection chain=input comment="" \
    connection-state=new disabled=no in-interface=warnet new-connection-mark=\
    ADSL-1 passthrough=yes
add action=mark-connection chain=input connection-state=new disabled=no \
    in-interface=hotspot new-connection-mark=ADSL-2 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=ADSL-1 disabled=\
    no in-interface=warnet new-connection-mark=ADSL-1 passthrough=no
add action=mark-connection chain=prerouting connection-mark=ADSL-2 disabled=\
    no in-interface=hotspot new-connection-mark=ADSL-2 passthrough=no
script route :
/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    dialup routing-mark=Route-Proxy-1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    192.168.4.1 routing-mark=Route-Proxy-2 scope=30 target-scope=10
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=dialup routing-mark=\
    Poker+PB scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=dialup scope=30 \
    target-scope=10
 
Diposting oleh di 07.17
Label:
Share:

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)