load balancing yang sekarang ini adalah menggabungkan 4 LAN spidi menjadi 1, artinya BW yang kita beroleh adalah 1536kbps (384X4). itu kalau spidinya bisa 384 beneran :D , Jadi konfigurasi ini bukan pail oper. “gak konek, dipoer” (hehehehe).
Sebelum copy paste pastikan IP keempat modem spidi sudah sesuai dengan konfig dibawah ini. (note : setting modem bukan bridge)
Sedang IP PC klien adalah : 192.168.0.2 sampai 254.
Versi mikrotik untuk uji coba adalah veri bajakan 29.27, dan berjalan dengan baik.
Saran saya setelah semua berjalan dengan seep, belilah lisensi yang asli,
cuma 30-U$ kok. kalu sekedar buat uji coba, silahkan pakai bajakan.
Ohya kalo belum tahu cara installasi mikrotik, silahkan lihat tulisan ini.
Sebelum copy paste sebaiknya mikrotik direset dulu biar setingan yang ada musnah D perintah reset adalah dengan :
/system reset
lalu tekan “Y”
Setelah rebooting baru masuk kembali ke mikrotik dan masukan perintah dibawah ini,
Setelah rebooting baru masuk kembali ke mikrotik dan masukan perintah dibawah ini, tinggal copy paste
/in eth
set ether1 name=”speedy-1? disabled=no
set ether2 name=”speedy-2? disabled=no
set ether3 name=”speedy-3? disabled=no
set ether4 name=”speedy-4? disabled=no
set ether5 name=”intranet” disabled=no
/ip add
add address=192.168.1.2/30 interface=speedy-1 comment=”ke speedy-1?
add address=192.168.2.2/30 interface=speedy-2 comment=”ke speedy-2?
add address=192.168.3.2/30 interface=speedy-3 comment=”ke speedy-3?
add address=192.168.4.2/30 interface=speedy-4 comment=”ke speedy-4?
add address=192.168.0.1/24 interface=intranet comment=”untuk warnet”
/ ip firewall mangle
add chain=prerouting in-interface=intranet connection-state=new nth=3,4,0 action=mark-connection new-connection-mark=satu passthrough=yes comment=”"
add chain=prerouting in-interface=intranet connection-mark=satu action=mark-routing new-routing-mark=satu passthrough=no comment=”"
add chain=prerouting in-interface=intranet connection-state=new nth=3,4,1 action=mark-connection new-connection-mark=dua passthrough=yes comment=”"
add chain=prerouting in-interface=intranet connection-mark=dua action=mark-routing new-routing-mark=dua passthrough=no comment=”" disabled=no
add chain=prerouting in-interface=intranet connection-state=new nth=3,4,2 action=mark-connection new-connection-mark=tiga passthrough=yes comment=”"
add chain=prerouting in-interface=intranet connection-mark=tiga action=mark-routing new-routing-mark=tiga passthrough=no comment=”"
add chain=prerouting in-interface=intranet connection-state=new nth=3,4,3 action=mark-connection new-connection-mark=empat passthrough=yes comment=”"
add chain=prerouting in-interface=intranet connection-mark=empat action=mark-routing new-routing-mark=empat passthrough=no comment=”" disabled=no
/ ip firewall nat
add chain=srcnat out-interface=speedy-1 connection-mark=satu action=src-nat to-addresses=192.168.1.2 to-ports=0-65535 comment=”" disabled=no
add chain=srcnat out-interface=speedy-2 connection-mark=dua action=src-nat to-addresses=192.168.2.2 to-ports=0-65535 comment=”" disabled=no
add chain=srcnat out-interface=speedy-3 connection-mark=satu action=src-nat to-addresses=192.168.3.2 to-ports=0-65535 comment=”" disabled=no
add chain=srcnat out-interface=speedy-4 connection-mark=dua action=src-nat to-addresses=192.168.4.2 to-ports=0-65535 comment=”" disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 routing-mark=satu comment=”" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 routing-mark=dua comment=”" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.3.1 scope=255 target-scope=10 routing-mark=tiga comment=”" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.4.1 scope=255 target-scope=10 routing-mark=empat comment=”" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10
jika anda memakai mikrotik versi 3.1* keatas, ganti mangel diatas dengan yang ini, beda di setting NTH.
/ ip firewall mangle
add chain=prerouting in-interface=intranet connection-state=new nth=4,1 action=mark-connection new-connection-mark=satu passthrough=yes comment=”"
add chain=prerouting in-interface=intranet connection-mark=satu action=mark-routing new-routing-mark=satu passthrough=no comment=”"
add chain=prerouting in-interface=intranet connection-state=new nth=4,2 action=mark-connection new-connection-mark=dua passthrough=yes comment=”"
add chain=prerouting in-interface=intranet connection-mark=dua action=mark-routing new-routing-mark=dua passthrough=no comment=”" disabled=no
add chain=prerouting in-interface=intranet connection-state=new nth=4,3 action=mark-connection new-connection-mark=tiga passthrough=yes comment=”"
add chain=prerouting in-interface=intranet connection-mark=tiga action=mark-routing new-routing-mark=tiga passthrough=no comment=”"
add chain=prerouting in-interface=intranet connection-state=new nth=4,4 action=mark-connection new-connection-mark=empat passthrough=yes comment=”"
add chain=prerouting in-interface=intranet connection-mark=empat action=mark-routing new-routing-mark=empat passthrough=no comment=”" disabled=no
===============================
sekian semoga membatu dan selamat mencoba!! D
Jumat, 14 Januari 2011
mikrotik untuk router warnet
ini konfigurasi bagi teman-teman yang mungkin agak kesulitan setting mikrotik.
tinggal di copy trus paste aja di terminal. jadi deh ….
step-step
1. instal pake cd mikrotik
a. boot dg cd mikrotik
b. setelah bisa boot pake iso linux, pilih beberapa paket yang dibutuhkan. (kalo bingung centang aja semua)
c ikuti aja langkahnya tekan (Yes) (Yes)
setelah restart, login : admin pass : (kosong)
trus copy paste aja tulisan berikut ;
DASAR_______________
system identity set name=warnet.beenet
user set admin password=sukasukalu
ethernet____________________
interface ethernet enable ether1
interface ethernet enable ether2
interface Ethernet set ether1 name=intranet
interface Ethernet set ether2 name=internet
IP ADDRESS_______________
ip address add interface=internet address=XXXXX (dari ISP)
ip address add interface=intranet address=192.168.0.1/24
route_______________
ip route add gateway=XXXXX (dari ISP)
dns___________
ip dns set primary-dns=XXXXX (dari ISP) 2 secondary-dns=XXXXX (dari ISP)
nat & filter firewall standar_______________
ip firewall nat add action=masquerade chain=srcnat
ip firewall filter add chain=input connection-state=invalid action=drop
ip firewall filter add chain=input protocol=udp action=accept
ip firewall filter add chain=input protocol=icmp action=accept
ip firewall filter add chain=input in-interface=intranet action=accept
ip firewall filter add chain=input in-interface=internet action=accept
dhcp server______________________________________
ip dhcp-server setup
dhcp server interface: intranet
dhcp address space: 192.168.0.0/24
gateway for dhcp network: 192.168.0.1
addresses to give out: 192.168.0.2-192.168.0.254
dns servers: XXXXX (dari ISP),XXXXX (dari ISP)
lease time: 3d
web proxy_________________________
ip web-proxy
set enabled=yes
set src-address=0.0.0.0
set port=8080
set hostname=?proxy-apaaja?
set transparent-proxy=yes
set parent-proxy=0.0.0.0:0
set cache-administrator=?silahkan.pannggil.operator?
set max-object-size=4096KiB
set cache-drive=system
set max-cache-size=unlimited
set max-ram-cache-size=unlimited
bikinredirect port ke transparent proxy__________________________
/ip firewall nat add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=8080
/ip firewall nat add chain=dstnat protocol=tcp dst-port=3128 action=redirect to-ports=8080
/ip firewall nat add chain=dstnat protocol=tcp dst-port=8080 action=redirect to-ports=8080
PCQ ________________________
/ip firewall mangle add chain=forward src-address=192.168.169.0/28 action=mark-connection new-connection-mark=client1-cm
/ip firewall mangle add connection-mark=client1-cm action=mark-packet new-packet-mark=client1-pm chain=forward
/queue type add name=downsteam-pcq kind=pcq pcq-classifier=dst-address
/queue type add name=upstream-pcq kind=pcq pcq-classifier=src-address
/queue tree add parent=intranet queue=downsteam-pcq packet-mark=client1-pm
/queue tree add parent=internet queue=upstream-pcq packet-mark=client1-pm
simpel queue______________________________
queue simple add name=kbu-01 target-addresses=192.168.0.11
queue simple add name=kbu-02 target-addresses=192.168.0.12
queue simple add name=kbu-03 target-addresses=192.168.0.13
queue simple add name=kbu-04 target-addresses=192.168.0.14
queue simple add name=kbu-05 target-addresses=192.168.0.15
queue simple add name=kbu-06 target-addresses=192.168.0.16
queue simple add name=kbu-07 target-addresses=192.168.0.17
queue simple add name=kbu-08 target-addresses=192.168.0.18
queue simple add name=kbu-09 target-addresses=192.168.0.19
queue simple add name=kbu-10 target-addresses=192.168.0.20
queue simple add name=xbilling target-addresses=192.168.0.2
BLOX SPAM____________________________
/ip firewall filter add chain=forward dst-port=135-139 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=135-139 protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=445 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=445 protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=593 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=4444 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=5554 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=9996 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=995-999 protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=53 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=55 protocol=tcp action=drop
tinggal di copy trus paste aja di terminal. jadi deh ….
step-step
1. instal pake cd mikrotik
a. boot dg cd mikrotik
b. setelah bisa boot pake iso linux, pilih beberapa paket yang dibutuhkan. (kalo bingung centang aja semua)
c ikuti aja langkahnya tekan (Yes) (Yes)
setelah restart, login : admin pass : (kosong)
trus copy paste aja tulisan berikut ;
DASAR_______________
system identity set name=warnet.beenet
user set admin password=sukasukalu
ethernet____________________
interface ethernet enable ether1
interface ethernet enable ether2
interface Ethernet set ether1 name=intranet
interface Ethernet set ether2 name=internet
IP ADDRESS_______________
ip address add interface=internet address=XXXXX (dari ISP)
ip address add interface=intranet address=192.168.0.1/24
route_______________
ip route add gateway=XXXXX (dari ISP)
dns___________
ip dns set primary-dns=XXXXX (dari ISP) 2 secondary-dns=XXXXX (dari ISP)
nat & filter firewall standar_______________
ip firewall nat add action=masquerade chain=srcnat
ip firewall filter add chain=input connection-state=invalid action=drop
ip firewall filter add chain=input protocol=udp action=accept
ip firewall filter add chain=input protocol=icmp action=accept
ip firewall filter add chain=input in-interface=intranet action=accept
ip firewall filter add chain=input in-interface=internet action=accept
dhcp server______________________________________
ip dhcp-server setup
dhcp server interface: intranet
dhcp address space: 192.168.0.0/24
gateway for dhcp network: 192.168.0.1
addresses to give out: 192.168.0.2-192.168.0.254
dns servers: XXXXX (dari ISP),XXXXX (dari ISP)
lease time: 3d
web proxy_________________________
ip web-proxy
set enabled=yes
set src-address=0.0.0.0
set port=8080
set hostname=?proxy-apaaja?
set transparent-proxy=yes
set parent-proxy=0.0.0.0:0
set cache-administrator=?silahkan.pannggil.operator?
set max-object-size=4096KiB
set cache-drive=system
set max-cache-size=unlimited
set max-ram-cache-size=unlimited
bikinredirect port ke transparent proxy__________________________
/ip firewall nat add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=8080
/ip firewall nat add chain=dstnat protocol=tcp dst-port=3128 action=redirect to-ports=8080
/ip firewall nat add chain=dstnat protocol=tcp dst-port=8080 action=redirect to-ports=8080
PCQ ________________________
/ip firewall mangle add chain=forward src-address=192.168.169.0/28 action=mark-connection new-connection-mark=client1-cm
/ip firewall mangle add connection-mark=client1-cm action=mark-packet new-packet-mark=client1-pm chain=forward
/queue type add name=downsteam-pcq kind=pcq pcq-classifier=dst-address
/queue type add name=upstream-pcq kind=pcq pcq-classifier=src-address
/queue tree add parent=intranet queue=downsteam-pcq packet-mark=client1-pm
/queue tree add parent=internet queue=upstream-pcq packet-mark=client1-pm
simpel queue______________________________
queue simple add name=kbu-01 target-addresses=192.168.0.11
queue simple add name=kbu-02 target-addresses=192.168.0.12
queue simple add name=kbu-03 target-addresses=192.168.0.13
queue simple add name=kbu-04 target-addresses=192.168.0.14
queue simple add name=kbu-05 target-addresses=192.168.0.15
queue simple add name=kbu-06 target-addresses=192.168.0.16
queue simple add name=kbu-07 target-addresses=192.168.0.17
queue simple add name=kbu-08 target-addresses=192.168.0.18
queue simple add name=kbu-09 target-addresses=192.168.0.19
queue simple add name=kbu-10 target-addresses=192.168.0.20
queue simple add name=xbilling target-addresses=192.168.0.2
BLOX SPAM____________________________
/ip firewall filter add chain=forward dst-port=135-139 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=135-139 protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=445 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=445 protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=593 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=4444 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=5554 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=9996 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=995-999 protocol=udp action=drop
/ip firewall filter add chain=forward dst-port=53 protocol=tcp action=drop
/ip firewall filter add chain=forward dst-port=55 protocol=tcp action=drop