Load Balancing 2 Speedy + Squid (Ubuntu Server 9.10)+ Hotspot
Load Balancing 2 Speedy + Squid (Ubuntu Server 9.10)+ Hotspot
Maaf Sebelumnya ane buat thread ini supaya membantu bagi yang bingung untuk menggabung 2 speedy dengan menggunakan Mikrotik 2.9.27. Ini menggunakan teknik nth pada 2 keluaran dan 1 keluaran untuk hotspot.
Berikut topologinya
Untuk Konfigurasi Mikrotiknya adalah
IP yang diberikan adalah
Mikrotik (192.168.0.63/26) karena menggunakan (63 mesin)
Squid (192.168.3.254)
Speedy1 (192.168.1.254)
Speedy2 (192.168.2.254)
Proxy (192.168.3.254)
Step 1 : Interface
[admin@paus.net] > interface pr
Flags: X - disabled, D - dynamic, R - running
# NAME TYPE RX-RATE TX-RATE MTU
0 R Lokal ether 0 0 1500
1 R HotSpot ether 0 0 1500
2 R Speedy2 ether 0 0 1500
3 R Speedy1 ether 0 0 1500
4 R Proxy ether 0 0 1500
Step 2 : Mangle
[admin@paus.net] > ip firewall mangle pr
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting in-interface=Lokal connection-state=new nth=1,1,0
action=mark-connection new-connection-mark=spidol1 passthrough=yes
1 chain=prerouting in-interface=Lokal connection-mark=spidol1
action=mark-routing new-routing-mark=spidol1 passthrough=no
2 chain=prerouting in-interface=Lokal connection-state=new nth=1,1,1
action=mark-connection new-connection-mark=spidol2 passthrough=yes
3 chain=prerouting in-interface=Lokal connection-mark=spidol2
action=mark-routing new-routing-mark=spidol2 passthrough=no
4 ;;; proxy
chain=prerouting in-interface=Proxy connection-state=new nth=1,1,0
action=mark-connection new-connection-mark=spidol1 passthrough=yes
5 chain=prerouting in-interface=Proxy connection-mark=spidol1
action=mark-routing new-routing-mark=spidol1 passthrough=no
6 chain=prerouting in-interface=Proxy connection-state=new nth=1,1,1
action=mark-connection new-connection-mark=spidol2 passthrough=yes
7 chain=prerouting in-interface=Proxy connection-mark=spidol2
action=mark-routing new-routing-mark=spidol2 passthrough=no
Step 3 : Ip Route
[admin@paus.net] > ip route pr
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 ADC 10.10.10.0/24 10.10.10.1 HotSpot
1 ADC 192.168.0.0/26 192.168.0.63 Lokal
2 ADC 192.168.1.0/24 192.168.1.253 Speedy1
3 ADC 192.168.2.0/24 192.168.2.253 Speedy2
4 ADC 192.168.3.0/24 192.168.3.253 Proxy
5 A S 0.0.0.0/0 r 192.168.1.254 Speedy1
6 A S 0.0.0.0/0 r 192.168.2.254 Speedy2
Step 4 : NAT
[admin@paus.net] > ip firewall nat pr
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Masquerade Lokal
chain=srcnat out-interface=Speedy1 action=masquerade
1 chain=srcnat out-interface=Speedy2 action=masquerade
2 chain=srcnat out-interface=Proxy action=masquerade
3 ;;; masquerade hotspot network
chain=srcnat src-address=10.10.10.0/24 action=masquerade
4 ;;; Belokkan ke proxy mikrotik
chain=dstnat src-address=192.168.0.0/24 protocol=tcp dst-port=80
action=dst-nat to-addresses=192.168.0.63 to-ports=3128
Step 5 : Set IP Proxy
[admin@paus.net] > ip proxy pr
enabled: yes
port: 8080
parent-proxy: 192.168.3.254:3128
maximal-client-connecions: 1000
maximal-server-connectons: 1000
Step 6 : Web Proxy
[admin@paus.net] > ip web-proxy pr
enabled: yes
src-address: 0.0.0.0
port: 3128
hostname: "proxy.paus.net.id"
transparent-proxy: yes
parent-proxy: 192.168.3.254:3128
cache-administrator: "dionipe@gmail.com"
max-object-size: 4096KiB
cache-drive: system
max-cache-size: unlimited
max-ram-cache-size: unlimited
status: running
reserved-for-cache: 4733952KiB
reserved-for-ram-cache: 2048KiB
Step 7 : Hotspot
Flags: X - disabled, I - invalid, S - HTTPS
# NAME INTERFACE ADDRESS-POOL PROFILE IDLE-TIMEOUT
0 hotspot1 HotSpot hs-pool-2 hsprof2 5m
Step 8 : Radius
[admin@paus.net] radius> pr
Flags: X - disabled
# SERVICE CALLED-ID DOMAIN ADDRESS SECRET
0 hotspot 127.0.0.1 123456
source : forummikrotik.com
Oleh : Ardiansyah
LOAD BALANCING MIKROTIK ROUTER OS
1. Memasukkan IP Address ke masing-masing interface.
# Ip address add address xxx.xxx.xxx.xxx/xx interface lan
# Ip address add address xxx.xxx.xxx.xxx/xx interface wan 0
# Ip address add address xxx.xxx.xxx.xxx/xx interface wan 1
2. Membuat address list pada address list agar setip client tershaping semua
# ip firewall address-list add list=Client address=ip-lan-local
3. Membuat Mangle pada firewall
# ip firewall mangle add
0 chain=prerouting in-interface=LAN connection-state=new nth=1,2,0 src-address-list=Client action=mark-connection new-connection-mark=odd passthrough=yes
1 chain=prerouting in-interface=LAN connection-mark=odd action=add-src-to-address-list address-list=odd address-list-timeout=1d
2 chain=prerouting in-interface=LAN connection-mark=odd src-address-list=Client action=mark-routing new-routing-mark=odd passthrough=no
3 chain=prerouting in-interface=LAN connection-state=new nth=1,2,1 src-address-list=Client action=mark-connection new-connection-mark=even passthrough=yes
4 chain=prerouting in-interface=LAN connection-mark=even action=add-src-to-address-list address-list=even address-list-timeout=1d
5 chain=prerouting in-interface=LAN connection-mark=even src-address-list=Client action=mark-routing new-routing-mark=even passthrough=no
4. Membuat NAT
# ip firewall nat add
0 chain=srcnat routing-mark=odd action=src-nat to-addresses=ip-publik1 to-ports=0-65535
1 chain=srcnat routing-mark=even action=src-nat to-addresses=ip-publik2 to-ports=0-65535
2 chain=srcnat action=masquerade
5. Membuat IP Route
# Ip route add gateway xxx.xxx.xxx.xxx routing-mark conn-satu
# Ip route add gateway xxx.xxx.xxx.xxx routing-mark conn-dua
# Ip route add gateway xxx.xxx.xxx.xxx
6. Memasukkan DNS
# ip dns set
primary-dns: 203.130.206.250
secondary-dns: 202.134.0.155
allow-remote-requests: yes
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 660KiB
7. klo dah selesai coba test speed di speedtest.net
