Jumat, 16 November 2012

ISP 2 LINE = 1 LINE GAME + 1 LINE BROWSING

Skema setting Mikrotik pada warnet yang mepet bandwith, Anda bisa mencoba memisahkan bandwith supaya terjadi sirkulasi yang maksimal di jaringan Anda. Salah satunya adalah memisahkan antara browsing download upload dan game.


=========================
settingan game Point Blank
=========================
masukan pada Ip>Firewall>Mangle

add chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=tcp dst-address=203.89.146.0/23 dst-port=39190 comment=�Point Blank
add chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=udp dst-address=203.89.146.0/23 dst-port=40000-40010
add chain=game action=mark-packet new-packet-mark=Game_pkt passthrough=no connection-mark=Game
add chain=prerouting action=jump jump-target=game
====================
setingan Game Poker
====================
masukan di Ip>Firewall>Mangle

add chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp dst-address-list=LOAD POKER comment=�fbpoker�
add chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp content=statics.poker.static.zynga.com
add chain=forward action=mark-packet new-packet-mark=Poker passthrough=no connection-mark=Poker_con

==================
setingan Browsing
==================
masukan di Ip>Firewall>Mangle

add chain=forward action=mark-connection new-connection-mark=http passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Game connection-bytes=0-262146 comment=�browsing�
add chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http
add chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http

=================
setingan Upload
=================
masukan di Ip>Firewall>Mangle

add chain=prerouting action=mark-packet new-packet-mark=Upload passthrough=no protocol=tcp src-address=192.168.0.0/24 in-interface=Lan packet-mark=!icmp_pkt comment=�upload�

========================
setingan Limit Download
========================
masukan di Ip>Firewall>Mangle

add chain=forward action=mark-connection new-connection-mark=Download passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Poker_con connection bytes=262146-4294967295 comment=�limit download�
add chain=forward action=mark-packet new-packet-mark=Download_pkt passthrough=no packet-mark=!Game_pk> connection-mark=Download

========================
setingan Queue Tree
========================
masukan di Queue>queue types

add name=�Download� kind=pcq pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
add name=�Http� kind=pcq pcq-rate=1M pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
add name=�Game� kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address,dst-address,src-port,dst-port pcq-total-limit=2000
add name=�Upload� kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000

==============================
masukan di queue>simple queue
==============================
add name=�Main Browse� parent=Lan limit-at=0 priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
add name=�Browse� parent=Main Browse packet-mark=http_pkt limit-at=0 queue=Http priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
add name=�Game� parent=global-total packet-mark=Game_pkt limit-at=0 queue=Game priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name=�Poker� parent=global-out packet-mark=Poker limit-at=0 queue=Game priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
add name=�Download� parent=global-out packet-mark=Download_pkt limit-at=0 queue=Download priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s
add name=�Main Upload� parent=global-in limit-at=0 priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s
add name=�Upload� parent=Main Upload packet-mark=Upload limit-at=0 queue=Upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s

=======================
Proxy Eksternal
=======================

ip firewall nat add chain=dstnat src-address=!IP_PROXYNYA dst-port 80,8080,3128 action dst-nat to-address=IP-PROXY to-ports=3128




#############################################
ISP 2 LINE => 1 LINE GAME + 1 LINE BROWSING
#############################################
2 ISP + 2 Gateway dalam satu Router Mikrotik

by NitrouZ on JUNE 18, 2010 in MIKROTIK, NETWORKING
Beberapa minggu yang lalu, teman saya bertanya topologi yang baik untuk Warnet dan Game Center menggunakan 2 ISP dan 2 Gateway dalam 1 Router. Dalam kasus ini, saya menggunakan Router Board RB750 untuk melakukan pemisahan 2 Gateway. Alasan menggunakan 2 G/w adalah supaya saat user lain melakukan download dan browsing, kegiatan game tidak terganggu dengan adanya pemisahan line browsing dan game :)

Topologinya kira-kira seperti ini :

    ISP GAME
(172.21.138.1/30)
       |       (172.21.138.2/30)
       |------------- RB ---------- CLIENT (192.168.69.0/24)
       |       (172.22.138.2/30)
(172.22.138.1/30)
  ISP BROWSING

ISP Game menggunakan eth0 (172.21.138.1/30), ISP Browsing menggunakan eth1(172.22.138.1/30) dan CLIENT (192.168.69.0/24) menggunakan eth3. Dan untuk default gatewaynya, kita tentukan untuk ISP Game. Kenapa ? Karena port untuk game sangat bervariasi dan kemungkinan besar kita akan repot ke depannya kalau harus listing listen port pada game-game yang berbeda, jadi untuk memudahkan, kita buat default gateway ke ISP Game.

Sekarang kita setting untuk IP Route terlebih dahulu, kira-kira seperti di bawah ini :

/ip route
add dst-address=0.0.0.0/0 gateway=172.21.138.2 comment="Default Gateway"
add dst-address=0.0.0.0/0 gateway=172.21.138.2 routing-mark="Jalur ISP Game"
add dst-address=0.0.0.0/0 gateway=172.22.138.2 routing-mark="Jalur ISP Browsing"
Kemudian kita Setting Rule di mangle supaya masing-masing dari koneksi kita bisa di akses dari luar

/ip firewall mangle
add chain=input connection-state=new in-interface="eth0" dst-address-type="!local" action=mark-connection new-connection-mark="gateway-game-conn"
add chain=input connection-state=new in-interface="eth1" dst-address-type="!local" action=mark-connection new-connection-mark="gateway-browsing-conn"
add chain=output connection-mark="gateway-game-conn" action=mark-routing routing-mark="jalur-game"
add chain=output connection-mark="gateway-browsing-conn" action=mark-routing routing-mark="jalur-browsing"
Konfigurasi Forward rules pada bagian NAT

/ip firewall nat
add chain=dstnat protocol=tcp dst-port=!21,80,443,5050 in-interface=eth0 action=dst-nat to-addresses=192.168.69.0/24 to-ports=!21,80,443,5050
add chain=dstnat protocol=tcp dst-port=21,80,443,5050 in-interface=eth1 action=dst-nat to-addresses=192.168.69.0/24 to-ports=21,80,443,5050
Selesai! :) Silakan di koreksi kalau ada kesalahan di penulisan format di atas :) Terima kasih  

Tidak ada komentar:

Poskan Komentar