Skema setting Mikrotik pada warnet yang mepet bandwith, Anda bisa
mencoba memisahkan bandwith supaya terjadi sirkulasi yang maksimal di
jaringan Anda. Salah satunya adalah memisahkan antara browsing download upload dan game.
========================= settingan game Point Blank ========================= masukan pada Ip>Firewall>Mangle add chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=tcp dst-address=203.89.146.0/23 dst-port=39190 comment=�Point Blank add chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=udp dst-address=203.89.146.0/23 dst-port=40000-40010 add chain=game action=mark-packet new-packet-mark=Game_pkt passthrough=no connection-mark=Game add chain=prerouting action=jump jump-target=game ==================== setingan Game Poker ==================== masukan di Ip>Firewall>Mangle add chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp dst-address-list=LOAD POKER comment=�fbpoker� add chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp content=statics.poker.static.zynga.com add chain=forward action=mark-packet new-packet-mark=Poker passthrough=no connection-mark=Poker_con ================== setingan Browsing ================== masukan di Ip>Firewall>Mangle add chain=forward action=mark-connection new-connection-mark=http passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Game connection-bytes=0-262146 comment=�browsing� add chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http add chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http ================= setingan Upload ================= masukan di Ip>Firewall>Mangle add chain=prerouting action=mark-packet new-packet-mark=Upload passthrough=no protocol=tcp src-address=192.168.0.0/24 in-interface=Lan packet-mark=!icmp_pkt comment=�upload� ======================== setingan Limit Download ======================== masukan di Ip>Firewall>Mangle add chain=forward action=mark-connection new-connection-mark=Download passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Poker_con connection bytes=262146-4294967295 comment=�limit download� add chain=forward action=mark-packet new-packet-mark=Download_pkt passthrough=no packet-mark=!Game_pk> connection-mark=Download ======================== setingan Queue Tree ======================== masukan di Queue>queue types add name=�Download� kind=pcq pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000 add name=�Http� kind=pcq pcq-rate=1M pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000 add name=�Game� kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address,dst-address,src-port,dst-port pcq-total-limit=2000 add name=�Upload� kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000 ============================== masukan di queue>simple queue ============================== add name=�Main Browse� parent=Lan limit-at=0 priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s add name=�Browse� parent=Main Browse packet-mark=http_pkt limit-at=0 queue=Http priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s add name=�Game� parent=global-total packet-mark=Game_pkt limit-at=0 queue=Game priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s add name=�Poker� parent=global-out packet-mark=Poker limit-at=0 queue=Game priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s add name=�Download� parent=global-out packet-mark=Download_pkt limit-at=0 queue=Download priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s add name=�Main Upload� parent=global-in limit-at=0 priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s add name=�Upload� parent=Main Upload packet-mark=Upload limit-at=0 queue=Upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s ======================= Proxy Eksternal ======================= ip firewall nat add chain=dstnat src-address=!IP_PROXYNYA dst-port 80,8080,3128 action dst-nat to-address=IP-PROXY to-ports=3128 ############################################# ISP 2 LINE => 1 LINE GAME + 1 LINE BROWSING ############################################# 2 ISP + 2 Gateway dalam satu Router Mikrotik by NitrouZ on JUNE 18, 2010 in MIKROTIK, NETWORKING Beberapa minggu yang lalu, teman saya bertanya topologi yang baik untuk Warnet dan Game Center menggunakan 2 ISP dan 2 Gateway dalam 1 Router. Dalam kasus ini, saya menggunakan Router Board RB750 untuk melakukan pemisahan 2 Gateway. Alasan menggunakan 2 G/w adalah supaya saat user lain melakukan download dan browsing, kegiatan game tidak terganggu dengan adanya pemisahan line browsing dan game :) Topologinya kira-kira seperti ini : ISP GAME (172.21.138.1/30) | (172.21.138.2/30) |------------- RB ---------- CLIENT (192.168.69.0/24) | (172.22.138.2/30) (172.22.138.1/30) ISP BROWSING ISP Game menggunakan eth0 (172.21.138.1/30), ISP Browsing menggunakan eth1(172.22.138.1/30) dan CLIENT (192.168.69.0/24) menggunakan eth3. Dan untuk default gatewaynya, kita tentukan untuk ISP Game. Kenapa ? Karena port untuk game sangat bervariasi dan kemungkinan besar kita akan repot ke depannya kalau harus listing listen port pada game-game yang berbeda, jadi untuk memudahkan, kita buat default gateway ke ISP Game. Sekarang kita setting untuk IP Route terlebih dahulu, kira-kira seperti di bawah ini : /ip route add dst-address=0.0.0.0/0 gateway=172.21.138.2 comment="Default Gateway" add dst-address=0.0.0.0/0 gateway=172.21.138.2 routing-mark="Jalur ISP Game" add dst-address=0.0.0.0/0 gateway=172.22.138.2 routing-mark="Jalur ISP Browsing" Kemudian kita Setting Rule di mangle supaya masing-masing dari koneksi kita bisa di akses dari luar /ip firewall mangle add chain=input connection-state=new in-interface="eth0" dst-address-type="!local" action=mark-connection new-connection-mark="gateway-game-conn" add chain=input connection-state=new in-interface="eth1" dst-address-type="!local" action=mark-connection new-connection-mark="gateway-browsing-conn" add chain=output connection-mark="gateway-game-conn" action=mark-routing routing-mark="jalur-game" add chain=output connection-mark="gateway-browsing-conn" action=mark-routing routing-mark="jalur-browsing" Konfigurasi Forward rules pada bagian NAT /ip firewall nat add chain=dstnat protocol=tcp dst-port=!21,80,443,5050 in-interface=eth0 action=dst-nat to-addresses=192.168.69.0/24 to-ports=!21,80,443,5050 add chain=dstnat protocol=tcp dst-port=21,80,443,5050 in-interface=eth1 action=dst-nat to-addresses=192.168.69.0/24 to-ports=21,80,443,5050 Selesai! :) Silakan di koreksi kalau ada kesalahan di penulisan format di atas :) Terima kasih
Artikel ini saya kutip dari http://digoesnet83.blogspot.com/.
All credits to http://digoesnet83.blogspot.com/.
Salam dari http://echowhiterabbit.blogspot.com/ ^_^
All credits to http://digoesnet83.blogspot.com/.
Salam dari http://echowhiterabbit.blogspot.com/ ^_^
Tidak ada komentar:
Posting Komentar