Load Balancing 4 Line ISP dan Proxy Server

IP  MODEM ADSL MODE BRIDGE :
Modem1 : 192.168.3.1
Modem2 : 192.168.4.1
Modem3 : 192.168.5.1
Modem4 : 192.168.6.1

IP  PROXY SERVER :
192.168.27.27

IP MIKROTIK:
Modem1 : 192.168.3.2/24
Modem2 : 192.168.4.2/24
Modem3 : 192.168.5.2/24
Modem4 : 192.168.6.2/24
LAN : 192.168.1.1/24
Proxy : 192.168.27.1/24

/interface ethernet
set 0 comment=”Modem1 Interface” name=Modem1
set 1 comment=”Modem2 Interface” name=Modem2
set 2 comment=”Modem3 Interface” name=Modem3
set 3 comment=”Modem4 Interface” name=Modem4
set 4 comment=”LAN Interface” name=LAN
set 5 comment=”Proxy Interface” name=Proxy

/ip address
add address=192.168.3.2/24 broadcast=192.168.3.2 comment=”" disabled=no \
interface=Modem1 network=192.168.3.0
add address=192.168.4.2/24 broadcast=192.168.4.2 comment=”" disabled=no \
interface=Modem2 network=192.168.4.0
add address=192.168.5.2/24 broadcast=192.168.5.2 comment=”" disabled=no \
interface=Modem3 network=192.168.5.0
add address=192.168.6.2/24 broadcast=192.168.6.2 comment=”" disabled=no \
interface=Modem4 network=192.168.6.0
add address=192.168.1.1/24 broadcast=192.168.1.1 comment=”" disabled=no \
interface=LAN network=192.168.1.0
add address=192.168.27.1/24 broadcast=192.168.27.1 comment=”" disabled=no \
interface=Proxy network=192.168.27.0

PPP-PPPoE CLIENT :
/interface pppoe-client
add name=”pppoe-speedy1″ max-mtu=1480 max-mru=1480 mrru=disabled interface=Modem1 user=”*******@telkom.net” \
password=”******” profile=default service-name=”ITM1″ ac-name=”" add-default-route=no dial-on-demand=no \
use-peer-dns=no allow=pap,chap,mschap1,mschap2
add name=”pppoe-speedy2″ max-mtu=1480 max-mru=1480 mrru=disabled interface=Modem2 user=”********@telkom.net” \
password=”********” profile=default service-name=”ITM2″ ac-name=”" add-default-route=no dial-on-demand=no \
use-peer-dns=no allow=pap,chap,mschap1,mschap2
add name=”pppoe-speedy3″ max-mtu=1480 max-mru=1480 mrru=disabled interface=Modem3 user=”********@telkom.net” \
password=”********” profile=default service-name=”ITM3″ ac-name=”" add-default-route=no dial-on-demand=no \
use-peer-dns=no allow=pap,chap,mschap1,mschap2
add name=”pppoe-speedy4″ max-mtu=1480 max-mru=1480 mrru=disabled interface=Modem3 user=”********@telkom.net” \
password=”********” profile=default service-name=”ITM4″ ac-name=”" add-default-route=no dial-on-demand=no \
use-peer-dns=no allow=pap,chap,mschap1,mschap2

IP DNS :
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=4096KiB \
max-udp-packet-size=512 servers=”8.8.8.8,8.8.4.4″

DHCP SERVER :
/ip pool
add name=dhcp_pool1 ranges=192.168.1.10-192.168.1.50
/ip dhcp-server add address-pool=dhcp_pool1 authoritative=after-2sec-delay bootp-support=static disabled=no interface=LAN lease-time=12h name=”LAN DHCP Server”
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=192.168.1.0/24 comment=”" gateway=192.168.1.1 dns-server=192.168.1.1,202.134.1.10,8.8.8.8

NAT :
/ip fi nat
add chain=dstnat action=dst-nat to-addresses=192.168.27.27 to-ports=3128 protocol=tcp dst-address-list=!Local+Proxy \
in-interface=LAN dst-port=80,81,8080,3128 comment=”TRANSPARENT PROXY”
add chain=srcnat action=masquerade out-interface=pppoe-speedy1 comment=”MASQUERADE”
add chain=srcnat action=masquerade out-interface=pppoe-speedy2
add chain=srcnat action=masquerade out-interface=pppoe-speedy3
add chain=srcnat action=masquerade out-interface=pppoe-speedy4
add chain=srcnat action=masquerade out-interface=Modem1
add chain=srcnat action=masquerade out-interface=Modem2
add chain=srcnat action=masquerade out-interface=Modem3
add chain=srcnat action=masquerade out-interface=Modem4
add chain=dstnat action=dst-nat to-ports=53 protocol=udp in-interface=LAN dst-port=53 comment=”TRANSPARENT DNS”
add chain=dstnat action=dst-nat to-ports=53 protocol=tcp in-interface=LAN dst-port=53
add chain=dstnat action=dst-nat to-ports=53 protocol=udp in-interface=Proxy dst-port=53
add chain=dstnat action=dst-nat to-ports=53 protocol=tcp in-interface=Proxy dst-port=53

IP FIREWALL ADDRESS-LIST
/ip fi addr
add list=LAN-NeT address=192.168.1.0/24
add list=Proxy-NeT address=192.168.27.0/24
add list=Local+Proxy address=192.168.1.0/24
add list=Local+Proxy address=192.168.27.0/24

IP FIREWALL MANGLE
/ip fi ma

ROUTING :
add chain=prerouting action=mark-routing new-routing-mark=Poker passthrough=yes protocol=tcp \
dst-port=843,9339 comment=”Router Poker”
add chain=prerouting action=mark-routing new-routing-mark=PointBlank passthrough=yes protocol=tcp \
dst-address=203.89.146.0/23 dst-port=49100 comment=”Router POINTBLANK”
add chain=prerouting action=mark-routing new-routing-mark=PointBlank passthrough=yes protocol=udp \
dst-address=203.89.146.0/23 dst-port=40000-40010
add chain=prerouting action=mark-routing new-routing-mark=PointBlank passthrough=yes protocol=tcp \
dst-address=203.89.146.0/23 dst-port=39190
add chain=prerouting action=mark-routing new-routing-mark=All-Game passthrough=yes protocol=tcp \
dst-address=203.89.147.0/24 dst-port=4300,5300,10001,14009-14010,16052,16073 comment=”Router ALL GAME”
add chain=prerouting action=mark-routing new-routing-mark=All Game passthrough=yes protocol=udp \
dst-address=203.89.147.0/24 dst-port=14010
add chain=prerouting action=mark-routing new-routing-mark=All-Game passthrough=yes protocol=tcp \
dst-port=4403,4410,8401,8406,9110,13008,16666,17730,17745,18900,31719,46113,49309
add chain=prerouting action=mark-routing new-routing-mark=All-Game passthrough=yes protocol=udp \
dst-port=12020-12080,13000-13080,17001,21850,21891
add chain=prerouting action=mark-routing new-routing-mark=All-Game passthrough=yes protocol=tcp \
dst-port=843,9339,17730,17745,49309

PPPoE CONN :
add chain=input action=mark-connection new-connection-mark=pppoe1-conn passthrough=yes \
connection-state=new in-interface=pppoe-speedy1 comment=”PPPoE CONN”
add chain=input action=mark-connection new-connection-mark=pppoe2-conn passthrough=yes \
connection-state=new in-interface=pppoe-speedy2
add chain=input action=mark-connection new-connection-mark=pppoe3-conn passthrough=yes \
connection-state=new in-interface=pppoe-speedy3
add chain=input action=mark-connection new-connection-mark=pppoe4-conn passthrough=yes \
connection-state=new in-interface=pppoe-speedy4
add chain=prerouting action=mark-connection new-connection-mark=pppoe1-conn \
passthrough=yes connection-state=established in-interface=pppoe-speedy1
add chain=prerouting action=mark-connection new-connection-mark=pppoe2-conn \
passthrough=yes connection-state=established in-interface=pppoe-speedy2
add chain=prerouting action=mark-connection new-connection-mark=pppoe3-conn \
passthrough=yes connection-state=established in-interface=pppoe-speedy3
add chain=prerouting action=mark-connection new-connection-mark=pppoe4-conn \
passthrough=yes connection-state=established in-interface=pppoe-speedy4
add chain=prerouting action=mark-connection new-connection-mark=pppoe1-conn \
passthrough=yes connection-state=related in-interface=pppoe-speedy1
add chain=prerouting action=mark-connection new-connection-mark=pppoe2-conn \
passthrough=yes connection-state=related in-interface=pppoe-speedy2
add chain=prerouting action=mark-connection new-connection-mark=pppoe3-conn \
passthrough=yes connection-state=related in-interface=pppoe-speedy3
add chain=prerouting action=mark-connection new-connection-mark=pppoe4-conn \
passthrough=yes connection-state=related in-interface=pppoe-speedy4
add chain=output action=mark-routing new-routing-mark=pppoe-speedy1 passthrough=no \
connection-mark=pppoe1-conn
add chain=output action=mark-routing new-routing-mark=pppoe-speedy2 passthrough=no \
connection-mark=pppoe2-conn
add chain=output action=mark-routing new-routing-mark=pppoe-speedy3 passthrough=no \
connection-mark=pppoe3-conn
add chain=output action=mark-routing new-routing-mark=pppoe-speedy4 passthrough=no \
connection-mark=pppoe4-conn

HTTP CONN :
add chain=prerouting action=mark-connection new-connection-mark=http-pppoe1 \
passthrough=yes protocol=tcp src-address-type=”" \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=Proxy \
per-connection-classifier=both-addresses-and-ports:4/0 comment=”HTTP CONN”
add chain=prerouting action=mark-connection new-connection-mark=http-pppoe2 \
passthrough=yes protocol=tcp dst-address-type=!local dst-address-list=!Local+Proxy \
in-interface=Proxy per-connection-classifier=both-addresses-and-ports:4/1
add chain=prerouting action=mark-connection new-connection-mark=http-pppoe3 \
passthrough=yes protocol=tcp dst-address-type=!local dst-address-list=!Local+Proxy \
in-interface=Proxy per-connection-classifier=both-addresses-and-ports:4/2
add chain=prerouting action=mark-connection new-connection-mark=http-pppoe3 \
passthrough=yes protocol=tcp dst-address-type=!local dst-address-list=!Local+Proxy \
in-interface=Proxy per-connection-classifier=both-addresses-and-ports:4/3
add chain=prerouting action=mark-connection new-connection-mark=http-pppoe1 \
passthrough=yes protocol=tcp dst-address-type=!local dst-address-list=!Local+Proxy \
in-interface=LAN dst-port=80,3128 per-connection-classifier=both-addresses-and-ports:4/0
add chain=prerouting action=mark-connection new-connection-mark=http-pppoe2 \
passthrough=yes protocol=tcp dst-address-type=!local dst-address-list=!Local+Proxy \
in-interface=LAN dst-port=80,3128 per-connection-classifier=both-addresses-and-ports:4/1
add chain=prerouting action=mark-connection new-connection-mark=http-pppoe3 \
passthrough=yes protocol=tcp dst-address-type=!local dst-address-list=!Local+Proxy \
in-interface=LAN dst-port=80,3128 per-connection-classifier=both-addresses-and-ports:4/2
add chain=prerouting action=mark-connection new-connection-mark=http-pppoe3 \
passthrough=yes protocol=tcp dst-address-type=!local dst-address-list=!Local+Proxy \
in-interface=LAN dst-port=80,3128 per-connection-classifier=both-addresses-and-ports:4/3

MARK-HTTP ROUTE :
add chain=prerouting action=mark-routing new-routing-mark=pppoe-speedy1 passthrough=yes in-interface=Proxy \
connection-mark=http-pppoe1 comment=”MARK-HTTP ROUTE”
add chain=prerouting action=mark-routing new-routing-mark=pppoe-speedy2 passthrough=yes in-interface=Proxy \
connection-mark=http-pppoe2
add chain=prerouting action=mark-routing new-routing-mark=pppoe-speedy3 passthrough=yes in-interface=Proxy \
connection-mark=http-pppoe3
add chain=prerouting action=mark-routing new-routing-mark=pppoe-speedy3 passthrough=yes in-interface=Proxy \
connection-mark=http-pppoe4

NON-HTTP CONN :
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe1 passthrough=yes protocol=tcp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=Proxy dst-port=80,3128 \
per-connection-classifier=both-addresses-and-ports:4/0 comment=”NON-HTTP CONN”
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe2 passthrough=yes protocol=tcp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=Proxy dst-port=80,3128 \
per-connection-classifier=both-addresses-and-ports:4/1
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe3 passthrough=yes protocol=tcp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=Proxy dst-port=80,3128 \
per-connection-classifier=both-addresses-and-ports:4/2
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe3 passthrough=yes protocol=tcp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=Proxy dst-port=80,3128 \
per-connection-classifier=both-addresses-and-ports:4/3
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe1 passthrough=yes protocol=tcp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=LAN dst-port=!80,3128 \
per-connection-classifier=both-addresses-and-ports:4/0
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe2 passthrough=yes protocol=tcp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=LAN dst-port=!80,3128 \
per-connection-classifier=both-addresses-and-ports:4/1
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe3 passthrough=yes protocol=tcp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=LAN dst-port=!80,3128 \
per-connection-classifier=both-addresses-and-ports:4/2
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe3 passthrough=yes protocol=tcp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=LAN dst-port=!80,3128 \
per-connection-classifier=both-addresses-and-ports:4/3
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe1 passthrough=yes protocol=udp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=Proxy \
per-connection-classifier=both-addresses-and-ports:4/0
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe2 passthrough=yes protocol=udp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=Proxy \
per-connection-classifier=both-addresses-and-ports:4/1
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe3 passthrough=yes protocol=udp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=Proxy \
per-connection-classifier=both-addresses-and-ports:4/2
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe3 passthrough=yes protocol=udp \
dst-address-type=!local dst-address-list=!Local+Proxy in-interface=Proxy \
per-connection-classifier=both-addresses-and-ports:4/3
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe1 passthrough=yes protocol=udp \
dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/0
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe2 passthrough=yes protocol=udp \
dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/1
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe3 passthrough=yes protocol=udp \
dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/2
add chain=prerouting action=mark-connection new-connection-mark=non-http-pppoe3 passthrough=yes protocol=udp \
dst-address-type=!local in-interface=LAN per-connection-classifier=both-addresses-and-ports:4/3

MARK NON HTTP ROUTE :
add chain=prerouting action=mark-routing new-routing-mark=pppoe-speedy1 passthrough=yes in-interface=LAN \
connection-mark=non-http-pppoe1 comment=”MARK NON HTTP ROUTE”
add chain=prerouting action=mark-routing new-routing-mark=pppoe-speedy2 passthrough=yes in-interface=LAN \
connection-mark=non-http-pppoe2
add chain=prerouting action=mark-routing new-routing-mark=pppoe-speedy3 passthrough=yes in-interface=LAN \
connection-mark=non-http-pppoe3
add chain=prerouting action=mark-routing new-routing-mark=pppoe-speedy4 passthrough=yes in-interface=LAN \
connection-mark=non-http-pppoe4

CRITICAL CONN :
add chain=postrouting action=change-dscp new-dscp=1 protocol=tcp dst-port=53 comment=”CRITICAL CONN”
add chain=postrouting action=change-dscp new-dscp=1 protocol=icmp
add chain=postrouting action=change-dscp new-dscp=1 protocol=udp dst-port=53
add chain=postrouting action=mark-connection new-connection-mark=critical-conn passthrough=yes dscp=1
add chain=postrouting action=mark-packet new-packet-mark=critical-pkt passthrough=no connection-mark=critical-conn

PROXY-HIT :
add chain=prerouting action=mark-packet new-packet-mark=PKT-HIT passthrough=no protocol=tcp \
in-interface=Proxy dscp=12 comment=”PROXY-HIT”
add chain=postrouting action=mark-packet new-packet-mark=PKT-HIT passthrough=no out-interface=LAN dscp=12

IP ROUTE  ( Pastikan Pref.Source diinput IP Modem/Interface secara manual jika tidak bisa internetan):
/ip r
add dst-address=0.0.0.0/0 gateway=pppoe-speedy1 check-gateway=ping distance=1 \
scope=30 target-scope=10 comment=”Default-Route-speedy1-Distance-1″
add dst-address=0.0.0.0/0 gateway=pppoe-speedy2 check-gateway=ping distance=2 \
scope=30 target-scope=10 routing-mark=PointBlank comment=”Default-Route-speedy2-Distance-2″
add dst-address=0.0.0.0/0 gateway=pppoe-speedy3 check-gateway=ping distance=3 \
scope=30 target-scope=10 routing-mark=All-Game comment=”Default-Route-speedy3-Distance-3″
add dst-address=0.0.0.0/0 gateway=pppoe-speedy3 check-gateway=ping distance=3 \
scope=30 target-scope=10 routing-mark=Poker comment=”Default-Route-speedy4-Distance-4″
add dst-address=0.0.0.0/0 gateway=pppoe-speedy1 check-gateway=ping distance=1 \
scope=30 target-scope=10 routing-mark=pppoe-speedy1
add dst-address=0.0.0.0/0 gateway=pppoe-speedy2 check-gateway=ping distance=1 \
scope=30 target-scope=10 routing-mark=pppoe-speedy2
add dst-address=0.0.0.0/0 gateway=pppoe-speedy3 check-gateway=ping distance=1 \
scope=30 target-scope=10 routing-mark=pppoe-speedy3
add dst-address=0.0.0.0/0 gateway=pppoe-speedy4 check-gateway=ping distance=1 \
scope=30 target-scope=10 routing-mark=pppoe-speedy4

Auto Disable Proxy :
/tool netwatch add host=192.168.27.27 interval=1s timeout=1s\
down-script=”/ip firewall nat disable [find comment=KE-PROXY]“\
up-script=”/ip firewall nat enable [find comment=KE-PROXY]“\
disabled=no

Auto Flush DNS Cache MikroTik Dengan Scheduler :
/ system script
add name=”cacheflush” source=”/ip dns cache flush” policy=ftp,reboot,read,write,policy,test,winbox,password
/ system scheduler
add name=”cache flush” on-event=cacheflush start-date=jan/01/1970 start-time=12:00:00 interval=12h comment=”" disabled=no

0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Computers & Accessories

Please Enable JavaScript!
Mohon Aktifkan Javascript![ Enable JavaScript ]
close
iklan 120 x 600 kanan
close