Setting Mikrotik ini mengambil dari blog mas Dwi Nanto dan MikroTik Wiki, dan telah disesuaikan sebagaimana perlunya ….
modem 1
10.10.1.1
|
|
10.10.1.2
——– MIkrotik Load Balancing — 192.168.0.1 — hub — Client
10.10.2.2
|
|
modem 2
10.10.2.1
Pc-Router Speknya
– Dual P-III - 800Mhz
– Memory 64Mb
– IDE Flash Disk 1 Gb
Konfigurasinya
1. Interface Konfigurasi
/ interface ethernet
set Modem1 name=”Modem1″ mtu=1500 \
mac-address=00:10:4B:0D:95:02 arp=enabled \
disable-running-check=yes auto-negotiation=yes \
full-duplex=yes cable-settings=default \
speed=100Mbps comment=”" disabled=no
set Lan name=”Lan” mtu=1500 \
mac-address=00:0D:88:B2:7D:50 arp=enabled \
disable-running-check=yes auto-negotiation=yes \
full-duplex=yes cable-settings=default \
speed=100Mbps comment=”" disabled=no
set Modem2 name=”Modem2″ mtu=1500 \
mac-address=00:13:46:2C:DE:13 arp=enabled \
disable-running-check=yes auto-negotiation=yes \
full-duplex=yes cable-settings=default \
speed=100Mbps comment=”" disabled=no
2. Ip Address Konfigurasi
/ ip address
add address=192.168.0.1/24 network=192.168.0.0 \
broadcast=192.168.0.255 \
interface=Lan comment=”" disabled=no
add address=10.10.1.2/24 network=10.10.1.0 \
broadcast=10.10.1.255 \
interface=Modem1 comment=”" disabled=no
add address=10.10.2.2/24 network=10.10.2.0 \
broadcast=10.10.2.255 \
interface=Modem2 comment=”" disabled=no
3. Routing IP
/ ip route
add dst-address=0.0.0.0/0 gateway=10.10.2.1 scope=255 \
target-scope=10 routing-mark=odd \
comment=”" disabled=no
add dst-address=0.0.0.0/0 gateway=10.10.1.1 scope=255 \
target-scope=10 routing-mark=even \
comment=”" disabled=no
add dst-address=0.0.0.0/0 gateway=10.10.1.1 scope=255 \
target-scope=10 comment=”" disabled=no
4. Mangle Marking Paket
/ ip firewall mangle
add chain=prerouting in-interface=Lan \
connection-state=new nth=1,1,0 \
action=mark-connection new-connection-mark=odd \
passthrough=yes comment=”Load Balancing” disabled=no
add chain=prerouting in-interface=Lan \
connection-mark=odd action=mark-routing \
new-routing-mark=odd passthrough=no \
comment=”" disabled=no
add chain=prerouting in-interface=Lan \
connection-state=new nth=1,1,1 \
action=mark-connection new-connection-mark=even \
passthrough=yes comment=”" disabled=no
add chain=prerouting in-interface=Lan \
connection-mark=even action=mark-routing \
new-routing-mark=even passthrough=no \
comment=”" disabled=no
add chain=postrouting out-interface=Lan \
dst-address=192.168.0.2 action=mark-packet \
new-packet-mark=operator-down passthrough=no
5. Buat rule nat-masquerade untuk network 192.168.0.0/24 [IP - Firewall - Nat]
/ ip firewall nat
add chain=srcnat src-address=192.168.0.0/24 \
action=masquerade
add chain=srcnat connection-mark=odd action=src-nat \
to-addresses=10.10.2.2 to-ports=0-65535
add chain=srcnat connection-mark=even action=src-nat \
to-addresses=10.10.1.2 to-ports=0-65535
6. Setting DNS
primary-dns=202.134.1.10 secondary-dns=202.134.0.155 \
allow-remote-requests=yes cache-size=4096KiB \
cache-max-ttl=1w cache-used=90KiB
No comments:
Post a Comment