flash

wellcoming,,,,,,here,,,,,,

Senin, 11 Oktober 2010

Setting Load Balance dan Fail Over di Mikrotik

Setting Load Balance dan Fail Over di Mikrotik
Pengantar
Sesuaikan skenario dengan yang anda hadapi. Baca dahulu dengan teliti. Diasumsikan server Mikrotik memiliki 3 (tiga) buah interfaces (NIC) dan dalam kondisi fresh install.
Skenario:
1. ISP Telkom-Speedy (ADSL)
  • IP Router ADSL(LAN): 192.168.0.254
  • IP DNS1: 202.134.0.155
  • IP DNS2: 202.134.2.5

2. ISP Diginet (Wireless)
  • IP: 203.81.187.62
  • IP Gateway: 203.81.187.62
  • IP DNS1: 203.81.185.12
  • IP DNS2: 203.81.185.13
Jumlah Komputer Internet: 50 pc –>
Network: 192.168.3.0/26 (Ip Address: 192.168.3.1 – 192.168.3.63 Netmask: 255.255.255.192)
Jumlah Komputer Games: 50 pc –>
Network: 192.168.3.64/26 (Ip Address: 192.168.3.65 – 192.168.3.128 Netmask: 255.255.255.192)
Langkah-langkah:
1. Beri nama Interfaces Ether1-3 di [Interfaces]
Command
/interface set ether1 name=Telkom
/interface set ether2 name=Diginet
/interface set ether3 name=Local
admin@BlueSky.Net] > interface print
Flags: X - disabled, D - dynamic, R - running
# NAME            TYPE     RX-RATE      TX-RATE MTU
0 R Telkom        ether    0   0        1500
1 R Diginet       ether    0   0        1500
2 R Local         ether    0   0        1500

2. Beri IP Address untuk masing-masing ethernet. [Ip - Interfaces]
Command:
/ip address add address=192.168.0.253/24 interface=Telkom
/ip address add address=203.81.187.62/24 interface=Diginet
/ip address add address=192.168.3.0/24      interface=Local

[admin@BlueSky.Net] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS                NETWORK    BROADCAST     INTERFACE
0 192.168.0.253/24   192.168.0.0    192.168.0.255    Telkom
1 192.168.3.254/24   192.168.3.0    192.168.3.255     Local
2 203.81.187.62/24   203.81.187.0  203.81.187.255    Diginet
3. Buat rule di [IP – Firewall - Mangle]:
- chain=prerouting src-address=192.168.3.0/26 action=mark-routing new-routing mark=Internet
“untuk menandai paket yang berasal dari 192.168.3.0/26 dengan nama=Internet”
- chain=prerouting src-address=192.168.3.64/26 action=mark-routing new-routing-mark=Games
“untuk menandai paket yang berasal dari 192.168.3.64/26 dengan nama=Games”
Command:
/ip firewall mangle add chain=prerouting src-address=192.168.3.0/26 \
action=mark-routing new-routing-mark=Internet
/ip firewall mangle add chain=prerouting src-address=192.168.3.64/26 \
action=mark-routing new-routing-mark=Games
[admin@BlueSky.Net] ip firewall mangle> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting src-address=192.168.3.0/26 action=mark-routing
new-routing-mark=Internet passthrough=yes
1 chain=prerouting src-address=192.168.3.64/26 action=mark-routing
new-routing-mark=Games passthrough=yes
4. Set Gateway untuk masing-masing network. [IP - Route]
Command:
/ip route add gateway=192.168.0.254 dst-address=0.0.0.0/0 routing-mark=Internet
/ip route add gateway=203.81.187.1 dst-address=0.0.0.0/0 routing-mark=Games

[admin@BlueSky.Net] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf
# DST-ADDRESS         PREFSRC         GATEWAY DIS INTE
0 ADC 192.168.0.0/24  192.168.0.253   Telkom
1 ADC 192.168.3.0/24  192.168.3.254   Local
2 ADC 203.81.187.0/24 203.81.187.62   Diginet
3 A S 0.0.0.0/0 r     192.168.0.254   Telkom
4 A S 0.0.0.0/0 r     203.81.187.1    Diginet
5. Buat rule nat-masquerade untuk network 192.168.3.0/24 [IP - Firewall - Nat]
Command:
/ip firewall nat add chain=srcnat src-address=192.168.3.0/24 action=masquerade

[admin@BlueSky.Net] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Masquerade Network 192.168.3.0/24
chain=srcnat src-address=192.168.3.0/24 action=masquerade
6. Buat script untuk melakukan cek gw dengan tools netwatch:
Command:
/system script add name=check-gw source={
:local R1
:local R2
:if ([/tool netwatch get R1 status]=up) do={:set R1 192.168.0.254}
:if ([/tool netwatch get R2 status]=up) do={:set R2 203.81.187.1}
/ip route set [/ip route find dst-address=0.0.0.0/0] \
gateway=($R1 . , . $R2)
}
/tool netwatch add comment=R1 host=192.168.0.254 interval=5s up-script=check-gw \
down-script=check-gw
/tool netwatch add comment=R2 host=203.81.187.1 interval=5s up-script=check-gw \
down-script=check-gw
Setting di Mikrotik sudah selesai.
Berikutnya, isikan IP address untuk tiap client Internet dengan IP Address mulai dari: 192.168.3.1 sampai 192.168.3.63.
Gunakan Netmask 255.255.255.192 agar workgroup terpisah dengan Games.
Jangan lupa berikan IP DNS Telkom di network-properties client Internet sesuai skenario di atas (202.134.0.155 dan 202.134.2.5).
Gateway diarahkan ke: 192.168.3.254.
Untuk Client Games isikan IP Address mulai dari: 192.168.3.65 sampai dengan 192.168.3.128.
Gunakan juga Netmask 255.255.255.192 jika menginginkan workgroup yang terpisah dengan Client untuk Internet.
Berikan IP DNS Diginet (203.81.185.12 dan 203.81.185.13) di network-propertiesnya.
Gateway diisikan dengan 192.168.3.254.
Selamat mencoba…
Diposting oleh TACHI" di Senin, Oktober 11, 2010

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)