About

ads

This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Tampilkan postingan dengan label Mikrotik. Tampilkan semua postingan
Tampilkan postingan dengan label Mikrotik. Tampilkan semua postingan

Kamis, 27 Juli 2023

Menangkap IP Game Online Di Mikrotik

Menangkap IP Game Online Di Mikrotik



Sering kadang pengguna Wifi atau Hotspot mengeluh karena saat bermain Game terjadi lag karena adanya tarikan bandwitdh sesama pemakai.

Untuk itu digunakanlah Mikrotik untuk memanagement pembagian bandwitdh tersebut. Namun dalam prakteknya masih sering terjadi lag dalam bermain game online.

Sehingga perlu prioritas dalam alokasi bandwith untuk Game Online. Untuk menagkap IP Game Online di Mikrotik berikut scriptnya :

/ip firewall raw
add action=add-dst-to-address-list address-list=roblox address-list-timeout=\
10h chain=prerouting comment=Roblox dst-address-list=!Network dst-port=\
7020-7030,9122,11000-11150 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=roblox address-list-timeout=\
10h chain=prerouting dst-address-list=!Network dst-port=49152-65535 \
protocol=udp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting comment=FreeFire dst-address-list=!Network dst-port=\
6006,6674,7006,7889,8001-8012,9006,9137,10000-10012,11000-11019 protocol=\
tcp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=\
12006,12008,13006,15006,20561,39003,39006,39698,39779,39800 protocol=tcp \
src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port="6006,6008,7008,8008,8\
130,8443,9008,9120,10000-10015,10100,11000-11019,12008,13008" protocol=\
udp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting comment="Mobile Legend" dst-address-list=!Network \
dst-port=5000-5220,5243-5508,5551-5559,5601-5677,5679-5700,9000-9010,9443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=\
5520-5529,10003,30000-30300,8443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=\
2702,3702,5517,5520-5529,8001,9000-9010,9992,10003,30000-30300 protocol=\
udp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port="4001-4009,5000-5241,5\
243-5509,5551-5559,5601-5677,5679-5700,8130,8443,9120" protocol=udp \
src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting comment=PointBlank dst-address-list=!Network dst-port=\
39190-39200,49001-49190 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=40000-40010 protocol=\
udp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting comment="PUBG Mobile" dst-address-list=!Network \
dst-port=7889,10012,13004,14000,17000,17500,18081,20000-20002,20371 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=\
8011,9030,10200-10640,12235,13004,13748,17000,17500,20000-20002 protocol=\
udp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=\
7086-7995,10039,10096,11455,12070-12460,13894,13972,41182-41192 protocol=\
udp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting comment="COD Mobile" dst-address-list=!Network dst-port=\
3013,10000-10019,18082,65010,65050 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=\
7085-7995,8700,9030,10010-10019,17000-20100 protocol=udp \
src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting comment=COC dst-address-list=!Network dst-port=9330-9340 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=9330-9340 protocol=\
udp src-address-list=Network

add action=add-dst-to-address-list address-list=scater address-list-timeout=\
10h chain=prerouting comment=Sceter dst-address-list=!Network dst-port=\
50000-50500 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=scater address-list-timeout=\
10h chain=prerouting dst-address-list=!Network dst-port=\
40000-40010,49152-65535 protocol=udp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting comment=AOV dst-address-list=!Network dst-port=\
10001-10094 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=\
10101-10201,10080-10110,17000-18000 protocol=udp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting comment=Bryan dst-address-list=!Network dst-port=\
8081-8089 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=game address-list-timeout=10h \
chain=prerouting dst-address-list=!Network dst-port=8100-8115,8800-8815 \
protocol=udp src-address-list=Network

-----------------------------------------------------------------------------------

Catatan :
Network adalah merupakan ip local di jaringan kita, sering juga disebut juga disebut ip private.
192.168.0.0/16
172.16.0.0/12
10.0.0.0/8

Menangkap IP Youtube, Sosmed Dan Google di Mikrotik

 Menangkap IP Youtube, Sosmed Dan Google di Mikrotik



Untuk menangkap IP Youtube, Sosmed dan Google dapat digunakan firewall raw seperti script dibawah ini. Dengan mengumpulkan ip tersebut kita dapat mengalokasikan bandwith sesuai kebutuhan di jaringan.

/ip firewall raw
add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting comment=Youtube content=\
googlevideo. dst-address-list=!Network dst-port=80,443 protocol=tcp \
src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=youtube. \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=ytimg. dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=ggpht. dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=googleapis. \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=youtubeeducation. \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=youtube-ui. \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=youtube-nocookie. \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=youtu. dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=gvt1. dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=yt. dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Youtube \
address-list-timeout=1h chain=prerouting content=youtubekids. \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting comment=Facebook content=facebook. dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=fbcdn. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=fb. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=fbsbx. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=Networkountkit. dst-address-list=!Network dst-port=\
80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=akamaihd. dst-address-list=!Network dst-port=\
80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=tfbnw. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=appspot. dst-address-list=!Network dst-port=\
80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=wechat. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=fbsbx. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=fburl. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=edgesuite. dst-address-list=!Network dst-port=\
80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=edgekey. dst-address-list=!Network dst-port=\
80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=messenger. dst-address-list=!Network dst-port=\
80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=msngr. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=thefacebook. dst-address-list=!Network dst-port=\
80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting comment=Instagram content=cdninstagram. \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=instagram. dst-address-list=!Network dst-port=\
80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=ig. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting comment=Twitter content=twitter. dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=twimg. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=twttr. dst-address-list=!Network dst-port=80,443 \
protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting comment=Tiktok content=tiktokv. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=tiktokcdn. disabled=yes dst-address-list=!Network \
dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=tiktokcdn-in. disabled=yes dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Medsos address-list-timeout=\
1h chain=prerouting content=ttoversea. disabled=yes dst-address-list=!Network \
dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting comment="Play Store" content=play.google. disabled=\
yes dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=\
Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=play.googleapis. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=android.clients.google. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=play-fe.googleapis. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=play-lh.googleusercontent. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=googleusercontent. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting comment=Microsoft content=microsoft. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=windows. disabled=yes dst-address-list=!Network \
dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=windowsupdate. disabled=yes dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=azurewebsites. disabled=yes dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=azure-mobile. disabled=yes dst-address-list=\
!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=cloudapp. disabled=yes dst-address-list=!Network \
dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=microsoftproductionstudios. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting comment=Google content=google. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

add action=add-dst-to-address-list address-list=Google address-list-timeout=\
1h chain=prerouting content=googleusercontent. disabled=yes \
dst-address-list=!Network dst-port=80,443 protocol=tcp src-address-list=Network

-----------------------------------------------------------------------------------

Catatan :

Network adalah merupakan ip local di jaringan kita, sering juga disebut juga disebut ip private.

192.168.0.0/16
172.16.0.0/12
10.0.0.0/8

Blok DDOS Di Mikrotik

 Blok DDOS Di Mikrotik

Sering kali tanpa kita sadari, ada orang lain mencoba login ke mikrotik kita. Baik melalui jaringan LAN maupun Jaringan WAN dan sekarang paling susah dilacak yaitu melalui jalur WIFI atau Hotspot. Untuk mengatasi user yang nakal maka perlu diproteksi di server mikrotik.

Berikut ini langkah-langkah yang dapat kita lakukan untuk mengatasinya.

Buka Mikrotik melalui winbox dan pastekan script berikut ini :




/ip firewall filter
add chain=forward connection-state=new action=jump jump-target=block-ddos comment="Blok DDOS"
 
add chain=forward connection-state=new src-address-list=ddosuser dst-address-list=ddostujuan action=drop
 
add chain=block-ddos dst-limit=50,50,src-and-dst-addresses/10s action=return
 
add chain=block-ddos action=add-dst-to-address-list address-list=ddostujuan 
address-list-timeout=10m
 
add chain=block-ddos action=add-src-to-address-list address-list=ddosuser address-list-timeout=10m

Sabtu, 22 Juli 2023

DNS Server Terbaik Untuk Mikrotik

 DNS Server Terbaik Untuk Mikrotik


Untuk mencari DNS server terbaik, maka carilah dns yang memiliki ping paling kecil. Berikut dns yang sering kami gunakan dalam setiap melakukan seting mikrotik.

Cloudflare
1.1.1.1
1.0.0.1

Google
8.8.8.8
8.8.4.4

OpenDNS
208.67.222.222
208.67.220.220

Quad9
9.9.9.9
149.112.112.112



Port Umum Mikrotik

 Daftar Port Umum Mikrotik


Daftar port umum yang yang sering digunakan adalah sebagai berikut:

TCP/UDP: 80,81,443,8000-8081,21,22,23,81,88,5050,843,182,53

Namun Suranta Solution menggunakan port umum sebagai berikut:

TCP/UDP: 21,22,23,53,80,81,443,853,5353,8000,8008,8080,8081,8090,8443,8888

Nb: Jika pada firewall di buat firewall DNS, sebaiknya port 53, 853, dan 5353 dikecualikan dari Port Umum.

Daftar Port Game Online

 Daftar Port Game Online Kami

Berikut ini kumpulan port game yang digunakan Suranta Solution untuk mengatasi Game yang sering lag dikeluhkan oleh pelanggan.
Syaratnya harus punya server management bandwidth seperti mikrotik. Thanks.

Mobile Legend (ML)
tcp: 5000-5221,5224-5227,5229-5241,5243-5287,5289-5352,5354-5509,5517,5520-5529
tcp: 5551-5559,5601-5700,8443,9000-9010,9443,10003,30000-30900
udp: 2702,3702,4001-4009,5000-5221,5224-5241,5243-5287,5289-5352,5354-5509
udp: 5517-5529,5551-5559,5601-5700,8001,8130
udp: 8443,9000-9010,9120,9992,10003,30000-30900

Free Fire (FF)
tcp: 6006,6008,6674,7000-7999,8001-8012,9006,9137,10000-10015,11000-11019
tcp: 12006,12008,13006,15006,20561,39003,39006,39698,39779,39800
udp: 6006,6008,6674,7000-7999,8008,8001-8012,8130,8443,9008,9120
udp: 10000-10015,10100,11000-11019,12008,13008

PUBG Mobile
tcp: 7889,10012,13004,14000,17000,17500,18081,20000-20002,20371
udp: 8011,9030,10491,10612,12235,13004,13748,17000,17500,20000-20002
udp: 7086-7995,10039,10096,11455,12070-12460,13894,13972,41182-41192

League of Legends (LOL) Mobile
tcp: 2080-2099
udp: 5100

Call of Duty (COD Mobile)
tcp: 3013,10000-10019,18082,50000,65010,65050
udp: 7085-7995,8700,9030,10010-10019,17000-20100

Clash of Clans (COC) dan Clash Royale
tcp: 9330-9340
udp: 9330-9340

Arena of Valor (AOV)
tcp: 10001-10094
udp: 10101-10201,10080-10110,17000-18000

FIFA ONLINE
tcp: 7770-7790
udp: 16300-16350

DOTA2
tcp: 9100-9200,8230-8250,8110-8120,27000-28998
udp: 27000-28998,39000

Nb : Jika ada yang ingin ditanyakan atau menambah port silahkan isi di komentar.

Selasa, 17 Mei 2016

Load Balance Metode PCC

bebas bayar, pembayaran mudah dan cepat, transaksi online, pembayaran tagihan dan tiket, transfer dana online


Sama dengan metode ECMP, NTH. Pada Metode PCC Langkah Pertama Yang Dilakukan Adalah Memasukkan IP Address Untuk Semua Ether Yang Digunakan.

ether1-ISP-A : 10.0.0.2/24
ether2-ISP-B : 172.16.0.2/24
ether3-lokal   : 192.168.0.1/24



Kemudian lakukan Masquerade untuk kedua ISP agar bisa terkoneksi ke internet


Pada Bagian Address List tambahkan IP Berikut :

/ip fi address-list
add address=10.0.0.2/24 list=local
add address=172.16.0.2/24 list=local
add address=192.168.0.1/24 list=local 


Berikut Script LB Metode PCC :

/ip firewall mangle
add chain=prerouting dst-address=10.0.0.2/24  action=accept in-interface=ether3-lokal
add chain=prerouting dst-address=172.16.0.2/24  action=accept in-interface=ether3-lokal
add chain=prerouting in-interface=ether1-ISP-A connection-mark=no-mark action=mark-connection new-connection-mark=ISP-A_conn
add chain=prerouting in-interface=ether1-ISP-B connection-mark=no-mark action=mark-connection new-connection-mark=ISP-B_conn
add chain=prerouting  in-interface=ether3-lokal connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=ISP-A_conn
add chain=prerouting  in-interface=ether3-lokal connection-mark=no-mark dst-address-type=!local per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-mark=ISP-B_conn
add chain=prerouting connection-mark=ISP-A_conn in-interface=ether3-lokal action=mark-routing new-routing-mark=to_ISP-A
add chain=prerouting connection-mark=ISP-B_conn in-interface=ether3-lokal action=mark-routing new-routing-mark=to_ISP-B
add chain=output connection-mark=ISP-A_conn action=mark-routing new-routing-mark=to_ISP-A
add chain=output connection-mark=ISP-B_conn action=mark-routing new-routing-mark=to_ISP-B

Langkah Terakhir adalah Bagian Route

/ip route
add dst-address=0.0.0.0/0 gateway=10.0.0.1 routing-mark=to_ISP-A check-gateway=ping
add dst-address=0.0.0.0/0 gateway=172.16.0.1 routing-mark=to_ISP-B check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.0.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=172.16.0.1 distance=2 check-gateway=ping


Referensi :
http://wiki.mikrotik.com/wiki/Manual:PCC

  


Load Balance Metode NTH

Setelah sebelumnya dibahas mengenai LB metode ECMP kali ini kita bahas dengan Metode NTH....

Pertama yg kita lakukan adalah memberikan ip address untuk setiap interface yang kita gunakan di mikrotik.
ether1-ISP-A : 10.0.0.2/24
ether2-ISP-B : 172.16.0.2/24
ether3-lokal   : 192.168.0.1/24





Kemudian lakukan Masquerade untuk kedua ISP agar bisa terkoneksi ke internet.
 

Lalu masukkan script berikut di mikrotik untuk Load Balancenya :

/ip firewall mangle
add chain=prerouting in-interface=ether3-lokal  connection-state=new nth=2,1 action=mark-connection new-connection-mark=lb_1 passthrough=yes comment=”LB NTH Client” disabled=no
add chain=prerouting in-interface=ether3-lokal  connection-mark=lb_1 action=mark-routing new-routing-mark=route_lb_1 passthrough=no comment=”” disabled=no
add chain=prerouting in-interface=ether3-lokal  connection-state=new nth=2,2 action=mark-connection new-connection-mark=lb_2 passthrough=yes comment=”” disabled=no
add chain=prerouting in-interface=ether3-lokal  connection-mark=lb_2 action=mark-routing new-routing-mark=route_lb_2 passthrough=no comment=”” disabled=no

Untuk Routenya berikut scriptnya :

/ip routes
add dst-address=0.0.0.0/0 gateway=10.0.0.1 scope=255 target-scope=10 routing-mark=route_lb_1 comment=”” disabled=no
add dst-address=0.0.0.0/0 gateway=172.16.0.1 scope=255 target-scope=10 routing-mark=route_lb_2 comment=”” disabled=no
add dst-address=0.0.0.0/0 gateway=172.16.0.1 scope=255 target-scope=10 comment=”default routing” disabled=no

Untuk mengantisipasi jika seandainya gateway 172.16.0.1 terputus maka perlu kita buat juga gateway 10.0.0.1 sebagai backup, maka perlu di tambahkan juga gateway tersebut sebagai distance 2.

/ip routes
add dst-address=0.0.0.0/0 gateway=10.0.0.1 scope=255 target-scope=10 comment=”default routing” disabled=no
(pada bagian distancenya ubah menjadi 2).


Referensi :

http://wiki.mikrotik.com/wiki/Manual:NTH



Minggu, 15 Mei 2016

Load Balance Metode ECMP

Load balance pada mikrotik adalah teknik untuk mendistribusikan beban trafik pada dua atau lebih jalur koneksi secara seimbang, agar trafik dapat berjalan optimal, memaksimalkan throughtput, memperkecil waktu tanggap dan menghindari overload pada salah satu jalur koneksi.

Untuk Metode Load Balance sendiri ada beberapa Metode diantara adalah PCC, NTH, ECMP. Kali ini yang dibahas adalah mengenai LB dengan Metode ECMP.

Berikut Contoh Topologi Jaringan :
Pertama yg kita lakukan adalah memberikan ip address untuk setiap interface yang kita gunakan di mikrotik.
ether1-ISP-A : 10.0.0.2/24
ether2-ISP-B : 172.16.0.2/24
ether3-lokal   : 192.168.0.1/24

Kemudian lakukan Masquerade untuk kedua ISP agar bisa terkoneksi ke internet.



Selanjutnya setting Load balance ECMP. Caranya dengan menambahkan rule default gateway dengan dst-address = 0.0.0.0 dan gateway=ISP-A,ISPB


Hal ini dilakukan untuk mengantisipasi salah satu gateway unreachable atau terputus, check-gateway akan menonaktifkan gateway tersebut dan menggunakan gateway yang masih aktif, sehingga mendapatkan effect failover.


Jika memiliki koneksi internet yang berbeda kecepatan bandwidth, dapat membuat perbandingan untuk membagi beban. Misalnya anda berlangganan bandiwdth 2 Mbps dan 8 Mbps. Maka perbandingan adalah 1:4.

Karena koneksi internet mempunyai 2 gateway akan menimbulkan masalah baru pada router, ke gateway mana router akan terkoneksi. Untuk mengatasinya hal ini perlu membuat aturan routing agar koneksi outgoing dan incomingnya tetap di interface yang sama.
Tambahkan script berikut ini :

/ip firewall mangle
add chain=input in-interface=ether1-ISP-A action=mark-connection new-connection-mark=ISP-A_conn
add chain=input in-interface=ether2-ISP-B action=mark-connection new-connection-mark=ISP-B_conn
add chain=output connection-mark=ISP-A_conn action=mark-routing new-routing-mark=ke_ISP-A    
add chain=output connection-mark=ISP-B_conn action=mark-routing new-routing-mark=ke_ISP-B

/ip route
add dst-address=0.0.0.0/0 gateway=10.0.0.1 routing-mark=ke_ISP-A
add dst-address=0.0.0.0/0 gateway=172.16.0.1 routing-mark=ke_ISP-B

Catatan : Gunakan DNS Google 8.8.8.8, jika menggunakan 2 ISP yang berbeda, untuk mengantisipasi permasalahan DNS down disalah satu ISP.