Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 3 of 3
  1. #1
    Status
    Offline
    sunyoto's Avatar
    Baru Gabung
    Join Date
    Nov 2010
    Posts
    11
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Unbound DNS local dan Hotspot mikrotik

    Baru buat Unbound untuk mengurangi beban mikrotik.
    Jam 3 malam Instalasi 5 menit unbound sudah selesai
    apt-get install unbound
    cd /etc/unbound
    wget ftp://FTP.INTERNIC.NET/domain/named.cache
    unbound-control-setup
    chown unbound:root unbound_*
    chmod 440 unbound_*
    nano /etc/unbound/unbound.conf

    server:
    verbosity: 1
    statistics-interval: 120
    num-threads: 1
    interface: 0.0.0.0
    outgoing-range: 512
    num-queries-per-thread: 1024
    msg-cache-size: 16m
    rrset-cache-size: 32m
    msg-cache-slabs: 4
    rrset-cache-slabs: 4
    cache-max-ttl: 86400
    infra-host-ttl: 60
    infra-lame-ttl: 120
    infra-cache-numhosts: 10000
    infra-cache-lame-size: 10k
    do-ip4: yes
    do-ip6: no
    do-udp: yes
    do-tcp: yes
    do-daemonize: yes
    #access-control: 0.0.0.0/0 allow
    access-control: 192.168.0.0/24 allow
    access-control: 192.168.1.1/24 allow
    access-control: 192.168.4.1/24 allow
    access-control: 192.168.5.1/24 allow
    access-control: 10.0.0.0/8 allow
    access-control: 127.0.0.0/8 allow
    access-control: 0.0.0.0/0 refuse
    chroot: "/etc/unbound"
    username: "unbound"
    directory: "/etc/unbound"
    #logfile: "/etc/unbound/unbound.log"
    #use-syslog: yes
    logfile: ""
    use-syslog: no
    pidfile: "/etc/unbound/unbound.pid"
    root-hints: "/etc/unbound/named.cache"
    identity: "DNS"
    version: "1.4"
    hide-identity: yes
    hide-version: yes
    harden-glue: yes
    do-not-query-address: 127.0.0.1/8
    do-not-query-localhost: yes
    module-config: "iterator"
    #zone localhost
    local-zone: "localhost." static
    local-data: "localhost. 10800 IN NS localhost."
    local-data: "localhost. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800"
    local-data: "localhost. 10800 IN A 127.0.0.1"
    local-zone: "127.in-addr.arpa." static
    local-data: "127.in-addr.arpa. 10800 IN NS localhost."
    local-data: "127.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 2 3600 1200 604800 10800"
    local-data: "1.0.0.127.in-addr.arpa. 10800 IN PTR localhost."
    #zone dns-local.net
    local-zone: "dns-local.net." static
    local-data: "dns-local.net. 86400 IN NS ns1.dns-local.net."
    local-data: "dns-local.net. 86400 IN SOA dns-local.net. hostmaster.dns-local.net. 3 3600 1200 604800 86400"
    local-data: "dns-local.net. 86400 IN A 192.168.0.2"
    local-data: "www.dns-local.net. 86400 IN A 192.168.0.2"
    local-data: "ns1.dns-local.net. 86400 IN A 192.168.0.2"
    local-data: "mail.dns-local.net. 86400 IN A 192.168.0.5"
    local-data: "dns-local.net. 86400 IN MX 10 mail.dns-local.net."
    local-data: "dns-local.net. 86400 IN TXT v=spf1 a mx ~all"
    local-zone: "0.168.192.in-addr.arpa." static
    local-data: "0.168.192.in-addr.arpa. 10800 IN NS dns-local.net."
    local-data: "0.168.192.in-addr.arpa. 10800 IN SOA dns-local.net. hostmaster.dns-local.net. 4 3600 1200 604800 864000"
    local-data: "2.0.168.192.in-addr.arpa. 10800 IN PTR dns-local.net."
    forward-zone:
    name: "."
    forward-addr: 180.131.144.144
    forward-addr: 180.131.145.145
    forward-addr: 202.134.0.155
    forward-addr: 203.130.196.155
    forward-addr: 125.160.4.82
    forward-addr: 202.134.0.61
    forward-addr: 203.130.196.5
    forward-addr: 222.124.198.150
    forward-addr: 222.124.249.115
    forward-addr: 8.8.8.8
    forward-addr: 8.8.4.4
    remote-control:
    control-enable: yes
    control-interface: 127.0.0.1
    control-port: 953
    server-key-file: "/etc/unbound/unbound_server.key"
    server-cert-file: "/etc/unbound/unbound_server.pem"
    control-key-file: "/etc/unbound/unbound_control.key"
    control-cert-file: "/etc/unbound/unbound_control.pem"

    lalu
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=udp in-interface=3lan dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=tcp in-interface=3lan dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=udp in-interface=5wifi dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=tcp in-interface=5wifi dst-port=53

    add dns ip unbound di install
    HoreeeeeeeeeeeeeeeClick here to enlarge
    Dan berhasil dns cache di mikrotik kosong tidak seperti biasanya, koneksi lebih responsip

    Tiba2 ada org di wifi konek kayaknya cewek 3 org serentak login.
    Trus tiba di dns cache mikrotik penuh lagi
    Pertanyaan saya, mudah2an ada yg bantu

    Gimana caranya agar semua ip wifi mengambil dns external dari unbound ip dan dns cache di mikrotik kosong seperti untuk lan ?

    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=udp in-interface=5wifi dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=tcp in-interface=5wifi dst-port=53
    tidak berfungsi

    Saya lihat diatas setingan hotspot ada ditulis
    chain hotspot
    protocol 17 (udp)
    dst port 53
    action redirect
    to port 64872


    Atau karena rule diatas makanya dns cache mikrotik gak bisa di buat
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=udp in-interface=5wifi dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=tcp in-interface=5wifi dst-port=53

    dan dns cache tidak kosong
    Gimana yah caranya untuk buat dns hotspot seperti dns local agar dns cache mikrotik kosong aja ?

    Regards

  2. #2
    Status
    Offline
    rizqitomi's Avatar
    Baru Gabung
    Join Date
    Mar 2010
    Posts
    18
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    aku juga punya kasus yang sama.. kClick here to enlarge

  3. #3
    Status
    Offline
    karaeng's Avatar
    VIP Member
    Join Date
    Jun 2010
    Posts
    958
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by sunyoto Click here to enlarge
    Baru buat Unbound untuk mengurangi beban mikrotik.
    Jam 3 malam Instalasi 5 menit unbound sudah selesai
    apt-get install unbound
    cd /etc/unbound
    wget ftp://FTP.INTERNIC.NET/domain/named.cache
    unbound-control-setup
    chown unbound:root unbound_*
    chmod 440 unbound_*
    nano /etc/unbound/unbound.conf

    server:
    verbosity: 1
    statistics-interval: 120



    lalu
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=udp in-interface=3lan dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=tcp in-interface=3lan dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=udp in-interface=5wifi dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=tcp in-interface=5wifi dst-port=53

    add dns ip unbound di install
    HoreeeeeeeeeeeeeeeClick here to enlarge
    Dan berhasil dns cache di mikrotik kosong tidak seperti biasanya, koneksi lebih responsip

    Tiba2 ada org di wifi konek kayaknya cewek 3 org serentak login.
    Trus tiba di dns cache mikrotik penuh lagi
    Pertanyaan saya, mudah2an ada yg bantu

    Gimana caranya agar semua ip wifi mengambil dns external dari unbound ip dan dns cache di mikrotik kosong seperti untuk lan ?

    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=udp in-interface=5wifi dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=tcp in-interface=5wifi dst-port=53
    tidak berfungsi

    Saya lihat diatas setingan hotspot ada ditulis
    chain hotspot
    protocol 17 (udp)
    dst port 53
    action redirect
    to port 64872


    Atau karena rule diatas makanya dns cache mikrotik gak bisa di buat
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=udp in-interface=5wifi dst-port=53
    chain=dstnat action=dst-nat to-addresses=192.168.0.2 to-ports=53 protocol=tcp in-interface=5wifi dst-port=53

    dan dns cache tidak kosong
    Gimana yah caranya untuk buat dns hotspot seperti dns local agar dns cache mikrotik kosong aja ?

    Regards
    coba diperhatikan di IP > DNS
    pada jendela static... pasti ada DNS yg nongol.... yg terbentuk dari gateway IP Hotspot...

    otomatis cache DNS mikrotik berfungsi... krn ada DNS yg berlaku dari pembentukan DNS fasilitas Hotspot.......

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. (ASK) BW MANAGEMENT HOtspOT (Misahin Local Dan INTL)
    By bjo163 in forum Beginner Basics
    Replies: 14
    Last Post: 19-04-2010, 14:14
  2. Replies: 3
    Last Post: 15-09-2009, 00:05
  3. <ask> Mail Server local di Hotspot Mikrotik
    By username in forum HotSpot, The Dude & User Manager
    Replies: 17
    Last Post: 10-05-2009, 18:08

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •