Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 25
  1. #1
    Status
    Offline
    tutorial's Avatar
    Newbie
    Join Date
    Sep 2010
    Posts
    50
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Proxy HIT bikin CPU 100%

    Semuanya nubie mau tanya nih

    Udah coba seting mikrotik tamba squid eksternal yang jadi pertanyaan..

    1. Kenapa proxy HIT lambat maksimal 8mb
    2. Setiap proxy HIT naik pasti RB CPU hampir 100% Click here to enlarge

    kira2 setingan gmn ya

    ini setingan saya standar aja

    /ip firewall mangle
    add action=mark-packet chain=forward comment="PROXY-HIT-DSCP 12" disabled=no \
    dscp=12 new-packet-mark=proxy-hit passthrough=no
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
    max-limit=0 name=".:PROXY HIT:." packet-mark=proxy-hit parent=Local \
    priority=1 queue=default

    NB : saya pernah liat setingan punya temen bisa ampe 45mb trus CPU loadnya biasa aja ... sebelah mana kira2 yg salah ya?


    nuhun Click here to enlarge

    update pic.. setelah di otrak-atrik jg sama

    Click here to enlarge

    ================================================== ==

    Update solve dan masalah baru

    sudah solve nih keknya tapi ada masalah baru... pada UPLOAD parent

    ini penyebab HIT proxy jadi lambat dan CPU load 100%

    Click here to enlarge

    masalah barunya.. sekarang di queue gak bisa kelimit karena parentnya kalo dirubah ke yang lain malah jadi statusnya unlimit [alias gak jalan]..

    udah di coba ganti2 parent
    speedy <-- gak jalan queue uploadnya
    public <--- gak jalan kalo proxy ON, kalo proxy mati jalan nih pake paren ini
    global in <--- kok jadi bentrok upload ama download quuenya...

    interface pr
    Flags: D - dynamic, X - disabled, R - running, S - slave
    # NAME
    0 R Public
    1 R Local
    2 X ether3
    3 X ether4
    4 R Proxy
    5 R Speedy
    ================================================== =====

    Update ini manglena


    ip fi ma exp
    # apr/22/2011 16:08:17 by RouterOS 5.1
    # software id = 2PU5-15TQ
    #
    /ip firewall mangle
    add action=mark-packet chain=forward comment="PROXY-HIT-DSCP 12" disabled=no dscp=12 new-packet-mark=proxy-hit \
    passthrough=no
    add action=change-dscp chain=postrouting comment=CRITICAL disabled=no new-dscp=1 protocol=icmp
    add action=change-dscp chain=postrouting disabled=no dst-port=53 new-dscp=1 protocol=udp
    add action=change-dscp chain=postrouting disabled=no dst-port=53 new-dscp=1 protocol=tcp
    add action=mark-connection chain=postrouting disabled=no dscp=1 new-connection-mark=critical_conn passthrough=yes
    add action=mark-packet chain=postrouting connection-mark=critical_conn disabled=no new-packet-mark=critical_pkt \
    passthrough=no
    add action=mark-connection chain=prerouting comment=POINTBLANK disabled=no dst-address-list=game dst-port=\
    39100,39110,39220,39190,49100 new-connection-mark=PB passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting disabled=no dst-address-list=game dst-port=40000-40010 new-connection-mark=\
    PB passthrough=yes protocol=udp
    add action=mark-packet chain=prerouting connection-mark=PB disabled=no new-packet-mark=PB_mark packet-mark=!proxy-hit \
    passthrough=no
    add action=mark-connection chain=prerouting comment="Free Style" disabled=no dst-address-list=game dst-port=\
    10001-10015,40000 new-connection-mark=FS passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting disabled=no dst-address-list=game dst-port=40040-41900,1293,1479 \
    new-connection-mark=FS passthrough=yes protocol=udp
    add action=mark-packet chain=prerouting connection-mark=FS disabled=no new-packet-mark=FS_mark packet-mark=!proxy-hit \
    passthrough=no
    add action=mark-connection chain=prerouting comment=XSHOT disabled=no dst-address-list=game dst-port=7341,7342 \
    new-connection-mark=Xshot passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting disabled=no dst-address-list=game dst-port=7000-8000,20561,30000 \
    new-connection-mark=Xshot passthrough=yes protocol=udp
    add action=mark-packet chain=prerouting connection-mark=Xshot disabled=no new-packet-mark=Xshot_mark packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-connection chain=prerouting comment=CROSSFIRE disabled=no dst-port=1666,10009,13008,16666,28012 \
    new-connection-mark=CF passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting disabled=no dst-port=10009,12020-12080 new-connection-mark=CF passthrough=\
    yes protocol=udp
    add action=mark-connection chain=prerouting disabled=no dst-port=13000-13080 new-connection-mark=CF passthrough=yes \
    protocol=udp
    add action=mark-packet chain=prerouting connection-mark=CF disabled=no new-packet-mark=CF_mark packet-mark=!proxy-hit \
    passthrough=no
    add action=mark-connection chain=prerouting comment=RF-ELVEN disabled=no dst-address-list=game dst-port=27780 \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=AYODANCE disabled=no dst-address-list=game dst-port=18901-18909 \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=IDOLSTREET disabled=no dst-address-list=game dst-port=2001 \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=SEAL-ONLINE disabled=no dst-address-list=game dst-port=1818 \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=ATLANTICA disabled=no dst-address-list=game dst-port=4300 \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=LOST-SAGA connection-mark=all.pre_conn disabled=no dst-address=\
    203.89.146.0/23 dst-port=14009 new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting connection-mark=all.pre_conn disabled=no dst-address=203.89.146.0/23 \
    dst-port=14009-14019 new-connection-mark=game-conn passthrough=yes protocol=udp
    add action=mark-connection chain=prerouting comment=MONSTER-G-FB content=s.cdn.gaiaonline.com disabled=no \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=NINJASAGA-FB content=cdn.static.ninjasaga.com disabled=no \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=MILLIONAIRECITY-FB content=assets.millionairecity.com disabled=no \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=CITYVILLE-FB content=assets.cityville.zynga.com disabled=no \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=FB content=static.ak.connect.facebook.com disabled=no \
    new-connection-mark=FB passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting content=static.ak.facebook.com disabled=no new-connection-mark=FB \
    passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting content=static.ak.fbcdn.net disabled=no new-connection-mark=FB passthrough=\
    yes protocol=tcp
    add action=mark-connection chain=prerouting content=creative.ak.fbcdn.net disabled=no new-connection-mark=FB \
    passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting content=b.static.ak.fbcdn.net disabled=no new-connection-mark=FB \
    passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting content=f.facemoods.com disabled=no new-connection-mark=FB passthrough=yes \
    protocol=tcp
    add action=mark-connection chain=prerouting content=apps.facebook.com disabled=no new-connection-mark=FB passthrough=yes \
    protocol=tcp
    add action=mark-connection chain=prerouting content=pixel.facebook.com disabled=no new-connection-mark=FB passthrough=\
    yes protocol=tcp
    add action=mark-connection chain=prerouting comment=POKER connection-mark=all.pre_conn disabled=no dst-port=9339,843 \
    new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=ATLANTICA connection-mark=all.pre_conn disabled=no dst-address=\
    203.89.147.0/24 dst-port=4300 new-connection-mark=game-conn passthrough=yes protocol=tcp
    add action=mark-connection chain=prerouting comment=STREAMING disabled=yes layer7-protocol=Streaming \
    new-connection-mark=streaming passthrough=yes
    add action=mark-packet chain=prerouting connection-mark=streaming disabled=yes new-packet-mark=streaming packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-connection chain=prerouting comment=YM disabled=no dst-port=5050 new-connection-mark=YM passthrough=yes \
    protocol=tcp
    add action=mark-packet chain=prerouting connection-mark=YM disabled=no new-packet-mark=YM_pkt passthrough=no
    add action=mark-connection chain=prerouting comment=SERVER-IIX-CONN disabled=no new-connection-mark=server-IIX-conn \
    passthrough=yes src-address=192.168.3.1 src-address-list=ProxyNET
    add action=mark-connection chain=prerouting comment=CLIENT-IIX-CONN disabled=no new-connection-mark=ME-IIX-conn \
    passthrough=yes src-address=192.168.3.2 src-address-list=!ProxyNET
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=amar-IIX-conn passthrough=yes src-address=\
    192.168.3.3
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=joen-IIX-conn passthrough=yes src-address=\
    192.168.3.4
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=tsalist-IIX-conn passthrough=yes \
    src-address=192.168.3.5
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=nana-IIX-conn passthrough=yes src-address=\
    192.168.3.6
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=Android_IIX passthrough=yes src-address=\
    192.168.3.9
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=billing-IIX-conn passthrough=yes \
    src-address=192.168.3.10
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc01-IIX-conn passthrough=yes src-address=\
    192.168.3.11
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc02-IIX-conn passthrough=yes src-address=\
    192.168.3.12
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc03-IIX-conn passthrough=yes src-address=\
    192.168.3.13
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc04-IIX-conn passthrough=yes src-address=\
    192.168.3.14
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc05-IIX-conn passthrough=yes src-address=\
    192.168.3.15
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc06-IIX-conn passthrough=yes src-address=\
    192.168.3.16
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc07-IIX-conn passthrough=yes src-address=\
    192.168.3.17
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc08-IIX-conn passthrough=yes src-address=\
    192.168.3.18
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc09-IIX-conn passthrough=yes src-address=\
    192.168.3.19
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=pc10-IIX-conn passthrough=yes src-address=\
    192.168.3.20
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=Drop-IIX-conn passthrough=yes \
    src-address-list=drop
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=WIFI_RUMAH_IIX passthrough=yes src-address=\
    192.168.3.29
    add action=mark-connection chain=prerouting disabled=no new-connection-mark=WIFI-ATAS_IIX passthrough=yes src-address=\
    192.168.3.30
    add action=mark-packet chain=prerouting comment=ALL-GAME-PACKET connection-mark=game-conn disabled=no new-packet-mark=\
    game packet-mark=!proxy-hit passthrough=no
    add action=mark-packet chain=prerouting comment=FB-PACKET connection-mark=FB disabled=no new-packet-mark=FB_mark \
    packet-mark=!proxy-hit passthrough=no
    add action=mark-packet chain=prerouting comment=STREAMING-PACKET connection-mark=streaming disabled=no new-packet-mark=\
    streaming packet-mark=!proxy-hit passthrough=no
    add action=mark-packet chain=prerouting comment=SERVER-IIX-PACKET connection-mark=server-IIX-conn disabled=no \
    new-packet-mark=server-IIX packet-mark=!proxy-hit passthrough=no
    add action=mark-packet chain=prerouting comment=CLIENT-IIX-PACKET connection-mark=joe2108-IIX-conn disabled=no \
    new-packet-mark=joe2108-IIX packet-mark=!proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=amar-IIX-conn disabled=no new-packet-mark=amar-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=joen-IIX-conn disabled=no new-packet-mark=joen-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=tsalist-IIX-conn disabled=no new-packet-mark=tsalist-IIX \
    packet-mark=!proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=nana-IIX-conn disabled=no new-packet-mark=nana-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=billing-IIX-conn disabled=no new-packet-mark=billing-IIX \
    packet-mark=!proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=Wifi-IIX-conn disabled=no new-packet-mark=Wifi-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=AP-IIX-conn disabled=no new-packet-mark=AP-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc01-IIX-conn disabled=no new-packet-mark=pc01-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc02-IIX-conn disabled=no new-packet-mark=pc02-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc03-IIX-conn disabled=no new-packet-mark=pc03-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc04-IIX-conn disabled=no new-packet-mark=pc04-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc05-IIX-conn disabled=no new-packet-mark=pc05-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc06-IIX-conn disabled=no new-packet-mark=pc06-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc07-IIX-conn disabled=no new-packet-mark=pc07-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc08-IIX-conn disabled=no new-packet-mark=pc08-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc09-IIX-conn disabled=no new-packet-mark=pc09-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=pc10-IIX-conn disabled=no new-packet-mark=pc10-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=Drop-IIX-conn disabled=no new-packet-mark=Drop-IIX packet-mark=\
    !proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=WIFI_RUMAH_IIX disabled=no new-packet-mark=Wifi_rumah-IIX \
    packet-mark=!proxy-hit passthrough=no
    add action=mark-packet chain=prerouting connection-mark=WIFI-ATAS_IIX disabled=no new-packet-mark=Wifi_atas-IIX \
    packet-mark=!proxy-hit passthrough=no
    add action=mark-packet chain=prerouting comment=android connection-mark=Android_IIX disabled=no new-packet-mark=\
    ANDROID-IIX packet-mark=!proxy-hit passthrough=no
    Last edited by tutorial; 22-04-2011 at 21:27.

  2. #2
    Status
    Offline
    uburcumi's Avatar
    :: Gw Banget Cing ::
    Join Date
    Jun 2009
    Location
    www.mikrotikservice.net
    Posts
    2,281
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    2 (100%)
    coba parent nya=global out

  3. #3
    Status
    Offline
    tutorial's Avatar
    Newbie
    Join Date
    Sep 2010
    Posts
    50
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by uburcumi Click here to enlarge
    coba parent nya=global out
    barusan di cobain masih tetep sama..

    Maksimal ratenya 8mb.. trus loadnya 100% Click here to enlarge

    Click here to enlarge

  4. #4
    Status
    Offline
    dingo's Avatar
    Member Super Senior
    Join Date
    Jan 2008
    Location
    Puncak Kesejukan
    Posts
    641
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Dimanglenya coba pake In interface=proxy out interface=Local
    Di que parent global out
    Di firewall ip proxy baik tcp dan udp di accept

    Dicoba.

  5. #5
    Status
    Offline
    uburcumi's Avatar
    :: Gw Banget Cing ::
    Join Date
    Jun 2009
    Location
    www.mikrotikservice.net
    Posts
    2,281
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    2 (100%)
    Click here to enlarge Originally Posted by tutorial Click here to enlarge
    barusan di cobain masih tetep sama..

    Maksimal ratenya 8mb.. trus loadnya 100% Click here to enlarge

    Click here to enlarge
    pake RB apa gan? di client saya RB750G, pake 4 line spidi @2MB, average trafik 10MB-20MB paling tinggi cpu loadnya 40%.
    apa terlalu banyak mangle tuh Click here to enlarge
    coba di copas dimari mangle nya

    ---------- Post added at 15:02 ---------- Previous post was at 15:01 ----------

    Click here to enlarge Originally Posted by tutorial Click here to enlarge
    barusan di cobain masih tetep sama..

    Maksimal ratenya 8mb.. trus loadnya 100% Click here to enlarge

    Click here to enlarge
    pake RB apa gan? di client saya RB750G, pake 4 line spidi @2MB, average trafik 10MB-20MB paling tinggi cpu loadnya 40%.
    apa terlalu banyak mangle tuh Click here to enlarge
    coba di copas dimari mangle nya

  6. #6
    Status
    Offline
    tutorial's Avatar
    Newbie
    Join Date
    Sep 2010
    Posts
    50
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by dingo Click here to enlarge
    Dimanglenya coba pake In interface=proxy out interface=Local
    Di que parent global out
    Di firewall ip proxy baik tcp dan udp di accept

    Dicoba.
    DICOBA DULU nuhun.. Click here to enlarge ternyata masih sama....

    Click here to enlarge Originally Posted by uburcumi Click here to enlarge
    pake RB apa gan? di client saya RB750G, pake 4 line spidi @2MB, average trafik 10MB-20MB paling tinggi cpu loadnya 40%.
    apa terlalu banyak mangle tuh Click here to enlarge
    coba di copas dimari mangle nya

    ---------- Post added at 15:02 ---------- Previous post was at 15:01 ----------


    pake RB apa gan? di client saya RB750G, pake 4 line spidi @2MB, average trafik 10MB-20MB paling tinggi cpu loadnya 40%.
    apa terlalu banyak mangle tuh Click here to enlarge
    coba di copas dimari mangle nya
    RB750 kan.... adeknya.... kekna kebanyakan juga manglenya mau di sederhanakan dulu dah.

    udah di bikin singset lagi juga tetp


    beuh ampe 4 line gitu ngeri. daerah jabar kang pake spidi..? Click here to enlarge
    Last edited by tutorial; 22-04-2011 at 17:10.

  7. #7
    Status
    Offline
    whiely's Avatar
    Member Senior
    Join Date
    Jun 2010
    Location
    :unidentified:
    Posts
    423
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Lightbulb

    kalo kayak gini gan...

    Code:
    /ip firewall mangle
    add action=mark-packet chain=postrouting comment="proxy.hit" disabled=no dscp=12 new-packet-mark=proxy-hit passthrough=no
    Code:
    /que type
    add kind=sfq name=proxy sfq-allot=1514 sfq-perturb=5
    Code:
    /que tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0  max-limit=80M name="*Proxy.Hit" packet-mark=proxy-hit parent=global-out  priority=1 queue=proxy
    Click here to enlargeClick here to enlarge

  8. #8
    Status
    Offline
    tutorial's Avatar
    Newbie
    Join Date
    Sep 2010
    Posts
    50
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by whiely Click here to enlarge
    kalo kayak gini gan...

    Code:
    /ip firewall mangle
    add action=mark-packet chain=postrouting comment="proxy.hit" disabled=no dscp=12 new-packet-mark=proxy-hit passthrough=no
    Code:
    /que type
    add kind=sfq name=proxy sfq-allot=1514 sfq-perturb=5
    Code:
    /que tree
    add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0  max-limit=80M name="*Proxy.Hit" packet-mark=proxy-hit parent=global-out  priority=1 queue=proxy
    Click here to enlargeClick here to enlarge
    masih sama gan Click here to enlarge

    diliatin skrincrotnya

    Click here to enlarge

  9. #9
    Status
    Offline
    whiely's Avatar
    Member Senior
    Join Date
    Jun 2010
    Location
    :unidentified:
    Posts
    423
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Lightbulb

    coba rule d firewall filter d disable dulu.. kale aja ada rule yang makan resource gede d RB... trus d mangle jg coba biarkan hanya rule proxy hit saja... layer-7 jg disable dulu...

    tlg jg copas di sini bagian
    Code:
    /interface ethernet exp
    sapa tau ethernet proxy nya gak 10/100.. mungkin ye...

    ouw iyah, menurut saya ada yg aneh dgn mangle yg juragan buat, seperti
    Code:
    add action=mark-packet chain=prerouting connection-mark=PB disabled=no new-packet-mark=PB_mark packet-mark=!proxy-hit \
    passthrough=no
    sebenarnya tanpa di deklarasikan !proxy-hit pada mark packet, hit proxy harusnya gak terproses lagi.... karena rule hit nya dah juragan taruh paling atas dengan passthrough=no

    kl bisa jg semua rule yg pake packet-mark=!proxy-hit dibuat tanpa packet-mark dulu...

    CMIIW Click here to enlarge
    Last edited by whiely; 22-04-2011 at 19:53.

  10. #10
    Status
    Offline
    tutorial's Avatar
    Newbie
    Join Date
    Sep 2010
    Posts
    50
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by whiely Click here to enlarge
    coba rule d firewall filter d disable dulu.. kale aja ada rule yang makan resource gede d RB... trus d mangle jg coba biarkan hanya rule proxy hit saja... layer-7 jg disable dulu...

    tlg jg copas di sini bagian
    Code:
    /interface ethernet exp
    sapa tau ethernet proxy nya gak 10/100.. mungkin ye...
    CMIIW Click here to enlarge
    /interface ethernet
    set 0 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1526 mac-address=00:0C:42:5A:72:8A mtu=1500 \
    name=Public speed=100Mbps
    set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=no full-duplex=yes l2mtu=1524 mac-address=\
    00:0C:42:5A:72:8B master-port=none mtu=1500 name=Local speed=100Mbps
    set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=yes full-duplex=yes l2mtu=1524 \
    mac-address=00:0C:42:5A:72:8C master-port=none mtu=1500 name=ether3 speed=100Mbps
    set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=yes full-duplex=yes l2mtu=1524 \
    mac-address=00:0C:42:5A:72:8D master-port=none mtu=1500 name=ether4 speed=100Mbps
    set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=no full-duplex=yes l2mtu=1524 mac-address=\
    00:0C:42:5A:72:8E master-port=none mtu=1500 name=Proxy speed=100Mbps

  11. #11
    Status
    Offline
    whiely's Avatar
    Member Senior
    Join Date
    Jun 2010
    Location
    :unidentified:
    Posts
    423
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Lightbulb

    Click here to enlarge Originally Posted by tutorial Click here to enlarge
    /interface ethernet
    set 0 arp=enabled auto-negotiation=yes disabled=no full-duplex=yes l2mtu=1526 mac-address=00:0C:42:5A:72:8A mtu=1500 \
    name=Public speed=100Mbps
    set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=no full-duplex=yes l2mtu=1524 mac-address=\
    00:0C:42:5A:72:8B master-port=none mtu=1500 name=Local speed=100Mbps
    set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=yes full-duplex=yes l2mtu=1524 \
    mac-address=00:0C:42:5A:72:8C master-port=none mtu=1500 name=ether3 speed=100Mbps
    set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=yes full-duplex=yes l2mtu=1524 \
    mac-address=00:0C:42:5A:72:8D master-port=none mtu=1500 name=ether4 speed=100Mbps
    set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited disabled=no full-duplex=yes l2mtu=1524 mac-address=\
    00:0C:42:5A:72:8E master-port=none mtu=1500 name=Proxy speed=100Mbps

    update d atas gan..

  12. #12
    Status
    Offline
    boga's Avatar
    Baru Gabung
    Join Date
    Feb 2010
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    udah pernah dicoba reboot dl gk om stlhnya di utak atik ..

  13. #13
    Status
    Offline
    tutorial's Avatar
    Newbie
    Join Date
    Sep 2010
    Posts
    50
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by whiely Click here to enlarge
    update d atas gan..
    sudah solve nih keknya tapi ada masalah baru... pada UPLOAD parent

    ini penyebab HIT proxy jadi lambat dan CPU load 100%

    Click here to enlarge

    masalah barunya.. sekarang di queue gak bisa kelimit karena parentnya kalo dirubah ke yang lain malah jadi statusnya unlimit [alias gak jalan]..

    udah di coba ganti2 parent
    speedy <-- gak jalan queue uploadnya
    public <--- gak jalan kalo proxy ON, kalo proxy mati jalan nih pake paren ini
    global in <--- kok jadi bentrok upload ama download quuenya...

    interface pr
    Flags: D - dynamic, X - disabled, R - running, S - slave
    # NAME
    0 R Public
    1 R Local
    2 X ether3
    3 X ether4
    4 R Proxy
    5 R Speedy
    hhmmmm Click here to enlarge

    adakah mangle yang harus di tambahkan lagi biar UPLOAD parent berfungsi.... [keknya parent speedy harusnya jalan tapi kok gak ya?]

    terima kasih bantuannya semua.. tapi blum selesai nih masalh Click here to enlarge
    Last edited by tutorial; 22-04-2011 at 21:29.

  14. #14
    Status
    Offline
    whiely's Avatar
    Member Senior
    Join Date
    Jun 2010
    Location
    :unidentified:
    Posts
    423
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Lightbulb

    untuk download pake parent interface lokal / global out jika memiliki lebih dari 1 interface lokal
    untuk upload pake parent global-in aja

    ingat, penggunaan que tree dan HTB bergantung pada mangle yang d buat... untuk mangle, upload gunakan chain=prerouting dgn src-address=ip-lokal , utk download bisa gunakan chain=forward/postrouting dgn dst-address=ip-lokal....

    lebih lengkap ada d bagian QOS dan TRAFFIC SHAPING...



    cmiiw... Click here to enlarge


    budayakan klik thanks jika merasa terbantu Click here to enlarge

  15. The Following User Says Thank You to whiely For This Useful Post:


  16. #15
    Status
    Offline
    tutorial's Avatar
    Newbie
    Join Date
    Sep 2010
    Posts
    50
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by whiely Click here to enlarge
    update d atas gan..
    Click here to enlarge Originally Posted by whiely Click here to enlarge
    untuk download pake parent interface lokal / global out jika memiliki lebih dari 1 interface lokal
    untuk upload pake parent global-in aja

    ingat, penggunaan que tree dan HTB bergantung pada mangle yang d buat... untuk mangle, upload gunakan chain=prerouting dgn src-address=ip-lokal , utk download bisa gunakan chain=forward/postrouting dgn dst-address=ip-lokal....

    lebih lengkap ada d bagian QOS dan TRAFFIC SHAPING...



    cmiiw... Click here to enlarge


    budayakan klik thanks jika merasa terbantu Click here to enlarge
    kelupaan klik thank's saking semangatnya pecahin kasus ini Click here to enlarge

    by the way biji mane nih gan kalo pake global in jadi bentrok ya upload ama doenload..


    Parent download udah pake Local
    Parent upload kalo pake global in kok jadi bentrok ya ama download Click here to enlarge

 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. ASK cara bikin proxy luar
    By lonthong2002 in forum Beginner Basics
    Replies: 15
    Last Post: 06-08-2011, 17:48
  2. (ask) Bikin Proxy pada koneksi Fastnet a.k.a First media
    By cloaking in forum Beginner Basics
    Replies: 13
    Last Post: 07-04-2008, 12:39

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •