Click here to enlargeClick here to enlargeLangsung saja ya, berikut gambaran topologinya :

Click here to enlarge

Kemudian gambaran scriptnya :

Code:
/ip address
add address=1.1.1.10/24 disabled=no interface=1ISP_1 network=1.1.1.1
add address=2.2.2.20/24 disabled=no interface=2ISP_2 network=2.2.2.2
add address=3.3.3.30/24 disabled=no interface=3ISP_3 network=3.3.3.3
add address=172.16.0.1/30 disabled=no interface=4Proxy network=172.16.0.0
add address=192.168.20.254/24 disabled=no interface=5Lan network=192.168.20.0
add address=192.168.21.254/24 disabled=no interface=5Lan network=192.168.21.0
add address=192.168.22.254/24 disabled=no interface=5Lan network=192.168.22.0
Code:
/ip dns static
add address=172.16.0.2 disabled=no name=proxy ttl=1d
Code:
/ip firewall address-list
add address=192.168.22.100 disabled=no list=3ISP_3
add address=192.168.22.100 disabled=yes list=2ISP_2
add address=192.168.22.100 disabled=yes list=1ISP_1
add address=192.168.20.0/24 disabled=no list=warnet
add address=192.168.21.0/24 disabled=no list=warnet
add address=192.168.22.0/24 disabled=no list=warnet
add address=211.200.0.0/16 comment=NProtect disabled=no list=nocache
add address=172.16.0.2 disabled=no list=nocache
add address=202.43.161.112/28 comment=Lyto disabled=no list=nocache
add address=202.93.16.0/20 comment=dcfg.luna.web.id disabled=no list=nocache
add address=192.168.20.0/24 disabled=no list=nocache
add address=192.168.21.0/24 disabled=no list=nocache
add address=192.168.22.0/24 disabled=no list=nocache
add address=172.16.0.2 disabled=no list=proxy
add address=1.1.1.1 disabled=no list=local
add address=2.2.2.2 disabled=no list=local
add address=3.3.3.3 disabled=no list=local
add address=192.168.20.0/24 disabled=no list=local
add address=192.168.21.0/24 disabled=no list=local
add address=192.168.22.0/24 disabled=no list=local
add address=172.16.0.2 disabled=no list=local
add address=172.16.0.2 disabled=no list=bypasswww
add address=1.1.1.1 disabled=no list=bypasswww
add address=2.2.2.2 disabled=no list=bypasswww
add address=3.3.3.3 disabled=no list=bypasswww
add address=192.168.22.100 disabled=yes list=ngetestlb
add address=172.16.0.2 disabled=no list=ngetestlb
Code:
/ip firewall mangle
add action=mark-packet chain=prerouting comment=\
    "MARK PACKET DIRECT to warnetkeproxy-up" disabled=no dst-address-list=\
    proxy dst-port=3128 in-interface=5Lan new-packet-mark=warnetkeproxy-up \
    passthrough=no protocol=tcp
add action=mark-packet chain=prerouting comment="MARK PACKET LOCAL warnet-local-up" \
    disabled=no dst-address-list=local in-interface=5Lan new-packet-mark=\
    warnet-local-up passthrough=no src-address-list=warnet
add action=mark-packet chain=postrouting comment="PROXY CACHE HIT" disabled=\
    no dscp=12 new-packet-mark=HIT passthrough=no
add action=mark-packet chain=prerouting comment="PROXY CACHE HIT" disabled=no \
    dscp=12 new-packet-mark=HIT passthrough=no
add action=mark-packet chain=forward comment=\
    "MARK PACKET warnet-down dari proxy" disabled=no dst-address-list=warnet \
    new-packet-mark=warnet-down-proxy passthrough=no src-address-list=proxy
add action=mark-packet chain=prerouting comment="MARK PACKET warnet-up" \
    disabled=yes in-interface=5Lan new-packet-mark=warnet-download \
    passthrough=yes src-address-list=warnet
add action=mark-packet chain=prerouting comment=\
    "MARK PACKET warnet tcp port 80,3128,8080 REDIRECT to proxy" disabled=yes \
    dst-address-list=proxy dst-port=80,81,8080 in-interface=5Lan \
    new-packet-mark=warnet-up-www-yang-didstnat passthrough=no protocol=tcp \
    src-address-list=warnet
add action=mark-packet chain=prerouting comment="MARK PACKET warnet-down" \
    disabled=yes dst-address-list=warnet in-interface=5Lan new-packet-mark=\
    warnet-down passthrough=yes
add action=mark-routing chain=prerouting comment=\
    "MARK ROUTE PROXY - KOK GAK JALAN" in-interface=4Proxy \
    dst-address-list=!local new-routing-mark=proxy-bypass passthrough=no
add action=mark-routing chain=prerouting comment="MARK ROUTE LB WARNET" \
    disabled=no dst-address-list=!local new-routing-mark=jalur1ISP_1 \
    passthrough=no src-address-list=1ISP_1
add action=mark-routing chain=prerouting disabled=no dst-address-list=!local \
    new-routing-mark=jalur2ISP_2 passthrough=no src-address-list=2ISP_2
add action=mark-routing chain=prerouting disabled=no dst-address-list=!local \
    new-routing-mark=jalur3ISP_3 passthrough=no src-address-list=3ISP_3
Code:
/ip firewall nat
add action=masquerade chain=srcnat disabled=no src-address-list=local
add action=dst-nat chain=dstnat comment="TRANSPARENT PROXY - DSTNAT" \
    disabled=yes dst-address-list=!nocache dst-port=80,81,8080,3128 \
    in-interface=5Lan protocol=tcp src-address=192.168.22.100 to-addresses=\
    172.16.0.2 to-ports=3128
add action=redirect chain=dstnat comment=\
    "TRANSPARENT PROXY - REDIRECT, NGIDUPIN INTERNAL" disabled=yes \
    dst-address-list=!nocache dst-port=80,81,8080 in-interface=5Lan protocol=\
    tcp src-address=192.168.22.100 to-ports=3128
add action=netmap chain=dstnat comment="TRANSPARENT PROXY - NETMAP" disabled=\
    yes dst-address-list=!nocache dst-port=80,81,8080 in-interface=5Lan \
    protocol=tcp src-address=192.168.22.100 to-addresses=172.16.0.2 to-ports=\
    3128
add action=redirect chain=dstnat comment="TRANSPARENT DNS" disabled=no \
    dst-port=53 in-interface=5Lan protocol=tcp to-ports=53
add action=redirect chain=dstnat disabled=no dst-port=53 in-interface=5Lan \
    protocol=udp to-ports=53
add action=redirect chain=dstnat disabled=no dst-port=53 in-interface=4Proxy \
    protocol=tcp to-ports=53
add action=redirect chain=dstnat disabled=no dst-port=53 in-interface=4Proxy \
    protocol=udp to-ports=53
Code:
/ip proxy
set always-from-cache=yes cache-administrator="" cache-hit-dscp=11 \
    cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\
    1000 max-fresh-time=3d max-server-connections=1000 parent-proxy=\
    172.16.0.2 parent-proxy-port=3128 port=3128 serialize-connections=yes \
    src-address=0.0.0.0
Code:
/ip route
add disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=\
    1.1.1.1,2.2.2.2,3.3.3.3 routing-mark=proxy-bypass scope=255 \
    target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.1.1.1 \
    routing-mark=jalur1ISP_1 scope=255 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=2.2.2.2 \
    routing-mark=jalur2ISP_2 scope=255 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=3.3.3.3 \
    routing-mark=jalur3ISP_3 scope=255 target-scope=10
add comment=ISP_1 disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
    1.1.1.1 scope=30 target-scope=10
add comment=ISP_2 disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=\
    2.2.2.2 scope=30 target-scope=10
add comment=ISP_3 disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=\
    3.3.3.3 scope=30 target-scope=10
/ip route rule
add action=lookup disabled=yes src-address=172.16.0.0/30 table=main


Masalahnya:

Ketika proxy server digunakan sebagai sebagai proxy (di dst-nat, atau di setting manual lewat browser), route yang ane COMMENT = MARK ROUTE PROXY - KOK GAK JALAN
itu gak fungsi, gak fungsi di sini maksudnya proxy tsb selalu lari ke default gateway 'Comment ISP_1' yang ane enable, dan juga ketika ane aktifkan konfigurasi di bawah mangle di bawah, namun ketika ping atau coba GET dari proxy, load balance nth ini ada nangkep traffic, saat di torch dari proxy, TIDAK ADA KONEKSI KE LUAR, selain koneksi ke 172.16.0.1 alias ip routernya.

Hal ini mengakibatkan kondisi sbb:
1. Bila dst-nat proxy dan konfigurasi LB untuk proxy diaktifkan, client tidak bisa browsing selain http normal.
2. Bila dst-nat dinon-aktifkan + Proxy dibiarkan ke default gateway, client yang setting proxy via browser bisa browsing dan jaringan normal, tapi beban dari proxy semua ke ISP_1
3. Kalo engga bisa semua, ane terancam frustasi dan mungkin bisa nyebur ke kolam Click here to enlargeClick here to enlarge


Code:
/ip firewall mangle
add action=mark-connection chain=prerouting comment="LB Proxy" \
    dst-address-list=!local new-connection-mark=PROXY-1 nth=3,1 passthrough=\
    yes src-address-list=ngetestlb
add action=mark-routing chain=prerouting connection-mark=PROXY-1\
    new-routing-mark=jalur1ISP_1 passthrough=no
add action=mark-connection chain=prerouting disabled=yes dst-address-list=\
    !local new-connection-mark=PROXY-2 nth=3,2 passthrough=yes \
    src-address-list=ngetestlb
add action=mark-routing chain=prerouting connection-mark=PROXY-2\
    new-routing-mark=jalur2ISP_2 passthrough=no
add action=mark-connection chain=prerouting disabled=yes dst-address-list=\
    !local new-connection-mark=PROXY-3 nth=3,3 passthrough=yes \
    src-address-list=ngetestlb
add action=mark-routing chain=prerouting connection-mark=PROXY-3\
    new-routing-mark=jalur3ISP_3 passthrough=no
Barangkali ada yang ketemu ada kurang dimana yaa..
Sangat berharap dewanya bantu Click here to enlarge