Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 7 of 7

Thread: LB+Vlan+dhcp

  1. #1
    Status
    Offline
    flamedemon's Avatar
    Baru Gabung
    Join Date
    Mar 2008
    Posts
    19
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    LB+Vlan+dhcp

    Permisi para sesepuh, newbie mau tanya2 lg
    Kali ini saya punya kasus utk buat vlan + dhcp di mikrotik
    Jadi dhcp yg harusnya ke vlan3-spi (192.168.3.0/28) bisa terpakai di vlan lain
     

    Click here to enlarge


    Seharusnya vlan3-spi itu baru terhubung utk 1 user, tapi disitu ip vlan3-spi sudah digunakan oleh user lain yg harusnya berada di vlan lain.
    Gimana caranya biar dhcpnya gak pindah vlan, jadi dhcp vlan3-spi khusus utk vlan3-spi aja. ga bisa utk vlan lain.

    Utk switch manageable saya pake RB260gs

     
    Click here to enlarge


    Berikut konfigurasinya

     
    Click here to enlarge

     
    Click here to enlarge

     

    Flags: X - disabled, I - invalid, D - dynamic
    0 X ;;; FORCE DNS
    chain=dstnat action=dst-nat to-addresses=208.67.222.222 to-ports=53
    protocol=tcp dst-port=53

    1 X chain=dstnat action=dst-nat to-addresses=208.67.222.222 to-ports=53
    protocol=udp dst-port=53

    2 X ;;; -----LOAD BALANCING NAT----
    chain=srcnat action=masquerade out-interface=PPPoE Speedy1

    3 chain=srcnat action=masquerade out-interface=PPPoE Speedy2

    4 chain=srcnat action=masquerade out-interface=PPPoE Speedy3

    5 I chain=srcnat action=masquerade out-interface=PPPoE Speedy4

    6 X ;;; -----PROXY------
    chain=srcnat action=masquerade out-interface=eth6-PROXY

    7 X ;;; ----PROXY-----
    chain=dstnat action=dst-nat to-addresses=192.168.100.2 to-ports=3128
    protocol=tcp dst-address=192.168.100.2 in-interface=v70-pengadaan
    dst-port=80,8080,3128

     

    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; -----DOWNLOAD-----
    chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=eth5-LAN connection-limit=2,32

    1 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v02-sekper connection-limit=2,32

    2 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v03-spi connection-limit=2,32

    3 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v10-tanaman connection-limit=2,32

    4 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v20-teknik connection-limit=2,32

    5 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v30-keuangan connection-limit=2,32

    6 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v40-akuntansi connection-limit=2,32

    7 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v50-sdm connection-limit=2,32

    8 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v60-umum connection-limit=2,32

    9 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v70-pengadaan connection-limit=2,32

    10 chain=forward action=add-dst-to-address-list protocol=tcp
    address-list=download address-list-timeout=5s layer7-protocol=extension
    in-interface=v80-pemasaran connection-limit=2,32

    11 chain=input action=accept protocol=tcp dst-port=8291

    12 chain=forward action=drop connection-state=invalid

    13 chain=virus action=drop protocol=tcp dst-port=135-139

    14 chain=virus action=drop protocol=tcp dst-port=1433-1434

    15 chain=virus action=drop protocol=tcp dst-port=445

    16 chain=virus action=drop protocol=udp dst-port=445

    17 chain=virus action=drop protocol=tcp dst-port=593

    18 chain=virus action=drop protocol=tcp dst-port=1024-1030

    19 chain=virus action=drop protocol=tcp dst-port=1080

    20 chain=virus action=drop protocol=tcp dst-port=1214

    21 chain=virus action=drop protocol=tcp dst-port=1363

    22 chain=virus action=drop protocol=tcp dst-port=1364

    23 chain=virus action=drop protocol=tcp dst-port=1368

    24 chain=virus action=drop protocol=tcp dst-port=1373

    25 chain=virus action=drop protocol=tcp dst-port=1377

    26 chain=virus action=drop protocol=tcp dst-port=2745

    27 chain=virus action=drop protocol=tcp dst-port=2283

    52 chain=input action=accept protocol=tcp dst-port=1723

    53 chain=input action=accept protocol=tcp dst-port=23

    54 chain=input action=accept protocol=tcp dst-port=80

    55 chain=input action=accept protocol=tcp dst-port=1723

    56 chain=input action=add-src-to-address-list protocol=tcp address-list=DDOS
    address-list-timeout=15s dst-port=1337

    57 chain=input action=add-src-to-address-list protocol=tcp
    src-address-list=knock address-list=DDOS address-list-timeout=15m
    dst-port=7331

    58 ;;; Port scanners to list
    chain=input action=add-src-to-address-list protocol=tcp psd=21,3s,3,1
    address-list=port scanners address-list-timeout=2w

    59 ;;; SYN/FIN scan
    chain=input action=add-src-to-address-list tcp-flags=fin,syn
    protocol=tcp address-list=port scanners address-list-timeout=2w

    60 ;;; SYN/RST scan
    chain=input action=add-src-to-address-list tcp-flags=syn,rst
    protocol=tcp address-list=port scanners address-list-timeout=2w

    61 ;;; FIN/PSH/URG scan
    chain=input action=add-src-to-address-list
    tcp-flags=fin,psh,urg,!syn,!rst,!ack protocol=tcp
    address-list=port scanners address-list-timeout=2w

    62 ;;; ALL/ALL scan
    chain=input action=add-src-to-address-list
    tcp-flags=fin,syn,rst,psh,ack,urg protocol=tcp
    address-list=port scanners address-list-timeout=2w

    63 ;;; NMAP NULL scan
    chain=input action=add-src-to-address-list
    tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg protocol=tcp
    address-list=port scanners address-list-timeout=2w

    64 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=61.213.183.1-61.213.183.254 dst-port=0-65535

    65 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=67.195.134.1-67.195.134.254 dst-port=0-65535

    66 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=68.142.233.1-68.142.233.254 dst-port=0-65535

    67 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=68.180.217.1-68.180.217.254 dst-port=0-65535

    68 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=203.84.204.1-203.84.204.254 dst-port=0-65535

    69 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=69.63.176.1-69.63.176.254 dst-port=0-65535

    70 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=69.63.181.1-69.63.181.254 dst-port=0-65535

    71 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=63.245.209.1-63.245.209.254 dst-port=0-65535

    72 ;;; ANTI NETCUT
    chain=input action=accept protocol=tcp
    src-address=63.245.213.1-63.245.213.254 dst-port=0-65535

     

    Flags: X - disabled, I - invalid, D - dynamic
    0 X ;;; proxy-hit
    chain=prerouting action=mark-packet new-packet-mark=proxy-hit
    passthrough=yes dscp=12

    1 ;;; -----MARK DOWNLOAD PACKET------
    chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=eth5-LAN

    2 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v02-sekper

    3 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v03-spi

    4 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v10-tanaman

    5 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v20-teknik

    6 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v30-keuangan

    7 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v40-akuntansi

    8 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v50-sdm

    9 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v60-umum

    10 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v70-pengadaan

    11 chain=forward action=mark-packet new-packet-mark=dl-pkt passthrough=no
    protocol=tcp src-address-list=download out-interface=v80-pemasaran

    12 ;;; -----MARK DNS---------------
    chain=prerouting action=mark-connection new-connection-mark=dns-conn
    passthrough=yes protocol=tcp dst-port=53

    13 chain=prerouting action=mark-connection new-connection-mark=dns-conn
    passthrough=yes protocol=udp dst-port=53

    14 chain=prerouting action=mark-packet new-packet-mark=dns-pkt passthrough=n>
    connection-mark=dns-conn

    15 ;;; -----MARK ICMP---------------
    chain=prerouting action=mark-connection new-connection-mark=icmp-conn
    passthrough=yes protocol=icmp

    16 chain=forward action=mark-packet new-packet-mark=icmp-pkt passthrough=no
    connection-mark=icmp-conn

    17 X ;;; -----MARK NEW CONNECTION--------
    chain=input action=mark-connection new-connection-mark=conn1
    passthrough=yes connection-state=new in-interface=PPPoE Speedy1

    18 chain=input action=mark-connection new-connection-mark=conn2
    passthrough=yes connection-state=new in-interface=PPPoE Speedy2

    19 chain=input action=mark-connection new-connection-mark=conn3
    passthrough=yes connection-state=new in-interface=PPPoE Speedy3

    20 I chain=input action=mark-connection new-connection-mark=conn4
    passthrough=yes connection-state=new in-interface=PPPoE Speedy4

    21 X ;;; proxy
    chain=prerouting action=mark-connection new-connection-mark=http_conn2
    passthrough=yes protocol=tcp dst-address-type=!local
    in-interface=eth6-PROXY dst-port=80
    per-connection-classifier=both-addresses-and-ports:3/0

    22 X chain=prerouting action=mark-connection new-connection-mark=http_conn3
    passthrough=yes protocol=tcp dst-address-type=!local
    in-interface=eth6-PROXY dst-port=80
    per-connection-classifier=both-addresses-and-ports:3/1

    23 X chain=prerouting action=mark-connection new-connection-mark=http_conn4
    passthrough=yes protocol=tcp dst-address-type=!local
    in-interface=eth6-PROXY dst-port=80
    per-connection-classifier=both-addresses-and-ports:3/2

    24 X ;;;--------PCC LOAD BALANCING------
    chain=prerouting action=mark-connection new-connection-mark=conn1
    passthrough=yes dst-address-type=!local in-interface=eth5-LAN
    per-connection-classifier=both-addresses-and-ports:4/0

    25 chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=eth5-LAN
    per-connection-classifier=both-addresses-and-ports:3/0

    26 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=eth5-LAN
    per-connection-classifier=both-addresses-and-ports:3/1

    27 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=eth5-LAN
    per-connection-classifier=both-addresses-and-ports:3/2

    28 X chain=prerouting action=mark-routing new-routing-mark=route1
    passthrough=yes in-interface=eth5-LAN connection-mark=conn1

    29 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=eth5-LAN connection-mark=conn2

    30 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=eth5-LAN connection-mark=conn3

    31 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=eth5-LAN connection-mark=conn4

    32 ;;; ---------VLAN SEKPER------------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=v02-sekper
    per-connection-classifier=both-addresses-and-ports:3/0

    33 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=v02-sekper
    per-connection-classifier=both-addresses-and-ports:3/1

    34 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=v02-sekper
    per-connection-classifier=both-addresses-and-ports:3/2

    35 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v02-sekper connection-mark=conn2

    36 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v02-sekper connection-mark=conn3

    37 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v02-sekper connection-mark=conn4

    38 ;;; --------VLAN SPI----------------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=v03-spi
    per-connection-classifier=both-addresses-and-ports:3/0

    39 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=v03-spi
    per-connection-classifier=both-addresses-and-ports:3/1

    40 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=v03-spi
    per-connection-classifier=both-addresses-and-ports:3/2

    41 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v03-spi connection-mark=conn2

    42 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v03-spi connection-mark=conn3

    43 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v03-spi connection-mark=conn4

    44 ;;; ------VLAN TANAMAN------------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=v10-tanaman
    per-connection-classifier=both-addresses-and-ports:3/0

    45 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=v10-tanaman
    per-connection-classifier=both-addresses-and-ports:3/1

    46 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=v10-tanaman
    per-connection-classifier=both-addresses-and-ports:3/2

    47 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v10-tanaman connection-mark=conn2

    48 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v10-tanaman connection-mark=conn3

    49 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v10-tanaman connection-mark=conn4

    50 ;;; -------VLAN TEKNIK-------------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=v20-teknik
    per-connection-classifier=both-addresses-and-ports:3/0

    51 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=v20-teknik
    per-connection-classifier=both-addresses-and-ports:3/1

    52 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=v20-teknik
    per-connection-classifier=both-addresses-and-ports:3/2

    53 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v20-teknik connection-mark=conn2

    54 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v20-teknik connection-mark=conn3

    55 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v20-teknik connection-mark=conn4

    56 ;;; ------VLAN KEUANGAN-----------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=v30-keuangan
    per-connection-classifier=both-addresses-and-ports:3/0

    57 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=v30-keuangan
    per-connection-classifier=both-addresses-and-ports:3/1

    58 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=v30-keuangan
    per-connection-classifier=both-addresses-and-ports:3/2

    59 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v30-keuangan connection-mark=conn2

    60 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v30-keuangan connection-mark=conn4

    61 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v30-keuangan connection-mark=conn3

    62 ;;; ------VLAN AKUNTANSI----------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=v40-akuntansi
    per-connection-classifier=both-addresses-and-ports:3/0

    63 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=v40-akuntansi
    per-connection-classifier=both-addresses-and-ports:3/1

    64 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=v40-akuntansi
    per-connection-classifier=both-addresses-and-ports:3/2

    65 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v40-akuntansi connection-mark=conn2

    66 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v40-akuntansi connection-mark=conn3

    67 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v40-akuntansi connection-mark=conn4

    68 ;;; ------VLAN SDM----------------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=v50-sdm
    per-connection-classifier=both-addresses-and-ports:3/0

    69 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=v50-sdm
    per-connection-classifier=both-addresses-and-ports:3/1

    70 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=v50-sdm
    per-connection-classifier=both-addresses-and-ports:3/2

    71 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v50-sdm connection-mark=conn2

    72 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v50-sdm connection-mark=conn3

    73 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v50-sdm connection-mark=conn4

    74 ;;; --------VLAN UMUM---------------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=v60-umum
    per-connection-classifier=both-addresses-and-ports:3/0

    75 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=v60-umum
    per-connection-classifier=both-addresses-and-ports:3/1

    76 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=v60-umum
    per-connection-classifier=both-addresses-and-ports:3/2

    77 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v60-umum connection-mark=conn2

    78 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v60-umum connection-mark=conn3

    79 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v60-umum connection-mark=conn4

    80 ;;; -------VLAN PENGADAAN----------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes connection-state=established dst-address-type=!local
    in-interface=v70-pengadaan
    per-connection-classifier=both-addresses-and-ports:3/0

    81 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes connection-state=established dst-address-type=!local
    in-interface=v70-pengadaan
    per-connection-classifier=both-addresses-and-ports:3/1

    82 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes connection-state=established dst-address-type=!local
    in-interface=v70-pengadaan
    per-connection-classifier=both-addresses-and-ports:3/2

    83 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v70-pengadaan connection-mark=conn2

    84 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v70-pengadaan connection-mark=conn3

    85 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v70-pengadaan connection-mark=conn4

    86 ;;; ------VLAN PEMASARAN----------
    chain=prerouting action=mark-connection new-connection-mark=conn2
    passthrough=yes dst-address-type=!local in-interface=v80-pemasaran
    per-connection-classifier=both-addresses-and-ports:3/0

    87 chain=prerouting action=mark-connection new-connection-mark=conn3
    passthrough=yes dst-address-type=!local in-interface=v80-pemasaran
    per-connection-classifier=both-addresses-and-ports:3/1

    88 chain=prerouting action=mark-connection new-connection-mark=conn4
    passthrough=yes dst-address-type=!local in-interface=v80-pemasaran
    per-connection-classifier=both-addresses-and-ports:3/2

    89 chain=prerouting action=mark-routing new-routing-mark=route2
    passthrough=yes in-interface=v80-pemasaran connection-mark=conn2

    90 chain=prerouting action=mark-routing new-routing-mark=route3
    passthrough=yes in-interface=v80-pemasaran connection-mark=conn3

    91 chain=prerouting action=mark-routing new-routing-mark=route4
    passthrough=yes in-interface=v80-pemasaran connection-mark=conn4

    92 X ;;; -----PCC MARK ROUTING----------
    chain=output action=mark-routing new-routing-mark=route1 passthrough=no
    connection-mark=conn1

    93 X chain=output action=mark-routing new-routing-mark=route2 passthrough=no
    connection-mark=conn2

    94 X chain=output action=mark-routing new-routing-mark=route3 passthrough=no
    connection-mark=conn3

    95 X chain=output action=mark-routing new-routing-mark=route4 passthrough=no
    connection-mark=conn4

     

    Click here to enlarge

     

    Click here to enlarge

     

    Flags: X - disabled, A - active, D - dynamic,
    C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
    B - blackhole, U - unreachable, P - prohibit
    # DST-ADDRESS PREF-SRC GATEWAY DISTANCE
    0 X S ;;; -----ROUTE PCC LOAD BALANCING-----------------------------------...
    0.0.0.0/0 PPPoE Speedy1 1
    1 A S 0.0.0.0/0 PPPoE Speedy2 1
    2 A S 0.0.0.0/0 PPPoE Speedy3 1
    3 S 0.0.0.0/0 PPPoE Speedy4 1
    4 A S 0.0.0.0/0 PPPoE Speedy3 1
    5 S 0.0.0.0/0 PPPoE Speedy2 1
    6 S 0.0.0.0/0 PPPoE Speedy4 1
    7 S 0.0.0.0/0 eth6-PROXY 1
    8 DS 0.0.0.0/0 -------------- 1
    9 DS 0.0.0.0/0 ------------- 1
    10 S 0.0.0.0/0 PPPoE Speedy2 2
    11 S 0.0.0.0/0 PPPoE Speedy3 2
    12 S 0.0.0.0/0 PPPoE Speedy4 2
    13 S 0.0.0.0/0 PPPoE Speedy2 3
    14 S 0.0.0.0/0 PPPoE Speedy3 3
    15 S 0.0.0.0/0 PPPoE Speedy4 3
    16 S 0.0.0.0/0 PPPoE Speedy3 4
    17 S 0.0.0.0/0 PPPoE Speedy2 4
    18 S 0.0.0.0/0 PPPoE Speedy4 4
    19 X S 0.0.0.0/0 PPPoE Speedy1 4
    20 X S 0.0.0.0/0 PPPoE Speedy1 3
    21 X S 0.0.0.0/0 PPPoE Speedy1 2
    22 X S 0.0.0.0/0 PPPoE Speedy1 1
    23 ADC 10.15.2.0/24 10.15.2.2 eth2-Speedy2 0
    24 ADC 10.15.3.0/24 10.15.3.2 eth3-Speedy3 0
    25 ADC 10.15.4.0/24 10.15.4.2 eth4-Speedy4 0
    26 ADC ------------- -------------- PPPoE Speedy3 0
    27 ADC ------------- -------------- PPPoE Speedy2 0
    28 ADC 192.168.1.0/24 192.168.1.1 eth5-LAN 0
    29 ADC 192.168.2.0/28 192.168.2.1 v02-sekper 0
    30 ADC 192.168.3.0/28 192.168.3.1 v03-spi 0
    31 ADC 192.168.10.0/27 192.168.10.1 v10-tanaman 0
    32 ADC 192.168.20.0/28 192.168.20.1 v20-teknik 0
    33 ADC 192.168.30.0/28 192.168.30.1 v30-keuangan 0
    34 ADC 192.168.40.0/28 192.168.40.1 v40-akuntansi 0
    35 ADC 192.168.50.0/24 192.168.50.1 v50-sdm 0
    36 ADC 192.168.60.0/28 192.168.60.1 v60-umum 0
    37 ADC 192.168.70.0/28 192.168.70.1 v70-pengadaan 0
    38 ADC 192.168.80.0/28 192.168.80.1 v80-pemasaran 0
    39 ADC 192.168.88.0/29 192.168.88.6 v01-management 0
    40 ADC 192.168.90.0/28 192.168.90.1 v90-renbang 0
    Last edited by flamedemon; 23-08-2013 at 12:26. Reason: upload topologi

  2. #2
    Status
    Offline
    njumh's Avatar
    Newbie
    Join Date
    Jan 2013
    Location
    Bandung
    Posts
    23
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ijin nyimak ni gan sama kaya ane kalo beberapa vlan di satuin di satu interface emang kaya gitu ..Click here to enlarge

    belum tau ane juga bagai mana ngakalinnya ..

    mungkin bawah ane ada yang bisa jelasin Click here to enlarge



    =============khayalan dlam otak=====================
    mungkin salah satu cara yang ada di dalam otak saya

    pasang HDCP nya di setiap switch nya

    butuh switch layer 3

    tapi ga bisa monitoring per user kalo gitu yaa hmmmm

    jadi bingung Click here to enlarge
    Last edited by njumh; 22-08-2013 at 14:51.

  3. #3
    Status
    Online
    pos_ronda's Avatar
    VIP Member
    Join Date
    Aug 2009
    Location
    Sleman, Indonesia
    Posts
    887
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge

    vlan03 nya masih melompong gitu (gak ada packet)

    lagipula 260gs hanya bisa sampai 5vlan dengan asumsi menggunakan port sfp. ini di SS lebih dari 5vlan.
    cek lagi konfigurasi di switch manageable nya.
    Gunakan FreeRadius sebagai pengganti user manager

  4. #4
    Status
    Offline
    flamedemon's Avatar
    Baru Gabung
    Join Date
    Mar 2008
    Posts
    19
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by njumh Click here to enlarge
    ijin nyimak ni gan sama kaya ane kalo beberapa vlan di satuin di satu interface emang kaya gitu ..Click here to enlarge

    belum tau ane juga bagai mana ngakalinnya ..

    mungkin bawah ane ada yang bisa jelasin Click here to enlarge



    =============khayalan dlam otak=====================
    mungkin salah satu cara yang ada di dalam otak saya

    pasang HDCP nya di setiap switch nya

    butuh switch layer 3

    tapi ga bisa monitoring per user kalo gitu yaa hmmmm

    jadi bingung Click here to enlarge
    Moga sama2 bisa dapet pencerahan

    Click here to enlarge Originally Posted by pos_ronda Click here to enlarge
    Click here to enlarge

    vlan03 nya masih melompong gitu (gak ada packet)

    lagipula 260gs hanya bisa sampai 5vlan dengan asumsi menggunakan port sfp. ini di SS lebih dari 5vlan.
    cek lagi konfigurasi di switch manageable nya.
    tks atas responnya.

    sorry topologinya lupa di upload, udah dibenerin di atas, apa topologi kaya gitu salah?

    utk vlan03 gambarnya pas lg ga ada yg make, ini saya upload pas ada yg make
     

    Click here to enlarge

     

    Click here to enlarge

  5. #5
    Status
    Online
    pos_ronda's Avatar
    VIP Member
    Join Date
    Aug 2009
    Location
    Sleman, Indonesia
    Posts
    887
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by flamedemon Click here to enlarge
    Moga sama2 bisa dapet pencerahan



    tks atas responnya.

    sorry topologinya lupa di upload, udah dibenerin di atas, apa topologi kaya gitu salah?

    utk vlan03 gambarnya pas lg ga ada yg make, ini saya upload pas ada yg make
     

    Click here to enlarge

     

    Click here to enlarge
    dengan topologi seperti itu harus nya bisa dilakukan vlan seperti yang dimaksud, pengaturan ada di switch manageable nya.
    Gunakan FreeRadius sebagai pengganti user manager

  6. #6
    Status
    Offline
    flamedemon's Avatar
    Baru Gabung
    Join Date
    Mar 2008
    Posts
    19
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Nah itu dia saya bingung, ini setting vlannya

     

    Click here to enlarge
    Click here to enlarge


     

    Click here to enlarge
    Click here to enlarge


     

    Click here to enlarge
    Click here to enlarge

  7. #7
    Status
    Offline
    flamedemon's Avatar
    Baru Gabung
    Join Date
    Mar 2008
    Posts
    19
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Adakah yang bisa memberi penerangan? Click here to enlarge

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. DHCP Server tidak jalan pada Interface VLAN RB1100
    By A8l3h in forum General Networking
    Replies: 5
    Last Post: 13-03-2014, 10:50
  2. Replies: 1
    Last Post: 05-11-2012, 16:56
  3. HELP ME......Vlan catalyst --- Vlan Mikrotik
    By motokare2006 in forum General Networking
    Replies: 0
    Last Post: 27-09-2010, 18:58
  4. [ask] Dapet IP DHCP tapi gak bisa ping Server DHCP
    By K4pT3N in forum Wireless Networking
    Replies: 6
    Last Post: 16-01-2010, 19:45

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •