Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 4 of 4
  1. #1
    Status
    Offline
    awarmanf's Avatar
    Member
    Join Date
    Apr 2008
    Posts
    222
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Load balancing dengan proxy eksternal

    Misalkan saya punya 2 koneksi WAN spidi dan isp (perbandingan spidi:isp = 2:1), script di bawah ini untuk load balancing sudah bisa jalan:

    Code:
    / ip firewall mangle 
    add chain=prerouting in-interface=lan connection-state=new nth=2,3,0 \
        action=mark-connection new-connection-mark=speedy-con passthrough=yes \
        comment="MARK CONN SPEEDY" disabled=no 
    add chain=prerouting in-interface=lan connection-mark=speedy-con \
        action=mark-routing new-routing-mark=speedy passthrough=no comment="MARK \
        ROUTING speedy" disabled=no 
    add chain=prerouting in-interface=lan connection-state=new nth=2,3,1 \
        action=mark-connection new-connection-mark=isp-con passthrough=yes \
        comment="MARK CONN isp" disabled=no 
    add chain=prerouting in-interface=lan connection-mark=isp-con \
        action=mark-routing new-routing-mark=isp passthrough=no comment="MARK \
        ROUTING isp" disabled=no 
    add chain=prerouting in-interface=lan connection-state=new nth=2,3,2 \
        action=mark-connection new-connection-mark=speedy-con passthrough=yes \
        comment="MARK CONN SPEEDY" disabled=no 
    add chain=prerouting in-interface=lan connection-mark=speedy-con \
        action=mark-routing new-routing-mark=speedy passthrough=no comment="MARK \
        ROUTING speedy" disabled=no 
    add chain=prerouting connection-mark=speedy-con action=mark-packet \
        new-packet-mark=speedy-packet passthrough=no comment="" disabled=no 
    add chain=prerouting connection-mark=isp-con action=mark-packet \
        new-packet-mark=isp-packet passthrough=no comment="" disabled=no
    Kemudian saya mau pasang proxy eksternal ip 192.168.1.253. Script yg dipasang untuk redirect ke proxy eksternal:
    Code:
    /ip firewall nat
    add chain=dstnat action=dst-nat to-addresses=192.168.1.253 to-ports=3128 in-interface=lan \
        dst-port=80 protocol=tcp src-address-list=clients
    add chain=dstnat action=dst-nat to-addresses=192.168.1.253to-ports=3128 in-interface=lan \
        dst-port=3128 protocol=tcp src-address-list=clients
    add chain=dstnat action=dst-nat to-addresses=192.168.1.253 to-ports=3128 in-interface=lan \
        dst-port=8080 protocol=tcp src-address-list=clients
    List ip clients dituliskan rinci di /ip firewall address-list mulai dari ip 192.168.1.1-25.
    IP mikrotik 192.168.1.254.

    Nah, skr kalau dilihat dr manual mikrotik, tepatnya bagan traffic flow:
    Click here to enlarge
    Rule prerouting mangle akan dieksekusi sebelum dstnat untuk proxy transparent. Jadi agar bisa load balancing dengan proxy eksternal, saya tambahkan 3 rule ini di ip firewall mangle:

    Code:
    / ip firewall mangle 
    add chain=prerouting in-interface=lan protocol=tcp dst-port=80 src-address-list=clients
       action=mark-connection new-connection-mark=http-con passthrough=no \
        comment="MARK CONN http" disabled=no 
    add chain=prerouting in-interface=lan protocol=tcp dst-port=3128 src-address-list=clients
       action=mark-connection new-connection-mark=http-con passthrough=no \
        comment="MARK CONN http" disabled=no 
    add chain=prerouting in-interface=lan protocol=tcp dst-port=8080 src-address-list=clients
       action=mark-connection new-connection-mark=http-con passthrough=no \
        comment="MARK CONN http" disabled=no 
      ## rule2 untuk load balancing
      ...
    Maksud dari rule di atas adalah jika ada trafik dari clients interface lan ke port tcp 80/3128/8080 maka akan ditandai dan diset passthrough=no.

    Saya belum coba karena belum ada barangnya, secara teoritis ini bisa dilakukan ? Bagaimana pendapat RR ?

    TIA

    Arief

  2. #2
    Status
    Offline
    tyang_dusun's Avatar
    Member Super Senior
    Join Date
    Jun 2008
    Location
    Klaten, Jawa Tengah, Indonesia, Indonesia
    Posts
    521
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    dah ad yang pada nyoba lom ni...?

    di tunggu lo....Click here to enlarge

  3. #3
    Status
    Offline
    yogaponsel's Avatar
    Forum Guru
    Join Date
    Oct 2008
    Location
    "BnetAkses"
    Posts
    2,511
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    di coba nggak ya ........ mmm nth .... bagusan mana ama yang PCC ya ..... bookmark dulu deh .... good work pren ..... still loving you ...cool .....

  4. #4
    Status
    Offline
    gelenk108's Avatar
    Baru Gabung
    Join Date
    Nov 2010
    Location
    Medan
    Posts
    7
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    kalo bagus sih sesuai kebutuhan mas ...!!

    saya udah pake NTH 2 tahub gak ada masalah Click here to enlarge

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 19
    Last Post: 02-07-2011, 15:35
  2. Load Balancing dengan 2 jalur LAN
    By inoktav in forum General Networking
    Replies: 6
    Last Post: 11-01-2010, 02:31
  3. problem chat dengan load balancing
    By xatohb in forum Beginner Basics
    Replies: 6
    Last Post: 01-05-2009, 15:19
  4. vpn abacus dengan load balancing ga jalan
    By ketut in forum General Networking
    Replies: 3
    Last Post: 24-02-2009, 06:26
  5. [ASK] Load balancing dengan RB450 + squid box
    By ariwea in forum General Networking
    Replies: 47
    Last Post: 11-02-2009, 02:08

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •