Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 16
  1. #1
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Memisahkan Gateway Internasonal dan IIX (Bagian 1)

    Memisahkan gateway traffic Local dan International

    Teknik lainnya utk memisahkan traffic data local/IIX dan International adalah dengan menggunakan mark-routing

    Misal untuk traffic International dilewatkan melalui gateway 203.89.24.65 sedangkan traffic local Indonesia di lewatkan melalui gateway 203.89.24.177.



    contoh konfigurasi IP address router user pada interface yang terhubung ke router ISP
    Code:
    / ip address
    add address=203.89.24.66/27 network=203.89.24.64 broadcast=203.89.24.95 \
        interface=ether1 comment="ip point to point utk traffic lnternational" \
        disabled=no
    add address=203.89.24.178/30 network=203.89.24.176 broadcast=203.89.24.179 \
        interface=ether1 comment="ip point to point utk traffic local" disabled=no
    Pertama masukkan daftar ip blok dari router NICE ke /ip firewall address-list seperti berikut:
    Code:
    / ip firewall address-list
    add list=nice address=58.65.240.0/23 comment="" disabled=no
    add list=nice address=58.65.242.0/23 comment="" disabled=no
    add list=nice address=58.65.244.0/23 comment="" disabled=no
    add list=nice address=58.65.246.0/23 comment="" disabled=no
    add list=nice address=58.145.174.0/24 comment="" disabled=no
    add list=nice address=58.147.184.0/24 comment="" disabled=no
    add list=nice address=58.147.185.0/24 comment="" disabled=no
    dst…
    untuk mendapatkan script diatas dapat melalui URL berikut:
    karena link sumber sudah mati.... , pakai daftar iix yg di generated oleh mikrotik indonesia di:


    Kemudian tandai packet data yang menuju local Indonesia
    Code:
    / ip firewall mangle
    add chain=postrouting dst-address-list=nice action=mark-routing \
        new-routing-mark=nice passthrough=yes comment="" disabled=no
    Selanjutnya buat ip route berikut :

    Code:
    / ip route
    add dst-address=0.0.0.0/0 gateway=203.89.24.65 scope=255 target-scope=10 \
        comment="traffic selain local Indonesia" disabled=no
    add dst-address=0.0.0.0/0 gateway=203.89.24.177 scope=255 target-scope=10 \
        routing-mark=nice comment="traffic local Indonesia" disabled=no
    Dengan demikian maka jika ke jaringan local Indonesia akan melalui 203.89.24.177 sedangkan untuk ke International melalui 203.89.24.65, sehingga jika interfacenya dipisah diantara router user dengan router datautama dapat diberi dua mikrotik sebagai bridge utk melimit traffic International maupun local secara terpisah.



    Hasil traceroute ke

    C:\Documents and Settings\user>tracert

    Tracing route to [202.134.0.12]
    over a maximum of 30 hops:

    1 <1 ms <1 ms <1 ms 192.168.2.1
    2 <1 ms <1 ms <1 ms ip-24-177.isp.net.id [203.89.24.177]
    3 16 ms 25 ms 12 ms ip-24-1.isp.net.id [203.89.24.1]
    4 25 ms 25 ms 15 ms telkomnet.openixp.net [218.100.27.179]
    5 21 ms 23 ms 19 ms 202.134.2.148
    6 12 ms 9 ms 12 ms web.plasa.com [202.134.0.12]
    7 10 ms 12 ms 28 ms web.plasa.com [202.134.0.12]
    8 11 ms 17 ms 12 ms web.plasa.com [202.134.0.12]

    Trace complete.

    Hasil traceroute ke

    C:\Documents and Settings\user>tracert

    Tracing route to [209.131.36.158]
    over a maximum of 30 hops:

    1 <1 ms <1 ms <1 ms 192.168.2.1
    2 <1 ms <1 ms <1 ms ip-24-65.isp.net.id [203.89.24.65]
    3 15 ms 25 ms 10 ms ip-24-1.isp.net.id [203.89.24.1]
    4 12 ms 12 ms 15 ms 202.59.203.241
    5 10 ms 14 ms 10 ms 202.153.90.89
    6 94 ms 99 ms 71 ms 202.153.90.225
    7 110 ms 204 ms 225 ms 208.30.197.53
    8 * 140 ms 125 ms sl-bb20-hk-14-0.sprintlink.net [203.222.38.37]
    9 * 163 ms 161 ms sl-bb20-tok-15-0.sprintlink.net [203.222.33.88]
    10 318 ms 245 ms 241 ms sl-bb21-sea-8-2.sprintlink.net [144.232.20.50]
    11 305 ms 260 ms 222 ms sl-bb20-sea-15-0.sprintlink.net [144.232.6.89]
    12 218 ms 216 ms 228 ms so-3-0-0.gar1.Seattle1.Level3.net [209.0.227.133]
    13 226 ms 225 ms 313 ms ae-1-53.mp1.Seattle1.Level3.net [4.68.105.65]
    14 237 ms 232 ms 239 ms as-0-0.bbr2.SanJose1.Level3.net [64.159.0.218]
    15 230 ms 235 ms 238 ms ae-23-54.car3.SanJose1.Level3.net [4.68.123.109]
    16 232 ms 241 ms 365 ms 4.71.112.14
    17 230 ms 238 ms 233 ms g-1-0-0-p171.msr2.sp1.yahoo.com [216.115.107.87]
    18 345 ms 314 ms 258 ms UNKNOWN-209-131-32-23.yahoo.com [209.131.32.23]
    19 311 ms 261 ms 235 ms f1. [209.131.36.158]

    Trace complete.

    Sumber:
    Last edited by okto_2005; 15-07-2007 at 08:15.

  2. The Following 6 Users Say Thank You to okto_2005 For This Useful Post:


  3. #2
    Status
    Offline
    supermono's Avatar
    Newbie
    Join Date
    Oct 2007
    Posts
    52
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by okto_2005 Click here to enlarge
    Memisahkan gateway traffic Local dan International


    Pertama masukkan daftar ip blok dari router NICE ke /ip firewall address-list seperti berikut:
    Code:
    / ip firewall address-list
    add list=nice address=58.65.240.0/23 comment="" disabled=no
    add list=nice address=58.65.242.0/23 comment="" disabled=no
    add list=nice address=58.65.244.0/23 comment="" disabled=no
    add list=nice address=58.65.246.0/23 comment="" disabled=no
    add list=nice address=58.145.174.0/24 comment="" disabled=no
    add list=nice address=58.147.184.0/24 comment="" disabled=no
    add list=nice address=58.147.185.0/24 comment="" disabled=no
    dst…
    Bung Okto maaf saya masih bingung nih.. untuk address list, IP nya pakai IP sesuai yang diatas? karena saya coba yg dari list nice kok ga ada yg ke-mark yah? untuk file nice.rsc nya sendiri apakah ada langkah lain setelah di FTP ke MT Box? mohon pencerahannya karena saya lihat kok metode marking nya berbeda2, maklum masih niubie Click here to enlarge

  4. #3
    Status
    Offline
    shiva's Avatar
    Member Senior
    Join Date
    Nov 2007
    Location
    tachyon.net.id, 081908738299
    Posts
    352
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    abis ftp trus diimport dulu bang..
    ketik aja :

    [admin@MikroTik] > import nice.rsc
    Opening script file nice.rsc
    Script file loaded and executed successfully

    CMIIW

  5. #4
    Status
    Offline
    supermono's Avatar
    Newbie
    Join Date
    Oct 2007
    Posts
    52
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    iya sory td malem pas baca2 baru ngeh.. Click here to enlarge skrng udah berhasil thx all

  6. #5
    Status
    Offline
    cooling's Avatar
    Member
    Join Date
    Dec 2007
    Posts
    209
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    untuk kelas ISP nech, kalo kelas warnet gimana yah Click here to enlarge

  7. #6
    Status
    Offline
    supermono's Avatar
    Newbie
    Join Date
    Oct 2007
    Posts
    52
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ga masalah kok, prinsipnya kan RT/RW. ISP dan War Net sama.. layanan Internet

  8. #7
    Status
    Offline
    ghozani's Avatar
    Baru Gabung
    Join Date
    Apr 2008
    Posts
    12
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    hmmm, klo kita pake speedy caranya gimana om, trus semisal semua settingan tsb di pake dalam 1 pc router +2 nic apa g berat?(soal tugas seblumnya uda gatway, bandwith management, web proxy

  9. #8
    Status
    Offline
    lukiluck's Avatar
    Baru Gabung
    Join Date
    Mar 2008
    Posts
    17
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    hmmh tanya nie

    soalny sepertinya settingan ini pas buat d warnet gw....

    gw ad pake koneksi wireless dgn intl 256 dan IIX 1MB + speedy 384kbps.

    Nha gw pgn client gw yg game itu kalo browsing internet larinya ke wireless, klo game ny sok pasti IIX lha

    dan untuk yg warnet browsing internasional ke speedy dan browsing iix ke wireless.

    bingung....berhubung mikrotikny punya provider...jd ny kg bs nambah NIC seenak jidat.

    klo sekarang si gw pake 2 mikrotik...tapi jd kaga maximal...

  10. #9
    Status
    Offline
    princenux's Avatar
    Member
    Join Date
    Aug 2007
    Posts
    264
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    gua coba jawab yah mas lukiluck..

    =========================================

    kalo kakinya ada 3... 2 ethernet, 1 wireles...
    maka bisa dibuat... 1 eth ke LAN, 1 eth ke speedy dan 1 wireless ke ISP
    maka konsepnya gini...
    semua traffic yg masuk, di marking...

    trus di cek.. apakah masuk ke addresslist nice tadi.... kalo masuk ke nice.. maka di lempar ke wireless... (secara routing)

    tapi kalo tidak maka di lempar (secara routing juga), ke speedy

    =========================================

    kalo kakinya ada 2... 1 ethernet, 1 wireles...
    maka bisa dibuat... 1 eth ke LAN, 1 wireless ke ISP
    dan buat lah 1 IP lagi (IP Aliasing, atau virtual IP), ke speedy
    maka dan lakukan hal yg sama seperti di atas...

    gimane ngerti gak ??

  11. #10
    Status
    Offline
    lukiluck's Avatar
    Baru Gabung
    Join Date
    Mar 2008
    Posts
    17
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    wuih boss furin yang menjawab.....

    nha berhubung pake kondisi yang ke 2....

    gimana tuh carany setting virtual ip?

    add interface dulu? VLAN interface?

    misalny udah..... ip address modem speedy ny beda dengan ip eth LAN?

  12. #11
    Status
    Offline
    princenux's Avatar
    Member
    Join Date
    Aug 2007
    Posts
    264
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    oow gak susah mas...
    cara 1 interface ada 2 ip, gak usah pake vlan2an...

    kalo di winbox...
    masuk aja di ip address...
    trus tambahin aja disana...

    tambahkan IPnya... di interface eth1...
    nanti eth1nya punya 2 ip... Click here to enlarge

    Click here to enlarge

    =========================

    dirimu pedagang kaos itu yah ?

  13. #12
    Status
    Offline
    lukiluck's Avatar
    Baru Gabung
    Join Date
    Mar 2008
    Posts
    17
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    huhm gak bakal bentrok tuh ip ny?

    huhm saya bukan pedagang kaos ntu bozz Click here to enlarge

    mantan punggawa bola365 dulu...... Click here to enlarge

    sayang kmrn gag sempet ikod bootcamp....klo kaga ktemu lg kita....

  14. #13
    Status
    Offline
    princenux's Avatar
    Member
    Join Date
    Aug 2007
    Posts
    264
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ooow gituh..
    gak bentrok koq... baik2 aja...
    di test aja dulu...

    oow dari b365 yah...
    dikira pedagang kaos..
    karena ada pedagang kaos pake nama lukiluck juga.. :P

  15. #14
    Status
    Offline
    lukiluck's Avatar
    Baru Gabung
    Join Date
    Mar 2008
    Posts
    17
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    huhm bisa bisa.....

    thx boss......

    walo baru naro config doank.....mo di implementasiin skarang tar repot klo putus internetny.....

    jd ny kya gini
    Code:
    element:
    nice.rsc
    warnet address list:
    192.168.9.41
    192.168.9.42..192.168.952
    ip modem=192.168.9.200
    ip gateway wireless=202.154.176.xxx
    #routing ke speedy
    /ip firewall mangle add chain=prerouting src-address-list=warnet dst-address-list=!nice action=mark-routing new-routing-mark=route-speedy passthrough=yes
    
    #routing iix
    /ip firewall mangle add chain=prerouting src-address=192.168.9.0/24 dst-address-list=nice action=mark-routing new-routing-mark=route-iix passthrough=yes
    
    #routing browse gamenet
    /ip firewall mangle add chain=prerouting src-address-list=!warnet dst-address-list=nice action=mark-routing new-routing-mark=route-wireless passthrough=yes
    
    #routing list
    #route ke speedy
    /ip route add dst-address=0.0.0.0/0 gateway=192.168.9.200 mark=route-speedy
    
    #route IIX
    /ip route add dst-address=0.0.0.0/0 gateway=202.154.176.xxx mark=route-iix
    
    #route browse gamenet
    /ip route add dst-address=0.0.0.0/0 gateway=202.154.176.xxx mark=route-wireless
    CMIIW

    trus apa NAT ny perlu di setting? soalny NAT saat ini ngarahny ke wireless

  16. #15
    Status
    Offline
    princenux's Avatar
    Member
    Join Date
    Aug 2007
    Posts
    264
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    yah iyah...
    kalo mo ke inet yah harus di nat lah...
    kalo gak nanti gak bisa inetan....

 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •