Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Memisahkan Gateway Internasonal dan IIX dengan 3 NIC (Bagian 2)

    Pada eksperimen saya ini, router mikrotik kita juga akan berfungsi sebagai limiter internasional & IIX, tapi untuk mendukung ini kita membutuhkan 3 NIC, dengan fungsi 1 sebagai interface traffic internasional, 1 sebagai interface traffic local dan 1 sebagai interface distribusi

    Saya asumsikan kondisi address-list sudah memuat semua blok IP IIX dan supaya tidak pusing kita rubah nama-nama interface menjadi :
    1. Internasional
    2. Lokal
    3. Distribusi

    selanjutnya kita configure ip address masing2 interface

    Code:
    /ip address
    add address=192.168.7.1/24 interface=distribusi comment="ip trafik distribusi" disabled=no
    add address=203.89.26.50/30 interface=Internasional comment="ip trafik internasional" disabled=no
    add address=203.89.26.46/30 interface=Lokal comment="ip trafik IIX" disabled=no
    dan kita tandai paket yang menuju IIX dari interface distribusi

    Code:
    /ip firewall mangle
    add chain=prerouting in-interface=distribusi dst-address-list=nice action=mark-routing new-routing-mark=nice2  passthrough=yes comment="mark nice trafic" disabled=no
    perbedaan dengan tutorial yang lalu adalah sekarang kita memberi mangle dengan chain prerouting dan hanya melakukan mangle di traffic yang datang melalui interface distribusi

    sekarang membuat ip route dengan command

    Code:
    /ip route
    add dst-address=0.0.0.0/0 gateway=203.89.26.49 scope=255 target-scope=10 comment="gateway traffic internasional" disabled=no
    add dst-address=0.0.0.0/0 gateway=203.89.26.45 scope=255 target-scope=10 comment="gateway traffic IIX" mark=nice2 disabled=no
    Kita coba terlebih dahulu apakah routing telah berjalan dengan semestinya

    C:\Documents and Settings\user>tracert
    Tracing route to a1924.g.akamai.net [63.150.131.90] over a maximum of 30 hops:
    1 <1 ms <1 ms <1 ms 192.168.7.1
    2 <1 ms <1 ms <1 ms 203.89.26.49
    3 6 ms 5 ms 5 ms 203.89.26.5
    4 5 ms 6 ms 6 ms 202.59.203.241
    5 6 ms 6 ms 8 ms 202.153.90.89
    6 64 ms 59 ms 59 ms 202.153.90.225
    7 63 ms 62 ms 61 ms akamai2-10G.hkix.net [202.40.161.95]
    8 61 ms 61 ms 64 ms 63.150.131.90

    Trace complete.

    C:\Documents and Settings\user>tracert
    Tracing route to [202.134.0.12] over a maximum of 30 hops:
    1 <1 ms <1 ms <1 ms 192.168.7.1
    2 <1 ms <1 ms <1 ms 203.89.26.45
    3 6 ms 5 ms 6 ms 203.89.26.5
    4 7 ms 7 ms 5 ms telkomnet.openixp.net [218.100.27.179]
    5 6 ms 5 ms 6 ms vr--ge.emm.telkom.net.id [202.134.0.1]
    6 6 ms 9 ms 9 ms web.plasa.com [202.134.0.12]
    7 8 ms 6 ms 6 ms web.plasa.com [202.134.0.12]
    8 7 ms 7 ms 10 ms web.plasa.com [202.134.0.12]

    Trace complete.

    Ok .. traffic sudah tau routingnya masing-masing ^^

    Next .. kita buat queue untuk setiap client ..
    Code:
    /queue simple
    add name="IIX-Client-01" max-limit=256000/256000 dst-address="192.168.7.212" interface=lokal 
    add name="INT-Client-01" max-limit=64000/64000  dst-address="192.168.7.212" interface=internasional
    proses limit bandwith akan dilakukan hanya untuk client dengan ip 192.168.7.212 yang traficnya melalui interface local / internasional, dimana traffic yang melewati interface ini telah kita pisah pada ip route diatas
    Last edited by okto_2005; 19-08-2007 at 22:00.

  2. The Following 10 Users Say Thank You to okto_2005 For This Useful Post:


  3. #2
    Status
    Offline
    [a]
    [a]'s Avatar
    Administrator
    Join Date
    Jun 2007
    Location
    Jakarta, Indonesia, Indonesia
    Posts
    1,729
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    thanks bro okto_2005

    Click here to enlarge


  4. #3
    Status
    Offline
    locantop's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    269
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Code:
    /ip address
    add address=192.168.7.1/24 interface=distribusi comment="ip trafik distribusi" disabled=no
    add address=203.89.26.50/30 interface=Internasional comment="ip trafik internasional" disabled=no
    add address=203.89.26.46/30 interface=Lokal comment="ip trafik IIX" disabled=no

    bro. bedanya /30 ama /24 apa?

  5. #4
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ini kan subnet bro kalo /24 itu artinya
    subnet mask: 255.255.255.0 jadi semua ip bisa dipakai (255 ip)
    ip range: 192.168.7.1 sampai 192.168.7.255
    ip address: 192.168.7.0
    ip broadcast: 192.168.7.255

    kalo /30 itu artinya
    subnet mask:255.255.255.252 jadi ip yg bisa dipakai cuma 2
    ip range: 203.89.26.49 - 203.89.26.50
    ip address: 203.89.26.48
    ip broadcast: 203.89.26.51

    (pakai ip subnet calc: )

  6. The Following 2 Users Say Thank You to okto_2005 For This Useful Post:


  7. #5
    Status
    Offline
    Spirit_Moon's Avatar
    Newbie
    Join Date
    Jul 2007
    Posts
    61
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    BUng otto, mantap tutorialnya nih...Hampir seperti kasus saya....Click here to enlarge

    CUman mo tanya nih, bisa ngga pisahin koneksi IIX dan inter tanpa pake list ip IIX (nice) ?
    Jadi kira seperti kita set IP address 192.168.0.1 sampe 192.168.0.10 misalnya, ngga boleh pake koneksi interface internasional gitu ?

  8. #6
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    kalo gatewaynya udah kecampur sama IX en IIX ga bisa lah....
    kecuali gatewaynya udah di filter sama ISP-nya ga usah pake mangle NICE, langsung aja disetting firewall rulenya and masquerade ke kompi yg bisa akses ke IIX.

    kalo yg akses IX (1 kompi aja kan???) pake aja NAT scr-nat,dst-nat

  9. The Following User Says Thank You to okto_2005 For This Useful Post:


  10. #7
    Status
    Offline
    HolyShied's Avatar
    Newbie
    Join Date
    Aug 2007
    Location
    Jakarta
    Posts
    32
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    nice banget

  11. #8
    Status
    Offline
    cloaking's Avatar
    Baru Gabung
    Join Date
    Jul 2007
    Posts
    16
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    om...kok dah gw coba gak bisa yaaa...
    kasus gw gini...
    3 ethernet
    1. speedy buat internasional
    2. wifi buad lokal
    3. LAN

    gw dah ikutin petunjuk diatas...
    -seting ip address
    - masukin list nice (tutorial sebelumnya)
    - mangle paket IIX (tutorial diatas)
    - Ip route (tutorial diatas)

    salahnya dimana ya???
    -apakah perlu di tambahin routing-mark=nice untuk route IIX?? tapi dah dicoba tetep gak bisa...
    - apakah ada kesalahan di mangle???

    tapi gw coba static routing... berjalan dengan sukses....

  12. #9
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Sorry all udah lama ga berkunjung ke Tuts, jadinya da liat ada pertanyaan segini banyakanya Click here to enlarge

    Click here to enlarge Originally Posted by Spirit_Moon Click here to enlarge
    BUng otto, mantap tutorialnya nih...Hampir seperti kasus saya....Click here to enlarge

    CUman mo tanya nih, bisa ngga pisahin koneksi IIX dan inter tanpa pake list ip IIX (nice) ?
    Jadi kira seperti kita set IP address 192.168.0.1 sampe 192.168.0.10 misalnya, ngga boleh pake koneksi interface internasional gitu ?
    kalo pengin ip segitu, buat rule drop aja di firewall, sudah ada di bagian scripting, hanya bisa iix aja:



    @cloaking
    coba di liat di Mangle nya di situ ada packet yg lewat ga???
    Last edited by okto_2005; 19-08-2007 at 21:20.

  13. #10
    Status
    Offline
    hen2drx's Avatar
    Newbie
    Join Date
    Aug 2007
    Location
    Jakarta
    Posts
    30
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    Pakai web proxy bisa ngga?

    kalau ditambahkan Web-Proxy+PCQ kira-kira bisa ngga ya? rule apa aja yg perlu di tambahkan? mohon pencerahan...Click here to enlarge

  14. #11
    Status
    Offline
    ud1geol's Avatar
    Member
    Join Date
    Feb 2008
    Posts
    172
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    1 (100%)
    kalo buat seperti ini ada yg udah coba blom di pake utk game online ,apakah game online nya ngelag apa gak?review donk bagi yg udah coba..pengen buat ,tp takut sama aja..ngelag jg..Click here to enlarge

  15. #12
    Status
    Offline
    freekers's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    167
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    trus dns di sisi komputer client di setnye kemane tuh bro?
    nice tutor nihClick here to enlarge

  16. #13
    Status
    Offline
    lini's Avatar
    Forum Guru
    Join Date
    Sep 2007
    Location
    Karawaci
    Posts
    1,960
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    2 (100%)
    Click here to enlarge Originally Posted by freekers Click here to enlarge
    trus dns di sisi komputer client di setnye kemane tuh bro?
    nice tutor nihClick here to enlarge
    sebaiknya MT dijadikan DNS cache...lalu pada klien diisi ip MT sebagai gateway dan dns sekaligus....cara ini enak dan simple gak perlu rubah rubah dns diklien kalo dns disisi isp gonta ganti....cukup ganti di MT saja Click here to enlarge

  17. #14
    Status
    Offline
    lini's Avatar
    Forum Guru
    Join Date
    Sep 2007
    Location
    Karawaci
    Posts
    1,960
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    2 (100%)
    Click here to enlarge Originally Posted by ud1geol Click here to enlarge
    kalo buat seperti ini ada yg udah coba blom di pake utk game online ,apakah game online nya ngelag apa gak?review donk bagi yg udah coba..pengen buat ,tp takut sama aja..ngelag jg..Click here to enlarge
    tidak ada masalah buat di game...asalkan mangle dan routing anda benar...juga asal kualitas koneksi disisi isp terjamin Click here to enlarge

  18. #15
    Status
    Offline
    icemen_212's Avatar
    Member
    Join Date
    Jan 2008
    Location
    Bintaro Jakarta (waps_tosca07@yahoo.com)
    Posts
    107
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Mak ... nyus router jalan sesuai petunjuk di atas.
    Tetapi ada masalah baru ne : klo pake web proxy jadi gak jalan routing lokal dan internasionalnya, kenapa ya?

 

 
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •