Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 32
  1. #16
    Status
    Offline
    cabe97's Avatar
    Baru Gabung
    Join Date
    Dec 2009
    Posts
    13
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ikut menyimak....

  2. #17
    Status
    Offline
    siber's Avatar
    Member Super Senior
    Join Date
    Oct 2009
    Location
    www.hikmah-teknologi.com
    Posts
    616
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    sekedar share :
    untuk menghindari layer7/conten yang berat di resources/ menggunakan list ip type video yang banyak, bisa menggunakan proxy external untuk mengarahkan ke satu gateway isp,

    konsepnya gini.

    1. buat ip alias di proxy (prefix /30) sebagai sources ip addres dan di mikoritknya (prefix /30) sebagai gateway proxy
    2. definiskan di config squidnya dengan option tcp_out_going untuk type destination domain(type streaming/download dll)

    3. baru arahkan sources addres dari ip alias tadi ke gateway line yang di inginkan

    sekedar contoh ":
    di squid.conf
    Code:
    #tcp_outgoing
    #video streming
    acl videos url_regex -i .youtube.com
    acl videos url_regex -i .l.google.com
    acl videos url_regex -i .redtube.com
    acl videos url_regex -i .xtube.com
    acl videos url_regex -i .youporn.com
    acl videos url_regex -i .tube8.com
    acl videos url_regex -i .metacafe.com
    acl videos url_regex -i .dailymotion.com
    acl videox url_regex -i .pornhub.com
    acl videox url_regex -i .pornhub4u.com
    acl videox url_regex -i .xhamster.com
    acl videox url_regex -i .videobash.com
    acl videos url_regex -i video.google.com
    acl videos url_regex -i .vimeo.com
    acl videos url_regex -i .wrzuta.pl
    acl videos url_regex -i soapbox.msn.com
    acl videos url_regex -i .blip.tv
    acl videos url_regex -i .break.com
    acl videos url_regex -i tvuol.uol.com.br
    acl videos url_regex -i .llnwd.net
    acl videox url_regex -i .hellxx.com
    
    #downloads type
    acl downloads url_regex -i .rapidshare.com
    acl downloads url_regex -i .windowsupdate.com
    acl downloads url_regex -i .2shared.com
    acl downloads url_regex -i .fileserve.com
    acl downloads url_regex -i .filesonic.com
    acl downloads url_regex -i .gudanglagu.com
    acl downloads url_regex -i .gigasize.com
    acl downloads url_regex -i .hotfile.com
    acl downloads url_regex -i .4shared.com
    acl downloads url_regex -i .depositfiles.com
    acl downloads url_regex -i .easy-share.com
    acl downloads url_regex -i .enterupload.com
    acl downloads url_regex -i .failai.it
    acl downloads url_regex -i .filefactory.com
    acl downloads url_regex -i .indowebster.com
    acl downloads url_regex -i .letibit.net
    acl downloads url_regex -i .mediafire.com
    acl downloads url_regex -i .mediashares.com
    acl downloads url_regex -i .megaupload.com
    acl downloads url_regex -i .netload.in
    acl downloads url_regex -i .sharingmatrix.com
    acl downloads url_regex -i .uploaded.to
    acl downloads url_regex -i .uploading.com
    acl downloads url_regex -i .vip-file.com
    acl downloads url_regex -i .ziddu.com
    
    
    tcp_outgoing_address 192.168.100.1 videos
    tcp_outgoing_address 192.168.100.6  downloads
    tcp_outgoing_address 192.168.100.10 localnet

    ip di proxynya nya :
    Code:
    etherx alias1 192.168.100.1/30
    etherx alias1 192.168.100.6/30
    etherx alias2 192.168.100.10/30
    ip di mikrotiknya :
    Code:
    etherx alias1 192.168.100.2/30
    etherx alias1 192.168.100.5/30
    etherx alias2 192.168.100.13/30
    manglenya di mikrotik

    Code:
    /ip fi ma
    add action=mark-routing new-routing-mark=youtube chain=prerouting comment="youtube Routing" passthrough=no  dst-port=80 src-addres=192.168.100.1 protocol=tcp
    add action=mark-routing new-routing-mark=downloads chain=prerouting comment="downloads Routing" passthrough=no dst-port=80 src-addres=192.168.100.6 protocol=tcp
    
    /ip route
    add distance=1 dst-address=0.0.0.0 gateway=line2 routing-mark=youtube
    add distance=1 dst-address=0.0.0.0 gateway=line2 routing-mark=downloads  
    ------------

    COLEK MI AYAM WRONG Click here to enlarge
    Last edited by siber; 23-05-2011 at 13:26.

  3. The Following 3 Users Say Thank You to siber For This Useful Post:


  4. #18
    Status
    Offline
    why_you's Avatar
    Member
    Join Date
    May 2010
    Posts
    130
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    gimana bang siber bikin ip aliasnya di proxy (apa ada tambahan dependensi di os proxy, di unik gimana di linux gimana)
    trus di mikrotik gimana bikin aliasnya, apa pake vlan atau cuman nambahin ip address pada ether lan misalnya

    mohon pencerahannya suhu



    @bang siber=== solved bang
    tengkyu tutornya bang

    cuman bikin ip alias di proxy
    di mt cuman nambahin ip address pada ether yang di colokin squid

    sip tutornya
    Last edited by why_you; 31-05-2011 at 09:29.

  5. #19
    Status
    Offline
    siber's Avatar
    Member Super Senior
    Join Date
    Oct 2009
    Location
    www.hikmah-teknologi.com
    Posts
    616
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    hehe sip

    selamat bro ..

    anda layak dapat Click here to enlarge

  6. #20
    Status
    Offline
    nana6262's Avatar
    Member
    Join Date
    Nov 2008
    Location
    Depan SMA I
    Posts
    174
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    klo untuk download lebih enak berdasarkan ektension deh

    acl download urlpath_regex -i ftp \.exe$ \.mp3$ \.mp4$ \.tar.gz$ \.gz$ \.tar.bz2$ \.rpm$ \.zip$ \.rar$ \.avi$ \.mpg$ \.mpeg$
    acl download urlpath_regex -i \.rm$ \.iso$ \.wav$ \.mov$ \.dat$ \.mpe$ \.mid$ \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m
    acl download urlpath_regex -i \.mp2$ \.mpa$ \.wax$ \.m3u$ \.asx$ \.wpl$ \.wmx$ \.dvr-ms$ \.snd$ \.au$ \.aif$ \.asf$ \.m2v$ \
    acl download urlpath_regex -i \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ \.vob$ \.aob$ \.dts$ \.ac3$ \.cda$ \.vro$ \.deb$
    acl download urlpath_regex -i \.jpg$ \.png$ \.jpeg$ \.gif$ \.swf$
    Last edited by nana6262; 04-06-2011 at 20:26.

  7. #21
    Status
    Offline
    siber's Avatar
    Member Super Senior
    Join Date
    Oct 2009
    Location
    www.hikmah-teknologi.com
    Posts
    616
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by nana6262 Click here to enlarge
    klo untuk download lebih enak berdasarkan ektension deh

    acl download urlpath_regex -i ftp \.exe$ \.mp3$ \.mp4$ \.tar.gz$ \.gz$ \.tar.bz2$ \.rpm$ \.zip$ \.rar$ \.avi$ \.mpg$ \.mpeg$
    acl download urlpath_regex -i \.rm$ \.iso$ \.wav$ \.mov$ \.dat$ \.mpe$ \.mid$ \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m
    acl download urlpath_regex -i \.mp2$ \.mpa$ \.wax$ \.m3u$ \.asx$ \.wpl$ \.wmx$ \.dvr-ms$ \.snd$ \.au$ \.aif$ \.asf$ \.m2v$ \
    acl download urlpath_regex -i \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ \.vob$ \.aob$ \.dts$ \.ac3$ \.cda$ \.vro$ \.deb$
    acl download urlpath_regex -i \.jpg$ \.png$ \.jpeg$ \.gif$ \.swf$
    betol bro, cuman gak bisa mengarahkan ke salah satu isp, dan routing tidak kenal type browse/download, jika menggunakan delay_pool sangat amat tidak nyaman ketika client > 30, kinerja proxy akan berat dan kurang responsif karena sebab ini addrian chad menciptakan delay_body_max_size, namun teteap saja mengganggu kinerja proxy jika diaktifkan, untuk limiter sebaiknya di serahkan ke mikrotik yang memang sudah tugasnya

  8. The Following User Says Thank You to siber For This Useful Post:


  9. #22
    Status
    Offline
    nana6262's Avatar
    Member
    Join Date
    Nov 2008
    Location
    Depan SMA I
    Posts
    174
    Reviews
    Read 0 Reviews
    Downloads
    1
    Uploads
    0
    Feedback Score
    0
    klo untuk mengarahkan ke satu isp bisa bro, klo masalah membebani proxy gak tau broClick here to enlarge
    dulu pake cara ini waktu masih kekurangan bandwithClick here to enlarge
    ni saya copas dari sumbernya

    Click here to enlarge Originally Posted by geonet_comp Click here to enlarge
    Click here to enlarge

    Skema :
    -------------Proxy
    ---------------|
    VSAT---------MT---------Astinet
    ---------------|
    -------------Clients

    Interface VSAT : 192.168.1.1/24
    Interface Astinet : 192.168.2.1/24
    Interface Proxy : 192.168.3.2/24 dan 192.168.3.3/24
    Interface Clients : 192.168.4.2/24
    Interface di MT :
    ke vsat : 192.168.1.2/24
    ke Astinet : 192.168.2.2/24
    ke Proxy : 192.168.3.1/24
    ke Clients : 192.168.4.1/24

    NAT :
    ;;proxy
    /ip firewall chain=srcnat src-addresses=192.168.3.2 out-interface=vsat action=src-nat to-addresses=192.168.1.1 to-ports=0-65535

    /ip firewall chain=srcnat src-addresses=192.168.3.3 out-interface=astinet action=src-nat to-addresses=192.168.2.1 to-ports=0-65535

    ;;clients
    /ip firewall chain=srcnat src-addresses=192.168.4.2 out-interface=vsat action=src-nat to-addresses=192.168.1.1 to-ports=0-65535

    ;;transparent proxy
    /ip firewall chain=dstnat protocol=tcp dst-port=80 in-interface=clients action=dst-nat to-addresses=192.168.3.2 to-ports=3128

    MANGLE:
    /ip firewall mangle chain=prerouting src-address=192.168.3.3 action=mark-connection new-connection-mark=browse passthrough=yes
    /ip firewall mangle chain=prerouting in-interface=proxy connection-mark=browse action=mark-routing new-routing-mark=browse

    ROUTING :
    /ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1
    /ip route add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=browse
    /ip route rule add src-address=192.168.3.3 action=lookup table=main

    Di MT dah selese untuk urusan NAT dan MANGLE serta ROUTING, lanjut di squid :

    edit /etc/squid.conf

    --------------------------------------------------------------------------------------------
    acl download urlpath_regex -i ftp \.exe$ \.mp3$ \.mp4$ \.tar.gz$ \.gz$ \.tar.bz2$ \.rpm$ \.zip$ \.rar$ \.avi$ \.mpg$ \.mpeg$
    acl download urlpath_regex -i \.rm$ \.iso$ \.wav$ \.mov$ \.dat$ \.mpe$ \.mid$ \.midi$ \.rmi$ \.wma$ \.wmv$ \.ogg$ \.ogm$ \.m
    acl download urlpath_regex -i \.mp2$ \.mpa$ \.wax$ \.m3u$ \.asx$ \.wpl$ \.wmx$ \.dvr-ms$ \.snd$ \.au$ \.aif$ \.asf$ \.m2v$ \
    acl download urlpath_regex -i \.ts$ \.tp$ \.trp$ \.div$ \.divx$ \.mod$ \.vob$ \.aob$ \.dts$ \.ac3$ \.cda$ \.vro$ \.deb$
    acl download urlpath_regex -i \.jpg$ \.png$ \.jpeg$ \.gif$ \.swf$

    tcp_outgoing_address 192.168.3.2 download
    tcp_outgoing_address 192.168.3.3

    server_persistent_connections off

    ---------------------------------------------------------------------------------------------

    That`s all bro, any another needed config please refer to your needed Click here to enlarge

  10. The Following User Says Thank You to nana6262 For This Useful Post:


  11. #23
    Status
    Offline
    siber's Avatar
    Member Super Senior
    Join Date
    Oct 2009
    Location
    www.hikmah-teknologi.com
    Posts
    616
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Code:
    /ip firewall mangle chain=prerouting src-address=192.168.3.3 action=mark-connection new-connection-mark=browse passthrough=yes
    /ip firewall mangle chain=prerouting in-interface=proxy connection-mark=browse action=mark-routing new-routing-mark=browse
    kalau itu hanya sekedar mengarahkan route proxy ke salah satu gateway, tidak memisahkan browse/download/type streaming domain.

    kalau route tidak usah dengan mark-con, cukup mark route saja satu baris, mark-con cukup banyak makan resourcs CPU mikrotik, atau menggunakan ip route rules (no mark packet in mangle)

    disitu namanya saja dinamakan browse, padahal download juga ya masuk ke gateway itu.

    ada beberapa rt/rwnet yang ingin memisahkan type domain berat/streamingan/download hanya ke salah satu isp, sedang domain brosingan biasa ke isp lainnya, jadi yang brosing tidak akan terganggu. di layer 3 mikrotik tidak di kenal type ini, kecuali me list satu2 ratusan IP domain tsb dengan regex layer 7/content, jadi lagi2 tidak efisen

    solusinya ya main tcp_outgoing

    CMIIW
    Last edited by siber; 05-06-2011 at 10:40.

  12. The Following 2 Users Say Thank You to siber For This Useful Post:


  13. #24
    Status
    Offline
    why_you's Avatar
    Member
    Join Date
    May 2010
    Posts
    130
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    sip juragan siber Click here to enlarge

  14. #25
    Status
    Offline
    Dobby's Avatar
    Baru Gabung
    Join Date
    Mar 2008
    Posts
    6
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Layak untuk dicoba, mhn ijin gan

  15. #26
    Status
    Offline
    malik81's Avatar
    Baru Gabung
    Join Date
    Jun 2011
    Posts
    6
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ikut nyimak Click here to enlargeClick here to enlarge

  16. #27
    Status
    Offline
    copilot's Avatar
    Baru Gabung
    Join Date
    Jan 2010
    Posts
    5
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    ikut blajr om,

  17. #28
    Status
    Offline
    learn2live's Avatar
    Baru Gabung
    Join Date
    Jun 2011
    Posts
    11
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    i havent the same issue with youtube. i create a mangle and cap all the youtube ip to 700k that way it don't eat my bandwidht

  18. #29
    Status
    Offline
    joyosempal's Avatar
    Baru Gabung
    Join Date
    Jan 2011
    Posts
    14
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    mantab tuh jadinya koneksi inet ngacirrrrrrrrrClick here to enlarge

  19. #30
    Status
    Offline
    xiangmdn's Avatar
    Baru Gabung
    Join Date
    Aug 2009
    Posts
    5
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    numpang nanya om..
    command buat ip alias di linux nya gmn tuh?
    trims

 

 
Page 2 of 3 FirstFirst 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. misahin download dan browsing?
    By dedikdwiyanto in forum Scripting @ Mikrotik
    Replies: 55
    Last Post: 24-08-2011, 20:07
  2. [ASK] Limit Youtube dan Download
    By doblehksp in forum Beginner Basics
    Replies: 2
    Last Post: 01-06-2010, 18:07
  3. Replies: 0
    Last Post: 01-05-2010, 19:01
  4. misahin bandwith download dengan browsing gemana ya..?
    By babytux in forum General Networking
    Replies: 12
    Last Post: 10-04-2010, 07:41

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •