itu pic nya
itu pic nya
ok.... tak tunggu hasilnya yaaaa
sebenarnya jd lambatnya bukan karena ketika balance bagi 2, data request ke ISP satunya penuh, cuman karena respon time/latency dari salah satu koneksi lebih cepat (dalam hal ini adslnya), ini bs ditest dengan melimit kedua koneksi sama2 256kbps, saat download tidak akan krasa karena datanya continue,
saat browsing baru akan kliatan, ketika paket request turun ke gateway adslnya data hal web/gambar (mis: 64kB) kembali dalam waktu yg lebih cepat.
pada trik ini, cuma memberikan porsi trafik lebih besar pada jalur adsl yg respon timenya lebih cepat, pada kasus ketika respon timenya lebih lambat dari ISP x ini tidak akan membantu keseimbangan,
alternatif lain bs dengan pembagian routing spesifik antar 2 ISP tsb, cuman kalau yg satu lemot bener respon timenya, tidak akan banyak gunanya...
Terima Kasih pak responnya..
mungkin Opini anda juga benar.. namu di sini saya hanya memberikan Prioritas jalur packet saja.. jadi apabila Spidi dan ISP perbandingannya 1:1 nantinya hanya terload 50% karena yang satu lama responnya lalu dengan trik ini bisa load 65% - 70%, sedikit lebih baik krena perbandingannya 2:1 mungkin begitu maskud saya... namun kembali lagi saya minta maaf.. kalo mungkin penjelasan saya ini ngawur soalnya dasarnya hanya dari semangat coba coba... bukan penelitian ilmiah.. maap ya bang mod![]()
kalo routing spesifik ada contohnya ngga.....
soalnya kalo pake lb memang terasa lemot.....
kasus di saya....
ada 3 koneksi... 1 koneksi 1 Mb 1:1 2 koneksi speedy warnet.
kalo saya pake loadbalance...... koneksi jadi lemot...
walaupun porsi untuk yang 1 mb saya kasih lebih..... tetep lemot......
saya maunya misalnya ip dari 2-100 masuk ke isp 1, dst....
bisa ngga????
tolong contohnya yaaaa....
thx b4
sorry man.....
udah mumet otak gw tadi....
coz udah seminggu lemot koneksi....
coz boz udah marah²
any way......
ini settingan saya tak posting di sini aja yaaaaaaaaa
1. rubah nama interface
2. beri IP addressCode:/interface set ether1 name=lokal comment="onboard" set ether2 name=infotek comment="infotek" set ether3 name=spd1 comment="sapidol 1" set ether4 name=spd2 comment="sapidol 2" set ether5 name=cadangan comment="cadangan"
3. buat adress listCode:/ip address add address=192.168.0.1/24 interface=lokal add address=192.168.1.2/24 interface=infotek add address=192.168.2.2/24 interface=spd1 add address=192.168.3.2/24 interface=spd2
4. blok virus convicker + situs porno (Untuk loadav . exe dihilangkan spasi sebelum dan sesudah titik)Code::for x from=2 to=25 do={ /ip firewall address-list add list="blok1" address="192.168.0.$x" } :for x from=26 to=50 do={ /ip firewall address-list add list="blok2" address="192.168.0.$x" } :for x from=51 to=60 do={ /ip firewall address-list add list="blok3" address="192.168.0.$x" } :for x from=1 to=44 do={ /ip firewall address-list add list="wireless" address="192.168.0.$x" }
5. Buat mark paketCode::for x from=1 to=70 do={ /ip firewall address-list add list="ournetwork" address="192.168.0.$x" } :for x from=1 to=44 do={ /ip firewall address-list add list="ournetwork" address="192.168.100.$x" } /ip firewall mangle add chain=prerouting in-interface=lokal dst-address=!ournetwork content=loadav . exe action=add-dst-to-address-list address-list=conficker-dst time=02:00:00 /ip firewall filter add chain=forward dst-address-list=conficker-list action=drop /ip firewall mangle add chain=prerouting in-interface=lokal dst-address=!ournetwork content=sex action=add-dst-to-address-list address-list=porn time=02:00:00 /ip firewall filter add chain=forward dst-address-list=porn action=drop comment="Blok Porn :)" /ip firewall mangle add chain=prerouting in-interface=lokal dst-address=!ournetwork content="sex videos" action=add-dst-to-address-list address-list=porn time=02:00:00 /ip firewall mangle add chain=prerouting in-interface=lokal dst-address=!ournetwork content=porn action=add-dst-to-address-list address-list=porn time=02:00:00 /ip firewall mangle add chain=prerouting in-interface=lokal dst-address=!ournetwork content=hentai action=add-dst-to-address-list address-list=porn time=02:00:00 /ip firewall mangle add chain=prerouting in-interface=lokal dst-address=!ournetwork content=blowjob action=add-dst-to-address-list address-list=porn time=02:00:00 /ip firewall mangle add chain=prerouting in-interface=lokal dst-address=!ournetwork content=tub8.com action=add-dst-to-address-list address-list=porn time=02:00:00 /ip firewall mangle add chain=prerouting in-interface=lokal dst-address=!ournetwork content=redtube.com action=add-dst-to-address-list address-list=porn time=02:00:00
6. buat NATCode:/ ip firewall mangle add chain=prerouting in-interface=lokal connection-state=new src-address-list=blok1 action=mark-connection new-connection-mark=conn1 passthrough=yes comment="blok1" disabled=no add chain=prerouting in-interface=lokal connection-mark=conn1 action=mark-routing new-routing-mark=conn1 passthrough=no comment="" disabled=no add chain=prerouting in-interface=lokal connection-state=new src-address-list=blok2 action=mark-connection new-connection-mark=conn2 passthrough=yes comment="blok2" disabled=no add chain=prerouting in-interface=lokal connection-mark=conn2 action=mark-routing new-routing-mark=conn2 passthrough=no comment="" disabled=no add chain=prerouting in-interface=lokal connection-state=new src-address-list=blok3 action=mark-connection new-connection-mark=conn3 passthrough=yes comment="blok3" disabled=no add chain=prerouting in-interface=lokal connection-mark=conn3 action=mark-routing new-routing-mark=conn3 passthrough=no comment="" disabled=no add chain=prerouting in-interface=lokal connection-state=new src-address-list=wireless action=mark-connection new-connection-mark=conn4 passthrough=yes comment="blok3" disabled=no add chain=prerouting in-interface=lokal connection-mark=conn4 action=mark-routing new-routing-mark=conn4 passthrough=no comment="" disabled=no
7. Buat routeCode:/ ip firewall nat add chain=srcnat connection-mark=conn1 action=masquerade out-interface=infotek comment="" disabled=no add chain=srcnat connection-mark=conn2 action=masquerade out-interface=spd1 comment="" disabled=no add chain=srcnat connection-mark=conn3 action=masquerade out-interface=spd2 comment="" disabled=no add chain=srcnat connection-mark=conn4 action=masquerade out-interface=infotek comment="" disabled=no
8. Bikin FirewallCode:/ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 routing-mark=conn1 comment="route blok1" check-gateway=ping distance=1 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 routing-mark=conn2 comment="route blok2" check-gateway=ping distance=1 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.3.1 scope=255 target-scope=10 routing-mark=conn3 comment="route blok3" check-gateway=ping distance=1 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 routing-mark=conn4 comment="route blok4" check-gateway=ping distance=1 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 routing-mark=conn1 comment="backup route blok1" check-gateway=ping distance=2 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.3.1 scope=255 target-scope=10 routing-mark=conn2 comment="backup route blok2" check-gateway=ping distance=2 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 routing-mark=conn3 comment="backup route blok3" check-gateway=ping distance=2 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 routing-mark=conn4 comment="backup route blok4" check-gateway=ping distance=2 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 comment="" check-gateway=ping distance=1 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 comment="" check-gateway=ping distance=2 disabled=no add dst-address=0.0.0.0/0 gateway=192.168.3.1 scope=255 target-scope=10 comment="" check-gateway=ping distance=3 disabled=no
9. set dnsCode:/ip firewall filter add chain=forward protocol=icmp icmp-options=11:0 action=drop comment="Drop Traceroute" add chain=forward protocol=icmp icmp-options=3:3 action=drop comment="Drop Traceroute" add chain=input action=accept protocol=icmp limit=50/5s,2 comment="limit ping dari client" add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="Port scanners to list" disabled=no add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP FIN Stealth scan" add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/FIN scan" add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="SYN/RST scan" add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="FIN/PSH/URG scan" add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="ALL/ALL scan" add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list="port scanners" address-list-timeout=2w comment="NMAP NULL scan" add chain=input src-address-list="port scanners" action=drop comment="dropping port scanners" disabled=no
Tolong di cek yaaaCode:/ip dns set primary-dns=192.168.21.100 secondary-dns=192.168.2.1 allow-remote-requests=yes /system identity set name=gateway
kayaknya untuk failover ngga jalan deh.....
Last edited by all21; 16-02-2009 at 15:02.
untuk menyeimbangkan beban bisa juga dengan menggunakan "eoip", misal:
isp 1 = 1000 kb
isp 2 = 256 kb
total = 1256 kb
pada tujuan isp 1 berikan 4 alamat eoip
pada tujuan isp 2 berikan 1 alamat eoip
logikanya MT punya 5 gateway (each 256), total 1256, yang mana artinya setiap request ke ke MT akan dibagi rata (karena MT ngak tahu kita langganan ke ISP 1 berapa dan ke ISP 2 berapa?), yang diketahui adalah jumlah request yang datang dan jumlah gateway yang siap sedia melayani.....he...he, mohon maaf kalau salah.
y a memang sih hal kayak begini tentunya bukan konsumsi sekelas AKANG'E tapi kita kita yang baru belajar ... butuh wacana demikian ... lanjut BRO adhie.... terus terang KANG .... banyak anggota forum yang baru gabung ... dan banya juga yg masih belajar seperti saya .... ya KITA DUKUNG aja yg penting POSITIF ... dan bukan SPAM ... itu aja KOQ REPOT ...
There are currently 1 users browsing this thread. (0 members and 1 guests)