Setting Mikrotik rb 750 G + 2 line speedy + proxy squid Settingan sederhana load balancing 2 speedy + squid tidak cocok

buat Warnet Game Online topologinya speedy1---------- mikrotik RB 750 G-------LAN-----client speedy2---squid ubuntu 9.10 seting modem menjadi bridge ip address modem 1 192.168.1.1 modem 2 192.168.2.1 proxy 192.168.3.2 ip mikrotik lan 192.168.0.1 modem1 192.168.1.2 modem2 192.168.2.2 proxy 192.168.3.1 pppoe /interface pppoe-client add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 comment="" di al-on-demand=no disabled=no interface=Speedy-1 max-mru=1480 max-mtu=1480 mrru=di sabled name="PPPoE-1" user="******@telkom.net" password="***" profile=default se rvice-name="" use-peer-dns=no user="***" add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 comment="" di al-on-demand=no disabled=no interface=Speedy-2 max-mru=1480 max-mtu=1480 mrru=di sabled name="PPPoE-2" user="******@telkom.net" password="***" profile=default se rvice-name="" use-peer-dns=no user="***" set /ip add add nat firewall nat chain=srcnat action=masquerade out-interface=PPPoE-1 comment="" disabled=no chain=srcnat action=masquerade out-interface=PPPoE-2 comment="" disabled=no

/ip firewall nat add chain=dstnat action=dst-nat to-address=ip squid proxy to-ports=3128 dst.-add ress-list=ip squid protocol=tcp dst.-port=80 in.-interface=ip lan add chain=dstnat action=dst-nat to-address=ip squid proxy to-ports=3128 dst.-add ress-list=ip squid protocol=tcp dst.-port=8080 in.-interface=ip lan add chain=dstnat action=dst-nat to-address=ip squid proxy to-ports=3128 dst.-add ress-list=ip squid protocol=tcp dst.-port=3128 in.-interface=ip lan set manggel /ip firewall mangle add action=mark-connection chain=prerouting comment="Load Mangel" connection-sta te=new disabled=no in-interface=lan nth=2,1 new-connection-mark=ADSL-1 passthrou gh=yes add action=mark-connection chain=prerouting comment="" connection-state=new disa

bled=no in-interface=lan nth=2,2 new-connection-mark=ADSL-2 passthrough=yes add action=mark-routing chain=prerouting comment="Mark Paket" in-interface=lan c onnection-mark=ADSL-1 disabled=no new-routing-mark=speedy-1-conn passthrough=no add action=mark-routing chain=prerouting comment="" in-interface=lan connectionmark=ADSL-2 disabled=no new-routing-mark=speedy-2-conn passthrough=no set Proxy add action=mark-connection chain=prerouting comment="proxy" in-interface=proxy c onnection-state=new nth=2,1 disabled=no new-connection-mark=ADSL-1 passthrough=y es add action=mark-connection chain=prerouting comment="" in-interface=proxy connec tion-state=new nth=2,2 disabled=no new-connection-mark=ADSL-2 passthrough=yes add action=mark-routing chain=prerouting comment="Proxy mark" in-interface=proxy connection-mark=ADSL-1 disabled=no new-routing-mark=speedy-1-conn passthrough=n o add action=mark-routing chain=prerouting comment="" in-interface=proxy connectio n-mark=ADSL-1 disabled=no new-routing-mark=speedy-1-conn passthrough=no IP Route /ip route add disabled=no distance=1 dst-address=0.0.0.0/0 gateway-interface=PPPoE-1 , sco pe=30 target-scope=10 routing-mark=modem1 add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=ip yang diberi pppoe2 g ateway-interface=PPPoE-2 scope=30 target-scope=10 routing-mark=modem2 add disabled=no distance=1 dst-address=0.0.0.0/0 gateway-interface=PPPoE-1, PPPo E-2 scope=30 target-scope=10 add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=ip yang diberi pppoe1 g ateway-interface=PPPoE-1 scope=30 target-scope=10 routing-mark=modem1

Untuk Proxynya #==================================# # Proxy Server Versi 2.7.Stable3 #==================================# ################################################## # Port ################################################## http_port 3128 transparent icp_port 3130 prefer_direct off ################################################## # Cache & Object ################################################## cache_mem 8 MB cache_swap_low 98 cache_swap_high 99 max_filedesc 8192 maximum_object_size 1024 MB minimum_object_size 0 KB maximum_object_size_in_memory 4 bytes

############### ###############

############### ###############

ipcache_size 4096 ipcache_low 98 ipcache_high 99 fqdncache_size 4096 cache_replacement_policy heap LFUDA memory_replacement_policy heap GDSF ################################################## ############### # cache_dir cache_dir aufs /home/proxy1 9000 32 128 cache_dir aufs /home/proxy2 9000 32 128 cache_dir aufs /home/proxy3 9000 32 128 cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log none pid_filename /var/run/squid.pid cache_swap_log /var/log/squid/swap.state dns_nameservers /etc/resolv.conf emulate_httpd_log off hosts_file /etc/hosts half_closed_clients off negative_ttl 1 minutes ################################################## ############### # Rules: Safe Port ################################################## ############### acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8q acl lan src 192.168.0.0/27 acl modem1 src 192.168.1.0/24 acl modem2 src 192.168.2.0/24 acl proxy src 192.168.3.0/24 acl SSL_ports port 443 563 873 # https snews rsync acl Safe_ports port 80 # http acl Safe_ports port 20 21 # ftp acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 631 # cups acl Safe_ports port 10000 # webmin acl Safe_ports port 901 # SWAT acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 873 # rsync acl Safe_ports port 110 # POP3 acl Safe_ports port 25 # SMTP acl Safe_ports port 2095 2096 # webmail from cpanel acl Safe_ports port 2082 2083 # cpanel acl purge method PURGE acl CONNECT method CONNECT http_access allow manager localhost http_access allow lan http_access allow modem2 http_access allow modem2 http_access allow proxy http_access deny manager http_access allow purge localhost http_access deny purge

http_access deny !Safe_ports !SSL_ports http_access deny CONNECT !SSL_ports !Safe_ports ################################################## ############### # Refresh Pattern ################################################## ############### refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i \.(gif png jpg jpeg ico)$ 10080 90% 43200 override-expire ign ore-no-cache ignore-private refresh_pattern -i \.(iso avi wav mp3 mp4 mpeg mpg swf flv x-flv)$ 43200 90% 432 000 override-expire ignore-no-cache ignore-private refresh_pattern -i \.(deb rpm exe ram bin pdf ppt doc tiff)$ 10080 90% 43200 ove rride-expire ignore-no-cache ignore-private refresh_pattern -i \.(zip gz arj lha lzh tar tgz cab rar)$ 10080 95% 43200 overr ide-expire ignore-no-cache ignore-private refresh_pattern -i \.(html htm css js php asp aspx cgi) 1440 40% 40320 refresh_pattern . 0 20% 4320 ################################################## ############### # HAVP + Clamav ################################################## ############### cache_peer 127.0.0.1 parent 8080 0 no-query no-digest no-netdb-exchange default ################################################## ############### # HIERARCHY (BYPASS CGI) ################################################## ############### #hierarchy_stoplist cgi-bin ? .js .jsp #acl QUERY urlpath_regex cgi-bin \? .js .jsp #no_cache deny QUERY ################################################## ############### # SNMP ################################################## ############### snmp_port 3401 acl snmpsquid snmp_community public snmp_access allow snmpsquid localhost snmp_access deny all ################################################## ############### # ALLOWED ACCESS ################################################## ############### acl persegi src 192.168.0.0/24 ## Sesuaikan http_access allow persegi http_access allow localhost http_access deny all http_reply_access allow all icp_access allow persegi icp_access allow localhost icp_access deny all always_direct deny all ################################################## ############### # Cache CGI & Administrative ################################################## ############### cache_mgr batamwarnet@batamwarnet.com cachemgr_passwd 123 all visible_hostname proxy.bless.net cache_effective_user proxy cache_effective_group proxy coredump_dir /var/spool/squid shutdown_lifetime 10 seconds logfile_rotate 14 cache_mgr enchone@bless.net ################################################## ############### # Squid ZPH

################################################## ############### seting pembagian hardisk di squid 1 gb /boot flad 3 gb / 4 gb /usr 4 gb /var 1 gb swap 15 gb/home/proxy1 15 gb/home/proxy2 15 gb/home/proxy3 sisanya di jadiin share, hdd ukuran 80 gb... oke itu dulu semoga bermanfaat ya

Viewed 12350 times, 27 so far today Load Balancing Mikrotik 2 Speedy by irgunawan on Oct.07, 2009, under Artikel, My Design, Network Visited 12351 times, 28 so far today setting dulu mikrotik sebagai gateway standartnya kut .. lalu di setting di bagian beri

/ ip address add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface =client add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 interface =speedy2 add address=192.168.2.2/24 network=10.112.0.0 broadcast=192.168.2.255 interface= speedy1 / ip route add dst-address=0.0.0.0/0 gateway=192.168.1.1,192.168.2.1 check-gateway=ping /ip firewall nat add chain=srcnat out-interface=speedy1 action=masquerade add chain=srcnat out-interface=speedy2 action=masquerade / ip firewall mangle add chain=input in-interface=speedy1 action=mark-connection new-connection-mark= speedy1_conn add chain=input in-interface=speedy2 action=mark-connection new-connection-mark= speedy2_conn add chain=output connection-mark=speedy1_conn action=mark-routing new-routing-ma rk=to_speedy1 add chain=output connection-mark=speedy2_conn action=mark-routing new-routing-ma rk=to_speedy2 / ip route add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_speedy1 add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_speedy2