Renungan Ayat Suci Al-Qur'an

Selasa, 17 Mei 2011

Load Balancing Mikrotik + Proxy 

/in eth
set ether1 name="intranet"  disabled=no
set ether2 name="speedy-1"  disabled=no
set ether3 name="speedy-2"  disabled=no
set ether4 name="proxy"  disabled=no
/ip add
add address=192.168.1.2/24 interface=speedy-1 comment="ke speedy-1"
add address=192.168.2.2/24 interface=speedy-2 comment="ke speedy-2"
add address=192.168.11.1/27 interface=intranet comment="ke Hub"
add address=192.168.10.2/30 interface=proxy comment="ke-proxy"

/ ip dns
set primary-dns=202.134.1.10 secondary-dns=202.134.0.155 \
allow-remote-requests=yes cache-size=4048KiB cache-max-ttl=1w 
/ ip firewall mangle
add chain=prerouting in-interface=intranet connection-state=new nth=1,2,0 \
action=mark-connection new-connection-mark=satu passthrough=yes comment=""
add chain=prerouting in-interface=intranet connection-mark=satu \
action=mark-routing new-routing-mark=satu passthrough=no comment=""
add chain=prerouting in-interface=intranet connection-state=new nth=1,2,1 \
action=mark-connection new-connection-mark=dua passthrough=yes comment=""
add chain=prerouting in-interface=intranet connection-mark=dua \
action=mark-routing new-routing-mark=dua passthrough=no comment="" disabled=no
add chain=prerouting in-interface=proxy connection-state=new nth=1,2,0 \
action=mark-connection new-connection-mark=tiga passthrough=yes comment=""
add chain=prerouting in-interface=proxy connection-mark=tiga \
action=mark-routing new-routing-mark=tiga passthrough=no comment=""
add chain=prerouting in-interface=proxy connection-state=new nth=1,2,1 \
action=mark-connection new-connection-mark=empat passthrough=yes comment=""
add chain=prerouting in-interface=proxy connection-mark=empat \
action=mark-routing new-routing-mark=empat passthrough=no comment="" disabled=no
/ ip firewall nat
add chain=srcnat out-interface=speedy-1 connection-mark=satu \
action=src-nat to-addresses=192.168.1.1 to-ports=0-65535 comment="" disabled=no
add chain=srcnat out-interface=speedy-2 connection-mark=dua \
action=src-nat to-addresses=192.168.2.1 to-ports=0-65535 comment="" disabled=no
add chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=3128
add chain=dstnat protocol=tcp dst-port=3128 action=redirect to-ports=3128
add chain=dstnat protocol=tcp dst-port=8080 action=redirect to-ports=3128
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=2s tcp-syn-received-timeout=2s \
tcp-established-timeout=1d tcp-fin-wait-timeout=5s tcp-close-wait-timeout=5s \
tcp-last-ack-timeout=5s tcp-time-wait-timeout=5s tcp-close-timeout=5s udp-timeout=5s \
udp-stream-timeout=1m icmp-timeout=5s generic-timeout=5m tcp-syncookie=no
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10 \
routing-mark=satu comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 \
routing-mark=dua comment="" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.1.1 scope=255 target-scope=10
/ ip proxy
set enabled=yes port=3128 parent-proxy=192.168.10.1:3128 \
maximal-client-connecions=1000 maximal-server-connectons=1000
Diposting oleh GOLDEN NET Jam 05.33.00
Label:

0 komentar:

Posting Komentar

~ Keep Respect & Peace ~

Langganan: Posting Komentar (Atom)