Setting Mikrotik 2 line speedy untuk warnet

Setting Mikrotik 2 line speedy untuk warnet
Iseng cuma buat sinpan data aja.. setting mikrotik 2 line speedy dengan mikrotik dengan memisahkan ip game dan browsing, agar menuju Jalur nya masing masing...

rencana routerdibuat 3 in 1, yaitu warnet di mana Game+Browsing dan Download + Bermain game online bisa kita laksanakan dalam 1 PC.

ok lanjut : topologi yang saya gunakan dengan menggunakan 2 line speedy yaitu speedy Excekutif dan speedy Game

topologi :

Speedy1------->|MikroTik|--------Client
-----------------|
Speedy2------->|
-----------------|
Proxy ubuntu---|

Speck :
= Speedy Game
= Speedy Excekutif
= mikrotik RB 450G
= Squid Proxy Settingnya di sini

di sini hanya akan mengulas Mikrotik nya aja di mana saya Menggunakan RB 450G

interpace 1 : lan
interface 2 : speedy game (jalur game )
interface 3 : speedy Excekutif ( jalur browsing )
interface 4 : Proxy ( ubuntu server 10.10 )

interface yang terpakai sebanyak 4 interface dari 5 interface rb 450G
[admin@Mitr@Net] > interface pr

Flags: D - dynamic, X - disabled, R - running, S - slave

# NAME TYPE MTU L2MTU

0 R lan ether 1500

1 R speedy5.1 ether 1500

2 R speedy3.1 ether 1500

3 R proxy ether 1500

memberikan ip dan nama pada masing masing interface

[admin@Mitr@Net] > ip address pr

Flags: X - disabled, I - invalid, D - dynamic

# ADDRESS NETWORK BROADCAST INTERFACE

0 192.168.10.1/24 192.168.10.0 192.168.10.255 lan

1 192.168.1.1/24 192.168.1.0 192.168.1.255 proxy

2 192.168.5.2/24 192.168.5.0 192.168.5.255 speedy5.1

3 192.168.3.2/24 192.168.3.0 192.168.3.255 speedy3.1


Proses pppoe only via modem sehingga gatway mikrotik adalah ip modem

[admin@MikroTik] > ip route pr

Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,

B - blackhole, U - unreachable, P - prohibit

# DST-ADDRESS PREF-SRC GATEWAY DISTANCE

0 A S 0.0.0.0/0 192.168.3.1 1

1 A S 0.0.0.0/0 192.168.5.1 1

2 ADC 192.168.1.0/24 192.168.1.1 proxy 0

3 ADC 192.168.3.0/24 192.168.3.2 speedy3.1 0

4 ADC 192.168.5.0/24 192.168.5.2 speedy5.1 0

5 ADC 192.168.10.0/24 192.168.10.1 lan 0


NB : ip modem : 192.168.3.1 & 192.168.5.1
---- ip Proxy : 192.168.1.10




nat untuk menyambungkan masing masing interface pada mikrotik

[admin@Mitr@Net] > ip firewall nat pr


Flags: X - disabled, I - invalid, D - dynamic


0 chain=srcnat action=masquerade src-address=192.168.10.0/24 routing-mark=iix dst-address-list=nice
out-interface=speedy3.1


1 chain=srcnat action=masquerade src-address=192.168.1.0/24


2 chain=srcnat action=masquerade src-address=192.168.10.0/24 out-interface=speedy5.1


3 chain=dstnat action=dst-nat to-addresses=192.168.1.10 to-ports=3128 protocol=tcp src-address=!192.168.1.10
routing-mark=!iix dst-port=80


4 chain=dstnat action=dst-nat to-addresses=192.168.1.10 to-ports=3128 protocol=tcp dst-port=8080



Memasang jebakan untuk trafik yang berasal dari lan, agar bisa diproses dan menuju post nya masing masing

[admin@Mitr@Net > ip firewall mangle pr

Flags: X - disabled, I - invalid, D - dynamic

0 ;;; squid
chain=postrouting action=mark-packet new-packet-mark=proxy-hit
passthrough=no dscp=12


1 ;;; game
chain=prerouting action=mark-routing new-routing-mark=iix passthrough=no
protocol=tcp src-address=192.168.10.0/24 dst-address-list=nice
dst-port=!80


2 ;;; game udp
chain=prerouting action=mark-routing new-routing-mark=iix passthrough=no
protocol=udp src-address=192.168.10.0/24 dst-address-list=nice
dst-port=!80



3 ;;; browsing
chain=forward action=mark-connection new-connection-mark=semua
passthrough=yes src-address=192.168.10.0/26 dst-address=!202.58.181.0/24
dst-address-list=!nice


4 chain=postrouting action=mark-packet new-packet-mark=paket_kecil
passthrough=no protocol=tcp connection-mark=semua
connection-bytes=0-600000



5 chain=postrouting action=mark-packet new-packet-mark=paket_besar
passthrough=no connection-mark=semua



mengatur bandwith hasil jebakan dari firewall

[admin@Mitr@Net > queue tree pr

Flags: X - disabled, I - invalid

0 name="File_Besar" parent=B-Global-Download packet-mark=paket_besar
limit-at=64k queue=PCQ_download priority=8 max-limit=456k burst-limit=0
burst-threshold=0 burst-time=0s


1 name="File_Kecil" parent=B-Global-Download packet-mark=paket_kecil
limit-at=256k queue=PCQ_download priority=1 max-limit=1400k
burst-limit=0 burst-threshold=0 burst-time=0s


2 name="Upload_Kecil" parent=C-Global_Upload packet-mark=paket_kecil
limit-at=64k queue=PCQ_upload priority=8 max-limit=350k burst-limit=0
burst-threshold=0 burst-time=0s


3 name="Upload_Besar" parent=C-Global_Upload packet-mark=paket_besar
limit-at=24k queue=PCQ_upload priority=8 max-limit=85k burst-limit=0
burst-threshold=0 burst-time=0s


4 name="A_HIT-Proxy" parent=lan packet-mark=proxy-hit limit-at=0
queue=default priority=1 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s


5 name="C-Global_Upload" parent=proxy packet-mark="" limit-at=0 priority=1
max-limit=500k burst-limit=0 burst-threshold=0 burst-time=0s


6 name="B-Global-Download" parent=lan packet-mark="" limit-at=0 priority=1
max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s


isi file Nice :

[admin@Mitr@Net] > ip firewall address pr

Flags: X - disabled, D - dynamic

# LIST ADDRESS

0 nice 202.10.32.0/24

1 nice 202.75.54.0/24

2 nice 202.93.20.0/24

3 nice 202.93.21.0/24

4 ;;; POINT BLANK
nice 203.89.146.0/24

5 nice 202.93.17.0/24

6 ;;; POIN BLANK!!
nice 216.239.61.0/24

7 nice 119.110.107.0/24

........................ sampai disini udah bisa berjalan normal