3 bagian yang pokok dalam script Load Balance ini adalah difirewall mangle, nat dan route ...
/ ip address
add address=192.168.0.254/24 network=192.168.0.0 broadcast=192.168.0.255 \interface=local comment=”to-switch” disabled=no
add address=192.168.1.2/24 network=192.168.1.0 broadcast=192.168.1.255 \interface=internet comment=”to-speedy-1” disabled=no
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255 \interface=swap comment=”to-speedy-2” disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=local connection-state=new nth=1,1,0 \action=mark-connection new-connection-mark=speedy-1 passthrough=yes disabled=no
add chain=prerouting in-interface=local connection-mark=speedy-1 \action=mark-routing new-routing-mark=speedy-1 passthrough=no disabled=no
add chain=prerouting in-interface=local connection-state=new nth=1,1,1 \action=mark-connection new-connection-mark=speedy-2 passthrough=yes disabled=no
add chain=prerouting in-interface=local connection-mark=speedy-2 \action=mark-routing new-routing-mark=Speedy-2 passthrough=no disabled=no
/ ip firewall nat
add chain=srcnat connection-mark=speedy-1 action=src-nat to-addresses=192.168.1.2 \to-ports=0-65535 disabled=no
add chain=srcnat connection-mark=speedy-2 action=src-nat to-addresses=192.168.2.2 \to-ports=0-65535 disabled=no
Lebih baik jika dial-up nya tidak langsung dari modem karena beban modem akan menjadi lebih ringan ( terlebih jika digunakan 24 jam ), tapi karena keduanya sama-sama menggunakan TELKOM Speedy, gateway-nya menjadi sama (dalam hal ini 125.163.255.1) dan menyebabkan salah satu-nya tidak bisa connect ( tergantung mana yang lebih dulu tersambung entah speedy-1 atau speedy-2 ),
so.. speedy-2 dial langsung dari modem dan speedy-1 dial dari MikroTik,Script untuk dial-up Speedy :
/interface
pppoe-client add name=pppoe-user-speedy user=xxxx@telkom.net password=******* \ interface=internet service-name=internet disabled=no
Routing menjadi kunci utama dalam Load balancing ini, gateway di rule ketiga berarti speedy-1 akan menjadi primary.
/ ip route
add dst-address=0.0.0.0/0 gateway=125.163.255.1 scope=255 target-scope=10 \ routing-mark=speedy-1 comment="speedy-1" disabled=no
add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 \ routing-mark=speedy-2 comment="speedy-2" disabled=no
add dst-address=0.0.0.0/0 gateway=125.163.255.1 scope=255 target-scope=10 \ comment="primary connection" disabled=no
Semoga bermanfaat,
xerophie.blogspot.com
Tidak ada komentar:
Posting Komentar