Konsep Load Balance 2 Line Speedy dan Eksternal Proxy

Merujuk dari Tutorial Yang di Buat Mas Doni Permono di FMI, dan Merujuk Konsep LB dari Bang Akangage dan Kesimpulan dari Torch Port Game Online Indonesia yang selama ini di himpun. maka kali ini sy akan membuat sebuah Rule Sederhana dalam Load Balance 2 Line  Speedy  1 Mbps + 1Mbps dengan Eksternal Proxy. Model Load Balance yang sy gunakan dalam tutorial kali ini adalah dengan PCC

Introduce nya Disini :

PCC matcher will allow you to divide traffic into equal streams with ability to keep packets with specific set of options in one particular stream (you can specify this set of options from src-address, src-port, dst-address, dst-port)

Konfigurasi Jalur sbb:

1. ether1-modem1 —> 192.168.2.2/24
2. ether2-hub —> 192.168.1.1/24
3. ether3- —-> swith ke ether2
4. ether3-proxy —-> 192.168.5.1/24
5. ether5-modem2 —> 192.168.3.2/24

IP address Perangkat lain :

1. Modem 1 —-> 192.168.2.1 (mode Bridge)
2. Ip Komputer Proxy —-> 192.168.5.2
3. Modem 2 —> 192.168.3.1 (mode Bridge)

Pertama yang perlu di Perhatikan Dalam Implementasi Ini adalah :

1. PPoe Client sudah Berjalan Normal ( /ppp ppoeclient) —-> saya beri nama speda dan speda2
2. DNS server yg sy gunakan DNS Google ( 8.8.8.8, 8.8.4.4) Di terapkan Rule Pemkasaan Port 53 UDP ke DNS Google.
3. Menggunakan Simple que (karena Konsep sederhana aja jadi ya simple-simple aja )
4. By Pass HIT dari Proxy semampunya ethernet
5. RB yang di gunakan disini Rb 750GL (Plastik)
6. Proxy dalam Vmaware (satu komputer dengan Billing Warnet, 2 Line Card , 2 Hardisk)

Address List :

/ip firewall address-list
add address=192.168.5.0/24 disabled=no list=ProxyNAT
add address=192.168.1.0/24 disabled=no list=LAN
add address=192.168.1.11 disabled=no list=Klien
add address=192.168.1.12 disabled=no list=Klien
add address=192.168.1.13 disabled=no list=Klien
add address=192.168.1.14 disabled=no list=Klien
add address=192.168.1.15 disabled=no list=Klien
add address=192.168.1.25 disabled=no list=Klien
add address=192.168.1.16 disabled=no list=Klien
add address=192.168.2.0/24 disabled=no list=modem
add address=192.168.3.0/24 disabled=no list=modem

Script Mangel nya :

/ip firewall mangle
add action=mark-packet chain=postrouting comment=\
"HIT PROXY By Pas Limit Simpel" disabled=no dscp=12 new-packet-mark=HIT \
passthrough=no
add action=mark-connection chain=prerouting comment=\
"-------->>>LOAD BALANCE PROXY PCC" connection-state=new disabled=no \
in-interface=ether4-proxy new-connection-mark=PROXY-1 passthrough=yes
add action=mark-connection chain=prerouting connection-state=new disabled=no \
in-interface=ether4-proxy new-connection-mark=PROXY-2 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=PROXY-1 disabled=\
no in-interface=ether4-proxy new-connection-mark=PROXY-1 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=PROXY-2 disabled=\
no in-interface=ether4-proxy new-connection-mark=PROXY-2 passthrough=yes
add action=mark-connection chain=prerouting disabled=no dst-address-list=\
!modem dst-address-type=!local dst-port=80,81,8080,3128 in-interface=\
ether4-proxy new-connection-mark=PROXY-1 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=\
!modem dst-address-type=!local dst-port=80,81,8080,3128 in-interface=\
ether4-proxy new-connection-mark=PROXY-2 passthrough=yes \
per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp
add action=mark-routing chain=prerouting connection-mark=PROXY-1 disabled=no \
in-interface=ether4-proxy new-routing-mark=Route-Proxy-1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=PROXY-2 disabled=no \
in-interface=ether4-proxy new-routing-mark=Route-Proxy-2 passthrough=yes
add action=mark-connection chain=input comment=\
"-------->>>LOAD BALANCE LOKAL" connection-state=new disabled=no \
in-interface=ether2-hub new-connection-mark=ADSL-1 passthrough=yes
add action=mark-connection chain=input connection-state=new disabled=no \
in-interface=ether2-hub new-connection-mark=ADSL-2 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=ADSL-1 disabled=\
no in-interface=ether2-hub new-connection-mark=ADSL-1 passthrough=no
add action=mark-connection chain=prerouting connection-mark=ADSL-2 disabled=\
no in-interface=ether2-hub new-connection-mark=ADSL-2 passthrough=no
add action=mark-connection chain=prerouting comment=\
"------>>>>Disable Jika Proxy Hidup" disabled=no dst-address-list=!LAN \
dst-address-type=!local dst-port=!80,81,8080,3128 in-interface=ether2-hub \
new-connection-mark=ADSL-1 passthrough=yes per-connection-classifier=\
both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=!LAN \
dst-address-type=!local dst-port=!80,81,8080,3128 in-interface=ether2-hub \
new-connection-mark=ADSL-2 passthrough=yes per-connection-classifier=\
both-addresses-and-ports:2/1 protocol=tcp
add action=mark-connection chain=prerouting comment=\
"------->>>>Enable Jika Proxy Mati" disabled=yes dst-address-list=!LAN \
dst-address-type=!local in-interface=ether2-hub new-connection-mark=\
ADSL-1 passthrough=yes per-connection-classifier=\
both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting disabled=yes dst-address-list=\
!LAN dst-address-type=!local in-interface=ether2-hub new-connection-mark=\
ADSL-2 passthrough=yes per-connection-classifier=\
both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting connection-mark=ADSL-1 disabled=no \
in-interface=ether2-hub new-routing-mark=jalur-1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=ADSL-2 disabled=no \
in-interface=ether2-hub new-routing-mark=jalur-2 passthrough=yes
add action=mark-connection chain=game comment=\
"-----> Game Onlie Indonesia TCP" disabled=no dst-address=203.89.146.0/23 \
dst-port=39190,49100 new-connection-mark=Game passthrough=yes protocol=\
tcp
add action=mark-connection chain=game comment="-----> Group Gemscool" \
disabled=no dst-port=\
39100,39110,39220,39190,49100,19101,19000,4300,15152,14009-14010 \
new-connection-mark=Game passthrough=yes protocol=tcp
add action=mark-connection chain=game comment="-----> Group Megaxus" \
disabled=no dst-port=5340-5352,18901-18909,7777 new-connection-mark=Game \
passthrough=yes protocol=tcp
add action=mark-connection chain=game comment="-----> Group Lettoy" disabled=\
no dst-port=1818,2001,9600-9602,13413,10009,29000,15000-15002,22100 \
new-connection-mark=Game passthrough=yes protocol=tcp
add action=mark-connection chain=game comment="-----> Group ETC/dll" \
disabled=no dst-port=12009,14004,9339,843 new-connection-mark=Game \
passthrough=yes protocol=tcp
add action=mark-connection chain=game comment=\
"-----> Game Onlie Indonesia UDP" disabled=no dst-address=203.89.146.0/23 \
dst-port=40000-40010 new-connection-mark=Game passthrough=yes protocol=\
udp
add action=mark-connection chain=game comment="-----> Game UDP" disabled=no \
dst-port=14009-14010 new-connection-mark=Game passthrough=yes protocol=\
udp
add action=mark-packet chain=game connection-mark=Game disabled=no \
new-packet-mark=Game_pkt passthrough=no
add action=mark-routing chain=prerouting comment="Game Routing Statik" \
connection-mark=Game disabled=no dst-address-list=ipgame in-interface=\
ether2-hub new-routing-mark=Game_OL_Route passthrough=no \
src-address-list=LAN
add action=jump chain=prerouting disabled=no jump-target=game

Rule Untuk Filter IP Game Online

/ip firewall filter
add action=drop chain=forward disabled=yes in-interface=ether2-hub protocol=\
tcp src-address-list=!Klien
add action=add-dst-to-address-list address-list=ipgame address-list-timeout=\
0s chain=forward comment="SCANNER IP Game + Poker Website" disabled=no \
dst-port=843 protocol=tcp
add action=add-dst-to-address-list address-list=ipgame address-list-timeout=\
0s chain=forward disabled=no dst-port=9339 protocol=tcp
add action=add-dst-to-address-list address-list=ipgame address-list-timeout=\
0s chain=forward disabled=no dst-port=39190 protocol=tcp
add action=add-dst-to-address-list address-list=ipgame address-list-timeout=\
0s chain=forward disabled=no dst-port=49100 protocol=tcp
add action=add-dst-to-address-list address-list=ipgame address-list-timeout=\
0s chain=forward disabled=no dst-port=\
1818,2001,9600-9602,13413,10009,29000,15000-15002,22100 protocol=tcp
add action=add-dst-to-address-list address-list=ipgame address-list-timeout=\
0s chain=forward disabled=no dst-port=5340-5352,18901-18909,7777 \
protocol=tcp
add action=add-dst-to-address-list address-list=ipgame address-list-timeout=\
0s chain=forward disabled=no dst-port=40000-40010 protocol=udp

Routing Nya

/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=speda routing-mark=\
Route-Proxy-1 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=speda2 routing-mark=\
Route-Proxy-2 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=speda routing-mark=\
jalur-1 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=speda2 routing-mark=\
jalur-2 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=speda2 routing-mark=\
Game_OL_Route scope=30 target-scope=10
add disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=speda2 \
routing-mark=Game_OL_Route scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=speda scope=30 \
target-scope=10
add disabled=no distance=2 dst-address=0.0.0.0/0 gateway=speda2 scope=30 \
target-scope=10

Untuk Rule Que Tree dan Que Simple 2 line speedy 1 mbps + 1mbps ( up256kbps, down 1mbps) di bagi 7 Komputer ( 6 klien 1 billing)

/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=70M name=ProxyHIT packet-mark=HIT parent=global-out priority=1 \
queue=default
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=50M name=Game packet-mark=Game_pkt parent=global-out priority=1 \
queue=default

 

/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \
disabled=no interface=ether2-hub limit-at=0/0 max-limit=1M/3M name=Utama \
parent=none priority=8 queue=default-small/default-small \
target-addresses=192.168.1.0/24 total-queue=default-small
add burst-limit=256k/2M burst-threshold=128k/1M burst-time=10s/10s direction=\
both disabled=no interface=all limit-at=128k/256k max-limit=128k/512k \
name=BIlling parent=Utama priority=8 queue=default-small/default-small \
target-addresses=192.168.1.25/32 total-queue=default-small
add burst-limit=384k/2M burst-threshold=128k/1M burst-time=10s/10s direction=\
both disabled=no interface=all limit-at=128k/256k max-limit=128k/512k \
name=Klien1 parent=Utama priority=8 queue=default-small/default-small \
target-addresses=192.168.1.11/32 total-queue=default-small
add burst-limit=256k/2M burst-threshold=128k/1M burst-time=10s/10s direction=\
both disabled=no interface=all limit-at=128k/256k max-limit=128k/512k \
name=Klien2 parent=Utama priority=8 queue=default-small/default-small \
target-addresses=192.168.1.12/32 total-queue=default-small
add burst-limit=256k/2M burst-threshold=128k/1M burst-time=10s/10s direction=\
both disabled=no interface=all limit-at=64k/256k max-limit=128k/512k \
name=Klien3 parent=Utama priority=8 queue=default-small/default-small \
target-addresses=192.168.1.13/32 total-queue=default-small
add burst-limit=384k/2M burst-threshold=256k/1M burst-time=10s/10s direction=\
both disabled=no interface=all limit-at=128k/256k max-limit=128k/512k \
name=Klien4 parent=Utama priority=8 queue=default-small/default-small \
target-addresses=192.168.1.14/32 total-queue=default-small
add burst-limit=256k/2M burst-threshold=128k/1M burst-time=10s/10s direction=\
both disabled=no interface=all limit-at=64k/256k max-limit=128k/512k \
name=Klien5 parent=Utama priority=8 queue=default-small/default-small \
target-addresses=192.168.1.15/32 total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \
disabled=no interface=all limit-at=0/0 max-limit=2M/2M name=Game \
packet-marks=Game_pkt parent=none priority=1 queue=\
default-small/default-small total-queue=default-small
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \
disabled=no interface=all limit-at=0/0 max-limit=50M/50M name=HIT \
packet-marks=HIT parent=none priority=2 queue=default-small/default-small \
total-queue=default-small
add burst-limit=256k/2M burst-threshold=128k/1M burst-time=10s/10s direction=\
both disabled=no interface=all limit-at=64k/256k max-limit=128k/512k \
name=klien6 parent=Utama priority=8 queue=default-small/default-small \
target-addresses=192.168.1.16/32 total-queue=default-small

Dengan Pembagian Sederhana dan Simple. Penyesuaian Pada Parent Untuk Browsing (utama) bisa di perkecil sesuai kondisi jaringan.

sekali lagi dari tulisan ini saya sadar masih banyak kekurangan dan ketidak sempurnaan dalam penyusunan. maaf jika tidak ada credit title yang belum sy masukan dalam tulisan ini.

Studi Kasus Real Adanya. dan Di testing Seadanya.

Catatan Pembaca :

Script Auto Disabel dan Enabel Mangel belum ditambahkan dalam Rule diatas, jadi maaf ya 🙂

Script auto disable dan Enable NAT sy sertakan di bawah ini.

Demikan Implementasi Sederhana Load Balance 2 line Speedy 1 mpbs + 1 Mbps dengan Eksternal Proxy

Terima Kasih Kepada :

akangage, Doni Permono, Hendra A.K.A uburcumi, Ucog karnadi