Tut FullSpeed dari cache internalnya mikrotik

Posted: Juli 31, 2011 in Jaringan Komputer

Menggunakan internal Proxynya mikrotik versi crack(2.9) ternyata masih bisa. dari pada pakai komputer lagi mending pakai internalnya saja. cuman hasilnya memang belum seoptimal kalo pakai external proxy(terutama di bagain bandwith manjemennya) tetapi masih memuaskan.(sudah ditest cuman kadang terasa kurang memuaskan, tetapi bisa membantu meningkatkan perfoma)

1. IP Modem:

– 192.168.10.1
2. IP Mikrotik:
– 192.168.1.1 = local
– 192.168.10.2 = public/ke modem speedy

3. IP Client: 192.168.1.0/24

 

kita masuk ke mikrotiknya:

/ ip address
add address=192.168.10.2/24 network=192.168.10.0 broadcast=192.168.10.255 \
interface=Public comment=”” disabled=no
add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 \
interface=Lan comment=”” disabled=no

Setting Route :

/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.10.1 scope=255 target-scope=10 \
comment=”” disabled=no

 

Setting DNS :

/ ip dns
set primary-dns=192.168.10.1 \
allow-remote-requests=no cache-size=2048KiB cache-max-ttl=1w

ip web-proxy pr
enabled: yes
src-address: 0.0.0.0
port: 3128
hostname: “proxy”
transparent-proxy: yes
parent-proxy: 0.0.0.0:0
cache-administrator: “webmaster”
max-object-size: 4096KiB
cache-drive: system
max-cache-size: none
max-ram-cache-size: unlimited
status: running
reserved-for-cache: 0KiB
reserved-for-ram-cache: 154624KiB

Setting NAT :

/ ip firewall nat
add chain=dstnat src-address=192.168.1.0/24 protocol=tcp dst-port=80 \
action=redirect to-ports=3128 comment=”” disabled=no
add chain=srcnat out-interface=Public action=masquerade comment=”” disabled=no

 

Ok, Sekarang Mangglenya :

/ ip firewall mangle
add chain=prerouting protocol=icmp action=mark-connection \
new-connection-mark=icmp-con passthrough=yes comment=”” disabled=no
add chain=prerouting protocol=icmp connection-mark=icmp-con\
action=mark-packet new-packet-mark=icmp-pkt\
passthrough=no comment=”” disabled=no add chain=prerouting action=mark-connection new-connection-mark=con-up\
passthrough=yes comment=””
add chain=prerouting action=mark-paket new-paket-mark=all-pkt
conection-mark=con-up passthrough=no comment=””

add chain=output content=”X-Cache: HIT” action=mark-connection
new-connection-mark=proxy-con passthrough=yes comment=”” disabled=no
add chain=output connection-mark=proxy-con action=mark-packet
new-packet-mark=proxy-pkt passthrough=no comment=”” disabled=no

add chain=forward action=mark-connection new-connection-mark=direct-con
passthrough=yes comment=”” disabled=no
add chain=forward protocol=tcp connection-mark=direct-con
action=mark-packet new-packet-mark=all-pkt passthrough=no
comment=”” disabled=no
add chain=output protocol=tcp connection-mark=direct-con
action=mark-packet new-packet-mark=all-pkt passthrough=no
comment=”” disabled=no

 

Setelah manggle-nya kita buat simple queuenya:

add name=”proxy-HIT” dst-address=0.0.0.0/0 interface=all parent=none \
packet-marks=proxy-pkt direction=both priority=8 \
queue=default-small/default-small limit-at=0/0 max-limit=0/0 \
total-queue=default-small disabled=no comment=”paling atas”
add name=”Ping-queue” dst-address=0.0.0.0/0 interface=all parent=none \
packet-marks=icmp-pkt direction=both priority=2 \
queue=default-small/default-small limit-at=0/0 max-limit=0/0 \
total-queue=default-small disabled=no comment=”supaya ping kecil”
add name=”Parent-queue” dst-address=0.0.0.0/0 interface=all parent=none \
direction=both priority=8 queue=default-small/default-small limit-at=0/0 \
max-limit=45000/300000 total-queue=default-small disabled=no
add name=”All-Trafik” target-addresses=192.168.1.0/24 \
dst-address=0.0.0.0/0 interface=all parent=Parent-queue \
packet-marks=all-pkt direction=both priority=8
queue=default-small/default-small limit-at=4500/30000
max-limit=45000/300000 total-queue=default-small disabled=no

 Untuk yang bold bisa di masukkan per ip komputer biar lebih bagus queuenya.
sudah saya coba dan hasilnya cukup memuaskan. bisa digabung dengan teknik load balancing. caranya untuk yang dari proxy-con tidak usah dibuat lagi nthnya. yang dibuat nthnya yang untuk direct-con nya saja.

Iklan

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s