LoadBalancing PCC Berbeda ISP

Load balancing PCC Berbeda ISP - Lama sudah tidak setting-setting mikrotik, karena males, karena ada kerjaan lain juga dan terlalu asyik sosmedan tak penting. 

Kali ini berkesempatan kembali setting mikrotik untuk loadbalancing, yang saya remote menggunakan teamviewer dari Jakarta ke komputer client di Sulawesi Utara. Pelanggan lama saya sih sebenernya, dan berkomunikasi kembali setelah sekian lama vacum.


 

Sekali lagi perlu diingat, bahwa Teknik Loadbalance bukanlah teknik untuk menggabungkan bandwidth, tetapi teknik untuk membagi paket ke beberapa isp dengan merata. Jadi kalau keinginan loadbalance untuk menggabung bandwidth tentu ini salah persepsi. Berikut mangle loadbalance pcc berbeda isp yang saya gunakan.

/ip fi mang 
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether1 new-connection-mark=ether1cn
add action=mark-routing chain=output connection-mark=ether1cn new-routing-mark=1
add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether2 new-connection-mark=ether2cn
add action=mark-routing chain=output connection-mark=ether2cn new-routing-mark=2
add action=mark-connection chain=prerouting dst-port=80,8080 in-interface=ether5 new-connection-mark=indicn per-connection-classifier=src-address-and-port:2/0 protocol=tcp src-address=192.168.80.0/24
add action=mark-routing chain=prerouting connection-mark=indicn in-interface=ether5 new-routing-mark=1 passthrough=no
add action=mark-connection chain=prerouting dst-port=80,8080 in-interface=ether5 new-connection-mark=iconcn per-connection-classifier=src-address-and-port:2/1 protocol=tcp src-address=192.168.80.0/24
add action=mark-routing chain=prerouting connection-mark=iconcn in-interface=ether5 new-routing-mark=2 passthrough=no
add action=mark-connection chain=prerouting in-interface=ether5 new-connection-mark=indicn per-connection-classifier=both-addresses:2/0 src-address=192.168.80.0/24
add action=mark-routing chain=prerouting connection-mark=indicn in-interface=ether5 new-routing-mark=1 passthrough=no
add action=mark-connection chain=prerouting in-interface=ether5 new-connection-mark=iconcn per-connection-classifier=both-addresses:2/1 src-address=192.168.80.0/24
add action=mark-routing chain=prerouting connection-mark=iconcn in-interface=ether5 new-routing-mark=2 passthrough=no

Yang ingin loadbalance koneksi internet di mikrotiknya boleh nih dicoba, mangle ini eksekusi di /ip route saya tak buat route nya disini silahkan diexplore sendiri ya.

Jasa Setting Mikrotik - 0857 6381 0001

Cara LoadBalancing PCC Mikrotik 4 Line PPPOE-OUT

Cara LoadBalancing PCC Mikrotik 4 Line PPPOE-OUT - sebenarnya sampai saat ini ada dua teknik load balancing di mikrotik, ada yang menggunakan NTH ada pula yang menggunakan pcc, dan metoda pcc ini sudah jauh hari ada, namun baru sempat saya menuliskannya disini, ini pun sekedar dokumentasi saya saat membuat load balancing di router mikrotik client saya, mini isp di kolut sulawesi.

Seperti biasa setting mikrotik mini isp di kolut(Kolaka Utara), Saya setting lewat remote winbox kesana. Metode loadbalancing pcc berikut adalah dialing di mikrotik, bukan dial di modem speedy, tulisan asli soal pcc 4 line ini saya ambil dari sebuah blog, sepertinya blok orang fakistan, namun saya modifikasi ulang karena didalamnya saya menemukan ke anehan di bagian /ip firewall nat dan /ip routing yang memuat routing yang berulang-ulang entah saya yang salah entah artikel tersebut, namun saya lebih menyukai seperti load balancing yang saya gunakaan disini dengan 4 buah masquerade pada masing-masing pppoe-out, tanpa harus membuat masquerade secara global.

Beliau itu memiliki masquerade seperti di bawah ini,

/ip firewall nat
add chain=srcnat out-interface=internet1 action=masquerade
add chain=srcnat out-interface=internet2 action=masquerade
add chain=srcnat out-interface=internet3 action=masquerade
add chain=srcnat out-interface=internet4 action=masquerade
add chain=srcnat out-interface=internet5 action=masquerade

add chain=srcnat action=masquerade
add chain=srcnat action=masquerade
add chain=srcnat action=masquerade
add chain=srcnat action=masquerade
add chain=srcnat action=masquerade

Bagi saya jikalau sudah menggunakan add chain=srcnat action=masquerade tidak perlu lagi membuat masquerade per-interface wan-nya. Tapi entah mungkin saya yang salah, correct me if im wrong.. :)

/ip firewall mangle

add chain=input in-interface=pppoe-out1 action=mark-connection new-connection-mark=internet1_conn
add chain=input in-interface=pppoe-out2 action=mark-connection new-connection-mark=internet2_conn
add chain=input in-interface=pppoe-out3 action=mark-connection new-connection-mark=internet3_conn
add chain=input in-interface=pppoe-out4 action=mark-connection new-connection-mark=internet4_conn


add chain=output connection-mark=internet1_conn action=mark-routing new-routing-mark=to_internet1
add chain=output connection-mark=internet2_conn action=mark-routing new-routing-mark=to_internet2
add chain=output connection-mark=internet3_conn action=mark-routing new-routing-mark=to_internet3
add chain=output connection-mark=internet4_conn action=mark-routing new-routing-mark=to_internet4


add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses:4/0 \
action=mark-connection new-connection-mark=internet1_conn passthrough=yes

add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses:4/1 \
action=mark-connection new-connection-mark=internet2_conn passthrough=yes

add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses:4/2 \
action=mark-connection new-connection-mark=internet3_conn passthrough=yes

add chain=prerouting dst-address-type=!local in-interface=ether1 per-connection-classifier=both-addresses:4/3 \
action=mark-connection new-connection-mark=internet4_conn passthrough=yes

add chain=prerouting connection-mark=internet1_conn in-interface=ether1 action=mark-routing new-routing-mark=to_internet1
add chain=prerouting connection-mark=internet2_conn in-interface=ether1 action=mark-routing new-routing-mark=to_internet2
add chain=prerouting connection-mark=internet3_conn in-interface=ether1 action=mark-routing new-routing-mark=to_internet3
add chain=prerouting connection-mark=internet4_conn in-interface=ether1 action=mark-routing new-routing-mark=to_internet4

Langkah Cara LoadBalancing PCC Mikrotik 4 Line PPPOE-OUT selanjutnya adalah melakukan routing terhadap masing-masing routing mark yang telah kita buat.

/ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out1 routing-mark=to_internet1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out2 routing-mark=to_internet2 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out3 routing-mark=to_internet3 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out4 routing-mark=to_internet4 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out4 routing-mark=game scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=pppoe-out3,pppoe-out2,pppoe-out1 scope=30 target-scope=10

Cara LoadBalancing PCC Mikrotik 4 Line PPPOE-OUT - Saya menyukai routing seperti ini timbang routing seperti artikel yang saya sebut tadi, lagi-lagi cmiiw.

Jasa setting mikrotik warnet

Jasa Setting Mikrotik Warnet Multi Indo Media Sekadau Kalimantan Barat - Jasa setting mikrotik warnet. beberapa settingan saya dokumentasikan sendiri terkadang bisa juga sudah berubah dan tidak saya gunakan lagi, namun sebagai acuan saya kadang configurasi yang diposting disini masih di ambil sebagian serta menyesuaikannya terhadap ke inginan pelanggan.

Untuk rule yang-ada lebih baik di fahami dahulu sebelum menggunakannya karena disini saya tidak menyebutkan configurasi-mikrotik ini di gunakan untuk apa yang pasti setting-mikrotik-warnet.

Penangkap dan pengoleksi ip address game online indonesia. Atau bisa juga ambil list ipnya yang ada di address-list ip game online indonesia

/ip firewall filter
add action=add-dst-to-address-list address-list=FB-Game address-list-timeout=0s chain=forward disabled=no dst-port=843,9339,8291 in-interface=ether3 protocol=\
tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 in-interface=ether3 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011 in-interface=ether3 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 in-interface=ether3 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100,4300 in-interface=ether3 protocol=tcp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010,4300 in-interface=ether3 \
protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010 in-interface=ether3 \
protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=\
1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010 in-interface=ether3 protocol=udp
add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=42051-42052,11100-11125,11440-11460 \
in-interface=ether3 protocol=udp

Jasa setting mikrotik warnet. Layer 7 Setting-mikrotik Warnet Sekadau Kalimantan Barat

/ip firewall layer7-protocol
add name=youtube regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"
add name=big regexp="^.*get.+\\.(exe|rar|zip|7z|cab|asf|mov|wmv|mpg|mpeg|mkv|avi|flv|pdf|wav|rm|mp3|mp4|ram|msu|msi|nup|vdf|rmvb|dat|daa|iso|nrg|bin|vcd|mp2|3gp\
|mpe|qt|raw|wma|ogg|doc|deb|tar|bzip|gzip|gzip2|0[0-9][0-9]).*\$"
add name=streaming regexp="a.youtube.com|d.youtube.com|e.youtube.com|f.youtube.com|g.youtube.com|h.youtube.com|i.youtube.com|j.youtube.com|l.youtube.com|c.youtu\
be.com|d.youtube.com|youtube|tube|dailymotion.com"

Untuk configurasi manglenya bisa seperti di bawah ini

/ip firewall mangle
add action=mark-packet chain=prerouting disabled=no dscp=12 new-packet-mark=hit-proxy passthrough=no protocol=tcp
add action=mark-packet chain=prerouting disabled=no new-packet-mark=icmp passthrough=no protocol=icmp
add action=mark-connection chain=prerouting comment=GAME disabled=no dst-address-list=game_online dst-port=\
1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 new-connection-mark=game_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=\
7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011 new-connection-mark=game_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=\
10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 new-connection-mark=game_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=\
19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100 new-connection-mark=game_conn passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=14009-14010 new-connection-mark=game_conn passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=14009-14010 new-connection-mark=game_conn passthrough=yes \
protocol=udp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=\
1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010 new-connection-mark=game_conn passthrough=yes protocol=udp
add action=mark-connection chain=prerouting disabled=no dst-address-list=game_online dst-port=42051-42052,11100-11125,11440-11460 new-connection-mark=game_conn \
passthrough=yes protocol=udp
add action=mark-packet chain=prerouting connection-mark=game_conn disabled=no new-packet-mark=game_pkt passthrough=no
add action=mark-connection chain=prerouting comment="Update Game" disabled=no dscp=!12 dst-address-list=game_online dst-port=80,21 new-connection-mark=\
update-conn packet-mark=!hit-proxy passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=update-conn disabled=no dscp=!12 new-packet-mark=update packet-mark=!hit-proxy passthrough=no
add action=mark-connection chain=prerouting comment=Facebook disabled=no dst-address-list=FB-Game new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=apps.facebook.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=facebook.com/apps disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=app.facebook.com/pool-live disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=static.ak.connect.facebook.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=\
!hit-proxy passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=statics.poker.static.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=\
!hit-proxy passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.ninjasaga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy passthrough=\
yes protocol=tcp
add action=mark-connection chain=prerouting content=.castle.zgncdn.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.static.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.static.zgncdn.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.empire.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.poker.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy passthrough=\
yes protocol=tcp
add action=mark-connection chain=prerouting content=.castle.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=.farmville.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy passthrough=\
yes protocol=tcp
add action=mark-connection chain=prerouting content=.farmville.zgncdn.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=akamai.net disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy passthrough=yes \
protocol=tcp
add action=mark-connection chain=prerouting content=.channel.facebook.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!hit-proxy \
passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=facebook-conn disabled=no dscp=!12 new-packet-mark=facebook packet-mark=!hit-proxy passthrough=no
add action=mark-connection chain=prerouting comment=Streaming disabled=no dscp=!12 layer7-protocol=streaming new-connection-mark=streaming-conn packet-mark=\
!hit-proxy passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting content=dailymotion.com disabled=no dscp=!12 new-connection-mark=streaming-conn packet-mark=!hit-proxy passthrough=\
yes protocol=tcp
add action=mark-connection chain=prerouting content=mivo disabled=no dscp=!12 new-connection-mark=streaming-conn packet-mark=!hit-proxy passthrough=yes \
protocol=tcp
add action=mark-packet chain=prerouting connection-mark=streaming-conn disabled=no dscp=!12 new-packet-mark=streaming passthrough=no
add action=mark-connection chain=prerouting comment=Download disabled=no dscp=!12 dst-address-list=!game_online layer7-protocol=big new-connection-mark=\
down-conn packet-mark=!hit-proxy passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=down-conn disabled=no dscp=!12 new-packet-mark=download packet-mark=!hit-proxy passthrough=no
add action=mark-connection chain=prerouting comment=Mid connection-bytes=128000-256000 connection-mark=!facebook-conn disabled=no dscp=!12 dst-address-list=\
!game_online dst-port=!80 in-interface=ether3 new-connection-mark=mid-conn packet-mark=!game_pkt passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=mid-conn disabled=no dscp=!12 new-packet-mark=mid packet-mark=!hit-proxy passthrough=no
add action=mark-connection chain=prerouting comment=High connection-bytes=256000-4294967295 connection-mark=!facebook-conn disabled=no dscp=!12 \
dst-address-list=!game_online dst-port=80 new-connection-mark=high-conn packet-mark=!game_pkt passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=high-conn disabled=no dscp=!12 new-packet-mark=high packet-mark=!hit-proxy passthrough=no
add action=mark-connection chain=prerouting comment=Small connection-bytes=160000-256000 connection-mark=!facebook-conn disabled=no dscp=!12 dst-address-list=\
!game_online dst-port=80 new-connection-mark=small-conn packet-mark=!game_pkt passthrough=yes protocol=tcp
add action=mark-packet chain=prerouting connection-mark=browse-conn disabled=no dscp=!12 new-packet-mark=browse packet-mark=!hit-proxy passthrough=no

Jasa setting mikrotik warnet

Jasa setting mikrotik warnet - begitu saja saya buat sebagai setting mikrotik, limit bandwidth yang saya gunakan dengan queue tree/queue simple.

Jasa setting mikrotik warnet  seluruh indonesia contact

Setting Mikrotik Warnet Azainet Rantau Parapat

Setting Mikrotik Warnet Azainet Rantau Parapat - setting-mikrotik-warnet-Rantau Parapat, beda lokasi beda selera pemilik warnetnya soal setting-mikrotik, berikut ini settingan-mikrotik sebuah warnet di Rantau Parapat, yang saya setting via remote dari Binjai.




Koneksi warnet yang di gunakan 3 line speedy, 1 mega untuk 15 unit komputer game, dan 2 mega untuk 15 unit komputer browsing dan download, tambah proxy external ubuntu. Berikut ini filter rule untuk menangkap ip game online kemudian di routing ke line speedy 1mbps.

/ip firewall filter
add action=add-dst-to-address-list address-list=ip-facebook address-list-timeout=0s chain=forward disabled=no dst-port=843,9339,8291 in-interface=ether5-HUB/SWITCH protocol=tcp

add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777,28900-28914 in-interface=ether5-HUB/SWITCH protocol=tcp

add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011 in-interface=ether5-HUB/SWITCH protocol=tcp

add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 in-interface=ether5-HUB/SWITCH protocol=tcp

add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100,4300 in-interface=ether5-HUB/SWITCH protocol=tcp

add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010,4300 in-interface=ether5-HUB/SWITCH protocol=udp

add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=14009-14010 in-interface=ether5-HUB/SWITCH protocol=udp

add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010 in-interface=ether5-HUB/SWITCH protocol=udp

add action=add-dst-to-address-list address-list=game_online address-list-timeout=1d chain=forward disabled=no dst-port=42051-42052,11100-11125,11440-11460in-interface=ether5-HUB/SWITCH protocol=udp

Layer 7 untuk limit download dan Streaming di mikrotiknya

/ip firewall layer7-protocol
add name=http-video regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"

add name=youtube regexp="http/(0\\.9|1\\.0|1\\.1)[\\x09-\\x0d ][1-5][0-9][0-9][\\x09-\\x0d -~]*(content-type: video)"
add name=big regexp="^.*get.+\\.exe|rar|zip|7z|cab|asf|mov|wmv|mpg|mpeg|mkv|avi|flv|pdf|wav|rm|mp3|mp4|ram|msu|msi|nup|vdf|rmvb|dat|daa|iso|nrg|bin|vcd|mp2|3gp|mpe|qt|raw|wma|ogg|doc|deb|tar|bzip|gzip|gzip2|0[0-9][0-9]).*\$"

add name=streaming regexp="a.youtube.com|d.youtube.com|e.youtube.com|f.youtube.com|g.youtube.com|h.youtube.com|i.youtube.com|j.youtube.com|l.youtube.com|c.youtube.com|d.youtube.com|youtube|tube|dailymotion.com"

Mangle Routing mark-mikrotik untuk memisah jalur ke arah speedy 1m, sisanya yang 2mbps di routing-mark/ di alokasikan ke browsing dan download.

/ip firewall mangle
add action=mark-routing chain=prerouting comment="Routing Game" disabled=no dst-address-list=game_online dst-port=19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100 new-routing-mark=game passthrough=no protocol=tcp src-address-list=LAN

add action=mark-routing chain=prerouting disabled=no dst-address-list=game_online dst-port=1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010 new-routing-mark=game passthrough=no protocol=udp src-address-list=LAN

add action=mark-routing chain=prerouting disabled=no dst-address-list=game_online dst-port=14000-14010 new-routing-mark=game passthrough=no protocol=udp src-address-list=LAN

add action=mark-routing chain=prerouting disabled=no dst-address-list=game_online dst-port=1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777 new-routing-mark=game passthrough=no protocol=tcp src-address-list=LAN

add action=mark-routing chain=prerouting disabled=no dst-address-list=game_online dst-port=7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011 new-routing-mark=game passthrough=no protocol=tcp src-address-list=LAN

add action=mark-routing chain=prerouting disabled=no dst-address-list=game_online dst-port=10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000 new-routing-mark=game passthrough=no protocol=tcp src-address-list=LAN

add action=mark-routing chain=prerouting disabled=no dst-address-list=game_online dst-port=14000-14010,28900-28914 new-routing-mark=game passthrough=no protocol=tcp src-address-list=LAN

add action=mark-routing chain=prerouting comment="Lineage 2" disabled=no dst-address-list=game_online dst-port=7777-7778 new-routing-mark=game passthrough=no protocol=tcp src-address-list=LAN

add action=mark-routing chain=prerouting disabled=no dst-address-list=game_online dst-port=2106 new-routing-mark=game passthrough=no protocol=tcp src-address-list=LAN

add action=mark-routing chain=prerouting comment=9Dragon disabled=no dst-address-list=game_online dst-port=!80,8080 new-routing-mark=game passthrough=no protocol=tcp src-address-list=LAN

add action=mark-routing chain=prerouting comment="Yulgang Online" disabled=no dst-address-list=game_online dst-port=19000-19001 new-routing-mark=game passthrough=no protocol=tcp src-address-list=LAN

Mangle Hit Proxy External dengan DSCP=12

/ip firewall mangle 
add action=mark-packet chain=prerouting comment=Proxy content="X-Cache: HIT" disabled=no new-packet-mark=proxy-hit passthrough=no protocol=tcp

add action=mark-packet chain=prerouting disabled=no dscp=12 new-packet-mark=proxy-hit passthrough=no protocol=tcp
add action=mark-packet chain=forward disabled=no dscp=12 in-interface=ether4-Proxy new-packet-mark=proxy-hit out-interface=ether5-HUB/SWITCH passthrough=no protocol=tcp

Mangle untuk Ping

/ip firewall mangle 
add action=mark-packet chain=prerouting comment=ping disabled=no new-packet-mark=icmp passthrough=no protocol=icmp

Mangle Update Game di berikan prioritas di queue tree mikrotik

/ip firewall mangle 
add action=mark-connection chain=prerouting comment="Update Game" disabled=no dscp=!12 dst-address-list=game_online dst-port=80,21 new-connection-mark=update-conn packet-mark=!hit passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting connection-mark=update-conn disabled=no dscp=!12 new-packet-mark=update passthrough=no

Mangle untuk content youtube di berikan prioritas di queue tree mikrotik

/ip firewall mangle 
add action=mark-connection chain=prerouting comment=Facebook disabled=no dscp=!12 dst-address-list=ip-facebook new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=apps.facebook.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=facebook.com/apps disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=app.facebook.com/pool-live disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=static.ak.connect.facebook.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=statics.poker.static.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.ninjasaga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.castle.zgncdn.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.static.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.static.zgncdn.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.empire.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.poker.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.castle.zynga.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.farmville.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.farmville.zgncdn.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=akamai.net disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=.channel.facebook.com disabled=no dscp=!12 new-connection-mark=facebook-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting connection-mark=facebook-conn disabled=no dscp=!12 new-packet-mark=facebook packet-mark=!proxy-hit passthrough=no

Mangle untuk melimit streaming youtube

/ip firewall mangle 
add action=mark-connection chain=prerouting comment=Streaming disabled=no dscp=!12 layer7-protocol=streaming new-connection-mark=streaming-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=dailymotion.com disabled=no dscp=!12 new-connection-mark=streaming-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-connection chain=prerouting content=mivo disabled=no new-connection-mark=streaming-conn packet-mark=!proxy-hit passthrough=yes protocol=tcp

add action=mark-packet chain=prerouting connection-mark=streaming-conn disabled=no new-packet-mark=streaming passthrough=no

Mangle untuk melimit ip per client, seperti yang beliau inginkan.

/ip firewall mangle 
add action=mark-connection chain=forward comment="LUAR KE DALAM" disabled=no dscp=!12 new-connection-mark=all.post_conn out-interface=ether5-HUB/SWITCH packet-mark=!proxy-hit passthrough=yes src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.10 new-packet-mark=IP10 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.11 new-packet-mark=IP11 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.12 new-packet-mark=IP12 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.13 new-packet-mark=IP13 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.14 new-packet-mark=IP14 packet-mark=!proxy-hit passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.15 new-packet-mark=IP15 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.16 new-packet-mark=IP16 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.17 new-packet-mark=IP17 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.18 new-packet-mark=IP18 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.19 new-packet-mark=IP19 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.20 new-packet-mark=IP20 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.21 new-packet-mark=IP21 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.22 new-packet-mark=IP22 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.23 new-packet-mark=IP23 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.24 new-packet-mark=IP24 passthrough=no protocol=tcp src-address-list=!game_online

add action=mark-packet chain=forward connection-mark=all.post_conn disabled=no dscp=!12 dst-address=192.168.88.25 new-packet-mark=IP25 passthrough=no protocol=tcp src-address-list=!game_online

Saya berikan queue tree tersendiri, dan begitupun rule, rule ini adalah hasil racikan yang saya kumpul dari berbagai sumber yang ada di internet.

Mikrotik Mangle Game Online Indonesia

Mikrotik Mangle Game Online Indonesia - mangle game online mikrotik, pitur mangle mikrotik di gunakan untuk menandai koneksi yang datang maupun keluar lewat sebuah interface, mangle di Mikrotik Mangle Game Online Indonesiayang perlu di gunakan di mikrotik untuk memperioritas koneksi game online di queue mikrotik.

/ip firewall mangle
add chain=prerouting action=mark-connection new-connection-mark=game_conn passthrough=yes protocol=tcp dst-port=1818,2001,3010,4300,5105,5121,5126,5171,5340-5352,6000-6152,7777
add chain=prerouting action=mark-connection new-connection-mark=game_conn passthrough=yes protocol=tcp dst-port=7341-7350,7451,8085,9600,9601-9602,9300,9376-9377,9400,9700,10001-10011
add chain=prerouting action=mark-connection new-connection-mark=game_conn passthrough=yes protocol=tcp dst-port=10402,11011-11041,12011,12110,13008,13413,15000-15002,16402-16502,16666,18901-18909,19000
add chain=prerouting action=mark-connection new-connection-mark=game_conn passthrough=yes protocol=tcp dst-port=19101,22100,27780,28012,29000,29200,39100,39110,39220,39190,40000,49100
add chain=prerouting action=mark-connection new-connection-mark=game_conn passthrough=yes protocol=tcp dst-port=14009-14010,4300
add chain=prerouting action=mark-connection new-connection-mark=game_conn passthrough=yes protocol=udp dst-port=14009-14010,4300
add chain=prerouting action=mark-connection new-connection-mark=game_conn passthrough=yes protocol=udp dst-port=1293,1479,6100-6152,7777-7977,8001,9401,9600-9602,12020-12080,30000,40000-40010
add chain=prerouting action=mark-connection new-connection-mark=game_conn passthrough=yes protocol=udp dst-port=42051-42052,11100-11125,11440-11460
add chain=prerouting action=mark-packet new-packet-mark=game_pkt passthrough=no connection-mark=game_conn

Saya sering menggunakan queue simple mikrotik untuk limit bandwidth di padu dengan proy eternal lusca proxy.

berikut setting queue simple game online mikrotik yang saya gunakan.

/queue type
add kind=pcq name=game pcq-burst-rate=0 pcq-burst-threshold=0 pcq-burst-time=\
10s pcq-classifier=src-address,dst-address,src-port,dst-port \
pcq-dst-address-mask=32 pcq-dst-address6-mask=64 pcq-limit=50 pcq-rate=0 \
pcq-src-address-mask=32 pcq-src-address6-mask=64 pcq-total-limit=2000

/queue simple
add burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s direction=both \
disabled=no interface=all limit-at=0/0 max-limit=0/0 name=GAME \
packet-marks=game_pkt parent=none priority=1 queue=game/game \
target-addresses=0.0.0.0/0 total-queue=default-small

Limit Streaming dengan Mikrotik menggunakan Layer7

Jasa setting Mikrotik - Cara limit Streaming di mikrotik menggunakan layer7 - jasa setting mikrotik limit streaming dengan mikrotik menggunakan layer7.

yang pasti dan penting diingat adalah, bahwa layer7 mikrotik sangat boros resource penggunaan processor routerboard mikrotik, jadi di harapkan penggunaan layer7 dapat di lakukan secara bijak di routerboard.

Limit streaming dengan mikrotik menggunakan Layer7 sekarang mungkin tidak terlalu di butuhkan, karena indihome membuat kebijakan bahwa koneksi youtube tanpa kena FUP.

Klik IP -> FIREWALL -> LAYER 7 PROTOCOLS + Klik Tanda PLUS warna Merah

name: Streaming

/ip firewall layer7-protocol add name=streaming   regexp="^.+.c.youtube.com.*$"

Kemudian buka Terminal Mikrotik, dan pastekan manglenya limit streaming dengan mikrotik menggunakan layer7, dalam queue tree saya limit youtubenya sebesar 128kbps, manglenya limit streaming di bawah ini,

/ip firewall mangle

add action=mark-packet chain=prerouting comment="Mark Paket Streamig" disabled=no layer7-protocol=streaming new-packet-mark=streaming passthrough=no  

/queue tree add  name="streaming" parent=global-out packet-mark=streaming limit-at=0 queue=default priority=8 max-limit=128k burst-limit=0 burst-threshold=0 burst-time=0s  

Limit Streaming dengan Mikrotik menggunakan Layer7 - Jika ingin menggunakan queue simple melimit streaming youtube, paste perintah berikut di new terminal mikrotik

/queue simple add max-limit=0/64000 name=Youtube packet-marks=streaming 

Memisahkan Trafik Browsing Dan Game

Jasa Setting Mikrotik - Memisahkan Trafik Browsing Dan Game - Untuk memisahkan trafik browsing dan game pada mikrotik ini di tulis  oleh http://nebulagame.wordpress.com/2010/02/02/mikrotik-pisah-download-browse-dan-game-di-1-line/ . Dan semoga bermanfaat buat kita semua, trik pemisahan seperti ini juga bisa di gunakan untuk trafik lainnya. Seperti SMTP misalnya, atau tergantung mana yang ingin anda prioritaskan koneksinya.

UPDATE

Dari pada menggunakan bentuk ip seperti ini saya lebih suka menangkap ip game online berdasarkan portnya, karena rata-rata warnet sekarang tidak hanya menyediakan game point blank saja. Seperti di tulisan saya memisahkan bandwidth game dan browsing di 1mbps speedy

Contoh buat Point Blank, game lain sesuaikan aja port/ip nya, masih banyak port untuk point blank dan ipnya, silahkan cari di google untuk tambahaan ip game lain dan portnya,

/ip firewall mangle

add chain=game action=mark-connection new-connection-mark=Game \
passthrough=yes protocol=tcp dst-address=203.89.146.0/23 \
dst-port=39190 comment="Point Blank"

add chain=game action=mark-connection new-connection-mark=Game \
passthrough=yes protocol=udp dst-address=203.89.146.0/23\
dst-port=40000-40010

add chain=game action=mark-packet new-packet-mark=Game_pkt \
passthrough=no connection-mark=Game

add chain=prerouting action=jump jump-target=game

POKER

/ip firewall mangle

add chain=forward action=mark-connection \
new-connection-mark=Poker_con passthrough=yes \
protocol=tcp dst-address-list=LOAD POKER comment="POKER"

add chain=forward action=mark-connection \
new-connection-mark=Poker_con passthrough=yes \
protocol=tcp content=statics.poker.static.zynga.com

add chain=forward action=mark-packet new-packet-mark=Poker \
passthrough=no connection-mark=Poker_con

BROWSING

/ip firewall mangle
add chain=forward action=mark-connection new-connection-mark=http \
passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan \
packet-mark=!Game_pkt connection-mark=!Game \
connection-bytes=0-262146 comment="BROWSE"

add chain=forward action=mark-packet new-packet-mark=http_pkt\
passthrough=no protocol=tcp connection-mark=http

LIMIT DOWNLOAD

/ip firewall mangle
add chain=forward action=mark-connection new-connection-mark=Download \
passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan \
packet-mark=!Game_pkt connection-mark=!Poker_con \
connection-bytes=262146-4294967295 comment="LIMIT DOWNLOAD"

addchain=forward action=mark-packet new-packet-mark=Download_pkt \
passthrough=no packet-mark=!Game_pkt connection-mark=Download

UPLOAD

/ip firewall mangle 
add action=mark-packet chain=prerouting comment="" disabled=no in-interface=Lan \ new-packet-mark=icmp_pkt passthrough=no protocol=icmp src-address=192.168.0.0/24

add chain=prerouting action=mark-packet new-packet-mark=Upload \
passthrough=no protocol=tcp src-address=192.168.0.0/24 \
in-interface=Lan packet-mark=!icmp_pkt comment="UPLOAD"

QUEUE

/queue type

name="Download" kind=pcq pcq-rate=256000 pcq-limit=50 \
pcq-classifier=dst-address pcq-total-limit=2000

name="Http" kind=pcq pcq-rate=1M pcq-limit=50 \
pcq-classifier=dst-address pcq-total-limit=2000

name="Game" kind=pcq pcq-rate=0 pcq-limit=50 \
pcq-classifier=src-address,dst-address,src-port, \
dst-port pcq-total-limit=2000

name="Upload" kind=pcq pcq-rate=0 pcq-limit=50 \
pcq-classifier=src-address pcq-total-limit=2000

Queue Tree

/queue tree

name="Main Browse" parent=Lan limit-at=0 priority=8 max-limit=1M \
burst-limit=0 burst-threshold=0 burst-time=0s

name="Browse" parent=Main Browse packet-mark=http_pkt \
limit-at=0 queue=Http priority=8 max-limit=1M \
burst-limit=0 burst-threshold=0 burst-time=0s

name="Game" parent=global-total packet-mark=Game_pkt \
limit-at=0 queue=Game priority=1 max-limit=0 \
burst-limit=0 burst-threshold=0 burst-time=0s

name="Poker" parent=global-out packet-mark=Poker limit-at=0 \
queue=Game priority=3 max-limit=0 burst-limit=0 \
burst-threshold=0 burst-time=0s

name="Download" parent=global-out packet-mark=Download_pkt \
limit-at=0 queue=Download priority=8 max-limit=256k \
burst-limit=0 burst-threshold=0 burst-time=0s

name="Main Upload" parent=global-in limit-at=0 priority=8 \
max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s

name="Upload" parent=Main Upload packet-mark=Upload \
limit-at=0 queue=Upload priority=8 max-limit=0 \
burst-limit=0 burst-threshold=0 burst-time=0s

HASILNYA

BROWSING 1Mbs bagi rata sekampung (baca: satu jaringan)
DOWNLOAD 256Kbps bagi rata sekampung
GAME seadanya bandwith sesuai kebutuhan sekampung
POKER seadanya bandwith sesuai kebutuhan sekampung
UPLOAD seadanya bandwith bagi rata sesuai kebutuhan sekampung

Membuat Bandwith Management UPTO Mikrotik

Jasa Setting Mikrotik - Membuat Bandwith Management UPTO Mikrotik,- Membuat bandwith management UPTO pada mikrotik bisa dilakukan dengan memanfaatkan queue - tree dan PCQ (Per Connection Queue) yang berfungsi membagi rata bandwith yang ada.


Misalnya saja kita punya bandwith 2MBPS untuk di share ke 10 User, ketika 10 user ini online dengan otomatis mikrotik membagi rata bandwith yang 2MBPS (2000kbps) kepada 10 clientnya, jadi masing masing client mendapat jatah bandwith 200kbps, dan jika hanya 1 user yang online, mikrotik dengan pcq nya memberikan bandwith full 2 MBPS ke pada user tersebut, dengan metode pcq ini bandwith di bagi secara adil kepada usernya yang online.



Cara membuat bandwith management UPTO pada mikrotik:

Kondisi jaringan :

1. lan :192.168.1.0/24
2. indosat : 124.195.12.29

Langkah pertama dalam membuat management bandwith upto di mikrotik :

• Tandai semua paket yang masuk dari interface lan (dari interface lan mikrotik - client)

/ip firewall mangle

add chain=forward src-address=192.168.1.0/24 \
action=mark-connection new-connection-mark=conn-lokal

add connection-mark=conn-lokal action=mark-packet\
new-packet-mark=packet-lokal chain=forward

• Buat Queue Tpye dengan jenis PCQ untuk paket yang di tandai masing-masing untuk source dan destination-nya di mikrotik

/queue type add name=lokal-dw kind=pcq pcq-classifier=dst-address
/queue type add name=lokal-up kind=pcq pcq-classifier=src-address

• Buat Queue Tree Untuk paket download dan upload pada mikrotik

/queue tree add name=lokal-download parent=lan max-limit=2M
/queue tree add parent=lokal-download\
queue=lokal-dw packet-mark=packet-lokal

/queue tree add name=lokal-upload parent=Eth1 max-limit=2M
/queue tree add parent=lokal-upload queue=lokal-up packet-mark=pct-icafe

Dengan ini di user dapat menikmati bandwith up-to jika pelanggan lain offline, semuanya mudah dengan mikrotik :D

Optimasi Mikrotik Untuk Game PointBlank

Optimasi Mikrotik Untuk Game PointBlank - Tulisan Optimasi Mikrotik Untuk Game PointBlank saya temukan di sebuah blog (http://fadhlismart.wordpress.com/2010/11/30/optimasi-mikrotik-utk-pointblank/) karena alasan waktu saya belum bisa mencobanya dan menyesuaikannya dengan kondisi jaringan di warnet. Mudah mudahan kelak routermikrotik dalam waktu dekat dapat mencobanya dan menjabarkannya dengan versi Jasa setting mikrotik sendiri.




UPDATE : dari pada menggunakan bentuk ip seperti ini saya lebih suka menangkap ip game online berdasarkan portnya, karena rata-rata warnet sekarang tidak hanya menyediakan game point blank saja. Seperti di tulisan saya memisahkan bandwidth game dan browsing di 1mbps speedy

Silahkan berimprovisasi dengan dokumentasi yang ada.

/ip firewall mangle
add action=mark-connection chain=forward comment="Trafik Mark" \
disabled=no new-connection-mark=all_con passthrough=yes \
src-address=192.168.1.0/24

add action=mark-connection chain=forward comment="" \ 
connection-mark=all_con disabled=no dst-port=39190-49100 \
new-connection-mark=pb-con passthrough=yes protocol=tcp \
src-address=192.168.1.0/24

add action=mark-connection chain=forward comment="" \ 
connection-mark=all_con disabled=no dst-port=39190-49100 \ 
new-connection-mark=pb-con passthrough=yes protocol=udp \
src-address=192.168.1.0/24

add action=mark-packet chain=forward comment="" connection-mark=pb-con \
disabled=no new-packet-mark=point-blank passthrough=no

add action=mark-packet chain=forward comment="" \
disabled=no new-packet-mark=all_packet passthrough=no \

Limit Bandwidth Queue Tree

/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=1600k name="Download" parent=ether2-lan priority=8

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 \
max-limit=0 name=HTTP packet-mark=all_packet parent="Download" \
priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no \
limit-at=0 max-limit=0 name="Point Blank" packet-mark=point-blank \ 
parent="Download" priority=7 queue=default

—————————-

VERSI LAIN
#Set pppoe lewat mikrotik ( modem set sebagai bridge )

/interface pppoe-client

add ac-name="" add-default-route=no allow=pap,chap,mschap1,mschap2 \ 
comment="" dial-on-demand=no disabled=no interface=Speedy-1 max-mru=1480 \
max-mtu=1480 mrru=disabled name="******@telkom.net" password="***" \ 
profile=default service-name="" use-peer-dns=no user="***"

#Optimalisasi Facebook dan Poker

/ip firewall address-list 
add list="facebook" address=69.63.184.142
add list="facebook" address=69.63.187.17
add list="facebook" address=69.63.187.19
add list="facebook" address=69.63.181.11
add list="facebook" address=69.63.181.12
add list="facebook" address=69.63.180.14
add list="facebook" address=69.63.186.31
add list="facebook" address=69.63.186.30
add list="facebook" address=69.63.176.11
add list="facebook" address=69.63.186.11
add list="facebook" address=69.63.187.12
add list="facebook" address=69.63.180.12
add list="facebook" address=69.63.186.12
add list="facebook" address=69.63.176.65
add list="facebook" address=66.151.132.0/24
add list="facebook" address=118.214.190.0/24
add list="facebook" address=69.63.176.213
add list="facebook" address=125.160.18.0/24
add list="facebook" address=125.56.199.0/24
add list="facebook" address=125.160.16.0/24

/ip firewall nat
add chain=srcnat action=masquerade out-interface=public
add chain=dstnat protocol=udp dst-port=53 action=redirect to-ports=53
add chain=dstnat protocol=tcp dst-port=53 action=redirect to-ports=53
add chain=dstnat in-interface=local protocol=icmp action=redirect to-ports=1
add chain=dstnat in-interface=local src-address=192.168.1.0/24 \ 
dst-address-list=!poker protocol=tcp dst-port=80 action=redirect to-ports=8000

#mangle khusus optimasi mikrotik untuk facebook dan point blank

/ip firewall mangle
add chain=prerouting dst-address=203.89.146.0/23 protocol=udp \ 
dst-port=40000-40010 action=mark-connection \
new-connection-mark=pb-facebook passthrough=yes comment="PB IIX" \
disabled=no

add chain=prerouting dst-address-list=facebook action=mark-connection \
new-connection-mark=pb-facebook passthrough=yes comment="facebook" \
disabled=no

add chain=prerouting connection-mark=pb-facebook action=mark-packet \
new-packet-mark=pb-fb passthrough=no comment="" disabled=no

Limit Bandwidth

/queue tree add name="pcq" parent=global-out packet-mark=pb-fb limit-at=0 \ 
queue=default priority=2 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s

#Mangle limit download loss browsing Mikrotik

/ip firewall mangle

add chain=postrouting out-interface=local dst-address=192.168.1.0/24 \ 
protocol=tcp src-port=80 action=mark-connection \ 
new-connection-mark=http_conn passthrough=yes

add chain=postrouting out-interface=local connection-mark=http_conn \
connection-bytes=0-131072 action=mark-packet new-packet-mark=browsing \
passthrough=no

add chain=postrouting out-interface=local connection-mark=http_conn \
connection-bytes=131073-4294967295 action=mark-packet \
new-packet-mark=download passthrough=no

add chain=prerouting comm="pcq" action=mark-packet new-packet-mark=ALL passthrough=no

/queue type

add name="browsing" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000

add name="download" kind=pcq pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000

add name="PCQ_Upload" kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000

Limit Bandwidth Queue Tree

/queue tree
add name="pcq" parent=local packet-mark="" limit-at=0 queue=default \ 
priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s

add name="browsing" parent=pcq packet-mark="browsing" limit-at=0 \
queue=browsing priority=1 max-limit=0 burst-limit=0 burst-threshold=0

add name="download" parent=pcq packet-mark="download" limit-at=0 \
queue=download priority=8 max-limit=256000 burst-limit=0 \
burst-threshold=0

add name="PCQ upload" parent=global-in packet-mark=ALL limit-at=0 \
queue=PCQ_Upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0 \
burst-time=0s

Web Proxy Internal

/ip proxy
Enabled=yes
src-address=0.0.0.0
port=8080
parent-proxy=0.0.0.0:0
parent-proxy-port=0
cache-drive=system
cache-administrator="routermikrotik@blogspot.com"
max-disk-cache-size=unlimited
max-ram-cache-size=yes
maximal-client-connections=950
maximal-server-connections=950
max-object-size=4096KiB
max-fresh-time=3d
serialize-connections=no

Import nice address pada Mikrotik

/tool fetch address=ixp.mikrotik.co.id src-path=/download/nice.rsc;import nice.rsc

Schedul update IP nice automatic Mikrotik

/system sched add comment="update-nice" disabled=no interval=1d 
name="update-nice-rsc" on-event=":if ([:len [/file find name=nice.rsc]] 0) do={/file remove nice.rsc }; /tool fetch 
address=ixp.mikrotik.co.id src-path=/download/nice.rsc;/import nice.rsc"
start-date=jan/01/1970 start-time=00:06:00

Untuk versi lain lihat disini -> memisahkan trafik browsing dan game
Jasa setting Mikrotik warnet Jasa Setting proxy external warnet

Block UltraSurf Di Mikrotik

Jasa setting mikrotik - cara block UltraSurf Di Mikrotik - Seseorang bertanya bagaimana cara memblokir ultrasurf di mikrotik, jujur saya belum pernah melihat pelanggan menggunakan ultrasurf, sehingga tidak tau persis seperti apa yang harus di blok.

Search di google soal memblock ultrasurf ternyata banyak juga yang menulisnya, dan berikut hasilnya search untuk memblock ultrasurf di mikrotik dengan layer7

(Block Ultra Surf Ini dari forum.mikrotik.com

/ip firewall layer7-protocol
add name=ultrasurf regexp="^\16\03\01\00\41\01\00\00\3D\03\01"


/ip firewall mangle
add chain=prerouting action=add-dst-to-address-list protocol=tcp\
address-list=ultrasurf address-list-timeout=0s  layer7-protocol=ultrasurf\ in-interface=lan dst-port=443

Bekerja atau tidaknya silahkan di coba, saya belum mencobanya

Untuk memblock ultrasurf di squid buka /etc/squid.conf lalu letakkan baris berikut di dalam config squid (rippingthepinguin)


# bloking UltraSurf/Skype
acl numeric_IPs url_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
http_access deny CONNECT numeric_IPs all

Memblock ultrasurf dengan IPTABLE (forum.Mikrotik.com)


iptables -I FORWARD -m tcp -p tcp --dport 443 -m string --to 256 --hex-string '|16030100410100003d0301|' --algo bm -j DROP

iptables -I FORWARD -m tcp -p tcp --tcp-flags SYN,ACK,FIN,RST,PSH ACK,PSH -m string --to 256 --hex-string '|16030100410100003d0301|' --algo bm -j DROP

Ini akan memblock tcp packet yang di kirim dari client dengan tcp-flags ACK,PSH set dan berisi "Client Hello".

Jasa settting mikrotik cara menggabung 3 Line speedy-Mikrotik

Jasa Setting Mikrotik - Menggabung 3 Line Speedy-Mikrotik - cara menggabung 3 line speedy dengan sebuah router mikrotik, menggabung beberapa koneksi dalam satu router sering di sebut loadalancing.

Teknik loadbalancing sering di salah artikan, untuk menggabung bandwidth dari jaringan jalur A di gabung dengan bandwidth dari jalur B, pemahaman ini tentu tidaklah benar dengan konsep loadbalancing.

Untuk tujuan loadbalancing sudah banyak yang menulis termasuk sendiri di tulis di web router mikrotik Indonesia, silahkan baca disana saja, karena tulisan Menggabung 3 Line Speedy-Mikrotik tidak saya tujukan untuk menjelaskan tentang loadbalancing, tapi saya membuat ini untuk mengabadikan tentang loadbalancing NTH 3 line speedy dalam satu router mikrotik.

Berikut di bawah ini mangle untuk menandai paket di 3 line speedynya.

/ip firewall mangle

add chain=prerouting action=mark-connection \
new-connection-mark=con1 passthrough=yes \
connection-state=new in-interface=ether4 nth=3,1 

add chain=prerouting action=mark-routing \
new-routing-mark=con_route passthrough=yes \
in-interface=ether4 connection-mark=con1 

add chain=prerouting action=mark-connection \
new-connection-mark=con2 passthrough=yes \
connection-state=new in-interface=ether4 nth=3,2 

add chain=prerouting action=mark-routing \
new-routing-mark=con2_route passthrough=yes \
in-interface=ether4 connection-mark=con2 

add chain=prerouting action=mark-connection \
new-connection-mark=con3 passthrough=yes \
connection-state=new in-interface=ether4 nth=3,3 

add chain=prerouting action=mark-routing \
new-routing-mark=con3_route passthrough=yes \
in-interface=ether4 connection-mark=con3

Semoga dengan mangle sederhana ini, anda dapat menggabung 3line speedy dengan sebuah router mikrotik.

SSH ke Proxy External Mikrotik Tidak Dilimit

Jasa setting Mikrotik - SSH ke Proxy External Mikrotik Tidak Dilimit - cara unlimit ssh ke proxy external lewat mikrotik Saya tidak tau judul yang tepat untuk tulisan kecil ini, saya baru tertarik untuk melakukan ini, meski sebenarnya ini perlu sejak dahulu, namun saya sedikit malas untuk urusan tetek bengek soal seperti ini, Hingga baru hari ini saya benar benarlakukan. Agar SSH tidak di limit queue mikrotik, saat di access dari client.

Cara unlimit ssh di mikrotik saya buatkan bebera rule untuk membypass ssh dari queue tree maupun queue simple router mikrotik.

Untuk langkah pertamah unlimit ssh yang menuju proxy external (squid) agar tidak terlimit oleh mikrotik saat di access dari client, yaitu dengan membuat mangle sebagai penanda paket yang masuk mengarah ke arah proxy.

Pertama tandai paket ssh pada mangle.

/ip firewall mangle
add chain=postrouting action=mark-connection \
new-connection-mark=ssh_lost passthrough=yes \
protocol=tcp dst-address=192.168.2.1 src-address-list=LAN dst-port=22

add chain=postrouting action=mark-packet\
new-packet-mark=ssh passthrough=no connection-mark=ssh_lost

Kedua buat queue unlimit untuk paket ssh tadi

/queue tree
add name="ssh" parent=global-out packet-mark=ssh limit-at=0\
queue=default priority=8 max-limit=0 burst-limit=0 \
burst-threshold=0 burst-time=0s

Jasa setting mikrotik - SSH ke Proxy External Mikrotik Tidak Dilimit. Finish.

Mangle Unlimited VideoCache Mikrotik

Jasa setting mikrotik warnet- Videocache adalah salah satu software yang mencache video dari youtube atau server streaming lain sejenisnya. Software ini mengatasi kemampuan caching squid yang hanya pada sejenis content dan mengabaikan cache pada file video.

Untuk menginstall videocache pada mesin proxy /squid external yang di pararelkan dengan mikrotik. Harus melalui tahapan tahapan.

• Install videocache dan pendukungnya sampai berjalan dengan normal dan bisa mencache video yang di buka, untuk mamstikan lihat isi nya pada http://ip-proxy/videocache, bila isi di folder sesuai nama videonya telah ada berarti videocache sudah melakukan fungsinya dengan benar.
• Dan yang paling penting, saya tidak tau ini terjadi pada orang lain atau hanya saya, video cache yang sudah di cache oleh mesin proxy, tetap terlimit pada queue mikrotik. Dan dapat di atasi dengan mangle unlimited VideoCache Mikrotik ini

Ip firewall mangle

chain=prerouting dst-address=[ipsquid] protocol=tcp dst-port=80\
action=mark-connection new-connection-mark=video-con passthrough=yes

chain=prerouting connection-mark=video-con action=mark-packet\
new-packet-mark=videocache passthrough=no

Lalu buat queue agar paket videocache yang berasal dari squid/ proxy di unlimit oleh mikroti menuju client

/queue simple add name="video-cache" target-addresses=[ip-lan/24] dst-address=0.0.0.0 \
interface=all parent=none packet-marks=videocache \
direction=both priority=8 queue=default-small/default-small \
limit-at=0/0 max-limit=0/0 total-queue=default-small

Perlu menjadi catatan dan perhatian, bahwa vidoecache akan membutuhkan hardisk yang super GD untuk menampung video yang di buka oleh user.

Jasa setting proxy untuk cache video youtube dan update game - Jasa setting mikrotik dan Hotspot - Jasa setting Wireless hubungi contact

Membagi Trafik Dengan Routing Mikrotik

Jasa Setting Mikrotik - Membagi Trafik Dengan Routing Mikrotik -  Memanagement bandwith sangat penting baik di isp maupun di warnet. Terlebih bila kita menggunakan dua koneksi yang berbeda speednya (berbeda backbone) dalam kondisi load balancing. Seperti kita tahu load balancing berfungsi untuk membalancekan beberapa koneksi yang berbeda, tentunya dengan backbone yang berbeda besarnya akan mempengaruhi stabilitas koneksi yang ada.

Membagi trafik dengan routing pada mikrotik menjadi alternatif agar backbone terkecil tidak terbebani terlalu besar dengan memberikan tanda pada paket datanya agar di lewatkan pada backbone yang paling besar.

Meskipun demikian, membagi trafik dengan routing tak hanya bermanfaat pada saat load balancing saja namun dapat di fungsikan untuk keperluan lain, misalnya saja kita ingin agar koneksi ke suatus situs pada port tertentu hanya di lewatkan pada jalur /getway tertentu saja.

Disini saya hanya menampilkan cara menandai paket pada Mangle dan mengalihkan koneksinya pada getway tertentu. Saya asumsikan kita menggunakan load balancing yang berbeda besar bandwithnya (backbone-nya) dengan nama getway WAN-01 dan WAN-02, dan saya anggap koneksi pada mode ini sudah berjalan lancar. Tinggal membagi trafik tertentu agar melintasi getway yang di tentukan (membagi trafik dengan routing Mikrotik)

• Pertama tandai paketnya dengan mangle.

/ ip firewall mangle

add chain=prerouting action=mark-routing new-routing-mark="HTTP traffic"\
passthrough=no dst-port=80 protocol=tcp comment="" disabled=no

add chain=prerouting action=mark-routing new-routing-mark="SSL traffic"\
passthrough=no dst-port=443 protocol=tcp comment="" disabled=no

add chain=prerouting action=mark-routing new-routing-mark="POP3 traffic"\
passthrough=no dst-port=110 protocol=tcp comment="" disabled=no

add chain=prerouting action=mark-routing new-routing-mark="SMTP traffic"\
passthrough=no dst-port=25 protocol=tcp comment="" disabled=no

add chain=prerouting action=mark-routing new-routing-mark="P2P traffic"\
passthrough=no p2p=all-p2p comment="" disabled=no

add chain=prerouting action=mark-routing new-routing-mark="Unknown traffic"\
passthrough=no comment="" disabled=no

• Buat Static Routing untuk mengarahkan koneksi dengan port tertentu menuju Getway yang di inginkan

/ ip route
add dst-address=0.0.0.0/0 gateway=10.0.1.1 scope=255 target-scope=10\
routing-mark="WAN - 01" comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=10.0.2.1 scope=255 target-scope=10\
routing-mark="WAN - 02" comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=10.0.2.1 scope=255 target-scope=10\
routing-mark="HTTP traffic" comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=10.0.2.1 scope=255 target-scope=10\
routing-mark="SSL traffic" comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=10.0.2.1 scope=255 target-scope=10\
routing-mark="POP3 traffic" comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=10.0.1.1 scope=255 target-scope=10\
routing-mark="SMTP traffic" comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=10.0.1.1 scope=255 target-scope=10\
routing-mark="P2P traffic" comment="" disabled=no

add dst-address=0.0.0.0/0 gateway=10.0.1.1 scope=255 target-scope=10\
routing-mark="Unknown traffic" comment="" disabled=no

Dengan cara ini trafik tertentu bisa di alihkan ke getway tertentu /pada backbone yang di inginkan. Cara membuat mangle koneksi load balancing pada mikrotik lihat tulisan Mikrotik Load Balancing atau juga bisa di lihat Mangle load balancing Mikrotik 2.9.27 pada kedua tulisan mangle load balancing ini routingnya tidak saya tuliskan. Set Routing Static untuk mangle tersebut sesuai dengan namanya pada /ip -> route .

Mangle Mikrotik 2.9.27 Load Balancing

Jasa setting mikrotik loadbalancing - Mangle Mikrotik 2.9.27 Load Balancing - Load balancing, Mangle berikut  merupakang mangle loadbalancing, pada versi mikrotik lama, versi mikrotik 2.9.27. Mangle loadbalancing nth berikut sudah kadaluars karena versi os mikrotik yang semakin tinggi.

Loadbalancing artinya bahwa beberapa koneksi di gabung dan di bagi sedemikian rupa untuk membagi beban koneksi ke beberapa source koneksi internet. Secara nyata loadbalancing bukan berarti menggabungkan koneksi menjadi satu kesatuan. Tapi menggabungkan dengan tujuan untuk membagi beban koneksi internet.

Sudah barang tentu bekerja di mangle, dan tak bisa di pisahkan. Dan mangle menjadi acuan penting untuk mendapatkan koneksi yang balance. Salah sedikit saja dapat membuat koneksi jadi amburadul dan berat sebelah.



Mangle berfungsi sebagai penanda paket. Mau di apakan dan di arahkan kemana. Mangle yang di artikel ini adalah mangle untuk mikrotik versi 2.9.27 mana tau masih ada yang membutuhkannya, dan memang sih mangle seperti ini sudah banyak bertebaran di internet :)

add chain=prerouting in-interface=Lan connection-state=new nth=1,1,0 \
action=mark-connection new-connection-mark=odd passthrough=yes

add chain=prerouting in-interface=Lan connection-mark=odd \
action=mark-routing new-routing-mark=odd passthrough=no

add chain=prerouting in-interface=Lan connection-state=new nth=1,1,1 \
action=mark-connection new-connection-mark=even passthrough=yes

add chain=prerouting in-interface=Lan connection-mark=even \
action=mark-routing new-routing-mark=even passthrough=no

Mangle loadbalancing mikrotik diatas pernah populer di zamannya, di gunakan untuk menggabungkan koneksi ke beberapa source koneksi. Saya sendiri pernah mencicipi bagaimana mangle ini bekerja. Jika anda tidak memahami maupun tidak mengerti menggunakan mangle, bisa menggunakan jasa setting saya. Silahkan di hubungi jasa setting mikrotik saya di contact di sebelah blog ini.

Program ilegal PB Router Mikrotik

Jasa setting Mikrotik - Terdeteksi program ilegal saat login pb sudah kerap terjadi, sudah di bahas abis habisan para penghuni forum mikrotik, problem program ilegal yang terdeteksi saat login point blank ini terjadi pada di karenakan menggunakan ip ganda, sementara Point Blank memberikan peraturan bahwa ip ganda tidak lagi di perkenankan untuk terkoneksi pada server point blank, dan alasan teknisnya saya taidak tau.


Seperti yang di alami oleh IPNET dan PASSNET yang menggunakan 3 ip public speedy. Terdeteksi program ilegal ini pun muncul.Beberapa forum guru menyarankan untuk membuat static routing terhadap ip point blank, dan menggunakan load balancing PCC untuk mengatasinya. Meski mungkin ada cara lain seperti yang saya gunakan saat ini.Banyak jalan menuju roma mungkin pepatah yang tepat untuk permasalahan ini. Selain menggunakan static routing dan menandai paket yang ada pada load balancing mikrotik untuk menghindari terdeteksi program ilegal pb (point blank ) saya menggunakan rule seperti ini di mikrotik yang menggunakan load balancing 3 line speedy.

Ini dia rule yang saya gunakan, mohon koreksinya di mana kira kira permasalahan dengan metode seperti ini. Dan terbukti sejak menggunakan cara ini terdeteksinya program ilegal tak muncul lagi. Dan point blank bisa dimainkan tanpa hambatan :D

/ip firewall mangle

add chain=prerouting action=mark-connection new-connection-mark=ADSL-1 \
passthrough=yes connection-state=new protocol=tcp \
dst-address=!203.89.146.0/24 src-address-list=!IP \
in-interface=ether4-squid dst-port=80 nth=3,1

add chain=prerouting action=mark-routing new-routing-mark=jalur1 \
passthrough=yes in-interface=ether4-squid connection-mark=ADSL-1 \

add chain=prerouting action=mark-connection new-connection-mark=ADSL-2 \
passthrough=yes connection-state=new protocol=tcp \
dst-address=!203.89.146.0/24 src-address-list=!IP \
in-interface=ether4-squid dst-port=80 nth=3,2

add chain=prerouting action=mark-routing new-routing-mark=jalur2 \
passthrough=yes in-interface=ether4-squid connection-mark=ADSL-2 \

add chain=prerouting action=mark-connection new-connection-mark=ADSL-3 \
passthrough=yes connection-state=new protocol=tcp \
dst-address=!203.89.146.0/24 src-address-list=!IP \
in-interface=ether4-squid dst-port=80 nth=3,3

add chain=prerouting action=mark-routing new-routing-mark=jalur3 \
passthrough=no in-interface=ether4-squid connection-mark=ADSL-3 \

Dst-Address bisa lebih disederhanakan lagi bila mau, dengan memangle paket paket tcp dan udp yang di gunakan oleh point blank dan menyimpannya di address-list. Terserah anda mau menggunakan cara seperti apa.

Bypass Webproxy mikrotik

Jasa setting mikrotik - cara Bypass Webproxy mikrotik Seperti yang ada di wikinya mikrotik, tulisan ini pun bersumber dari sana. Hanya saja sumbernya berbahasa inggris disini saya terjemahkan. Judul aslinya di wiki mikrotik adalah Queue With Masquerading and Internal Proxy. Jadi saya coba sederhanakan pengertiannya dengan membypass webproxy agar tidak terlimit oleh Bandwith Limiter queue simple maupun limit bandwidt queue tree.




Sayang sekalikan punya web-proxy namun akses kedalamnya terlimit oleh queue simple maupun queue tree sementara yang merequest ke webproxy itu adalah client kita sendiri. Trik ini cocok digunakan untuk warnet yang terbatas soal dana, untuk membeli komputer buat squid proxy, atau bagi yang menggunakan Router Mikrotik Dengan komputer. Cara ini sangat cocok dan bermanfaat. Terlebih bila komputer yang dijadikan router memilik Harddisk Yang berkafasitas besar. Jadi hardisk dimanfaatkan untuk web-proxy. Nah untuk membypas webproxy mikrotik agar tidak terlimit bandwith manager mikrotik adalah dengan cara berikut.

Asumsikan Anda telah familiar soal instalasi mikrotik dan mengaktifkan web-proxy mikrotik langkah selanjutnya adalah menandai Trafik yang menuju ke web-proxy, dan letakkan paling atas pada mangle.

/ip firewall mangle

add chain=output out-interface=lan dscp=4 action=mark-packet new-packet-mark=proxy-hit passthrough=no

1  ;;;MANGLE HIT TRAFICK
add chain=prerouting in-interface=lan src-address=172.21.1.0/24 action=mark-packet new-packet-mark=test-up passthrough=no

2   ;;; CONN-MARK
add chain=forward src-address=172.21.1.0/24 action=mark-connection new-connection-mark=test-conn passthrough=yes

3   ;;; DOWN-DIRECT CONNECTION
add chain=forward in-interface=public connection-mark=test-conn action=mark-packet new-packet-mark=test-down passthrough=no

4   ;;; DOWN-VIA PROXY
add chain=output out-interface=lan dst-address=172.21.1.0/24 action=mark-packet new-packet-mark=test-down passthrough=no

Dan perhatikan rule nomor 3 adalah passthrough=yes dan yang lainnya passthrough=no
172.1.1.0/24 adalah class ip lan

Jasa setting mikrotik dan jasa setting proxy warnet

Mikrotik LoadBalancing

Jasa setting mikrotik - Mikrotik Load Balancing - cara membuat loadbalancing mikrotik mudah, Ada Beberapa Versi mungkin load balancing, ada yang malakukanna pada 5 line speedy ada juga yang 3 dan kebanyakan menggunakan dual speedy dalam load balancing, tentunya sama sama memiliki alasannya masing masing.




Load Balancing, secara simple dapat di artikan untuk menggabung dua access dalam satu router untuk mendapatkan kwalitas koneksi yang lebih baik, dengan membagi akses secara seimbang pada line yang di load balancing.

Di bawah ini adalah mangle load balancing pada mikrotik router OS versi 3.22 x86

/ip firewall mangle 
add chain=prerouting action=mark-connection new-connection-mark=satu_con \
passthrough=yes connection-state=new protocol=tcp \
in-interface=proxy nth=2,1

add chain=prerouting action=mark-routing new-routing-mark=satu passthrough=no
in-interface=proxy connection-mark=satu_con

add chain=prerouting action=mark-connection new-connection-mark=dua_conn \
passthrough=yes connection-state=new protocol=tcp \
in-interface=proxy nth=1,1

add chain=prerouting action=mark-routing new-routing-mark=dua passthrough=no\
in-interface=proxy connection-mark=dua_conn

Bila dirasa bermanfaat silahkan di ambil. Bila ada yang salah mohon koreksinya.