Kebutuhan akses internet yang besar memungkinkan kita manambah layanan internet dengan lebih dari 1 layanan internet untuk mencukupi alokasi bandwidth yang di butuhkan oleh client. Jaminan akses internet yang stabil, dan optimal dengan cara membagi beban trafik jaringan melalui link yang ada. Metode Load Balance digunakan untuk membagi trafik dua atau lebih jalur koneksi sehingga trafik berjalan dengan baik serta memaksimalkan throughput bandwidth yang didapat. Kali ini kami akan membagikan turotrial load balance 3 WAN ke ISP dan 3 LAN ke jaringan local.
Selain itu load balance dapat digunakan untuk memperkecil waktu tanggap dan menghindari overload pada salah satu jalur koneksi, kali ini metode yang digunakan menggunakan PCC (Per-Connection Classifier).
Untuk akses menuju jaringan local saya bagi menjadi 3 bagian yaitu ether4, ether5, ether6
alamat IP Address:
Indihome1 : 192.168.1.1
Indihome2 : 192.168.2.1
Indihome3 : 192.168.3.1
Ether1,2,3 Mikrotik dhcp client
Ether4,5,6 Mikrotik : 192.168.10.1/24, 192.168.20.1/24, 192.168.30.1/24,
Langsung saja.
1. Konfigurasi IP Address
/ ip address
add address=192.168.10.1/24 network=192.168.10.0 broadcast=192.168.10.255 interface=ether4
add address=192.168.20.1/24 network=192.168.20.0 broadcast=192.168.20.255 interface=ether5
add address=192.168.30.1/24 network=192.168.30.0 broadcast=192.168.30.255 interface=ether6
/ip dhcp-client add interface=ether1 add-default-route=no disabled=no
/ip dhcp-client add interface=ether2 add-default-route=no disabled=no
/ip dhcp-client add interface=ether3 add-default-route=no disabled=no2. NAT
Untuk konfigurasi NAT, karena terdapat tiga uplink ke ISP, maka tambahkan tiga rule src-nat mengarah ke tiga ISP.
/ ip firewall nat
add chain=srcnat out-interface=ether1 action=masquerade comment=nat-indihome1
add chain=srcnat out-interface=ether2 action=masquerade comment=nat-indihome2
add chain=srcnat out-interface=ether3 action=masquerade comment=nat-indihome33. Pengaturan Police Routing
/ ip firewall mangle
add chain=prerouting dst-address=192.168.1.1/24 action=accept in-interface=ether4
add chain=prerouting dst-address=192.168.2.1/24 action=accept in-interface=ether4
add chain=prerouting dst-address=192.168.3.1/24 action=accept in-interface=ether4
/ ip firewall mangle
add chain=prerouting dst-address=192.168.1.1/24 action=accept in-interface=ether5
add chain=prerouting dst-address=192.168.2.1/24 action=accept in-interface=ether5
add chain=prerouting dst-address=192.168.3.1/24 action=accept in-interface=ether5
/ ip firewall mangle
add chain=prerouting dst-address=192.168.1.1/24 action=accept in-interface=ether6
add chain=prerouting dst-address=192.168.2.1/24 action=accept in-interface=ether6
add chain=prerouting dst-address=192.168.3.1/24 action=accept in-interface=ether6
add chain=prerouting in-interface=ether1 connection-mark=no-mark action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting in-interface=ether2 connection-mark=no-mark action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting in-interface=ether3 connection-mark=no-mark action=mark-connection new-connection-mark=ISP3_conn4. Membagi beban trafik ke masing masing ISP
Karena kecepatan koneksi ke tiga ISP sama (100 Mbps, 100 Mbps, 100 Mbps), kita membagi beban trafiknya menjadi 3 (tiga) bagian. Masing masing bagian mendapatkan koneksi yang sama ke interface lokal.
/ ip firewall mangle
add chain=prerouting in-interface=ether4 connection-mark=no-mark dst-address-type=!local
per-connection-classifier=both-addresses:3/0 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting in-interface=ether4 connection-mark=no-mark dst-address-type=!local
per-connection-classifier=both-addresses:3/1 action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting in-interface=ether4 connection-mark=no-mark dst-address-type=!local
per-connection-classifier=both-addresses:3/2 action=mark-connection new-connection-mark=ISP3_conn
/ ip firewall mangle
add chain=prerouting in-interface=ether5 connection-mark=no-mark dst-address-type=!local
per-connection-classifier=both-addresses:3/0 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting in-interface=ether5 connection-mark=no-mark dst-address-type=!local
per-connection-classifier=both-addresses:3/1 action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting in-interface=ether5 connection-mark=no-mark dst-address-type=!local
per-connection-classifier=both-addresses:3/2 action=mark-connection new-connection-mark=ISP3_conn
/ ip firewall mangle
add chain=prerouting in-interface=ether6 connection-mark=no-mark dst-address-type=!local
per-connection-classifier=both-addresses:3/0 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting in-interface=ether6 connection-mark=no-mark dst-address-type=!local
per-connection-classifier=both-addresses:3/1 action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting in-interface=ether6 connection-mark=no-mark dst-address-type=!local
per-connection-classifier=both-addresses:3/2 action=mark-connection new-connection-mark=ISP3_conn5. Membuat Policy routing trafik keluar menuju internet
/ ip firewall mangle
add chain=prerouting connection-mark=ISP1_conn in-interface=ether4 action=mark-routing
new-routing-mark=to_ISP1
add chain=prerouting connection-mark=ISP2_conn in-interface=ether4 action=mark-routing
new-routing-mark=to_ISP2
add chain=prerouting connection-mark=ISP3_conn in-interface=ether4 action=mark-routing
new-routing-mark=to_ISP3
add chain=prerouting connection-mark=ISP1_conn in-interface=ether5 action=mark-routing
new-routing-mark=to_ISP1
add chain=prerouting connection-mark=ISP2_conn in-interface=ether5 action=mark-routing
new-routing-mark=to_ISP2
add chain=prerouting connection-mark=ISP3_conn in-interface=ether5 action=mark-routing
new-routing-mark=to_ISP3
add chain=prerouting connection-mark=ISP1_conn in-interface=ether6 action=mark-routing
new-routing-mark=to_ISP1
add chain=prerouting connection-mark=ISP2_conn in-interface=ether6 action=mark-routing
new-routing-mark=to_ISP2
add chain=prerouting connection-mark=ISP3_conn in-interface=ether6 action=mark-routing
new-routing-mark=to_ISP3
add chain=output connection-mark=ISP1_conn action=mark-routing new-routing-mark=to_ISP1
add chain=output connection-mark=ISP2_conn action=mark-routing new-routing-mark=to_ISP2
add chain=output connection-mark=ISP3_conn action=mark-routing new-routing-mark=to_ISP36. Setelah konfigurasi mark-connection dan mark-routing selesai, menambahkan rule default route.
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-mark=to_ISP1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 routing-mark=to_ISP2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 routing-mark=to_ISP3 check-gateway=pingTambahkan rule berikut ini, yang berfungsi untuk failover jika salah satu line ISP mati.
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.1.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.2.1 distance=2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=192.168.3.1 distance=2 check-gateway=ping
0 Comments