Pages

Minggu, 21 Agustus 2011

Mikrotik Dengan Ubuntu Server 10.10 Part 2



Ok, kemarin udah selesai sebagian tugasnya untuk membuat Mikrotik Dengan Ubuntu Server 10.10 , sekarang kita lanjutkan biar lebih mawussss inetnya.
Lihat dan perhatikan tangan saya dalam tulisan dibawah. jangan berkedip kalau tidak ingin tertipu...wekwekwkewkekwe!

Disini sebagai contoh Saya menggunakan 2Mb paket eksekutif speedy dengan perolehan bandwidth 1,8 Mb down dan 0,6 Mb Ups dishare untuk 15 cpu.
Pembagiannya sbb: 1Mb bagi rata buat yang browsing, 500Kb buat yang lagi download pakai Idm dan software sejenis, 256Kb buat yang lagi buka vidio streaming, dan sisanya buat yang main game online. Untuk Upstreamnya buat browsing 256K dan sisanya bagi rata buat yang lain. saya tekankan bahwa saat trafic full game online tidak akan lag, karena udah diberikan priority 1 buat bandwidthnya dan game online tidak perlu bandwidth besar hanya perlu kestabilan Latency/Ping.
Ok, cekidot :

Buat manggle browsing :

/ip firewall mangle
add action=mark-connection chain=forward comment="ALL_Conection"\
new-connection-mark=users_con protocol=tcp dst.port=80 disable=no\
passthrough=yes

/ip firewall mangle
add action=mark-packet chain=forward comment="ALL_Connection_Paket" \
connection-mark=users_con disabled=no new-packet-mark="all_pkt" \
passthrough=no

Buat queue treenya

/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s disabled=no \
limit-at=1000000 max-limit=1000000 name="Browsing_down" \
packet-mark=all_pkt parent=global-out priority=8 \
queue="default-smal"

/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s disabled=no \
limit-at=256000 max-limit=256000 name="Browsing_ups" \
packet-mark=all_pkt parent=global-out priority=8 \
queue=default-smal


Buat Manggle game Online :

Di paket kan dulu Semua Game nya:

/ip firewall mangle
add action=mark-packet chain=forward comment="SEMUA GAME DIPAKETKAN" \
connection-mark="GAME KONEKSI" disabled=no new-packet-mark="GAME PAKET" \
passthrough=no

terus buat mark-connection tiap game :

Mangle POKER tcp port
/ip firewall mangle
add action=mark-connection chain=prerouting comment="POKER KONEKSI" \
disabled=no dst-port=9339,843 new-connection-mark="GAME KONEKSI" \
passthrough=yes protocol=tcp

Mangle AYODANCE tcp port
/ip firewall mangle
add action=mark-connection chain=prerouting comment="AYODANCE KONEKSI" \
disabled=no dst-port=18901,18902,18903,18904,18905,18906,18907,189 08,18909 \
new-connection-mark="GAME KONEKSI" passthrough=yes protocol=tcp

Mangle POINT BLANK udp port
/ip firewall mangle
add action=mark-connection chain=prerouting comment="POINT BLANK KONEKSI UDP" \
disabled=no dst-port=40000-40010 new-connection-mark="GAME KONEKSI" \
passthrough=no protocol=udp

Mangle POINT BLANK tcp port
/ip firewall mangle
add chain=prerouting action=mark-connection \
new-connection-mark="GAME KONEKSI" passthrough=yes protocol=tcp \
dst-address=203.89.146.0/23 dst-port=39190 comment="POINT BLANK KONEKSI TCP"

Mangle DOTA tcp port
/ip firewall mangle
add action=mark-connection chain=prerouting comment="DOTTA KONEKSI" \
disabled=no dst-port=6000-6152 new-connection-mark="GAME KONEKSI" \
passthrough=yes protocol=tcp

Mangle CROSS FIRE tcp port
/ip firewall mangle
add action=mark-connection chain=prerouting comment="CROSS FIRE KONEKSI TCP" \
disabled=no dst-port=10009 new-connection-mark="GAME KONEKSI" \
passthrough=yes protocol=tcp

Mangle CROSS FIRE udp port
/ip firewall mangle
add action=mark-connection chain=prerouting comment="CROSS FIRE KONEKSI UDP" \
disabled=no dst-port=40000-40010 new-connection-mark="GAME KONEKSI" \
passthrough=no protocol=udp

Untuk game Online yang belum ada bisa agan tambah sendiri, kuncinya ada di dst.port sama dst addressnya (kalau ada).

Selanjutnya Buat queue tree nya:

/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s disabled=no \
limit-at=0 max-limit=0 name=Game_down \
packet-mark=GAME PAKET parent=global-out priority=1 \
queue=default-small

/queue tree add burst-limit=0 \
burst-threshold=0 burst-time=0s disabled=no \
limit-at=0 max-limit=0 name=Game_ups \
packet-mark=GAME PAKET parent=ether1 priority=1 \
queue=default-small

NB: ether1 adalah ip address modem / Wan / Public di mikrotik


Buat Limit user yang pakai IDM dan software sejenisnya :

kita limit menurut jenis ekstensinya dengan layer7-protocol

/ip firewall layer7-protocol
add name="Extension \" .exe \"" regexp="^.*get.+\\.exe.*\$"
add name="Extension \" .rar\"" regexp="^.*get.+\\.rar.*\$"
add name="Extension \" .zip\"" regexp="^.*get.+\\.zip.*\$"

Diatas saya hanya menulis beberapa ekstencynya, bisa agan tambah sendiri (mis: .mp3 / . 3gp / .7zip / dll.

Terus kita buat manglenya

/ip firewall mangle
add action=mark-connection chain=forward disabled=no layer7-protocol=\
"Extension \" .exe \"" new-connection-mark=exe_conn passthrough=yes \
protocol=tcp

add action=mark-connection chain=forward disabled=no layer7-protocol=\
"Extension \" .zip\"" new-connection-mark=zip_conn passthrough=yes \
protocol=tcp

add action=mark-connection chain=forward disabled=no layer7-protocol=\
"Extension \" .rar\"" new-connection-mark=rar_conn passthrough=yes \
protocol=tcp

add action=mark-packet chain=forward connection-mark=exe_conn\
disabled=no new-packet-mark=exe passthrough=no

add action=mark-packet chain=forward connection-mark=rar_conn\
disabled=no new-packet-mark=rar passthrough=no

add action=mark-packet chain=forward connection-mark=zip_conn\
disabled=no new-packet-mark=zip passthrough=no

Terus kita buat queue tree nya buat limit :

kita buat parentnya dulu
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no\
limit-at=500000 max-limit=500000 name=DW.FILES\
parent=global-out priority=8

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no\
limit-at=125000 max-limit=0 name=ZIP packet-mark=zip\
parent=DW.FILES priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no\
limit-at=125000 max-limit=125000 name=EXE \
packet-mark=exe parent=DW.FILES priority=8 queue=default

add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no\
limit-at=125000 max-limit=125000 name=RAR\
packet-mark=rar parent=DW.FILES priority=8 queue=default

Nb: disini per ekstency kita limit 125k atau 12Kb/det kecepatan downloadnya dengan total limit 500k (misal kita download 3 file rar dan 2 file exe secara bersamaan ,masing2 tidak akan dapat 12 kb/ detik karena max.limitnya 500k atau 50 kb/detik jadi total ada 5 file download yang akan mendapat bandwidth 50 kb/detik : 5 = 10 kb/detik.)

Buat yang suka buka youtub*** dan situs streaming biar gak ngabisin bandwidth Browsingnya :

Kita pakai layer7-protocol lagi

/ip firewall layer7-protocol
add name=http-video regexp="http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -~]*(content-type: video)"

Kita buat mangle nya :

/ip frewall mangle
add action=mark-connection chain=postrouting comment="http-video-connection" \
disabled=no layer7-protocol=http-video new-connection-mark=http-videos \
protocol=tcp dst.port=80 passthrough=yes

/ip frewall mangle
add action=mark-packet chain=postrouting comment="http-video'' \
disabled=no connection-mark=http-videos \
new-packet-mark=http-video-pkt passthrough=no

terus kita buat queue tree nya :

/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=256000 \
max-limit=300000 name=http-vidio parent=global-out priority=8 \
packet-marks=http-video-pkt queue type=default
Diposting oleh di
Label:

1 komentar:

  1. Unknown9 Juli 2015 pukul 08.02

    sangat membantu artikelnya.
    follow balik ya : www.sysnetrain.com

    BalasHapus

Langganan: Posting Komentar (Atom)

Pengikut