Load Balance / Load Balancing Mikrotik adalah sebuah teknik atau metode untuk membagi beban ke dalam beberapa jalur (link) sehingga penggunaan jalur (link) menjadi lebih baik. Load balance Mikrotik Sebelumnya sudah pernah saya bahas pada artikel ini Load Balance / Load Balancing Mikrotik.
Selanjutnya pada artikel ini akan saya bahas tentang cara setting load balance mikrotik meggunakan metode PPC. Karena keterbatasan waktu dan peralatan, Tutorial Load Balance Mikrotik kali ini saya ambil dari web mikrotik.co.id sebagai berikut :
Selanjutnya pada artikel ini akan saya bahas tentang cara setting load balance mikrotik meggunakan metode PPC. Karena keterbatasan waktu dan peralatan, Tutorial Load Balance Mikrotik kali ini saya ambil dari web mikrotik.co.id sebagai berikut :
Selama ini banyak dari kita yang beranggapan salah, bahwa dengan menggunakan loadbalance dua jalur koneksi , maka besar bandwidth yang akan kita dapatkan menjadi dua kali lipat dari bandwidth sebelum menggunakan loadbalance (akumulasi dari kedua bandwidth tersebut). Hal ini perlu kita perjelas dahulu, bahwa loadbalance tidak akan menambah besar bandwidth yang kita peroleh, tetapi hanya bertugas untuk membagi trafik dari kedua bandwidth tersebut agar dapat terpakai secara seimbang.
Dengan artikel ini, kita akan membuktikan bahwa dalam penggunaan loadbalancing tidak seperti rumus matematika 512 + 256 = 768, akan tetapi 512 + 256 = 512 + 256, atau 512 + 256 = 256 + 256 + 256.
Pada artikel ini kami menggunakan RB433UAH dengan kondisi sebagai berikut :
1. Ether1 dan Ether2 terhubung pada ISP yang berbeda dengan besar bandwdith yang berbeda. ISP1 sebesar 512kbps dan ISP2 sebesar 256kbps.
2. Kita akan menggunakan web-proxy internal dan menggunakan openDNS.
3. Mikrotik RouterOS anda menggunakan versi 4.5 karena fitur PCC mulai dikenal pada versi 3.24.
1. Ether1 dan Ether2 terhubung pada ISP yang berbeda dengan besar bandwdith yang berbeda. ISP1 sebesar 512kbps dan ISP2 sebesar 256kbps.
2. Kita akan menggunakan web-proxy internal dan menggunakan openDNS.
3. Mikrotik RouterOS anda menggunakan versi 4.5 karena fitur PCC mulai dikenal pada versi 3.24.
Jika pada kondisi diatas berbeda dengan kondisi jaringan ditempat anda, maka konfigurasi yang akan kita jabarkan disini harus anda sesuaikan dengan konfigurasi untuk jaringan ditempat anda.
Konfigurasi Dasar
Berikut ini adalah Topologi Jaringan dan IP address yang akan kita gunakan
Konfigurasi Dasar
Berikut ini adalah Topologi Jaringan dan IP address yang akan kita gunakan
| /ip address add address=192.168.101.2/30 interface=ether1 add address=192.168.102.2/30 interface=ether2 add address=10.10.10.1/24 interface=wlan2 /ip dns set allow-remote-requests=yes primary-dns=208.67.222.222 secondary-dns=208.67.220.220 |
After configuring the IP and DNS are correct, we have to install a default route to each of us to ISP gateway IP routers forward all traffic that is not connected to it to the gateway. Here we use the check-gateway feature is useful if one of the gateways we broke up, then the connection will be deflected to the other gateway.
| /ip route add dst-address=0.0.0.0/0 gateway=192.168.101.1 distance=1 check-gateway=ping add dst-address=0.0.0.0/0 gateway=192.168.102.1 distance=2 check-gateway=ping |
To setup the Access Point so that the PC can connect to the wireless client, we use the command
| /interface wireless set wlan2 mode=ap-bridge band=2.4ghz-b/g ssid=Mikrotik disabled=no |
In order for the client pc can connect to the internet, we also have to change the private IP to a public IP client that is in us is the public interface ether1 and ether2.
| /ip firewall nat add action=masquerade chain=srcnat out-interface=ether1 add action=masquerade chain=srcnat out-interface=ether2 |
Until this step, the router and the PC clients are able to access the Internet. Ping the router or the good of the client pc to the internet. If not successful, check your configuration again.
Webproxy Internal
In particular routerboard, like RB450G, RB433AH, RB433UAH, RB800 and RB1100 has an expansion slot (USB, MicroSD, CompactFlash) for additional storage. In the following example, we will use the usb flash attached to the USB slot. For the first time installation, this additional storage will be read status invalid in / system store. In order to be used as a storage media cache, the storage must be formatted in advance and activated Later we stay activate and set webproxy cache-on-disk = yes to use our storage media. Do not forget to redirect traffic HTTP (TCP port 80) into our webproxy.
| /store disk format-drive usb1 /store add disk=usb1 name=cache-usb type=web-proxy activate cache-usb /ip proxy set cache-on-disk=yes enabled=yes max-cache-size=200000KiB port=8080 /ip firewall nat add chain=dstnat protocol=tcp dst-port=80 in-interface=wlan2 action=redirect to-ports=8080 |
In loadbalancing this time we will use a feature called PCC ( Per Connection Classifier ) . With PCC we can categorize traffic connections through or out of the router into multiple groups . These groupings can be distinguished based on src -address , dst -address , src - port and dst - port or . Router will remember the beginning of the path through which the traffic gateway connection , so that the subsequent packets are still associated with the first connection to be passed on the same gateway path . The advantages of this PCC complaint that answers many frequently break the connection on the other loadbalancing technique prior to any PCC because of displacement gateway .
Before making mangle loadbalance , to prevent routing loops in traffic , then all client traffic to the network that is connected directly to the router , should we bypass of loadbalancing . We could make a list of IP that is still in the network router and install the following first mangle
Before making mangle loadbalance , to prevent routing loops in traffic , then all client traffic to the network that is connected directly to the router , should we bypass of loadbalancing . We could make a list of IP that is still in the network router and install the following first mangle
| /ip firewall address-list add address=192.168.101.0/30 list=lokal add address=192.168.102.0/30 list=lokal add address=10.10.10.0/24 list=lokal /ip firewall mangle add action=accept chain=prerouting dst-address-list=lokal in-interface=wlan2 comment=”trafik lokal” add action=accept chain=output dst-address-list=lokal |
In certain cases, the first traffic can come from the Internet, such as the use of remote winbox or telnet from the internet and so on, therefore we also need to mark the mark-connection traffic so that traffic can pass through the interface behind which the incoming traffic
| /ip firewall mangle add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether1 new-connection-mark=con-from-isp1 passthrough=yes comment=”trafik dari isp1” add action=mark-connection chain=prerouting connection-mark=no-mark in-interface=ether2 new-connection-mark=con-from-isp2 passthrough=yes comment=”trafik dari isp2” |
Generally, an ISP will restrict access of DNS server IP only knew, so if you are using one of the DNS from your ISP, you must add a mangle that DNS traffic through the gateway of the ISP in question rather than through other ISPs gateway. Here we provide that through the mangle DNS ISP1 ISP1 gateway. If you use independent public DNS, such as OpenDNS, you do not need the mangle below.
| /ip firewall mangle add action=mark-connection chain=output comment=dns dst-address=202.65.112.21 dst-port=53 new-connection-mark=dns passthrough=yes protocol=tcp comment=”trafik DNS citra.net.id” add action=mark-connection chain=output dst-address=202.65.112.21 dst-port=53 new-connection-mark=dns passthrough=yes protocol=udp add action=mark-routing chain=output connection-mark=dns new-routing-mark=route-to-isp1 passthrough=no |
Because we use a webproxy on the router, then we need to loadbalance traffic there are 2 types. The first is the traffic from the client to the internet (non-HTTP), and traffic from the Internet to the webproxy. To be more structured and easier in the readings, we will use a custom-chain as follows:
| /ip firewall mangle add action=jump chain=prerouting comment=”lompat ke client-lb” connection-mark=no-mark in-interface=wlan2 jump-target=client-lb add action=jump chain=output comment=”lompat ke lb-proxy” connection-mark=no-mark out-interface=!wlan2 jump-target=lb-proxy |
At mangle above, to make sure the client loadbalance traffic parameters in-interface is the interface connected to the client, and to loadbalance webproxy traffic, we use the chain-out output parameter interfaces are not connected to the client interface. Having a custom chain for loadbalancing made, we can make a custom chain mangle in the following
| /ip firewall mangle add action=mark-connection chain=client-lb dst-address-type=!local new-connection-mark=to-isp1 passthrough=yes per-connection-classifier=both-addresses:3/0 comment=”awal loadbalancing klien” add action=mark-connection chain=client-lb dst-address-type=!local new-connection-mark=to-isp1 passthrough=yes per-connection-classifier=both-addresses:3/1 add action=mark-connection chain=client-lb dst-address-type=!local new-connection-mark=to-isp2 passthrough=yes per-connection-classifier=both-addresses:3/2 add action=return chain=client-lb comment=”akhir dari loadbalancing” /ip firewall mangle add action=mark-connection chain=lb-proxy dst-address-type=!local new-connection-mark=con-from-isp1 passthrough=yes per-connection-classifier=both-addresses:3/0 comment=”awal load balancing proxy” add action=mark-connection chain=lb-proxy dst-address-type=!local new-connection-mark=con-from-isp1 passthrough=yes per-connection-classifier=both-addresses:3/1 add action=mark-connection chain=lb-proxy dst-address-type=!local new-connection-mark=con-from-isp2 passthrough=yes per-connection-classifier=both-addresses:3/2 add action=return chain=lb-proxy comment=”akhir dari loadbalancing” |
For the example above, the client loadbalancing and WebProxy using pcc traffic separation parameters the same, ie both-address, so the router will remember by src-address and dst-address of a connection. Because we are different ISP traffic (512kbps and 256kbps), we divide the traffic load into 3 parts. 2 The first part will pass through the gateway ISP1, and 1 final part will pass through the gateway ISP2. If each traffic from clients and proxies have been marked, the next step we just create a mangle mark-route that will be used in the routing process will
| /ip firewall mangle add action=jump chain=prerouting comment=”marking route client” connection-mark=!no-mark in-interface=wlan2 jump-target=route-client add action=mark-routing chain=route-client connection-mark=to-isp1 new-routing-mark=route-to-isp1 passthrough=no add action=mark-routing chain=route-client connection-mark=to-isp2 new-routing-mark=route-to-isp2 passthrough=no add action=mark-routing chain=route-client connection-mark=con-from-isp1 new-routing-mark=route-to-isp1 passthrough=no add action=mark-routing chain=route-client connection-mark=con-from-isp2 new-routing-mark=route-to-isp2 passthrough=no add action=return chain=route-client disabled=no /ip firewall mangle add action=mark-routing chain=output comment=”marking route proxy” connection-mark=con-from-isp1 new-routing-mark=route-to-isp1 out-interface=!wlan2 passthrough=no add action=mark-routing chain=output connection-mark=con-from-isp2 new-routing-mark=route-to-isp2 out-interface=!wlan2 passthrough=no |
Mangle settings above will not be useful if you have not made a mark-routing based on the route that we have created. Here we will also make a backup routing, so that when a gateway is lost, then all connections will pass through gateways that each connected
| /ip route add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.101.1 routing-mark=route-to-isp1 distance=1 add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.102.1 routing-mark=route-to-isp1 distance=2 add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.102.1 routing-mark=route-to-isp2 distance=1 add check-gateway=ping dst-address=0.0.0.0/0 gateway=192.168.101.1 routing-mark=route-to-isp2 distance=2 |
From our test results, obtained as follows
From the picture looks, that just by doing 1 file download (1 connections), we only get a speed of 56kbps (448kbps) because at the time it passes through the gateway ISP1, whereas if we download the file (opens a new connection) again on another web, will get 30Kbps (240kbps). From this test it can be concluded that the visible
512kbps + 256kbps ≠ 768kbps
Note:
Pcc loadbalancing using this technique will be effective and balanced approach when more and more connections (from clients) that occurred.
Pcc loadbalancing using this technique will be effective and balanced approach when more and more connections (from clients) that occurred.
- Use ISPs that have not Share FIX bandwidth to obtain more optimal results.
- Load Balance using PCC is not always and entirely a solution that should work well on all types of networks, due to the balancing of traffic is based on the logic of probability.
Thus Tutorial Setting Mikrotik Load Balancing using the PPC method taken from the web Mikrotik.co.id. Good luck and hopefully useful :)
test
BalasHapus