Berikut ini merupakan contoh load balancing untuk warnet dan game online dengan 2 ISP berbeda.
Tujuan :
- Memisahkan bandwith untuk internet dan game online
- Membedakan / mengarahkan port untuk internet dan game online
[root@xXx] > interface print
Flags: X - disabled, D - dynamic, R - running
# NAME TYPE RX-RATE TX-RATE MTU
0 R indosat ether 0 0 1500
1 R lan ether 0 0 1500
2 R speedy ether 0 0 1500
[root@xXx] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.1.1/26 192.168.1.0 192.168.1.63 lan
1 219.83.15.70/29 219.83.15.64 219.83.15.71 indosat
2 192.168.3.3/27 192.168.3.0 192.168.3.31 speedy
[root@xXx] > ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting src-address=192.168.1.0/26 protocol=tcp dst-port=8291 action=mark-connection
new-connection-mark=mt-con passthrough=yes
1 chain=prerouting src-address=192.168.1.0/26 protocol=udp dst-port=135-137 action=mark-connection
new-connection-mark=nbt-con passthrough=yes
2 chain=forward src-address=192.168.1.0/26 protocol=tcp dst-port=5050 action=mark-connection new-connection-mark=ym-con
passthrough=yes
3 chain=forward connection-mark=ym-con action=mark-packet new-packet-mark=ym-pack passthrough=no
4 chain=forward src-address=192.168.1.0/26 protocol=tcp dst-port=6660-7000 action=mark-connection
new-connection-mark=irc-con passthrough=yes
5 chain=forward connection-mark=irc-con action=mark-packet new-packet-mark=irc-pack passthrough=no
6 chain=forward src-address=192.168.1.0/26 protocol=tcp dst-port=2778 action=mark-connection
new-connection-mark=camfrog-con passthrough=yes
7 chain=forward src-address=192.168.1.0/26 protocol=tcp dst-port=443 action=mark-connection new-connection-mark=ssl-con
passthrough=yes
8 chain=forward connection-mark=ssl-con action=mark-packet new-packet-mark=ssl-pack passthrough=no
9 chain=prerouting src-address=192.168.1.0/26 protocol=udp dst-port=53 action=mark-connection
new-connection-mark=dns-con passthrough=yes
10 chain=prerouting connection-mark=dns-con action=mark-packet new-packet-mark=dns-pack passthrough=no
11 chain=prerouting src-address=192.168.1.0/26 protocol=tcp dst-port=!80 dst-address-list=nice action=mark-routing
new-routing-mark=route-indosat passthrough=yes
12 chain=prerouting routing-mark=route-indosat dst-address-list=nice action=mark-connection
new-connection-mark=indosat-con passthrough=yes
13 chain=prerouting connection-mark=indosat-con action=mark-packet new-packet-mark=indosat-pack passthrough=no
14 chain=prerouting src-address=192.168.1.0/26 dst-address-list=nice action=mark-connection new-connection-mark=iix-con
passthrough=yes
15 chain=prerouting connection-mark=iix-con action=mark-packet new-packet-mark=iix-pack passthrough=no
16 chain=output connection-mark=iix-con action=mark-packet new-packet-mark=iix-pack passthrough=no
17 chain=prerouting action=mark-packet new-packet-mark=intl-pack passthrough=no
18 chain=output action=mark-packet new-packet-mark=intl-pack passthrough=no
[root@xXx] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat src-address=192.168.1.0/26 action=masquerade
1 chain=dstnat src-address=192.168.1.0/26 protocol=tcp dst-port=80 action=redirect to-ports=8000
2 chain=dstnat src-address=192.168.1.0/26 protocol=tcp dst-port=8080 action=redirect to-ports=8000
3 chain=dstnat src-address=192.168.1.0/26 protocol=tcp dst-port=3128 action=redirect to-ports=8000
[root@xXx] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf
# DST-ADDRESS PREFSRC G GATEWAY DISTANCE INTERFACE
0 ADC 192.168.1.0/26 192.168.1.1 lan
1 ADC 192.168.3.0/27 192.168.3.3 speedy
2 ADC 219.83.15.64/29 219.83.15.70 indosat
3 A S 0.0.0.0/0 r 192.168.3.1 speedy
4 A S 0.0.0.0/0 r 219.83.15.65 indosat
[root@xXx] > ip dns print
primary-dns: 202.134.1.10
secondary-dns: 202.155.0.10
allow-remote-requests: yes
cache-size: 4096KiB
cache-max-ttl: 1w
cache-used: 179KiB
[root@xXx] > ip web-proxy print
enabled: yes
src-address: 192.168.1.0
port: 8000
hostname: “proxy.xxxxx.net”
transparent-proxy: yes
parent-proxy: 0.0.0.0:0
cache-administrator: “webmaster@xxxxx.net”
max-object-size: 10240KiB
cache-drive: system
max-cache-size: unlimited
max-ram-cache-size: unlimited
status: running
reserved-for-cache: 3026944KiB
reserved-for-ram-cache: 1843KiB
[root@xXx] > queue tree print
Flags: X - disabled, I - invalid
0 name=”Download” parent=lan packet-mark=”" limit-at=0 queue=pcq-download priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
1 name=”Up-Speedy” parent=speedy packet-mark=”" limit-at=0 queue=pcq-upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
2 name=”iix-down” parent=Download packet-mark=iix-pack limit-at=0 queue=pcq-download priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
3 name=”down-intl” parent=Download packet-mark=intl-pack limit-at=0 queue=pcq-download priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
4 name=”iix-up” parent=Up-Speedy packet-mark=iix-pack limit-at=0 queue=pcq-upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
5 name=”up-intl” parent=Up-Speedy packet-mark=pack-intl limit-at=0 queue=pcq-upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
6 name=”queue3″ parent=Download packet-mark=indosat-pack limit-at=0 queue=pcq-download priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
7 name=”Up-Indosat” parent=indosat packet-mark=”" limit-at=0 queue=pcq-download priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
8 name=”queue2″ parent=Up-Indosat packet-mark=indosat-pack limit-at=0 queue=pcq-download priority=8 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
9 name=”queue4″ parent=Download packet-mark=ssl-pack limit-at=0 queue=pcq-download priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s
10 name=”queue6″ parent=Up-Speedy packet-mark=ssl-pack limit-at=0 queue=pcq-upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0
burst-time=0s