Mikrotik Operating System:
Linux Mikrotik is actually already made by the developers in such a way that is
easy to install and Configure with many features and functions in it
Explanation:
- Mikrotik Router with 2 Network Interface Card (NIC) and ether2 ether1 where ether1 is Ethernet
connected directly to the ISP and ether2 is connected directly to the Ethernet network 192.168.1.1/30
- The bandwidth of the ISP such as international 256Kbps and 1024Kbps IIX local
- Computer 192.168.1.2/30 128Kbps bandwidth allocation will be international and local 256Kbps IIX To separate the
between local traffic IIX with international traffic way is to mark data packets to or
derived from the local network using a mangle IIX.
The question is how can know the package Mikrotik
headed to or coming from local jairngan IIX?
[Admin @ dimas]> In this explanation I use the techniques include a list of ip blocks directly to the / ip firewall mangle, with this technique I have to enter twice ip list obtained from NICE to the router / ip firewall mangle.
[Admin @ dimas]> Another way is better is to include a list of ip blocks from NICE to the router / ip firewall address-list and thus the / ip firewall mangle there are only a few lines and the separation of Indonesia and international traffic
This can be more accurate because the mangle can be done by address-list only.
Here's how to share with local or international bandwidth is often called the ix by iix
for example:
[Admin @ dimas] ip firewall mangle>
add chain = prerouting src-address-list = public
action = mark-connection new-connection-mark = Indonesia-ix-conn passthrough = yes
international comment =-ix
add chain = prerouting action = mark-packet
new-packet-mark = ix passthrough = no connection-mark = conn-Indonesia-ix
add chain = prerouting src-address-list = nice
action = mark-connection new-connection-mark = Indonesia-iix-conn passthrough = yes
comment = Indonesia-iix
add chain = prerouting action = mark-packet
new-packet-mark = iix passthrough = no connection-mark = conn-Indonesia-iix
Block icmp packages
Example:
[Admin @ dimas] ip firewall mangle>
add chain = forward action = mark-packet new-packet-mark = icmp-packet-fwd passthrough = yes protocol = icmp
add chain = output action = mark-packet new-packet-mark = out-icmp-packet passthrough = yes protocol = icmp
add chain = input action = mark-packet new-packet-mark = in-icmp-packet passthrough = yes protocol = icmp
add chain = forward action = mark-packet new-packet-mark = icmp-packet-fwd passthrough = yes protocol = icmp
add chain = postrouting action = mark-packet new-packet-mark = icmp-packet post-passthrough = yes protocol = icmp
add chain = prerouting action = mark-packet new-packet-mark = icmp-packet pre-passthrough = yes protocol = icmp
Bandwidth sharing:
Example:
[Admin @ dimas] queue simple>
add name = "dimas" target-addresses = 192.168.1.2/30 \
dst-address = 0.0.0.0 / 0 interface = all parent = none packet-marks =
Indonesia-conn-iix \
direction = both priority = 8 queue = default / default limit-at = 0/0 \
max-limit = 256000/256000 total-queue = default disabled = no
add name = "dimas" = 192.168.1.2/30 \
dst-address = 0.0.0.0 / 0 interface = all parent = none packet-marks = ix \
direction = both priority = 8 queue = default / default limit-at = 0/0 \
max-limit = 128000/128000 total-queue = default disabled = no
Title : Setup mangle
Description : Mikrotik Operating System: Linux Mikrotik is actually already made by the developers in such a way that is easy to install and Conf...
Description : Mikrotik Operating System: Linux Mikrotik is actually already made by the developers in such a way that is easy to install and Conf...
0 Response to "Setup mangle"
Posting Komentar