Load Balancing

c

Posted on March 20, 2009 by harry chan putra
Disini akses yang digunakan adalah 2 Line Speedy Office Unlimitted untuk salah satu warnet
yang ada di kota Padang, contoh confignya adalah :
Login: areksitiung
Password:
MMM MMM KKK TTTTTTTTTTT KKK

MMMM MMMM KKK TTTTTTTTTTT KKK
MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK KKK
MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK
MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK
MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK
MikroTik RouterOS 2.9.27 (c) 1999-2006 http://www.mikrotik.com/
# nov/27/2008 11:26:36 by RouterOS 2.9.27

# software id = HUI7-TQN
#
/ interface ethernet
set Local name=Local mtu=1500 mac-address=00:11:6B:95:D4:49 arp=enabled disable-
running-check=yes auto-negotiation=yes \
full-duplex=yes cable-settings=default speed=100Mbps comment=" disabled=no
set Speedy1 name=Speedy1 mtu=1500 mac-address=00:11:6B:94:F0:C5 arp=enabled
disable-running-check=yes \
auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps comment="
disabled=no
set Speedy2 name=Speedy2 mtu=1500 mac-address=00:19:21:28:5F:87 arp=enabled
disable-running-check=yes \
auto-negotiation=yes full-duplex=yes cable-settings=default speed=100Mbps comment="
disabled=no
/ interface l2tp-server server
set enabled=no max-mtu=1460 max-mru=1460 authentication=pap,chap,mschap1,mschap2
default-profile=default-encryption
/ interface pptp-server server
set enabled=no max-mtu=1460 max-mru=1460 authentication=mschap1,mschap2 keepalive-
timeout=30 \
default-profile=default-encryption
/ interface pppoe-client
add name=pppoe-out2 max-mtu=1480 max-mru=1480 interface=Speedy2
user=11140xxxxx@telkom.net password=xxxxxx \
profile=default service-name=" ac-name=" add-default-route=yes dial-on-demand=no use-
peer-dns=no \
allow=pap,chap,mschap1,mschap2 disabled=no
/ ip accounting
set enabled=no account-local-traffic=no threshold=256
/ ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ ip service
set telnet port=23 address=0.0.0.0/0 disabled=yes
set ftp port=21 address=0.0.0.0/0 disabled=yes
set www port=1979 address=0.0.0.0/0 disabled=no
set ssh port=1982 address=0.0.0.0/0 disabled=no
set www-ssl port=443 address=0.0.0.0/0 certificate=none disabled=yes
/ ip upnp
set enabled=no allow-disable-external-interface=yes show-dummy-rule=yes
/ ip arp
/ ip socks
set enabled=no port=1080 connection-idle-timeout=2m max-connections=200
/ ip dns
set primary-dns=203.130.193.74 secondary-dns=202.134.0.155 allow-remote-requests=yes
cache-size=2048KiB cache-max-ttl=1w
/ ip traffic-flow
set enabled=no interfaces=all cache-entries=4k active-flow-timeout=30m inactive-flow-
timeout=15s
/ ip address
add address=192.168.1.1/24 network=192.168.1.0 broadcast=192.168.1.255 interface=Local
comment=" disabled=no
add address=192.168.2.2/24 network=192.168.2.0 broadcast=192.168.2.255
interface=Speedy1 comment=" disabled=no
add address=192.168.3.2/24 network=192.168.3.0 broadcast=192.168.3.255
interface=Speedy2 comment=" disabled=yes
/ ip proxy
set enabled=no port=8080 parent-proxy=0.0.0.0:0 maximal-client-connecions=1000
maximal-server-connectons=1000
/ ip proxy access
add dst-port=23-25 action=deny comment=block telnet & spam e-mail relaying
disabled=no
/ ip neighbor discovery
set Local discover=yes
set Speedy1 discover=yes
set Speedy2 discover=yes
set pppoe-out2 discover=no
/ ip route
add dst-address=0.0.0.0/0 gateway=192.168.2.1 scope=255 target-scope=10 routing-
mark=one comment=" disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=1,1,0 action=mark-
connection new-connection-mark=one \
passthrough=yes comment=" disabled=no
add chain=prerouting in-interface=Local connection-mark=one action=mark-routing new-
routing-mark=one passthrough=no \
add chain=prerouting in-interface=Local connection-state=new nth=1,1,1 action=mark-
connection new-connection-mark=two \
passthrough=yes comment=" disabled=no
add chain=prerouting in-interface=Local connection-mark=two action=mark-routing new-
routing-mark=two passthrough=no \
/ ip firewall nat
add chain=srcnat out-interface=Speedy1 connection-mark=one action=masquerade
add chain=srcnat out-interface=pppoe-out2 connection-mark=two action=masquerade
/ ip firewall connection tracking
set enabled=yes tcp-syn-sent-timeout=5s tcp-syn-received-timeout=5s tcp-established-
timeout=1d tcp-fin-wait-timeout=10s \
tcp-close-wait-timeout=10s tcp-last-ack-timeout=10s tcp-time-wait-timeout=10s tcp-close-
timeout=10s udp-timeout=10s \
udp-stream-timeout=3m icmp-timeout=10s generic-timeout=10m tcp-syncookie=no
/ ip firewall filter
add chain=virus protocol=tcp dst-port=135-139 action=drop comment=Drop Blaster Worm
disabled=no
add chain=virus protocol=udp dst-port=135-139 action=drop comment=Drop Messenger
Worm disabled=no
add chain=virus protocol=tcp dst-port=445-3000 action=drop comment=Drop Blaster
Worm disabled=no
add chain=virus protocol=udp dst-port=445-3000 action=drop comment=Drop Blaster
Worm disabled=no
add chain=virus protocol=tcp dst-port=593 action=drop comment=________ disabled=no
add chain=virus protocol=udp dst-port=7000 action=drop comment=Setan1 disabled=no
add chain=virus protocol=tcp dst-port=100-1000 action=drop comment=Setan1
disabled=no
Worm disabled=no
disabled=no
Worm disabled=no
disabled=no
add chain=virus protocol=udp dst-port=40000-50000 action=drop comment=Drop
Messenger Worm disabled=no
add chain=virus protocol=tcp dst-port=7000 action=drop comment=Setan1 disabled=no
Worm disabled=no
add chain=virus protocol=tcp dst-port=7000 action=drop comment=Setan1 disabled=no
Worm disabled=no
add chain=virus action=return comment=" disabled=no
add chain=input connection-state=invalid action=drop comment=Drop invalid connections
disabled=no
add chain=input connection-state=established action=accept comment=Allow esatblished
connections disabled=no
add chain=input connection-state=related action=accept comment=Allow related
connections disabled=no
add chain=input protocol=udp action=accept comment=Allow UDP disabled=no
add chain=input protocol=icmp action=accept comment=Allow ICMP disabled=no
add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list=port
scanners \
address-list-timeout=2w comment=Port scanners to list disabled=no
add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-
address-list address-list=port \
scanners address-list-timeout=2w comment=NMAP FIN Stealth scan disabled=no
add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-
list=port scanners \
address-list-timeout=2w comment=SYN/FIN scan disabled=no
add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-
list=port scanners \
address-list-timeout=2w comment=SYN/RST scan disabled=no
add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-
list address-list=port \
scanners address-list-timeout=2w comment=FIN/PSH/URG scan disabled=no
add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list
address-list=port scanners \
address-list-timeout=2w comment=ALL/ALL scan disabled=no
add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-
address-list address-list=port \
scanners address-list-timeout=2w comment=NMAP NULL scan disabled=no
/ ip firewall service-port
set ftp ports=21 disabled=yes
set tftp ports=69 disabled=yes
set irc ports=6667 disabled=yes
set h323 disabled=yes
set quake3 disabled=yes
set gre disabled=yes
set pptp disabled=yes
/ ip hotspot service-port
set ftp ports=21 disabled=no
/ ip hotspot profile
set default name=default hotspot-address=0.0.0.0 dns-name=" html-directory=hotspot
rate-limit=" http-proxy=0.0.0.0:0 \
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d split-user-domain=no
use-radius=no
/ ip hotspot user profile
set default name=default idle-timeout=none keepalive-timeout=2m status-autorefresh=1m
shared-users=1 \
transparent-proxy=yes open-status-page=always advertise=no
/ ip dhcp-server config
set store-leases-disk=5m
/ ip ipsec proposal
add name=default auth-algorithms=sha1 enc-algorithms=3des lifetime=30m lifebytes=0
pfs-group=modp1024 disabled=no
/ ip web-proxy
set enabled=no src-address=0.0.0.0 port=3128 hostname=proxy transparent-proxy=no
parent-proxy=0.0.0.0:0 \
cache-administrator=webmaster max-object-size=4096KiB cache-drive=system max-
cache-size=none \
max-ram-cache-size=unlimited
/ ip web-proxy access
add dst-port=23-25 action=deny comment=block telnet & spam e-mail relaying
disabled=no
/ ip web-proxy cache
add url=:cgi-bin \\? action=deny comment=dont cache dynamic http pages disabled=no
/ system logging
add topics=info prefix=" action=memory disabled=no
add topics=error prefix=" action=memory disabled=no
add topics=warning prefix=" action=memory disabled=no
add topics=critical prefix=" action=echo disabled=no
/ system logging action
set memory name=memory target=memory memory-lines=100 memory-stop-on-full=no
set disk name=disk target=disk disk-lines=100 disk-stop-on-full=no
set echo name=echo target=echo remember=yes
set remote name=remote target=remote remote=0.0.0.0:514
/ system upgrade mirror
set enabled=no primary-server=0.0.0.0 secondary-server=0.0.0.0 check-interval=1d user="
/ system clock dst
set dst-delta=+00:00 dst-start=jan/01/1970 00:00:00 dst-end=jan/01/1970 00:00:00
/ system watchdog
set reboot-on-failure=yes watch-address=none watchdog-timer=yes no-ping-delay=5m
automatic-supout=yes auto-send-supout=no
/ system console
add port=serial0 term=" disabled=no
set FIXME term=linux disabled=no
/ system console screen
set line-count=25
/ system identity
set name=ROUTER-99NET
/ system note
set show-at-login=yes note="
/ port
set serial0 name=serial0 baud-rate=9600 data-bits=8 parity=none stop-bits=1 flow-
control=hardware
/ ppp profile
set default name=default use-compression=default use-vj-compression=default use-
encryption=default only-one=default \
change-tcp-mss=yes comment="
set default-encryption name=default-encryption use-compression=default use-vj-
compression=default use-encryption=yes \
only-one=default change-tcp-mss=yes comment="
/ ppp aaa
set use-radius=no accounting=yes interim-update=0s
/ queue type
set default name=default kind=pfifo pfifo-limit=50
set ethernet-default name=ethernet-default kind=pfifo pfifo-limit=50
set wireless-default name=wireless-default kind=sfq sfq-perturb=5 sfq-allot=1514
set synchronous-default name=synchronous-default kind=red red-limit=60 red-min-
threshold=10 red-max-threshold=50 \
red-burst=20 red-avg-packet=1000
set hotspot-default name=hotspot-default kind=sfq sfq-perturb=5 sfq-allot=1514
add name=pcq-download kind=pcq pcq-rate=384000 pcq-limit=50 pcq-classifier=dst-
address pcq-total-limit=2000
add name=pcq-upload kind=pcq pcq-rate=64000 pcq-limit=50 pcq-classifier=src-address
pcq-total-limit=2000
add name=PFIFO-64 kind=pfifo pfifo-limit=64
add name=default-small kind=pfifo pfifo-limit=10
/ queue simple
add name=99.net target-addresses=192.168.1.0/24 dst-address=0.0.0.0/0 interface=Local
parent=none direction=both \
priority=1 queue=ethernet-default/ethernet-default limit-at=0/0 max-limit=0/0 total-
queue=default-small disabled=yes
add name=Server target-addresses=192.168.1.100/32 dst-address=0.0.0.0/0 interface=all
parent=99.net direction=both \
priority=8 queue=ethernet-default/ethernet-default limit-at=0/0 max-limit=0/0 total-
queue=default-small disabled=yes
add name=Meja-1 target-addresses=192.168.1.11/32 dst-address=0.0.0.0/0 interface=all
priority=8 queue=ethernet-default/ethernet-default limit-at=64000/128000 max-
limit=64000/128000 \
total-queue=default-small disabled=no
priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-
queue=default-small \
disabled=yes
limit=64000/128000 \
limit=64000/128000 \
limit=64000/128000 \
priority=8 queue=default-small/default-small limit-at=0/0 max-limit=64000/128000 total-
queue=default-small disabled=no
limit=64000/128000 \
limit=64000/128000 \
limit=64000/128000 \
limit=64000/128000 \
limit=64000/128000 \
total-queue=default-small time=0s-0s, disabled=no
limit=64000/128000 \
limit=64000/128000 \
limit=64000/128000 \
limit=64000/128000 \
priority=8 queue=ethernet-default/ethernet-default limit-at=0/0 max-limit=64000/128000
total-queue=default-small \
disabled=no
disabled=no
disabled=no
disabled=no
add name=Printer target-addresses=192.168.1.26/32 dst-address=0.0.0.0/0 interface=all
priority=8 queue=default-small/default-small limit-at=0/0 max-limit=0/0 total-queue=default-
small disabled=no
/ queue tree
add name=ICMP parent=global-in packet-mark=ICMP-PM limit-at=8000 queue=PFIFO-
64 priority=1 max-limit=16000 burst-limit=0 \
burst-threshold=0 burst-time=0s disabled=no
add name=DNS parent=global-in packet-mark=DNS-PM limit-at=8000 queue=PFIFO-64
priority=1 max-limit=16000 burst-limit=0 \
burst-threshold=0 burst-time=0s disabled=no
/ user
add name=admin group=full address=0.0.0.0/0 comment=system default user
disabled=yes
add name=areksitiung group=full address=0.0.0.0/0 comment=" disabled=no
add name=99net group=full address=0.0.0.0/0 comment=" disabled=no
/ user group
add name=read
policy=local,telnet,ssh,reboot,read,test,winbox,password,web,!ftp,!write,!policy
add name=write
policy=local,telnet,ssh,reboot,read,write,test,winbox,password,web,!ftp,!policy
add name=full
policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web
/ user aaa
set use-radius=no accounting=yes interim-update=0s default-group=read
/ radius incoming
set accept=no port=1700
/ driver
/ snmp
set enabled=no contact=" location="
/ snmp community
set public name=public address=0.0.0.0/0 read-access=yes
/ tool bandwidth-server
set enabled=yes authenticate=yes allocate-udp-ports-from=2000 max-sessions=10
/ tool mac-server ping
set enabled=yes
/ tool e-mail
set server=0.0.0.0 from=<>
/ tool sniffer
set interface=all only-headers=no memory-limit=10 file-name=" file-limit=10 streaming-
enabled=no streaming-server=0.0.0.0 \
filter-stream=yes filter-protocol=ip-only filter-address1=0.0.0.0/0:0-65535 filter-
address2=0.0.0.0/0:0-65535
/ tool graphing
set store-every=5min
/ tool graphing queue
add simple-queue=all allow-address=0.0.0.0/0 store-on-disk=yes allow-target=yes
disabled=no
/ tool graphing resource
add allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
/ tool graphing interface
add interface=all allow-address=0.0.0.0/0 store-on-disk=yes disabled=no
/ routing ospf
set router-id=0.0.0.0 distribute-default=never redistribute-connected=no redistribute-
static=no redistribute-rip=no \
redistribute-bgp=no metric-default=1 metric-connected=20 metric-static=20 metric-rip=20
metric-bgp=20
/ routing ospf area
set backbone area-id=0.0.0.0 type=default translator-role=translate-candidate
authentication=none prefix-list-import=" \
prefix-list-export=" disabled=no
/ routing bgp
set enabled=no as=1 router-id=0.0.0.0 redistribute-static=no redistribute-connected=no
redistribute-rip=no \
redistribute-ospf=no
/ routing rip
set redistribute-static=no redistribute-connected=no redistribute-ospf=no redistribute-bgp=no
metric-static=1 \
metric-connected=1 metric-ospf=1 metric-bgp=1 update-timer=30s timeout-timer=3m
garbage-timer=2m
[areksitiung@ROUTER-99NET] >

Load Balancing

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Load Balancing

Uploaded by

Copyright:

Available Formats

c

MMM MMM KKK TTTTTTTTTTT KKK

MikroTik RouterOS 2.9.27 (c) 1999-2006 http://www.mikrotik.com/

# nov/27/2008 11:26:36 by RouterOS 2.9.27

You might also like

Load Balancing

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Load Balancing

Uploaded by

Copyright:

Available Formats

c 

MMM MMM KKK TTTTTTTTTTT KKK

MikroTik RouterOS 2.9.27 (c) 1999-2006 http://www.mikrotik.com/

# nov/27/2008 11:26:36 by RouterOS 2.9.27

You might also like

c