SHOW:
|
|
- or go back to the newest paste.
| 1 | # myrepublic = 50mbps = ether1 = 192.168.200.1 | |
| 2 | # oxygent = 150mbps = ether5 = 192.168.100.1 | |
| 3 | ||
| 4 | /ip firewall address-list | |
| 5 | add address=10.0.0.0/8 list=private-lokal | |
| 6 | add address=172.16.0.0/12 list=private-lokal | |
| 7 | add address=192.168.0.0/16 list=private-lokal | |
| 8 | ||
| 9 | /ip route | |
| 10 | add check-gateway=ping comment=exit-1 distance=1 gateway=192.168.200.1 routing-mark=exit-1 | |
| 11 | add check-gateway=ping comment=exit-2 distance=1 gateway=192.168.100.1 routing-mark=exit-2 | |
| 12 | add check-gateway=ping comment=jalur-1 distance=1 gateway=192.168.200.1 routing-mark=jalur-1 | |
| 13 | add check-gateway=ping comment=jalur-1 distance=2 gateway=192.168.100.1 routing-mark=jalur-1 | |
| 14 | add check-gateway=ping comment=jalur-2 distance=1 gateway=192.168.100.1 routing-mark=jalur-2 | |
| 15 | add check-gateway=ping comment=jalur-2 distance=2 gateway=192.168.200.1 routing-mark=jalur-2 | |
| 16 | add check-gateway=ping comment=jalur-1 distance=1 gateway=192.168.200.1 | |
| 17 | add check-gateway=ping comment=jalur-2 distance=2 gateway=192.168.200.1 | |
| 18 | ||
| 19 | ||
| 20 | /ip firewall mangle | |
| 21 | add action=accept chain=prerouting dst-address-list=private-lokal src-address-list=private-lokal | |
| 22 | add action=accept chain=forward dst-address-list=private-lokal src-address-list=private-lokal | |
| 23 | ||
| 24 | add action=mark-connection chain=input comment=exit-1 in-interface=ether1 new-connection-mark=exit-1 passthrough=yes | |
| 25 | add action=mark-connection chain=input comment=exit-2 in-interface=ether5 new-connection-mark=exit-2 passthrough=yes | |
| 26 | add action=mark-routing chain=output comment=exit-1 connection-mark=exit-1 new-routing-mark=exit-1 passthrough=no | |
| 27 | add action=mark-routing chain=output comment=exit-2 connection-mark=exit-2 new-routing-mark=exit-2 passthrough=no | |
| 28 | ||
| 29 | #LB PCC | |
| 30 | add action=mark-routing chain=prerouting comment=jalur-1 dst-address-list=!private-lokal dst-address-type=!local new-routing-mark=jalur-1 passthrough=no per-connection-classifier=dst-address-and-port:4/0 src-address-list=private-lokal | |
| 31 | ||
| 32 | add action=mark-routing chain=prerouting comment=jalur-2 dst-address-list=!private-lokal dst-address-type=!local new-routing-mark=jalur-2 passthrough=no per-connection-classifier=dst-address-and-port:4/1 src-address-list=private-lokal | |
| 33 | ||
| 34 | add action=mark-routing chain=prerouting comment=jalur-2 dst-address-list=!private-lokal dst-address-type=!local new-routing-mark=jalur-2 passthrough=no per-connection-classifier=dst-address-and-port:4/2 src-address-list=private-lokal | |
| 35 | ||
| 36 | add action=mark-routing chain=prerouting comment=jalur-2 dst-address-list=!private-lokal dst-address-type=!local new-routing-mark=jalur-2 passthrough=no per-connection-classifier=dst-address-and-port:4/3 src-address-list=private-lokal | |
| 37 | ||
| 38 | ||
| 39 | # system schedule dengan nama "fail-over" interval=00:00:10 , on event : | |
| 40 | #jalur-1 cek | |
| 41 | :if ([/ping address=8.8.8.8 interface=ether1 routing=exit-1 count=5] = 0) do={/ip route set [find comment=jalur-1 gateway=192.168.200.1 distance=1] distance=3} else={/ip route set [find comment=jalur-1 gateway=192.168.100.1 distance=3] distance=1};
| |
| 42 | ||
| 43 | #jalur-2 cek | |
| 44 | :if ([/ping address=8.8.8.8 interface=ether5 routing=exit-2 count=5] = 0) do={/ip route set [find comment=jalur-2 gateway=192.168.100.1 distance=1] distance=3} else={/ip route set [find comment=jalur-2 gateway=192.168.100.1 distance=3] distance=1}; |
