Load Balancing Menggunakan PF

Judul asli : Load balance
Menggunakan 2 Koneksi Internet yang berbeda Leased Line dan Adsl
by : diem ( diem@lintascakrawala.net )

dapat dilihat melalui gambar tersebut diatas

aya disini menggunakan pf untuk load balancedan saya tidak menjelaskan teknik kompile kernel, saya disini dan saya kira anda sudah mengerti cara mengaktikannya dan tidak perlu dijelaskan lagi, saya disini menggunakan 2 Koneksi internet satu Leased Line dan Adsl yaitu komputer dengan ip 192.168.0.1 s/d 192.168.0.7 menggunakan Leased Line dan Komputer dengan ip 192.168.0.8 s/d 192.168.0.14 menggunakan adsl 



langkap pertama tambahkan di rc.conf 

lintascakrawala# ee /etc/rc.conf 

defaultrouter=”gateway1” 

static_routes="link1 link2 link3 link4 link5" 

route_link1="58.0.0.0/8 gateway2" 

route_link2="60.0.0.0/8 gatewa2" 

route_link3="62.0.0.0/8 gateway2" 

route_link4="202.0.0.0/8 gatewa2" 

route_link5="203.0.0.0/8 gateway2" 

langkah kedua edit pf di pf.conf 

lintascakrawala#ee /etc/pf.conf 





########## Local Area Network ####################### 

lan1 = "{192.168.0.1,192.168.0.2,192.168.0.3,192.168.0.4,192.168.0.5,192.168.0.6,192.168.0.7}" 

lan2 = "{192.168.0.8,192.168.0.9,192.168.0.10,192.168.0.11,192.168.0.12,192.168.0.100,192.168.0.13,192.168.0.14}"

dns1 = "{x.x.x.x,x.x.x.x}"  <--- dnsnya Leased Line

dns2 = "{x.x.x.x,x.x.x.x}"  <--- dnsnya Adsl

ob_state = "flags S/SA keep state" 

int_if  = "rl1"    <--- Local Area Network

ext_if1 = "rl0"  <--- Internet 1

ext_if2 = "rl2"  <--- Internet 2

ext_gw1 = "x.x.x.x" <--- Gateway 1 

ext_gw2 = "x.x.x.x" <--- Gateway 2 



#  nat outgoing connections on internet 2 connections

nat on $ext_if1 proto {tcp,udp,icmp} from $lan1 to any -> ($ext_if1) 

nat on $ext_if2 proto {tcp,udp,icmp} from $lan2 to any -> ($ext_if2) 



#  pass all outgoing packets on internal interface

pass out on $int_if from any to $lan1 

pass out on $int_if from any to $lan2 



#  pass in quick any packets destined for the gateway itself

pass in quick on $int_if from $lan1 to $int_if 

pass in quick on $int_if from $lan2 to $int_if 



#  load balance outgoing tcp traffic from internal network.



pass in on $int_if route-to { ($ext_if1 $ext_gw1) } round-robin proto tcp from $lan1 to any flags S/SA modulate state 

pass in on $int_if route-to { ($ext_if2 $ext_gw2) } round-robin proto tcp from $lan2 to any flags S/SA modulate state 



#  load balance outgoing udp and icmp traffic from internal network

pass in on $int_if route-to { ($ext_if1 $ext_gw1) } round-robin  proto { udp, icmp } from $lan1 to any keep state

pass in on $int_if route-to { ($ext_if2 $ext_gw2) } round-robin  proto { udp, icmp } from $lan2 to any keep state



#  general "pass out" rules for external interfaces

pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state 

pass out on $ext_if1 proto { udp, icmp } from any to any keep state 

pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state 

pass out on $ext_if2 proto { udp, icmp } from any to any keep state 



#  route packets from any IPs on $ext_if1 to $ext_gw1 and the same for

#  $ext_if2 and $ext_gw2

pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any 

pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any 



###############Domain Name Server Leased Line####################### 

antispoof for $int_if 

pass quick on lo0 all 

pass out quick on $int_if proto tcp  from $lan1 to $dns1 port 53 $ob_state

pass out quick on $int_if proto udp from $lan1 to $dns1 port 53 keep state 



##############Domain Name Server Adsl################### 

pass out quick on $int_if proto tcp from $lan2 to $dns2 port 53 $ob_state 

pass out quick on $int_if proto udp from $lan2 to $dns2 port 53 keep state 



Tahap selanjut simpan pf.conf  

restart pfctcl 

lintascakrawala#pfctl -NORf /etc/pf.conf 



dan Tahap Terakhir coba jalankan pf 



lintascakrawala#pfctl -f /etc/pf.conf 





selesai sudah tahap pembuatan loadbalance script tersebut diatas jalan diserver saya terima kasih saya ucapkan kepada ogeb,dani78,setrum,apin dan rekan rekan di #indofreebsd dan tidak lupa buat Rei` selalu mendukung saya, dan yang tidak bisa saya sebutkan satu satu mohon dimaafkansebagai referensi  



http://www.indofreebsd.or.id

http://www.openbsd.org/faq/pf/pools.html#outgoing

Related

Networking 1013005444254473031

Posting Komentar

emo-but-icon

Follow Us

Hot in week

Recent

Comments

Side Ads

Text Widget

Connect Us

item