Menggunakan 2 Koneksi Internet yang berbeda Leased Line dan Adsl
by : diem ( This e-mail address is being protected from spambots. You need JavaScript enabled to view it )
dapat dilihat melalui gambar tersebut diatas
langkap pertama tambahkan di rc.conf
lintascakrawala# ee /etc/rc.conf
defaultrouter=”gateway1”
static_routes="link1 link2 link3 link4 link5"
route_link1="58.0.0.0/8 gateway2"
route_link2="60.0.0.0/8 gatewa2"
route_link3="62.0.0.0/8 gateway2"
route_link4="202.0.0.0/8 gatewa2"
route_link5="203.0.0.0/8 gateway2"
langkah kedua edit pf di pf.conf
lintascakrawala#ee /etc/pf.conf
########## Local Area Network #######################
lan1 = "{192.168.0.1,192.168.0.2,192.168.0.3,192.168.0.4,192.168.0.5,192.168.0.6,192.168.0.7}"
lan2 = "{192.168.0.8,192.168.0.9,192.168.0.10,192.168.0.11,192.168.0.12,192.168.0.100,192.168.0.13,192.168.0.14}"
dns1 = "{x.x.x.x,x.x.x.x}" <--- dnsnya Leased Line
dns2 = "{x.x.x.x,x.x.x.x}" <--- dnsnya Adsl
ob_state = "flags S/SA keep state"
int_if = "rl1" <--- Local Area Network
ext_if1 = "rl0" <--- Internet 1
ext_if2 = "rl2" <--- Internet 2
ext_gw1 = "x.x.x.x" <--- Gateway 1
ext_gw2 = "x.x.x.x" <--- Gateway 2
# nat outgoing connections on internet 2 connections
nat on $ext_if1 proto {tcp,udp,icmp} from $lan1 to any -> ($ext_if1)
nat on $ext_if2 proto {tcp,udp,icmp} from $lan2 to any -> ($ext_if2)
# pass all outgoing packets on internal interface
pass out on $int_if from any to $lan1
pass out on $int_if from any to $lan2
# pass in quick any packets destined for the gateway itself
pass in quick on $int_if from $lan1 to $int_if
pass in quick on $int_if from $lan2 to $int_if
# load balance outgoing tcp traffic from internal network.
pass in on $int_if route-to { ($ext_if1 $ext_gw1) } round-robin proto tcp from $lan1 to any flags S/SA modulate state
pass in on $int_if route-to { ($ext_if2 $ext_gw2) } round-robin proto tcp from $lan2 to any flags S/SA modulate state
# load balance outgoing udp and icmp traffic from internal network
pass in on $int_if route-to { ($ext_if1 $ext_gw1) } round-robin proto { udp, icmp } from $lan1 to any keep state
pass in on $int_if route-to { ($ext_if2 $ext_gw2) } round-robin proto { udp, icmp } from $lan2 to any keep state
# general "pass out" rules for external interfaces
pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if1 proto { udp, icmp } from any to any keep state
pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if2 proto { udp, icmp } from any to any keep state
# route packets from any IPs on $ext_if1 to $ext_gw1 and the same for
# $ext_if2 and $ext_gw2
pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
###############Domain Name Server Leased Line#######################
antispoof for $int_if
pass quick on lo0 all
pass out quick on $int_if proto tcp from $lan1 to $dns1 port 53 $ob_state
pass out quick on $int_if proto udp from $lan1 to $dns1 port 53 keep state
##############Domain Name Server Adsl###################
pass out quick on $int_if proto tcp from $lan2 to $dns2 port 53 $ob_state
pass out quick on $int_if proto udp from $lan2 to $dns2 port 53 keep state
Tahap selanjut simpan pf.conf
restart pfctcl
lintascakrawala#pfctl -NORf /etc/pf.conf
dan Tahap Terakhir coba jalankan pf
lintascakrawala#pfctl -f /etc/pf.conf
selesai sudah tahap pembuatan loadbalance script tersebut diatas jalan diserver saya terima kasih saya ucapkan kepada ogeb,dani78,setrum,apin dan rekan rekan di #indofreebsd dan tidak lupa buat Rei` selalu mendukung saya, dan yang tidak bisa saya sebutkan satu satu mohon dimaafkansebagai referensi
http://www.indofreebsd.or.id
http://www.openbsd.org/faq/pf/pools.html#outgoing
| < Prev | Next > |
|---|
Comments