Load Balance Failover Mikrotik Metode PCC

Mikrotik memperkenankan anda untuk melakukan load balancing dan failover antara 2 ISP dengan menggunakan Per Connection Classifier (PCC). Dengan metode ini, anda dapat dengan mudah menggabungkan 2 akses internet didalam sebuah routerboard dan menggunakannya untuk warnet atau hotspot yang anda kelola.
Contoh penggunaan load balancing / failover :pcc-loadbalancing

Untuk melakukan load balancing dengan PCC gunakan script dibawah ini :

/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=LAN
add address=10.111.0.2/24 network=10.111.0.0 broadcast=10.111.0.255 interface=ISP1
add address=10.112.0.2/24 network=10.112.0.0 broadcast=10.112.0.255 interface=ISP2

/ip firewall mangle
add chain=prerouting dst-address=10.111.0.0/24  action=accept in-interface=LAN
add chain=prerouting dst-address=10.112.0.0/24  action=accept in-interface=LAN
add chain=prerouting in-interface=ISP1 connection-mark=no-mark action=mark-connection \
    new-connection-mark=ISP1_conn
add chain=prerouting in-interface=ISP2 connection-mark=no-mark action=mark-connection \
    new-connection-mark=ISP2_conn
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local \
    per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local \
    per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-mark=ISP2_conn
add chain=prerouting connection-mark=ISP1_conn in-interface=LAN action=mark-routing \
    new-routing-mark=to_ISP1
add chain=prerouting connection-mark=ISP2_conn in-interface=LAN action=mark-routing \
    new-routing-mark=to_ISP2
add chain=output connection-mark=ISP1_conn action=mark-routing new-routing-mark=to_ISP1  
add chain=output connection-mark=ISP2_conn action=mark-routing new-routing-mark=to_ISP2

/ip route
add dst-address=0.0.0.0/0 gateway=10.111.0.1 routing-mark=to_ISP1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 routing-mark=to_ISP2 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.111.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 distance=2 check-gateway=ping

/ip firewall nat
add chain=srcnat out-interface=ISP1 action=masquerade
add chain=srcnat out-interface=ISP2 action=masquerade

Penjelasan
IP Address
Set IP address untuk interface mikrotik yang mengarah ke ISP yaitu10.111.0.2/24 dan 10.112.0.2/24, sedangkan IP
LAN menggunakan 192.168.0.1/24

/ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=LAN
add address=10.111.0.2/24 network=10.111.0.0 broadcast=10.111.0.255 interface=ISP1
add address=10.112.0.2/24 network=10.112.0.0 broadcast=10.112.0.255 interface=ISP2

Routing

/ip firewall mangle
add chain=prerouting dst-address=10.111.0.0/24  action=accept in-interface=LAN
add chain=prerouting dst-address=10.112.0.0/24  action=accept in-interface=LAN

Selanjutnya menentukan routing agar kita dapat memaksa akses internet yang keluar dan masuk lewat gateway tertentu. Hal ini penting untuk kita lakukan agar tidak terjadi looping.

add chain=prerouting in-interface=ISP1 connection-mark=no-mark action=mark-connection \
    new-connection-mark=ISP1_conn
add chain=prerouting in-interface=ISP2 connection-mark=no-mark action=mark-connection \
    new-connection-mark=ISP2_conn
Lakukan penandaan akses yang keluar dan masuk agar tidak tertukar interface.
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local \
    per-connection-classifier=both-addresses:2/0 action=mark-connection new-connection-mark=ISP1_conn
add chain=prerouting  in-interface=LAN connection-mark=no-mark dst-address-type=!local \
    per-connection-classifier=both-addresses:2/1 action=mark-connection new-connection-mark=ISP2_conn

Action mark connection hanya berlaku pada chain output dan prerouting di mangle, akan tetapi chain prerouting juga “menangkap” trafik yang masuk ke router itu sendiri, untuk mencegah hal tersebut kita menggunakan dst-address-type=!local, dan dengan memanfaatkan fitur PCC, kita dapat menandai akses data dalam 2 grup berdasarkan destination dan source address.

add chain=prerouting connection-mark=ISP1_conn in-interface=LAN action=mark-routing \
    new-routing-mark=to_ISP1
add chain=prerouting connection-mark=ISP2_conn in-interface=LAN action=mark-routing \
    new-routing-mark=to_ISP2
add chain=output connection-mark=ISP1_conn action=mark-routing new-routing-mark=to_ISP1  
add chain=output connection-mark=ISP2_conn action=mark-routing new-routing-mark=to_ISP2

Tentukan interface keluar dan masuk data pada routerboard dengan routing mark. Tambahkan juga route untuk setiap routing mark.

/ip route
add dst-address=0.0.0.0/0 gateway=10.111.0.1 routing-mark=to_ISP1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 routing-mark=to_ISP2 check-gateway=ping

Selanjutnya, buatlah skema failover

add dst-address=0.0.0.0/0 gateway=10.111.0.1 distance=1 check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 distance=2 check-gateway=ping

Dan terakhir, tambahkan rules masquerade pada NAT agar klien dapat terhubung ke internet dengan baik

/ip firewall nat
add chain=srcnat out-interface=ISP1 action=masquerade
add chain=srcnat out-interface=ISP2 action=masquerade

Sumber : http://wiki.mikrotik.com/wiki/Manual:PCC

Description : Mikrotik memperkenankan anda untuk melakukan load balancing dan failover antara 2 ISP dengan menggunakan Per Connection Classifier (PCC). ... Rating : 4.5 Reviewer : Kangerie ItemReviewed : Load Balance Failover Mikrotik Metode PCC

Kangerie Kangerie Blogging , Indonesia

11:43 AM