Please .... !!!!

Agar mendapatkan nilai throughput yang tinggi

Kami sarankan semua clients menggunakan antena antena grid

sangat sangat kami anjurkan

menggunakan antena GRID

Gunakan antena seperti ini

http://www.mikrotik.com

ENJOY ... SHARE

LAZUARDY NETWORK

Best Connection

http://www.mikrotik.com

Load Balancing Mikrotik

21.54  Hary Kartono  No comments

/ ip address
add address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local comment="" \
disabled=no
add address=10.111.0.2/24 network=10.111.0.0 broadcast=10.111.0.255 interface=wlan2 \
comment="" disabled=no
add address=10.112.0.2/24 network=10.112.0.0 broadcast=10.112.0.255 interface=wlan1 \
comment="" disabled=no
/ ip firewall mangle
add chain=prerouting in-interface=Local connection-state=new nth=1,1,0 \
action=mark-connection new-connection-mark=odd passthrough=yes comment="" \
disabled=no
add chain=prerouting in-interface=Local connection-mark=odd action=mark-routing \
new-routing-mark=odd passthrough=no comment="" disabled=no
add chain=prerouting in-interface=Local connection-state=new nth=1,1,1 \
action=mark-connection new-connection-mark=even passthrough=yes comment="" \
disabled=no
add chain=prerouting in-interface=Local connection-mark=even action=mark-routing \
new-routing-mark=even passthrough=no comment="" disabled=no
/ ip firewall nat
add chain=srcnat connection-mark=odd action=src-nat to-addresses=10.111.0.2 \
to-ports=0-65535 comment="" disabled=no
add chain=srcnat connection-mark=even action=src-nat to-addresses=10.112.0.2 \
to-ports=0-65535 comment="" disabled=no
/ ip route
add dst-address=0.0.0.0/0 gateway=10.111.0.1 scope=255 target-scope=10 routing-mark=odd check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 scope=255 target-scope=10 routing-mark=even check-gateway=ping
add dst-address=0.0.0.0/0 gateway=10.112.0.1 scope=255 target-scope=10
add dst-address=0.0.0.0/0 gateway=10.111.0.1 scope=255 target-scope=10 distance=2
Read More

Script Failover via netwatch

21.52  Hary Kartono  No comments

/ tool netwatch
add host=125.163.xx.xx timeout=100ms interval=15s up-script="/ip route enable \[/ip route find comment="GATEWAY-DSL"\]" down-script="/ip route disable \[/ip route find comment="GATEWAY-DSL"\]" comment="Ping Gateway IIX >> jika koneksi wireless putus script jalan >> " disabled=no
Read More

Prioritas Upstream agar browsing tetep wuss wuss

21.51  Hary Kartono  No comments

/ ip firewall mangle
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=syn \
connection-state=new packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="Testing TCP \
Flags" disabled=no
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=rst \
connection-state=new packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="" disabled=no
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=ack \
connection-state=new packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="" disabled=no
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=fin \
connection-state=new packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="" disabled=no
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=syn \
connection-state=established packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="" disabled=no
add chain=postrouting protocol=tcp connection-mark=upstream_conn \
action=mark-packet new-packet-mark=upstream_ack passthrough=no comment="" \
disabled=no
Read More

Prioritas Upstream agar browsing tetep wuss wuss

21.51  Hary Kartono  No comments

/ ip firewall mangle
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=syn \
connection-state=new packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="Testing TCP \
Flags" disabled=no
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=rst \
connection-state=new packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="" disabled=no
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=ack \
connection-state=new packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="" disabled=no
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=fin \
connection-state=new packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="" disabled=no
add chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=syn \
connection-state=established packet-size=40-100 action=mark-connection \
new-connection-mark=upstream_conn passthrough=yes comment="" disabled=no
add chain=postrouting protocol=tcp connection-mark=upstream_conn \
action=mark-packet new-packet-mark=upstream_ack passthrough=no comment="" \
disabled=no
Read More

Bogon address List

21.50  Hary Kartono  No comments

/ ip firewall address-list
add list=bogons address=1.0.0.0/8 comment="" disabled=no
add list=bogons address=2.0.0.0/8 comment="" disabled=no
add list=bogons address=5.0.0.0/8 comment="" disabled=no
add list=bogons address=10.0.0.0/8 comment="" disabled=no
add list=bogons address=23.0.0.0/8 comment="" disabled=no
add list=bogons address=27.0.0.0/8 comment="" disabled=no
add list=bogons address=31.0.0.0/8 comment="" disabled=no
add list=bogons address=36.0.0.0/8 comment="" disabled=no
add list=bogons address=37.0.0.0/8 comment="" disabled=no
add list=bogons address=39.0.0.0/8 comment="" disabled=no
add list=bogons address=42.0.0.0/8 comment="" disabled=no
add list=bogons address=46.0.0.0/8 comment="" disabled=no
add list=bogons address=49.0.0.0/8 comment="" disabled=no
add list=bogons address=50.0.0.0/8 comment="" disabled=no
add list=bogons address=100.0.0.0/8 comment="" disabled=no
add list=bogons address=101.0.0.0/8 comment="" disabled=no
add list=bogons address=102.0.0.0/8 comment="" disabled=no
add list=bogons address=103.0.0.0/8 comment="" disabled=no
add list=bogons address=104.0.0.0/8 comment="" disabled=no
add list=bogons address=105.0.0.0/8 comment="" disabled=no
add list=bogons address=106.0.0.0/8 comment="" disabled=no
add list=bogons address=107.0.0.0/8 comment="" disabled=no
add list=bogons address=108.0.0.0/8 comment="" disabled=no
add list=bogons address=109.0.0.0/8 comment="" disabled=no
add list=bogons address=110.0.0.0/8 comment="" disabled=no
add list=bogons address=111.0.0.0/8 comment="" disabled=no
add list=bogons address=112.0.0.0/8 comment="" disabled=no
add list=bogons address=113.0.0.0/8 comment="" disabled=no
add list=bogons address=169.254.0.0/16 comment="" disabled=no
add list=bogons address=172.16.0.0/12 comment="" disabled=no
add list=bogons address=173.0.0.0/8 comment="" disabled=no
add list=bogons address=174.0.0.0/8 comment="" disabled=no
add list=bogons address=175.0.0.0/8 comment="" disabled=no
add list=bogons address=176.0.0.0/8 comment="" disabled=no
add list=bogons address=177.0.0.0/8 comment="" disabled=no
add list=bogons address=178.0.0.0/8 comment="" disabled=no
add list=bogons address=180.0.0.0/8 comment="" disabled=no
add list=bogons address=181.0.0.0/8 comment="" disabled=no
add list=bogons address=182.0.0.0/8 comment="" disabled=no
add list=bogons address=183.0.0.0/8 comment="" disabled=no
add list=bogons address=184.0.0.0/8 comment="" disabled=no
add list=bogons address=185.0.0.0/8 comment="" disabled=no
add list=bogons address=192.0.2.0/24 comment="" disabled=no
add list=bogons address=197.0.0.0/8 comment="" disabled=no
add list=bogons address=198.18.0.0/15 comment="" disabled=no
add list=bogons address=223.0.0.0/8 comment="" disabled=no
Read More

preventing natted access

19.57  Hary Kartono  No comments

How to prevent NATed access

Sesuai dengan judul diatas,
inti dari kasus ini adalah penyedia jasa tidak ingin BW yang diberikan kepada user di sharing lagi mempergunakan nat-router.

Ilmu baru buat saya, dengan memberikan TTL=1 ?, mmmm aneh sekali.

Hasil dari googling di wikipedia di dapat informasi sebagai berikut :

The TTL field is set by the sender of the datagram, and reduced by every host on the route to its destination. If the TTL field reaches zero before the datagram arrives at its destination, then the datagram is discarded and an ICMP error datagram (11 - Time Exceeded) is sent back to the sender.

Supaya tidak hilang ditelan hari, dikopi saja ke situs

Diambil dari http://forum.mikrotik.com/viewtopic.php?f=9&t=19484

/ip firewall mangle

add action=change-ttl dst-address=192.168.1.0/24 \

chain=forward new-ttl=set:1

Maksud dari baris perintah diatas, adalah paket yang lewat router mikrotik hanya dibuat valid untuk 1 hop berikutnya ke arah klient, yang berarti hanya valid untuk 1 pc, karena begitu masuk ke PC tersebut TTL berkurang 1, sehingga menjadi 0.

Jangan lupa, peletakan firewallnya harus dibaris yang tepat, bila tidak tepat rule ini tidak akan terbaca.
Read More