Load Balancing Mikrotik

/ ip addressadd address=192.168.0.1/24 network=192.168.0.0 broadcast=192.168.0.255 interface=Local comment="" \disabled=noadd address=10.111.0.2/24 network=10.111.0.0 broadcast=10.111.0.255 interface=wlan2 \comment="" disabled=noadd address=10.112.0.2/24 network=10.112.0.0 broadcast=10.112.0.255 interface=wlan1 \comment="" disabled=no/ ip firewall mangleadd chain=prerouting in-interface=Local connection-state=new nth=1,1,0 \action=mark-connection new-connection-mark=odd passthrough=yes comment="" \disabled=noadd chain=prerouting in-interface=Local connection-mark=odd action=mark-routing \new-routing-mark=odd...

Read More

Script Failover via netwatch

/ tool netwatchadd host=125.163.xx.xx timeout=100ms interval=15s up-script="/ip route enable \[/ip route find comment="GATEWAY-DSL"\]" down-script="/ip route disable \[/ip route find comment="GATEWAY-DSL"\]" comment="Ping Gateway IIX >> jika koneksi wireless putus script jalan >> " disabled...

Read More

Prioritas Upstream agar browsing tetep wuss wuss

/ ip firewall mangleadd chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=syn \connection-state=new packet-size=40-100 action=mark-connection \new-connection-mark=upstream_conn passthrough=yes comment="Testing TCP \Flags" disabled=noadd chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=rst \connection-state=new packet-size=40-100 action=mark-connection \new-connection-mark=upstream_conn passthrough=yes comment="" disabled=noadd chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=ack \connection-state=new packet-size=40-100 action=mark-connection \new-connection-mark=upstream_conn...

Read More

Prioritas Upstream agar browsing tetep wuss wuss

/ ip firewall mangleadd chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=syn \connection-state=new packet-size=40-100 action=mark-connection \new-connection-mark=upstream_conn passthrough=yes comment="Testing TCP \Flags" disabled=noadd chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=rst \connection-state=new packet-size=40-100 action=mark-connection \new-connection-mark=upstream_conn passthrough=yes comment="" disabled=noadd chain=postrouting out-interface=MAIN-LB protocol=tcp tcp-flags=ack \connection-state=new packet-size=40-100 action=mark-connection \new-connection-mark=upstream_conn...

Read More

Bogon address List

/ ip firewall address-listadd list=bogons address=1.0.0.0/8 comment="" disabled=noadd list=bogons address=2.0.0.0/8 comment="" disabled=noadd list=bogons address=5.0.0.0/8 comment="" disabled=noadd list=bogons address=10.0.0.0/8 comment="" disabled=noadd list=bogons address=23.0.0.0/8 comment="" disabled=noadd list=bogons address=27.0.0.0/8 comment="" disabled=noadd list=bogons address=31.0.0.0/8 comment="" disabled=noadd list=bogons address=36.0.0.0/8 comment="" disabled=noadd list=bogons address=37.0.0.0/8 comment="" disabled=noadd list=bogons address=39.0.0.0/8 comment="" disabled=noadd list=bogons...

Read More

preventing natted access

How to prevent NATed accessSesuai dengan judul diatas,inti dari kasus ini adalah penyedia jasa tidak ingin BW yang diberikan kepada user di sharing lagi mempergunakan nat-router.Ilmu baru buat saya, dengan memberikan TTL=1 ?, mmmm aneh sekali.Hasil dari googling di wikipedia di dapat informasi sebagai berikut :The TTL field is set by the sender of the datagram, and reduced by every host on the route to its destination. If the TTL field reaches zero before the datagram arrives at its destination, then the datagram is discarded and an ICMP error datagram (11 - Time Exceeded) is sent back to the...

Read More

drop flooding

/ip firewall filter add chain=syn-flood action=return tcp-flags=syn,!fin,!rst,!ack protocol=tcp limit=5,10/ip firewall filter add chain=syn-flood action=return protocol=!tcp disabled=yes/ip firewall filter add chain=syn-flood action=return tcp-flags=!,syn,!fin,!rst,!ack protocol=tcp disabled=yes/ip firewall filter add chain=syn-flood action=log log-prefix=”SYN FLOOD:”/ip firewall filter add chain=syn-flood action=drop disabled=...

Read More

Burst for each TCP connection

This is little how-to create manual burst using queue tree.As it is bandwidth control using queue tree first we need to mangle trafficfirst i mangle all connections, then i mark first 2Mbytes then i mark the rest of packets/ip firewall mangle add chain=forward protocol=tcp action=mark-connection new-connection-mark=new_conn passthrough=yes comment="mark all new connections" disabled=no/ip firewall mangle add chain=forward protocol=tcp connection-mark=new_conn connection-bytes=0-2000000 action=mark-packet new-packet-mark=new_packet passthrough=no comment="mark packets" disabled=no/ip firewall mangle...

Read More

Block Trace Route

ngeblok trace route gini boz,/ip firewall filter add chain=forward protocol=icmp icmp-options=11:0 action=drop comment="DropTraceroute"/ip firewall filter add chain=forward protocol=icmp icmp-options=3:3 action=drop comment="Drop Traceroute"Batasin ping, ada client yang iseng banjiri traffic dengan ping yang gak jelas, cara batasi ping-nya/ip firewall filter add chain=input action=accept protocol=icmp limit=50/5...

Read More

bagi rata koneksi

/ip firewall mangle add chain=forward src-address=172.16.0.0/12 \action=mark-connection new-connection-mark=users-con/ip firewall mangle add connection-mark=users-con action=mark-packet \new-packet-mark=users chain=forward/queue type add name=pcq-download kind=pcq pcq-classifier=dst-address/queue type add name=pcq-upload kind=pcq pcq-classifier=src-address/queue tree add name=Download parent=Lan max-limit=2048000/queue tree add parent=Download queue=pcq-download packet-mark=users/queue tree add name=Upload parent=Public max-limit=1024000/queue tree add parent=Upload queue=pcq-upload packet-mark=users/queue...

Read More

drop port scanner pada mikrotik

/ip firewall filteradd chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list \address-list="port scanners" address-list-timeout=2w \comment="Port scanners to list " disabled=noadd chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg\action=add-src-to-address-list address-list="port scanners"\address-list-timeout=2w comment="NMAP FIN Stealth scan"add chain=input protocol=tcp tcp-flags=fin,syn\action=add-src-to-address-list address-list="port scanners"\address-list-timeout=2w comment="SYN/FIN scan"add chain=input protocol=tcp tcp-flags=syn,rst\action=add-src-to-address-list...

Read More

Mikrotik Router Protection

/ip firewall filteradd chain=input connection-state=invalid action=drop \comment="Drop Invalid connections"add chain=input connection-state=established action=accept \comment="Allow Established connections"add chain=input protocol=icmp action=accept \comment="Allow ICMP"add chain=input src-address=192.168.0.0/24 action=accept \in-interface=!ether1add chain=input action=drop comment="Drop everything else"/ip firewall filteradd chain=forward protocol=tcp connection-state=invalid \action=drop comment="drop invalid connections"add chain=forward connection-state=established action=accept \comment="allow...

Read More

burst Queue

keterangan:(N = x * y / z)N = long burst-time (interval / durasi)x = burst-thresholdy = burst-timez = burst-limitlangkah-langkah :1. menghitung perkiraan waktu rata-rata yang dibutuhkan untuk loading page, pada contoh ini saya kira2 aja = 8detik2. seting max-limit, saya berikan = 256k3. set N = 8detik4. set y = 20detik5. set z = 1M (perhitungan BW untuk meLOAD page, dengan BW 1M saya rasa sudah lumayan cepat)6. nahh, sekarang kita hitung burst-thresholdnya,Quote:N = ( x * y ) / z8 = ( x * 20 ) / 1000x = 400k, jadi burst-threshold di set 400kQuote:N = 8x = 400ky = 10z = 1000k (1M)penjelasan :pada...

Read More

Troubleshooting (Panduan error koneksi)

Bila ada masalah atau troubleshooting koneksi, langkah pertama yg harus anda lakukan adalah:1. Pastikan bahwa status koneksi network / jaringan dalam kondisi connected. ( pojok kanan bawah )2. Radio Access Point terkadang statusnya hang, (coba cabut power adaptor satu menit tancap kembali, bagi yg power radionya ikut komputer mohon dishutdown selama satu menit lalu hidupkan kembali)3. Bila masih belum bisa juga, coba lakukan test koneksi dengan langkah langkah sebagai berikut :klik Start - runkemudian di run ketik ping 10.10.12.60- Reply from 10.10.12.60: ………… ( menandakan bahwa status jaringan...

Read More

Awas, Virus Ramnit Mengintai!

VIRUS seperti musim yang hadir silih berganti. Setelah sejumlah virus menghebohkan seperti Stuxnet, Sality, Virut dan Shortcut, kini hadir ancaman Ramnit. Program jahat ini mampu bekerjasama dengan virus lain untuk menginfeksi korbannya.Karenaya, Ramnit menjadi unik dibanding virus lain. Usai menjangkit komputer korbannya, program jahat ini akan men-download varian virus lainnya.Dan yang lebih memusingkan, jenis virus yang di-download akan berbeda untuk tiap komputer target, baik dari nama maupun...

Read More

Powerpoint huruf India

Siang hari lagi kena apesnya, laptop conf MGMT lagi ngadat.Ini kejadian aneh, padahal tiap hari kita cek normal & Ready to use.Ceritanya begini siang itu ada producer meeting, Technician dikasih tugas oleh bos but cek segala persiapannya. Sebenarnya sich tiap hari pagi & siang selalu dicek, Dan kondisi alhamdulillah bagus selalu. tapi lagi na'as saat user buka file powerpoint & mau ngedit lho kok tulisannya jadi bahasa asing kayak bahasa sansekerta atau bahasa jepang atau cina atau India,...

Read More

ADA SMS MASUK ....... !!! isinya bla bla bla .......

Ada SMS ..... !!!, ada apa nich pasti clients komplen.Tuch betulkan. Lagi dijalan neh..... Ach biar aja ntar klo uda dirumah baru dicek.Sampe dirumah.Ambil netbook langsung On konek wireless buka firefox. jreng muncul Login Page. Berarti jaringanku no problem soale masih bisa access login.Ketik user & password lalu enter, success direct ke Page RTRWNET. ini mah masih Lokal Network. jaringan no problem.Klik home page, oalah pantesan kok pada komplen neh, ternyata koneksinya loading ngak nyampe nyampe tujuan malah nongol server not found....Nasib nasib beginilah klo koneksi up to (non Dedicate...

Read More

Reposisi Antena Lengkol - Bontang

Lagi asyik kerja, hp berdering, kirain client komplen.wuich lain lagi, tapi justru ngebuat kerja keras. tahu maksudnya...?Ternyata telp dr mbak Yuli, " Mas Hary tolong antena yang ada di tower segera di lepas secepatnya. walah ada apa lagi ini.... ?Ya uda dech tanpa byk tanya langsung jawab " ntar sore habis pulang kerja aja " lagian lagi banyak kerjaan neh.Pulang kerja ngak langsung menuju rmh, meluncur ke Lengkol. Cek & Re Ceck eh ternyata tower yang ada di Masjid mau dibongkar. Ya uda mau diapa lagi, namanya juga nebeng sore itu juga tanpa byk bicara langsung call bro Akib & Heru untuk...

Read More

RADIO PIRANG JEBOL

Pagi pagi baru ngebuka HP, tau tau, " Ri tutup jerigen antena kita jebol kalo hujan bisa kacau. Dag dig dug, Bro Heru kirimin sms moga aja ngerti first solution.maksud gw mestinya power adaptor cabut aja walaupun malam hari ngak hujan sebagai antisipasi sapa tau hujan betulan.Byaaarr......, ternyata tadi malam hujan lebat sekali, langsung dech On laptop, survey jreeengg..... !!! ternyata repiter arah bro heru mati. Mampus dech kerja keras lagi, busyet turun neh pipa antena, mau ngak mau sore pulang kerja, abis waktu luang cuma pulang kerja.Dikantor, langsung temuin bro heru, langsung interogasi....

Read More