bayu dot Blitar dot ORG : Hei.. Itu Aku !!!


bayu.blitar.ORG

Simple Loadbalancing using Shorewall. part 1  

DIJAMIN 100% WORKED !!!

sik…sik… nulis ini dulu Simple Loadbalancing using Shorewall. part 1 :). asline si bisa kasi judul Multi ISP connection howto or loadbalancing 2 ISP. tapi berhubung ini pake speedy 2 buah (aku sebut speedol). akhire ya kaya gini. o iya ini pake distro linux, pake mandriva spring 2008. cuman CD 1 aja :)

ok langsung aja.

speedol1 :

IP Modem 192.168.1.254 netmask 255.255.255.0 (masih standar pabrik, pake modem billion)

speedol2 :

IP Modem 192.168.3.254 netmask 255.255.255.0 (bawaan pabrik udah di ganti)

Mandriva Spring 2008 pake 3 NIC / Ethernet card, di Pentium-IV HDD 40GB RAM 1Gb

eth0 : 192.168.1.253 netmask 255.255.255.0

eth1: 192.168.3.253 netmask 255.255.255.0

eth2: 192.168.2.1 netmask 255.255.255.224

isi mandriva spring hanya shorewall (buat firewallnya), squid (buat proxy server, sama dnsmasq (buat cache dns). untuk squid dan dnsmasq install belakangan, soale harus konek ke repo mandriva (http://easyurpmi.zarb.org)

disini loadbalancingnya pake shorewall. inspirasi dari http://www.shorewall.net/MultiISP.html. yang perlu di edit hanya file konfigurasi shorewall ini:

  • interfaces
  • masq
  • policy
  • providers
  • rules.drakx
  • shorewall.conf (jika perlu. tapi aku gak perlu, default aja udah bisa)
  • start
  • stop
  • zones

nah masing-masing isi file tersebut seperti ini di mandriva spring 2008-ku

interfaces :

net eth1 detect
net eth0 detect
loc eth2 detect

masq :

eth0 192.168.2.0/27

policy :

loc net ACCEPT
loc fw ACCEPT
fw loc ACCEPT
fw net ACCEPT
net all DROP info
all all REJECT info

providers :

speedol1 1 1 main eth0 192.168.1.254 track,balance eth2
speedol2 2 2 main eth1 192.168.3.254 track,balance eth2

rules.drakx :

ACCEPT+ fw net tcp http - - - squid
REDIRECT fw 3128 tcp http -
REDIRECT loc 3128 tcp http -
ACCEPT loc fw all

shorewall.conf : edit yang perlu aja ya !!

dan pastikan isinya seperti ini

start :

INCLUDE /etc/ifw/start
INCLUDE /etc/ifw/rules
iptables -I INPUT 1 -j Ifw

stop :

iptables -D INPUT -j Ifw
INCLUDE /etc/ifw/stop

zones :

net ipv4
loc ipv4
fw firewall

untuk seting transparent proxy dengan squid, dan seting dnsmasq untuk caching DNS tidak di bahas. sudah ada di http://bayuart.wordpress.com

liat hasil routingnya

[root@javanet box]# ip route show
192.168.2.0/27 dev eth2 proto kernel scope link src 192.168.2.1 metric 10
192.168.3.0/24 dev eth1 proto kernel scope link src 192.168.3.253 metric 10
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.253 metric 10
169.254.0.0/16 dev eth1 scope link metric 10
169.254.0.0/16 dev eth2 scope link metric 10
169.254.0.0/16 dev eth0 scope link metric 10
default
nexthop via 192.168.1.254 dev eth0 weight 1
nexthop via 192.168.3.254 dev eth1 weight 1

ok. gitu aja. load balancing untuk browsing aja udah selesai. kenapa hanya browsing ? ini masih part 1 euy. jangan maksa dong….

to be continued ke part2 (kalo inget :p)

The article has

9 responses

Written by bayu

April 30th, 2008 at 10:43 pm

Posted in Networking, tulisanku

Tagged with , , , , , , ,

« Blitar : Hidup ato Mati
masakan padang lagi »

9 Responses to 'Simple Loadbalancing using Shorewall. part 1'

Subscribe to comments with RSS or TrackBack to 'Simple Loadbalancing using Shorewall. part 1'.

  1. [...] selengkapnya … Tagged with: loadbabalce, mandriva spring 2008, multi ISP, multi WAN, shorewall « Webmin configuration I`m back … (eh black) » [...]

    Mandriva Spring 2008 : Loadbalance pake 2 Speedy « bayu - mandriva - other Linux

    30 Apr 08 at 10:55 pm

  2. masq :
    eth1 172.16.0.0/24 192.168.1.10
    eth2 172.16.0.0/24 192.168.0.10

    shorewall.conf :
    STARTUP_ENABLED=Yes
    ADD_SNAT_ALIASES=Yes
    FASTACCEPT=Yes

    samsul

    1 May 08 at 9:03 pm

  3. mas kalo di slackware gimana kan default rc.inet1.conf hanya membolehkan 1 gw. terus itu gimana kira² kalo dengan settingan multi ISP nya?

    Thank atas jawabannya sebelumnya

    bayu :

    baca dengan teliti file rc.inet1.conf. bukane di file tersebut bisa ditambahin sendiri ?

    Jecky

    6 May 08 at 9:35 pm

  4. mass… part 2 nya di runggu lho..

    666

    9 May 08 at 3:29 pm

  5. part 2 nya di tunggu in banyak orang nichhh

    666

    9 May 08 at 3:32 pm

  6. rule iptables ini

    /sbin/iptables -t nat -A POSTROUTING -o eth1 -j SNAT –to 192.168.3.253
    /sbin/iptables -t nat -A POSTROUTING -o eth0 -j SNAT –to 192.168.1.253

    di shorewall begini

    edit file /etc/shorewall/netmap
    lebih jelasnya silahkan baca manual nya

    gomblohman

    14 May 08 at 3:07 pm

  7. [...] http://bayu.blitar.org/2008/04/30/simple-loadbalancing-using-shorewall-part-1/ [...]

    MRTG Simple at bayu dot Blitar dot ORG : Hei.. Itu Aku !!!

    14 May 08 at 6:08 pm

  8. [...] http://bayu.blitar.org/2008/04/30/simple-loadbalancing-using-shorewall-part-1/ [...]

    Prepare for part II at bayu dot Blitar dot ORG : Hei.. Itu Aku !!!

    17 May 08 at 10:03 am

  9. [...] http://bayu.blitar.org/2008/04/30/simple-loadbalancing-using-shorewall-part-1/ [...]

    Part II : Menggabungkan 2 atau lebih Line/Koneksi Telkom Speedy at bayu dot Blitar dot ORG : Hei.. Itu Aku !!!

    20 May 08 at 1:47 pm

Leave a Reply