10 Langkah Teknik memisahkan Gateway Local dan International

Bahan yang di perlukan untuk memisahkan Gateway ini adalah :
1. Satu buah PC
2. Satu buah DOM atau Software MikroTik RouterOS
3. Tiga buah LAN Card untuk Interface (LAN, LOCAL dan INT)
Kemudian langkah-langkah selanjutnya untuk memisahkan gateway sebagai berikut :
1. Set Identity
2. Setting Name Pada Interface
3. Setting IP address pada interface
4. Setting Gateway
5. Setting DNS
6. Natting / masquerading Interface LAN
7. Add Address-list di alamat : http://ixp.mikrotik.co.id/download/nice.rsc
8. Add Mangle = Marking-Connection
= Marking-Routing
9. Arahkan Mark-Routing di Gateway LOCAL
10. Test Traceroute Situs Local dan Situs International
Hasil Capture Konfigurasi
1. Set Identity[admin@FeryJunaedi-Router] > system identity print
name: “FeryJunaedi-Router
[admin@FeryJunaedi-Router] >

2. Setting Name Pada Interface
[admin@FeryJunaedi-Router] > interface print
Flags: X – disabled, D – dynamic, R – running
# NAME TYPE RX-RATE TX-RATE MTU
0 R LAN ether 0 0 1500
1 R LOCAL ether 0 0 1500
2 R INT ether 0 0 1500
[admin@FeryJunaedi-Router] >

3. Setting IP address pada interface

[admin@FeryJunaedi-Router] > ip address print
Flags: X – disabled, I – invalid, D – dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 192.168.10.1/24 192.168.10.0 192.168.10.255 LAN
1 10.8.8.45/24 10.8.8.0 10.8.8.255 LOCAL
2 202.47.77.2xx/28 202.47.77.240 202.47.77.255 INT
[admin@FeryJunaedi-Router] >

4. Setting Gateway

[admin@FeryJunaedi-Router] > ip route print
Flags: X – disabled, A – active, D – dynamic,
C – connect, S – static, r – rip, b – bgp, o – ospf,
B – blackhole, U – unreachable, P – prohibit
# DST-ADDRESS PREF-SRC G GATEWAY DISTANCE INTERFACE
0 A S 0.0.0.0/0 r 202.47.77.xx 1 INT
1 A S 0.0.0.0/0 r 10.8.8.1 1 LOCAL
2 ADC 10.8.8.0/24 10.8.8.45 0 LOCAL
3 ADC 192.168.10.0/24 192.168.10.1 0 LAN
4 ADC 202.47.77.240/28 202.47.77.249 0 INT
[admin@FeryJunaedi-Router] >

5. Setting DNS

[admin@FeryJunaedi-Router] > ip dns print
primary-dns: 202.47.78.8
secondary-dns: 202.47.78.9
allow-remote-requests: yes
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 19KiB
[admin@FeryJunaedi-Router] >

6. Natting / masquerading Interface LAN
[admin@FeryJunaedi-Router] > ip firewall nat print
Flags: X – disabled, I – invalid, D – dynamic
0 chain=srcnat action=masquerade

1 chain=srcnat action=masquerade out-interface=LOCAL dst-address=0.0.0.0

2 chain=srcnat action=masquerade out-interface=INT dst-address=0.0.0.0
[admin@FeryJunaedi-Router] >

7. Add Address-list di alamat : http://ixp.mikrotik.co.id/download/nice.rsc

8. Add Mangle = Marking-Connection
= Marking-Routing

[admin@FeryJunaedi-Router] > ip firewall mangle print
Flags: X – disabled, I – invalid, D – dynamic
0 chain=output action=mark-connection new-connection-mark=mark-con-local
passthrough=yes dst-address-list=nice1 chain=output action=mark-routing new-routing-mark=mark-routing-local
passthrough=yes connection-mark=mark-con-local dst-address-list=nice
[admin@FeryJunaedi-Router] >

9. Arahkan Mangle Mark-Routing ke Gateway LOCAL

[admin@FeryJunaedi-Router] > ip route print detail
Flags: X – disabled, A – active, D – dynamic,
C – connect, S – static, r – rip, b – bgp, o – ospf,
B – blackhole, U – unreachable, P – prohibit
0 A S dst-address=0.0.0.0/0 gateway=202.47.xx.xx interface=INT
gateway-state=reachable distance=1 scope=255 target-scope=10

1 A S dst-address=0.0.0.0/0 gateway=10.8.8.1 interface=LOCAL
gateway-state=reachable distance=1 scope=255 target-scope=10
routing-mark=mark-routing-local

2 ADC dst-address=10.8.8.0/24 pref-src=10.8.8.45 interface=LOCAL distance=0
scope=10 target-scope=0

3 ADC dst-address=192.168.10.0/24 pref-src=192.168.10.1 interface=LAN
distance=0 scope=10 target-scope=0

4 ADC dst-address=202.47.77.240/28 pref-src=202.47.xx/xx interface=INT
distance=0 scope=10 target-scope=0
[admin@FeryJunaedi-Router] >

10. Test Traceroute Situs Local dan Situs International

[admin@FeryJunaedi-Router] >
[admin@FeryJunaedi-Router] > tool traceroute http://www.yahoo.com
ADDRESS STATUS
1 202.47.68.249 2ms 2ms 1ms << next hope lewat interface INT
2 202.47.79.35 2ms 2ms 2ms
3 202.93.245.153 40ms 21ms 23ms
4 121.52.62.193 21ms 21ms 21ms
5 202.152.245.165 27ms 24ms 27ms
6 202.152.245.130 29ms 22ms 24ms
7 203.208.192.45 28ms 22ms 27ms
8 203.208.182.1 28ms 22ms 26ms
9 203.208.151.90 220ms 226ms 219ms
10 203.208.168.110 218ms 217ms 214ms
11 0.0.0.0 timeout timeout timeout
[admin@FeryJunaedi-Router] >
[admin@FeryJunaedi-Router] > tool traceroute http://www.kompas.co.id
ADDRESS STATUS
1 202.47.79.69 3ms 6ms 3ms << next hope interface LOCAL
2 202.47.79.212 9ms 4ms 4ms
3 218.100.27.147 5ms 5ms 6ms
4 202.146.5.33 10ms 7ms 10ms
[admin@FeryJunaedi-Router] > tool http://www.google.com
no such command or directory (www.google.com)
[admin@FeryJunaedi-Router] > tool traceroute http://www.google.com
ADDRESS STATUS
1 202.47.68.249 2ms 2ms 1ms << next hope interface INT
2 202.47.79.35 2ms 1ms 2ms
3 202.93.245.153 21ms 22ms 23ms
4 121.52.62.193 190ms 213ms 20ms
5 202.152.245.165 26ms 25ms 23ms
6 202.152.245.154 26ms 53ms 29ms
7 203.208.192.45 26ms 29ms 26ms
8 203.208.182.5 28ms 27ms 24ms
9 203.208.182.158 28ms 24ms 27ms
10 203.208.149.158 26ms 25ms 56ms
11 203.208.149.77 28ms 28ms 74ms
12 203.208.154.61 28ms 26ms 68ms
13 0.0.0.0 timeout timeout timeout
[admin@FeryJunaedi-Router] >

Thats all,

Dengan langkah-langkah sederhana diatas kita sudah bisa memisahkan Gateway Local dan international

~ by feryjunaedi on January 6, 2008.

2 Responses to “10 Langkah Teknik memisahkan Gateway Local dan International”

  1. mas klo boleh saran topologi nya terperinci, bingung ni mas…. hehehehhee

  2. Saya mohon bantuan …
    Di kantor saya sdh terpasang Mikrotik RouterOS dgn Winbox (sebagai Gateway)
    dan ada Mail Server dgn DeskNow.

    Permasalahannya dimana kita ingin mengirimkan Email lewat DeskNow ke Email yg lain ternyata tidak bisa sedangkan utk menerima email dr email lain ke Desk Now bisa.

    apakah ini ada setting di Mikrotik RouterOS atau di DeskNownya

    Terus kita memakai Leased Line Hipernet

    Mohon Bantuannya

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: