Menu

Promo

 
» »Unlabelled » Konfigurasi Load Balancing pada FreeBSd

A+ A-
apa maksud outgoing load balancing pada bahasan kali ini ? yang saya maksud outgoing load balancing di sini adalah balancing 2 koneksi internet atau lebih dan mengoptimalkan koneksi tersebut.

dalam melakukan load balancing ini saya menggunakan pf pool

http://www.openbsd.org/faq/pf/pools.html#outgoing

dalam contoh kali ini akan saya sajikan 2 koneksi saja. untuk lebih dari 2 koneksi silahakan anda mencobanya

dan berexperimen sendiri.

pra syarat :

1. Kernel sudah di kompile suport PF

2. Ada 3 buah lancard 2 untuk koneksi wan dan 1 untuk LAN

3. Dua line koneksi isp

pertama silahkan anda login ke server anda :

ogeb@ogeb-desktop:~$ ssh ogeb@indofreebsd.or.id This e-mail address is being protected from spambots. You need JavaScript enabled to view it

Password:****************

[ogeb@indofreebsd ~]$ sudo su -

indofreebsd#

selanjutnya yang saya lakukan adalah mengcompile kernel agar support pf firewall dan builtin dalam kernel

merujuk ke http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-pf.html

indofreebsd# cd /sys/i386/conf/

indofreebsd#cp GENERIC indofreebsd

indofreebsd# vi indofreebsd

#----tambahkan baris berikut pada konfigurasi kernel anda ----#

###---untuk support PF----###

device pf
device pflog
device pfsync

###---untuk support altq cbq jika diperlukan nanti ---#



options ALTQ
options ALTQ_CBQ # Class Bases Queuing (CBQ)
options ALTQ_RED # Random Early Detection (RED)
options ALTQ_RIO # RED In/Out
options ALTQ_HFSC # Hierarchical Packet Scheduler (HFSC)
options ALTQ_PRIQ # Priority Queuing (PRIQ)
options ALTQ_NOPCC # Required for SMP build



####---cuman segini yang perlu ditambahain ---------#

save konfigurasi kernel

setelah mengedit konfigurasi kernel lalu saya mengcompile kernel ulang.

indofreebsd# cd /usr/src

indofreebsd#make buildkernel KERNCONF=indofreebsd

--------------------------------------------------------------
>>> Kernel build for indofreebsd completed on TUE Jun 26 05:57:45 WIT 2007
--------------------------------------------------------------

setelah itu saya install kernel nya



indofreebsd# make installkernel KERNCONF=indofreebsd

install -o root -g wheel -m 555 if_xe.ko /boot/kernel
===> xl (install)
install -o root -g wheel -m 555 if_xl.ko /boot/kernel
===> zlib (install)
install -o root -g wheel -m 555 zlib.ko /boot/kernel
kldxref /boot/kernel

indofreebsd#
saya disini menggunakan pf untuk load balancedan saya tidak menjelaskan teknik kompile kernel, saya disini dan saya kira anda sudah mengerti cara mengaktikannya dan tidak perlu dijelaskan lagi, saya disini menggunakan 2 Koneksi internet satu Leased Line dan Adsl yaitu komputer dengan ip 192.168.0.1 s/d 192.168.0.7 menggunakan Leased Line dan Komputer dengan ip 192.168.0.8 s/d 192.168.0.14 menggunakan adsl



langkap pertama tambahkan di rc.conf

lintascakrawala# ee /etc/rc.conf

defaultrouter=”gateway1”

static_routes="link1 link2 link3 link4 link5"

route_link1="58.0.0.0/8 gateway2"

route_link2="60.0.0.0/8 gatewa2"

route_link3="62.0.0.0/8 gateway2"

route_link4="202.0.0.0/8 gatewa2"

route_link5="203.0.0.0/8 gateway2"

langkah kedua edit pf di pf.conf

lintascakrawala#ee /etc/pf.conf





########## Local Area Network #######################

lan1 = "{192.168.0.1,192.168.0.2,192.168.0.3,192.168.0.4,192.168.0.5,192.168.0.6,192.168.0.7}"

lan2 = "{192.168.0.8,192.168.0.9,192.168.0.10,192.168.0.11,192.168.0.12,192.168.0.100,192.168.0.13,192.168.0.14}"

dns1 = "{x.x.x.x,x.x.x.x}" <--- dnsnya Leased Line

dns2 = "{x.x.x.x,x.x.x.x}" <--- dnsnya Adsl

ob_state = "flags S/SA keep state"

int_if = "rl1" <--- Local Area Network

ext_if1 = "rl0" <--- Internet 1

ext_if2 = "rl2" <--- Internet 2

ext_gw1 = "x.x.x.x" <--- Gateway 1

ext_gw2 = "x.x.x.x" <--- Gateway 2



# nat outgoing connections on internet 2 connections

nat on $ext_if1 proto {tcp,udp,icmp} from $lan1 to any -> ($ext_if1)

nat on $ext_if2 proto {tcp,udp,icmp} from $lan2 to any -> ($ext_if2)



# pass all outgoing packets on internal interface

pass out on $int_if from any to $lan1

pass out on $int_if from any to $lan2



# pass in quick any packets destined for the gateway itself

pass in quick on $int_if from $lan1 to $int_if

pass in quick on $int_if from $lan2 to $int_if



# load balance outgoing tcp traffic from internal network.



pass in on $int_if route-to { ($ext_if1 $ext_gw1) } round-robin proto tcp from $lan1 to any flags S/SA modulate state

pass in on $int_if route-to { ($ext_if2 $ext_gw2) } round-robin proto tcp from $lan2 to any flags S/SA modulate state



# load balance outgoing udp and icmp traffic from internal network

pass in on $int_if route-to { ($ext_if1 $ext_gw1) } round-robin proto { udp, icmp } from $lan1 to any keep state

pass in on $int_if route-to { ($ext_if2 $ext_gw2) } round-robin proto { udp, icmp } from $lan2 to any keep state



# general "pass out" rules for external interfaces

pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state

pass out on $ext_if1 proto { udp, icmp } from any to any keep state

pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state

pass out on $ext_if2 proto { udp, icmp } from any to any keep state



# route packets from any IPs on $ext_if1 to $ext_gw1 and the same for

# $ext_if2 and $ext_gw2

pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any

pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any



###############Domain Name Server Leased Line#######################

antispoof for $int_if

pass quick on lo0 all

pass out quick on $int_if proto tcp from $lan1 to $dns1 port 53 $ob_state

pass out quick on $int_if proto udp from $lan1 to $dns1 port 53 keep state



##############Domain Name Server Adsl###################

pass out quick on $int_if proto tcp from $lan2 to $dns2 port 53 $ob_state

pass out quick on $int_if proto udp from $lan2 to $dns2 port 53 keep state



Tahap selanjut simpan pf.conf

restart pfctcl

lintascakrawala#pfctl -NORf /etc/pf.conf



dan Tahap Terakhir coba jalankan pf



lintascakrawala#pfctl -f /etc/pf.conf





selesai sudah tahap pembuatan loadbalance script tersebut diatas jalan diserver saya terima kasih saya ucapkan kepada ogeb,dani78,setrum,apin dan rekan rekan di #indofreebsd dan tidak lupa buat Rei` selalu mendukung saya, dan yang tidak bisa saya sebutkan satu satu mohon dimaafkansebagai referensi



http://www.indofreebsd.or.id

http://www.openbsd.org/faq/pf/pools.html#outgoing

at 6:44 PM

Post a Comment

Subscribe to: Post Comments (Atom)
 
Top