apa maksud outgoing load balancing pada bahasan kali ini ? yang saya maksud outgoing load balancing di sini adalah balancing 2 koneksi internet atau lebih dan mengoptimalkan koneksi tersebut.
dalam melakukan load balancing ini saya menggunakan pf pool
http://www.openbsd.org/faq/pf/pools.html#outgoing
dalam contoh kali ini akan saya sajikan 2 koneksi saja. untuk lebih dari 2 koneksi silahakan anda mencobanya
dan berexperimen sendiri.
pra syarat :
1. Kernel sudah di kompile suport PF
2. Ada 3 buah lancard 2 untuk koneksi wan dan 1 untuk LAN
3. Dua line koneksi isp
pertama silahkan anda login ke server anda :
ogeb@ogeb-desktop:~$ ssh ogeb@indofreebsd.or.id This e-mail address is being protected from spambots. You need JavaScript enabled to view it
Password:****************
[ogeb@indofreebsd ~]$ sudo su -
indofreebsd#
selanjutnya yang saya lakukan adalah mengcompile kernel agar support pf firewall dan builtin dalam kernel
merujuk ke http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-pf.html
indofreebsd# cd /sys/i386/conf/
indofreebsd#cp GENERIC indofreebsd
indofreebsd# vi indofreebsd
#----tambahkan baris berikut pada konfigurasi kernel anda ----#
###---untuk support PF----###
device pf
device pflog
device pfsync
###---untuk support altq cbq jika diperlukan nanti ---#
options ALTQ
options ALTQ_CBQ # Class Bases Queuing (CBQ)
options ALTQ_RED # Random Early Detection (RED)
options ALTQ_RIO # RED In/Out
options ALTQ_HFSC # Hierarchical Packet Scheduler (HFSC)
options ALTQ_PRIQ # Priority Queuing (PRIQ)
options ALTQ_NOPCC # Required for SMP build
####---cuman segini yang perlu ditambahain ---------#
save konfigurasi kernel
setelah mengedit konfigurasi kernel lalu saya mengcompile kernel ulang.
indofreebsd# cd /usr/src
indofreebsd#make buildkernel KERNCONF=indofreebsd
--------------------------------------------------------------
>>> Kernel build for indofreebsd completed on TUE Jun 26 05:57:45 WIT 2007
--------------------------------------------------------------
setelah itu saya install kernel nya
indofreebsd# make installkernel KERNCONF=indofreebsd
install -o root -g wheel -m 555 if_xe.ko /boot/kernel
===> xl (install)
install -o root -g wheel -m 555 if_xl.ko /boot/kernel
===> zlib (install)
install -o root -g wheel -m 555 zlib.ko /boot/kernel
kldxref /boot/kernel
indofreebsd#
saya disini menggunakan pf untuk load balancedan saya tidak menjelaskan teknik kompile kernel, saya disini dan saya kira anda sudah mengerti cara mengaktikannya dan tidak perlu dijelaskan lagi, saya disini menggunakan 2 Koneksi internet satu Leased Line dan Adsl yaitu komputer dengan ip 192.168.0.1 s/d 192.168.0.7 menggunakan Leased Line dan Komputer dengan ip 192.168.0.8 s/d 192.168.0.14 menggunakan adsl
langkap pertama tambahkan di rc.conf
lintascakrawala# ee /etc/rc.conf
defaultrouter=”gateway1”
static_routes="link1 link2 link3 link4 link5"
route_link1="58.0.0.0/8 gateway2"
route_link2="60.0.0.0/8 gatewa2"
route_link3="62.0.0.0/8 gateway2"
route_link4="202.0.0.0/8 gatewa2"
route_link5="203.0.0.0/8 gateway2"
langkah kedua edit pf di pf.conf
lintascakrawala#ee /etc/pf.conf
########## Local Area Network #######################
lan1 = "{192.168.0.1,192.168.0.2,192.168.0.3,192.168.0.4,192.168.0.5,192.168.0.6,192.168.0.7}"
lan2 = "{192.168.0.8,192.168.0.9,192.168.0.10,192.168.0.11,192.168.0.12,192.168.0.100,192.168.0.13,192.168.0.14}"
dns1 = "{x.x.x.x,x.x.x.x}" <--- dnsnya Leased Line
dns2 = "{x.x.x.x,x.x.x.x}" <--- dnsnya Adsl
ob_state = "flags S/SA keep state"
int_if = "rl1" <--- Local Area Network
ext_if1 = "rl0" <--- Internet 1
ext_if2 = "rl2" <--- Internet 2
ext_gw1 = "x.x.x.x" <--- Gateway 1
ext_gw2 = "x.x.x.x" <--- Gateway 2
# nat outgoing connections on internet 2 connections
nat on $ext_if1 proto {tcp,udp,icmp} from $lan1 to any -> ($ext_if1)
nat on $ext_if2 proto {tcp,udp,icmp} from $lan2 to any -> ($ext_if2)
# pass all outgoing packets on internal interface
pass out on $int_if from any to $lan1
pass out on $int_if from any to $lan2
# pass in quick any packets destined for the gateway itself
pass in quick on $int_if from $lan1 to $int_if
pass in quick on $int_if from $lan2 to $int_if
# load balance outgoing tcp traffic from internal network.
pass in on $int_if route-to { ($ext_if1 $ext_gw1) } round-robin proto tcp from $lan1 to any flags S/SA modulate state
pass in on $int_if route-to { ($ext_if2 $ext_gw2) } round-robin proto tcp from $lan2 to any flags S/SA modulate state
# load balance outgoing udp and icmp traffic from internal network
pass in on $int_if route-to { ($ext_if1 $ext_gw1) } round-robin proto { udp, icmp } from $lan1 to any keep state
pass in on $int_if route-to { ($ext_if2 $ext_gw2) } round-robin proto { udp, icmp } from $lan2 to any keep state
# general "pass out" rules for external interfaces
pass out on $ext_if1 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if1 proto { udp, icmp } from any to any keep state
pass out on $ext_if2 proto tcp from any to any flags S/SA modulate state
pass out on $ext_if2 proto { udp, icmp } from any to any keep state
# route packets from any IPs on $ext_if1 to $ext_gw1 and the same for
# $ext_if2 and $ext_gw2
pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
###############Domain Name Server Leased Line#######################
antispoof for $int_if
pass quick on lo0 all
pass out quick on $int_if proto tcp from $lan1 to $dns1 port 53 $ob_state
pass out quick on $int_if proto udp from $lan1 to $dns1 port 53 keep state
##############Domain Name Server Adsl###################
pass out quick on $int_if proto tcp from $lan2 to $dns2 port 53 $ob_state
pass out quick on $int_if proto udp from $lan2 to $dns2 port 53 keep state
Tahap selanjut simpan pf.conf
restart pfctcl
lintascakrawala#pfctl -NORf /etc/pf.conf
dan Tahap Terakhir coba jalankan pf
lintascakrawala#pfctl -f /etc/pf.conf
selesai sudah tahap pembuatan loadbalance script tersebut diatas jalan diserver saya terima kasih saya ucapkan kepada ogeb,dani78,setrum,apin dan rekan rekan di #indofreebsd dan tidak lupa buat Rei` selalu mendukung saya, dan yang tidak bisa saya sebutkan satu satu mohon dimaafkansebagai referensi
http://www.indofreebsd.or.id
http://www.openbsd.org/faq/pf/pools.html#outgoing
Konfigurasi Load Balancing pada FreeBSd
Post a Comment