mikrotiknetworking

Setting Load Balancing 2 ISP Menggunakan PCC + Fail Over + Recursive Gateway Router MikroTik

author

Ahmad Lukman Hakim

02 Desember 2024

Tujuan

  • Setting load balancing PCC
  • Setting fail over
  • Setting recursive gateway

Penjelasan singkat

  • Load balancing, digunakan untuk menyeimbangkan / memaksimalkan bandwidth yang masuk kedalam mikrotik. Misalkan kita punya 2 sumber internet (2 ISP), jadi sumber-sumber ini dapat digunakan bersama / tidak aktif hanya satu ISP.
  • Fail over, teknik ini cukup penting untuk menangani masalah downtime disalah satu sumber. Sumber lain bisa menjadi backup untuk menjaga koneksi internet tetap terhubung.
  • Recursive gateway, teknik ini merupakan optimalisasi teknik load balancing sebelumnya. Digunakan untuk gateway checking didalam proses routing.

Persiapan

  • 2 sumber internet, anda tidak harus berlangganan 2 ISP. Dikondisi ini saya menggunakan sumber Wi-Fi kos-an dan Modem GSM internet (TP-Link MR6400).
  • Router Mikrotik, disini saya menggunakan tipe hAp ax2 C52iG-5HaxD2HaxD

Topologi

topologi-load-balancing-new-2024


Langkah-langkah Setting Load Balancing 2 ISP

Pada bagian ini, jika anda ingin sama persis dengan kondisi saya, bisa mengikuti konfigurasi tidak wajib. Silahkan lompat ke konfigurasi wajib, yang fokus pada setting load balancing.

Konfigurasi Tidak Wajib

  • Setting interface bridge (opsional)

Disini Wireless 2 (2GHz) saya gunakan untuk Wifi di ruangan saya. Di bridge dengan ether2 s/d ether5. Silahkan disesuaikan dengan routerboard anda.

/interface bridge add admin-mac=D4:01:C3:EC:38:4C auto-mac=no name=bridge
/interface bridge port add bridge=bridge interface=ether2
/interface bridge port add bridge=bridge interface=ether3
/interface bridge port add bridge=bridge interface=ether4
/interface bridge port add bridge=bridge interface=ether5
/interface bridge port add bridge=bridge interface=wifi2
  • Setting Wireless AP (opsional)
/interface wifi set [ find default-name=wifi2 ] channel.band=2ghz-ax .skip-dfs-channels=10min-cac .width=20/40mhz comment=Wi-Fi configuration.country=Indonesia .mode=ap .ssid=MikroTik-EC384F disabled=no security.authentication-types=wpa2-psk,wpa3-psk .ft=yes .ft-over-ds=yes .passphrase=B9FFJOQMXX
  • Setting Wireless Station (Ambil Wi-Fi dari Kos) (opsional)
/interface wifi security add authentication-types=wpa2-psk,wpa3-psk disabled=no name=cempakaraya passphrase=cempakaoke1

/interface wifi configuration add channel.band=5ghz-ac disabled=no mode=station name=cempakaraya-cfg security=cempakaraya security.authentication-types=""

/interface wifi set [ find default-name=wifi1 ] comment="WAN-Cempaka Raya" configuration=cempakaraya-cfg configuration.mode=station .ssid="Kontrakan cempaka" disabled=no security=cempakaraya security.ft=yes .ft-over-ds=yes
  • Setting IP Address (opsional)
/ip address add address=192.168.88.1/24 interface=bridge network=192.168.88.0
/ip address add address=192.168.1.199/24 interface=ether1 network=192.168.1.0

Wireless 1 (5GHz) saya arahkan ke Wi-Fi kos, jadi saya pakai DHCP Client di interface Wireless

  • Setting DNS Client (opsional)
/ip dhcp-client add add-default-route=no interface=wifi1

Konfigurasi Wajib

  • Setting Firewall NAT (digunakan untuk Fail-over)
/ip firewall nat add action=masquerade chain=srcnat comment="nat_ISP1" ipsec-policy=out,none out-interface=wifi1
/ip firewall nat add action=masquerade chain=srcnat comment="nat_ISP2" ipsec-policy=out,none out-interface=ether1
  • Setting Firewall Mangle (konfigurasi utama load balancing PCC)
/ip firewall mangle add action=accept chain=prerouting dst-address=192.168.0.0/24 in-interface=bridge
/ip firewall mangle add action=accept chain=prerouting dst-address=192.168.1.0/24 in-interface=bridge
/ip firewall mangle add action=mark-connection chain=input connection-state=new in-interface=wifi1 new-connection-mark=ISP1
/ip firewall mangle add action=mark-connection chain=input connection-state=new in-interface=ether1 new-connection-mark=ISP2
/ip firewall mangle add action=mark-connection chain=output connection-mark=no-mark connection-state=new new-connection-mark=ISP1 passthrough=yes per-connection-classifier=both-addresses:2/0
/ip firewall mangle add action=mark-connection chain=output connection-mark=no-mark connection-state=new new-connection-mark=ISP2 per-connection-classifier=both-addresses:2/1
/ip firewall mangle add action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new dst-address-type=!local in-interface=bridge new-connection-mark=ISP1 passthrough=yes per-connection-classifier=src-port:2/0
/ip firewall mangle add action=mark-connection chain=prerouting connection-mark=no-mark connection-state=new dst-address-type=!local in-interface=bridge new-connection-mark=ISP2 passthrough=yes per-connection-classifier=src-port:2/1
/ip firewall mangle add action=mark-routing chain=output connection-mark=ISP1 new-routing-mark=ISP1_table
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ISP1 in-interface=bridge new-routing-mark=ISP1_table
/ip firewall mangle add action=mark-routing chain=output connection-mark=ISP2 new-routing-mark=ISP2_table
/ip firewall mangle add action=mark-routing chain=prerouting connection-mark=ISP2 in-interface=bridge new-routing-mark=ISP2_table
  • Setting IP Route dan Routing (konfigurasi recursive gateway)
/ip route add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=8.8.8.8 routing-table=main scope=20 suppress-hw-offload=no target-scope=31
/ip route add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=1.1.1.1 routing-table=main scope=20 suppress-hw-offload=no target-scope=32
/ip route add check-gateway=ping disabled=no distance=1 dst-address=1.1.1.1/32 gateway=192.168.1.1 routing-table=main scope=32 suppress-hw-offload=no target-scope=30
/ip route add check-gateway=ping disabled=no distance=1 dst-address=8.8.8.8/32 gateway=192.168.0.1 routing-table=main scope=31 suppress-hw-offload=no target-scope=30
/ip route add check-gateway=ping disabled=no distance=1 dst-address=8.8.8.8/32 gateway=192.168.0.1 routing-table=ISP1_table scope=30 suppress-hw-offload=no target-scope=10
/ip route add check-gateway=ping disabled=no distance=1 dst-address=1.1.1.1/32 gateway=192.168.1.1 routing-table=ISP2_table scope=30 suppress-hw-offload=no target-scope=10

Silahkan mencoba.