Download as PDF, PPTX
More Related Content
Similar to Mikrotik Hotspot With Queue Tree BW Management
Mikrotik Hotspot With Queue Tree BW Management
- 1. Hotspot Menggunakan ManajemenBandwidth Queue Tree
- 2.
- 3. Simple ● Aturanuruta sangat ketat. diproses dari teratas sampai terbawah. ● Mengatur aliran paket secara bidirectional (dua arah). ● Mampu membatasi trafik by IP. ● Satu antrian mampu membatasi trafik upld & dnld sekaligus ● Diproses lbh dulu jika ada simpl dan tree. ● Mendukung penggunaan PCQ ( bagi bw scr merata). ● Bisa menerapkan antrian yang by mangle. ● Mampu membagi bandwidth secara fixed. ● pengaturannya sangat sederhana dan cenderung statis, ● sangat cocok untuk admin yang tidak mau ribet dengan traffic control di /firewall mangle.
- 4. Tree ● Tidakmemiliki urutan, setiap antrian diproses bersama-sama. ● Mengatur aliran paket secara directional (satu arah) ● Membutuhkan mangle untuk membatasi trafik per IP, dan membedakan trafik download upload. ● Dinomorduakan setelah Queue Simple. ● Mendukung penggunaan PCQ sehingga mampu membagi bandwidth secara adil dan merata. ● Pengaturan antrian murni melalui paket yang ditandai di /firewall mangle. ● Mampu membagi bandwidth secara fixed. ● Lebih fleksibel dan butuh pemahaman yang baik di /firewall mangle khususnya tentang traffic control.
- 5. Hotspot QOS ●Built-in limiter – menggunakan parameer rate-limit di server-profile – otomatis dan mudah tetapi tidak memungkinkan implementasi HTB. ● Custom limitation – Memanfaatkan parameter Incoming-packet-mark dan outgoing-packet-mark pada user-profile. – bisa implementasi HTB dan melakukan limitasi berdasarkan kriteria koneksi yang lebih beragam
- 6. Jaringan Hotspot ●Asumsi – Ether1 / Wan = 192.168.88.5 – Ether2 / Lan = 192.168.90.9/29 – Jaringan lan 192.168.90.8/29 (6 host: 1 ap 5 client) – Bandwidth = 512kbps
- 7. SETTING INTERFACE ●/interface ethernet ● set 0 name=wan ● set 1 name=lan
- 8. SETTING IP ADDRESS ● /ip address ● add address=192.168.88.5/24 interface=wan ● add address=192.168.90.9/29 interface=lan
- 9. SETTING GATEWAY ●/ip route ● add distance=1 gateway=192.168.88.1
- 10. MASQUERADING ● /ipfirewall nat ● add action=masquerade chain=srcnat in-interface= lan
- 11. SETUP DNS ●/ip dns ● set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
- 12. IIX Addresses ●/system script ● add name=nice-import policy=read,write,test,sniff source="/tool fetch address=ixp.mikrotik.co.id src-path=/ download/nice.rsc mode=http" ● import nice.rsc
- 13. SETUP HOTSPOT ●ip hotspot setup ● hotspot interface: ether2 ● local address of network: 192.168.90.9 ● masquerade network: yes ● address pool of network: 192.168.90.10 – 192.168.10.14 ● select certificate: none ● ip address of smtp server: 0.0.0.0 ● dns servers: 8.8.8.8,8.8.4.4 ● dns name:hotline ● Username: admin ● Password: admin
- 14. Hotspot User Profile ● /ip hotspot user profile ● add address-pool=hs-pool-2 idle-timeout=none incoming-packet-mark=group1-in keepalive-timeout= 2m name=photline outgoing-packet-mark= group1-out
- 15. HOTSPOT USER ●/ip hotspot user ● add name=amad password=amad profile=photline ● add name=eri password=eri profile=photline ● add name=yasin password=yasin profile=photline ● add name=nugi password=nugraha profile=photline
- 16.
- 17. HOTSPOT JUMP ●/ip firewall mangle ● add action=jump chain=prerouting comment=jumping jump-target=hotspot ● add action=jump chain=postrouting jump-target= hotspot
- 18. HOTSPOT MARKING ●/ip firewal mangle ● add action=mark-connection chain=prerouting new-connection- mark=conn-group1 packet-mark=group1-in ● add action=mark-connection chain=postrouting new-connection- mark=conn-group1 packet-mark=group1-out ● add action=mark-packet chain=prerouting connection-mark= conn-group1 new-packet-mark=packet-group1 passthrough=no ● add action=mark-packet chain=postrouting connection-mark= conn-group1 new-packet-mark=packet-group1 passthrough=no
- 19. IIX & INTMarking ● /ip firewall mangle ● add action=mark-connection chain=prerouting comment="iix ix differ" dst-address- list=nice new-connection-mark=conn-group1-iix packet-mark= group1-in ● add action=mark-packet chain=prerouting connection-mark=conn-group1-iix new-packet-mark=packet-group1-in passthrough=no ● add action=mark-connection chain=prerouting dst-address-list=!nice new-connection- mark=conn-group1-int packet-mark=group1-in ● add action=mark-packet chain=prerouting connection-mark=conn-group1-int new-packet-mark=packet-group1-int passthrough=no ● add action=mark-packet chain=postrouting connection-mark=conn-group1- iix new-packet-mark=packet-group1-iix passthrough=no ● add action=mark-packet chain=postrouting connection-mark=conn-group1- int new-packet-mark=packet-group1-int passthrough=no
- 20. HOTSPOT UNAUTH MARKING Unauth = have bypass access ● /ip firewall mangle ● add action=mark-connection chain=prerouting comment=hotspot-unauth hotspot=!auth in-interface=lan new-connection-mark=conn-unauth ● add action=mark-packet chain=prerouting connection-mark= conn-unauth new-packet-mark=packet-unauth passthrough=no ● add action=mark-packet chain=postrouting connection-mark= conn-unauth new-packet-mark=packet-unauth passthrough=no
- 21.
- 22. Parent & HotspotGroup ● /queue tree ● add max-limit=512k name=0-Hotspot1-Total-Upload parent=wan ● add max-limit=512k name=0-Hotspot1-Total-Download parent=lan ● add limit-at=128k max-limit=256k name=Group1-Total- Upload packet-mark=packet-group1 parent=0-Hotspot1- Total-Upload ● add limit-at=128k max-limit=256k name=Group1-Total-download packet-mark=packet-group1 parent=0-Hotspot1- Total-Download
- 23. IIX & INT;Up & Down ● /queue tree ● add limit-at=64k max-limit=256k name=Group1-Total-IIX-Download packet-mark=packet-group1-iix parent=Group1-Total-download priority=4 ● add limit-at=64k max-limit=256k name=Group1-Total-INT-Download packet-mark=packet-group1-int parent=Group1- Total-download priority=3 ● add limit-at=64k max-limit=256k name=Group1-Total-IIX-Upload packet-mark=packet-group1-iix parent=Group1-Total- Upload priority=4 ● add limit-at=64k max-limit=256k name=Group1-Total-INT-Upload packet-mark=packet-group1-int parent=Group1-Total- Upload priority=4
- 24. Hotspot unauth ●/queue tree ● add limit-at=16k max-limit=64k name=Hotspot1-Unauth-Download packet-mark= packet-unauth parent=0-Hotspot1-Total- Download ● add limit-at=8k max-limit=64k name=Hotspot1- Unauth-Upload packet-mark=packet-unauth parent=0-Hotspot1-Total-Upload
- 25.
- 26.
- 27.
- 28.
- 29.
- 30. Limitation Queue ●/queue tree ● add name="Hotspot-total-Up" parent=Wan packet-mark="" max-limit=512k ● add name="Hotspot-total-Down" parent=Lan packet-mark="" max-limit=512k ● add name=”Group-total-Download" parent=Hotspot-total-Down packet-mark= packet-down limit-at=256k max-limit512 ● add name="Group-total-Upload" parent=Hotspot-total-Up packet-mark= packet-up limit-at=256k max-limit=512k
- 31.