HOW TO JOIN TWO IN ONE SPEEDY Connection Router

Here's an example implementation of load balance two connections on the appropriate title. Run on OpenBSD machine as a NAT router with two Telkom DSL connection, sk0 interface and sk1.



1. Enable forwarding in / etc / sysctl.conf



net.inet.ip.forwarding = 1



2. Make sure that the default configuration and routing interface is empty, only the filename alone



# / Etc/hosts.sk0

# / Etc/hosts.sk1

# / Etc/hostname.sk0

# / Etc/hostname.sk1

# / Etc / mygate



Speedy DSL connection script, pppoe0 for the first connection and to connect the two pppoe1. Adjust interface, username and password. Do not forget, use the indent tab.



# / Etc / ppp / ppp.conf

default:

set log Phase Chat LCP IPCP CCP tun command

set redial 15 0

set reconnect 15 10000

pppoe0:

set device "! / usr / sbin / pppoe-i sk0"

acfcomp disable protocomp

deny acfcomp

set mtu max 1492

set mru max 1492

crtscts set off

set speed sync

enable lqr

lqrperiod set 5

5 cd set

set dial

set login

set timeout 0

set AuthName blahblahblah@telkom.net

authkey set asaljangandejek

add! default HISADDR

enable dns

enable mssfixup

pppoe1:

set device "! / usr / sbin / pppoe-i sk1"

acfcomp disable protocomp

deny acfcomp

set mtu max 1492

set mru max 1492

crtscts set off

set speed sync

enable lqr

lqrperiod set 5

5 cd set

set dial

set login

set timeout 0

set AuthName blahblahblah2@telkom.net

authkey set vikingboneksamasaja

add! default HISADDR

enable dns

enable mssfixup



3. Enable interface sk0 and sk1



# Ifconfig sk0 up

# Ifconfig sk1 up



4. Run PPPoE, Point to Point Protocol over Ethernet.



# Ppp-ddial pppoe0

# Ppp-ddial pppoe1



5. If Speedy connection is successful, the IP address of Speedy will be binding on the tun0 interface and tunneling tun1



# Ifconfig

tun0: flags = 8051 mtu 1492

groups: tun egress

125.163.72.1 netmask 0xffffffff">125.xxx.xxx.113 inet -> 125.163.72.1 netmask 0xffffffff

tun1: flags = 8051 mtu 1492

groups: tun

125.163.72.1 netmask 0xffffffff">125.xxx.xxx.114 inet -> 125.163.72.1 netmask 0xffffffff



6. And the default gateway will be active



# Netstat-nr | more

Routing tables

Internet:

Refs Destination Gateway Flags Use Interface MTU

7 default 125.163.72.1 UGS 17,529 - tun0



7. DNS resolver configuration and would be filled



# Cat / etc / resolv.conf

lookup file bind

nameserver 202.134.2.5

nameserver 203.130.196.5



8. Enable Firewall Packet pf



# / Etc / rc.conf

pf = "YES"



9. NAT Firewall Packet script and balancing with round-robin (round-robin exchange with loadbalance if better suited to your needs). In-line indent is still included in the top row. malah menghilangkan karakter backslash (\).">Somehow even eliminate tag

 backslash character (\).



# / Etc / pf.conf

lan_net = "10.0.0.0 / 8"

int_if = "vr0"

ext_if1 = "tun0"

ext_if2 = "tun1"

ext_gw1 = "125.163.72.1"

ext_gw2 = "125.163.72.1"

# Scrub all

scrub in all

# Nat outgoing connections on each internet interface

 ($ext_if1)">nat on $ ext_if1 from $ lan_net to any -> ($ ext_if1)

 ($ext_if2)">nat on $ ext_if2 from $ lan_net to any -> ($ ext_if2)

# Pass all outgoing packets on internal interfaces

pass out on $ int_if from any to $ lan_net

# Pass in quick any packets Destined for the gateway itself

pass in quick on $ int_if from $ lan_net to $ int_if

# Load balance outgoing tcp traffic from internal network.

pass in on $ int_if route-to \

    (($ Ext_if1 $ ext_gw1), ($ ext_if2 $ ext_gw2)) round-robin \

    proto tcp from $ lan_net to any flags S / SA modulate state

# Load balance outgoing udp and icmp traffic from internal network

pass in on $ int_if route-to \

    (($ Ext_if1 $ ext_gw1), ($ ext_if2 $ ext_gw2)) round-robin \

    proto (udp, icmp) from $ lan_net to any keep state

# General "pass out" rules for external interfaces

pass out on $ ext_if1 proto tcp from any to any flags S / SA modulate state

pass out on $ ext_if1 proto (udp, icmp) from any to any keep state

pass out on $ ext_if2 proto tcp from any to any flags S / SA modulate state

pass out on $ ext_if2 proto (udp, icmp) from any to any keep state



10. Activate the necessary script in / etc / rc.local so that each reboot directly to work.



ifconfig sk0 up

ifconfig sk1 up

# Enable speedy

ppp-ddial pppoe0

ppp-ddial pppoe1



PF will work reading / etc / pf.conf.

If you must restart Speedy DSL connection, make sure pppoe off first



# Pkill ppp



If not, then the ppp will create a new tunneling into tun2, tun3 and so on.



11. To monitor the function of nat pool round-robin on the work or not, can use tools that can be taken pftop in http://www.eee.metu.edu.tr/ ~ canacar / pftop /



If you optimize your network connection with a proxy, such as Squid, and Squid proxy is not installed on the NAT router machine, because when Squid to access web pages to the Internet; by PF is considered not as a NAT connection, so there will be balance, and will stay to take the main interface and the default gateway first. Keep the engine proxy / squid behind a NAT router, so that the proxy connection to the Internet to NAT traffic that would be in-balance by the script above PF.



--

Thanks to Starchie and Hengky the basic tutorial on OpenBSD PF



For more details: Source http://yulian.firdaus.or.id/2007/09/07/load-balance-speedy/



Can also bca here: http://ferie-id.com/komputer/setting-loadbalancing-mikrotik


Related Post