Tutorial Mikrotik Router Policy-based Routing Using VLAN Configuration
IP address Configuration:
/ip address
add address=103.7.248.206/29 network=103.7.248.200 broadcast=103.7.248.207 interface=WAN1
add address=103.31.178.62/30 network=103.31.178.60 broadcast=103.31.178.63 interface=WAN2
VLAN Configuration on Mikrotik Router:
/interface vlan
add name=VLAN-100 interface=LOCAL vlan-id=100
add name=VLAN-200 interface=LOCAL vlan-id=200
/ip address
add address=192.168.10.1/24 interface=VLAN-100
add address=172.16.10.1/24 interface=VLAN-200
DNS Configuration:
/ip dns set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=4.4.4.4,8,8.8.8.8
NAT Configuration:
/ip firewall nat
add chain=srcnat action=masquerade src-address=192.168.10.0/24 out-interface=WAN1
add chain=srcnat action=masquerade src-address=172.16.10.0/24 out-interface=WAN2
NAT Configuration:
/ip firewall nat
add chain=srcnat action=masquerade src-address=192.168.10.0/24 out-interface=WAN1
add chain=srcnat action=masquerade src-address=172.16.10.0/24 out-interface=WAN2
Mangle Configuration for 192.168.10.0/24 forward interface WAN1 and 172.16.10.0/24 forward WAN2
/ip firewall mangle
chain=prerouting action=mark-routing new-routing-mark=WAN1
passthrough=yes src-address=192.168.10.0/24
chain=prerouting action=mark-routing new-routing-mark=WAN2
passthrough=yes src-address=172.16.10.0/24
/ip route
add dst-address=0.0.0.0/0 routing-mark=WAN1 gateway=103.7.248.201
add dst-address=0.0.0.0/0 routing-mark=WAN2 gateway=103.31.178.61
chain=prerouting action=mark-routing new-routing-mark=WAN1
passthrough=yes src-address=192.168.10.0/24
chain=prerouting action=mark-routing new-routing-mark=WAN2
passthrough=yes src-address=172.16.10.0/24
/ip route
add dst-address=0.0.0.0/0 routing-mark=WAN1 gateway=103.7.248.201
add dst-address=0.0.0.0/0 routing-mark=WAN2 gateway=103.31.178.61
Simple Queue Configuration For Client 192.168.10.2:
/queue simple
Add name="Test1" target-addresses=192.168.10.2/32 interface=VLAN-100 parent=none
packet-marks="" direction=both priority=8
queue=default-small/default-small limit-at=0/0 max-limit=1M/1M
burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s
total-queue=default-small
Simple Queue Configuration For Client 172.16.10.2:
/queue simple
Add name="Test2" target-addresses=172.16.10.2/32 interface=VLAN-200 parent=none
packet-marks="" direction=both priority=8
queue=default-small/default-small limit-at=0/0 max-limit=1M/1M
burst-limit=0/0 burst-threshold=0/0 burst-time=0s/0s
total-queue=default-small
AccessSwitch Configuration:
AccessSwitch>enable
AccessSwitch#configuration terminal
AccessSwitch(config)#interface fastethernet 0/0
AccessSwitch(config-if)#switchport mode trunk
AccessSwitch(config-if)#switchport trunk allowed vlan all
AccessSwitch(config-if)#switchport nonegotiate
AccessSwitch(config)#vlan 100
AccessSwitch(config)#vlan 200
AccessSwitch(config)#interface fastethernet 0/1
AccessSwitch(config-if)#switchport mode access
AccessSwitch(config-if)#switchport access vlan 100
AccessSwitch(config)#interface fastethernet 0/2
AccessSwitch(config-if)#switchport mode access
AccessSwitch(config-if)#switchport access vlan 200
AccessSwitch#wr
Sumber : Sumber
0 comments:
Posting Komentar