sebelum setting management bandwidth dilakukan setting terlbihdahulu mikrotik kedalam roter
TRANSCRIPT
-
Sebelum setting management bandwidth dilakukan setting terlbihdahulu mikrotik kedalam roter,
Halyang pertama yang harus dilakukan dalah menambah format extention yang akan kita limit,
caranya
ip firewall layer7-protocol
ip firewall layer7-protocol add name=YOUTUBE regexp=
"http/(0\.9|1\.0|1\.1)[\x09-\x0d ][1-5][0-9][0-9][\x09-\x0d -
~]*(content-type: video)"
-
Kemudian tambahkan format file extention satu persatu seperti pada gambar dibawah
-
ip firewall layer7-protocol add name=EXE regexp=\\.(exe)
ip firewall layer7-protocol add name=RAR regexp="\\.(rar)"
ip firewall layer7-protocol add name=ZIP regexp="\\.(zip)"
ip firewall layer7-protocol add name="7z" regexp="\\.(7z)"
ip firewall layer7-protocol add name="CAB" regexp="\\.(cab)"
ip firewall layer7-protocol add name="ASF" regexp="\\.(asf)"
ip firewall layer7-protocol add name="MOV" regexp="\\.(mov)"
ip firewall layer7-protocol add name="WMV" regexp="\\.(wmv)"
ip firewall layer7-protocol add name="MPG" regexp="\\.(mpg)"
ip firewall layer7-protocol add name="MPEG" regexp=\\.(mpeg)
ip firewall layer7-protocol add name="MKV" regexp="\\.(mkv)"
ip firewall layer7-protocol add name="AVI" regexp="\\.(avi)"
ip firewall layer7-protocol add name="FLV" regexp="\\.(flv)"
ip firewall layer7-protocol add name="WAV" regexp="\\.(wav)"
ip firewall layer7-protocol add name="RM" regexp="\\.(rm)"
ip firewall layer7-protocol add name="MP3" regexp="\\.(mp3)"
ip firewall layer7-protocol add name="MP4" regexp="\\.(mp4)"
ip firewall layer7-protocol add name="RAM" regexp="\\.(ram)"
ip firewall layer7-protocol add name="RMVB" regexp="\\.(rmvb)"
ip firewall layer7-protocol add name="DAT" regexp="\\.(dat)"
ip firewall layer7-protocol add name="DAA" regexp="\\.(daa)"
ip firewall layer7-protocol add name="ISO" regexp="\\.(iso)"
ip firewall layer7-protocol add name="NRG" regexp=\\.(nrg)
ip firewall layer7-protocol add name="BIN" regexp="\\.(bin)"
ip firewall layer7-protocol add name="VCD" regexp="\\.(vcd)"
-
Kemudian atur manglenya seperti gambar dibawah
-
ip firewall mangle add action=mark-packet chain=prerouting
comment="YOUTUBE MARK PACKET " disabled=no layer7-protocol=YOUTUBE new-
packet-mark=YOUTUBE passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="EXE
MARK PACKET " disabled=no layer7-protocol=EXE new-packet-mark=EXE
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="RAR
MARK PACKET " disabled=no layer7-protocol=RAR new-packet-mark=RAR
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="ZIP
MARK PACKET " disabled=no layer7-protocol=ZIP new-packet-mark=ZIP
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="7z
MARK PACKET " disabled=no layer7-protocol=7z new-packet-mark=7z
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="CAB
MARK PACKET " disabled=no layer7-protocol=CAB new-packet-mark=CAB
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="ASF
MARK PACKET " disabled=no layer7-protocol=ASF new-packet-mark=ASF
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="MOV
MARK PACKET " disabled=no layer7-protocol=MOV new-packet-mark=MOV
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="WMV
MARK PACKET " disabled=no layer7-protocol=WMV new-packet-mark=WMV
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="MPG
MARK PACKET " disabled=no layer7-protocol=MPG new-packet-mark=MPG
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="MPEG
MARK PACKET " disabled=no layer7-protocol=MPEG new-packet-mark=MPEG
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="MKV
MARK PACKET " disabled=no layer7-protocol=MKV new-packet-mark=MKV
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="AVI
MARK PACKET " disabled=no layer7-protocol=AVI new-packet-mark=AVI
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="FLV
MARK PACKET " disabled=no layer7-protocol=FLV new-packet-mark=FLV
passthrough=no
-
ip firewall mangle add action=mark-packet chain=prerouting comment="WAV
MARK PACKET " disabled=no layer7-protocol=WAV new-packet-mark=WAV
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="RM
MARK PACKET " disabled=no layer7-protocol=RM new-packet-mark=RM
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="MP3
MARK PACKET " disabled=no layer7-protocol=MP3 new-packet-mark=MP3
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="MP4
MARK PACKET " disabled=no layer7-protocol=MP4 new-packet-mark=MP4
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="RAM
MARK PACKET " disabled=no layer7-protocol=RAM new-packet-mark=RAM
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="RMVB
MARK PACKET " disabled=no layer7-protocol=RMVB new-packet-mark=RMVB
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="DAT
MARK PACKET " disabled=no layer7-protocol=DAT new-packet-mark=DAT
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="DAA
MARK PACKET " disabled=no layer7-protocol=DAA new-packet-mark=DAA
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="ISO
MARK PACKET " disabled=no layer7-protocol=ISO new-packet-mark=ISO
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="NRG
MARK PACKET " disabled=no layer7-protocol=NRG new-packet-mark=NRG
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="BIN
MARK PACKET " disabled=no layer7-protocol=BIN new-packet-mark=BIN
passthrough=no
ip firewall mangle add action=mark-packet chain=prerouting comment="VCD
MARK PACKET " disabled=no layer7-protocol=VCD new-packet-mark=VCD
passthrough=no
-
Kemudian setting Queue Tree untuk limit file extentionnya
queue tree add name="LIMIT FILE EXTENTION" parent=global
limit-at=0 priority=3 max-limit=512000 burst-limit=0 burst-
threshold=0 burst-time=0s
-
Kemudian but entri data file yang akan dilimit berdasarkan extention
-
queue tree add name="YOUTUBE" parent="LIMIT FILE EXTENTION" packet-mark=YOUTUBE limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0
burst-threshold=0 burst-time=0s
queue tree add name="7z" parent="LIMIT FILE EXTENTION" packet-mark=7z
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="ASF" parent="LIMIT FILE EXTENTION" packet-mark=ASF
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0
queue tree add name="AVI" parent="LIMIT FILE EXTENTION" packet-mark=AVI
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="BIN" parent="LIMIT FILE EXTENTION" packet-mark=BIN
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="CAB" parent="LIMIT FILE EXTENTION" packet-mark=CAB
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="DAA" parent="LIMIT FILE EXTENTION" packet-mark=DAA
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="DAT" parent="LIMIT FILE EXTENTION" packet-mark=DAT
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="EXE" parent="LIMIT FILE EXTENTION" packet-mark=EXE
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="FLV" parent="LIMIT FILE EXTENTION" packet-mark=FLV
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="ISO" parent="LIMIT FILE EXTENTION" packet-mark=ISO
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="MKV" parent="LIMIT FILE EXTENTION" packet-mark=MKV
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="MOV" parent="LIMIT FILE EXTENTION" packet-mark=MOV
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="MP3" parent="LIMIT FILE EXTENTION" packet-mark=MP3
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
-
queue tree add name="MP4" parent="LIMIT FILE EXTENTION" packet-mark=MP4
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="MPEG" parent="LIMIT FILE EXTENTION" packet-mark=MPEG
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="MPG" parent="LIMIT FILE EXTENTION" packet-mark=MPG
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="NRG" parent="LIMIT FILE EXTENTION" packet-mark=NRG
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="RAM" parent="LIMIT FILE EXTENTION" packet-mark=RAM
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="RAR" parent="LIMIT FILE EXTENTION" packet-mark=RAR
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="RM" parent="LIMIT FILE EXTENTION" packet-mark=RM
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="RMVB" parent="LIMIT FILE EXTENTION" packet-mark=RMVB
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="VCD" parent="LIMIT FILE EXTENTION" packet-mark=VCD
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="WAV" parent="LIMIT FILE EXTENTION" packet-mark=WAV
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="WMV" parent="LIMIT FILE EXTENTION" packet-mark=WMV
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
queue tree add name="ZIP" parent="LIMIT FILE EXTENTION" packet-mark=ZIP
limit-at=0 queue=default priority=1 max-limit=0 burst-limit=0 burst-
threshold=0 burst-time=0s
-
nah kemudian jika ada IP yang ingin kita bypass agar ip tersebut titak melewati BW yang telah
kita set tati maka tambahlah IP yang ingin kita baypass di firewall address lists
Kemudian setting manglenya seperti ini
Kemudian setting Queue Tree
ip firewall mangle add chain=forward protocol=!icmp src-address-list=coba1 action=mark-
connection new-connection-mark=Conn-Coba1 passthrough=yes comment=Coba1
ip firewall mangle add chain=forward connection-mark=Conn-Coba1 action=mark-packet new-
connection-mark=D-Coba1 passthrough=no
queue tree add name=Coba1 parent=global packet-mark=D-Coba1 priority=8 limit-at=1M max-
limit=1M
-
Ini hasil tes dengan menggunakan limit berdasarkan nama file extention
-
Hasil tes dengan IP baypass