Sunday, May 29, 2011

The Easy Way to setting Mikrotik + Squid and Simple Queue

In a Case, there is my client wishing topology in its(the network using machine Mikrotik which will be joined forces with Squid, where this Squid stays in machine FreeBSD. He wishs, arrangement of shaping easily, by using Simple Queue.

If topology like this : INET ------- Mikrotik --------- SQUID -------- Client

Bandwidth Management is handle by SQUID. We wanted is like this :

INET | Mikrotik ---- SQUID | Client

So, shaping to client is handle by Mikrotik.

Requirement :

  1. Mikrotik Box by minimizing 3 ethernet card.
    1 applied for Uplink, 1 applied for Squid Box, 1 applied for line to client.

  2. Squid Box, in this case I apply FreeBSD as OS.


Configuration :

  1. Mikrotik Box :

    • ethernet for Uplink applies ip 192.168.1.2/30 with gateway 192..168.1.1, change name ether1 with Uplink

    • ethernet for Squid applies ip 172.17.1.1/30, change name ether2 with Proxy

    • ethernet for Client applies ip 192.168.10.1/24, change name ether3 with Client



  2. Squid Box :

    • ethernet applies ip 172.17.1.2/30

    • port 8080




How To :

  1. Setting WebProxy at Mikrotik Box:
    [admin@mt] > /ip web-proxy print
    enabled: no
    src-address: 0.0.0.0
    port: 3128
    hostname: "proxy"
    transparent-proxy: no
    parent-proxy: 0.0.0.0:0
    cache-administrator: "webmaster"
    max-object-size: 4096KiB
    cache-drive: system
    max-cache-size: none
    max-ram-cache-size: unlimited
    status: stopped
    reserved-for-cache: 0KiB
    reserved-for-ram-cache: 29696KiB

    [admin@mt] > /ip web-proxy set enabled=yes hostname="Proxy" transparent-proxy=yes parent-proxy=172.17.1.2:8080 cache-administrator="Mine" max-ram-cache-size=none enabled=yes

    [admin@mt] > /ip web-proxy print
    enabled: yes
    src-address: 0.0.0.0
    port: 3128
    hostname: "Proxy"
    transparent-proxy: yes
    parent-proxy: 172.17.1.2:8080
    cache-administrator: "Mine"
    max-object-size: 4096KiB
    cache-drive: system
    max-cache-size: none
    max-ram-cache-size: none
    status: running
    reserved-for-cache: 0KiB
    reserved-for-ram-cache: 29696KiB

  2. Firewall Setting NAT, trafig which use port 80 will redirect to webproxy.
    [admin@mt] > /ip firewall nat add action=redirect chain=dstnat src-address=192.168.10.0/24 protocol=tcp dst-port=80 to-ports=3128 in-interface=Client

    [admin@mt] > /ip firewall nat print
    Flags: X - disabled, I - invalid, D - dynamic
    0 chain=dstnat in-interface=Client src-address=192.168.10.0/24 protocol=tcp dst-port=80 action=redirect to-ports=3128
    1 chain=srcnat src-address=192.168.10.0/24 action=masquerade
    2 chain=srcnat src-address=172.17.1.2/32 action=masquerade

  3. Setting simple queue as usual, by using interface=Client

  4. Setting at squid, can apply transparent or no.


Done...
After I try, result is, client applies bandwidth as according to bandwidth which shaping we have at simple queue, don't forget, to make simple queue for proxy with bandwidth larger ones.
Hopefully this article can help.
Posted by I Nyoman Suryasa, S.Kom, M.Kom at 6:21:00 PM
Labels:

No comments:

Post a Comment

Terima kasih atas komentar yang anda sampaikan , sehingga dapat menambah wawasan saya sebagai penulis dan membuat blog ini semakin berguna banyak orang

Subscribe to: Post Comments (Atom)