In a Case, there is my client wishing topology in its(the network using machine Mikrotik which will be joined forces with Squid, where this Squid stays in machine FreeBSD. He wishs, arrangement of shaping easily, by using Simple Queue.
If topology like this : INET ------- Mikrotik --------- SQUID -------- Client
Bandwidth Management is handle by SQUID. We wanted is like this :
INET | Mikrotik ---- SQUID | Client
So, shaping to client is handle by Mikrotik.
Requirement :
- Mikrotik Box by minimizing 3 ethernet card.
1 applied for Uplink, 1 applied for Squid Box, 1 applied for line to client.
- Squid Box, in this case I apply FreeBSD as OS.
Configuration :
- Mikrotik Box :
- ethernet for Uplink applies ip 192.168.1.2/30 with gateway 192..168.1.1, change name ether1 with Uplink
- ethernet for Squid applies ip 172.17.1.1/30, change name ether2 with Proxy
- ethernet for Client applies ip 192.168.10.1/24, change name ether3 with Client
- Squid Box :
- ethernet applies ip 172.17.1.2/30
- port 8080
How To :
- Setting WebProxy at Mikrotik Box:
[admin@mt] > /ip web-proxy print
enabled: no
src-address: 0.0.0.0
port: 3128
hostname: "proxy"
transparent-proxy: no
parent-proxy: 0.0.0.0:0
cache-administrator: "webmaster"
max-object-size: 4096KiB
cache-drive: system
max-cache-size: none
max-ram-cache-size: unlimited
status: stopped
reserved-for-cache: 0KiB
reserved-for-ram-cache: 29696KiB
[admin@mt] > /ip web-proxy set enabled=yes hostname="Proxy" transparent-proxy=yes parent-proxy=172.17.1.2:8080 cache-administrator="Mine" max-ram-cache-size=none enabled=yes
[admin@mt] > /ip web-proxy print
enabled: yes
src-address: 0.0.0.0
port: 3128
hostname: "Proxy"
transparent-proxy: yes
parent-proxy: 172.17.1.2:8080
cache-administrator: "Mine"
max-object-size: 4096KiB
cache-drive: system
max-cache-size: none
max-ram-cache-size: none
status: running
reserved-for-cache: 0KiB
reserved-for-ram-cache: 29696KiB
- Firewall Setting NAT, trafig which use port 80 will redirect to webproxy.
[admin@mt] > /ip firewall nat add action=redirect chain=dstnat src-address=192.168.10.0/24 protocol=tcp dst-port=80 to-ports=3128 in-interface=Client
[admin@mt] > /ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat in-interface=Client src-address=192.168.10.0/24 protocol=tcp dst-port=80 action=redirect to-ports=3128
1 chain=srcnat src-address=192.168.10.0/24 action=masquerade
2 chain=srcnat src-address=172.17.1.2/32 action=masquerade
- Setting simple queue as usual, by using interface=Client
- Setting at squid, can apply transparent or no.
Done...
After I try, result is, client applies bandwidth as according to bandwidth which shaping we have at simple queue, don't forget, to make simple queue for proxy with bandwidth larger ones.
Hopefully this article can help.
Trackback(0)
 |
TrackBack URI for this entry
Subscribe to this comment's feed
Show/Hide comment form
