Access other OP portal via Mikrotik Load Balancer | HEIKALINE Creative
pregnancy

0
  • Access other OP portal via Mikrotik Load Balancer

    [caption id="attachment_9945" align="aligncenter" width="629"]Access other OP portal via Mikrotik Load Balancer
    Disclaimer: I receive many emails from local operators on howto access other operators media sharing portal so that there local users can access them. Rather then replying each one separately & Due to time shortage, I am posting a simple method on how you can let your users access the outer operator media portal via your load balance mikrotik.  It is highly recommended to first search for the target web site/servers ip either using trace-route or wire shark. you have to conduct lengthy tracing by simply first try to connect with the target web site and start downloading multiple files, now using either TORCH, or using WIRE SHARK, you can get ips of all the servers which is being accessed by the torrent/idm which is connecting wit the target services. just make a note of these ip’s and add them in list either ip by ip or by /24 subnet.

    Also It is recommended to use Mark Connections / Packets and Mark Routing. This way you wont have to create addition rules. So following pseudo codes is highly recommended to fit yourself in a famous quote that says <strong>Work Smarter , not harder</strong> …
    Example of WIRESHARK is posted bellow ….
    wire-shark

    Scenario:

    We are using Mikrotik as pppoe server and dual vdsl links as WAN load balancer. We have acquired another Operator X line just to access there Entertainment portal which is great in media sharing files including video games etc. We want to let our user access there portal using our mikrotik without interfering with any other network.

    Solution:

    Quick & Dirty method. You should refine it when deploying in production environment.
    We have configured an simple wifi router along with Operator X service in it. Now connect this router LAN line in your mikrotik (example Port 12).

    IP Scheme:

    • Mikrotik LAN IP for pppoe users : eth0 > 192.168.0.1
    • Mikrotik PPPoE IP series (allowed users for internet) : 192.168.200.0/24
    • Mikrotik WAN-1 IP Series for DSL1 : eth1 > 192.168.1.1
    • Mikrotik WAN-2 IP Series for DSL2 : eth2 > 192.168.2.1
    • Mikrotik eth12 IP Series for Portal X : eth12 > 192.168.12.2 ( > 192.168.12.1 is wifi router with local OP service)
    • PORTAL-X IP Series: Web Portal – 123.123.123.0/24  Download servers – 172.17.1.0/24
    Note:
    For DNS, you can either use the OP-X dns servers (or wifi router as your dns as wifi router will get the DNS dynamically from the OP-X, or you can make static dns entries in your mikrotik dns server , and make sure all of your clients are using your mikrotik as there preferred dns server, you can also create a forced router to redirect all outgoing dns requests to your mirkotik. whatever is easier for you 🙂

    # PPPoE Users IP List to access internet/portal
    /ip firewall address-list
    add address=192.168.200.0/24 comment="Allowed Users to Use Internet" list="allowed users"
    # Add Portal X IP Series, you can get there list by inspecting torrent files, or using WIRESHARK
    # Accept the PORTAL X packets to avoid processing them in PCC, then using routes we can route them via wifi router
    add address=123.123.123.0/24 list=portalx_list add address=172.17.1.0/24 list=portalx_list /ip firewall mangle
    add action=accept chain=prerouting comment="ACCEPT portalx_list PACKETS FROM PROCESSING THEM IN PCC - ZAIB" dst-address-list=portalx_list src-address-list="pppoe_allowed_users"
    # Allow requests going to Portal X interface (to wifi router with OP X service) /ip firewall nat add action=masquerade chain=srcnat comment=ALLOW_ACCESS_TO_portalx_list_INTERFACE out-interface=eth12 src-address-list="pppoe_allowed_users
    add distance=1 dst-address=123.123.123.0/24 gateway=192.168.12.1 comment=route_for_portalx_site_going_via_local_wifi_router
    # Since we have excluded the Portal.X from PCC, therefor we have to create ROUTE for these packets # So that these packets should route via Wi.Fi Router (connected with OP X service) /ip route add distance=1 dst-address=172.17.1.0/24 gateway=192.168.12.1 comment=route_for_portalx_site_going_via_local_wifi_router
    add max-limit=1G/1G name="portalx_list.torrent queue-1G" target=172.17.17.0/24
    # In the end , simply create QUEUE to allow more bandwidth going to Portal X servers, # Again, if you had used packet marking, then you can use marked pkts & use single queue, more efficient
    /queue simple
  • Ahmed Heikal[/caption]

Post a Comment

Labels

 
Top
google-site-verification=tAnoM54_EpTcQ4HCPlMWIN9v8CUV9iNRiJ9FJIUmki0