On Tue, 12 Jun 2007, ~P~Q~R Mirza Khadnezar ~R~Q~P wrote:
IMO Ubuntu lebih friendly.
btw oot :
pak onno mungkin bersedia menuliskan sedikit tips bagaimana tuning
ubuntu server yang baik dan benar mungkin include pemahaman sebagai
Gateway dan webserver.
ini beberapa catatan saya utk gateway di rumah
yang load balancing antara ADSL & RT/RW-net
utk Webserver mungkin perlu di tune di PHP, MySQL & sekitar-nya ..
Install Router in Ubuntu
by: Onno W. Purbo
- insert ubuntu disc
- boot
install a command line system
$ sudo passwd root
# su -
# vi /etc/network/interfaces
auto eth0
iface eth0 inet static
address 10.0.148.48
netmask 255.255.255.0
auto eth1
iface eth1 inet static
address 192.168.0.222
netmask 255.255.255.0
auto eth2
iface eth2 inet static
address 192.168.1.222
netmask 255.255.255.0
# vi /etc/apt/source-list
deb ftp://192.168.0.1/pub/edgy-repo1/ edgy main restricted
deb ftp://192.168.0.1/pub/edgy-repo2/ edgy universe
deb ftp://192.168.0.1/pub/edgy-repo3/ edgy universe
deb ftp://192.168.0.1/pub/edgy-repo4/ edgy universe multiverse
# apt-get update
# apt-get install openssh-server
# /etc/init.d/ssh restart
# vi /etc/timezone
Asia/Jakarta
---------- iproute2 ------------------------------------------------
/sbin/ip link set lo up
/sbin/ip link set eth0 up
/sbin/ip link set eth1 up
/sbin/ip link set eth2 up
/sbin/ip route flush table adsl
/sbin/ip route flush table rtrwnet
/sbin/ip route flush table internet
/sbin/ip addr add 127.0.0.1/8 brd 127.0.0.255 dev lo
/sbin/ip addr add 192.168.1.222/24 brd 192.168.1.255 dev eth2
# /sbin/ip addr add 10.0.148.48/24 brd 10.0.148.255 dev eth0
/sbin/ip addr add 192.168.0.222/24 brd 192.168.0.255 dev eth1
/sbin/ip route add 127.0.0.0/8 dev lo
/sbin/ip route add 10.5.148.0/24 via 10.0.148.254 dev eth0
/sbin/ip route add 192.168.0.0/24 dev eth1
/sbin/ip route add 44.132.33.0/24 via 192.168.0.10 dev eth1
/sbin/ip route add 192.168.11.0/24 via 192.168.0.10 dev eth1
/sbin/ip route add 125.160.6.0/24 via 192.168.1.1 dev eth2
/sbin/ip route add 202.159.32.0/24 via 192.168.1.1 dev eth2
/sbin/ip rule add prio 10 table main
/sbin/ip rule add prio 20 table adsl
/sbin/ip rule add prio 30 table rtrwnet
/sbin/ip rule add prio 40 table internet
/sbin/ip route del default table main
/sbin/ip route del default table adsl
/sbin/ip route del default table rtrwnet
/sbin/ip route del default table internet
/sbin/ip rule add prio 20 from 192.168.1.0/24 table adsl
/sbin/ip route add default via 192.168.1.1 dev eth2 src 192.168.1.222 proto
static table adsl
/sbin/ip route append prohibit default table adsl metric 1 proto static
/sbin/ip rule add prio 30 from 10.0.148.0/24 table rtrwnet
/sbin/ip route add default via 10.0.148.254 dev eth0 src 10.0.148.48 proto
static table rtrwnet
/sbin/ip route append prohibit default table rtrwnet metric 5 proto static
# Set up load balancing gateways
/sbin/ip rule add prio 40 table internet
/sbin/ip route add default proto static table internet \
nexthop via 192.168.1.1 dev eth2 weight 1 \
nexthop via 10.0.148.254 dev eth0 weight 10
# Setup routing to ISPs
/sbin/ip route add 202.138.236.0/24 proto static table internet \
nexthop via 192.168.1.1 dev eth2 weight 10 \
nexthop via 10.0.148.254 dev eth0 weight 1
----------- iptables -----------------------------------------------
/bin/echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -F
/sbin/iptables -P INPUT DROP
/sbin/iptables -A INPUT -p tcp -i eth1 --destination-port 25 -s ! 192.168.0.1
-j DROP
/sbin/iptables -A INPUT -i eth1 -j ACCEPT
/sbin/iptables -A INPUT -i eth0 -p tcp -s 0/0 --dport 25 -j ACCEPT
/sbin/iptables -A INPUT -i eth2 -p tcp -s 0/0 --dport 25 -j ACCEPT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -p tcp -i eth0 -j REJECT --reject-with tcp-reset
/sbin/iptables -A INPUT -p tcp -i eth2 -j REJECT --reject-with tcp-reset
/sbin/iptables -A INPUT -p udp -i eth0 -j REJECT --reject-with
icmp-port-unreachable
/sbin/iptables -A INPUT -p udp -i eth2 -j REJECT --reject-with
icmp-port-unreachable
/sbin/iptables -t nat -A POSTROUTING -o eth2 -j SNAT --to 192.168.1.222
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 10.0.148.48
----------- /etc/iproute2/rt_tables --------------------------------
120 adsl
121 rtrwnet
123 internet
--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke [EMAIL PROTECTED]
Arsip dan info milis selengkapnya di http://linux.or.id/milis
