MEMBERI PRIORITAS pada ICMP dan DNS

Memperkecil delay ping dari sisi klien ke arah Internet.
Mempercepat resolving hostname ke ip address.
Asumsinya klien berada pada subnet 132.32.32.0/24

icmp___________________
> ip firewall mangle add chain=prerouting src-address=132.32.32.0/24 protocol=icmp action=mark-connection new-connection-mark=icmp-cm passthrough=yes
> ip firewall mangle add chain=prerouting connection-mark=icmp-cm action=mark-packet new-packet-mark=icmp-pm passthrough=yes
> ip firewall mangle add chain=prerouting packet-mark=icmp-pm action=change-tos new-tos=min-delay

dns___________________
> ip firewall mangle add chain=prerouting src-address=132.32.32.0/24 protocol=tcp dst-port=53 action=mark-connection new-connection-mark=dns-cm passthrough=yes
> ip firewall mangle add chain=prerouting src-address=132.32.32.0/24 protocol=udp dst-port=53 action=mark-connection new-connection-mark=dns-cm passthrough=yes
> ip firewall mangle add chain=prerouting connection-mark=dns-cm action=mark-packet new-packet-mark=dns-pm passthrough=yes
> ip firewall mangle add chain=prerouting packet-mark=dns-pm action=change-tos new-tos=min-delay

pfifo_________________
> queue type add name=”pfifo-64″ kind=pfifo pfifo-limit=64

queueree______________
> queue tree add name=icmp parent=internet packet-mark=icmp-pm priority=1 limit-at=8000 max-limit=16000 queue=pfifo-64
> queue tree add name=dns-resolv parent=internet packet-mark=dns-pm priority=1 limit-at=8000 max-limit=16000 queue=pfifo-64

demikian_____________________

You may also like

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *