Proxy on RouterBOARD's external drive

From MikroTik Wiki
Revision as of 12:34, 15 January 2010 by SergejsB (talk | contribs) (External drive on RouterBOARD: Fix for RB493)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Description

MikroTik RouterOS proxy implements different features of HTTP caching and filtering. RouterBOARD can be used to implement HTTP caching on your network. RouterBOARD uses NAND as hard drive, external drive is more recommended due to space limitation 64/128/512 MB, when HTTP caching is necessary on your network.

External drive on RouterBOARD

The list of the RouterBOARDs, where is the option to add external drive;

  • RouterBOARD 5xx (532/532A - Compact Flash card slot);
  • RouterBOARD 4xx (433AH - MicroSD card slot; 433UAH - MicroSD card slot; 450G - MicroSD card slot;)
  • RouterBOARD 6xx (600/600a - Compact Flash card slot);
  • RouterBOARD 1000 (1000 - Compact Flash card slot);

Example

MikroTik RouterOS proxy can be used in three modes, a) cache is not saved anywhere; b) cache is saved to RAM; c) cache is save to Hard Drive. When RouterBOARD does not have external drive, it is advised to use a) or b) method. c) is used with the RouterBOARDs, which have external drives.


Proxy with external drive

Winbox Configuration

The example covers configuration, when proxy caches HTTP traffic to the external drive (CF, MicroDrive or MicroSD).

  • Firstly, let's prepare external drive for the proxy cache. Plug the external drive into the RouterBOARD, disk should be recognized and shown at /store menu. Run the Format Disk command,

Proxy16.png

  • Configure to save proxy cache on the external drive,

Proxy17.png

  • Enable Proxy and specify information about yourself,

Proxy10.png

  • Enable proxy to cache on hard drive by Cache On Disk=yes, set Max. Cache Size=unlimited to use all available hard drive space for proxy cache

Proxy18.png

  • Proxy uses own DNS to resolve webpages IP addresses, therefore DNS configuration on the router is necessary. Example uses global DNS server addresses, please use local DNS servers addresses to ensure faster DNS resolution time.

Proxy15.png

  • Proxy is enabled at this point. Additional configuration is necessary for the clients browser, proxy address should be added to configuration settings on the client computer. Add NAT redirect rule to avoid mass configuration of clients browser, redirect rule will forward all clients to the proxy.

Proxy14.png

Command Line Configuration

/store disk format-drive <name_of_the_disk>
/store add name=web_proxy_cache type=web-proxy disk=<name_of_the_disk> activate=yes
/ip proxy set enabled=yes cache-on-disk=yes max-cache-size=none
/ip dns set primary-dns=4.2.2.1 secondary-dns=208.67.222.222
/ip firewall nat add chain=dstnat dst-port=80 protocol=tcp action=redirect to-ports=8080

Proxy without external drive

Winbox Configuration

Let's look on the proxy example, when RouterBOARD does not have external drive, proxy cache is saved to RAM or not saved anywhere.

  • Enable proxy and specify information about yourself,

Proxy10.png

  • Set cache to be saved to RAM by Cache On Disk=no option. Max. Cache Size=none forces proxy not to cache any files, other values for Max. Cache Size enables proxy caching to disk or RAM,

Proxy11.png

  • Proxy uses own DNS to resolve webpages IP addresses, therefore DNS configuration on the router is necessary. Example uses global DNS server addresses, please use local DNS servers addresses to ensure faster DNS resolution time.

Proxy15.png

  • Proxy is enabled at this point. Additional configuration is necessary for the clients browser, proxy address should be added to configuration settings on the client computer. Add NAT redirect rule to avoid mass configuration of clients browser, redirect rule will forward all clients to the proxy.

Proxy14.png

Command Line Configuration

/ip proxy set enabled=yes cache-on-disk=no max-cache-size=none
/ip dns set primary-dns=4.2.2.1 secondary-dns=208.67.222.222
/ip firewall nat add chain=dstnat dst-port=80 protocol=tcp action=redirect to-ports=8080