Blog Langkah Menuju Berkah
To disable interface:
root@Juniper# set interfaces ge-0/0/1.0 disable << This is cisco equivalent of “shutdown”
To enable interface:
root@Juniper# delete interfaces ge-0/0/1.0 disable << This is cisco equivalent of “no shutdown”
Verification:
root@Juniper# run show interfaces ge-0/0/1.0 terse
Untuk meyakinkan config nya setelah disable lakukan commit, dan juga setelah delete disable lakukan commit kembali.
| Cisco Command | Juniper Command | Co-Ordinating Definition |
|---|---|---|
| show run | sh configuration | Show running configuration |
| sh ver | sh ver | Show version |
| show ip interface brief | show interface terse | displays the status of interfaces configured for IP |
| show interface [intfc] | show interfaces [intfc] detail | displays the interface configuration, status and statistics. |
| show controller intfc | show interfaces intfc extensive | displays information about a physical port device |
| show interface | incl (proto|Desc) | show interfaces description | displays the interface configuration, status and statistics |
| show ip route | show route | displays summary information about entries in the routing table |
| show ip bgp summary | show bgp summary | displays the status of all Border Gateway Protocol (BGP) connections |
| show ip bgp net mask | show route protocol bgp prefix | will show you how that route is being advertised, look for the first line |
| show ip bgp net mask longer-prefixes | show route range prefix | will show you how that route is being advertised, look for the first line |
| show ip bgp regexp AS-regexp | show route aspath-regexp “AS-regexp” | displays routes matching the autonomous system (AS) path regular expression |
| show ip bgp neighbors neigh received-routes | show route receive-protocol bgp neigh
show route source-gateway neigh protocol bgp |
Shows whether a neighbor supports the route refresh capability |
| show ip bgp neighbor neigh advertised-routes | show route advertising-protocol bgp neigh | Shows whether a neighbor supports the route refresh capability |
| show clns neighbors | show isis adjacency | displays both ES and IS neighbors |
| show clns interface | show isis interface | shows specific information about each interface |
| show ip route isis | show isis routes | displays the current state of the the routing table |
| show isis topology | show isis spf | displays a list of all connected routers in all areas |
| show ip ospf interface | show ospf neighbor | shows neighbor ID, Priority, IP, & State if the neighbor router, dead time. |
| show ip ospf interface | show ospf interface | shows neighbor id, pri, state, dead time, address and interface |
| show ip route ospf | show ospf route | display the current state of the routing table |
| show ip ospf database | show ospf database | display list of information related to the OSPF database for a specific communication server |
| show version | show version, show system uptime | display the system hardware config., software version, and name and source of configuration files and boot images |
| show diags | show chasis hardware | displays power-on diagnostics status |
| show processes cpu | show system process | displays utilization statistics |
| show tech-support | request support info | displays the current software image, configuration, controllers, counters, stacks, interfaces, memory and buffers |
| show logging | show log messages | display the state of logging to the syslog |
| show route-map name | show policy name | displayall route-maps configured or only the one specified |
| show ip prefix-list name | show policy name | display information about a prefix list or prefix list entries |
| show ip community-list list | configure, show policy-options community name |
display routes that are permitted by BGP community list |
| show environment all | show chassis environment | displays temperature and voltage information on the console |
| ping dest | ping dest rapid (for cisco like output) ping dest (for unix like output) |
to check to see if a destination is alive |
| ping (setting source int) | ping dest bypass-routing | to check to see if a destination is alive |
| terminal monitor | monitor start messages | Change console terminal settings |
| terminal no monitor | monitor stop | Change console terminal settings |
| terminal length 0 | set cli screen-length 0 | sets the length for displaying command output |
MTU in Juniper for MX Series Routers
| Interface Type | Default Media MTU (Bytes) | Maximum MTU (Bytes) | Default IP Protocol MTU (Bytes) |
| Gigabit Ethernet | 1514 | 9192 | 1500 (IPv4), 1488 (MPLS), 1497 (ISO) |
| 10-Gigabit Ethernet | 1514 | 9192 | 1500 (IPv4), 1488 (MPLS), 1497 (ISO) |
| Multi-Rate Ethernet | 1514 | 9192 | 1500 (IPv4), 1488 (MPLS), 1497 (ISO) |
| Tri-Rate Ethernet | 1514 | 9192 | 1500 (IPv4), 1488 (MPLS), 1497 (ISO) |
| Channelized SONET/SDH OC3/STM1 (Multi-Rate) | 1514 | 9192 | 1500 (IPv4), 1488 (MPLS), 1497 (ISO) |
| DS3/E3 (Multi-Rate) | 1514 | 9192 | 1500 (IPv4), 1488 (MPLS), 1497 (ISO) |
MTU in Juniper for ACX Series Routers
| Interface Type | Default Media MTU (Bytes) | Maximum MTU (Bytes) | Default IP Protocol MTU (Bytes) |
| Gigabit Ethernet | 1514 | 9192 | 1500 (IPv4), 1497 (ISO) |
| 10-Gigabit Ethernet | 1514 | 9192 | 1500 (IPv4), 1497 (ISO) |
Encapsulation Overhead by Encapsulation Type
| Interface Encapsulation | Encapsulation Overhead (Bytes) |
| 802.1Q/Ethernet 802.3 | 21 |
| 802.1Q/Ethernet Subnetwork Access Protocol (SNAP) | 26 |
| 802.1Q/Ethernet version 2 | 18 |
| ATM Cell Relay | 4 |
| ATM permanent virtual connection (PVC) | 12 |
| Cisco HDLC | 4 |
| Ethernet 802.3 | 17 |
| Ethernet circuit cross-connect (CCC) and virtual private LAN service (VPLS) | 4 |
| Ethernet over ATM | 32 |
| Ethernet SNAP | 22 |
| Ethernet translational cross-connect (TCC) | 18 |
| Ethernet version 2 | 14 |
| Extended virtual local area network (VLAN) CCC and VPLS | 4 |
| Extended VLAN TCC | 22 |
| Frame Relay | 4 |
| PPP | 4 |
| VLAN CCC | 4 |
| VLAN VPLS | 4 |
| VLAN TCC | 22 |
Konfigurasi System Name
set system host-name [NAMA ROUTER]
Mengaktifkan Telnet
set system services telnet
Untuk konfigurasi banyaknya session telnet yang digunakan dan lamanya idle-timeout session telnet, gunakan command berikut :
[edit system services]
telnet {connection-limit limit;
rate-limit limit;}
Mengaktifkan SSH
root# set system services ssh root-login deny
root# set system services ssh rate-limit 10
Konfigurasi NTP
Konfigurasi node yang berperan sebagai NTP server didalam network :
set system ntp boot-server 192.14.4.2
set system ntp server 192.14.4.2 prefer
set system ntp server 192.14.4.23
set system ntp source-address [IP LOOPBACK]
Verifikasi status NTP server yang digunakan dengan menggunakan command :
show ntp associations
Konfigurasi Interface
set interfaces [port] speed 100m
set interfaces [port] link-mode full-duplex
Konfigurasi System (loopback) Address
set interfaces lo0 unit 0 family inet address [IP LOOPBACK]
Konfigurasi IP Address di Interface
set interfaces [port] description “LINK To NPE-01”
set interfaces [port]unit [vlan]
set interfaces [port]unit [vlan] family inet address 192.25.6.246/30
Interface Tagging
set interfaces [port] description “[deskripsi]”
set interfaces [port] flexible-vlan-tagging
set interfaces [port] mtu 2020
set interfaces [port] encapsulation flexible-ethernet-services
Interface Port Acces
set interfaces [port] unit [VLAN]
set interfaces [port] unit [VLAN] description “[deskripsi]”
set interfaces [port] unit [VLAN] vlan-id [VLAN]
Konfigurasi OSPF Area
set protocols ospf traffic-engineering
set protocols ospf reference-bandwidth 10g
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0 hello-interval 5
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0 dead-interval 15
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0 authentication md5 1 key “PASSWORD”
Konfigurasi Prefix list
set policy-options prefix-list [PREFIX NAME] 192.14.3.0/24
Konfigurasi Limitasi Bandwidth
set firewall family ccc filter 1MBPS interface-specific
set firewall family ccc filter 1MBPS term 1 then policer 1M
set firewall family ccc filter 1MBPS term 1 then accept
set firewall policer 1M if-exceeding bandwidth-limit 1024000
set firewall policer 1M if-exceeding burst-size-limit 20120
set firewall policer 1M then discard
Dieng yang berlokasi di Provinsi Jawa Tengah merupakan salah satu lokasi proyek Pembangkit Listrik Tenaga Panas Bumi (PLTP) Geo Dipa Energi. Dengan kontur pegunungan, sumber air panas, solfatara, fumarole serta bebatuan mengindikasikan bahwa Dieng merupakan lokasi yang potensial untuk dikembangkan sebagai sumber energi panas bumi. Total potensi energi panas bumi di sekitar Dieng diperkirakan sebesar 400 MW.
Saat ini, Geo Dipa Energi berhasil mengoperasikan proyek Dieng Unit 1 dengan kapasitas sebesar 60 MW yang terhubung ke jaringan Jawa-Madura- Bali melalui sistem interkoneksi. Selain itu, untuk memenuhi target usaha dilakukan peningkatan serta pengembangan kapasitas proyek Dieng 2 dan 3, masing-masing berkapasitas 55 MW.
Banyaknya sumur di lapangan Dieng memberikan ketersediaan data teknis yang lebih tinggi sehingga dapat lebih meningkatkan success ratio pengeboran. Berikut video dalam Time Lapse Geodipa sumur Pawuhan Karangtengah Batur Banjarnegara setelah beberapa bulan sebelumnya pernah meledak dan menyebabkan tumbuhan pertanian disekitar area sumur mengalami gagal panen bahkan mati kering karena kadar asam yang tinggi.
Sekitar pukul 20:42 hari Jumat 12 Januari 2018, dapat broadcast bahwa router BGP OpenIXP di Gedung Cyber (Cisco 7609) terjadi pemutusan jaringan dikarenakan adanya penambahan konfigurasi filtering untuk port 5678 yang merupakan port untuk Mikrotik Network Discovery Protocol (MNDP), mungkin saking banyaknya user yang pakai perangkat mikorik untuk terhubung ke Router NiCE ini dan lupa ataupun sengaja mengaktifkan fitur ip neighbors (MNDP) ini sehingga menyebabkan kenaikan load cpu yang cukup significant.
MNDP ini memungkinkan untuk mencari perangkat lawan yang sama-sama support MNDP atau CDP (Cisco Discovery Protocol) ataupun LLDP di L2 broadcast domain.
Broadcast info tersebut diakhiri dengan pesan berikut :
Mohon untuk disampaikan ke rekan-rekan yang menggunakan mikrotik untuk men disable Network Discovey Protocol dan menonaktifkan aplikasi “The DUDE” pada jaringannya masing-masing
Submenu level : /ip neighbor discovery
name (read-only: name)- interface name for reference
discover (yes | no; default: yes) – defines if discover is enabled or disabled
To disable MNDP protocol on Public interface:
[admin@MikroTik] ip neighbor discovery> set Public discover=no [admin@MikroTik] ip neighbor discovery> print # NAME DISCOVER 0 Public no 1 Local yes
Submenu level : /ip neighbor
interface (read-only: name) – local interface the neighbor is connected to
address (read-only: address) – IP address of the neighbor router
mac-address (read-only: mac-address) – MAC-address of the neighbor router
identity (read-only: string) – identity of the neighbour router
version (read-only: string) – router version of the neighbour router
unpack (read-only: none | simple | compress-headers | compress-all) – identifies if the interface of the neighbour router is unpacking ‘Packed Packets’
To view the table of discovered neighbours:
[admin@MikroTik] ip neighbor> print
# INTERFACE ADDRESS MAC-ADDRESS IDENTITY VERSION
0 eth100... 10.5.2.100 00:04:EA:C6:0E:6F HP_10.5... Revisio...
1 jevg_v... 10.5.1.1 00:40:96:58:20:14 0040965... Cisco 3...
2 local_... 10.5.5.50 00:40:63:C1:23:C4 10.5.7.1 2.7rc4
3 local_... 10.5.5.51 00:E0:C5:6E:23:25 GW_10.5... 2.7rc4
[admin@MikroTik] ip neighbor> print detail
0 interface=eth100-temp address=10.5.2.100 mac-address=00:04:EA:C6:0E:6F
identity="HP_10.5.2.100 Basement(0004ea-c60e40)" platform="HP 2524"
version="Revision F.02.11 /sw/code/build/info(f00)" unpack=none age=12s
1 interface=jevg_vlan2 address=10.5.1.1 mac-address=00:40:96:58:20:14
identity="004096582014platform="AIR-BR350"
version="Cisco 350 Series Bridge 11.21" unpack=none age=34s
2 interface=local_vlan5 address=10.5.5.50 mac-address=00:40:63:C1:23:C4
identity="10.5.7.1" platform="MikroTik" version="2.7rc4" unpack=none
age=48s
3 interface=local_vlan5 address=10.5.5.51 mac-address=00:E0:C5:6E:23:25
identity="GW_10.5.51.1" platform="MikroTik" version="2.7rc4" unpack=none
age=45s
[admin@MikroTik] ip neighbor>
As you can see, not only MikroTik RouterOS routers were discovered, but HP Procurve 2524 switch and Cisco 350 Series Wireless Bridge
