Cara memasang card WS-X6704-10GE pada cisco 7600 series routers

Untuk memasang card ini harus dipastikan bahwa supply power router masih tercukupi, adapun besaran power untuk card ini adalah ±330 Watts. Untuk cek system power available ketik perintah #show power, saran saja: biar enak baca log secara realtime silahkan langsung console router tersebut.

Jangan lupa untuk backup config sebelum eksekusi, untuk antisipasi ketika router problem setelah insert card.

Lepas blank panel dari slot yang masih tersedia pada router, dan masukkan card WS-X6704-10GE dengan hati-hati. Jika ragu silahkan tonton video ini terlebih dahulu

Pada saat bersamaan anda insert card, indikator status dan system pada SUP akan berwarna merah, dan ping ke arah loopback laptop akan RTO ±5 detik jadi jangan panik dulu karena itu tidak mempengaruhi service yang jalan, biasanya terdapat log berikut :

%C6KERRDETECT-SP-4-SWBUSSTALL: The switching bus is experiencing stall for 3 seconds
Problem
The switch reports these error messages:
%C6KERRDETECT-SP-4-SWBUSSTALL: The switching bus is experiencing stall for 3 seconds
%C6KERRDETECT-SP-4-SWBUSSTALL_RECOVERED: The switching bus stall is recovered and data traffic switching continues

Kenapa ? karena berikut :
Basically, if any one module on the system bus hangs then the supervisor detects a timeout and tries to recover on its own. If a module was in the process of being installed then that is a very possible cause of these messages since this can cause a bus stall while the module gets seated into the backplane

Selanjutnya verifikasi apakah card sudah terbaca dengan baik dengan perintah #show module, pastikan card WS-X6704-10GE sudah terbaca sesuai dengan slot nya yaitu slot 4 dan online status nya Pass.

#show module
Mod Ports Card Type                              Model              Serial No.
— —– ————————————– —————— ———–
4    4  CEF720 4 port 10-Gigabit Ethernet      WS-X6704-10GE      SAL12383K5T

Mod  Online Diag Status
—- ——————-
1  Pass
2  Pass
  4  Pass

Setelah card terbaca dan status online pass, artinya card sudah bisa digunakan, insert xenpak sesuai kebutuhan di port 1 – 4.

Plug kabel single mode dengan konektor SC pada port xenpak yang terpasang,

Dan terahir test ping P2P untuk memastikan port berjalan normal.

20170421_004658

20170421_0141581

🙂

Load balancing BGP dengan satu ASN

Untuk menunjang link BGP lebih aman, ada baiknya dengan menambahkan redundant link jadi ketika salah satu link untuk peer bgp down link lainnya masih bisa backup.

Berikut contoh load balancing bgp dengan satu ASN

load-balancing single asn

dari ilustrasi topologi diatas, customer memiliki 2 link untuk peer bgp yang memiliki jalur yang berbeda, misalnya satu link dengan Fibre Optic dan satunya dengan Radio. Karena ada 2 peer ip untuk satu ASN untuk mempersingkat di konfigurasi bgp diperlukan ip loopback sebagai neighbor nya. eBGP (external BGP) by default requires two Cisco IOS routers to be directly connected to each other in order to establish a neighbor adjacency. When the BGP neighbor is more than one hop away, the TTL will decrement to 0 and it will be discarded. Karena neighbor yang digunakan adalah ip loopback dimana router customer untuk menjangkau loopback tersebut melewati 2 hoop maka konfigurasi neighbornya menjadi ebgp-multihop 2 dan neighbornya diset update-source Loopback x.

Continue reading “Load balancing BGP dengan satu ASN”

Cara Setting Dasar Wifi Mikrotik Untuk Biznet Home

Sudah lama gak update materi ini, terahir update untuk setting dasar mikrotik tanggal 9 November. Karena ada beberapa yang request untuk cara setting wifi mikrotik dasar untuk layanan biznet home berikut langkah-langkahnya saya menggunakan Mikrotik RB951-2n :

  1. Pastikan sudah bisa terkoneksi internetnya dengan setting dasar mikrotik di artikel ini
  2. Klik menu wireless, pilih Tab General berikut isi nama interface wireless *wlan1* klik Apply – OK

    1 Wifi.jpg
    ~
  3. Masuk Tab Wireless pilih mode:ap bridge SSID: *isi nama wifi* biarkan yang lainnya seperti default. Klik Apply-OK

    2 Wifi.JPG
    ~
  4. Setting ip untuk wlan1

    3 Wifi.JPG
    ~
  5. Setting pool ip untuk wlan1 (address:192.168.10.10-192.168.10.254)

    4 Wifi.jpg
    ~
  6. Setting DHCP server untuk akses client wifi, Address-pool:sesuai nama pool sebelumnya

    5-wifi
    ~
  7. Sekarang wifi sudah bisa digunakan, namun tanpa password, karena di step 3 security profile menggunakan default. Untuk menambahkan password bisa ke tab security profile berikut :

    6 Wifi.jpg
    ~

Secara dasar untuk setting dasar wifi mikrotik sudah selesai, bila ada yang ingin ditanyakan silahkan komen dibawah. 🙂

Kalau sudah pakai mikrotik dan mau tau caranya limitasi akses ke youtube coba deh klik ini “Cara Limit Akses Video Youtube”

Konfigurasi Dasar BGP dengan Default Route

BGP Default Route.JPG

Artikel ini akan membahas tentang konfigurasi dasar eBGP single provider dengan default route.

WAN IP : 182.1.2.0/30 (mask 255.255.255.252)
LAN IP : 10.1.2.0/24  10.1.3.0/24 10.1.4.0/24
Receiving Route : Default route
ASN : Provider (AS100) and Customer (AS1010)

Konfigurasi Router Provider :

interface Loopback0
 description Test Internet
 ip address 8.8.8.8 255.255.255.255
!
interface FastEthernet0/0
 description *** Link to Customer AS1010 ***
 ip address 182.1.2.1 255.255.255.252
 duplex auto
 speed auto

router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 182.1.2.2 remote-as 1010 
 neighbor 182.1.2.2 version 4
 neighbor 182.1.2.2 default-originate 
 neighbor 182.1.2.2 soft-reconfiguration inbound
 neighbor 182.1.2.2 prefix-list ip-customer-AS1010 in
 no auto-summary

ip prefix-list ip-customer-AS1010 description Prefix Customer AS1010
ip prefix-list ip-customer-AS1010 seq 10 permit 10.1.2.0/24
ip prefix-list ip-customer-AS1010 seq 15 permit 10.1.3.0/24
ip prefix-list ip-customer-AS1010 seq 20 permit 10.1.4.0/24


Konfigurasi Router Customer :

interface FastEthernet0/0
 description *** Link to Provider AS100 ***
 ip address 182.1.2.2 255.255.255.252
 duplex auto
 speed auto
!
interface FastEthernet1/0
 description *** Link to Internal ***
 ip address 10.1.3.1 255.255.255.0 secondary
 ip address 10.1.4.1 255.255.255.0 secondary
 ip address 10.1.2.1 255.255.255.0
 duplex auto
 speed auto

router bgp 1010
 no synchronization
 bgp log-neighbor-changes
 network 10.1.2.0 mask 255.255.255.0
 network 10.1.3.0 mask 255.255.255.0
 network 10.1.4.0 mask 255.255.255.0
 neighbor 182.1.2.1 remote-as 100
 neighbor 182.1.2.1 version 4
 neighbor 182.1.2.1 soft-reconfiguration inbound
 neighbor 182.1.2.1 prefix-list ip-customer out
 no auto-summary

ip prefix-list ip-customer description IP yg di advertise ke Provider
ip prefix-list ip-customer seq 10 permit 10.1.2.0/24
ip prefix-list ip-customer seq 15 permit 10.1.3.0/24
ip prefix-list ip-customer seq 20 permit 10.1.4.0/24

Cek PC untuk akses ke 8.8.8.8 (test internet)

PC1> show ip

NAME : PC1[1]
IP/MASK : 10.1.2.2/24
GATEWAY : 10.1.2.1

PC1> ping 8.8.8.8 
84 bytes from 8.8.8.8 icmp_seq=1 ttl=254 time=16.001 ms
84 bytes from 8.8.8.8 icmp_seq=2 ttl=254 time=21.001 ms
84 bytes from 8.8.8.8 icmp_seq=3 ttl=254 time=28.002 ms
84 bytes from 8.8.8.8 icmp_seq=4 ttl=254 time=17.001 ms
84 bytes from 8.8.8.8 icmp_seq=5 ttl=254 time=46.002 ms

Cek Router Provider :

Provider#show ip bgp summary 
BGP router identifier 182.1.2.1, local AS number 100
BGP table version is 8, main routing table version 8
3 network entries using 351 bytes of memory
3 path entries using 156 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 779 total bytes of memory
BGP activity 5/2 prefixes, 5/2 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
182.1.2.2 4 1010 65 62 8 0 0 00:40:23 3

*** Cek IP yg di advertise dari customer ***

Provider#sh ip bgp neighbors 182.1.2.2 received-routes 
BGP table version is 8, local router ID is 182.1.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

 Network Next Hop Metric LocPrf Weight Path
*> 10.1.2.0/24 182.1.2.2 0 0 1010 i
*> 10.1.3.0/24 182.1.2.2 0 0 1010 i
*> 10.1.4.0/24 182.1.2.2 0 0 1010 i

Total number of prefixes 3

*** Cek IP yang di advertise ke customer ***

Provider#sh ip bgp neighbors 182.1.2.2 advertised-routes 
BGP table version is 8, local router ID is 182.1.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Originating default network 0.0.0.0

 Network Next Hop Metric LocPrf Weight Path

Total number of prefixes 0

Cek Router Customer :

Customer#show ip bgp neighbors 182.1.2.1 routes 
BGP table version is 13, local router ID is 182.1.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

 Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 182.1.2.1 0 0 100 i

Total number of prefixes 1

Sekian Konfigurasi Dasar BGP dengan Default Route, jika ada yang ditanyakan perintah config diatas silahkan ngobrol di komentar 🙂

Sumber : showipbgp

Konfigurasi Dasar Router Switch Cisco untuk Service Dedicated Internet

cisco

Cara konfigurasi dasar router dan switch cisco untuk service dedicated internet (dapat ip public) dari ISP, dasar dalam arti disini akan bahas konfigurasi router cisco sebagai router NAT saja. Berikut asumsi alokasi IP Address dari topologi diatas :

  • IP Gateway ISP 192.253.20.57/29
  • IP Router Customer 192.253.20.58/29
  • IP Untuk NAT Customer 192.253.20.59/29
  • IP LAN Customer 192.168.10.0/24

Berikut konfigurasi disisi Router Cisco Customer :

*** Konfigurasi IP WAN ***
interface GigabitEthernet0/1
 description *** Link To Provider ***
 ip address 192.253.20.58 255.255.255.248
 ip nat outside

*** Konfigurasi IP LAN ***
interface GigabitEthernet0/0
 description *** Link to Internal ***
 ip address 192.168.10.1 255.255.255.0
 ip nat inside

*** Buat DHCP pool IP LAN ***
ip dhcp pool biznet
 network 192.168.10.0 255.255.255.0
 default-router 192.168.10.1
 dns-server 203.142.82.222 203.142.84.222
 ip dhcp excluded-address 192.168.10.255

*** Buat access-list untuk IP LAN ***
access-list 1 permit 192.168.10.0 0.0.0.255

*** Buat NAT untuk IP LAN ***
ip nat pool biznet 192.253.20.59 192.253.20.59 netmask 255.255.255.248
ip nat inside source list 1 pool biznet overload

*** Buat static route dengan next-hop IP gateway di ISP ***
ip route 0.0.0.0 0.0.0.0 192.253.20.57 

*** Buat akses untuk remote login Router ***
enable password cisco01

line vty 0 4
 password cisco01
 login

Berikut konfigurasi disisi Switch Cisco Customer :

*** Buat IP Management Switch dari ip LAN ***
interface Vlan1
 ip address 192.168.10.255 255.255.255.0

*** Buat akses untuk remote login switch ***
enable password cisco01

line vty 0 4
 password cisco01
 login

Cek PC-Client sudah dapat ip dhcp client dan bisa ping ke internet :

C:\>ipconfig

Windows IP Configuration
Ethernet adapter Local Area Connection:

 Connection-specific DNS Suffix . :
 IPv4 Address. . . . . . . . . . . : 192.168.10.2
 Subnet Mask . . . . . . . . . . . : 255.255.255.0
 Default Gateway . . . . . . . . . : 192.168.10.1

PC>ping 8.8.8.8

Pinging 8.8.8.8 with 32 bytes of data:

Reply from 8.8.8.8: bytes=32 time=1ms TTL=254
Reply from 8.8.8.8: bytes=32 time=0ms TTL=254
Reply from 8.8.8.8: bytes=32 time=0ms TTL=254
Reply from 8.8.8.8: bytes=32 time=16ms TTL=254

Ping statistics for 8.8.8.8:
 Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
 Minimum = 0ms, Maximum = 16ms, Average = 4ms

Test remote login ke Router dan Switch dari PC-Client :

PC>telnet 192.168.10.255
Trying 192.168.10.255 ...Open

User Access Verification
Password: 
Switch>enable
Password: 

Switch#show interfaces vlan 1
Vlan1 is up, line protocol is up
 Hardware is CPU Interface, address is 0090.21ca.4d23 (bia 0090.21ca.4d23)
 Internet address is 192.168.10.255/24
 MTU 1500 bytes, BW 100000 Kbit, DLY 1000000 usec,
 reliability 255/255, txload 1/255, rxload 1/255
 Encapsulation ARPA, loopback not set
 ARP type: ARPA, ARP Timeout 04:00:00
 Last input 21:40:21, output never, output hang never
 Last clearing of "show interface" counters never
 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
 Queueing strategy: fifo
 Output queue: 0/40 (size/max)
 5 minute input rate 0 bits/sec, 0 packets/sec
 5 minute output rate 0 bits/sec, 0 packets/sec
 1682 packets input, 530955 bytes, 0 no buffer
 Received 0 broadcasts (0 IP multicast)
 0 runts, 0 giants, 0 throttles
 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
 563859 packets output, 0 bytes, 0 underruns
 0 output errors, 23 interface resets
 0 output buffer failures, 0 output buffers swapped out

PC>telnet 192.168.0.1
Trying 192.168.0.1 ...Open

User Access Verification
Password: 
Router>enable
Password: 

Router#sh int g0/0
GigabitEthernet0/0 is up, line protocol is up (connected)
 Hardware is CN Gigabit Ethernet, address is 0001.c763.7a01 (bia 0001.c763.7a01)
 Description: *** Link to Internal ***
 Internet address is 192.168.10.1/24
 MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
 reliability 255/255, txload 1/255, rxload 1/255
 Encapsulation ARPA, loopback not set
 Keepalive set (10 sec)
 Full-duplex, 100Mb/s, media type is RJ45
 output flow-control is unsupported, input flow-control is unsupported
 ARP type: ARPA, ARP Timeout 04:00:00, 
 Last input 00:00:08, output 00:00:05, output hang never
 Last clearing of "show interface" counters never
 Input queue: 0/75/0 (size/max/drops); Total output drops: 0
 Queueing strategy: fifo
 Output queue :0/40 (size/max)
 5 minute input rate 29 bits/sec, 0 packets/sec
 5 minute output rate 20 bits/sec, 0 packets/sec
 138 packets input, 7832 bytes, 0 no buffer
 Received 6 broadcasts, 0 runts, 0 giants, 0 throttles
 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
 0 watchdog, 1017 multicast, 0 pause input
 0 input packets with dribble condition detected
 109 packets output, 6715 bytes, 0 underruns
 0 output errors, 0 collisions, 1 interface resets
 0 unknown protocol drops
 0 babbles, 0 late collision, 0 deferred
 0 lost carrier, 0 no carrier
 0 output buffer failures, 0 output buffers swapped out

Sekian Konfigurasi Dasar Router Switch Cisco untuk Service Dedicated Internet 🙂

Blueprint CCNA 200-125

1.0 Network Fundamentals

1.1 Compare and contrast OSI and TCP/IP models

1.2 Compare and contrast TCP and UDP protocols

1.3 Describe the impact of infrastructure components in an enterprise network

  • 1.3.a Firewalls
  • 1.3.b Access points
  • 1.3.c Wireless controllers

1.4 Describe the effects of cloud resources on enterprise network architecture

  • 1.4.a Traffic path to internal and external cloud services
  • 1.4.b Virtual services
  • 1.4.c Basic virtual network infrastructure

1.5 Compare and contrast collapsed core and three-tier architectures

1.6 Compare and contrast network topologies

  • 1.6.a Star
  • 1.6.b Mesh
  • 1.6.c Hybrid

1.7 Select the appropriate cabling type based on implementation requirements

1.8 Apply troubleshooting methodologies to resolve problems

  • 1.8.a Perform and document fault isolation
  • 1.8.b Resolve or escalate
  • 1.8.c Verify and monitor resolution

1.9 Configure, verify, and troubleshoot IPv4 addressing and subnetting

1.10 Compare and contrast IPv4 address types

  • 1.10.a Unicast
  • 1.10.b Broadcast
  • 1.10.c Multicast

1.11 Describe the need for private IPv4 addressing

1.12 Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN environment

1.13 Configure, verify, and troubleshoot IPv6 addressing

1.14 Configure and verify IPv6 Stateless Address Auto Configuration

1.15 Compare and contrast IPv6 address types

  • 1.15.a Global unicast
  • 1.15.b Unique local
  • 1.15.c Link local
  • 1.15.d Multicast
  • 1.15.e Modified EUI 64
  • 1.15.f Autoconfiguration
  • 1.15.g Anycast

Continue reading “Blueprint CCNA 200-125”

Cara menghapus log session telnet di cisco

Remote login router cisco paling mudah ya pake telnet. Telnet sering digunakan untuk akses ke router dengan cepat. Telnet biasa diatur oleh seorang admin jaringan dengan maximal session yang akan di allow. Ketika session login habis mungkin karena serangan dari network luar (attacker) maka user yang seharusnya bisa masuk akan terputus dan selalu gagal remote login ke router tersebut. Disini clear line vty saja gak ampuh, untuk menghapus session pada remote login dengan telnet.

Biasanya dalam keadaan seperti ini ip management masih bisa di ping namun untuk remote login dengan telnet tidak bisa, solusinya harus di console langsung pada perangkatnya.

Berikut cara clear seasson yg ampuh dengan clear tcp tcb, sebelumnya lakukan show users terlebih dahulu untuk melihat ip address user yang masih nge chace, setelah didapatkan user yg dimaksud lakukan show tcp brief. Pilih local address yg sesuai dengan ip address user yg nge chace sebelumnya dan terahir lakukan clear tcp tcb [index tcb]

#show tcp brief 
TCB Local Address Foreign Address (state)
00526094 x.x.x.x x.x.x.x.55875 TIMEWAIT
007B2F8C x.x.x.x x.x.x.x.62886 ESTAB
007370F4 x.x.x.x x.x.x.x.56058 TIMEWAIT
007340D4 x.x.x.x x.x.x.x.55728 TIMEWAIT

#clear tcp tcb 007B2F8C