Tuesday, 16 August 2016

JUNIPER RIP,OSPF,ISIS,Ebgp,Ibgp

Serem juga nih judul, kaya orang bener aja dah gw,

cuma siapa takut dengan judul di atas, jika kita ingin mempelajari nya hehehhehehe, sekilas dari judul di atas memang menakutkan, tapi kalau sudah terjun di dalam nya sungguh di luar dugaan. berikut topologi yang akan kita buat. dan yang terpenting ga perlu bayar mahal buat belajar heheheheh, padahal ane bayar mahal buat belajarnya hehehhehehe.


dan berikut tools perlengkapan nya:
1.tinggal sedot vmware disini
2.tinggal sedot pipe disini
3.secure crt disini kalau mau pake putty silahkan monggo.

yang paling penting jgn tanya ane cara instal nya, gw harap kalau cuma next next aja udh pada bisa heheheh.
install dahulu ke dulu semua nya ya,ane pulang kerja dahulu nanti di sambung lagi ya....
========================================================================
mari kita sambung lagi, apa sudah di install program di atas? jika sudah langkah selanjutnya
silahkan sedot disini untuk olive junipernya.
langkah 1
extract dahulu olive junipernya


tinggal double clik aja gan r1 yang ane tandain di gambar, dan akan kebawa ke vmware yang ane kasih di atas.
nah gambarnya kaya di bawah



   bisa kan gan hehehhehehe, cuma belum kelar nih, ada beberapa step lagi kalau mau junipernya pisa running, klik kana pada r1 seperti gambar di bawah. dan klik serial port dan copy \\.\pipe\serial1.




















masukan \\.\pipe\serial1 ke dalam pipe proxy yang di atas jg gw sertain. dan berikan angka 1 di port dan clik add.

 sampai sini apakah masih ada yang binggung? kalau binggung siap siap pegangan yang keras
ditembok hehehheheh.
dah ah istirahat lagi dl ya ntar di sambung lagi.
=======================================================================

bagaimana apakah sudah ada yang bisa sampai sini? atau blm mengerti?
ok kita lanjutkan saja dan saya angap sudah pada bisa kalau hanya sampai di sini, selanjut nya coba di start r1 yang berada di vmware nya.... dan buka secure crt yang saya berikan di atas, atau buka putty yang anda punya, dan ketikan ip berikut 127.0.0.1 dengan port 1, tadaaa saat ini anda sudah mempunyai router juniper dengan menggunakan logikal router,
 jaringan lemot oi, nanti di sambung lagi deh ya kalau udh ga lemot
========================================================================

hmmmm coba update lagi nih biar kelar walaupun pelan pelan yang penting sampe
okk okk okk mudah mudahan bahasa yang saya tuliskan dapat di mengerti,
lanjut nih ya gan....
setelah sudah bisa masuk ke secure crt di atas saat nya kita ngprek nih router ga hehehhehe,
di atas di minta login coba masukan login root dan password root123. tadaaaa, anda bersiap siap  menjadi network enginer, WEW sotoy nih gw heheheheh.
langsung aja gan kita configur....kita mulai dari RIP





ketikan cli lalu configur








perlu di ingat seblum melakukan konfigurasi di bawah anda sudah harus mengerti namanya logical router, karena saya tidak membahas logical router tersebut.
===========================RIP===========================================
[edit]
root# show logical-routers RIP
interfaces {
    em2 {
        unit 12 {
            vlan-id 12;
            family inet {
                address 172.100.10.2/30;
            }
        }
        unit 13 {
            vlan-id 13;
            family inet {
                address 172.100.10.5/30;
            }
        }
    }
    lo0 {
        unit 9 {
            family inet {
                address 1.1.1.1/32;
            }
        }
    }
}
protocols {        
    rip {          
        group RIP-R5-R6 {
            export BOCORIN_ROUTING;
            neighbor em2.12;
            neighbor em2.13;
            neighbor lo0.9;
        }          
    }              
}                  
policy-options {   
    policy-statement BOCORIN_ROUTING {
        term RIP { 
            from protocol rip;
            then accept;
        }          
        term DIRECT {
            from protocol direct;
            then accept;
        }          
    }              
}     
==============================ROUTER R5================================

berikut configurasi logical router di R5

root# show logical-routers R5    
interfaces {
    em1 {
        unit 9 {
            vlan-id 9;
            family inet {
                address 10.100.10.41/30;
            }
            family iso;
        }
        unit 11 {
            vlan-id 11;
            family inet {
                address 10.100.10.49/30;
            }
            family iso;
        }
        unit 12 {
            vlan-id 12;
            family inet {
                address 172.100.10.1/30;
            }
        }
    }
    lo0 {          
        unit 5 {
            family inet {
                address 10.100.1.5/32;
            }
            family iso {
                address 49.0001.1001.0010.0500.00;
            }
        }
    }
}
protocols {
    isis {
        export [ BOCORIN_ROUTING ISIS ];
        interface em1.9 {
            level 2 disable;
        }
        interface em1.11 {
            level 2 disable;
        }
        interface lo0.5 {
            level 2 {
                disable;
                passive;
            }
        }
    }
    rip {
        group RIP-R5-R6 {
            export [ BOCORIN_ROUTING ISIS ];
            neighbor em1.12;
            neighbor lo0.5;
        }
    }
}
policy-options {
    policy-statement BOCORIN_ROUTING {
        term RIP {
            from protocol rip;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
    policy-statement ISIS {
        term isis {
            from protocol isis;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
}          
=============================ROUTER R6=================================
root# show logical-routers R6   
interfaces {
    em1 {
        unit 10 {
            vlan-id 10;
            family inet {
                address 10.100.10.46/30;
            }
            family iso;
        }
        unit 13 {
            vlan-id 13;
            family inet {
                address 172.100.10.6/30;
            }
        }
    }
    em2 {
        unit 11 {
            vlan-id 11;
            family inet {
                address 10.100.10.50/30;
            }
            family iso;
        }          
        unit 17 {
            vlan-id 17;
            family inet {
                address 172.100.1.14/30;
                address 172.16.1.14/30;
            }
        }
        unit 18 {
            vlan-id 18;
            family inet {
                address 172.100.1.18/30;
                address 172.16.1.18/30;
            }
        }
    }
    lo0 {
        unit 6 {
            family inet {
                address 10.100.1.6/32;
            }
            family iso {
                address 49.0001.1001.0010.0600.00;
            }      
        }
    }
}
protocols {
    bgp {
        export [ BGP BOCORIN_ROUTING ISIS ];
        group EXTERNAL1 {
            type external;
            neighbor 172.16.1.13 {
                peer-as 65431;
            }
        }
        group EXTERNAL2 {
            type external;
            export [ BGP BOCORIN_ROUTING ISIS ];
            neighbor 172.16.1.17 {
                peer-as 65431;
            }
        }
    }
    isis {
        export [ BOCORIN_ROUTING ISIS BGP ];
        interface em1.10 {
            level 2 disable;
        }
        interface em2.11 {
            level 2 disable;
        }
        interface lo0.6 {
            level 2 {
                disable;
                passive;
            }
        }
    }
    rip {
        group RIP-R5-R6 {
            export [ BOCORIN_ROUTING ISIS BGP ];
            neighbor em1.13;
            neighbor lo0.6;
        }
    }
}
policy-options {
    policy-statement BGP {
        term bgp1 {
            from protocol bgp;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
    policy-statement BOCORIN_ROUTING {
        term RIP {
            from protocol rip;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
    policy-statement ISIS {
        term isis {
            from protocol isis;
            then accept;
        }          
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
}
routing-options {
    autonomous-system 54321;
}

========================================ROUTER R4======================
root# show logical-routers R4   
interfaces {
    em2 {
        unit 7 {
            vlan-id 7;
            family inet {
                address 10.100.10.34/30;
            }
            family iso;
        }
        unit 8 {
            vlan-id 8;
            family inet {
                address 10.100.10.37/30;
            }
            family iso;
        }
        unit 9 {
            vlan-id 9;
            family inet {
                address 10.100.10.42/30;
            }
            family iso;
        }
        unit 10 {  
            vlan-id 10;
            family inet {
                address 10.100.10.45/30;
            }
            family iso;
        }
    }
    lo0 {
        unit 4 {
            family inet {
                address 10.100.1.4/32;
            }
            family iso {
                address 49.0001.1001.0010.0400.00;
                address 49.0002.1001.0010.0400.00;
            }
        }
    }
}
protocols {
    isis {
        export [ ISIS ISIS1 ];
        interface em2.7 {
            level 1 disable;
        }
        interface em2.8 {
            level 1 disable;
        }
        interface em2.9 {
            level 2 disable;
        }
        interface em2.10 {
            level 2 disable;
        }
        interface lo0.4 {
            passive;
            level 1 disable;
            level 2 disable;
        }
    }
}
policy-options {
    policy-statement ISIS {
        term isis1 {
            from protocol isis;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
    policy-statement ISIS1 {
        term isis1 {
            from protocol isis;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
}
=================================ROUTER R3=============================
root# show logical-routers R3   
interfaces {
    em1 {
        unit 6 {
            vlan-id 6;
            family inet {
                address 10.100.10.29/30;
            }
            family iso;
        }
        unit 7 {
            vlan-id 7;
            family inet {
                address 10.100.10.33/30;
            }
            family iso;
        }
    }
    em2 {
        unit 4 {
            vlan-id 4;
            family inet {
                address 10.100.10.22/30;
            }
        }          
    }
    lo0 {
        unit 3 {
            family inet {
                address 10.100.1.3/32;
            }
            family iso {
                address 49.0002.1001.0010.0300.00;
            }
        }
    }
}
protocols {
    isis {
        export [ ISIS OSPF0 ];
        interface em1.6 {
            level 1 disable;
        }
        interface em1.7 {
            level 1 disable;
        }
        interface lo0.3 {
            level 1 {
                disable;
                passive;
            }
        }
    }
    ospf {
        export [ OSPF0 ISIS ];
        area 0.0.0.0 {
            interface em2.4;
            interface em1.6;
            interface lo0.3 {
                passive;
            }
        }
    }
}
policy-options {
    policy-statement ISIS {
        term isis1 {
            from protocol isis;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
    policy-statement OSPF0 {
        term ospf0 {
            from protocol ospf;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
}

===============================ROUTER R7===============================
root# show logical-routers R7   
interfaces {
    em1 {
        unit 8 {
            vlan-id 8;
            family inet {
                address 10.100.10.38/30;
            }
            family iso;
        }
        unit 15 {
            vlan-id 15;
            family inet {
                address 172.16.1.5/30;
            }
        }
        unit 21 {
            vlan-id 21;
            family inet {
                address 10.100.10.54/30;
            }
        }
        unit 22 {
            vlan-id 22;
            family inet {
                address 172.16.1.25/30;
            }
        }
    }
    em2 {
        unit 5 {
            vlan-id 5;
            family inet {
                address 10.100.10.26/30;
            }
        }
        unit 6 {
            vlan-id 6;
            family inet {
                address 10.100.10.30/30;
            }
            family iso;
        }
    }
    lo0 {
        unit 7 {
            family inet {
                address 10.100.1.7/32;
            }
            family iso {
                address 49.0002.1001.0010.0700.00;
            }
        }
    }
}
protocols {
    bgp {
        group EXTERNAL1 {
            type external;
            export [ ISIS OSPF BOCORIN_BGP ];
            neighbor 172.16.1.26 {
                peer-as 65432;
            }
        }
        group EXTERNAL2 {
            type external;
            export [ BOCORIN_BGP OSPF ISIS ];
            neighbor 172.16.1.6 {
                peer-as 65432;
            }
        }          
    }
    isis {
        export [ ISIS OSPF BOCORIN_BGP ];
        interface em1.8 {
            level 1 disable;
        }
        interface em2.6 {
            level 1 disable;
        }
        interface lo0.7 {
            passive;
            level 1 disable;
        }
    }
    ospf {
        export [ OSPF ISIS BOCORIN_BGP ];
        area 0.0.0.0 {
            interface em2.5;
            interface em2.21;
            interface em2.6;
        }
    }
}                  
policy-options {
    policy-statement BOCORIN_BGP {
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
    policy-statement ISIS {
        term isis {
            from protocol isis;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
    policy-statement OSPF {
        term ospf {
            from protocol ospf;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
}
routing-options {
    autonomous-system 54321;
}

==================================ROUTER R2============================
root# show logical-routers R2   
interfaces {
    em1 {
        unit 3 {
            vlan-id 3;
            family inet {
                address 10.100.10.17/30;
            }
        }
        unit 4 {
            vlan-id 4;
            family inet {
                address 10.100.10.21/30;
            }
        }
    }
    em2 {
        unit 1 {
            vlan-id 1;
            family inet {
                address 10.100.10.10/30;
            }
        }
        unit 21 {
            vlan-id 21;
            family inet {
                address 10.100.10.53/30;
            }
        }
    }
    lo0 {
        unit 2 {
            family inet {
                address 10.100.1.2/32;
            }
        }
    }
}
protocols {
    ospf {
        export OSPF;
        area 0.0.0.0 {
            interface em1.3;
            interface em1.4;
            interface em2.21;
            interface lo0.2 {
                passive;
            }      
        }
        area 0.0.0.1 {
            interface em2.1;
        }
    }
}
policy-options {
    policy-statement OSPF {
        term ospf {
            from protocol ospf;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
}

================================ROUTER R8==============================
root# show logical-routers R8   
interfaces {
    em1 {
        unit 5 {
            vlan-id 5;
            family inet {
                address 10.100.10.25/30;
            }
        }
        unit 14 {
            vlan-id 14;
            family inet {
                address 172.16.1.1/30;
            }
        }
        unit 31 {
            vlan-id 31;
            family inet {
                address 172.16.1.21/30;
            }
        }
    }
    em2 {
        unit 2 {
            vlan-id 2;
            family inet {
                address 10.100.10.6/30;
            }
        }
        unit 3 {
            vlan-id 3;
            family inet {
                address 10.100.10.18/30;
            }
        }
    }
    lo0 {
        unit 8 {
            family inet {
                address 10.100.1.8/32;
            }
        }
    }
}
protocols {
    bgp {
        group EXTERNAL1 {
            type external;
            export [ BOCORIN_BGP OSPF ];
            neighbor 172.16.1.22 {
                peer-as 65432;
            }
        }
        group EXTERNAL2 {
            type external;
            neighbor 172.16.1.2 {
                peer-as 65432;
            }
        }
    }
    ospf {
        export [ OSPF BOCORIN_BGP ];
        area 0.0.0.0 {
            interface em2.3;
            interface em1.5;
            interface lo0.8 {
                passive;
            }
        }
        area 0.0.0.1 {
            interface em2.2;
        }
    }
}
policy-options {
    policy-statement BOCORIN_BGP {
        term DIRECT {
            from protocol bgp;
            then accept;
        }
    }
    policy-statement OSPF {
        term ospf0 {
            from protocol ospf;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
}
routing-options {
    autonomous-system 54321;
}

==============================ROUTER R1================================
root# show logical-routers R1   
interfaces {
    em1 {
        unit 1 {
            vlan-id 1;
            family inet {
                address 10.100.10.9/30;
            }
        }
        unit 2 {
            vlan-id 2;
            family inet {
                address 10.100.10.5/30;
            }
        }
    }
    lo0 {
        unit 1 {
            family inet {
                address 10.100.10.1/32;
            }
        }
    }
}
protocols {        
    ospf {
        area 0.0.0.1 {
            interface em1.1;
            interface em1.2;
            interface lo0.1 {
                passive;
            }
        }
    }
}
policy-options {
    policy-statement BOCORIN_ROUTE {
        term ospf1 {
            from protocol ospf;
            then accept;
        }
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
}

===========================ROUTER P1===================================
root# show logical-routers P1   
interfaces {
    em1 {
        unit 16 {
            vlan-id 16;
            family inet {
                address 172.16.1.10/30;
            }
        }
    }
    em2 {
        unit 14 {
            vlan-id 14;
            family inet {
                address 172.16.1.2/30;
            }
        }
        unit 31 {
            vlan-id 31;
            family inet {
                address 172.16.1.22/30;
            }
        }
    }
    lo0 {          
        unit 11 {
            family inet {
                address 150.150.0.1/32;
            }
        }
    }
}
protocols {
    bgp {
        group EXTERNAL1 {
            type external;
            neighbor 172.16.1.1 {
                peer-as 54321;
            }
        }
        group EXTERNAL2 {
            type external;
            neighbor 172.16.1.21 {
                peer-as 54321;
            }
        }
        group INTERNAL1 {
            type internal;
            neighbor 172.16.1.9 {
                peer-as 65432;
            }
        }
    }
}
routing-options {
    autonomous-system 65432;
}
===================================ROUTER P2============================
root# show logical-routers P2   
interfaces {
    em2 {
        unit 15 {
            vlan-id 15;
            family inet {
                address 172.16.1.6/30;
            }
        }
        unit 16 {
            vlan-id 16;
            family inet {
                address 172.16.1.9/30;
            }
        }
        unit 22 {
            vlan-id 22;
            family inet {
                address 172.16.1.26/30;
            }
        }
    }
    lo0 {
        unit 12 {
            family inet {
                address 150.150.0.2/32;
            }
        }
    }
}
protocols {
    bgp {
        group EXTERNAL1 {
            type external;
            export BOCORIN_BGP;
            neighbor 172.16.1.5 {
                peer-as 54321;
            }
        }
        group EXTERNAL2 {
            type external;
            export BOCORIN_BGP;
            neighbor 172.16.1.25 {
                peer-as 54321;
            }
        }
        group INTERNAL {
            type internal;
            export BOCORIN_BGP;
            neighbor 172.16.1.10 {
                peer-as 65432;
            }
        }
    }
}
policy-options {
    policy-statement BOCORIN_BGP {
        term DIRECT {
            from protocol direct;
            then accept;
        }
    }
}
routing-options {
    autonomous-system 65432;
}







jika ingin melihat route dari ospf dari semua router ketikan
root> show route protocol ospf logical-router all , salah satu contohnya di bawah






















Monday, 15 August 2016

JUNIPER VCE

Yang merasa ingin ujian juniper blm lengkap kalau blm punya ini

Thursday, 11 August 2016

SIMPLE QUEUE MIKROTIK

hmm dari judul nya simple queue mikrotik,

sedikit trik n triki cara cepat membuat simple queue di mikrotik, dari pada meng-create satu-satu bisa 2 hari 2 malam ga selesai selesai,
ane kasih nih tirik nya gan hitungan detik masalah selesai hehehheheeheh,
1. tinggal copas aja gan buat mangle nya

/ip firewall mangle
add action=mark-connection chain=forward comment=\
    "Mark All Overseas Src.ConnectionTraffic" disabled=no \
    new-connection-mark=con-intl passthrough=yes src-address-list=!nice
add action=mark-connection chain=forward comment=\
    "Mark All Overseas Dst. ConnectionTraffic" disabled=no \
    dst-address-list=!nice new-connection-mark=con-intl passthrough=yes
add action=mark-packet chain=prerouting comment="Mark All Overseas Traffic" \
    connection-mark=con-intl disabled=no new-packet-mark=overseas \
    passthrough=yes
add action=mark-connection chain=forward comment=\
    "Mark All Nice Src. Connection Traffic" disabled=no \
    new-connection-mark=con-nice passthrough=yes src-address-list=nice
add action=mark-connection chain=forward comment=\
    "Mark All Nice Dst. Connection Traffic" disabled=no dst-address-list=\
    nice new-connection-mark=con-nice passthrough=yes
add action=mark-packet chain=prerouting comment="Mark All Nice Traffic" \
    connection-mark=con-nice disabled=no new-packet-mark=nice passthrough=\
    yes
add action=mark-connection chain=forward comment=\
    "Mark All Lan Connection Traffic" disabled=no dst-address-list=LAN \
    new-connection-mark=con-lan passthrough=yes src-address-list=LAN
add action=mark-packet chain=prerouting comment="Mark All Nice Traffic" \
    connection-mark=con-lan disabled=no new-packet-mark=lan passthrough=yes

kalau sudah di copas jgn lupa ikutin terus link ane ya

tahap 2

download dl klik di sini ambil nice nya gan copas dari situ

tahap 3 
buat 2 parent  dengan nama ix dan packet-marks=overseas, dan  parent=iix packet-marks=nice

tahap 4
tinggal copas gan baca yang di {} samain yang ada di router situ karena tergantuk versi dari router OS punya agan :)

:for i from=2 to= 254 step=1 do={/queue simple add name="$i.Intl" target=("172.168.2.$i") max-limit=256000/256000 packet-marks=overseas parent=ix  }

:for i from=2 to= 254 step=1 do={/queue simple add name="$i.wifi-IIX" target=("172.168.2.$i") max-limit=256000/256000 packet-marks=nice parent=iix}






 

MTCWE

MTCWE (MikroTik Certified Wireless Engineer)

 Hasil reques dari temen-temen di group sedot gan

MTCRE

MTCRE (MikroTik Certified Network Associate)

Dl ikut pelatihan MTCRE yang minat silahkan di sedot di sini

Wednesday, 10 August 2016

IP SWITCH

Pernah install IP SWITCH di jaringan network anda....

solusi Monitoring Network jaringan yang kita miliki

IP SWITCH


sedotnya di sini gan 

TRIK N TRIKI ADVANCE CHANNEL

ok ok ok kali ini saya coba membahas trik advance channel. bagaimana apakah sudah di approval dari pihak mikrotik? jika sudah kita lanjutkan ya.....

Wireless Advance Channel
  • Router OS V6
  • Atheros AR92xx
  • Frekuensi 2192-2734 MHz dan 4800-6100 MHz 
Perbedaan Frekuensi 0,5 Mhz dan rentang channel 2,5-30 MHz tahapan 0,5MHz.
Fitur costom scan-list
  <----- V5
<------V6
Variasi lebar channel, keleluasaan pengaturan throughput, sinyal strength
Peningkatan security, station tidak akan menemukan AP jika frekuensi/channel width berbeda.

berikut step-step di Akses Poin

  
Step-step di sisi Station
 Dengan topologi di bawah
Jika belum di upgrade mikrotiknya akan terlihat seperti
Tahap tahap mendapatkan SN dari mikrotik, Dan masuk menggunakan account anda yang sudah terdaftar.
sepertinya ane cape juga gan ngetik nih blog.... ane kasih langsung aja yak ga trik ini dan bisa langsung di sedot gan di sini

Dan ikutin terus gan blog ini ane masih banyak trik trik yang lain :)