Sabtu, 31 Mei 2014

Basic Access List

There are three rules that apply to a packet in access-list. Here is the explanation:
1. Each package will be compared to each row in the Access List rule sequentially
2. If found suitable conditions stretcher packet will follow the existing rules in the Access List.
3. If the package does not find a corresponding rule then the packet is not allowed to pass or access the network.

Application of the access list itself is divided into two kinds, among others:
1. Standard Access List - do the screening packet by packet sender IP address.
2. Extended Access List - select a package based on the sender and receiver IP tools, protocols, and port types of packets sent.

When the ACL is configured on a router, the ACL must have a unique identification number given to him. This number indicates the type of access list is created and must be at a certain range of numbers valid for this type of list.

Type of ACL Range Number
IP Standard 1-99
IP Extended 100-199
IPX Standard 800-899
IPX Extended 900-999
Apple Talk 600-699
IPX SAP Filter 1000-1099

Standard configuration Acess List
Based on the table above, the standard access list will make the selection of packages using the sender's IP address range identifier number that can be used is the number 1 to 99.
Here is the formula:
Router(config)# access-list [identifier number] {permit/deny} [sender address] [wildcard-mask]
Case Access List:



There are 2 Routers, switch, server, 2 PC and Laptop. The rules is, Laptop with ip 10.10.10.2 can access web of server on ip 20.20.20.2. But other PC with ip 10.10.10.3 and 10.10.10.4 can't access to the website of server. Here is the configuration:
1. Set IP
- PC1: 10.10.10.2
- PC2: 10.10.10.3
- PC3: 10.10.10.4
- Server: 20.20.20.2
2. Router 5
- Se1/0 : 12.12.12.1 255.255.255.0
- Fa0/0 : 10.10.10.1 255.255.255.0
3. Router 6
- Se1/0 : 12.12.12.2 255.255.255.0
- Fa0/0 : 20.20.20.1 255.255.255.0 
- IP Route : ip route 20.20.20.0 255.255.255.0 12.12.12.2
- Access List: 
   Fa0/0 : ip access-group 100 out
   access-list 100 permit tcp host 10.10.10.2 host 20.20.20.2 eq www
   access-list 100 deny tcp any host 20.20.20.2 eq www
   access-list 100 permit ip any

Posting by di Tidak ada komentar :
Label:

Subnetting




Given a subnet mask of 255.255.255.224, which of the following addresses can be assigned to network hosts? (Choose three)
A – 15.234.118.63
B – 92.11.178.93
C – 134.178.18.56
D – 192.168.16.87
E – 201.45.116.159
F – 217.63.12.192

Answer:
255.255.255.224

-> 256 - 224 = 32 host
 0-31, 32-63, 64-95, 96-127, 128-159, 160-191, 192-223

A.
-> 15.234.118.63 = broadcast
 B.
-> 92.11.178.93 = host
C.
-> 134.178.18.56 = host
D.
-> 192.168.16.87 = host
E
-> 201.45.116.159 = broadcast
F
 ->217.63.12.192 = network

The answer is B, C, D.
To answer this question, you only to found how much host in the segment or subnet. if you have found, an then you can found ip network, ip broadcast, and all of ip host in the subnet.
Posting by di Tidak ada komentar :
Label:

How to Communicate 2 Host in VirtualBox

I want share about how to communicate two host in virtualbox. This is very simple. Lets do it:

1. Open your virtualbox.
2. Make sure you have 2 host in your library, for example you have windows XP and windows 7.
3. Set ip address in XP and 7 in the same network. Like this: Windows xp configured by 192.168.1.1/24 and windows 7 is 192.168.1.2/24.
4. Make sure  network adapter in 2 host set by Internal Network. For detail, see picture below.
 
 
 After your follow this step. Try to ping each other. If unreachable, please turn off the firewall. Good Luck.!
Posting by di Tidak ada komentar :
Label:

Sharing File Windows to UBuntu Server in VirtualBox

What to do:
1. Install Ubuntu Server (12.04) with ssh server in Virtualbox
2. Install WinScp in Windows.
3.

Configuration:
1.  Go to Network Adapters, and then set "attached to" with Host-only Adapter. Name with " VirtualBox Host Only Ethernet Adapter".
Note: My internet is shared from LAN ethernet with gateway is VirtualBox Host Only Ethernet Adapter





2. Go to setting display. Check Enable Server in Remote Display Tab. See picture below.
 

3. Make sure you know your ip ubuntu server, or you can try this command: ifconfig. Open your WinScp    and set configuration like picture below:
- hostname: is your ip ubuntu server
- username: your hostname
- password: password ubuntu server. Just it!


Posting by di Tidak ada komentar :
Label:

Internet Sharing from Modem/Wireless to Virtuabox

To share internet connection from wifi, modem or LAN to VirtualBox, configuration is similar concept. Basically, IP segment in ethernet VirtualBox and ethernet ubuntu server must be same. To share the internet to the VirtualBox, there are some things that need to be prepared, namely:
1. Make sure the internet connection is running normally.
2. Prepare the linux operating system ubuntu 12.04 server installed in VirtualBox.
Configuration:
1. In Control Panel, go to the Adapter Settings page. Then right-click on the adapter that will be sharing, eg smart modem or wireless. If on wireless, right-click on the adapter and select Properties. On the properties page, go to the Sharing tab and make sure "Allow other network users to connect through the computer's Internet Connection" is checked. Note the image below.




This setting aims to share the internet from the adapter to the adapter that is listed in the "Home Networking Connection" is VirtualBox networking connection or in other words VirtualBox itself.
2. Properties on VirtualBox adapter. On the Networking tab, IPv4 settings by entering the IP 192.168.100.1 and Netmask is 255.255.255.0. Note the image below.
 

 


This setting aims to provide the same IP segment with the IP that will be in the configuration on ubuntu server. IP configured here, is IP gateway of ubuntu server.
3. Open Ubuntu Server on VirtualBox. At the bottom of the screen in VirtualBox, there are 2 computer icon. Right-click the network adapter and click. On "attached to", select Host-Only Adapter. OK. Note the image below:
 
4. In Ubuntu server, go as super user. Look at the configuration:
  • nano /etc/network/interface.
 Address  : 192.168.100.100  
 Netmask  : 255.255.255.0  
 Network  : 192.168.100.0  
 Broadcast : 192.168.100.255  
 Gateway  : 192.168.100.1
  •  nano /etc/resolv.conf
 nameserver 192.168.100.1 
  • /etc/init.d/networking restart.
  • ping www.google.com. Success!



Posting by di Tidak ada komentar :
Label:

Create Connection SSH With Putty to Ubuntu Server

1. Make sure your network adapter connected by Bridge Adapter in Virtualbox Setting.





2. Make sure your ubuntu server is updated(or try update with apt-get update in Superuser mode). And then, type apt-get install open ssh-server.

 3. After installation is finished, type ifconfig  and find out your ip address in your screen.
4. Open your putty, and put the ip address.



Posting by di Tidak ada komentar :
Label:

Routing OSPF (Open Shortest Path First)

Open Shortest Path First (OSPF) is a link-state routing protocol, rather than a distance vector protocol. The main difference here is that a linked-state protocol does not send its routing table in the form of updates, but only shared its connectivity configuration. By collecting connectivity information from all of the devices on the network, OSPF can store all this information in a database and use that information to build a topology map.
This information will allow OSPF to identify the best or shortest route to every other network segment on the network. The route selection is based on overall hops to the destination, as well as link speed or link cost.
The topology not only includes the best route to the destination as calculated by the Dijkstra algorithm (a search algorithm created by Edsger Dijkstra), but also, when possible, it includes a candidate or backup route to the destination.
After creating the topology map, OSPF populates the routing table with the chosen routes to each destination. As traffic passes from router to router, each router evaluates the best path to the destination network. In some cases, this process can lead to routing loops on the network, because each one is evaluating the path based on its own link state database.
Case OSPF Routing:
1. Create Network Topology like below:



Router Solok to Router Padang (172.18.27.0/30)
Router Solok to Router Bukit Tinggi (172.30.22.0/30)
Router Solok to Router Payakumbuh (172.29.24.0/30)
Router Solok to Router Sawahlunto (172.20.28.0/30)
Router Padang to Router Bukit Tinggi (172.16.21.0/30)
Router Bukti Tinggi to Router Payakumbuh (172.19.26.0/30)
Router Payakumbuh to Router Sawahlunto (172.25.14.0/30)
Router Padang to LAN (192.168.1.10/29)
Router Bukit Tinggi to LAN (10.10.23.0/29)
Router Payakumbuh to LAN (192.168.100.0/29)
Router Sawahlunto to LAN (192.168.12.0/29)
I assume you are able to configure the IP address for each router and PC. Next live perform in every Router OSPF Routing.
Router Bukit Tinggi
router ospf 150
network 172.16.21.0 0.0.0.3 area 0
network 172.19.26.0 0.0.0.3 area 1
network 172.30.22.0 0.0.0.3 area 1
Router Padang
router ospf 150
network 172.16.21.0 0.0.0.3 area 0
network 172.18.27.0 0.0.0.3 area 0
Router Payakumbuh
router ospf 150
network 172.25.14.0 0.0.0.3 area 0
network 172.19.26.0 0.0.0.3 area 1
network 172.29.24.0 0.0.0.3 area 1
Router Sawahlunto
router ospf 150
network 172.20.28.0 0.0.0.3 area 0
network 172.25.14.0 0.0.0.3 area 0
Router Solok
router ospf 150
network 172.18.27.0 0.0.0.3 area 0
network 172.20.28.0 0.0.0.3 area 0
network 172.30.22.0 0.0.0.3 area 1
network 172.29.24.0 0.0.0.3 area 1
Posting by di Tidak ada komentar :
Label:

Routing Static

Static routing is a route which have routing table static with setting manually by network administrator. Configuration for static routing is very simple can do in the computer network. Using statik routing pure in a network, its mean filled enty on table forwarding each routers on the network.
Using static routing on the small network its not a problem..:D. just some entry to filled in the forwarding table. 
Basically, configuration for static routing using command ip route [ip network destionation] [subnetmask] [ip port before the network destination]
Case Static Routing



1. Create Topology like above
2. Set IP address PC, port on the router and make sure all device has been UP.
3. Set ip route:
 - R1: ip route 30.30.30.0 255.255.255.0 12.12.12.2, ip route 23.23.23.0 255.255.255.0 12.12.12.2
 - R2: ip route 10.10.10.0 255.255.255.0 12.12.12.1, ip route 30.30.30.0 255.255.255.0 23.23.23.2
 - R3: ip route 12.12.12.0 255.255.255.0 23.23.23.1, ip route 10.10.10.0 255.255.255.0 23.23.23.1 
4. Ping 10.10.10.10 to 30.30.30.10. Reply!
Posting by di Tidak ada komentar :
Label:

Routing Protocol

Generally, the router is divided into two types, namely:
1. Static router (router static): is a router that has a static routing table in the settings manually by the network administrator.
2. Dynamic router (router dynamic): is a router that has a routing table and automatically, by listening to the network traffic and also interconnected with other routers.
Coordination of each Router: 
In static routing, the entries in the forwarding routing table is filled and removed manually, whereas the dynamic routing changes are made automatically through a routing protocol. 
Static routing is the simplest routing settings that can be done on a computer network. Using pure static routing in a network means filling every entry in the forwarding table at each router in the network. 
The use of static routing in a small network is not necessarily a problem, just a couple of entries that need to be loaded on the forwarding table in each router. But you can certainly imagine what if must complete forwarding table on each router that number is not small in large networks. 
Especially if you are assigned to fill in the entries in all routers on the Internet are numerous and growing every day. Of fuss once! Dynamic routing is the method used to remove the obligation to fill forwarding table entries manually. 
Routing protocols set up the routers so that they can communicate with each other and give each other routing information that can change the contents of the forwarding table, depending on the state of the network. In this way, routers know the final state of the network and is able to forward the datagram to the right direction. In other words, dynamic routing is the routing of data in the process of filling the routing table automatically. The following table-specific differences in the two types of routing
Posting by di Tidak ada komentar :
Label:

How to access Mikrotik from other Mikrotik

I would share a simple case about Mikrotik.

If you found case like you miss configuration in your Mikrotik, then you can't access to your Mikrotik with Mac Address and IP Public you must try this trik:


Go to IP >> Neighbors.



In the Neighbors List, you can see Mikrotik name in Identity column. if you sure, you can right click in your mikrotik what you want, and the click MAC Telnet.


After that, fill the login and password. That all.



Note: after you login to neighbors, you only can configuration with console mode not GUI.
Posting by di Tidak ada komentar :
Label:
Langganan: Postingan ( Atom )