Raja Gombal Vs. Ratu Gombal ??
Refreshing sejenak, kayaknya lagi musim gombal gombalan, ayoo siapa diantara dua ini yang paling gombal hehehe.
Upgrade to FreeBSD 9.0 release using CVSUP
Coba upgrade dari 6.2 stable ke 9.0 Release, gak tau bisa berhasil kagak .
unila-inherent-gtw# uname -a FreeBSD unila-inherent-gtw 6.2-STABLE FreeBSD 6.2-STABLE #4: Tue May 1 18:33:46 UTC 2007 harid@routergw.unila.ac.id:/usr/src/sys/i386/compile/ROUTERGW i386 unila-inherent-gtw# CVSup File
# The prefix directory must exist in order to run CVSup.
# Defaults that apply to all the collections # # IMPORTANT: Change the next line to use one of the CVSup mirror sites # listed at http://www.freebsd.org/doc/handbook/mirrors.html. *default host=cvsup1.us.FreeBSD.org *default base=/var/db *default prefix=/usr *default release=cvs tag=RELENG_9_0 *default delete use-rel-suffix
unila-inherent-gtw# csup standard-supfile Connected to 72.233.193.64 Updating collection src-all/cvs Checkout src/COPYRIGHT Checkout src/LOCKS Checkout src/MAINTAINERS Checkout src/Makefile Checkout src/Makefile.inc1 Checkout src/ObsoleteFiles.inc Checkout src/README Checkout src/UPDATING Checkout src/bin/Makefile Checkout src/bin/Makefile.inc Checkout src/bin/cat/Makefile Checkout src/bin/cat/cat.1 Checkout src/bin/cat/cat.c Checkout src/bin/chflags/Makefile Checkout src/bin/chflags/chflags.1 Checkout src/bin/chflags/chflags.c Checkout src/bin/chio/Makefile Checkout src/bin/chio/chio.1 Checkout src/bin/chio/chio.c Checkout src/bin/chio/defs.h Checkout src/bin/chio/pathnames.h Checkout src/bin/chmod/Makefile Checkout src/bin/chmod/chmod.1 Checkout src/bin/chmod/chmod.c Checkout src/bin/cp/Makefile Checkout src/bin/cp/cp.1 Checkout src/bin/cp/cp.c Checkout src/bin/cp/extern.h Checkout src/bin/cp/utils.c
Mudah-mudahan berhasil, SAMPAI KAPAN KAU KAN KU NANTI hehehe.
Asterisk Flash Operator Panel – FOP – voip.unila.ac.id
Semua IPPhone hasil pengadaan IMHERE telah laris manis dipasang/didistribusikan ke sebagian Unit Kerja, di UPT Puskom juga terpasang sebanyak 5 Unit IPPhone dan sudah kriiiiing, fokus termin pertama aktifasi IPPhone ini sebatas kalangan gedung rektorat dan Dekanat Fakultas, sedangkan untuk jurusan masih belum terjangkau IPPhone, namun akun sudah dibuatkan dan bisa menggunakan SoftPhone. 001 adalah ekstensi yang sudah saya booking 😀 , Online pada HP Samsung Galaxy Android dengan software SIPDroid, itu juga kalo konek WIFI Unila baru diaktifin. Mudah-mudahan saja barang-barang tadi bisa awet dan bermanfaat untuk kepentingan umat, harapannya dapat menggantikan fungsi PABX analog yang sudah tidak reliable lagi terhadap banyaknya permintaan extension , syukur-syukur DIPA anggaran PUSKOM tahun 2012 ini untuk pengadaan IPPhone hingga ke level jurusan dan Lab bisa di setujui, ya tambah oke deh.
Tunning BGP, FreeBSD, Quagga IPv4 And IPv6
Quagga adalah salah satu software routing protocol suite bersifat totally free (Open Source) yang sangat populer disamping produk branded komersial semacam Cisco, Mikrotik, Juniper,dll. Meskipun sifatnya open source tidak berarti bahwa aplikasi ini tidak handal, terbukti banyak Provider/Perusahaan/Universitas/Institusi menggunakan aplikasi ini untuk menghandle transaksi routing mereka, dengan fitur OSPF, BGP, RIP, Firewall, Plus pengelolaan yang baik maka Quagga pun dapat dijadikan alternatif pengganti atas branded router komersil. Quagga dapat berjalan berdampingan dengan system operasi Open Source manapun. Di Universitas Lampung menggunakan kombinasi OS FreeBSD+Quagga sebagai border terluar menangani prefix Network dari berbagai penjuru dunia baik dari IPv4 maupun IPv6. Sekarang akan muncul pertanyaan bagaimana kita mendeploy jaringan dengan fitur Dynamic Routing pada FreeBSD dan Quagga, jawabnya ada dibawah; 🙂
1. Langkah pertama pastikan bahwa System Operasi FreeBSD telah terinstall sempurna pada Komputer Server, source terbaru FreeBSD Versi 9 Release dapat anda unduh dialamat berikut http://mirror.unila.ac.id .
2. Proses tuning pertama dilakukan pada level System Operasi dengan memodifikasi /etc/sysctl.conf
# According to our experience a lot of loss with fastforwarding net.inet.ip.fastforwarding=0 net.inet.tcp.inflight_enable=0 # No redirect net.inet.icmp.drop_redirect=1 net.inet.icmp.log_redirect=1 net.inet.ip.redirect=0 net.inet6.ip6.redirect=0 # Source routing = off net.inet.ip.sourceroute=0 net.inet.ip.accept_sourceroute=0 # no icmp broadcast net.inet.icmp.bmcastecho=0 net.inet.icmp.maskrepl=0 # For GigaBit controler net.inet.tcp.sendbuf_auto=1 net.inet.tcp.sendbuf_inc=16384 net.inet.tcp.recvbuf_auto=1 net.inet.tcp.recvbuf_inc=524288
3. Install Quagga Routing Protocol Suite via port.
4. Aktifkan Peer BGP ke arah Provider untuk menerima Full Route/ Prefix
AS56237-NOC-Cyber-VLAN2011-MK670-AP# telnet localhost bgpd Trying ::1... Connected to localhost. Escape character is '^]'. Hello, this is Quagga (version 0.99.17). Copyright 1996-2005 Kunihiro Ishiguro, et al. User Access Verification Password: INTL-global-gw-POP1-unila# hostname INTL-global-gw-POP1-unila #HOSTNAME password 8 vbfxxxcvv #Password enable password 8 basdhkjhwehhHSKDJHhh #Password Enable log file /var/log/quagga/bgpd.log #Aktifkan Fitur Logging log stdout service password-encryption #Password Encryption ! router bgp 56237 #AS Number yang kita kelola bgp router-id 27.50.31.178 #Router ID - IP P2P yang kita miliki bgp log-neighbor-changes #Setiap perubahan BGP akan kita monitor network 103.3.46.0/24 #Advertise prefix Network yang kita kelola neighbor 27.50.31.177 remote-as 23947 #Peer Neighbour IP P2P ke ISP neighbor 27.50.31.177 description UNILA-MORATEL #Peer Description neighbor 27.50.31.177 next-hop-self #Next Hoop neighbor 27.50.31.177 soft-reconfiguration inbound neighbor 2001:470:17:9::1 remote-as 6939 #Peer Neighbour IPv6 neighbor 2001:470:17:9::1 description UNILA-HE #Peer Neighboyr IPv6 Description neighbor 2001:470:17:9::1 update-source 2001:470:17:9::2 #Update Source neighbor 2001:470:17:9::1 remove-private-AS #Buang private ASN ! address-family ipv6 network 2001:df0:230::/48 #Advertise Prefix IPv6 neighbor 2001:470:17:9::1 activate #Aktifasi Peer IPv6 Neighbour exit-address-family ! line vty ! end INTL-global-gw-POP1-unila#
Contoh diatas adalah parameter minimal yang dapat digunakan, dapat anda modifikasi lagi misal dengan menambahkan akses list untuk keperluan firewall.
Lalu check apakah prefix IPv4 dan IPv6 berhasil diterima
IPv4 Check
INTL-global-gw-POP1-unila# sh bgp ipv4 unicast statistics BGP IPv4 Unicast RIB statistics Total Advertisements : 402003 Total Prefixes : 402003 Average prefix length : 22.34 Unaggregateable prefixes : 191613 Maximum aggregateable prefixes: 210390 BGP Aggregate advertisements : 25173 Address space advertised : 2512747923 %% announced : 58.50 /8 equivalent : 149.77 /24 equivalent : 9815422.00 Advertisements with paths : 402003 Longest AS-Path (hops) : 28 Average AS-Path length (hops) : 4.57 Largest AS-Path (bytes) : 114 Average AS-Path size (bytes) : 20.26 Highest public ASN : 12845948 INTL-global-gw-POP1-unila#
IPv6 Check
INTL-global-gw-POP1-unila# sh bgp ipv6 unicast statistics BGP IPv6 Unicast RIB statistics Total Advertisements : 7519 Total Prefixes : 7519 Average prefix length : 38.28 Unaggregateable prefixes : 5796 Maximum aggregateable prefixes: 1723 BGP Aggregate advertisements : 340 Address space advertised : 29890695739 %% announced : 2989069516800.00 /8 equivalent : 1781.62 /24 equivalent : 116760528.00 Advertisements with paths : 7519 Longest AS-Path (hops) : 14 Average AS-Path length (hops) : 2.98 Largest AS-Path (bytes) : 58 Average AS-Path size (bytes) : 13.93 Highest public ASN : 393246 INTL-global-gw-POP1-unila#
Lalu pastikan juga bahwa jalur yang kita lewati telah berfungsi dengan baik
IPv4
AS56237-NOC-Cyber-VLAN2011-MK670-AP# traceroute www.google.com traceroute: Warning: www.google.com has multiple addresses; using 74.125.235.49 traceroute to www.l.google.com (74.125.235.49), 128 hops max, 40 byte packets 1 ip-27-50-31-177.cepat.net.id (27.50.31.177) 6.620 ms 7.846 ms 5.686 ms 2 v450.0-2-0.m10-cyb-jkt.moratelindo.co.id (202.43.177.38) 5.195 ms 5.143 ms 5.367 ms 3 v223.2-1-2.sr7-cyb-jkt.moratelindo.co.id (27.50.17.250) 8.143 ms 6.292 ms 5.901 ms 4 * * * 5 p15169.sgw.equinix.com (202.79.197.30) 26.760 ms 26.604 ms 26.724 ms 6 209.85.243.156 (209.85.243.156) 29.541 ms 29.578 ms 29.805 ms 7 72.14.233.145 (72.14.233.145) 29.961 ms 29.817 ms 29.815 ms 8 sin01s05-in-f17.1e100.net (74.125.235.49) 25.991 ms 26.008 ms 25.925 ms AS56237-NOC-Cyber-VLAN2011-MK670-AP#
IPv6
AS56237-NOC-Cyber-VLAN2011-MK670-AP# traceroute6 ipv6.google.com traceroute6 to ipv6.l.google.com (2404:6800:800b::6a) from 2001:470:17:9::2, 64 hops max, 12 byte packets 1 donovanp-2.tunnel.tserv19.hkg1.ipv6.he.net 73.347 ms 67.989 ms 69.137 ms 2 tserv19.hkg1.ipv6.he.net 69.619 ms 91.654 ms 67.177 ms 3 google3-10G.hkix.net 68.479 ms 68.728 ms 68.508 ms 4 2001:4860::1:0:1063 70.171 ms 71.939 ms 69.439 ms 5 2001:4860::1:0:9d0 105.830 ms 203.226 ms 106.359 ms 6 2001:4860::2:0:3c6 107.178 ms 2001:4860::2:0:3c7 106.180 ms 2001:4860::2:0:3c6 104.981 ms 7 2001:4860:0:1::25b 114.613 ms 2001:4860:0:1::257 107.181 ms 2001:4860:0:1::25b 114.576 ms 8 2404:6800:800b::6a 108.043 ms 108.270 ms 107.646 ms AS56237-NOC-Cyber-VLAN2011-MK670-AP#
Terakhir selalu monitor aplikasi quagga anda..
World IPv6 Launch on 6 JUNE 2012 – The Future is Forever
Rencananya tepat tanggal 6 Juni 2012 akan diadakan even besar dalam rangka “Pemantapan” jejaring internet berbasis IPv6 di seluruh dunia, melalui website ini http://www.worldipv6launch.org kita diminta untuk turut berpartisipasi mendukung pengembangan jejaring base on IPv6, saya kutip introduction news dari official site nya,
Major Internet service providers (ISPs), home networking equipment manufacturers, and web companies around the world are coming together to permanently enable IPv6 for their products and services by 6 June 2012.
Organized by the Internet Society, and building on the successful one-day World IPv6 Day event held on 8 June 2011, World IPv6 Launch represents a major milestone in the global deployment of IPv6. As the successor to the current Internet Protocol, IPv4, IPv6 is critical to the Internet’s continued growth as a platform for innovation and economic development.
Beberapa raksasa internet yang telah memastikan turut berpartisipasi pada IPv6 launching ini adalah sebagai berikut;
Saya mewakili Universitas Lampung juga telah menyatakan/meluruskan niat untuk juga turut berpartisisapi pada even ini, bagi anda yang juga ingin turut serta monggo akses website http://www.worldipv6launch.org , klik register lalu isikan informasi kontak person, AS Number, serta domain yang dikelola, tidak lama berselang akan ada notifikasi via email untuk menunggu check and recheck dari om admin penyelenggara even tersebut, o iya jangan lupa memajang logo IPv6 Lunch di website kita.
/usr/local/etc/rc.d/apache22: WARNING: failed to start apache22
Warning lognya kira-kira begini.
AS56237-NOC-Cyber-VLAN2011-MK670-AP# tail -f /var/log/httpd-error.log Configuration Failed [Fri Jan 20 02:59:07 2012] [warn] Init: Session Cache is not configured [hint: SSLSessionCache] [Fri Jan 20 02:59:07 2012] [alert] (EAI 8)hostname nor servname provided, or not known: mod_unique_id: unable to find IPv4 address of "AS56237-NOC-Cyber-VLAN2011-MK670-AP.unila.ac.id" Configuration Failed [Fri Jan 20 10:07:19 2012] [warn] Init: Session Cache is not configured [hint: SSLSessionCache] [Fri Jan 20 10:07:19 2012] [alert] (EAI 8)hostname nor servname provided, or not known: mod_unique_id: unable to find IPv4 address of "AS56237-NOC-Cyber-VLAN2011-MK670-AP.unila.ac.id" Configuration Failed [Fri Jan 20 10:08:47 2012] [warn] Init: Session Cache is not configured [hint: SSLSessionCache] [Fri Jan 20 10:08:47 2012] [alert] (EAI 8)hostname nor servname provided, or not known: mod_unique_id: unable to find IPv4 address of "AS56237-NOC-Cyber-VLAN2011-MK670-AP.unila.ac.id" Configuration Failed
Kejadian diakibatkan hostname di server dan yang terecord di DNS server tidak bersesuaian, cara gampang tanpa harus menambahkan entry record DNS baru tinggal lakukan langkah berikut
Tinggal Comment line ini di httpd.conf
#LoadModule unique_id_module libexec/apache22/mod_unique_id.so
Beres,
[Fri Jan 20 10:14:02 2012] [notice] Digest: generating secret for digest authentication ... [Fri Jan 20 10:14:02 2012] [notice] Digest: done [Fri Jan 20 10:14:02 2012] [notice] Apache/2.2.17 (FreeBSD) DAV/2 mod_ssl/2.xxOpenSSL/0.xxn configured -- resuming normal operations
PIPA SOPA/Blackoutpage Vote
The Wikipedia blackout is over — and you have spoken.
More than 162 million people saw our message asking if you could imagine a world without free knowledge. You said no. You shut down Congress’s switchboards. You melted their servers. From all around the world your messages dominated social media and the news. Millions of people have spoken in defense of a free and open Internet.
For us, this is not about money. It’s about knowledge. As a community of authors, editors, photographers, and programmers, we invite everyone to share and build upon our work.
Our mission is to empower and engage people to document the sum of all human knowledge, and to make it available to all humanity, in perpetuity. We care passionately about the rights of authors, because we are authors.
SOPA and PIPA are not dead: they are waiting in the shadows. What’s happened in the last 24 hours, though, is extraordinary. The internet has enabled creativity, knowledge, and innovation to shine, and as Wikipedia went dark, you’ve directed your energy to protecting it.
We’re turning the lights back on. Help us keep them shining brightly.
If you live in the U.S., contact your representatives.
Make your voice heard!
Last Comment