Simple Bridge (Latihan RSTP)

Suatu ketika ada panggilan test disuatu ISP di bandung salah satunya test adalah membuat simple bridge seperti gambar di bawah.

Waktu test aku menggunakan linux dan terus terang ada sedikit kendala karena yang dinilai kecepatan dan ketepatan saat mensetting router2.

di linux kendalanya harus install paket seperti ebstables, bridge-utils, vlan, dll walaupun tinggal
apt-get install lom lagi konfigurasinya yang rada panjang dan modul yang harus diload.



untuk itu aku disuruh nyoba sama sys admin ISP untuk mencoba OpenBSD dan ternyata hasilnya keren banget cepat dan mudah g perlu install apapun karena semua paket telah include ke dalam kernel.

jika ada yang mau nambahin pake linux boleh2 aza di tunggu yaa...




========================== KONFIGURASI =========================

==============================
CORE
==============================

# touch /root/core
# chmod 755 /root/core
# vi /root/core

isikan :

#==========================
# CORE
# aagink@gmail.com
#==========================

echo 'Aktifkan Simple Bridge CORE...'

sysctl net.inet.ip.forwarding=1

lan_if="em0"
vlan_if="vlan10"
vlan_id="10"

vlan_ip="10.10.10.254/24"

ifconfig $lan_if up

ifconfig $vlan_if create vlan $vlan_id vlandev $lan_if
ifconfig $vlan_if up
ifconfig $vlan_if $vlan_ip

# vi /etc/rc.local

tambahkan :

# Add your local startup actions here.

/root/core

echo '.'


# reboot

==============================
CISCO SWITCH
==============================
!
hostname Switch
!
!
!
interface FastEthernet0/1
switchport trunk allowed vlan 10-30
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 10
!
interface FastEthernet0/3
switchport access vlan 20
!
interface FastEthernet0/4
switchport access vlan 30
!

==============================
PC-BRIDGE
==============================

# touch /root/pc-bridge
# chmod 755 /root/pc-bridge
# vi /root/pc-bridge

isikan :

#==========================
# PC-BRIDGE
# aagink@gmail.com
#==========================

echo 'Aktifkan Simple Bridge PC-BRIDGE...'

sysctl net.inet.ip.forwarding=1

if_2_core="em0"
if_2_A="em1"
if_2_B="em2"

if_bridge_2_core="bridge0"
if_bridge_2_router="bridge1"

if_vlan_2_CORE="vlan110"
if_vlan_2_A="vlan210"
if_vlan_2_B="vlan310"

vlan_id="10"

ip_bridge="1.1.1.1/24"

ifconfig $if_2_core up
ifconfig $if_2_A up
ifconfig $if_2_B up

ifconfig $if_bridge_2_core create
ifconfig $if_bridge_2_core up
ifconfig $if_vlan_2_CORE create vlan $vlan_id vlandev $if_2_core
ifconfig $if_vlan_2_A create vlan $vlan_id vlandev $if_2_A
ifconfig $if_vlan_2_B create vlan $vlan_id vlandev $if_2_B
ifconfig $if_vlan_2_CORE up
ifconfig $if_vlan_2_A up
ifconfig $if_vlan_2_B up
brconfig $if_bridge_2_core add $if_vlan_2_CORE
brconfig $if_bridge_2_core add $if_vlan_2_A
brconfig $if_bridge_2_core add $if_vlan_2_B

ifconfig $if_bridge_2_router create
ifconfig $if_bridge_2_router up
brconfig $if_bridge_2_router add $if_2_A add $if_2_B up
ifconfig $if_2_A $ip_bridge


# vi /etc/rc.local

tambahkan :

# Add your local startup actions here.

/root/pc-bridge

echo '.'


# reboot

==============================
ROUTER-A
==============================

# touch /root/router-a
# chmod 755 /root/router-a
# vi /root/router-a

isikan :

#==========================
# ROUTER-A
# aagink@gmail.com
#==========================

echo 'Aktifkan Simple Bridge ROUTER-A...'

sysctl net.inet.ip.forwarding=1

wan_if="em0"
lan_if="em1"

vlan_if="vlan210"
vlan_id="10"

vlan_ip="10.10.10.1/24"
bridge_ip="1.1.1.2/24"
lan_ip="192.168.0.254/24"

ifconfig $wan_if up
ifconfig $lan_if up
ifconfig $wan_if $bridge_ip
ifconfig $lan_if $lan_ip
ifconfig $vlan_if create vlan $vlan_id vlandev $wan_if
ifconfig $vlan_if up
ifconfig $vlan_if $vlan_ip

echo 'Aktifkan PACKET FILLTERING'
pfctl -e
echo
echo 'Aktifkan NAT'
pfctl -Nf /etc/pf.conf

# vi /etc/rc.local

tambahkan :

# Add your local startup actions here.

/root/router-a

echo '.'

membuat NAT

# vi /etc/pf.conf

isikan :

wan_if="vlan210"
lan_if="em1"

nat on $wan_if from $lan_if:network to any -> $wan_if

# reboot

==============================
ROUTER-B
==============================

# touch /root/router-b
# chmod 755 /root/router-b
# vi /root/router-b

isikan :

#==========================
# ROUTER-B
# aagink@gmail.com
#==========================

echo 'Aktifkan Simple Bridge ROUTER-B...'

sysctl net.inet.ip.forwarding=1

wan_if="em0"
lan_if="em1"

vlan_if="vlan310"
vlan_id="10"

vlan_ip="10.10.10.2/24"
bridge_ip="1.1.1.3/24"
lan_ip="192.168.1.254/24"

ifconfig $wan_if up
ifconfig $lan_if up
ifconfig $wan_if $bridge_ip
ifconfig $lan_if $lan_ip
ifconfig $vlan_if create vlan $vlan_id vlandev $wan_if
ifconfig $vlan_if up
ifconfig $vlan_if $vlan_ip

echo 'Aktifkan PACKET FILLTERING'
pfctl -e
echo
echo 'Aktifkan NAT'
pfctl -Nf /etc/pf.conf

# vi /etc/rc.local

tambahkan :

# Add your local startup actions here.

/root/router-b

echo '.'

membuat NAT

# vi /etc/pf.conf

isikan :

wan_if="vlan310"
lan_if="em1"

nat on $wan_if from $lan_if:network to any -> $wan_if


# reboot

Labels:

Comments :

0 comments to “Simple Bridge (Latihan RSTP)”

Post a Comment

Subscribe to: Post Comments (Atom)

Komentar Anda...

 

Web Stat

Linux Today News Service

Loading...

My Yahoo Messenger Status

Web Stat