Selasa, 27 Februari 2018

VLAN MIKROTIK KOMUNIKASI

Didalam router mikrotik, default routing antar vlan atau yang biasa disebut routing inter vlan adalah ngeblok. Maksudnya adalah, masing2 interface vlan tersebut tidak akan bisa ngobrol antara 1 dengan yang lain, meskipun masih dalam 1 router.

Tentunya ini akan menyulitkan bila kita mempunyai server diinternal (proxy, web, fileserver, etc). karena kita tidak akan bisa mengakses server2 tersebut dari client karena beda vlan dan network.

Hal ini bisa kita atasi dengan membuat 1 rule yang intinya adalah mengallow semua vlan untuk dapet mengakses server tersebut. Berikut adalah contoh rule-nya, selanjutnya mohon disesuaikan dengan kondisi dinetwork masing2 ya...

contoh :

vlan client:
client A vlan-id=10 network 10.10.10.0/29
client B vlan-id=20 network 10.10.20.0/29
client C vlan-id=30 network 10.10.30.0/29

vlan server:
server vlan-id=5 network 10.10.0.0/29

lalu kita masukin ke address-list :

/ ip firewall address-list
add address=10.10.10.0/29 comment="" disabled=no list=Client
add address=10.10.20.0/29 comment="" disabled=no list=Client
add address=10.10.30.0/29 comment="" disabled=no list=Client
add address=10.10.0.0/29 comment="" disabled=no list=Server

dan ini rule yang bikin supaya bisa ngobrol...

/ip firewall mangle
add action=accept chain=prerouting comment="Routing Inter Vlan" disabled=no dst-address-list=Server src-address-list=Client

btw, rule ini diletakkan paling atas, agar terbaca pertama oleh router.

setelah itu, bilamana dipandang perlu, rebootlah router anda (sebenernya ini cuma untuk membersihkan connection tracking yang masih established aja koq).

Demikian tips dan trik dari saya, semoga bisa membantu teman2 yang menggunakan vlan didalam routernya.

SUMBERNYA INI http://tipstrikz.blogspot.co.id/2011/03/mikrotik-routing-inter-vlan.html

Jumat, 23 Februari 2018

vpn ip telkom jasa tunel

VPN IP MPLS adalah layanan komunikasi data any to any connection berbasis ip multi protocol label switching (MPLS). Layanan ini memiliki kelebihan dibandingkan dengan layanan komunikasi data melalui leased line maupun layanan vpn berbasis frame relay.

VPN IP digunakan untuk merealisasikan CoS dimana pelanggan dapat mengimplementasikan aplikasinya baik berupa aplikasi yang delay senitive, mission critical maupun non mission critical pada satu platform jaringan privat IP MPLS. Beberapa kelebihan yang dapat disediakan oleh VPN IP sebagai berikut:

Multiservices Offering (Data, Voice dan Video; support banyak aplikasi bisnis:ERP, CRM, etc; multiple access/last mile independent)

Provisioning Scalability (Fleksibel, pengembangan jaringan bertahap, Mudah dan cepat melakukan Rekonfigurasi/ tidak diperlukan konfigurasi any to any , Lingkup nasional POP)

Manageability (End to End Manageable, NMS untuk monitoring, User Friendly, berbasis web (real time) reporting

Cost Saving Opportunity (price tidak tergantung jarak, CPE terintegrasi, tidak diperlukan banyak pegawai terlatih )

FAQ TELKOMLink VPN IP 1. Apa perbedaannya dengan Layanan TELKOMLink lain ? Koneksi dalam VPN IP bukan merupakan sirkit-sirkit yang dibangun dari suatu titik ke titik lain, sehingga tidak distance sensitive, melainkan berupa keanggotaan dalam suatu cloud network, sehingga setiap titik yang dibangun secara default akan terhubung ke semua titik dalam cloud tersebut. CoS dalam VPN IP juga berbasis keanggotaan dalam cloud tersebut, berbeda dengan VPN Gold yang diabngun dengan memisahkan sirkit virtualnya. 2. Berapa speed yang bisa disupport ?

64 Kbps â€� 2 Mbps dengan kelipatan 64 Kbps 3. Berapa paket layanan yang tersedia ? Ada enam paket layanan yang tersedia yang dibedakan atas porsi bandwidth tiga QoS yg tersedia. Penjelasan lebih detil silakan menghubungi Account Mananger TELKOM. 4. Ada berapa QoS dalam VPN IP ? TELKOM mengelompokkan jenis aplikasi dalam tiga jenis : Interaktif, Gold, dan Silver. Interaktif untuk aplikasi VoIP dan Vicon, Gold untuk aplikasi Database Client Server (seperti SAP, BAAN), dan Silver untuk non critical data (seperti email, web). Masing-msaing jenis aplikasi memerlukan tingkat layanan (QoS) yang berbeda. 5. Perangkat apa yang perlu disiapkan ? Untuk mendeliver layanan ini, TELKOM akan menyediakan modem (termasuk dalam biaya PSB) yang dipasang di setiap site pelanggan. Router akan disediakan TELKOM bekerjasama dengan Mitra TELKOM (tidak termasuk dalam biaya PSB), sehingga pelanggan cukup menyediakan LAN konfigurasi (seperti Hub, Switch, Cabling, Server) 6. Apakah bisa digunakan untuk voice ? Bisa. Dengan memilih paket yang sesuai, MPLS akan menjamin paket voice yang dilewatkan akan di perlakukan dengan treatment khusus, sehingga standar-standar kualitas suara bisa terjaga. 7. Apakah bisa digunakan untuk internet ?

Bisa, dengan menghubungkannya ke gateway internet. 8. Siapa sajakah yang bisa memanfaatkan layanan ini ?

Layanan ini dapat digunakan oleh :

Perusahaan yang memiliki banyak cabang dan menyebar.

Perusahaan yang memiliki konfigurasi network multi hub/full mesh.

Perusahaan yang menjalankan multi aplikasi.

Perusahaan yang memilih outsourcing untuk pengaturan network nya.

Keunggulan

Mampu mengimplementasikan QoS (Quality of Service), yaitu pelanggan dapat menggunakan berbagai jenis aplikasi baik berupa aplikasi yang Delay Sensitive, Mission Critical maupun Non Mission Critical pada satu platform jaringan privat IP MPLS.
Layanan multi service, baik layanan data, video maupun suara. Mendukung berbagai macam aplikasi bisnis : seperti ERP, CRM. Dapat dengan mudah diintegrasikan dengan internet. Memiliki keragaman akses last mile ( dial up, dedicated maupun wireless).
Skala Provisioning yang fleksibel. Mudah jika ingin menambah lokasi dan aplikasi baru. Kemudahan membangun jaringan dari kecil ke besar (gradual migration). Sederhana dan cepat untuk mengkonfigurasi ulang (tidak membutuhkan ‘site to site configuration’ ). POP Nasional.
Pengendalian yang mudah. End to end manageable. NMS tunggal. Mudah digunakan (user friendly). Laporan berbasis web (real time).
Peluang Penghematan Biaya. Tarif tidak berdasarkan jarak. CPE dikelola oleh TelkomMengurangi ketergantungan pada SDM yang ahli (diserahkan pada provider)

Klasifikasi Layanan

Manajemen Router
- Managed Router. Adalah pengelolaan router pelanggan dilaksanakan oleh Telkom, meliputi provisioning dan konfigurasi layanan sampai dengan Customer Edge (CE)/router pelanggan. Berlaku untuk layanan : VPN IP Interactive, VPN IP Gold, VPN IP Silver (optional).
- Unmanaged Router. Adalah pengelolaan router pelanggan bisa dilaksanakan oleh pelanggan. Hanya berlaku untuk layanan VPN IP Silver.

Pengertian VPN IP Link Telkom

Pernah dengar VPN IP ??? VPN IP merupakan salah satu jenis layanan service yang ditawarkan oleh Telkom telkom sebagai media komunikasi data perusahaan antara kantor pusat ke kantor cabang. VPN IP atau biasa disebut dengan MPLS adalah layanan komunikasi data any to any connection berbasis ip multi protocol label switching (MPLS).Layanan ini sebagai solusi pertukaran data secara cepat antar Induk perusahaan ke beberapa anak perusahaannya.

Layanan ini tergolong cukup mumpuni, karena layanan ini bisa digunakan untuk komunikasi Data,Voice maupun Video. Pada perusahaan perusahan biasanya layanan ini digunakan untuk akses aplikasi ataupun data base dari Server (BackHaul) ke cabang-cabang lain yang ada di seluruh indonesia.

Layanan ini sudah terdeliver hampir diseluruh Wilayan Indonesia dengan asumsi daerah tersebut terjangkau oleh jaringan line telfon . tetapi jika ada suatu wilayah yang belum tercover oleh line telfon dari telkom dan ingin berlangganan maka dari telkom akan menyediakan Koneksi lain dengan menggunakan VSAT.

Seiring perkembangan Jaman Link VPN IP sudah tidak lagi mentok di BW 2 MB, Untuk sebelumnya link ini BW terbatas hanya 2MB karena jalur koneksi yang digunakan masih menggunakan kabel tembaga. Dimana kabel tembaga hanya support sampai BW 2 MB saja. Sekarang ini Telkom sudah menggunakan FO sebagai jalur nya sehingga bisa dibilang kecepatannya tak terbatas. Tinggal kuat-kuat aja perusahaan untuk membayar sewa BW nya.

Untuk konfigurasinya juga link ini tergolong cukup mudah karena dari segi ip maupun routing sudah disiapkan oleh telkom, sehingga dari pelanggan tinggal melakukan konfigurasi disisi CPE (Router Customer). Dari telkom juga menyediakan routernya jika memang dari pelanggan tidak mau repot-repot melakukan konfigurasi.

Mungkin itu saja yang bisa sharing ke rekan-rekan semua semoga bisa membantu teman-teman yang membutuhkan informasi tentang link VPN IP Telkom. Tetapi jika ada yang mau ditanyakan bisa langsung ja koment disini, semoga saya bisa membantu. Pada artikel selanjutnya saya akan sharing teantang bagaimana pengecekan link VPN IP Sooo jangan lupa mampir dan koment yaa..jadi kan klu ada yang koment saya semakin semangan nulisnya...Hehehee

Konfigurasi VPN IP Telkom di Mikrotik

Konfigurasi VPN IP di Mikrotik belum banyak di google sih kayaknya, kebanyakan konsepnya pake PPP Server,
dimana Thunnel antara ip yg jadi server sama client,
kalau VPN IP itu konsep nya udah VPN nah kelemahannya gak bisa di dial dari luar,kalau mau bisa di dial harus ada astinetnya minimal dimana dapet 1 IP public lalu kita route ke VPN IP.
nah yg gua share itu ada Speedy dan VPN IP :
Route:
#      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
0 A S 0.0.0.0/0                          192.168.2.1               1
1 A S 172.31.0.0/16                      172.31.xxx.1              1
2 ADC 172.31.xxx.0/30    172.31.xxx.2    ether2-VPNIP              0
3 ADC 192.168.1.0/24     192.168.1.1     ether3-CLIENT             0
4 ADC 192.168.2.0/24     192.168.2.2     ether1-SPEEDY             0
5 A S 192.168.5.0/24                     172.31.165.1              1
6 A S 192.168.6.0/24                     172.31.165.1              1
> ip address print
Flags: X – disabled, I – invalid, D – dynamic
#   ADDRESS            NETWORK         INTERFACE
0   172.31.xxx.2/30    172.31.xxx.0    ether2-VPNIP
1   192.168.1.1/24     192.168.1.0     ether3-CLIENT
2   192.168.2.2/24     192.168.2.0     ether1-SPEEDY
chain=srcnat action=masquerade ether1-SPEEDY
ip firewall mangle print
Flags: X – disabled, I – invalid, D – dynamic
0   chain=prerouting action=mark-routing new-routing-mark=conn-speedy
passthrough=yes protocol=tcp src-address=192.168.1.0/24
——-samarinda
ip route print
Flags: X – disabled, A – active, D – dynamic,
C – connect, S – static, r – rip, b – bgp, o – ospf, m – mme,
B – blackhole, U – unreachable, P – prohibit
#      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
0 A S 0.0.0.0/0                          192.168.7.1               1
1 A S 172.31.0.0/16                      172.31.xxx.5              1
2 ADC 172.31.xxx.4/30    172.31.xxx.6    ether2-vpn-ip             0
3 A S 192.168.1.0/24                     172.31.xxx.5              1
4 A S 192.168.5.0/24                     172.31.xxx.5              1
5 ADC 192.168.6.0/24     192.168.6.1     ether3-client             0
6 ADC 192.168.7.0/24     192.168.7.11    ether1-speedy             0
[admin@teluk lerong] >
ip firewall nat print
Flags: X – disabled, I – invalid, D – dynamic
0    chain=srcnat action=masquerade out-interface=ether1-speedy log=no
log-prefix=””
1    chain=srcnat action=masquerade out-interface=ether2-vpn-ip log=no
log-prefix=””
ip address print
Flags: X – disabled, I – invalid, D – dynamic
#   ADDRESS            NETWORK         INTERFACE
0   192.168.7.11/24    192.168.7.0     ether1-speedy
1   192.168.6.1/24     192.168.6.0     ether3-client
2   172.31.xxx.6/30    172.31.xxx.4    ether2-vpn-ip
[admin@teluk lerong] >

perintah cli network linux

LINUX NETWOKING : BY FEBRUARI SAD

menampilkan semua informasi pc

ketik perintah :

lshw -class network

menambahkan ip dan netmask

sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0

menambahkan route
sudo route add default gw 10.0.0.1 eth0

menampikan ini tabel routing
route -n

menambakan dns atau nameserver
/etc/resolv.conf

otmatis dhcp client

Dynamic IP Address Assignment (DHCP Client)

To configure your server to use DHCP for dynamic address assignment, add the dhcp method to the inet address family statement for the appropriate interface in the file /etc/network/interfaces. The example below assumes you are configuring your first Ethernet interface identified as eth0.

auto eth0
iface eth0 inet dhcp

By adding an interface configuration as shown above, you can manually enable the interface through the ifup command which initiates the DHCP process via dhclient.

sudo ifup eth0

To manually disable the interface, you can use the ifdown command, which in turn will initiate the DHCP release process and shut down the interface.

sudo ifdown eth0

Static IP Address Assignment

To configure your system to use a static IP address assignment, add the static method to the inet address family statement for the appropriate interface in the file /etc/network/interfaces. The example below assumes you are configuring your first Ethernet interface identified as eth0. Change the address, netmask, and gateway values to meet the requirements of your network.

auto eth0
iface eth0 inet static
address 10.0.0.100
netmask 255.255.255.0
gateway 10.0.0.1

By adding an interface configuration as shown above, you can manually enable the interface through the ifup command.

sudo ifup eth0

To manually disable the interface, you can use the ifdown command.

sudo ifdown eth0

Loopback Interface

The loopback interface is identified by the system as lo and has a default IP address of 127.0.0.1. It can be viewed using the ifconfig command.

ifconfig lo
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:2718 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2718 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:183308 (183.3 KB)  TX bytes:183308 (183.3 KB)

By default, there should be two lines in /etc/network/interfaces responsible for automatically configuring your loopback interface. It is recommended that you keep the default settings unless you have a specific purpose for changing them. An example of the two default lines are shown below.

auto lo
iface lo inet loopback

Name Resolution

Name resolution as it relates to IP networking is the process of mapping IP addresses to hostnames, making it easier to identify resources on a network. The following section will explain how to properly configure your system for name resolution using DNS and static hostname records.

DNS Client Configuration

Traditionally, the file /etc/resolv.conf was a static configuration file that rarely needed to be changed or automatically changed via DCHP client hooks. Nowadays, a computer can switch from one network to another quite often and the resolvconf framework is now being used to track these changes and update the resolver's configuration automatically. It acts as an intermediary between programs that supply nameserver information and applications that need nameserver information. Resolvconf gets populated with information by a set of hook scripts related to network interface configuration. The most notable difference for the user is that any change manually done to /etc/resolv.conf will be lost as it gets overwritten each time something triggers resolvconf. Instead, resolvconf uses DHCP client hooks, and /etc/network/interfaces to generate a list of nameservers and domains to put in /etc/resolv.conf, which is now a symlink:

/etc/resolv.conf -> ../run/resolvconf/resolv.conf

To configure the resolver, add the IP addresses of the nameservers that are appropriate for your network in the file /etc/network/interfaces. You can also add an optional DNS suffix search-lists to match your network domain names. For each other valid resolv.conf configuration option, you can include, in the stanza, one line beginning with that option name with a dns- prefix. The resulting file might look like the following:

iface eth0 inet static
    address 192.168.3.3
    netmask 255.255.255.0
    gateway 192.168.3.1
    dns-search example.com
    dns-nameservers 192.168.3.45 192.168.8.10

The search option can also be used with multiple domain names so that DNS queries will be appended in the order in which they are entered. For example, your network may have multiple sub-domains to search; a parent domain of example.com, and two sub-domains, sales.example.com and dev.example.com.
If you have multiple domains you wish to search, your configuration might look like the following:

iface eth0 inet static
    address 192.168.3.3
    netmask 255.255.255.0
    gateway 192.168.3.1
    dns-search example.com sales.example.com dev.example.com
    dns-nameservers 192.168.3.45 192.168.8.10

If you try to ping a host with the name of server1, your system will automatically query DNS for its Fully Qualified Domain Name (FQDN) in the following order:

server1.example.com
server1.sales.example.com
server1.dev.example.com

If no matches are found, the DNS server will provide a result of notfound and the DNS query will fail.

Static Hostnames

Static hostnames are locally defined hostname-to-IP mappings located in the file /etc/hosts. Entries in the hosts file will have precedence over DNS by default. This means that if your system tries to resolve a hostname and it matches an entry in /etc/hosts, it will not attempt to look up the record in DNS. In some configurations, especially when Internet access is not required, servers that communicate with a limited number of resources can be conveniently set to use static hostnames instead of DNS.
The following is an example of a hosts file where a number of local servers have been identified by simple hostnames, aliases and their equivalent Fully Qualified Domain Names (FQDN's).

127.0.0.1       localhost
127.0.1.1       ubuntu-server
10.0.0.11       server1 server1.example.com vpn
10.0.0.12       server2 server2.example.com mail
10.0.0.13       server3 server3.example.com www
10.0.0.14       server4 server4.example.com file

In the above example, notice that each of the servers have been given aliases in addition to their proper names and FQDN's. Server1 has been mapped to the name vpn, server2 is referred to as mail, server3 as www, and server4 as file.

Name Service Switch Configuration

The order in which your system selects a method of resolving hostnames to IP addresses is controlled by the Name Service Switch (NSS) configuration file /etc/nsswitch.conf. As mentioned in the previous section, typically static hostnames defined in the systems /etc/hosts file have precedence over names resolved from DNS. The following is an example of the line responsible for this order of hostname lookups in the file /etc/nsswitch.conf.

hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4

files first tries to resolve static hostnames located in /etc/hosts.
mdns4_minimal attempts to resolve the name using Multicast DNS.
[NOTFOUND=return] means that any response of notfound by the preceding mdns4_minimal process should be treated as authoritative and that the system should not try to continue hunting for an answer.
dns represents a legacy unicast DNS query.
mdns4 represents a Multicast DNS query.

To modify the order of the above mentioned name resolution methods, you can simply change the hosts: string to the value of your choosing. For example, if you prefer to use legacy Unicast DNS versus Multicast DNS, you can change the string in /etc/nsswitch.conf as shown below.

hosts:          files dns [NOTFOUND=return] mdns4_minimal mdns4

Bridging

Bridging multiple interfaces is a more advanced configuration, but is very useful in multiple scenarios. One scenario is setting up a bridge with multiple network interfaces, then using a firewall to filter traffic between two network segments. Another scenario is using bridge on a system with one interface to allow virtual machines direct access to the outside network. The following example covers the latter scenario.
Before configuring a bridge you will need to install the bridge-utils package. To install the package, in a terminal enter:

sudo apt install bridge-utils

Next, configure the bridge by editing /etc/network/interfaces:

auto lo
iface lo inet loopback

auto br0
iface br0 inet static
        address 192.168.0.10
        network 192.168.0.0
        netmask 255.255.255.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        bridge_ports eth0
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off

Enter the appropriate values for your physical interface and network.
Now bring up the bridge:

sudo ifup br0

The new bridge interface should now be up and running. The brctl provides useful information about the state of the bridge, controls which interfaces are part of the bridge, etc. See man brctl for more information.

Konfigurasi IP Address, DNS, dan NAT Pada Ubuntu Server 10.10

Antar muka dari Ubuntu Server 10.10 adalah text mode, tidak ada jendela, tidak ada klik, drag and drop, dan sebagainya yang biasa dilakukan pada mode GUI (Graphic User Interface), semua operasi pada Ubuntu Server dilakukan dengan mengetikkan secara manual perintah melalui papan ketik (keyboard). Sebenarnya Ubuntu Server 10.10 juga bisa dibuat dengan mode GUI, namun itu akan sangat memberatkan bagi server, karena harus melakukan instalasi mode GUI yang memakan banyak sumber daya, terutama Memory dan Hard Disk, selain itu juga, pada dasarnya tingkat keamanan dengan menggunakan mode CLI akan lebih baik ketimbang menggunakan mode GUI.
Artikel ini adalah lanjutan dari artikel saya yang berjudul Instalasi Ubuntu Server 10.10. Agar Ubuntu Server 10.10 bisa melakukan koneksi ke jaringan, baik itu jaringan lokal maupun internet, maka langkah awal yang dilakukan adalah melakukan konfigrasi alamat IP. Untuk mengkonfigurasi alamat IP langkah-langkahnya adalah sebagai berikut:

Masuklah menggunakan username dan password yang telah diatur pada langkah sebelumnya. Pada artikel ini userame yang saya gunakan adalah adamkurniawan dan password saya juga adamkurniawan. Untuk password tidak akan terlihat pada saat diketikkan karena alasan keamanan. Tekan tombol Enter jika sudah yakin memasukkan username dan password dengan benar.
Setelah berhasil masuk akan diperlihatkan kapan pengguna adamkurniawan terakhir login. Pada baris paling bawah terlihat tulisan adamkurniawan@server01:~$, ini berarti pengguna dengan id adamkurniawan masih berstatus sebagai pengguna biasa dan belum bisa melakukan pengaturan. Agar bisa melakukan pengaturan, pengguna harus masuk sebagai mode root atau mode tertinggi dalam sistem (administrator) dengan mengetikkan perintah sudo su, maka akan akan muncul tulisan [sudo] password for adamkurniawan: itu berarti sistem meminta password agar pengguna dengan id adamkurniawan bisa masuk sebagai mode root. Password yang digunakan untuk mode root ini adalah password yang sama yang digunakan untuk login pada awal tadi. Masukkan password-nya dan tekan Enter. Jika password yang dimasukkan benar, maka akan muncul tulisan root@server01:/home/adamkurniawan#, ini berarti pengguna dengan id adamkurniawan sudah masuk sebagai mode root dan sudah bisa melakukan konfigurasi.
Sebelum melakukan konfigurasi pada alamat IP, cek terlebih dahulu apa nama kartu jaringan (ethernet) yang tersedia yang bisa digunakan dengan mengetikkan: # ifconfig –a | more. Penamaan kartu jaringan pada sistem Linux diawali dengan eth lalu diikuti dengan nomor kartu jaringannya yang dimulai dengan 0, misal eth0, eth1, eth2, dan seterusnya. Karena pada artikel ini saya menggunakan dua buah kartu jaringan maka setelah diketikkan # ifonfig –a | more, didapati bahwa nama kartu jaringan yang saya miliki pada sistem linux dikenal dengan nama eth0 dan eth1.
ketikkan perintah # nano /etc/network/interfacesuntuk mulai melakukan konfigurasi alamat IP Ubuntu Server 10.10. Pada baris paling akhir ketikkan skrip berikut: auto eth0 iface eth0 inet static
address 192.168.6.200
netmask 255.255.255.0
gateway 192.168.6.254
Skrip diatas adalah skrip yang digunakan untuk melakukan pengaturan kartu jaringan pertama (eth0) yang akan dihubungkan ke internet. Alamat IP yang saya berikan harus satu segmen dengan jaringan yang ada di atas Ubuntu Server 10.10 yang saya gunakan dan gateway dari kartu jaringan pertama juga harus merupakan alamat IP dari perangkat yang bertindak sebagai gerbang dari Ubuntu Server 10.10 yang saya gunakan ke internet. Sedangkan untuk pengaturan kartu jaringan kedua yang akan digunakan sebagai interface ke jaringan lokal adalah sebagai berikut:
auto eth1
iface eth1 inet static
address 10.10.1.254
netmask 255.255.255.0
Jika telah selesai tekan tombol Ctrl + O untuk menyimpan konfigurasi yang telah dilakukan, berikan nama berkas konfigurasi yang baru saja dibuat, pada artikel ini saya tidak memberikan nama baru, jadi saya langsung saja menekan tombol Enter. Kemudia tekan tombol Ctrl + X untuk keluar. Restart kartu jaringan menggunakan perintah # /etc/init.d/networking restart agar konfigurasi yang baru saja dilakukan bisa terbaca oleh sistem.
Pada umumnya, jika kartu jaringan belum pernah dikonfigurasi menggunakan Ubuntu Server 10.10 atau Ubuntu Server 10.10 yang digunakan masih baru diinstal (fresh install), kartu jaringan yang tertanam di komputer sudah terbaca namun belum aktif. Untuk melihat apakah kartu jaringan sudah aktif atau belum, ketikkan perintah # ifconfig. Pada artikel ini, kartu jaringan yang saya gunakan belum aktif.
Untuk mengaktifkannya ketikkan perintah # ifconfig eth0 up (mengaktifkan kartu jaringan pertama) dan # ifconfig eth1 up (mengaktifkan kartu jaringan kedua). Setelah itu restart kembali kartu jaringan menggunaka # /etc/init.d/networking restart. Jika dilakukan pengecekan kembali menggunakan perintah # ifconfig, maka akan bisa dilihat bahwa kartu jaringan sudah aktif dan sudah memiliki alamat IP sesuai dengan yang sudah di konfigurasi.
Langkah selanjutnya adalah memberikan DNS (Domain Name System). DNS digunakan sebagai penerjemah dari nama domain ke alamat IP, dan sebaliknya, yaitu dari alamat IP ke nama domain. Jadi apabila pengguna mengetikkan google.com di web browser, maka itu berarti pengguna memanggil alamat IP dari google.com yaitu 74.125.71.103. Untuk mengatur DNS di Ubuntu Server 10.10 pengguna harus membuat sebuah berkas baru bernama resolv.conf yang diletakkan di direktori /etc dengan mengetikkan # touch /etc/resolv.conf, namun sebelumnya pengguna harus masuk ke dalam mode root. Setelah berhasil membuatnya, selanjutnya adalah mengisi berkas resolve.conf tersebut dengan alamat IP yang bisa menerjemahkan nama domain ke alamat IP dan sebaliknya, dengan cara mengetikkan perintah # nano /etc/resolv.conf. Kemudian ketikkan nameserver dan diikuti dengan alamat IPyang bisa digunakan sebagai DNS, pada artikel ini saya menggunakan 2 buah DNS, yaitu 192.168.4.254 yang merupakan alamat IP gateway Ubuntu Server 10.10 dan 8.8.8.8 yang merupakan alamat penyedia DNS yang dibuat oleh Google. Jadi penulisannya adalah sebagai berikut: nameserver 192.168.4.254
nameserver 8.8.8.8
Simpan dengan menekan Ctrl + O, tekan tombol Enter untuk replace nama yang lama dan tekan Ctrl + X untuk keluar. Lakukan kembali restart jaringan dengan mengetikkan # /etc/init.d/networking.
Tahap berikutnya adalah melakukan pengecekan apakah Ubuntu Server 10.10 sudah bisa melakukan koneksi ke internet dan apakah DNS sudah bekerja dengan baik. Cara melakukannya adalah dengan melakukan ping ke sebuah alamat domain. Pada artikel ini, saya melakukan pengecekan dengan melakukan ping ke domain yahoo.com. Perintah yang diketikkan adalah # ping yahoo.com. disini saya sudah mendapatkan balasan dari yahoo.com dan berarti Ubuntu Server 10.10 yang digunakan sebagai server sudah terkoneksi ke internet dengan baik, begitu juga dengan DNS-nya.
Selanjutnya, lakukan konfigurasi agar semua klien yang berada pada jaringan lokal bisa mengakses ke jaringan yang berada di jaringan luar (internet) atau melakukan NAT. Jika tidak dikonfigurasi maka paket-paket yang berasal dari kartu jaringan lokal (eth1) tidak akan bisa diteruskan ke kartu jaringan yang mengarah ke internet (eth0). Caranya adalah dengan mengetikkan perintah berikut ini: iptables –t nat –A POSTROUTING –o eth0 –j MASQUERADE, lalu tekan Enter. Jika ingin rule ini dijalankan pada saat komputer dinyalakan, maka ketikkanlah rule diatas pada file /etc/rc.local sebelum baris exit 0.

13 Linux Network Configuration and Troubleshooting Commands

by Ravi Saive | Published: September 24, 2012 | Last Updated: January 3, 2015

Download Your Free eBooks NOW - 10 Free Linux eBooks for Administrators | 4 Free Shell Scripting eBooks

Computers are connected in a network to exchange information or resources each other. Two or more computer connected through network media called computer network. There are number of network devices or media are involved to form computer network. Computer loaded with Linux Operating System can also be a part of network whether it is small or large network by its multitasking and multiuser natures. Maintaining of system and network up and running is a task of System / Network Administrator’s job. In this article we are going to review frequently used network configuration and troubleshoot commands in Linux.

Linux Network Configuration and Troubleshooting Commands

1. ifconfig

ifconfig (interface configurator) command is use to initialize an interface, assign IP Address to interface and enable or disable interface on demand. With this command you can view IP Address and Hardware / MAC address assign to interface and also MTU (Maximum transmission unit) size.

# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:28:FD:4C
inet addr:192.168.50.2  Bcast:192.168.50.255  Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe28:fd4c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:6093 errors:0 dropped:0 overruns:0 frame:0
TX packets:4824 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6125302 (5.8 MiB)  TX bytes:536966 (524.3 KiB)
Interrupt:18 Base address:0x2000
lo        Link encap:Local Loopback
inet addr:127.0.0.1  Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING  MTU:16436  Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:480 (480.0 b)  TX bytes:480 (480.0 b)

ifconfig with interface (eth0) command only shows specific interface details like IP Address, MAC Address etc. with -a options will display all available interface details if it is disable also.

# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:0C:29:28:FD:4C
inet addr:192.168.50.2  Bcast:192.168.50.255  Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe28:fd4c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:6119 errors:0 dropped:0 overruns:0 frame:0
TX packets:4841 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6127464 (5.8 MiB)  TX bytes:539648 (527.0 KiB)
Interrupt:18 Base address:0x2000

Assigning IP Address and Gateway

Assigning an IP Address and Gateway to interface on the fly. The setting will be removed in case of system reboot.

# ifconfig eth0 192.168.50.5 netmask 255.255.255.0

Enable or Disable Specific Interface

To enable or disable specific Interface, we use example command as follows.

Enable eth0

# ifup eth0

Disable eth0

# ifdown eth0

Setting MTU Size

By default MTU size is 1500. We can set required MTU size with below command. Replace XXXX with size.

# ifconfig eth0 mtu XXXX

Set Interface in Promiscuous mode

Network interface only received packets belongs to that particular NIC. If you put interface in promiscuous mode it will received all the packets. This is very useful to capture packets and analyze later. For this you may require superuser access.

# ifconfig eth0 - promisc

2. PING Command

PING (Packet INternet Groper) command is the best way to test connectivity between two nodes. Whether it is Local Area Network (LAN) or Wide Area Network (WAN). Ping use ICMP (Internet Control Message Protocol) to communicate to other devices. You can ping host name of ip address using below command.

# ping 4.2.2.2
PING 4.2.2.2 (4.2.2.2) 56(84) bytes of data.
64 bytes from 4.2.2.2: icmp_seq=1 ttl=44 time=203 ms
64 bytes from 4.2.2.2: icmp_seq=2 ttl=44 time=201 ms
64 bytes from 4.2.2.2: icmp_seq=3 ttl=44 time=201 ms
OR
# ping www.tecmint.com
PING tecmint.com (50.116.66.136) 56(84) bytes of data.
64 bytes from 50.116.66.136: icmp_seq=1 ttl=47 time=284 ms
64 bytes from 50.116.66.136: icmp_seq=2 ttl=47 time=287 ms
64 bytes from 50.116.66.136: icmp_seq=3 ttl=47 time=285 ms

In Linux ping command keep executing until you interrupt. Ping with -c option exit after N number of request (success or error respond).

# ping -c 5 www.tecmint.com
PING tecmint.com (50.116.66.136) 56(84) bytes of data.
64 bytes from 50.116.66.136: icmp_seq=1 ttl=47 time=285 ms
64 bytes from 50.116.66.136: icmp_seq=2 ttl=47 time=285 ms
64 bytes from 50.116.66.136: icmp_seq=3 ttl=47 time=285 ms
64 bytes from 50.116.66.136: icmp_seq=4 ttl=47 time=285 ms
64 bytes from 50.116.66.136: icmp_seq=5 ttl=47 time=285 ms
--- tecmint.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4295ms
rtt min/avg/max/mdev = 285.062/285.324/285.406/0.599 ms

3. TRACEROUTE Command

traceroute is a network troubleshooting utility which shows number of hops taken to reach destination also determine packets traveling path. Below we are tracing route to global DNS server IP Address and able to reach destination also shows path of that packet is traveling.

# traceroute 4.2.2.2
traceroute to 4.2.2.2 (4.2.2.2), 30 hops max, 60 byte packets
1  192.168.50.1 (192.168.50.1)  0.217 ms  0.624 ms  0.133 ms
2  227.18.106.27.mysipl.com (27.106.18.227)  2.343 ms  1.910 ms  1.799 ms
3  221-231-119-111.mysipl.com (111.119.231.221)  4.334 ms  4.001 ms  5.619 ms
4  10.0.0.5 (10.0.0.5)  5.386 ms  6.490 ms  6.224 ms
5  gi0-0-0.dgw1.bom2.pacific.net.in (203.123.129.25)  7.798 ms  7.614 ms  7.378 ms
6  115.113.165.49.static-mumbai.vsnl.net.in (115.113.165.49)  10.852 ms  5.389 ms  4.322 ms
7  ix-0-100.tcore1.MLV-Mumbai.as6453.net (180.87.38.5)  5.836 ms  5.590 ms  5.503 ms
8  if-9-5.tcore1.WYN-Marseille.as6453.net (80.231.217.17)  216.909 ms  198.864 ms  201.737 ms
9  if-2-2.tcore2.WYN-Marseille.as6453.net (80.231.217.2)  203.305 ms  203.141 ms  202.888 ms
10  if-5-2.tcore1.WV6-Madrid.as6453.net (80.231.200.6)  200.552 ms  202.463 ms  202.222 ms
11  if-8-2.tcore2.SV8-Highbridge.as6453.net (80.231.91.26)  205.446 ms  215.885 ms  202.867 ms
12  if-2-2.tcore1.SV8-Highbridge.as6453.net (80.231.139.2)  202.675 ms  201.540 ms  203.972 ms
13  if-6-2.tcore1.NJY-Newark.as6453.net (80.231.138.18)  203.732 ms  203.496 ms  202.951 ms
14  if-2-2.tcore2.NJY-Newark.as6453.net (66.198.70.2)  203.858 ms  203.373 ms  203.208 ms
15  66.198.111.26 (66.198.111.26)  201.093 ms 63.243.128.25 (63.243.128.25)  206.597 ms 66.198.111.26 (66.198.111.26)  204.178 ms
16  ae9.edge1.NewYork.Level3.net (4.68.62.185)  205.960 ms  205.740 ms  205.487 ms
17  vlan51.ebr1.NewYork2.Level3.net (4.69.138.222)  203.867 ms vlan52.ebr2.NewYork2.Level3.net (4.69.138.254)  202.850 ms vlan51.ebr1.NewYork2.Level3.net (4.69.138.222)  202.351 ms
18  ae-6-6.ebr2.NewYork1.Level3.net (4.69.141.21)  201.771 ms  201.185 ms  201.120 ms
19  ae-81-81.csw3.NewYork1.Level3.net (4.69.134.74)  202.407 ms  201.479 ms ae-92-92.csw4.NewYork1.Level3.net (4.69.148.46)  208.145 ms
20  ae-2-70.edge2.NewYork1.Level3.net (4.69.155.80)  200.572 ms ae-4-90.edge2.NewYork1.Level3.net (4.69.155.208)  200.402 ms ae-1-60.edge2.NewYork1.Level3.net (4.69.155.16)  203.573 ms
21  b.resolvers.Level3.net (4.2.2.2)  199.725 ms  199.190 ms  202.488 ms

4. NETSTAT Command

Netstat (Network Statistic) command display connection info, routing table information etc. To displays routing table information use option as -r.

# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.50.0    *               255.255.255.0   U         0 0          0 eth0
link-local      *               255.255.0.0     U         0 0          0 eth0
default         192.168.50.1    0.0.0.0         UG        0 0          0 eth0

For more examples of Netstat Command, please read our earlier article on 20 Netstat Command Examples in Linux.

5. DIG Command

Dig (domain information groper) query DNS related information like A Record, CNAME, MX Record etc. This command mainly use to troubleshoot DNS related query.

# dig www.tecmint.com; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 <<>> www.tecmint.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<

For more examples of Dig Command, please read the article on 10 Linux Dig Commands to Query DNS.

6. NSLOOKUP Command

nslookup command also use to find out DNS related query. The following examples shows A Record (IP Address) of tecmint.com.

# nslookup www.tecmint.com
Server:         4.2.2.2
Address:        4.2.2.2#53
Non-authoritative answer:
www.tecmint.com canonical name = tecmint.com.
Name:   tecmint.com
Address: 50.116.66.136

For more NSLOOKUP Command, read the article on 8 Linux Nslookup Command Examples.

7. ROUTE Command

route command also shows and manipulate ip routing table. To see default routing table in Linux, type the following command.

# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.50.0    *               255.255.255.0   U     0      0        0 eth0
link-local      *               255.255.0.0     U     1002   0        0 eth0
default         192.168.50.1    0.0.0.0         UG    0      0        0 eth0

Adding, deleting routes and default Gateway with following commands.

Route Adding

# route add -net 10.10.10.0/24 gw 192.168.0.1

Route Deleting

# route del -net 10.10.10.0/24 gw 192.168.0.1

Adding default Gateway

# route add default gw 192.168.0.1

8. HOST Command

host command to find name to IP or IP to name in IPv4 or IPv6 and also query DNS records.

# host www.google.com
www.google.com has address 173.194.38.180
www.google.com has address 173.194.38.176
www.google.com has address 173.194.38.177
www.google.com has address 173.194.38.178
www.google.com has address 173.194.38.179
www.google.com has IPv6 address 2404:6800:4003:802::1014

Using -t option we can find out DNS Resource Records like CNAME, NS, MX, SOA etc.

# host -t CNAME www.redhat.com
www.redhat.com is an alias for wildcard.redhat.com.edgekey.net.

9. ARP Command

ARP (Address Resolution Protocol) is useful to view / add the contents of the kernel’s ARP tables. To see default table use the command as.

# arp -e
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.50.1             ether   00:50:56:c0:00:08   C                     eth0

10. ETHTOOL Command

ethtool is a replacement of mii-tool. It is to view, setting speed and duplex of your Network Interface Card (NIC). You can set duplex permanently in /etc/sysconfig/network-scripts/ifcfg-eth0 with ETHTOOL_OPTS variable.

# ethtool eth0
Settings for eth0:
Current message level: 0x00000007 (7)
Link detected: yes

11. IWCONFIG Command

iwconfig command in Linux is use to configure a wireless network interface. You can see and set the basic Wi-Fi details like SSID channel and encryption. You can refer man page of iwconfig to know more.

# iwconfig [interface]

12. HOSTNAME Command

hostname is to identify in a network. Execute hostname command to see the hostname of your box. You can set hostname permanently in /etc/sysconfig/network. Need to reboot box once set a proper hostname.

# hostname 
tecmint.com

13. GUI tool system-config-network

Type system-config-network in command prompt to configure network setting and you will get nice Graphical User Interface (GUI) which may also use to configure IP Address, Gateway, DNS etc. as shown below image.

# system-config-network

WABIL KHUSUS BUAT UBUNTU

NetworkConfigurationCommandLine/Automatic

Contents

Introduction

You can configure a network interface from the command line. You can configure your network client hosts with the command line by using commands to change your current settings or by editing a number of system files. This has several advantages over network managers in the GUI.
This guide had been developed for Ubuntu and Debian, other distributions can use a similar setup, but be aware that file locations may differ.

Requirements

An editor. This guide will use vi, but you can replace it with any other editor of your liking, gedit, nano, gvim, pico, emacs..
Have a working internet connection during the installation. We need to install packages and those are fetched from the online repositories.
Backup any files we touch. Just easier to recover when you have a backup.
Read this guide in full before actually configuring your network.

Basics

Setting/changing the hostname

The hostname command allows you to directly query, or set, the hostname from the command line.
You can see your current hostname by running hostname. To set the hostname directly you can run hostname newname as root. If you do this however, make sure you change the /etc/hosts file first. This is needed because otherwise you will need to boot into single user mode and change your hostname in /etc/hosts. This is because sudo requires DNS lookups in certain cases and it cannot resolve your newly set hostname.. To circumvent this you need to add the new name to the hosts file prior to setting the hostname and remove it once that action has succeeded.

sudo vi /etc/hosts
127.0.1.1 ubuntu newname

Set the hostname to newname.

sudo hostname newname
# or
echo newname | sudo tee /etc/hostname

Now you can remove the old hostname

sudo vi /etc/hosts
127.0.1.1 newname

When your system boots it will automatically read the hostname from the file /etc/hostname. You can add hostname and IP addresses to the file /etc/hosts for static lookups.

Finding your network interface

When setting up your network you will need to know the network interface cards on your computer. The interface name of cards for different vendors may be different, which is why this step is needed.

ls /sys/class/net
# or
ip addr

This will list the interface names for all NICs on your computer. It will probably include eth0 (hardwired NIC), lo (loopback interface for the localhost), and something for your wireless card (like wifi0, or wlan0).

Disable network managers and/or wicd

Configuring your network via the CLI will likely interfere with Network Manager or wicd. To counter this, disable the startup script of either application or completely remove the packages. Be aware that the rest of this guide will require packages which need to be installed from the online repositories.

## Network manager
# Stop the current process
sudo /etc/init.d/NetworkManager stop
# Start: sudo /etc/init.d/NetworkManager start

# The inofficial way:
sudo chmod -x /etc/init.d/NetworkManager
# Reverse: sudo chmod +x /etc/init.d/NetworkManager
# The official way:
sudo update-rc.d -f NetworkManager remove
# Reverse: sudo update-rc.d -f NetworkManager defaults 50

# Or remove the network manager package.
sudo aptitude purge network-manager
# Reverse: sudo aptitude install network-manager

## wicd
# Stop the current process
sudo /etc/init.d/wicd stop
# Start: sudo /etc/init.d/wicd start

# The inofficial way:
sudo chmod -x /etc/init.d/wicd
# Reverse: sudo chmod +x /etc/init.d/wicd

# The official way:
sudo update-rc.d -f wicd remove
# Reverse: sudo update-rc.d -f wicd defaults 20

# Or remove the wicd package.
sudo aptitude purge network-manager
# Reverse: sudo aptitude install network-manager

Note: At some point Ubuntu started using upstart instead of the /sbin/init/ daemon. Thus if the first command above does not stop Network Manager, try this.

sudo stop network-manager

Configuring an interface

Word of wisdom

We will use eth0 in this example, your interface can be named differently, see Finding your network interface.

If you have disabled the either wicd or the network manager you probably don't have a network connection anymore. Connect via a regular UTP cable to your router, and assuming you have DHCP enabled do the following:

sudo ip link set dev eth0 down
sudo dhclient eth0

This will bring your eth0 up by using DHCP. Your network is now configured (for the time being).
If you don't have DHCP enabled configure your network by issueing the commands below, the gateway address is the IP address of your router. And your IP should be in the same range as the router is.

sudo ip addr add 192.168.1.14/24 dev eth0
sudo ip link set dev eth0 up
sudo ip route add default via 192.168.1.1

These commands configure your interface but these changes will not survive a reboot, since the information is not stored anyhwere. This is where the interfaces file comes in handy. To configure a interface permanently you'll need to edit the interfaces file, /etc/network/interfaces.

sudo vi /etc/network/interfaces
## To configure a dynamic IP address
auto eth0
iface eth0 inet dhcp

## Or configure a static IP
auto eth0
iface eth0 inet static
  address 192.168.1.14
  gateway 192.168.1.1
  netmask 255.255.255.0
  network 192.168.1.0
  broadcast 192.168.1.255

For these settings to take effect you need to restart your networking services.

sudo /etc/init.d/networking restart

Setting up a second IP address or Virtual IP address

If you need to set up a second ip address you need to edit the /etc/network/interfaces.

sudo vi /etc/network/interfaces
auto eth0:1
iface eth0:1 inet static
  address 192.168.1.24
  netmask 255.255.255.0
  network 192.168.1.1
  broadcast 192.168.1.255
  gateway 192.168.1.1

For these new settings to take effect you need to restart networking services using the following command

sudo /etc/init.d/networking restart

Howto set MTU for a connection

You can set the MTU for an interface, you could do this by using the mtu keyword in the interface file or by using the ip link command.

iface eth0 inet dhcp
  # via mtu keyword
  mtu 1492
  # Via ip link command
  pre-up /sbin/ip link set $IFACE mtu 1492

The above example sets the MTU for device eth0 to 1492, the usual MTU for a PPPoE ISP connection. This however is only needed if connections seem to hang otherwise (with the default of 1500).
This tip was found on http://glasnost.beeznest.org/articles/290.

Setting up DNS

To cause your machine to consult with a particular server for name lookups you simply add their addresses to /etc/resolv.conf.
For example a machine which should perform lookups from the DNS server at IP address 192.168.1.1 would have a resolv.conf file looking like this

sudo vi /etc/resolv.conf

enter the following details

search example.com
domain example.com
nameserver 192.168.1.1

Wireless

We will not use un-encrypted wireless connections, but will make use of WEP/WPA/WPA2. Deviations from security/encryption method is an exercise left for the user. We also assume the network SSID is being broadcast.
Enabling wireless networking on your PC is pretty straight forward. If your network card is supported out of the box, then there are very little issues. If your card is not supported out of the box, you may need to use ndiswrapper, which will require the Windows drivers fo your card.

ndiswrapper

* Install a Windows driver with ndiswrapper for Dapper or ndiswrapper for 8.04 and up

# Ubuntu 6.06 (Dapper) and earlier
sudo aptitude install ndiswrapper-utils
# Ubuntu 8.04 and up (Hardy/Intrepid/Jaunty/Karmic)
sudo aptitude install ndiswrapper-utils-1.9

# All versions
sudo ndiswrapper -i /path/to/windows/driver.inf
sudo ndiswrapper -m

More information about ndiswrapper

https://help.ubuntu.com/community/WifiDocs/Driver/Ndiswrapper

ndiswrapper --help
man ndiswrapper

Configure your wireless interface

In the examples I will use wlan0 as your wireless card, this could be different on your machine! I will do the examples with a dynamic IP address (DHCP), the same principles applies to staticly configured IP's.
Open the interfaces file

sudo vi /etc/network/interfaces
auto wlan0
iface wlan0 inet dhcp
pre-up  /etc/init.d/wpa.sh start
post-down /etc/init.d/wpa.sh stop

The pre-up command is run before the interface goes up. The post-down command is run after the interface goes down. There are also post-up and pre-down commands. E.g. You could use post-up to mount disks after an interface goes up. In this case we start wpa_supplicant before we enable the interface and we stop wpa_supplicant after we bring the interface down.

WPA supplicant

Before you start

Before proceeding any further, it might be worthwhile to check whether your Wi-Fi Card is supported. Please see the wpa_supplicant website for more details. This will save you lots of time and frustration.

Install wpa_supplicant

sudo aptitude install wpasupplicant

Creating the password

You probably have given your wireless network a name (the ESSID or SSID), in this example we will use ubuntuwifi for our wireless network, our password will be OpenSesame. The SSID and password needs to be configured on your wireless router, how to do that is up to the reader. If you have problems coming up with a password, please have a look here.
If you are using WEP encryption (which is not advised) you may skip this step.

$ wpa_passphrase ubuntuwifi OpenSesame
network={
        ssid="ubuntuwifi"
        #psk="OpenSesame"
        psk=24f87a7583001eb7cea2394bbdb04eb2d3641f0b907dd31bd286be628c1841f8
}

Adding your network

Open the /etc/wpa_supplicant file and define your network.

sudo vi /etc/wpa_supplicant.conf
#
#  Please see /usr/share/doc/wpasupplicant/wpa_supplicant.conf.gz
#  for more complete configuration parameters.
#
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=0

eapol_version=2
ap_scan=1
fast_reauth=1
country=NL

### Associate with any open access point
###  Scans/ESSID changes can be done with wpa_cli
network={
  ssid=""
  key_mgmt=NONE
  priority=1
}

# WEP
network={
  ssid="ubuntuwifi"
  scan_ssid=1
  key_mgmt=NONE
  wep_key0="OpenSesame"
  wep_key1="OpenOtherSesame"
  # Use the correct key..
  wep_tx_keyidx=0
  priority=5
}

# WPA/WPA2
network={
  ssid="ubuntuwifi"
  scan_ssid=1
  psk=24f87a7583001eb7cea2394bbdb04eb2d3641f0b907dd31bd286be628c1841f8
  priority=5
  ## The configuration items listed below do not need to be set, the defaults are
  ## pretty 'let us do it for you'.
  ## See /usr/share/doc/wpasupplicant/wpa_supplicant.conf.gz for more information.
  # key_mgmt=WPA-PSK
  # proto=WPA RSN
  # pairwise=CCMP TKIP
  # group=CCMP TKIP
}

Please beware, if you use WPA, remove the WEP section and vice versa.
The priority in this file determines to which network you will connect if more then 2 configured networks are available. This will always be the network with the highest priority.

WPA start script

Create the WPA startup script /etc/init.d/wpa.sh

sudo vi /etc/init.d/wpa.sh
#!/bin/bash
### BEGIN INIT INFO
# Provides:          wpa
# Required-Start:    $network $syslog $local_fs
# Required-Stop:     $network $syslog $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start/stop script for wpa supplicant
# Description:       Custom start/stop script for wpa_supplicant.
### END INIT INFO

SELF=`basename $0`
WPA=wpa_supplicant
PROGRAM=/sbin/${WPA}
CONF=/etc/${WPA}.conf
INTERFACE=wlan0
DRIVER=wext
DAEMONMODE="-B"
LOGFILE=/var/log/$WPA.log

function start() {

    # TODO: Support multiple interfaces and drivers
    OPTIONS="-c $CONF -i $INTERFACE -D $DRIVER $DAEMONMODE"

    ## You can remove this if you are running 8.10 and up.
    # Ubuntu 8.10 and up doesn't need the -w anymore..
    # And the logfile option is not valid on 8.04 and lower
    local ver=$(lsb_release -sr | sed -e 's/\.//g');
    [ $ver -lt 810 ] && OPTIONS="$OPTIONS -w" && LOGFILE=""
    ##

    # Log to a file
    [ -n "$LOGFILE" ] && OPTIONS="$OPTIONS -f $LOGFILE"

    echo " * Starting wpa supplicant"
    eval $PROGRAM $OPTIONS
}

function stop() {
    echo " * Stopping wpa supplicant"
    wpa_cli -i $INTERFACE terminate
    #pkill $PROGRAM ## alternative method 
}

function debug() {
    stop
    DAEMONMODE="-ddd"
    start
}

function restart() {
    stop
    start
}

function status() {
    pgrep -lf $PROGRAM
}

function usage() {
    echo "Usage: $SELF <start|stop|status|debug>"
    return 2
}

case $1 in
    start|stop|debug|restart|status) $1 ;;
    *) usage ;;
esac

Make the start script executable.

sudo chmod +x /etc/init.d/wpa.sh

You can now start WPA supplicant as a service or in debugging mode:

# Service
/etc/init.d/wpa.sh start
# Debugging
/etc/init.d/wpa.sh debug

Make sure the script gets run on boot and stopped at shutdown

sudo update-rc.d wpa.sh defaults

With wpa_cli you can make changes to your wpa_supplicant config file and reload these changes:

sudo wpa_cli

Enter help to see what you can do with wpa_cli. Some of the options are: reconfigure, disconnect, reconnect, reassociate. These options speak for themself.
For more information about wpa_supplicant, please have a look at their respective manpages:

man wpa_supplicant
man wpa_supplicant.conf
man wpa_cli
man wpa_gui # Only when you have installed the wpagui package
gzip -dc /usr/share/doc/wpasupplicant/wpa_supplicant.conf.gz | less

Now that you have setup everything, you can try to connect to your network by restarting networking

sudo /etc/init.d/networking restart

You could also reboot your machine if you prefer that.

Configure laptops for multiple locations

When you have a laptop you don't want to configure it to only be able to have a internet connection at only one location. You probably go to work and use a wired connection, you goto to coffeeshop and use the wifi hotspot overthere and at home you have another network configuration. That is exactly what we are going to configure now.

Guessnet, ifplugd and wpa_supplicant

Install guessnet and ifplugd

sudo aptitude install guessnet ifplugd

Configure ifplugd. Define which interfaces need to be hotplug and adjust the arguments. You should remove the -q.

sudo vi /etc/default/ifplugd
# Just an example
INTERFACES="eth0 wlan0"
#ARGS="-q -f -u0 -d10 -w -I"
ARGS="-f -u0 -d10 -w -I"
# Override ARGS for a particular interface
# This is for an Intel Corporation PRO/Wireless 3945ABG [Golan] Network Connection (rev 02)
ARGS_wlan0="-F -u0 -d10 -w -I"
SUSPEND_ACTION=stop

Some cards do not really play well with the defaults of Ubuntu, adjust where needed.

More information for ifplugd

See ifplugd for more information. And their respective man pages

man ifplugd
man ifplugd.conf

You will need the wpa.sh script mentioned earlier in this guide and you will need to make sure it will be started and stopped:

# Start wpa_supplicant at boot
sudo ln -s /etc/init.d/wpa.sh /etc/rc2.d/S19wpa
sudo ln -s /etc/init.d/wpa.sh /etc/rc3.d/S19wpa

# Kill wpa_supplicant at shutdown
sudo ln -s /etc/init.d/wpa.sh /etc/rc5.d/K21wpa
sudo ln -s /etc/init.d/wpa.sh /etc/rc6.d/K21wpa

Map your physical interfaces to logical interfaces

First, we are going to make a mapping for eth0 and wlan0 and said which mapped interface could be used for each physical interface:

mapping eth0
  # Tell ifupdown to use guessnet to determine which network we can use
  script guessnet-ifupdown
  # Default location
  map default: missing-cable
  # How verbose we are
  map verbose: false
  map debug: false
  # Our different networks, order decides which network is picked
  # if two or more networks are available at the same time.
  map officelan homelan aruba missing-cable

mapping wlan0
  script guessnet-ifupdown
  map default: missing-cable
  map verbose: false
  map debug: false
  map workwifi homewifi wifi-open missing-cable

Normally ifupdown configures the interfaces, but now we've told it to use guessnet to determine the network being used.

Define tests to select networks

As you will see with the officelan, homelan and aruba examples below we will execute tests to see wheter a peer is present based on the MAC address. The simplest solution for this is to check whether your gateway is present. You can find out the MAC address of your gateway by running the ip neigh command. You need to be connected with your network for this.

$ ip neigh
192.168.1.254 dev eth0 lladdr 00:24:17:47:xx:xx

This my default gateway, has IP address 192.168.1.254 and 00:24:17:47:xx:xx as a MAC address. This gives us the needed information to define the test.

  test peer address 192.168.1.254 mac 00:24:17:47:xx:xx source 192.168.1.14

You don't need to specify the source IP address, but in certain cases this is required. I always add it so I don't have to worry about it in case I do need it.
So let's define our fixed networks using the peer tests:

# Work
# Obfuscated some details about my work enviroment
iface officelan inet static
  # Test to see if our gateway is present with MAC address 00:00:xx:xx:xx:xx
  # from source address 194.134.x.x
  test peer address 194.134.x.x mac 00:00:xx:xx:xx:xx source 194.134.x.x
  address 194.134.x.x
  netmask 255.255.255.0
  gateway 194.134.x.x
  # Set our DNS, this is used by the resolvconf package
  dns-domain euronet.nl
  dns-search euronet.nl orange.nl wanadoo.nl online.nl euro.net
  dns-nameservers 194.134.5.5 194.134.0.97
  # (post|pre)-(up|down) actions, which are optional
  # Mount samba shares at work after we brought the interface up
  post-up /home/my_user/bin/mount_smb start
  # And disable to mounts before we shut the interface down
  pre-down /home/my_user/bin/mount_smb stop
  # Which interface has preference, eth0 or wlan0, this is needed if you
  # are connected via both interfaces.
  metric 1

# One happy island (very nice weather ;))
iface aruba inet dhcp
  test peer address 192.168.1.1 mac 00:08:5C:89:xx:xx source 192.168.1.4
  dns-domain opperschaap.net
  dns-search opperschaap.net euronet.nl wanadoo.nl online.nl euro.net

# Home
iface homelan inet static
  test peer address 192.168.1.254 mac 00:24:17:47:xx:xx source 192.168.1.14
  address 192.168.1.14
  netmask 255.255.255.0
  gateway 192.168.1.1
  dns-domain opperschaap.net
  dns-search opperschaap.net euronet.nl wanadoo.nl online.nl euro.net
  dns-nameservers 194.134.5.5 194.134.0.97
  # At home, wireless has precedence over our fixed network
  metric 2

For wireless networks you can also use the peer test, but there is a simpler way to see if you can connect to a wireless network. Test to see if the ESSID is present:

  test wireless essid ubuntuwifi
  # In case of spaces in the ESSID
  test wireless essid "ubuntu wifi"

Spaces in the ESSID: In older versions of guessnet you didn't need to use quotes around the ESSID, but later versions do require it.

# Wifi at work
iface workwifi inet dhcp
  # Use this if we can find Online Wireless network
  test wireless essid "Online Wireless"
  dns-domain euronet.nl
  dns-search euronet.nl orange.nl wanadoo.nl online.nl sf6800.euronet.nl euro.net
  dns-nameservers 194.134.5.5 194.134.0.97
  # This interface has a lesser precedence over eth0
  metric 2

# Wifi at home
iface homewifi inet static
  test wireless essid ubuntuwifi
  address 192.168.1.114
  netmask 255.255.255.0
  gateway 192.168.1.1
  dns-domain opperschaap.net
  dns-search opperschaap.net euronet.nl wanadoo.nl online.nl
  dns-nameservers 194.134.5.5 194.134.0.97
  # This interface is used in case we are both connected via wifi and
  # wired LAN
  metric 1

# Connect to any open network
iface wifi-open inet dhcp
  # Any ESSID is valid
  wireless-essid any
  # Is the wireless work open? Yes, then use this mapping
  test wireless open
  # Set the DNS
  dns-domain opperschaap.net
  dns-search opperschaap.net euronet.nl wanadoo.nl online.nl
  dns-nameservers 194.134.5.5 194.134.0.97

To see what kind of other test you can run to determine which network you are in, please have a look at the manpage of guessnet.

man guessnet

Use of metrics

Some of you might have noticed a metric statement for some of the interfaces. I do this because when you are connected via both wireless and wired networks, some things may go "bad" with the routing table. When you define a metric for these two interfaces you will tell the routing table which interface has preference over the other. The lowest metric has priority over the higher metric.
Or as I explained in a ubuntuforum post: The problem is that without the metric you will have 2 interfaces used for the same destinations. It will use either interface, which causes problems with the routing table.
By setting a metric you can avoid this, since the higher metric is more "expensive" to use. So the OS will use the interfaces with the lowest metric if it needs to route traffic. In case the lower metric interface is shutdown it will use the higher metric interface since it is the only interface which can be used to route traffic towards that particular network/destination.
See also http://en.wikipedia.org/wiki/Metrics_%28networking%29
The problem could also be solved by adding static routes, but that is used mostly to make sure specific networks/hosts are routed via a different interface then the default. You then force only those hosts to use link B even though normally the OS would use link A.

Result

When we put all the configuration segments together you will get a interfaces file which looks like this

auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0

mapping eth0
  script guessnet-ifupdown
  map default: missing-cable
  map verbose: false
  map debug: false
  map officelan homelan aruba missing-cable

mapping wlan0
  script guessnet-ifupdown
  map default: missing-cable
  map verbose: false
  map debug: false
  map workwifi homewifi wifi-open missing-cable

# Work
iface officelan inet static
  test peer address 194.134.x.x mac 00:00:xx:xx:xx:xx source 194.134.x.x
  address 194.134.x.x
  netmask 255.255.255.0
  gateway 194.134.x.x
  dns-domain euronet.nl
  dns-search euronet.nl orange.nl wanadoo.nl online.nl euro.net
  dns-nameservers 194.134.5.5 194.134.0.97
  post-up /home/my_user/bin/mount_smb start
  pre-down /home/my_user/bin/mount_smb stop
  metric 1

# One happy island (very nice weather ;))
iface aruba inet dhcp
  test peer address 192.168.1.1 mac 00:08:5C:89:xx:xx source 192.168.1.4
  dns-domain opperschaap.net
  dns-search opperschaap.net euronet.nl wanadoo.nl online.nl euro.net

# Home
iface homelan inet static
  test peer address 192.168.1.254 mac 00:24:17:47:xx:xx source 192.168.1.14
  address 192.168.1.14
  netmask 255.255.255.0
  gateway 192.168.1.1
  dns-domain opperschaap.net
  dns-search opperschaap.net euronet.nl wanadoo.nl online.nl euro.net
  dns-nameservers 194.134.5.5 194.134.0.97
  metric 2

# Wifi at work
iface workwifi inet dhcp
  # Use this if we can find Online Wireless network
  test wireless essid "Online Wireless"
  dns-domain euronet.nl
  dns-search euronet.nl orange.nl wanadoo.nl online.nl sf6800.euronet.nl euro.net
  dns-nameservers 194.134.5.5 194.134.0.97
  # This interface has a lesser precedence over eth0
  metric 2

# Wifi at home
iface homewifi inet static
  test wireless essid ubuntuwifi
  address 192.168.1.114
  netmask 255.255.255.0
  gateway 192.168.1.1
  dns-domain opperschaap.net
  dns-search opperschaap.net euronet.nl wanadoo.nl online.nl
  dns-nameservers 194.134.5.5 194.134.0.97
  # This interface is used in case we are both connected via wifi and
  # wired LAN
  metric 1

# Connect to any open network
iface wifi-open inet dhcp
  # Any ESSID is valid
  wireless-essid any
  # Is the wireless work open? Yes, then use this mapping
  test wireless open
  # Set the DNS
  dns-domain opperschaap.net
  dns-search opperschaap.net euronet.nl wanadoo.nl online.nl
  dns-nameservers 194.134.5.5 194.134.0.97

You can now test if it all works like intended.

/etc/init.d/networking stop
/etc/init.d/wpa.sh stop
/etc/init.d/ifplugd stop

If you enter ip addr you will only see the lo interface being active.

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000

And start all the required daemons:

/etc/init.d/ifplugd start
/etc/init.d/wpa.sh start
/etc/init.d/networking start

And now you will see your interfaces configured properly

$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

Done.

Bonus script

This script will be a stop/start script for your complete network, which can be used when you want to enable networking after you have suspended your laptop or for other reasons

INT="eth0 wlan0"

stop() {
    /etc/init.d/networking stop
    /etc/init.d/wpa.sh stop
    /etc/init.d/ifplugd stop
    for i in $INT ; do
        ip link set dev "$i" down &>/dev/null
    done

}

start() {
    /etc/init.d/ifplugd start
    /etc/init.d/wpa.sh start
    /etc/init.d/networking start
}

restart() {
    stop
    sleep 5
    start
}

$1

Kenapa IP Address Localhost itu 127.0.0.1? Apa Maksudnya?

Hallo coder, kamu mungkin pernah mendengar 127.0.0.1? Atau mungkin Kamu juga mengetahui bahwa 127.0.0.1 itu menunjuk localhost. Tapi, mengapa yaa ipAddress localhost itu menggunakan nomor 127.0.0.1? Mengapa bukan sesuatu yang lain?
Apakah pembaca CodePolitan ada yang sudah mengetahui alasannya? Sebelum menjawab pertanyaan di atas penulis akan memberitahumu bagaimana ip address tersebut bekerja. Ip address digunakan untuk membentuk koneksi dalam komputer yang sama yang digunakan oleh end-user.

Bagaimana 127.0.0.1 bekerja? mengapa menggunakan 127.0.0.1?

Sering kali developer menggunakan 127.0.0.1 untuk mengetes aplikasi yang mereka buat. Ketika kamu mencoba untuk membentuk sebuah jaringan koneksi ke 127.0.0.1 loopback address, itu bekerja dengan cara yang sama seperti koneksi dengan device apapun secara jarak jauh. Namun, koneksi tersebut tidak menggunakan koneksi ke local hardware network interface seperti hardware wireless.
Tetapi, kenapa ip localhost dimulai dengan angka 127? Jawabannya adalah karena 127 merupakan nomor jaringan terakhir yang berada pada jaringan kelas A. Jaringan kelas A tersebut memiliki subnet mask yaitu 255.0.0.0. Jadi address yang pertama di subnet adalah 127.0.0.1.
Bagaimanapun, jika kamu menggunakan nomor manapun dalam porsi host, hal tersebut tetap berkerja dengan baik dan kembali pada 127.0.0.1. Jadi kamu bisa saja ping 127.1.0.1 jika kamu suka.
Kamu mungkin akan bertanya kenapa nomor jaringan terakhir 127 ini dipilih dalam penggunaan ip localhost? Pertama kali 127 disebut sebagai loopback dijelaskan pada November 1986 RFC 990 dan pada tahun 1981, 0 dan 127 merupakan nomor yang tertera pada jaringan kelas A.

The class A network number 127 is assigned the “loopback” function, that is, a datagram sent by a higher level protocol to a network 127 address should loop back inside the host. No datagram “sent” to a network 127 address should ever appear on any network anywhere.

Angka 0 sudah digunakan sebagai penunjuk spesifik host, angka 127 di sisakan untuk loopback. Beberapa mungkin akan menyebutkan akan lebih masuk akal jika yang dipilih adalah 1.0.0.0 untuk loopback, namun sayangnya angka tersebut sudah digunakan untuk BBC Packet Radio Network.

http://www.bluespedia.xyz/2016/01/fungsi-dari-mangle-di-mikrotik.html