No Exp : 01 Mata Pel : Diagnosa WAN “Dedicated Router”
Kelompok 6 Kelas : 3 TKJ B Inst : Bpk. Rudi H
Jurusan : TKJ Ibu Netty
Anggota Kelompok :
Aziz Noor Sapto Ramdhani (04) Faishal Arif Utomo (09) Ghulam Fakih (14) Hutami Widyastuti (16)
1. Tujuan Agar siswa dapat mengerti pengertian, fungsi, dan penggunaan dari Dedicated router Agar siswa dapat mengelompokan sendiri mana router yang dapat di gunakan untuk Core Layer, Distributte Layer, dan Access Layer. Agar siswa dapat mengkonfigurasi router tersebut. 2. Pendahuluan Router adalah sebuah alat jaringan komputer yang mengirimkan paket data melalui sebuah jaringan atau Internet menuju tujuannya, melalui sebuah proses yang dikenal sebagai routing. Proses routing terjadi pada lapisan 3 (Lapisan jaringan seperti Internet Protocol) dari stack protokol tujuh-lapis OSI. Sementara itu fungsi sedeerhana dari sebuah router adalah sebagai penghubung antar dua atau lebih jaringan untuk meneruskan data dari satu jaringan ke jaringan lainnya. Router berbeda dengan switch. Switch merupakan penghubung beberapa alat untuk membentuk suatu Local Area Network (LAN). Setelah kita mengetahui tentang pengertian dan fungsi dari router itu sendiri, sekarang kita memasuki pada pokok pembahasan yaiteu tentang Dedicated Router. Dedicated router adalah perangkat router yang dibuat dengan desain dan fungsi router oleh vendor. Contoh: Cisco Router.
1
Hierarki Picture 1. Core Layer Menurut sumber yang telah saya baca dan terjemahkan jadi lapisan ini dianggap sebagai tulang punggung jaringan dan termasuk high-end switch dan kabel berkecepatan tinggi seperti fiber optic dan lapisan inti bertanggung jawab untuk cepat dan transportasi data dapat diandalkan di seluruh jaringan. Pada core layer keefektivitasan adalah kuncinya. Sistem yang lebih sedikit dan lebih cepat menciptakan backbone yang lebih efisien. Ada beberapa peralatan yang tersedian dalam layer ini. Contoh peralatan core layer Cisco meliputi:
Cisco switches seperti 7000, 7200, 7500, and 12000 (dipakai dalam WAN) Catalyst switches seperti 6000, 5000, dan 4000 (dipakain dalam LAN) T-1 and E-1 lines, Frame relay connections, jaringan ATM, Switched Multimegabit Data Service (SMDS)
Provides up to twice the performance compared to the Cisco 7301—up to two million packets per second (mpps) in Cisco Express Forwarding (CEF) Offers four built-in Gigabit Ethernet (GE) ports Provides one dedicated 10/100-Mbps copper Ethernet port for management Provides one USB port for general storage and security token storage Provides a single Cisco 7000 Series port adapter slot Offers front-to-back airflow and single-sided management
2
2. Distribution Layer Lapisan ini mencakup LAN berbasis router dan layer 3 switch. Lapisan ini memastikan bahwa paket yang benar diarahkan antara subnet dan VLAN di perusahaan anda. Lapisan ini juga disebut lapisan Workgroup .Lapisan ini bertanggung jawab atas routing. Juga menyediakan konektivitas jaringan berbasis pada kebijakan, termasuk:
Packet filtering (firewalling) QoS Access Layer Aggregation Point Control Broadcast and Multicast Application Gateways
Lapisan ini juga melakukan antrian dan menyediakan manipulasi paket data dari lalu lintas jaringan. Hal ini di lapisan di mana kita mulai melakukan kontrol atas transmisi jaringan, termasuk apa yang masuk dan apa yang keluar dari jaringan. Kita juga akan membatasi dan menciptakan broadcast domain, menciptakan virtual LAN, jika perlu, dan melakukan berbagai tugas pengelolaan, termasuk mendapatkan ringkasan rute. Dalam ringkasan rute, kita menggabungkan lalu lintas dari subnet banyak ke dalam koneksi jaringan inti. Dalam router Cisco, perintah untuk mendapatkan ringkasan routing adalah: show ip route summary (menunjukkan ringkasan ip route) Contoh peralatan pada layer ini Cisco-spesifik lapisan termasuk 2600,4000, 4500 router series, Cisco Catalyst 6500 Series Switches Supports all Cisco Catalyst 6500 Series modules, including:Supervisor enginesFast Ethernet modules (with IEEE 802.3af Power over Ethernet [PoE])Gigabit Ethernet modules (with IEEE 802.3af PoE)10 Gigabit Ethernet modulesFlex WAN modulesShared Port Adaptors/SPA Interface ProcessorsMulti-Gigabit services modules (content services ,firewall, intrusion detection, IP Security [IPSec], VPN, network analysis, and Secure Sockets Layer [SSL] acceleration).
3
3. Access Layer
Lapisan ini meliputi hub dan switch. Lapisan ini juga disebut lapisan desktop karena berfokus pada node klien yang terhubung, seperti workstation ke jaringan. Lapisan ini memastikan bahwa paket yang dikirim ke komputer pengguna akhir. Access layer berisi perangkat yang memungkinkan kelompok kerja dan pengguna untuk menggunakan layanan yang diberikan oleh distribution layer dan core latyer. Pada access layer, kita memiliki kemampuan untuk memperluas atau collision domain kontrak menggunakan repeater, hub, atau switch standar. Berkenaan dengan lapisan ini, switch bukan sebuah perangkat bertenaga tinggi, seperti yang ditemukan di core layer.
Beberapa perangkat yang termasuk Access Layer :
Cisco 3900 Series Integrated Services Routers Cisco 2900 Series Integrated Services Routers Cisco 1900 Series Integrated Services Routers Cisco 800 Series Routers Linksys by Cisco WRT54GL SoHo Router
3. Alat dan Bahan
Seperangkat PC (OS Windows XP/7) Software Simulator Packet Tracer Microsoft Office Visio Modul tentang Dedicated Router
4. Soal Pembelajaran a) Identifikasi Dedicated Router. b) Kelompokan Dedicated Router tersebut apakah digunakan untuk Core Layer, Distributte Layer, atau Access Layer. c) Tentukan penempatan perangkat sesuai spesifikasi dan seri. d) Buat topologi yang terdapat router tersebut. e) Lakukan konfigurasi pada router tersebut.
4
5. Langkah Kerja a) Cari sebanyak-banyaknya jenis dan tipe-tipe dari dedicated router. b) Kelompokan router yang telah kita dapatkan apakah digunakan untuk Core Layer, Distributte Layer, atau Access Layer. c) Simpan hasil analisis kita didalam tabel seperti tampak dibawah ini. No 1
Layer Core Layer
Dedicated Router Cisco rotuer 7201
Spesifikasi Provides up to twice the performance compared to the Cisco 7301—up to two million packets per second (mpps) in Cisco Express Forwarding (CEF) Offers four built-in Gigabit Ethernet (GE) ports Provides one dedicated 10/100-Mbps copper Ethernet port for management Provides one USB port for general storage and security token storage Provides a single Cisco 7000 Series port adapter slot Offers front-to-back airflow and single-sided management
Cisco 890 Series
High performance for secure broadband and Metro Ethernet access with concurrent services for enterprise small branch offices • Integrated secure 802.11a/g/n access point (optional) based on the draft 802.11n standard; dual-band radios for mobility and support for autonomous or Cisco Unified WLAN architectures • Enhanced security including: - Firewall with advance application
5
and control for email, instant messaging (IM), and HTTP traffic - Site-to-site remote-access and dynamic VPN services: IP Security (IPsec) VPNs (Triple Data Encryption Standard [3DES] or Advanced Encryption Standard [AES]), Dynamic Multipoint VPN [DMVPN], Group Encrypted Transport VPN [GET VPN] with onboard acceleration, and Secure Sockets Layer [SSL] VPN - Intrusion prevention system (IPS): An inline, deep-packet-inspection feature that mitigates a wide range of network attacks - Content filtering: A subscriptionbased integrated security solution that offers categorybased reputation rating, keyword blocking, and protection against adware, malware, spyware, and URL blocking
6
• An 8-port 10/100 Fast Ethernet managed switch with VLAN support and 4-port support for Power over Ethernet (PoE) (optional) to power IP phones or external access points • Metro Ethernet features include: - One 1000 BASE-T Gigabit Ethernet WAN port - One 10/100 BASE-T Fast Ethernet WAN port - Intelligent hierarchical quality of service (HQoS): Supports hierarchical queuing and shaping - Connectivity Fault Management (CFM), based on 802.1ag - 802.3ah standard based Link operational administration and maintenance (OAM) - Ethernet Local Management Interface (E-LMI) for the Customer Edge • Two USB 2.0 ports for security
7
eToken credentials, booting, and loading configuration from USB
Cisco 1900 Series
Embedded hardware-accelerated
Integrated Services Routers
VPN encryption • Secure collaborative communications with Group Encrypted Transport VPN, Dynamic Multipoint VPN, or Enhanced Easy VPN • Integrated threat control using Cisco IOS Firewall, Cisco IOS Zone-Based Firewall, Cisco IOS IPS, and Cisco IOS Content Filtering • Identity management that uses authentication, authorization, and accounting (AAA), and public key infrastructure • 2 Integrated 10/100/1000 Ethernet ports • 2 enhanced High-Speed WAN Interface Card slots that can host 2 single wide or 1 double wide and 1 single wide (e)HWIC
8
• Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco
Cisco 1800 Series
Enhanced PoE • Secure, concurrent services for
(Fixed-configuration)
broadband access with WAN high availability • Manageability and reliability of Cisco IOS Software Business-class Security • Stateful firewall with URL filtering • VPN 3DES encryption and Advanced Encryption Standard (AES) encryption • Dynamic Multipoint VPN (DMVPN) • Intrusion Prevention System (IPS) Fixed Configuration • Secure broadband access at broadband performance • Integrated ISDN Basic Rate S/T Interface (BRI), analog modem, or Ethernet backup port for redundant WAN links and load balancing
9
• Secure wireless LAN option for simultaneous 802.11a and 802.11b/g with use of multiple antennas • 8-port 10/100 managed switch with 802.1q VLAN support and optional
Cisco 7304 Series
Power over Ethernet (PoE) • High-performance connectivity up to OC-48 speeds • Built-in GbE for high-performance LAN connectivity • Hardware-accelerated services with Parallel Express Forwarding • Optional redundant processor and power supplies for high availability in a single box solution • Multiprotocol support Business-class Security VPN • Hardware-accelerated Access Control Lists • Stateful inspection firewall Modularity • More than 20 network line cards • Chassis supports up to 4 line cards
10
or port adapters • Built in GbE ports on processor • Support for Cisco port adapters • Manageability and reliability of
2
Distributed Layer
Cisco 860 Series
Cisco IOS Software • Concurrent broadband services for small offices, and remote sites • Secure connectivity with Stateful Inspection Firewall and IP Security (IPsec) VPN support for small offices • Security features including: - Stateful Inspection Firewall - IP Security (IPsec) VPNs (Triple Data Encryption Standard [3DES] or Advanced Encryption Standard [AES]) • 4-port 10/100 Fast Ethernet managed switch with VLAN support • CON/AUX Port for console or external modem • Secure 802.11g/n access point option based on IEEE802.11n draft 2.0 standard
11
• Easy setup, deployment, and remote management capabilities through Web-based tools and Cisco IOS®
Cisco 2800 Series
Software • 2 integrated 10/100/1000 Ethernet ports • 2 enhanced High-Speed WAN Interface Card slots that can host 2 single wide or 1 double wide and 1 single wide (e)HWIC • 1 Internal Services Module slot • Fully integrated power distribution to modules supporting 802.3af Power over Ethernet (PoE) and Cisco Enhanced PoE Secure Networking • Hardware-based VPN acceleration on motherboard • Antivirus Defense • Intrusion Prevention System (IPS) IP Communications and IP Telephony Support • IP Communications Express
12
(CCME/SRST/CUE) • Enhanced Modularity (EVM and PVDM2 support) Integrated Switching • Up to 64 powered 10/100 switch ports • 802.3af Power over Ethernet
Cisco Catalyst 6500 Series Switches
ASR 1000 Series Aggregation Services Routers
compliance Supports all Cisco Catalyst 6500 Series modules, including:Supervisor enginesFast Ethernet modules (with IEEE 802.3af Power over Ethernet [PoE])Gigabit Ethernet modules (with IEEE 802.3af PoE)10 Gigabit Ethernet modulesFlex WAN modulesShared Port Adaptors/SPA Interface ProcessorsMulti-Gigabit services modules (content services ,firewall, intrusion detection, IP Security [IPSec], VPN, network analysis, and Secure Sockets Layer [SSL] acceleration). Industry-leading performance, service capabilities, reliability, and efficiencies in a compact form factor Ideal for enterprises for private WAN, Internet edge, WAN aggregation deployments, and also as a high-end managed customer premises equipment (CPE) Highly secure, high-performance "instant-on" services including multi-gigabit VPN, encryption, firewall, application intelligence, and broadband services Extends network as a platform for cloud computing to help conserve resources and optimize performance Enhances operating efficiencies by using its compact form factor to reduce power consumption, space, and sparing requirements Offers software redundancy on non-redundant hardware with ASR 1002 and ASR 1004 routers Offers highly scalable, hardware redundancy and 40 Gbps
13
services and interface processors in the ASR 1006 and ASR 1013 routers
Catalyst 6500 Series Switches
Cisco's flagship switching solution offering industry-leading services and performance along with comprehensive feature sets for core, distribution, wiring closet, data center, enterprise WAN routing, and Metro Ethernet deployments Delivers maximum network uptime and provides comprehensive, integrated network security Provides up to 400-mpps performance with distributed forwarding architecture
3
Access Layer
Cisco 800 Series Integrated Services Router
Provides secure WAN connectivity with desktop form factor Ideal for telecommuters and small offices Wire-speed performance with secure data services for xDSL, cable, and Ethernet WAN environments
Cisco ME 3600X Series
Factory-selectable 802.11n access point, 3G WAN, and Survivable Remote Site Telephony (SRST) options Facilitates access deployments that require the flexibility of a "pay-as-you-grow" service model Simplifies field upgrades from 1 Gigabit Ethernet to 10 Gigabit Ethernet Efficiently extends MPLS to the access layer
Cisco 3900 Series Integrated Services Router
Delivers premium services with hierarchical quality of service, large buffers, and a large number of queues Delivers scalable rich-media services including TelePresence, highest density of service virtualization, and lowest TCO with energy efficiency Ideal for high-end deployments requiring business continuity, WAN flexibility, superior collaboration capabilities, and investment protection Field-upgradeable motherboard, circuit-speed WAN performance up to 350 Mbps with services such as security, mobility, WAN optimization, unified communications, video,
14
and customized applications
Cisco 1900 Series Integrated Services Router
Entry-level secure WAN deployments, offers service virtualization, and low TCO Ideal for small offices requiring modular flexibility for highly secure mobility and customizable applications Circuit-speed performance up to 25 Mbps with concurrent services
Cisco 1800 Series
Factory-selectable 802.11n access point and double-wide HWIC support; desktop form factor • Wire-speed performance with
(Modular)
secure data services enabled at up to T1/E1/xDSL rates • Increased services density for secure data services • Support for next-generation High-speed WAN Interface Cards • Increased flexibility through support of internal AIM slot for high-speed VPN and future applications • Built-in dual Fast Ethernet ports • Support for over 30 existing and new modules Secure Networking • Hardware-based VPN acceleration
15
on motherboard d) Buat topologi seperti gambar di bawah ini.
Konfigurasi IP PC0 IP Address
: 1.1.1.2/24
Gateway
: 1.1.1.1
PC5 IP Address
: 7.7.7.2/24
Gateway
: 7.7.7.1
16
Konfigurasi Access Router 1 Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface FastEthernet0/1 Router(config-if)#ip address 1.1.1.1 255.0.0.0 Router(config-if)#ip address 1.1.1.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/0 Router(config-if)#ip address 2.2.2.1 255.0.0.0 Router(config-if)#ip address 2.2.2.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/0 Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/1 Router(config-if)#exit Router(config)#ip route 3.3.3.0 255.255.255.0 2.2.2.2 Router(config)#ip route 4.4.4.0 255.255.255.0 2.2.2.2 Router(config)#ip route 5.5.5.0 255.255.255.0 2.2.2.2 Router(config)#ip route 6.6.6.0 255.255.255.0 2.2.2.2 Router(config)#ip route 7.7.7.0 255.255.255.0 2.2.2.2
Konfigurasi Distributed Router 1 Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface FastEthernet0/1 Router(config-if)#ip address 2.2.2.2 255.0.0.0 Router(config-if)#ip address 2.2.2.2 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/0 Router(config-if)#ip address 3.3.3.1 255.0.0.0 Router(config-if)#ip address 3.3.3.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#ip route 1.1.1.0 255.255.255.0 2.2.2.1 Router(config)#ip route 4.4.4.0 255.255.255.0 3.3.3.2 Router(config)#ip route 5.5.5.0 255.255.255.0 3.3.3.2 Router(config)#ip route 6.6.6.0 255.255.255.0 3.3.3.2 Router(config)#ip route 7.7.7.0 255.255.255.0 3.3.3.2
17
Konfigurasi Core Router 1 Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface FastEthernet0/0 Router(config-if)#ip address 3.3.3.2 255.0.0.0 Router(config-if)#ip address 3.3.3.2 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/1 Router(config-if)#ip address 4.4.4.1 255.0.0.0 Router(config-if)#ip address 4.4.4.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#ip route 1.1.1.0 255.255.255.0 3.3.3.1 Router(config)#ip route 2.2.2.0 255.255.255.0 3.3.3.1 Router(config)#ip route 5.5.5.0 255.255.255.0 4.4.4.2 Router(config)#ip route 6.6.6.0 255.255.255.0 4.4.4.2 Router(config)#ip route 7.7.7.0 255.255.255.0 4.4.4.2
Konfigurasi Core Router 2 Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface FastEthernet0/1 Router(config-if)#ip address 4.4.4.2 255.0.0.0 Router(config-if)#ip address 4.4.4.2 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/0 Router(config-if)#ip address 5.5.5.1 255.0.0.0 Router(config-if)#ip address 5.5.5.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#ip route 1.1.1.0 255.255.255.0 4.4.4.1 Router(config)#ip route 2.2.2.0 255.255.255.0 4.4.4.1 Router(config)#ip route 3.3.3.0 255.255.255.0 4.4.4.1 Router(config)#ip route 6.6.6.0 255.255.255.0 5.5.5.2 Router(config)#ip route 7.7.7.0 255.255.255.0 5.5.5.2
18
Konfigurasi Distributed Router 4 Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface FastEthernet0/0 Router(config-if)#ip address 5.5.5.2 255.0.0.0 Router(config-if)#ip address 5.5.5.2 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/1 Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/0 Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/1 Router(config-if)#ip address 6.6.6.1 255.0.0.0 Router(config-if)#ip address 6.6.6.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)#exit Router(config)#ip route 1.1.1.0 255.255.255.0 5.5.5.1 Router(config)#ip route 2.2.2.0 255.255.255.0 5.5.5.1 Router(config)#ip route 3.3.3.0 255.255.255.0 5.5.5.1 Router(config)#ip route 4.4.4.0 255.255.255.0 5.5.5.1 Router(config)#ip route 7.7.7.0 255.255.255.0 6.6.6.2
Konfigurasi Access Router 6 Router>enable Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface FastEthernet0/0 Router(config-if)#ip address 6.6.6.2 255.0.0.0 Router(config-if)#ip address 6.6.6.2 255.255.255.0 Router(config-if)#no shutdown Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/1 Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/0 Router(config-if)# Router(config-if)#exit Router(config)#interface FastEthernet0/1 Router(config-if)#ip address 7.7.7.1 255.0.0.0 Router(config-if)#ip address 7.7.7.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)#exit Router(config)#ip route 1.1.1.0 255.255.255.0 6.6.6.1 Router(config)#ip route 2.2.2.0 255.255.255.0 6.6.6.1 Router(config)#ip route 3.3.3.0 255.255.255.0 6.6.6.1 Router(config)#ip route 4.4.4.0 255.255.255.0 6.6.6.1 Router(config)#ip route 5.5.5.0 255.255.255.0 6.6.6.1
19
6. Hasil Percobaan Uji Koneksi ke Gateway PC
Uji Koneksi ke Gateway Pusat 1
Uji Koneksi ke Gateway Pusat 2
Uji Koneksi ke PC 5
20
Trace Route Ke Gateway Pusat
Trace Route Ke PC 5
7. Kesimpulan Dedicated Router merupakan Router yang dirancang oleh vendor masing – masing dan memiliki fungsi pula yang telah ditentukan oleh vendor. Dengan dedicated ini juga kita dapat menghubungkan beberapa network.
21
