Pra KBM: PPP (CHAP dan PAP), Frame Relay

Prakbm Ppp, Frame Relay

Pra KBM: Dedicated Router

Tanggal:15-1-2011	PRA KBM: DEDICATED ROUTER	Nama: Fajar Aris Viandi
Mata Pelajaran: Diagnosa WAN		Kelas: 3 TKJ A
SMKN 1 Cimahi		Instruktur: B.Netty & P.Rudi

Router adalah perangkat jaringan yang menghubungkan antara dua atau lebih jaringan secara logika untuk meneruskan data dari satu jaringan ke jaringan lainnya. melalui sebuah proses yang dikenal sebagai routing. Proses routing terjadi pada lapisan 3 (Lapisan jaringan seperti Internet Protocol) dari stack protokol tujuh-lapis OSI.

PC Router adalah PC namun difungsikan sebagai router.

Dedicated router adalah router yang fungsi dan modelnya sudah ditentukan oleh vendornya. kita dapat mengkonfigurasi router itu tergantung dengan konfigurasi yg telah disediakan dari vendor dan kita tidak dapat mengubah port pada router apabila dari vendor tidak diperbolehkan.

Vendor yang biasa memproduksi dedicated router diantaranya Cisco, BayNetworks, 3Com dan lain-lain. Namun, dari sekian banyak vendor yang ada, Vendor Dedicated Router yang paling popular adalah Cisco.

Alasan mengapa orang ataupun lembaga/perusahaan menggunakan dedicated router adalah sebagai berikut :

1.                  Stabilitas, karena lebih spesifik melakukan tugas sebagai router dari pada sebuah PC yang melakukan tugas sebagai router.

2.                  Memiliki banyak alternatif koneksi.

3.                  Keamanan karena mendukung pemfilteran paket data.

4.                  Kemudahan, karena dioperasikan menggunakan Internetwork OperatingSystem(IOS).

5.                  Praktis dan fleksibel dalam penempatan.

 Namun Dedicated router juga memiliki kekurangan, yaitu:

1.      Harganya relative lebih mahal

2.    Untuk yang Non modular router Port dan interfacenya sudah ditentukan, jadi kita tidak dapat menambahnya.

Dedicated Router ada 2 macam, yaitu:


1) Modular Router
2) Non Modular Router


Perbedaanya:


"In modular router the interfaces are not fixed so that we wilkl be able to installed cards latter on this router. But in case of non modular router the interfaces are fixed, we cannot able to add ports/interfaces latter on."

Artinya:
Pada Modular router, kita dapat menambah atau mengurangi interface pada router sewaktu-waktu. tetapi pada Non modular router, interfacenya tidak dapat ditambah/dikurangi karena sudah ditetapkan oleh vendor.


Contoh Modular Router:

Cisco 1721 Modular Access Router

Cisco 1760 Modular Access Router

Cisco 1841 Modular Access Router

Hierarki Network

A.Backbone (Core) Layer 

Core Layer merupakan layer high-speed switching backbone dan harus didesain  untuk dapat mengirimkan paket data (switch packets) secepat dan sebanyak mungkin tanpa ada hambatan. Pada layer ini, manipulasi paket data (seperti: access list dan filtering) tidak boleh dilakukan, karena hal ini akan menghambat dan memperlambat proses pengiriman paket data (Switching Packet).

Interface yang digunakan di perangkat layer ini Misalnya fast ethetnet 100Mbps (Not Recommended), Gigabit Ethetnet, FDDI atau ATM. Pada lalu lintas data dapat juga menggunakan switch karena penyampaiannya pasti mendukung banyak port dan cepat. Disini toloransi kesalahan/kegagalan juga patut dipertimbangkan Untuk toleransi kesalahan digunakan peralatan jalur ganda . Oleh sebab itu swicth dikonfigurasikan dengan menggunakan Spanning Tree Topology dimana dapat diciptakan jalur ganda untuk mencegah looping pada network.

beberapa Device yang termasuk core layer :

• Cisco switches seperti seri 7000, 7200, 7500, and 12000 (untuk digunakan pada WAN)
• Catalyst switches seperti seri 6000, 5000, and 4000 (untuk digunakan pada LAN)
• T-1 and E-1 lines, Frame relay connections, ATM networks, Switched Multimegabit Data Service (SMDS)
• Cisco Carrier Routing System
• Cisco ASR 9000 Series Aggregation Services Routers
• Cisco ASR 1000 Series Aggregation Services Routers
• Cisco XR 12000 Series Router
• Cisco 7600 Series Routers

Contoh:

Cisco 7606 Router

Description:

The Cisco 7600 Series is the industry's only edge router that delivers robust, high performance IP/MPLS features for a range of service provider edge and enterprise MAN/WAN applications. Coupled with the broadest set of interfaces and innovative adaptive network processing technology the Cisco 7600 leads the industry with integrated Ethernet, private line and subscriber aggregation capabilities. The Cisco 7600 Series is a natural evolution for existing Cisco 7500 Series customers–with Cisco IOS feature parity and FlexWAN support for existing Cisco 7200/7500 Series port adapters

The Cisco 7606 Router features 480 Gbps of switching capacity in a NEBS-compliant 40 Gigabit/slot configuration, delivering the needed capacity to power robust edge services for IP/MPLS networks. This compact 6-slot, 1/6 rack system delivers 30 Mpps centralized processing coupled with distributed processing for line-rate 10 & 1 Gigabit Ethernet services.

B. Distribution Layer

Distribution Layer merupakan titik pemisah (demarcation point) antara access Layer dengan core layers dan membantu dalam mendefinisikan dan membedakan  Core Layer. Layer ini mendefinisikan daerah dimana manipulasi paket data (packet manipulation) dapat dilakukan. 

Fungsi Distribusi Layer antara lain adalah: 

•  Address atau Area Jaringan LAN   

•  Akses ke Workgroup ata Departemen.   

•  Mendefinisikan Broadcast/multicast domain.  

•  Routing dari Virtual LAN (VLAN)  

•  Titik temu beberapa media berbeda yang digunakan didalam jaringan  

•  Network Security

•  Titik dimana Akses secara Remote ke Jaringan dapat dilakukan.

beberapa Device yang termasuk distribute layer :

• Cisco ASR 1000 Series Aggregation Services Routers
• Cisco Catalyst 6500 Series Switches

 Contoh:

Cisco ASR 1002 Router

Description:

The Cisco ASR 1002 Router in a 2-rack unit (RU) form factor comes with an integrated route and serial interface processors. It houses three shared port adapter (SPA) slots supporting single height and dual height SPAs. Configurable with either the 5 Gbps or 10 Gbps embedded services processor and four built-in Gigabit Ethernet ports, it is an ideal solution for a large branch office or as a managed high-speed customer premises equipment (CPE) device to support enhanced features such as security, deep packet inspection, and firewall.

Running on Cisco IOS XE Software, the Cisco ASR 1002 router supports software redundancy and in-service software upgrades (ISSU) without redundant hardware.

C. Access Layer 

Access Layer merupakan titik dimana Local -End User dapat masuk ke Jaringan. Layer ini juga dapat menerapkan access lists atau filtering untuk dapat mengoptimasi kinerja jaringan. Setiap kali sebuah paket melalui router disebut sebagai sebuah hop. DDR (Double Data Rate) dan teknologi Ethernet switching yang terutama digunakan dalam lapisan akses dengan Static routing. Fungsi Access Layer antara lain: 

•  Shared bandwidth  

•  Switched bandwidth  

•  MAC layer filtering  

•  Microsegmentation

beberapa Device yang termasuk Access layer :

• Cisco 3900 Series Integrated Services Routers
• Cisco 2900 Series Integrated Services Routers
• Cisco 1900 Series Integrated Services Routers
• Cisco 800 Series Routers
• Linksys by Cisco WRT54GL SoHo Router

Contoh:

Cisco 888 Integrated Services Router

Combine Internet access via G.SHDSL, security, and wireless services onto a single, secure device. The Cisco 888 Integrated Services Router offers broadband speeds and simplified management to small businesses, enterprise small branches, and teleworkers.

The Cisco 880 Series provides:

• Firewall
• Content filtering
• VPNs and WLANs at broadband speeds
• Easy deployment
• Centralized management features

Available options on the Cisco 888 Integrated Services Router include:

• Survivable Remote Site Telephony
• Built-in advanced security, including intrusion prevention, GET VPN, and dynamic multipoint VPN (DMVPN)
• Up to 20 VPN tunnels
• Cisco Configuration Professional for simplified management
• WAN connection with multiple access options
• Business continuity with primary and backup connections on the Cisco 880 router, including third-generation wireless and ISDN
• Four 10/100 Mbps fast Ethernet managed switch ports with optional Power over Ethernet (PoE) on two switch ports
• Integrated access points based on the IEEE 802.11n draft 2.0 standard that uses MIMO (multiple-input, multiple-output) to improve coverage for existing and new clients
• Cisco Unified Wireless Management
• Universal software image for easy expansion with software activation

Tugas: Topologi Diagnosa WAN: Dedicated Router

Pendahuluan:

Hierarki Network

A.Backbone (Core) Layer 

Core Layer merupakan layer high-speed switching backbone dan harus didesain  untuk dapat mengirimkan paket data (switch packets) secepat dan sebanyak mungkin tanpa ada hambatan. Pada layer ini, manipulasi paket data (seperti: access list dan filtering) tidak boleh dilakukan, karena hal ini akan menghambat dan memperlambat proses pengiriman paket data (Switching Packet).

Interface yang digunakan di perangkat layer ini Misalnya fast ethetnet 100Mbps (Not Recommended), Gigabit Ethetnet, FDDI atau ATM. Pada lalu lintas data dapat juga menggunakan switch karena penyampaiannya pasti mendukung banyak port dan cepat. Disini toloransi kesalahan/kegagalan juga patut dipertimbangkan Untuk toleransi kesalahan digunakan peralatan jalur ganda . Oleh sebab itu swicth dikonfigurasikan dengan menggunakan Spanning Tree Topology dimana dapat diciptakan jalur ganda untuk mencegah looping pada network.

B. Distribution Layer

Distribution Layer merupakan titik pemisah (demarcation point) antara access Layer dengan core layers dan membantu dalam mendefinisikan dan membedakan  Core Layer. Layer ini mendefinisikan daerah dimana manipulasi paket data (packet manipulation) dapat dilakukan. 

Fungsi Distribusi Layer antara lain adalah: 

•  Address atau Area Jaringan LAN   

•  Akses ke Workgroup ata Departemen.   

•  Mendefinisikan Broadcast/multicast domain.  

•  Routing dari Virtual LAN (VLAN)  

•  Titik temu beberapa media berbeda yang digunakan didalam jaringan  

•  Network Security

•  Titik dimana Akses secara Remote ke Jaringan dapat dilakukan.

C. Access Layer 

Access Layer merupakan titik dimana Local -End User dapat masuk ke Jaringan. Layer ini juga dapat menerapkan access lists atau filtering untuk dapat mengoptimasi kinerja jaringan. Fungsi Access Layer antara lain: 

•  Shared bandwidth  

•  Switched bandwidth  

•  MAC layer filtering  

•  Microsegmentation


Design:


Topologi yang kami rancang adalah sebagai berikut:

Di dalam setiap layer terdapat perangkat router dan switch khusus, topologi diatas menggunakan perangkat-perangkat:

A. Core Layer Router

Cisco 7606 Router

Description:

The Cisco 7600 Series is the industry's only edge router that delivers robust, high performance IP/MPLS features for a range of service provider edge and enterprise MAN/WAN applications. Coupled with the broadest set of interfaces and innovative adaptive network processing technology the Cisco 7600 leads the industry with integrated Ethernet, private line and subscriber aggregation capabilities. The Cisco 7600 Series is a natural evolution for existing Cisco 7500 Series customers–with Cisco IOS feature parity and FlexWAN support for existing Cisco 7200/7500 Series port adapters

The Cisco 7606 Router features 480 Gbps of switching capacity in a NEBS-compliant 40 Gigabit/slot configuration, delivering the needed capacity to power robust edge services for IP/MPLS networks. This compact 6-slot, 1/6 rack system delivers 30 Mpps centralized processing coupled with distributed processing for line-rate 10 & 1 Gigabit Ethernet services.

B. Distribution Layer Router:

Cisco ASR 1002 Router

Description:

The Cisco ASR 1002 Router in a 2-rack unit (RU) form factor comes with an integrated route and serial interface processors. It houses three shared port adapter (SPA) slots supporting single height and dual height SPAs. Configurable with either the 5 Gbps or 10 Gbps embedded services processor and four built-in Gigabit Ethernet ports, it is an ideal solution for a large branch office or as a managed high-speed customer premises equipment (CPE) device to support enhanced features such as security, deep packet inspection, and firewall.

Running on Cisco IOS XE Software, the Cisco ASR 1002 router supports software redundancy and in-service software upgrades (ISSU) without redundant hardware.

C. Distribution Layer Switch

 1. Cisco Catalyst 6513 Switch

The 13-slot Cisco Catalyst 6513 Switch chassis is ideally suited for high-performance, high port density Fast Ethernet and Gigabit Ethernet aggregation in all parts of the network, including the access, distribution, and backbone layers as well as the server farm and data center environments. With up to 12 payload slots available, the 13-slot chassis offers industry-leading 10/100/1000 Gigabit Ethernet and 10 Gigabit Ethernet port densities while providing high levels of network resilience.
Important Features
Supports all Cisco Catalyst 6500 Series modules, including:

• Supervisor engines
• Fast Ethernet modules (with IEEE 802.3af Power over Ethernet [PoE])
• Gigabit Ethernet modules (with IEEE 802.3af PoE)
• 10 Gigabit Ethernet modules
• Flex WAN modules
• Shared Port Adaptors/SPA Interface Processors
• Multi-Gigabit services modules (content services ,firewall, intrusion detection, IP Security [IPSec], VPN, network analysis, and Secure Sockets Layer [SSL] acceleration)

Cisco Catalyst 6513 switches support both Cisco Catalyst OS and Cisco IOS Software. They also support up to a 6000W power supply, thus providing the ability to support a large number of IEEE 802.3af PoE devices.
Cisco Catalyst 6513 switches provide maximum uptime with redundancy and rapid (1 to 3 seconds) stateful failover across supervisor engines. They support modular Cisco IOS Software to minimize unplanned downtime through self-healing processes and simplify software changes through subsystem in-service software upgrades.
The Cisco Catalyst 6513 Firewall Security System is a 13-slot model providing an easily deployed solution that integrates a Cisco Catalyst 6500 Series Supervisor Engine 720 (with integrated policy and multilayer switch feature cards [PFC3/MSFC3] for system control, routing services, and dual Gigabit Ethernet ports); a Cisco Catalyst 6500 Series Firewall Services Module providing 5 Gbps of firewall services; and 11 additional open slots for further customization.
Cisco Catalyst IPSec VPN systems take advantage of the Cisco 7600/Catalyst 6500 IPSec VPN Services Module and provide up to 2 Gbps of Triple Data Encryption Standard (3DES) encryption. The IPSec VPN systems provide a broad suite of services and a multitude of I/O interfaces.

D. Access Layer Switch

 1. Cisco Catalyst 2960 Series

Feature Set	Model	Total 10/100 Ethernet Ports	Uplinks	AC Power Supply Rating
LAN Base Layer 2	WS-C2960-24TT-L	24	2x1000 BT	30W
	WS-C2960-48TT-L	48		45W
	WS-C2960-24TC-L	24	2 Dual Purpose	30W
	WS-C2960-48TC-L	48		45W
LAN Lite Entry Layer 2	WS-C2960-24TC-S	24		30W
	WS-C2960-24-S	24	None
	WS-C2960-48TC-S	48	2 Dual Purpose	45W
	WS-C2960-48TT-S	48	2 x1000BT
LAN Base Layer 2	WS-C2960-48PST-L	48 PoE	2x1000BT and 2xSFP	370W
	WS-C2960-24PC-L	24 PoE	2 Dual Purpose
	WS-C2960-24LT-L	24 PoE	2x1000BT	123W
LAN Lite Entry Layer 2	WS-C2960-48PST-S	48 PoE	2x1000BT and 2xSFP	370W
	WS-C2960-24PC-S	24 PoE	2 Dual Purpose	370W
	WS-C2960-24LC-S	24 PoE		123W
LAN Base Layer 2	WS-C2960-8TC-L	8	1 Dual Purpose	20W
	WS-C2960PD-8TT-L	8	1x1000BT PoE	11W PoE Input
	WS-C2960G-8TC-L	7 10/100/1000	1 Dual Purpose	30W
LAN Lite Entry Layer 2	WS-C2960-8TC-S	8		20W