Panduan Penyelesaian Ujian Kompetensi Keahlian TKJ Paket III

Membuat perencanaan sesuai dengan topologi jaringan yang disediakan (Knowledge,Attitude)

(eth1) (eth0) Internet PC/Laptop Client Server Gateway Melakukan perhitungan subnetting terhadap ip address yang ditentukkan untuk network public dan private

Eth1 Network A 192.168.100.0/28

Binary Bit (CIDR) 11111111.11111111.11111111.11110000

Konversi Desimal (Subnet) 255.255.255.240

Jumlah Subnet 2 (pangkat digit 1)

2 ^ 4 = 16 Subnet Jumlah Host 2 (pangkat digit 0)

(2 ^ 4) - 2 = 16 – 2 = 14 Host Jumlah Blok Subnet 256 – 240 = 16, 32, 48, 64, 80, 96, 112, 128, 144, 160,

176, 192, 208, 224, 240 Eth0 Network A 192.168.88.0/24

Binary Bit (CIDR) 11111111.11111111.11111111.00000000

Konversi Desimal (Subnet) 255.255.255.0

Jumlah Subnet 2 (pangkat digit 1)

2 ^ 0 = 0 Subnet Jumlah Host 2 (pangkat digit 0)

(2 ^ 8) - 2 = 256 – 2 = 254 Host Jumlah Blok Subnet 256 – 0 = 0

192.168.88.0/24 192.168.100.0/28

192.168.100.1/28

192.168.100.2/28 (DHCP)

192.168.88.xxx/24

Perakitan dan Instalasi Server (Skill, Attitude) Lakukan perakitan komputer dengan mengutamakan keselamatan kerja. Lakukan installasi server Debian 6 dengan aturan pemartisian hardisk

(root filesystem 80 gb) dan (swap 2 x ukuran RAM) Melakukan pembuatan dan penyusunan kabel jaringan dengan standar T568B (cross over)

Kiri

Kanan

Orange – Putih Hijau – Putih Orange Hijau

Hijau - Putih Orange – Putih Biru Biru

Biru – Putih Biru – Putih Hijau Orange

Coklat – Putih Coklat – Putih Cokat Cokat

Melakukan konfigurasi Router (nat) sebagai Gateway Server. (Skill) Konfigurasi ip address # nano /etc/network/interfaces auto lo iface lo inet loopback

auto eth0 iface eth0 inet dhcp auto eth1 iface eth1 inet static

address 192.168.100.1 netmask 255.255.255.240 network 192.168.100.0 broadcast 192.168.100.255 dns-nameservers 192.168.100.1 dns-search smkn4gorontalo.sch.id

Restart layanan # /etc/init.d/networking restart

Konfigurasi ip forward # nano /etc/sysctl.conf # /etc/sysctl.conf - Configuration file for setting system variables # See /etc/sysctl.d/ for additional system variables # See sysctl.conf (5) for information. #kernel.domainname = example.com # Uncomment the following to stop low-level messages on console #kernel.printk = 3 4 1 3 # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks #net.ipv4.conf.default.rp_filter=1 #net.ipv4.conf.all.rp_filter=1 # Uncomment the next line to enable TCP/IP SYN cookies # See http://lwn.net/Articles/277146/ # Note: This may impact IPv6 TCP sessions too #net.ipv4.tcp_syncookies=1 # Uncomment the next line to enable packet forwarding for IPv4

net.ipv4.ip_forward=1 Konfigurasi Iptables untuk routing nat # nano /etc/rc.local #!/bin/sh -e # rc.local # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # In order to enable or disable this script just change the execution # bits.

# By default this script does nothing. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE exit 0

Melakukan konfigurasi DHCP untuk interface jaringan lokal (Skill) Install DHCP Server # apt-get install dhcp3-server Konfigurasi DHCP Server # nano /etc/dhcp3/dhcpd.conf # A slightly different configuration for an internal subnet. subnet 192.168.100.0 netmask 255.255.255.240 { range 192.168.100.2 192.168.100.6; option domain-name-servers 8.8.8.8; option domain-name "smkn4gorontalo.sch.id"; option routers 192.168.100.1; option broadcast-address 192.168.100.15; default-lease-time 600; max-lease-time 7200; } Restart layanan DHCP Server # /etc/init.d/isc-dhcp3-server restart Lakukan restart (reboot) pada PC Server dan lakukan pengujian akses koneksi dari PC Client / Laptop ke Server dengan tools (ping).

Melakukan konfigurasi Web Server # apt-get install apache2 php5 php5-mysql mysql-server phpmyadmin # nano /var/www/index.html <html><head><title>UKK 2015 TKJ</title></head> <body>Assalamualaikum <p> Selamat datang di Server saya ! <br>Nama : Walid Umar <br>Kelas : XII TKJ <br>Alamat : Gorontalo, Jl. Jalaludin Tantu No. 60 <br>Email : walidumar@smkn4gorontalo.sch.id </body> </html> # nano /etc/apache2/ports.conf <IfModule mod_ssl.c> # Server Name Indication for SSL named virtual hosts is currently not # supported by MSIE on Windows XP. Listen 443 https </IfModule>

Konfigurasi Proxy Server # apt-cdrom add

# apt-get update

# apt-get install squid # nano /etc/squid/squid.conf

http_port 3128 transparent acl blok dstdomain "/etc/squid/situs" no_cache deny blok http_acces deny blok acl jaringan src 192.168.100.0/28 http_acces allow jaringan cache_mgr admin@smkn4gorontalo.sch.id visible_hostname www.smkn4gorontalo.sch.id #http_access deny all # nano /etc/squid/situs

www.google.com www.yahoo.com google.com yahoo.com iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -t nat -A PREROUTING -s 192.168.100.0/28 -p tcp --dport 80 -j REDIRECT --to-ports 3128 iptables -t nat -A PREROUTING -s 192.168.100.0/28 -p tcp --dport 443 -j REDIRECT --to-ports 3128