LAPORAN TEKNIS PEMELIHARAAN JARINGAN

LOCAL AREA NETWORK

Kabupaten Bandung Barat

Pendahuluan

System jaringan komputer yang terpadu di dalam sebuah organisasi perusahaan atau pemerintahan sudah tidak bisa di hindari lagi untuk bisa di terapkan, hal ini bertujuan untuk mempermudah serta menopang kelancaran aktivitas kerja serta bisnis perusahaan itu sendiri. Tetapi untuk mencapai itu semua di butuhkan sebuah desain dan rencana dalam pembuatan sebuah network yang andal serta aman untuk di gunakan.

Pemda Kabupaten Bandung barat merupakan Pemerintahan yang baru pindah lokasi dari gedung prodomo batu jajar ke Lokasi baru, sehingga ini merupakan moment yang bagus untuk merancang Infrastuktur baik Jaringan maupun System Server internak karena bisa di rancang dan di lakukan dari awal. Walaupun demikian bukan berarti tanpa kendala di lapangan, karena keterbatasan perangkat serta SDM di lapangan yang menyebabkan terkendala untuk menjamin keberlangsungan jaringan di pemda kab. Bandung barat bisa melayani semua steckholder yang ada.

Deskripsi Masalah

1. Disemua gedung di pemerintahan kabupaten bandung barat belum di buat system jaringan yang bagus baik untuk jaringan kabel maupun wireless, sehingga menyulitkan NetAdmin untuk menelusuri penyebabnya apabila ada permasalahaan di salah satu titik sehingga akan berakibat terputus nya semua jaringan dalam satu gedung. Dan untuk melacak source problem di butuhkan waktu yang lama.

2. Sulitnya memonitoring pemakaian bandwidth baik menggunakan kabel atau wifi di semua gedung di karenakan jaringan dalam satu network yang sama.

Analisa Kebutuhan

1. Dibutuhkan System Jaringan yang bagus, handal sehingga memimalir permasalahaan, maka diperlukan perubahan topologi jaringan di semua gedung baik gedung Dinas, setda, Gedung C maupun B.

2. di butuhkan System Monitoring baik Jaringan, Applikasi ataupun Wifi sehingga bisa terpantau semua penggunaan Bandwidth yang menggunakan kabel ataupun Wireless dan Aplikasi yang berjalan di server.

Rancangan System

1. VLAN dan IP Addressing

Jaringan Pemda Kab. Bandung barat akan di buat tersegmentasi menggunakan VLAN untuk semua gedung baik gedung dinas, Setda, Gedung C maupun bina marga beserta pembagian IP address nya. Berikut List VLAN dan IP address untuk semua gedung :

No Nama No VLAN IP Addressing 1 Gedung Dinas LT 1 11 10.10.1.0/24 2 Gedung Dinas LT 2 12 10.10.2.0/24 3 Gedung Dinas LT 3 13 10.10.3.0/24 4 Gedung Dinas LT 4 14 10.10.4.0/24 5 Dinas Pariwisata 131 10.10.131.0/24 6 WIFI-Ged DINAS 200 172.16.3.0/24 7 Sanditel 24 10.10.24.0/24 8 BPK 22 10.10.22.0/24 9 Tata Pemerintahan 23 10.10.23.0/24 10 TU PIMPINAN 25 10.10.25.0/24 11 WIFI SETDA 28 10.10.28.0/24 11 Ged. C Lantai 1 31 10.10.31.0/24 12 Ged. C Lantai 2 32 10.10.32.0/24 13 Ged. C Lantai 3 33 10.10.33.0/24 14 Ged. C Lantai 4 34 10.10.34.0/24 15 DPPKAD 331 192.168.1.0/24 16 BPMPPT 321 172.16.2.0/24 17 Ged D LT 1 41 10.10.41.0/24 18 Ged. D LT 2 42 10.10.42.0/24 19 Ged. D LT 3 43 10.10.43.0/24 20 Ged. D LT 4 44 10.10.44.0/24 21 DPRD 101 10.10.101.0/30

22 Gedung Perpustakaan / KPDE 51 10.10.51.0/24

2. Switch Manageable

untuk mendukung teknologi VLAN maka di perlukan Switch yang mendukung VLAN dan konsep Trunk sebgai Backbone antar VLAN.maka di pilih Mikrotik Type CRS untuk mendukung konsep di atas karena kemudahan serta harga yang sesuai dengan anggaran.sedangkan untuk gedung Dinas dan Setda masih pergunakan Switch Tplink mengikuti anggaran sebelumnya.

Mikrotik CRS 125-24G

3. Dynamic Routing

untuk memudahkan routing di semua dan antar perangkat, maka di perlukan Protocol Dynamic Routing untuk bisa menangani Routing di semua perangkat.

Untuk kebutuhan ini di gunakan OSPF sebagai protocol routing yang akan di gunakan untuk meroutingkan semua perangkat.

4. Wifi Controller

Di karenakan area cakupan Wifi Kab. Bandung barat cukup luas dan banyak maka di perluakn software SDN yang bisa mengontrol Wifi di semua titik, hal ini di perlukan untuk mempermudah administrasi serta config perangkat dimanapun perangkat itu di pasang. Di sarankan menggunkan Unifi karena di sisi harga dan kemudahan controller yang bersifat software untuk perangkat yang di pasang.

5. Backbone Link

Backbone link antar Lantai di rencanakan akan menggunakan Kabel Fiber Optic dan kabel UTP, sedangkan untuk antar Gedung akan menggunakan Link Wireless.

6. VPN Access

Untuk memudahkan Pekerjaan StockHolder di Kabupaten Bandung barat, yang kebetulan tidak terjangkau dengan akses WAN di KBB makan di perlukan access VPN untuk mengakses data di internal Pemda dengan aman.

IPSec adalah pilihan teknologi teraman yang di punyai oleh komunitas opensource karena ada encrypt ketika terjadi handshake dengan Server VPN.

Tahapan Pekerjaan

Untuk memudahkan pekerjaan pemeliharaan jaringan Pemda ada beberapa tahapan baik untuk prioritas serta untuk memudahkan ketika jalannya pekerjaan, yaitu SBB :

1. Config dan Setting VLAN, VPN Access serta OSPF di router utama 2. Config dan Setting VLAN di Switch Gedung Dinas + Ruang Server 3. Config dan Setting VLAN Link Backbone Antar Gedung

4. Config dan Setting VLAN Gedung Setda

5. Config dan Setting VLAN Gedung C di semua lantai 6. Config dan Setting VLAN Gedung D di Semua lantai 7. Instalasi Controller Unifi

8. Pemasangan Unifi 9. Evaluasi

I. Setting dan konfigurasi VLAN,VPN serta OSPF di router utama

router utama merupakan jantungnya jaringan untuk meroutingkan, serta membagi Network berdasarkan VLAN yang sudah di rencanakan.

I.A. Konfigurasi VLAN

berikut konfigurasi VLAN di router utama : @KOMINFO] > interface vlan print Flags: X - disabled, R - running, S - slave

# NAME MTU ARP VLAN-ID INTERFACE 0 R DPRD-VLAN101 1500 enabled 101 TRUNK-DPRD-KEC-SEL 1 R FINGER PRINT 1500 enabled 100 TRUNK-GED.SETDA-B-C 2 R Ged.Baru-LT2-SERVER-BPMPPT-VLAN-321 1500 enabled 321 TRUNK-GED.SETDA-B-C

3 R Ged.Baru-SIMDA-VLAN 331 1500 enabled 331 TRUNK-GED.SETDA-B-C

4 R Ged.Baru_LANTAI1-VLAN 31 1500 enabled 31 TRUNK-GED.SETDA-B-C

5 R Ged.Baru_LANTAI2-VLAN 32 1500 enabled 32 TRUNK-GED.SETDA-B-C

6 R Ged.Baru_LANTAI3-VLAN 33 1500 enabled 33 TRUNK-GED.SETDA-B-C

7 R Ged.Baru_LANTAI4-VLAN 34 1500 enabled 34 TRUNK-GED.SETDA-B-C

8 R Ged.Binamarga-LT1-VLAN 41 1500 enabled 41 TRUNK-GED.SETDA-B-C

9 R Ged.Binamarga-LT2-VLAN 42 1500 enabled 42 TRUNK-GED.SETDA-B-C

10 R Ged.Binamarga-LT3-VLAN 43 1500 enabled 43 TRUNK-GED.SETDA-B-C

TRUNK-GED.SETDA-B-C

12 R KECAMATAN_VIA SETDA_VLAN 21 1500 enabled 21 TRUNK-GED.SETDA-B-C

13 R LANTAI 1 BKD 1500 enabled 27 TRUNK-GED.SETDA-B-C 14 R LANTAI1-VLAN 11 1500 enabled 11 TRUNK-Ged.DINAS 15 R LANTAI2 VLAN 12 1500 enabled 12 TRUNK-Ged.DINAS 16 R LANTAI3 VLAN 13 1500 enabled 13 TRUNK-Ged.DINAS 17 R LANTAI4 VLAN 14 1500 enabled 14 TRUNK-Ged.DINAS 18 R PARIWISATA VLAN 131 1500 enabled 131 TRUNK-Ged.DINAS 19 R SETDA_BAPEDA_VLAN 26 1500 enabled 26

TRUNK-GED.SETDA-B-C

20 R SETDA_MUSHOLA_VLAN 22 1500 enabled 22 TRUNK-GED.SETDA-B-C

21 R SETDA_SANDITEL_VLAN 24 1500 enabled 24 TRUNK-GED.SETDA-B-C

22 R SETDA_TAPEM_VLAN 23 1500 enabled 23 TRUNK-GED.SETDA-B-C

23 R SETDA_TU-PIMPINAN_VLAN 25 1500 enabled 25 TRUNK-GED.SETDA-B-C

24 R UNIFI-VLAN-200 1500 enabled 200 TRUNK-Ged.DINAS 25 R WIFI_SETDA_SANDITEL_VLAN 28 1500 enabled 28

TRUNK-GED.SETDA-B-C I.B. Konfigurasi VPN

berikut konfigurasi VPN Access di router utama : @KOMINFO] > ppp profile print

Flags: * - default

0 * name="default" local-address=10.10.20.1 remote-address=dhcp_pool1 mpls=default

use-compression=default use-encryption=default only-one=no change-tcp-mss=yes use-upnp=default address-list=""

on-up="" on-down=""

1 name="SIMDA" local-address=10.10.20.1 remote-address=dhcp_pool1 mpls=default

use-compression=default use-encryption=default only-one=no change-tcp-mss=yes use-upnp=default address-list="" on-up=""

on-down=""

only-one=default change-tcp-mss=yes use-upnp=default address-list="" on-up="" on-down="" I. C. Konfigurasi OSPF

@KOMINFO] > routing ospf network print Flags: X - disabled, I - invalid

# NETWORK AREA 0 172.16.0.0/16 backbone 1 10.0.0.0/8 backbone 2 192.168.0.0/16 backbone

@KOMINFO] > routing ospf instance print Flags: X - disabled, * - default

0 * name="default" router-id=60.253.117.41 distribute-default=never redistribute-connected=as-type-1 redistribute-static=as-type-1 redistribute-rip=no redistribute-bgp=no redistribute-other-ospf=no

metric-default=1 metric-connected=20 metric-static=20 metric-rip=20 metric-bgp=auto metric-other-ospf=auto in-filter=ospf-in out-filter=ospf-out

II. Setting dan konfigurasi VLAN di Switch Ged. Dinas + R Serve berikut adalah konfigurasi Switch di Ruang Server :

# vlan database vlan 11-15,21,31,100,111,131-132,200 # # interface vlan 1

description "System VLAN" # interface vlan 11 description "LT-1_Ged_Dinas" # interface vlan 12 description "LT-2_Ged_Dinas" # interface vlan 13 description "LT-3_Ged_Dinas" # interface vlan 14 description "LT-4_Ged_Dinas"

# interface vlan 15 description "LANTAI_DASAR" # interface vlan 21 description "SETDA" # interface vlan 31 description "KECAMATAN" # interface vlan 100 description "DMZ" # #

system-descript contact-info www.tp-link.com system-descript location KBB

system-descript sysname LT4-R.NOX # bridge aging-time 300 # # system-time gmt 8 133.100.9.2 139.78.100.163 #

user add admin password xxxxxx confirm-password XXXX admin enable #

user access-control disable user idle-timeout 10

protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template add IP 0800 protocol-vlan template add ARP 0806 protocol-vlan template add RARP 8035 protocol-vlan template add IPX 8137 protocol-vlan template add AT 809b #

no vlan-vpn enable vlan-vpn tpid 8100

# #

snmp global status enable

snmp community-add kbb read-only viewDefault #

interface ethernet 1 switchport type general switchport allowed vlan add 11 switchport pvid 11

#

interface ethernet 2 switchport type general switchport allowed vlan add 12 switchport pvid 12

#

interface ethernet 3 switchport type general switchport allowed vlan add 13 switchport pvid 13

#

interface ethernet 4 switchport type general switchport allowed vlan add 14 switchport pvid 14

#

interface ethernet 5 switchport type general switchport allowed vlan add 11 switchport pvid 11

#

interface ethernet 6 switchport type general switchport allowed vlan add 11 switchport pvid 11

interface ethernet 7 switchport type general switchport allowed vlan add 11 switchport pvid 11

#

switchport type general switchport allowed vlan add 11 switchport pvid 11

#

interface ethernet 9 switchport type general switchport allowed vlan add 12 switchport pvid 12

#

interface ethernet 10 switchport type general switchport allowed vlan add 12 switchport pvid 12

#

interface ethernet 11 switchport type general switchport allowed vlan add 13 switchport pvid 13

#

interface ethernet 12 switchport type general switchport allowed vlan add 13 switchport pvid 13

#

interface ethernet 13 switchport type general switchport allowed vlan add 13 switchport pvid 13

#

interface ethernet 14 switchport type general switchport allowed vlan add 13 switchport pvid 13

#

interface ethernet 15 switchport type general switchport allowed vlan add 15 switchport pvid 15

#

switchport type general switchport allowed vlan add 14 switchport pvid 14

#

interface ethernet 17 switchport type general switchport allowed vlan add 14 switchport pvid 14

#

interface ethernet 18 switchport type general switchport allowed vlan add 14 switchport pvid 14

#

interface ethernet 19 switchport type general switchport allowed vlan add 14 switchport pvid 14

#

interface ethernet 20 switchport type general switchport allowed vlan add 14 switchport pvid 14

#

interface ethernet 21 switchport type general switchport allowed vlan add 111 switchport pvid 111

#

interface ethernet 22 switchport type general

switchport allowed vlan add 132 switchport pvid 132

#

interface ethernet 23 switchport type general switchport allowed vlan add 14 switchport pvid 14

#

switchport type general

switchport allowed vlan add 200 switchport pvid 200

#

interface ethernet 25 switchport type trunk

switchport allowed vlan add 11-15,111,131-132,200 switchport pvid 1

#

interface ethernet 26 switchport type trunk

switchport allowed vlan add 11-15,111,131-132,200 switchport pvid 1

#

interface ethernet 27 switchport type trunk

switchport allowed vlan add 11-15,111,131-132,200 switchport pvid 1

#

interface ethernet 28 switchport type trunk

switchport allowed vlan add 11-15,111,131-132,200 switchport pvid 1

#

ip management-vlan 14

ip address 10.10.4.254 255.255.255.0 10.10.4.1 end

III. Setting dan konfigurasi trunk di Link Backbone

Selain di tiap switch manageable di setting VLAN maka di haruskan juga di setting trunk di setiap jalur backbone antar gedung,untuk perangkat wifi backbone yang di pasang kebetulan support untuk trunk VLAN yang ada yaitu UBNT.

IV. Setting dan konfigurasi VLAN di Switch Ged. Setda

untuk gedung setda sudah di pasang 3 switch manageable jenis TPLINK SG2424G dengan 2 port SPF combo dengan 2 port Gigabit.

berikut konfigurasi Switch Sanditel : # vlan database vlan 11-15,21-28,100,321 # # interface vlan 1

description "System VLAN" # interface vlan 11 description "LT-1-GedDINAS" # interface vlan 12 description "LT-2-GedDINAS" # interface vlan 13 description "LT-3-GedDINAS" # interface vlan 14 description "LT-4-GedDINAS" # interface vlan 15 description "GedungD"

# interface vlan 21 description "LT1-BKD" # interface vlan 22 description "LT2-BKD" # interface vlan 23 description "LT1-Bupati" # interface vlan 24 description "LT2-Bupati" # interface vlan 25 description "LT1-DPPKAD" # interface vlan 26 description "LT2-DPPKAD" # #

system-descript contact-info www.tp-link.com system-descript location KBB

system-descript sysname SandiTel # bridge aging-time 300 # # system-time gmt 8 133.100.9.2 139.78.100.163 #

user add admin password xxxxxx confirm-password xxxxxx admin enable #

user access-control disable user idle-timeout 10

#

protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template add IP 0800

protocol-vlan template add ARP 0806 protocol-vlan template add RARP 8035 protocol-vlan template add IPX 8137 protocol-vlan template add AT 809b #

no vlan-vpn enable vlan-vpn tpid 8100 #

#

snmp global status enable

snmp community-add kbb read-only viewDefault #

interface ethernet 1 switchport type general switchport allowed vlan add 21 switchport pvid 21

#

interface ethernet 2 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 3 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 4 switchport type general

switchport allowed vlan add 24 switchport pvid 24

# interface ethernet 5 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 6 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 7 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 8 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 9 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 10 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 11 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 12 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 13 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 14 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 15 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 16 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 17 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 18 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 19 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 20 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 21 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 22 switchport type general

switchport allowed vlan add 24 switchport pvid 24

#

interface ethernet 23 switchport type general

switchport allowed vlan add 24 switchport pvid 24

# interface ethernet 24 switchport type general

switchport allowed vlan add 321 switchport pvid 321

#

interface ethernet 25 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 26 switchport type general

switchport allowed vlan add 24,26,28 switchport pvid 28

#

interface ethernet 27 switchport type trunk

switchport allowed vlan add 11-15,21-28,321 switchport pvid 1

#

interface ethernet 28 switchport type trunk

switchport allowed vlan add 11-15,21-28,321 switchport pvid 1

#

ip management-vlan 24

ip address 10.10.24.254 255.255.255.0 10.10.24.1 end

Konfigurasi Switch Tata Pemerintahan : #

vlan database vlan 21-26,200 #

#

interface vlan 1

description "System VLAN" #

#

system-descript contact-info www.tp-link.com system-descript location SHENZHEN

system-descript sysname TL-SL5428E # bridge aging-time 300 # # system-time gmt 8 133.100.9.2 139.78.100.163 #

user add admin password XXXXXX confirm-password XXXXXX admin enable #

user access-control disable user idle-timeout 10

#

protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template add IP 0800 protocol-vlan template add ARP 0806 protocol-vlan template add RARP 8035 protocol-vlan template add IPX 8137 protocol-vlan template add AT 809b # no vlan-vpn enable vlan-vpn tpid 8100 # # # interface ethernet 1 switchport type general

switchport allowed vlan add 23 switchport pvid 23

interface ethernet 2 switchport type general

switchport allowed vlan add 23 switchport pvid 23 #

interface ethernet 3 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 4 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 5 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 6 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 7 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 8 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 9 switchport type general

switchport allowed vlan add 23 switchport pvid 23

interface ethernet 10 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 11 switchport type general

switchport allowed vlan add 23 switchport pvid 23

# interface ethernet 12 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 13 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 14 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 15 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 16 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 17 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 19 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 20 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 21 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 22 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 23 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 24 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 25 switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

switchport type general

switchport allowed vlan add 23 switchport pvid 23

#

interface ethernet 27 switchport type trunk

switchport allowed vlan add 21-26,200 switchport pvid 1

#

interface ethernet 28 switchport type trunk

switchport allowed vlan add 21-26,200 switchport pvid 1 # ip management-vlan 24 ip address 10.10.24.253 255.255.255.0 10.10.24.1 end Konfigurasi Switch R. BPK # vlan database vlan 11-14,21-26,200 # # interface vlan 1

description "System VLAN" #

#

system-descript contact-info www.tp-link.com system-descript location LT-4

system-descript sysname TL-SL5428E # bridge aging-time 300 # # system-time gmt 8 133.100.9.2 139.78.100.163 #

user add admin password XXXXXX confirm-password XXXXXX admin enable #

user access-control disable user idle-timeout 10

#

protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template remove 1 protocol-vlan template add IP 0800 protocol-vlan template add ARP 0806 protocol-vlan template add RARP 8035 protocol-vlan template add IPX 8137 protocol-vlan template add AT 809b #

no vlan-vpn enable vlan-vpn tpid 8100 #

#

snmp global status enable

snmp community-add kbb read-only viewDefault #

interface ethernet 1 switchport type general

switchport allowed vlan add 22 switchport pvid 22

#

interface ethernet 2

switchport type general

switchport allowed vlan add 14,22-23,25-26 switchport pvid 22

#

interface ethernet 3 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 4 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 5 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 6 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 7 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 8 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 9 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 10 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 11 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 12 switchport type general

switchport allowed vlan add 14,22,25-26 switchport pvid 25

#

interface ethernet 13 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 14 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 15 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 16 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 17 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 18 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 19 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 20 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 21 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 22 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 23 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 24 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 25 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 22

#

interface ethernet 26 switchport type general

switchport allowed vlan add 14,22,26 switchport pvid 26

#

interface ethernet 27 switchport type trunk

switchport allowed vlan add 11-14,21-26,200 switchport pvid 1

#

interface ethernet 28 switchport type trunk

switchport allowed vlan add 21-26,200 switchport pvid 1

#

ip management-vlan 24

ip address 10.10.24.252 255.255.255.0 10.10.24.1 end

V. Setting dan konfigurasi VLAN di Switch Ged. C IV.A. Konfigurasi LT 4 :

@LT4-GED.BARU] > interface ethernet switch vlan print Flags: X - disabled, I - invalid, D - dynamic

# VLAN-ID PORTS SVL LEARN FLOOD INGRESS-MIRROR QOS-GROUP 0 34 ether1-master-local no yes no no none ether2-slave-local ether3-slave-local ether4-slave-local ether5-slave-local ether6-slave-local ether7-slave-local ether8-slave-local ether9-slave-local ether10-slave-local ether11-slave-local ether12-slave-local ether13-slave-local ether14-slave-local ether15-slave-local ether16-slave-local ether17-slave-local ether18-slave-local ether19-slave-local ether20-slave-local ether21-slave-local ether22-slave-local ether23-slave-local ether24-trunk

1 33 ether1-master-local no yes no no none ether23-slave-local

ether24-trunk

ether24-trunk

3 31 ether1-master-local no yes no no none ether24-trunk

4 331 ether1-master-local no yes no no none ether24-trunk

5 321 ether1-master-local no yes no no none ether24-trunk

6 D 4095 switch1-cpu no no no no none

@LT4-GED.BARU] > interface ethernet switch egress-vlan-tag print Flags: X - disabled, I - invalid, D - dynamic

# VLAN-ID TAGGED-PORTS 0 34 ether1-master-local ether24-trunk 1 33 ether1-master-local ether24-trunk 2 32 ether1-master-local ether24-trunk 3 31 ether1-master-local ether24-trunk 4 331 ether1-master-local ether24-trunk 5 332 ether1-master-local ether24-trunk 6 D 4095

LT4-GED.BARU] /interface ethernet switch ingress-vlan-translation> print Flags: X - disabled, I - invalid, D - dynamic

0 ports=ether2-slave-local,ether3-slave-local,ether4-slave-local,ether5-slave-local,ether6-slave-local,ether7-slave-local,ether8-slave-local,ether9-slave-local,ether10-slave-local,ether11-slave- local,ether12-slave-local,ether13-slave-local,ether14-slave-local,ether15-slave-local,ether16-slave-local,ether17-slave-local,ether18-slave-local,ether19-slave-local,ether20-slave-local,

ether21-slave-local,ether22-slave-local

service-vlan-format=any customer-vlan-format=any customer-vid=0 new-customer-vid=34 pcp-propagation=no sa-learning=yes

1 ports=ether23-slave-local service-vlan-format=any customer-vlan-format=any customer-vid=0 new-customer-vid=33 pcp-propagation=no sa-learning=yes

2 D ports="" service-vlan-format=any customer-vlan-format=any new-customer-vid=4095 pcp-propagation=no sa-learning=no

Konfigurasi Switch LT 3 Gedung C

@LT3-Ged Baru] > interface ethernet switch vlan print Flags: X - disabled, I - invalid, D - dynamic

# VLAN-ID PORTS SVL LEARN FLOOD INGRESS-MIRROR QOS-GROUP 0 31 ether1-master no yes no no none ether24

1 32 ether1-master no yes no no none ether24

2 33 ether1-master no yes no no none ether2 ether3 ether4 ether5 ether6 ether7 ether8 ether9 ether10 ether11 ether12 ether13 ether14 ether15 ether16 ether17 ether19 ether20 ether21 ether23 ether24

3 34 ether1-master no yes no no none ether24

4 331 ether1-master no yes no no none ether18_DPPKAD

5 321 ether1-master no yes no no none ether24

6 D 4095 switch1-cpu no no no no none @LT3-Ged Baru] > interface ethernet switch ingress-vlan-translation print

Flags: X - disabled, I - invalid, D - dynamic 0

ports=ether23,ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10,ether11,ether12,ether13,ether14 ,ether15,ether16,ether17,ether19,ether20,ether21 service-vlan-format=any

customer-vlan-format=any new-customer-vid=33 pcp-propagation=no sa-learning=yes

1 ports=ether18_DPPKAD service-vlan-format=any customer-vlan-format=any new-customer-vid=331 pcp-propagation=no sa-learning=yes

2 D ports="" service-vlan-format=any customer-vlan-format=any new-customer-vid=4095 pcp-propagation=no sa-learning=no

@LT3-Ged Baru] > interface ethernet switch egress-vlan-tag print Flags: X - disabled, I - invalid, D - dynamic

# VLAN-ID TAGGED-PORTS 0 31 ether1-master ether24 1 32 ether1-master ether24 2 33 ether1-master ether24 3 34 ether1-master ether24 4 331 ether1-master ether24 5 321 ether1-master ether24 6 D 4095 Konfigurasi Switch LT 2

@lt2-ged baru] /interface ethernet switch vlan> print Flags: X - disabled, I - invalid, D - dynamic

# VLAN-ID PORTS SVL LEARN FLOOD INGRESS-MIRROR QOS-GROUP 0 31 ether1-master-local no yes no no none

ether24-slave-local

1 32 ether1-master-local no yes no no none ether2-slave-local ether3-slave-local ether4-slave-local ether5-slave-local ether6-slave-local ether7-slave-local ether8-slave-local ether9-slave-local ether10-slave-local ether11-slave-local ether12-slave-local ether13-slave-local ether14-slave-local ether15-slave-local ether16-slave-local ether17-slave-local ether18-slave-local ether19-slave-local ether20-slave-local ether21-slave-local ether23-slave-local ether24-slave-local

2 33 ether1-master-local no yes no no none ether24-slave-local

3 34 ether1-master-local no yes no no none ether24-slave-local

4 321 ether1-master-local no yes no no none ether22-slave-local

ether24-slave-local

5 D 4095 switch1-cpu no no no no none @lt2-ged baru] > interface ethernet switch egress-vlan-tag print

Flags: X - disabled, I - invalid, D - dynamic

# VLAN-ID TAGGED-PORTS 0 31 ether1-master-local ether24-slave-local 1 32 ether1-master-local ether24-slave-local

2 33 ether1-master-local ether24-slave-local 3 34 ether1-master-local ether24-slave-local 4 321 ether1-master-local ether24-slave-local

@lt2-ged baru] > interface ethernet switch ingress-vlan-translation print Flags: X - disabled, I - invalid, D - dynamic

0 ports=ether2-slave-local,ether3-slave-local,ether4-slave-local,ether5-slave-local,ether6-slave-local,ether7-slave-local,ether8-slave-local,ether9-slave-local,ether10-slave-local,ether11-slave- local,ether12-slave-local,ether13-slave-local,ether14-slave-local,ether15-slave-local,ether16-slave-local,ether17-slave-local,ether18-slave-local,ether19-slave-local,ether20-slave-local,

ether21-slave-local,ether23-slave-local

service-vlan-format=any customer-vlan-format=untagged-or-tagged customer-vid=0 new-customer-vid=32 pcp-propagation=no sa-learning=no

1 ports=ether22-slave-local service-vlan-format=any customer-vlan-format=any customer-vid=0 new-customer-vid=321 pcp-propagation=no sa-learning=no

2 D ports="" service-vlan-format=any customer-vlan-format=any new-customer-vid=4095 pcp-propagation=no sa-learning=no

Konfigurasi Switch LT 1

@LT1-Ged. Baru] > interface ethernet switch vlan print Flags: X - disabled, I - invalid, D - dynamic

# VLAN-ID PORTS SVL LEARN FLOOD INGRESS-MIRROR QOS-GROUP 0 31 ether1-master no yes no no none ether2 ether3 ether4 ether5 ether6 ether7 ether8 ether9 ether10 ether24

ether24

2 33 ether1-master no yes no no none ether24

3 34 ether1-master no yes no no none ether24

4 321 ether1-master no yes no no none ether24

5 331 ether1-master no yes no no none ether24

6 D 4095 switch1-cpu no no no no none @LT1-Ged. Baru] > interface ethernet switch ingress-vlan-translation print

Flags: X - disabled, I - invalid, D - dynamic

0 ports=ether2,ether3,ether4,ether5,ether6,ether7,ether8,ether9,ether10 service-vlan-format=any customer-vlan-format=untagged-or-tagged customer-vid=0 new-customer-vid=31 pcp-propagation=no

sa-learning=no

1 D ports="" service-vlan-format=any customer-vlan-format=any new-customer-vid=4095 pcp-propagation=no sa-learning=no

@LT1-Ged. Baru] > interface ethernet switch egress-vlan-tag print Flags: X - disabled, I - invalid, D - dynamic

# VLAN-ID TAGGED-PORTS 0 31 ether1-master ether24 1 32 ether1-master ether24 2 33 ether1-master ether24 3 34 ether1-master ether24 4 321 ether1-master ether24 5 331 ether1-master ether24

VI. Instalasi dan Konfigurasi Controller Unifi.

Berikut tahapan instalasi controller berbasis Ubuntu 14.04 64 bit : 1. install Ubuntu Versi 14.04 versi 64 bit

2. SSH into the server dan execute:

# echo "deb http://www.ubnt.com/downloads/unifi/distros/deb/squeeze squeeze ubiquiti" >> /etc/apt/sources.list.d/20ubiquiti.list

3. #apt-key adv --keyserver keyserver.ubuntu.com --recv C0A52C50

4. #echo "deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen" >> /etc/apt/sources.list.d/21mongodb.list

5. #apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10 6. #apt-get update

7. #apt-get install unifi (for 3.2 RECOMMENDED) atau

# apt-get install unifi-beta (for 4.6)

kamu akan mendapatkan a java error. * Starting Ubiquiti UniFi Controller unifi Cannot locate Java Home[fail].. untuk mengatasi ini jalankan bebrapa perintah berikut ini : # vi /etc/init.d/unifi

cari JAVA_HOME dan rubah path nya /usr/lib/jvm/java-7-openjdk-amd64 selanjutnya

8. # sudo /etc/init.d/unifi start

9. sekarang lanjutkan install 4.2 Stable version

10. apt-get remove unifi atau #apt-get remove unifi-beta

# wget http://www.ubnt.com/downloads/unifi/4.2.0/unifi_sysvinit_all.deb

# dpkg -i unifi_sysvinit_all.deb cek ip address dengan command: #ifconfig

buka Broswer dan tulis https://YOUR_IP:8443 contoh hasil nya :

setelah controller terinstall berikutnya adalah pemasangan unifi di beberapa titik kemudian adopt perangkat tersebut, step2 nya sbb :

1. masuk ke perangkat unifi yang di maksud dengan perintah : #ssh ( IP address Unifi )

#mca-cli

set-inform http://ip-of-controller:8080/inform

setelah itu cek di controller, kemudian klik adopt di pihan device. yang sudah di tentukan hasil akhir nya seperti gambar di bawah ini :

Berikut Topologi terakhir kabupaten bandung barat :

Topologi Jaringan LAN dan WAN Kabupaten Bandung Barat

Kesimpulan

Mudah mudahan dengan adanya perubahan dari sisi topologi, routing harapkan lebih memudahkan network administrator dalam memaintence dan memonitoring jaringan yang sudah ada serta meng efesiensikan bandwidth yang tersedia supaya lebih bermanfaat.

1. Diperlukan SDM yang bagus untuk mengelola semua jaringan dan aplikasi yang ada di Kab. Bandung barat supaya termanfaatkan dengan bagus.

2. Penggabungan Semua VLAN Wifi untuk Semua Gedung

3. Kedepannya di perlukan Network Access Control untuk melihat penggunaan user lebih detail di Kab. Bandung Barat