VLAN
_VLan (virtual lan) merupakan sebuah grup dari segmentasi dalam lan yang
berbasiskan internet protocol. Atau biasanya diartikan sebagai
segmentasi IP yang digunakan sebagai pengalamatan komputer.
Dalam pratiknya, jika suatu jaringan dibentuk maka seorang network engineer harus menciptkan pengalamatan yang akan digunakan oleh komputer sebagai alamat jaringan. Namun jika menggunakan switch yang jenis unmanaged(no VLAN supported) maka hanya ada 1 collision domain. Ini sangat tidak efisien sekali digunakan dan mengakibatkan sering terjadinya conflict antar IP yang merugikan user dalam pemakaian resource jaringan. Untuk itu diperlukan suatu segmentasi dalam IP address yang berguna mencegah terjadinya collision domain. Hal ini hanya dapat diwujudkan dengan adanya VLAN yang bertindak seolah-olah ada segmen lain dalam 1 switch. Kegunaan VLAN :
1. Mencegah terjadinya collision domain
2. Mempersempit kemungkinan terjadinya conflict IP yang terlalu banyak
3. Mengurangi tingkat vulnerabilities
4. Menghemat penggunaan port pada switch
Dalam pratiknya, jika suatu jaringan dibentuk maka seorang network engineer harus menciptkan pengalamatan yang akan digunakan oleh komputer sebagai alamat jaringan. Namun jika menggunakan switch yang jenis unmanaged(no VLAN supported) maka hanya ada 1 collision domain. Ini sangat tidak efisien sekali digunakan dan mengakibatkan sering terjadinya conflict antar IP yang merugikan user dalam pemakaian resource jaringan. Untuk itu diperlukan suatu segmentasi dalam IP address yang berguna mencegah terjadinya collision domain. Hal ini hanya dapat diwujudkan dengan adanya VLAN yang bertindak seolah-olah ada segmen lain dalam 1 switch. Kegunaan VLAN :
1. Mencegah terjadinya collision domain
2. Mempersempit kemungkinan terjadinya conflict IP yang terlalu banyak
3. Mengurangi tingkat vulnerabilities
4. Menghemat penggunaan port pada switch
DEVIce yang digunakan untuk membangun vlan
SWitch
adalah sebuah perangkat/hardware jaringan yang berfungsi untuk penghubung beberapa alat untuk membentuk suatu LAN/VLAN
CLI PADA CISCO SWITCH :
- Show version: This command displays the hardware and software status of the Cisco switch
- Show flash: This command displays the files and directories in the flash of the Cisco switch
- Show interfaces: This command displays the detailed information about all the interfaces of the Cisco switch
- Show interfaces fast Ethernet 0/x: This command displays the detailed information about the specific interface of the Cisco switch
- Show interfaces VLAN 1: This command displays the ip address configuration of VLAN 1
- Show running-config:This command displays the status of RAM
- Show startup-config:This command displays the status of NVRAM
- Show-mac-address-table: This command displays the MAC address of the devices that are directly connected to any switch port.
- Show port-security: [interface] [address]: This command displays the port security options on the interface
- Show history: This command displays the last ten commands that are executed in the switch configuration
- Show line: This command is used to view the brief information about all the Cisco switch lines
- Show line console 0: This command is used to view the detailed information about the specific line of the Cisco switch
- Erase startup-config: This command is used to erase the nvram of the Cisco switch
- Configure terminal: This command is used to enter the global configuration mode of the Cisco switch
- Hostname: This command assigns the Cisco switch’s hostname
- Enable password: This command sets the enable password of the Cisco switch
- Enable secret: This command sets the encrypted password of the Cisco switch that is used for entering into the privileged mode
- Interface VLAN 1: This is a global configuration command used to configure the VLAN interface of the Cisco switch
- Interface fast Ethernet 0/x: This command configures the specific interface of the Cisco switch
- IP address: This command configures the ip address of any interface of the Cisco switch
- IP default-gateway: This is an interface configuration command to set the default gateway
- Speed: This command sets the speed for the interface of the Cisco switch
- Duplex: This command sets the duplex setting for the interface of the Cisco switch
- Line console 0: This command is used to enter in the specific line configuration mode of the Cisco switch
- Password: This command sets the password of any line of the Cisco switch
ROUTER
Router, adalah sebuah perangkat/hardware jaringan yang berfungsi untuk menghubungkan antara IP Publik(Internet) dengan Ip Private(LAN)
CLI CISCO ROUTER :
CONFIGURE COMMAND
Router> enable - switches to privileged EXEC level
Router# configure terminal - switches to global configuration level
Router(config)# enable secret cisco - configures router with an enable secret (global)
Router(config)# ip route 0.0.0.0 0.0.0.0 20.2.2.3 - configures a static IP route (global)
Router(config)# interface ethernet0 - switches to configure the ethernet0 interface
Router(config-if)# ip address 10.1.1.1 255.0.0.0 - configures an IP address on ethernet0 (interface) Router(config-if)# no shutdown - activates ethernet0 (interface)
Router(config-if)# exit - exits back to global configuration level
Router(config)# interface serial0 - switches to configure the serial0 interface
Router(config-if)# ip address 20.2.2.2 255.0.0.0 - configures an IP address on serial0 (interface) Router(config-if)# no shutdown - activates serial0 (interface)
Router(config-if)# exit - exits back to global configuration level
Router(config)# router rip - switches to configure RIP routing engine
Router(config-router)# network 10.0.0.0 - adds network 10.0.0.0 to RIP engine (routing engine) Router(config-router)# network 20.0.0.0 - adds network 20.0.0.0 to RIP engine (routing engine) Router(config-router)# exit - exits back to global configuration level
Router(config)# exit - exits out of configuration level
Router# copy running-config startup-config - saves configuration into NVRAM
Router# disable - disables privileged EXEC level Router> - indicates user is back to user EXEC level
REMOVE COMMAND
Router> enable - switches to privileged EXEC level
Router# configure terminal - switches to global configuration level
Router(config)# interface ethernet0 - switches to configure the ethernet0 interface
Router(config-if)# no ip address - removes IP address
Router(config-if)# exit - exits back to global configuration level
Router(config)# exit - exits out of configuration level
Router# disable - disables privileged EXEC level
Router> - prompt indicates user is back to user EXEC level
SAVE COMMAND for CONFIG
Router# copy running-config startup-config
Note: Prior to 11.x software, the command to save the running-configuration to the startup-configuration was different. Use the following command if your IOS version is prior to 11.x:
Router#write memory
CONFIGURE COMMAND
Router> enable - switches to privileged EXEC level
Router# configure terminal - switches to global configuration level
Router(config)# enable secret cisco - configures router with an enable secret (global)
Router(config)# ip route 0.0.0.0 0.0.0.0 20.2.2.3 - configures a static IP route (global)
Router(config)# interface ethernet0 - switches to configure the ethernet0 interface
Router(config-if)# ip address 10.1.1.1 255.0.0.0 - configures an IP address on ethernet0 (interface) Router(config-if)# no shutdown - activates ethernet0 (interface)
Router(config-if)# exit - exits back to global configuration level
Router(config)# interface serial0 - switches to configure the serial0 interface
Router(config-if)# ip address 20.2.2.2 255.0.0.0 - configures an IP address on serial0 (interface) Router(config-if)# no shutdown - activates serial0 (interface)
Router(config-if)# exit - exits back to global configuration level
Router(config)# router rip - switches to configure RIP routing engine
Router(config-router)# network 10.0.0.0 - adds network 10.0.0.0 to RIP engine (routing engine) Router(config-router)# network 20.0.0.0 - adds network 20.0.0.0 to RIP engine (routing engine) Router(config-router)# exit - exits back to global configuration level
Router(config)# exit - exits out of configuration level
Router# copy running-config startup-config - saves configuration into NVRAM
Router# disable - disables privileged EXEC level Router> - indicates user is back to user EXEC level
REMOVE COMMAND
Router> enable - switches to privileged EXEC level
Router# configure terminal - switches to global configuration level
Router(config)# interface ethernet0 - switches to configure the ethernet0 interface
Router(config-if)# no ip address - removes IP address
Router(config-if)# exit - exits back to global configuration level
Router(config)# exit - exits out of configuration level
Router# disable - disables privileged EXEC level
Router> - prompt indicates user is back to user EXEC level
SAVE COMMAND for CONFIG
Router# copy running-config startup-config
Note: Prior to 11.x software, the command to save the running-configuration to the startup-configuration was different. Use the following command if your IOS version is prior to 11.x:
Router#write memory