NTP

Lets make all our LAN's network-devices, PCs or SmartTV's time or clock or watches is same or synchronized and keep it same or synchronized until forever.

In essence, in your LAN, dedicates a/one device as a NTP master and other devices in your LAN as client NTP.

Your-LAN NTP master cling to outside/public/internet's NTP master and your-LAN client NTP cling into your-LAN NTP master. Thats it.

So, for our LAN first we define R1 as our dedicated NTP master that serve the rest of our LAN's devices as follows:
R1#config terminal
R1(config)# ntp server time.microsoft.com

You can choose your own preferred NTP server by the way. You can just google for it or you can obtain a list of publicly accessible NTP servers here: www.ntp.org.

As for now, you can see that R1 is commanded to use outside's/internet's time server as its time/ntp server that is: time.microsoft.com in our case. You need internet connection to be able to connect to time.microsoft.com server and off course your router need to have dns server address and also able to ping the name: time.microsoft.com. If you don't use dns server, you can directly type the NTP server's in IP address format. For instance:
R1(config)#ntp server 192.168.1.1
R1(config)#

So now lets check its time, as follows:

R1#show clock
07:53:57.922 UTC Thu Nov 19 2015

Thats still not correct! What we missing is 'setting up the timezone of our own', so now lets add below command:
R1(config)# clock timezone INDONESIA +7

and then show clock again, as follows:
R1#show clock
15:05:49.860 INDONES Thu Nov 19 2015

Now its match. Indeed it is 3 PM now.

Congratulations..

NTP can be used to setting the clock of Cisco devices. But, not just Cisco devices, your Windows or Linux devices can also use NTP to set up their clock.

You can use a command like: show ntp associations, but whats that good for you is just wether the router have been synchronized or not with the ntp outside. Like below:

R1#show ntp associations

  address         ref clock       st   when   poll reach  delay  offset   disp
*~104.209.134.106 129.6.15.30      2     38     64   377 269.45  17.997 18.285
+~103.31.248.249  203.160.128.3    3     29     64   377 51.373  39.953  2.909
 * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured

Right at the very bottom is  * sys.peer, # selected, + candidate, - outlyer, x falseticker, ~ configured.

R1#show ntp status
Clock is synchronized, stratum 3, reference is 104.209.134.10
nominal freq is 250.0000 Hz, actual freq is 249.9997 Hz, precision is 2**28
reference time is D9F80E87.6F85B6AD (16:01:59.435 INDONES Thu Nov 19 2015)
clock offset is 23.9173 msec, root delay is 300.02 msec
root dispersion is 115.20 msec, peer dispersion is 20.16 msec
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000001037 s/s
system poll interval is 64, last update was 301 sec ago.

R1#show ntp status
Clock is unsynchronized, stratum 16, no reference clock
nominal freq is 250.0000 Hz, actual freq is 249.9997 Hz, precision is 2**28
reference time is D9F80E87.6F85B6AD (16:01:59.435 INDONES Thu Nov 19 2015)
clock offset is 0.0000 msec, root delay is 0.00 msec
root dispersion is 0.50 msec, peer dispersion is 0.00 msec
loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000001037 s/s
system poll interval is 64, last update was 398 sec ago.
 

RADIUS

Make a device consult/ask/query a 'boss' about someone credential, "Boss, is it valid or not valid?"

Slightly hard or complex to setup it just because it had many steps. So, be patience.

Summary steps
1. Configure a device so it know who is the 'boss' and how to authenticate user.
2. Configure the boss to know who is his employee.
3. Try telnet to that device

So there are 3 components of this system, such as
1. The boss or employer or radius-server in this case.
2. Employee or switch or router in this case.
3. And user or PC.

We call radius-server as employer or the 'boss' in this case and a network-device as employee and user that wants to telnet to that network-device or employee as user.

On any network-device or employee setup below:
R1(config)# radius-server 192.168.2.2 aloh@
R1(config)# aaa new-authentication
R1(config)# aaa authentication login RADIUS group radius local
R1(config)# line vty 0 15
R1(config-line)# login authentication RADIUS
R1(config-line)# end

And, on the 'boss'/employer setup this by:
1. Click on Server icon
2. Click on tab Config
3. Click on menu AAA
4. And start to fill it like this:

Picture 1

Now, on the user setup this by:
1. Click on PC2 Icon
2. Click menu Command Prompt
3. Type this: telnet 192.168.4.1
4. And fill it like this:
Username: Totz
Password: Perjuangan9

Just like below picture:



Off course the fundamental thing to the system is the employee(s) or R1 in this case need to be sucessfully ping to the RADIUS server at first. Otherwise, RADIUS system will fail and user authentication will revert to each local device's username and password authentication method.

So, try to ping the 'boss/employer' RADIUS server from R1 or any network device employee at first like below:

R1#ping 192.168.2.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms

And when you get that result/output, you are safe. Otherwise you need to troubleshoot why it fail.
And second step, make sure there is nothing that block your connection to the 'boss' on port 1654.

We already solve/mitigate/prepare for this issue by adding a keyword 'local' on the authentication list definition (step 3). Without this 'local' keyword, authentication will just fail without any second method/plan in ready/avaliable to our system/network. So in effect without keyword 'local', user will unable to enter/telnet into the router (R1) until the RADIUS server is back online/pingable again.

By the way, to simulate the down of the RADIUS server, you can put into 'off' the AAA service (look for picture 1) and when User try to enter/telnet/ssh into the router and fill in the username and password, the login process will return: % Login invalid.

And here is the pkt file: https://drive.google.com/open?id=0B5Sl0ZstVGYFYnNlTVBYVnFBVzQ

Time based access-list

Give when and how long to an access-list / scheduled access-list.

I want user can't go to web for time 8.00 to 17.00. How can I do that?

Spanning-tree

Create one logical/imaginary tree of looped switches topology/diagram.

DMZ

Zone/network that exposed to outsiders unaccidentally.

Reflexive Access List

Reflect & Evaluate what is reflected.

Below will allow icmp (ping) traffic , any tcp traffic and udp DNS traffic to go out.

Ip access-list extended outbound_acl
permit icmp any any
permit tcp any any reflect tcp-traffic
permit udp any any eq 53 reflect dns-traffic timeout 10

IP access-list extended inbound_acl
permit icmp any any
evaluate tcp-traffic
evaluate dns-traffic
exit

conf t
int s0/0/0
# ip access-group outbound_acl out
# ip access-group inbound_acl in

PBR

Routing that just not based on destination.

Lock and Key Access List

I am on Internet. I want to ftp to my Raspberry pi behind my Internet's router. I have bought a public IP address from my ISP. What should I do?
You must telnet first then you get an access to the internal.

Port Numbers and Protocols of Oracle Components

I have an assignment to allow Oracle database connection outbound through a router to the Internet. So what ports that I should allow?

Table E-1 Ports Used in Oracle Components

Component and Description	Default Port Number	Port Range	Protocol
Oracle SQL*Net Listener Allows Oracle client connections to the database over Oracle's SQL*Net protocol. You can configure it during installation. To reconfigure this port, use Net Configuration Assistant.	1521	1521	TCP
Data Guard Shares the SQL*Net port and is configured during installation. To reconfigure this port, use Net Configuration Assistant to reconfigure the Oracle SQL*Net listener.	1521 (same value as the listener)	1521	TCP
Connection Manager Listening port for Oracle client connections to Oracle Connection Manager. It is not configured during installation, but can be configured using Net Configuration Assistant.	1630	1630	TCP
Oracle Management Agent HTTP port for Enterprise Management Agent. It is configured during installation. "Changing the Oracle Enterprise Management Agent Port" explains how to modify its port number	3938	1830–1849	HTTP
Oracle Enterprise Manager Database Console HTTP port for Enterprise Manager Database Control. It is configured during installation. "Changing the Oracle Enterprise Manager Database Console Ports" explains how to modify its port number.	1158	5500–5519	TCP/HTTP
Oracle Enterprise Manager Database Console RMI port for Enterprise Manager Database Control. It is configured during installation."Changing the Oracle Enterprise Manager Database Console Ports" explains how to modify its port number.	5520	5520–5539	TCP
Enterprise Manager Database Console JMS port for Enterprise Manager Database Control. It is configured during installation. "Changing the Oracle Enterprise Manager Database Console Ports" explains how to modify its port number.	5540	5540–5559	TCP
iSQL*Plus HTTP port for iSQL*Plus. The port number is automatically assigned during installation. "Changing the iSQL*Plus Ports" explains how to change its port number.	5560	5560–5579	TCP/HTTP
iSQL*Plus RMI port for iSQL*Plus. The port number is automatically assigned during installation."Changing the iSQL*Plus Ports" explains how to change its port number.	5580	5580–5599	TCP
iSQL*Plus JMS port for iSQL*Plus. The port number is automatically assigned during installation. "Changing the iSQL*Plus Ports" explains how to change its port number.	5600	5600–5619	TCP
Oracle Ultra Search HTTP port for Oracle Ultra Search. Its port number is assigned automatically when you install Oracle Ultra Search, by using the Custom installation type. "Changing the Oracle Ultra Search Ports" explains how to change its port number.	5620	5620–5639	TCP/HTTP
Oracle Ultra Search RMI port for Oracle Ultra Search. Its port number is assigned automatically when you install Oracle Ultra Search, by using the Custom installation type. "Changing the Oracle Ultra Search Ports" explains how to change its port number.	5640	5640–5659	TCP
Oracle Ultra Search JMS port for Oracle Ultra Search. Its port number is assigned automatically when you install Oracle Ultra Search, by using the Custom installation type. "Changing the Oracle Ultra Search Ports" explains how to change its port number.	5660	5660–5679	TCP
Oracle XML DB The Oracle XML DB HTTP port is used if Web-based applications need to access an Oracle database from an HTTP listener. It is configured during installation, but you cannot view it afterward. "Changing the Oracle XML DB Ports" explains how to change its port number.	Dynamic	Dynamic	HTTP
Oracle XML DB The Oracle XML DB FTP is used when applications need to access an Oracle database from an FTP listener. It is configured during installation, but you cannot view it afterward. "Changing the Oracle XML DB Ports" explains how to change its port number.	Dynamic	Dynamic	FTP
Oracle Real Application Clusters (Local Host: Windows only) - On Rac is configured by default - Is configurable	61000	61000–61300	TCP
Oracle Real Application Clusters (Cluster Interconnect: Windows only) - On RAC is configured by default - Is configurable	11000	11000–26000	TCP
Oracle Real Application Clusters (UNIX) The port number is assigned automatically during installation. You cannot view or modify it afterward.	Dynamic	Dynamic	UDP
Oracle Clusterware CRS daemon (Oracle Cluster Ready Services Daemon) internode connection. The port number is assigned automatically during installation. You cannot view or modify it afterward.	49896	49896	TCP
Cluster Synchronization Service (CSS) CSS daemon internode connection for the GM layer. The port number is assigned automatically during installation. You cannot view or modify it afterward.	49895	49895	TCP
Oracle Cluster Registry The port number is assigned automatically during installation. You cannot view or modify it afterward.	Dynamic	Dynamic	TCP
Oracle Event Manager The port number is assigned automatically during installation. You cannot view or modify it afterward.	49897	49897–49898	TCP
Cluster Manager The port number is assigned automatically during installation. You cannot view or modify it afterward.	Dynamic	Dynamic	TCP

Instalasi email client: Thunderbird

Big step:
1. Download software-nya
2. Install software-nya
3. Konfigurasi software-nya

Penjelasan
1. Download email client/software thunderbird (32,5MB) di https://www.mozilla.org/en-US/thunderbird/
2. Instal software diatas ke dalam laptop.
3. Konfigurasi alamat POP3 dan SMTP ke google
POP3:
SMTP:

POP3 dan IMAP

POP3 and IMAP are two different protocols (methods) used to access email.
Of the two, IMAP is the better option - and the recommended option - when you need to check your emails from multiple devices, such as a work laptop, a home computer, or a tablet, smartphone, or other mobile device. Tap into your synced (updated) account from any device with IMAP.

POP3 downloads email from a server to a single computer, then deletes it from the server. Because your messages get downloaded to a single computer or device and then deleted from the server, it can appear that mail is missing or disappearing from your Inbox if you try to check your mail from a different compu

What is safe mode?

Safe mode is a troubleshooting option for Windows that starts your computer in a limited state. Only the basic files and drivers necessary to run Windows are started. The words Safe Mode appear in the corners of your monitor to identify which Windows mode you're using.

If an existing problem doesn't reappear when you start in safe mode, you can eliminate the default settings and basic device drivers as possible causes. If you don't know the cause of the problem, you can use the process of elimination to help you find the problem. Try starting all of the programs you commonly use, including the programs in your Startup folder, one by one to see if a program might be the cause of the problem.

If your computer automatically starts in safe mode without prompting, a problem with your computer might be preventing Windows from starting normally. If you think the cause of the problem might be a recently installed program or device, try using Recovery in Control Panel.

Di Safe mode with networking:

• Bisa nonton youtube tapi tidak ada suara.
• Bisa intenetan, bisa ping ke local network.
• Bisa jalankan program Microsoft Word, Adobe Reader PDF.
• Bisa jalankan program network simulator seperti: GNS3, Cisco Packet Tracer 
• Tidak bisa menjalankan Fitur NTP.
• Tidak bisa menjalankan Operating System berbasis VMWare.

Install GNS3

Installation:

Big Steps:
1. Download
2. Instal
3. Select images for the GNS3
4. Drag your router
5. Start/Run
6. Start configuration


1. Download source code from www.gns3.com
2. 

Image files:

https://drive.google.com/open?id=0B5Sl0ZstVGYFbjY3dS04cG94YVE
https://drive.google.com/open?id=0B5Sl0ZstVGYFa2ZNRHc0bTB3d2M

Cautions:

1. GNS3 bisa dijalankan pada mode "Safe Mode With Networking" Windows.
2. Idle PC bisa dihitung/dikalkulasi setelah perangkat di jalankan.
3. Config-nya bisa di save atau di-export. Asal tiap device/perangkat di assign command: copy run start terlebih dahulu.

These days I experiencing slow internet connection. I have an idea
1. Go tracert the 8.8.8.8
2. Watch for the output of step 1, and then realize a strange IP address introduced to the output of the tracert. I never look/see that hop address before.

How to embed a SWF file in a html page?

<object width="100" height="100">
    <param name="movie" value="file.swf">
    <embed src="file.swf" width="100" height="100">
    </embed>
</object>

What is CDATA in HTML?

Since it is useful to be able to use less-than signs (<) and ampersands (&) in web page scripts, and to a lesser extent styles, without having to remember to escape them, it is common to use CDATA markers around the text of inline and elements in XHTML documents. But so that the document can also be parsed by HTML parsers, which do not recognise the CDATA markers, the CDATA markers are usually commented-out, as in this JavaScript example:

<script type="text/javascript">
//<![CDATA[
document.write("<");
//]]>
</script>

Soal-soalJaringan IP

1. A, 1. Kalau dibalik jadi? 1, A.

2. A, 1, 2. Kalau yang bisa dibalik hanya 2 karakter saja jadi apa? 1, A, 2.

2. Kalau nomor kamar dari 1 - 9. Berapa jumlah kamar? 10

3. Kalau nomor kamar dari 0 - 9. Berapa jumlah kamar? 10 + 1 = 11

4. Kalau nomor kamar dari 1 - 19. Berapa jumlah kamar? 20!

5. Kalau nomor kamar dari 0 - 19. Berapa jumlah kamar? 21!

Guide membuat access-list (ACL)

1. Deny dulu baru permit. Denying the network traffic from accessing another network comes before permitting all other traffic.
2. Selalu tempatkan access-list standard dekat ke network/host yang mau di deny
3. Selalu tempatkan/urutkan most specific ke least specific.
4. Kalau tidak ada mention port, mending pakai access-list standard
5. Kalau ada mention port, pakai access-list extended
6. Numbered atau named terserah, kalau yang lebih mudah di edit named.
7. Untuk nge-view atau examine access-list jangan pakai show run tapi lebih enak pakai show access-list atau show ip access-list

Contoh:
• For the 192.168.10.0/24 network, block Telnet access to all locations and TFTP access to the corporate Web/TFTP server at 192.168.20.254. All other access is allowed.
• For the192.168.11.0/24 network, allow TFTP access and web access to the corporate Web/TFTP server at 192.168.20.254. Block all other traffic from the 192.168.11.0/24 network to the 192.168.20.0/24 network. All other access is allowed.

Terjemahan:

• Untuk network 192.168.10.0/24, blok akses Telnet ke semua lokasi dan akses TFTP ke corporate Web/TFTP server di 192.168.20.254. Semua akses lain diperbolehkan.
• Untuk network 192.168.11.0/24, izinkan/bolehkan akses TFTP dan akses web ke corporate Web/TFTP server. Blok semua trafik lain dari 192.168.11.0/24 (network ini) ke network 192.168.20.0/24. Semua akses lain diperbolehkan.

Dengan bahasa lain / yang lebih sederhana:
Network 192.168.10.0/24 bisa akses ke semua kecuali telnet ke semua lokasi dan akses TFTP ke corporate Web/TFTP server.
Network 192.168.11.0/24

Penjabaran:
For 192.168.10.0/24
Block:

• Telnet access to all locations
• TFTP access to the corporate Web/TFTP server 192.168.20.254

Permit

• All other access (Mail, Database, Ping/ICMP)

For 192.168.11.0/24

Block:

• Block all other traffic from the 192.168.11.0/24 to the 192.168.20.0/24 network

Permit:

• TFTP access and web access to the corporate Web/TFTP server at 192.168.20.254

Access-list

R1(config)#access-list 100 

Acitivty: Mengamankan jaringan dengan menggunakan ACL

Activity 1

1. An access Control List (ACL) is a router configuration script that controls whether a router will ____ or ___ packets based on criteria found in the packet header.

2. ACL are often used in ___ routers that are positioned between your internal network and external network.

3. A router with three active interface and two network protocols (IP and IPX) can have as many as ___ active ACLs.

4. For inbound ACLs, incoming packets are processed ___ they are routed to an outbound interface.

5. For outbound ACLs, incoming packets are processed ___ they are routed to an outbound interface.

6. At the end of every access-list is an implied ___ all traffic criteria statement. Therefore, if a packet does not match any of your criteria statements, the packet will be ___

permit, six, before, blocked, allowed, while, deny, firewall, after, three, twelve.

Answer:
1. Permit, Deny
2. Firewall
3. Twelve
4. Before
5. After
6. Deny, Blocked

Activity 2
1. Can filter traffic based on source IP address: Standard dan Extended
2. Can filter traffic based on destination IP address: hanya Extended saja
3. Can filter traffic based on protocol type: hany Extended saja
4. Uses number 1 - 99: Standard
5. Uses number 100 - 199: Extended
6. Uses number 1300 - 1999: Standard
7. Can use a name insted of a number: Standard and Extended

Activity 3
Network policy #1: Use a standard ACL to stop the 192.168.1.0/24 network from accessing the Internet via ISP
Network policy #2: Use an extended ACL to stop the 192.168.30.0/24 network from accessing the Web/TFTP server.

URL must not have a path (example.com/path) or subdomain (subdomain.example.com).<a href='//support.google.com/adsense/answer/2784438?hl=en_US&utm_source=aso&utm_medium=link&utm_campaign=ww-ww-et-asfe_' target='_blank'> Learn more</a

If you wish to show ads on your non-host websites, you will need to submit a one-time application via the form below.
Important: In order for your application to be reviewed, you must place your ad code on one or more webpages at the URL you enter below. Note that blank ads will be shown until your application is approved.
Once your application has been approved, you may place your ad code on any website that you own without any further approvals. If your application is not approved, you will still be able to show ads on host sites and may apply again in the future.

Beberapa tips and trick Cisco switch dan router

1. Routing tabel bisa digunakan sebagai alat pensumerisasi nomor jaringan
1. Create 1 atau 2 buah interface loopback
2. Assign nomor jaringan yang ingin disumerisasi ke interface loopback yang baru saja di create
3. Asssign show ip route

2. Menentukan reference bandwidth cost dari fitur OSPF pada router-router jaringan
Interface cost = reference bandwith /  interface bandwidth


2. Access-list sebagai menentukan


4. Cara menentukan root id dari fitur spanning-tree pada switch - switch jaringan
1. Telnet ke semua switch
2. Assign command: show spanning-tree brief di semua switch
3. Look for VLAN yang ingin dicari/diamati (VLAN target)
4. Lihat apakah semua portnya forward.
5.

5. Cara menentukan switch berhasil memforward atau tidak paket host

Comparing 802.d and 802.w

Membandingkan kecepatan spanning-tree and pvst

Spanning-tree 802.1d
Algoritma:
1. show spanning-tree di semua switch
S1# show spanning-tree
S2# show spanning-tree
S3# show spanning-tree

2. Dari output / keluaran / hasil perintah-perintah diatas, tentukan switch mana yg jadi root bridge.

3. Dari output / keluaran / hasil perintah S2#show spanning-tree vlan 99 tentukan port mana yang blocking dan forwarding.

3. Test ping dari PC3 ke PC server

4. Cabut kabel fa0/1 switch 1 dan fa0/3 switch 1. Btw apakah status port fa0/1 pada switch 1 ini, dan apakah status fa0/3 pada switch 1 ini?

5. Kembali ke window PC3, berapa kali terjadi timeout?

6. Kembalikan kabel fa0/1 ke switch dan fa0/3 ke switch 1. Apakah terjadi timeout lagi?

Configuring RSTP

Task 8: Configure PVST Rapid Spanning Tree Protocol
Cisco has developed several features to address the slow convergence times associated with standard STP. PortFast, UplinkFast, and BackboneFast are features that, when properly configured, can dramatically reduce the time required to restore connectivity dramatically. Incorporating these features requires manual configuration, and care must be taken to do it correctly. The longer term solution is Rapid STP (RSTP), 802.1w, which incorporates these features among others. RSTP-PVST is configured as follows:
S1(config)#spanning-tree mode rapid-pvst
Configure all three switches in this manner.
S2(config)#spanning-tree mode rapid-pvst
S3(config)#spanning-tree mode rapid-pvst
Use the command show spanning-tree summary to verify that RSTP is enabled.

Swith kondisi baru/fresh/out-of-box/belum dikonfigurasi apa-apa
Gak ada/tersedia/punya kabel console.

1. 1 buah laptop
2. 3 buah switch seri 890

Target: setting LAB kamu sama dengan topologi jaringan
mengkonfigurasi masing-masing switch

Langkah percobaan:
1. set ip komputer/laptop ke ip 10.10.10.2 255.255.255.0
2. Nyalakan / power-up switch
2. tes ping dari laptop/komputer ke switch 10.10.10.1
3. telnet ke 10.10.10.1 (ini ip default switch)
4. Setting switch 1:

1. Nyalakan / power-up switch
2. Hubung kabel LAN antara port fa0/1 switch ke colokan LAN PC/laptop
3. Telnet dari PC/laptop ke 10.10.10.1 (ini ip default switch baru)

Basic setting
set hostname switch 1 : S1
set password line console 0: cisco, mode loginnya local.
set password line vty 0 15 cisco, mode loginnya local.
set enable secretnya: class

SVI
set interface vlan 99: 172.17.99.1 255.255.255.0

VTP
set vtp mode switch 1: server
set vtp domain name switch 1: Lab5
set vtp password switch 1: cisco

Tambahkan VLAN-VLAN
Tambahkan VLAN-VLAN berikut beserta namanya ke switch 1:
VLAN 10
VLAN 20
VLAN 30
VLAN 99

Trunking
Set mode interface fa0/1 - fa0/4 switch 1: trunking bukan access
Set native vlan untuk trunking interface fa0/1-fa0/4 switch 1: vlan 99




switch 2 : S2
set hostname switch 2: S2
set password line console 0: cisco, mode loginnya local.
set password line vty 0 15 cisco, mode loginnya local.
set enable secretnya: class

SVI 
set interface vlan 99: 172.17.99.1 255.255.255.0

Set trunking
Set mode interfae fa0/1 - fa0/4 switch 2: trunking
Set native vlan untuk trunking interae fa0/1 - fa0/4 switch 2: vlan 99

Set access
Set access buat host PC
Set mode interface fa0/6 switch 2: access

VTP
set vtp mode switch 2: client
set vtp domain name switch 2: Lab5
set vtp password switch 2: cisco

switch 3 :  S3
set hostname switch 3 : S3
set password line console 0: cisco, mode loginnya local.
set password line vty 0 15 cisco, mode loginnya local.
set enable secretnya: class
set interface vlan 99: 172.17.99.1 255.255.255.0

Set trunking
Set mode interface fa0/1 - fa0/4 switch 3: trunking
Set native vlan untuk trunking interface fa0/1-fa0/4 switch 3: vlan 99

Set VTP
set vtp mode switch 3: client
set vtp domain name switch 3: Lab5
set vtp password switch 3: cisco

Wipe/erase access-list 23 pada switch
S3(config)#no access-list 23

S2(config)#no access-list 23

S1(config)# no access-list 23


Pengkabelan
S1 fa0/1 ke S3 fa0/1
S1 fa0/2 ke S3 fa0/2

S1 fa0/3 ke S2 fa0/3
S1 fa0/4 ke S2 fa0/4

S2 fa0/2 ke S3 fa0/4
S2 fa0/1 ke S3 fa0/3

Menggambar topologi spanning-tree tiap VLAN dan menandai siapa root
Biasanya kalau priority tiap switch tidak berubah, yang jadi root adalah sama untuk setiap vlan topologi spanning-tree.

Ini menyebabkan jalur/path yang dipakai/diterapkan setiap vlan itu sama. Sehingga menyebabkan jalur redudansi idle / tidak terpakai / tidak termanfaatkan.

Ini bisa dilihat di show spanning-tree brief
S1# show spanning-tree brief
S2# show spanning-tree brief
S3# show spanning-tree brief

Jika semua vlan root bridge id nya sama, maka semua spanning-tree vlan menggunakan root switch yang sama.
Contoh:
spanning-tree vlan 1, root switchnya switch 1,
spanning-tree vlan 10 root switchnya switch 1 juga,
spanning-tree vlan 20 root switchnya switch 1 juga,
spanning-tree vlan 30 root switchnya switch 1 juga.

VLAN 1


VLAN 10


VLAN 20


VLAN 30

Cara mengamankan jaringan wifi

1. Mengurangi kekuatan dB sinyal
2. Menyembunyikan nama WLAN / hiding SSID
3. Memberi password masuk WLAN
4. Membatasi mac address yang boleh masuk WLAN

Sekian dari saya. Semoga bermanfaat.

Neither edge ports (RSTP) nor PortFast-enabled ports generate topology changes when the port transitions to a disabled or enabled status.


Unlike PortFast, an RSTP edge port that receives a BPDU loses its edge port status immediately and becomes a normal spanning-tree port.

Mesin 4 stroke

False image of Jesus Christ Part 1

Picture 1

Picture 2

Pernikahan bukan tentang sex

Pernikahan bukan hanya tentang sex.

Pernikahan itu menyatukan dua keluarga besar.

Jika kamu menikah, kamu harus mempunyai database yang lebih besar tentang nama-nama relatif (anggota keluarga) kamu. Jadi siap-siap menjadi lebih besar.

Bagi orang yang mempunyai kelainan anti-sosial sejak kecil, kamu harus belajar sejak dini mengingat nama-nama relatif kamu.

Spanning-tree

Steps/algorithm:
1. Chose/decide a root bridge
2. Set the chosen root bridge bridge priority. Because switch priority is the only variable the used as spanning-tree root bridge calculation.
3. Set spanning-tree port fast to every ports that connect the client to switch. Do not set spanning-tree to port(s) that connect to switch to switch.

Topology or network diagram:

 In above topology, switch 15 is suitable as backbone switch.

Source of reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/5234-5.html

 Troubleshoot commands:

• show spantree vlan_id —Shows the current state of the spanning tree for this VLAN ID, from the perspective of the switch on which you issue the command.
  
• show spantree summary —Provides a summary of connected spanning tree ports by VLAN.
  
• show spantree statistics —Shows spanning tree statistical information.
  
• show spantree backbonefast —Displays whether the spanning tree BackboneFast Convergence feature is enabled.
  
• show spantree blockedports —Displays only the blocked ports.
  
• show spantree portstate —Determines the current spanning tree state of a Token Ring port within a spanning tree.
  
• show spantree portvlancost —Shows the path cost for the VLANs on a port.
  
• show spantree uplinkfast —Shows the UplinkFast settings.
  

Semua orang pernah berbuat dosa

Semua orang pernah berbuat dosa dan tidak mengulanginya lagi.

Apakah dosa itu:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.

Biarkan mereka berkembang

Biarkan mereka berkembang.

Jangan menghina supaya kamu jangan dihina

Jangan menghina supaya kamu jangan dihina

Selingkuh, bahayanya adalah ketagihan

Selingkuh itu bahayanya adalah ketagihan.

Ada cerita seperti berikut:

Ada seorang laki-laki lajang tinggal di kamar nomor 1. Ada satu keluarga tinggal di kamar nomor 2. Setiap hari si keluarga selalu ribut/cekcok. Suatu waktu, si laki-laki ini dapat bisikan / ide. Si laki-laki ini bersimpati ingin membantu keluarga itu dengan cara memberikan sekedar uang untuk membeli beras, anggapan si laki-laki ini mereka cekcok karena kekurangan uang dengan polos.

Nah, ketika laki-laki tadi memberikan uang tersebut kepada si keluarga tersebut. Gantian si Istri yang bersimpati kepada laki-laki ini. Hancurlah sudah. suatu hari si suami pergi, si Istri kesambet. Si istri pergi ke kamar laki-laki lajang yang memberikan uang itu. Si istri mengetuk pintu kamar laki-laki itu, merayu dan kemudian mengajak laki-laki itu berzinah. Si laki-laki ini mau. Terjadilah perzinahan. Dipikir si laki-laki, hal ini hanya akan berlangsung satu kali ini saja. Tapi si laki-laki tidak mampu menahan nafsunya di kemudian hari.



 

Bersih-bersih itu penting

Bersih-bersih itu penting, karena membuat tubuh sehat dan jauh lebih bugar.

Alms: money, food, or other donations given to the poor or needy; anything given as charity:

Tuhan Yesus dan HAM

TuhanYesus menghormati Hak Asasi Manusia (HAM). HAM disini dimaksudkan hak asasi manusia untuk menerima atau menolak Yesus itu sendiri atau murid-muridnya yang menyampaikan kabar keselamatan. Sesuai dengan teks gospel / injil berikut:

Loop Avoidance

Penyebab
Loop avoidance

Tanda-tanda
Switch-switch hang tidak dapat di telnet/di remote

Cara menghentikan loop avoidance
1. Cabut salah satu kabel uplink salah satu switch yang saling terhubung

Fact
1. Bagi tiap VLAN di suatu switch tiap port berbeda status
2. Spanning-tree menyebabkan port blocking
3. Fitur spanning-tree PVST jalan secara default (lihat packet tracer)
4. Change cost, change spanning-tree topology.

Experiment Switch Cisco dan non Cisco

LG Smart TV FAQ

Q : how can I transfer recordings to my PC?

A : 

Back to your Samsung TV, and I am afraid that it is all bad news. There are several reasons you can’t replay recordings on your PC. Firstly the HDD is formatted using the XFS filing system, used by Linux, possibly because the TV’s built-in PVR is Linux based. Windows can read the contents of the drive with suitable software, but that wouldn’t solve the problem. Even if you could copy the recordings to your PC they would still be unreadable as they are encrypted. Whilst decryption is theoretically possible, they are further protected for Digital Rights Management (DRM) purposes.

Samsung isn’t alone in this though some smart TV and PVR manufacturers do allow recordings of some free-to-air (FTA) channels to be playable on a PC but they are in the minority. I doubt that it’s done to make life difficult for users. You have to remember that products like these are made for world markets and sold in countries where there are large variations broadcaster’s licensing agreements, copyright restrictions and local censorship laws. It would be very difficult for manufacturers to accommodate every possible variation so they take the easy way out by only allowing recordings to be replayed on the device they were made on.

Installing Linux

1. Download ISO file (895 MB)
2. Install
3.

<body>

<div id="header">
<h1>City Gallery</h1>
</div>

<div id="nav">
London<br>
Paris<br>
Tokyo<br>
</div>

<div id="section">
<h1>London</h1>
<p>
London is the capital city of England. It is the most populous city in the United Kingdom,
with a metropolitan area of over 13 million inhabitants.
</p>
<p>
Standing on the River Thames, London has been a major settlement for two millennia,
its history going back to its founding by the Romans, who named it Londinium.
</p>
</div>

<div id="footer">
Copyright © W3Schools.com
</div>

</body>

If the files you want are not found, the data loss may caused by more complicated situations other than deletion (). Please try EASEUS Data Recovery Wizard.

Speedyddns

Dynamic DNS Dynamic DNS (DDNS) adalah sebuah sistem yang memungkinkan Anda untuk tetap dapat mengakses perangkat di rumah/kantor anda (seperti kamera atau PC), meskipun koneksi internet anda ber-alamat IP dinamik. DDNS akan langsung mendeteksi IP Anda dan Anda hanya perlu mengingat nama Domain yang Anda daftarkan di sistem DDNS. Otomatis!

Mengapa kita membutuhkan Speedy DDNS? Alasan apa yang membuat kita membutuhkan Speedy DDNS? Speedy anda menggunakan IP Dynamic. Anda ingin meremote Server, IP Kamera, atau DVR di rumah dari jarak jauh. Tanpa instalasi apapun, cukup daftarkan no speedy dan biarkan sistem kami bekerja. Anda dapat menggunakan hostname yang mudah diingat untuk IP Address Anda (contoh: namaanda.speedyddns.net). Hostname Anda akan otomatis terupdate setiap saat IP Address berganti.



PACKAGE FREE TRIAL

1. Hostname : 1 hostname

2. Domain Name : no_speedy.speedyddns.net

3. Example : 122311423xxx.speedyddns.net

4. Domain Type : speedyddns.net

5. Free Trial : 3 Bulan

Detecting undetected External Hard disk

LG Smart Share

Apa itu LG Smart Share?

Today, Indonesia's maternal mortality rate remains one of the highest in Southeast Asia. Experts closely studying the problem generally conclude that a change in course is needed for Indonesia to make further progress. First, there are questions about whether the government has the ability - or the resources - to actually improve health. Performance and utilization of public health service is on the decline, and the private sector is now the major source of health care in Indonesia. An estimated 30 - 50 percent of newborn deliveries in health facilities now take place in private clinics (as compared to approximately 10 percent a decade ago). Preference or private sector services may be due, in part, to understaffing of public health facilities, and high absenteeism. The government allows "dual practice" whereby civil servant health providers are allowed to establish a private practice outside of official work hours. As a result, experts studies show an average of 40 percent of doctors absent from their public post during work hours.

Overall, per capita spending on health in Indonesia is much lower than other countries in the region, and insurance coverage is extremely limited. Health financing is overwhelmingly private - with individuals paying for around 80 percent of all health outlay, mostly out-of-pocket. Disturbingly, the poor utilize less of publicly-funded health services provided by the state: the poorest 20 percent of the population captures less than 10 percent of total public health subsidies, while the richest fifth captures almost 40 percent. Policy analyst also point to added problems to helath financing caused by scant distributions in health funding among provinces and major inefficiencies in how funds are spent.

KPK (Corruption Eradiction Commision) Indonesia

One of the most effective justice sector institutions in Indonesia is the Corruption Eradication Comission (KPK), established in December 2002. The KPK demonstrates what can be achieved when the different function of investigation and prosecution are coordinated. Moreover, it works with a specialized anti-corruption court, with appeals to an anti-corruption chamber in the Supreme Court. Both the court and the chamber are dominated by a majority of ad hoc judges whoser reputation for honesty is well known.

However, in edcember 2006, the Constitutional Court struck down the law creating the anti-corruption court on the grounds that it was not created as part of the Law on the Courts, but allowed the anti-corruptin courts to continue to function in the meantime. The Parliament set itself a deadline of March 2009 to pass the new law. This was then extended to September. Many legislators have been arrested by the KPK and convicted in the anti-corruption court, leading some to qauestion if the Parliament lacks motivation to pass this law.

The KPK consistently gets convictions in the corruption cases, showing what can be done with clean courts, professional investigation, and effective prosecutors. But this kind of successful cooperation is certainly an exception. Their consistent convictions raise the bar for the police, the attorney general's office, and the courts. Indonesia needs coordinated, bold leadership if it is to get out of the corruption quagmire. Better coordination between police and prosecutors is essential. They should have both the technology and the legal means to obtain wire taps and recordings the way the KPK does to obtain convictions in corruption cases.

Mabuk durian

Durian rasanya lezat sehingga disukai banyak orang. Karena kelezatannya itu, membuat orang terkadang makan berlebihan. Durian mengandung berbagai zat gizi. Apabila dikonsumsi secara berlebihan, maka dapat mengakibatkan mabuk. Bila Anda mengalami mebuk durian, atasi dengan cara berikut. Ambil segelas air putih hangat. Beri satu sendok makan garam, aduk dan minum. Secara berangsur-angsur mabuk akan mereda.

Sawah tadah hujan

Dengan produksi rata-rata 2.5 juta ton beras per tahun, telah mengempatkan Sulawesi Selatan sebagai daerah penyangga pangan nasional terbesar kedua setelah Jawa Timur. Areal pertanian yang dimiliki provinsi ini cukup besar, yaitu mencapai 1.411.446 Ha yang terbagi dalam lahgan persawahan seluas 550.217 ha dan lahan kering seluas 861.319 ha. Jumlah areal yang cukup besar tersebut, jika dikelola maksimal, sangat berpotensi menungjang ketahanan pangan nasional. Penanaman padi di areal sawah tadah hujan sering gagal panen karena kekurangan air, baik untuk pengolahan tanah maupun untuk pertumbuhan tanaman. Petani pada umumnya menunggu sekitar dua bulan sejak turunnya hujan untuk pertumbuhuan tanaman, karena pada waktu tersebut air sudah menggenangi sawah.

Kodam VII/Wirabuana telah turut berupaya mencari solusi alternatif terbaik dalam mengatasi kendala pengairan lahan tersebut. Ada beberapa jalan keluar yang ditawarkan dan dilaksanakan, yakni sebagai berikut, pertama, melalui pemberdayaan teknologi Pompa Air Tanpa Motor (PATM). Dengan menggunakan teknologi ini, sawah tadah hujan dana lahan padi yang terletak di ketinggian dan lahan-lahan yang letaknya jauh dari sumber air sunmgai atau danau, bisa dioptimalkan pada musim kemarau. Kedua, pemberdayaan bibit unggul. Kodam VII/Wirabuana telah berkoordinasi dengan banyak pihak diantaranya Dinas Pertanian, para kelompok tani dan perbankan, guna menyediakan bibit unggulan yang cocok bagi masing-masing wilayah di Sulawesi Selatan. Salah satu bibit dan varietas padi yang telah dikembangkan di Sulawesi adalah varietas tanaman padi jenis hibrida.

Ketiga, pengadaan pupuk. Untuk membantu para petani mendapatkan pupuk yang memadai dan ideal, Kodam VII/Wirabuana berupaya agar distribusi pupuk ke daerah tidak terjadi hambatan. Hal ini dilakukan melalui koordinasi dan kerja sama dengan Dinas Perindustrian, Perdagangan, dan Pertanian serta Perbankan.

Keempat, pola tanam. Selama ini, para petani di Sulawesi Selatan lebih banyak menggunakan pola tanam tradisional. Akibatnya, hasilnya kurang optimal. Padahal idealnya, lahan seluas 1 ha bisa menghasilkan 10 ton. Namun, hal ini belum pernah tercapai.

Disleksia

Istilah disleksia berasal dari Bahasa Yunani, yakni "dys" yang berarti "sulit dalam" dan lex (berasal dari bahasa legein, yang artinya "berbicara"). Jadi, menderita disleksia berarti menderita kesulitan yang berhubungan dengan kata atau simbol-simbol tulis. Walau tidak menjalani pengobatan khusus, seorang penderita disleksia tidak akan selamanya menderita gangguan membaca dan menulis. Ketika pertumbuhan otak dan sel otaknya sudah sempurna, ia akan dapat mengatasinya.

Seseorang yang menderita disleksia mengalami kesulitan dalam belajar membaca. Kelainan ini mungkin disebabkan oleh ketidakmampuan dalam menghubungkan antara lisan dan tertulis, atau kesulitan mengenal hubungan antara suara dan kata tertulis. Anak yang belum diketahui menderita disleksia, dapat merasa rendah diri karena kesulitan yang dialami dalam mengejar pelajaran dengan kawan-kawan sebaya. Kadang-kadang orang yang menderita disleksia salah menduga bahwa anak yang menderita disleksia juga menderita cacat jiwa.

Kalau seorang anak ditemui mulai mempunyai kebiasaan membaca terlalu cepat hingga salah mengucapkan kata bahkan terlalu lambat dan terputus, maka itu adalah gejala disleksia. Sampai sekarang masih belum diketahui secara pasti apa penyebab gangguan ini. Yang jelas sebagian besar neurolog berpendapat ini merupakan faktor saraf atau otak, sama sekali bukan karena anak itu bodoh atau bahkan idiot seperti mayoritas pendapat orang. Yang unik, sebagian besar penderita disleksia adalah kaum lelaki. Dr. Michel Rutter dari King's College, London, membuktikan bahwa jumlah murid lelaki di sekolah yang menderita disleksia setidaknya dua kali jumlah murid perempuan. Ruter dan rekan telah menganalisis lebih dari 10.000 anak-anak SElandia Baru yang diikutkan dalam uiji membaca standar, usia anak-anak itu berkisar 7 - 15 tahun. Disleksia ditemukan pada 18 hingga 22 perses murid lelaki, sedangkan pada murid perempuan berkisar 8 - 13 persen saja.

Masih perlu dilakukan riset lanjutan untuk mengetahu penyebabnya. Namun berdasar diagnosis, gangguan kemampuan membaca pada anak lelaki oleh kecenderungan mereka untuk bertingkah aneh-aneh dalam kelas ketika merasa frustasi pada pelajaran. Tapi kesimpulan tersebut ditepis oleh Sheldon Horowitz, direktur National Center for Learning Disabilities, menurutnya anak lelaki sesungguhnya tidak cenderung menderita disleksia.

Climate Change

According to the report of the Intergovernmental Panel on Climate Change (I PCC) 2001, the air temperature of the earth will warm up about 1,4 to 5,8 degress celcius. This will affect most countries on the American and European Continents and most of the countries in South East Asia.

In 1995, Thailan produced aroutn 175 thousand tons of CO2 emissions from it's energy sector and from cement manufacturing. According to the research on variations of surface air temperature by Dewa Abdul Quadir et al., the air temperature showed warming approximately 0.02 Celcius per year. It suggests that Tahiland has already started to sudffer from changes in the climate.

The major exports from Thailand are agricultural producst, therefore, the increasing air temperature and reducing raindall is causinmg insufficient levels of moisture in the soil, less humidity in the atmosphere and reductions in the available water supply. It affects the growth of crop yields leading to the reduction of the agricultural products, especially in rice. Not only does the reduction in precipitation effect the cultivated areas, but alos "intermittent" periods of heavy rainfall casse flooding.

Low-lying beaches, islands and coral reefs have all been damage by heavier downpour than usual. As a case study, Phuket is an island in the South West of Thailand in the Andaman Sea. It is greatly affected by Southwest Monsoon. The season brings constant rain to this island especially in September. Therefore, Phuket will be irredeemably damage by the effects of climate change.