Positioning MPLS

Ξ October 9th, 2007 | → 38 Comments | ∇ MPLS, Technology |

MPLS Diagram

Dokumen ini berisi komponen teknologi Multi-Protocol Label Switching (MPLS), fungsi-fungsinya dan ilustrasi nilai tambah bagi Service Provider.

MPLS pada mulanya ditargetkan untuk pelanggan Service Provider; tetapi saat ini perusahaan-perusahaan sudah mulai tertarik untuk penerapan teknologi ini. Dokumen ini dapat diterapkan untuk perusahaan besar yang memiliki jaringan seperti Service Provider pada area berikut ini :

  • – Size/ukuran besarnya jaringan
  • – Menawarkan “internal services” untuk department yang berbeda dalam perusahaan

MPLS komplimen dengan teknologi IP. MPLS di desain untuk membangkitkan kecerdasan yang berhubungan dengan IP Routing, dan Paradigma Switching yang berhubungan dengan Asynchronous Transfer Mode (ATM).

MPLS terdiri dari Control Plane dan Forwarding Plane. Control Plane membuat apa yang disebut “Forwarding Table”, sementara Forwarding Plane meneruskan paket ke interface tertentu (berdasarkan Forwarding Table).

Efisien desain dari MPLS adalah menggunakan Labels untuk membungkus/encapsulate paket IP. Sebuah Forwarding Table berisi list/mengurutkan Nilai-nalai Label (Label Values), yang masing-masing berhubungan dengan penentuan “outgoing interface” untuk setiap prefix network/jaringan.

(more…)

 

Password Recovery Procedure for the Cisco 1700, 2600, 3600, etc

Ξ June 4th, 2007 | → 18 Comments | ∇ Cisco, Technology |

This document describes the procedure for recovering enable password or enable secret passwords. These passwords are used to protect access to privileged EXEC and configuration modes. The enable password password can be recovered, but the enable secret password is encrypted and can only be replaced with a new password using the procedure below.

This password recovery procedure can also be used for the following products:

* Cisco 806
* Cisco 827
* Cisco uBR900
* Cisco 1003
* Cisco 1004
* Cisco 1005
* Cisco 1400
* Cisco 1600
* Cisco 1700
* Cisco 2600
* Cisco 3600
* Cisco 4500
* Cisco 4700
* Cisco AS5x00
* Cisco 6×00
* Cisco 7000 (RSP7000)
* Cisco 7100
* Cisco 7200
* Cisco 7500
* Cisco uBR7100
* Cisco uBR7200
* Cisco uBR10000
* Cisco 12000
* Cisco LS1010
* Catalyst 2948G-L3
* Catalyst 4840G
* Catalyst 4908G-L3
* Catalyst 5500 (RSM)
* Catalyst 8510-CSR
* Catalyst 8510-MSR
* Catalyst 8540-CSR
* Catalyst 8540-MSR
* Cisco MC3810
* Cisco NI-2
* Cisco VG200 Analog Gateway
* Route Processor Module

Step-by-Step Procedure
(more…)

 

Password Recovery Procedure for the Cisco 2000 & 2500

Ξ June 4th, 2007 | → 0 Comments | ∇ Cisco, Technology |

This section provides an example of the password recovery procedure. This example uses a Cisco 2500 Series Router.

Router>enable
Password:
Password:
Password:
% Bad secrets
Router>show version

Cisco Internetwork Operating System Software

IOS ™ 2500 Software (C2500-JS-L), Version 12.2(24a)
RELEASE SOFTWARE (fc3)

Copyright (c) 1986-2004 by cisco Systems, Inc.
Compiled Fri 28-May-04 19:30 by pwade

Image text-base: 0x0306C4E0, data-base: 0x00001000

ROM: System Bootstrap, Version 11.0(10c), RELEASE SOFTWARE
BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c),
RELEASE SOFTWARE (fc1)Router uptime is 5 minutes
System returned to ROM by power-on
System image file is “flash:/c2500-js-l.122-24a.bin”

cisco 2500 (68030) processor (revision D) with 14336K/2048K bytes of memory.

Processor board ID 02315272, with hardware revision 00000000

Bridging software.

X.25 software, Version 3.0.0.

SuperLAT software (copyright 1990 by Meridian Technology Corp).

TN3270 Emulation software.

1 Ethernet/IEEE 802.3 interface(s)

1 Token Ring/IEEE 802.5 interface(s)

2 Serial network interface(s)

32K bytes of non-volatile configuration memory.

16384K bytes of processor board System flash (Read ONLY)

Configuration register is 0x2102

!— This is the current value of the configuration register.

Router>

!— The router was just power cycled and during bootup
!— break sequence is sent to the router (CTRL+Break).

(more…)

 

IP Security

Ξ May 31st, 2007 | → 14 Comments | ∇ Security, Technology |

ipsec.jpgYou cannot talk about VPNs without saying something about IP Security (IPSec). IPSec is a framework of open standards. It is not bound to any specific encryption or authentication algorithm keying technology. IPSec acts on the network layer, where it protects and authenticates IP packets between participating peers such as firewalls, routers, or concentrators. IPSec security provides four major functions:

  • Confidentiality The sender can encrypt the packets before transmitting them across the network. If such a communication is intercepted, it cannot be read by anybody.
  • Data integrity The receiver can verify whether the data was changed while traveling the Internet.
  • Origin authentication The receiver can authenticate the source of the packet.
  • Antireplay protection The receiver can verify that each packet is unique and is not duplicated.

Encryption
When packets are traveling on the Internet, they are vulnerable to eavesdropping. Clear-text messages can be intercepted and read by anybody. Therefore, to keep the data secure, it can be encrypted. For encryption to work, both the sender and the receiver need to know the rules that were used to encrypt the original message. There are two types of encryption:

  • Symmetric
  • Asymmetric

With symmetric key encryption, each peer uses the same key to encrypt and decrypt data. With asymmetric key encryption, each peer uses a different key to encrypt and decrypt the message. Both the Data Encryption Standard (DES) and Triple DES (3DES) require a symmetric shared secret key. The problem is then to give those keys to both users. The keys can be sent by mail, courier, or public key exchange. The easiest method to exchange the key is Diffie-Hellman public key exchange. This key exchange provides a way for the users to establish a shared secret key, which only they know, although they are sending it over an insecure channel.

Public key cryptosystems rely on a two-key system:

  • A public key, which is exchanged between the users
  • A private key, which is kept secret by the owners
  • (more…)

 

Pengenalan General Packet Radio Service (GPRS)

Ξ May 1st, 2007 | → 10 Comments | ∇ Technology, Wireless |

GPRS adalah jasa baru yang di desain untuk jaringan GSM (Global System for Mobile Communications). GSM adalah teknologi selular digital yang digunakan seluruh dunia (worldwide), dominan di Eropa dan Asia, dengan perkiraan jumlah pelanggan saat ini 400 juta dan terus bertambah. GSM adalah “world’s leading standard” di dunia komunikasi wireless digital.

GPRS distandarisasi oleh European Telecommunications Standards Institute (ETSI). Aplikasi yang diharapkan banyak digunakan pada GPRS adalah akses internet/intranet.

GPRS mempunyai 2 elemen jaringan:

SGSN — Mengirimkan dan menerima data dari mobile stations, dan “maintain information” tentang lokasi mobile station (MS). SGSN melakukan komunikasi antara MS dan GGSN.

GGSN — “wireless gateway” yang memungkinkan pengguna “mobile cell-phone” mengakses “public data network (PDN)” atau “specified private IP networks”.

Gambar berikut memperlihatkan “basic GPRS network components”, serta fungsinya yang umum digunakan pada jaringan GPRS.

GPRS Component

“User sessions” terhubung dari mobile station (MS) ke Base Transceiver Station (BTS), yang juga terhubung ke Base Station Controller (BSC). Kombinasi fungsi dari BTS dan BSC sering dikenal sebagai Base Station Subsystem (BSS). Dari sini, SGSN menyediakan akses ke GGSN, yang berperan sebagai gateway ke “data network”. (more…)

 

GPRS Core Network

Ξ April 18th, 2007 | → 11 Comments | ∇ Technology, Wireless |

Sistem GPRS (General Packet Radio Services) digunakan oleh GSM Mobile phones, Sistem telepon mobile terpopuler di dunia (sejak 2004), untuk transmisi Packet IP. GPRS Core Network adalah bagian terpusat dari sistem GPRS yang juga mendukung jaringan WCDMA berbasis 3G. GPRS Core Network adalah bagian yang terintegrasi dengan GSM Core Network. (more…)

 

Pengenalan MPLS

Ξ February 21st, 2007 | → 49 Comments | ∇ MPLS, Technology |

MPLS = Multiprotocol Label Switching.
Berikut adalah Logical connection untuk MPLS Network.
MPLS Logical Connections
Sebelum mengkaji lebih dalam tentang MPLS Network, akan disajikan materi dasar untuk memahami MPLS.

Contoh jaringan Domain IP sebagai berikut :
IP Domain Network
R1 dan R6 disebut Edge Router, ditempatkan di bagian depan/perbatasan dari domain IP. R2, R3, R4 dan R5 disebut Core Router, tidak berhubungan langsung dengan dunia luar kecuali melalui Edge Router.

Bagaimana mengkonversi Domain IP ke Domain MPLS?

Kita beri nama Edge Router sebagai Label Edge Router (LER) dan Core Router sebagai Label Switch Router (LSR).

LER mengkonversi Packet IP ke Packet MPLS dan sebaliknya. Ketika packet-packet tersebut masuk ke LER, konversi yang dilakukan adalah dari packet IP ke Packet MPLs, dan ketika keluar dari LER, konversi dari packet MPLS ke packet IP. (more…)

 

ISDN (Integrated Services Digital Network)

Ξ January 20th, 2007 | → 8 Comments | ∇ Technology, WAN |

Terdapat 2 jenis sambungan ISDN :

  1. Basic Rate Access (BRA) menggunakan interface yang disebut Basic Rate Interface (BRI)
  2. Primary Rate Access (PRA) menggunakan interface yang disebut Primary Rate Interface (PRI).

Berikut tabel kecepatan untuk BRI dan PRI :

Tipe Interface

Jumlah Channel Bearer (B). B=64 Kbps

Jumlah Channel Signalling (D)

Total

BRI

2

1 (16 kbps)

2B + D

PRI (T1)

23

1 (64 kbps)

23B + D

PRI (T2)

30

1 (64 kbps)

30B + D

BRI dan PRI

Channel ISDN dibagi 2 tipe—B dan D:

  • Channel Bearer — Channel B digunakan untuk membawa data. Maksimum kecepatannya 64 kbps. Channel B dapat membawa PCM digital voice, video, atau data. Channel B biasa digunakan untuk komunikasi “circuit-switched data” seperti High-Level Data Link Control (HDLC) dan Point-to-Point Protocol (PPP). Selain itu, ISDN dapat juga membawa “packet-switched data”.
  • Channel D — digunakan untuk signalling ke switch ISDN. Router menggunakan channel D untuk melakukan dial ke nomor telepon tujuan. Channel D mempunyai bandwidth 16 kbps untuk BRI dan 64 kbps untuk PRI. Walaupun fungsi utamanya untuk signaling, channel D dapat juga digunakan untuk membawa “packet-switched data” (X.25, Frame Relay, dll). (more…)

 

Cryptography versus Cryptanalysis

Ξ November 11th, 2006 | → 0 Comments | ∇ Security, Technology |

crypto.jpgCryptanalysis is the flip side of cryptography. It is the science of cracking codes, decoding secrets, and in general, breaking cryptographic protocols. To design a robust encryption algorithm, one should use cryptanalysis to find and correct any weaknesses.

The various techniques in cryptanalysis that attempt to compromise cryptosystems are called attacks. A cryptanalyst starts from the decoded message. The cryptanalyst then tries to get this message back into its original form without knowing anything of that original message. This kind of attack is called a ciphertext-only attack. The data that a cryptanalyst needs for this attack is fairly easy to obtain, but it is very difficult to successfully recover the original message.

Manual Systems
Cryptography dates as far back as 1900 B.C., when a scribe in Egypt first carved a derivation of the standard hieroglyphics on clay tablets. Early Indian texts such as the Kama Sutra used ciphers that consisted mostly of simple alphabetic substitutions often based on phonetics. This is somewhat similar to “pig latin” (igpay atinlay), in which the first letter is placed at the end of the word and is followed by the sound “ay.” (more…)

 

« Previous PageNext Page »