Network Address Translation ~ KeNtAnK bLoG..!!

1. Siapkan jaringan seperti pada gambar topologi (Gb. 5) dan pastikan tidak ada firewall di mesin PC router !!! (hapus dengan iptables -F dan iptables -t nat -F) Gb 5: Topologi Praktikum

2. Konfigurasi IP Address (network 2)
Pada server :
debian:~# ifconfig eth1 192.168.2.1 broadcast 192.168.2.255 netmask 255.255.255.0 up
debian:~# reboot
debian:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:17:9A:37:18:E5
inet addr:10.252.108.144 Bcast:10.252.108.255 Mask:255.255.255.0
inet6 addr: 2001:470:8049:108:217:9aff:fe37:18e5/64 Scope:Global
inet6 addr: fe80::217:9aff:fe37:18e5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:330 errors:0 dropped:0 overruns:0 frame:0
TX packets:345 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:33031 (32.2 KiB) TX bytes:32243 (31.4 KiB)
Interrupt:169 Base address:0xc000

eth1 Link encap:Ethernet HWaddr 00:00:E2:A2:C0:B7
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::200:e2ff:fea2:c0b7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:33 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:5056 (4.9 KiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:560 (560.0 b) TX bytes:560 (560.0 b)

3. Aktifkan IP-forwarding : # echo 1 > /proc/sys/net/ipv4/ip_forward
debian:~# echo 1 > /proc/sys/net/ipv4/ip_forward

4. Pada PC client diberikan alamat IP static sesuai dengan jaringannya. Misal jaringan 192.168.1.0/24 diberi IP 192.168.1.100.
Konfigurasi alamat IP pada client :
debian:~# ifconfig eth0 192.168.2.100 broadcast 192.168.2.255 netmask 255.255.255.0 up
debian:~# reboot
debian:~# ifconfig

eth0 Link encap:Ethernet HWaddr 00:00:E2:9B:3C:DF
inet addr:192.168.2.100 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: 2001:470:8049:108:200:e2ff:fe9b:3cdf/64 Scope:Global
inet6 addr: fe80::200:e2ff:fe9b:3cdf/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:686 errors:1 dropped:0 overruns:0 frame:1
TX packets:64 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:47370 (46.2 KiB) TX bytes:5631 (5.4 KiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:459 errors:0 dropped:0 overruns:0 frame:0
TX packets:459 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:47176 (46.0 KiB) TX bytes:47176 (46.0 KiB)

5. Mengecek konektifitas antara PC Router dan PC Client :
Ping Dari PC Router ke Client :
debian:~# ping 192.168.2.100
PING 192.168.2.100 (192.168.2.100) 56(84) bytes of data.
64 bytes from 192.168.2.100: icmp_seq=1 ttl=64 time=4.10 ms
64 bytes from 192.168.2.100: icmp_seq=2 ttl=64 time=0.146 ms
64 bytes from 192.168.2.100: icmp_seq=3 ttl=64 time=0.142 ms

--- 192.168.2.100 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.165/1.971/5.575/2.548 ms

Ping Dari PC Client ke Router :
debian:~# ping 192.168.2.1
PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
64 bytes from 192.168.2.1: icmp_seq=1 ttl=64 time=0.175 ms
64 bytes from 192.168.2.1: icmp_seq=2 ttl=64 time=0.170 ms
64 bytes from 192.168.2.1: icmp_seq=3 ttl=64 time=0.165 ms

--- 192.168.2.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.165/0.170/0.175/0.004 ms

6. mtr ke arah IP server ns1.eepis-its.edu (202.154.187.2) dan ke arah PC client di jaringan lainnya dari PC client maupun PC router.
# mtr 202.154.187.2

# mtr 192.168.1.100

7. Menambahkan NAT pada PC router, dengan IP network sesuai dengan jaringan masing-masing
# iptables -t nat -I POSTROUTING -s 192.168.2.0/24 -j MASQUERADE
debian:~# iptables -t nat -I POSTROUTING -s 192.168.2.0/24 -j MASQUERADE

8. Mencatat hasil iptables pada PC router
# iptables -t nat –nL
debian:~# iptables -t nat -nL

Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE 0 -- 192.168.2.0/24 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

9. Membuka website http://noc.eepis-its.edu dari PC client.

Posted in: Artikel

KeNtAnK bLoG..!!

Minggu, 29 Juni 2008

Network Address Translation

0 komentar:

Tags

Arsip Blog

Share

Tags

kentank