Juniper BGP Aggregate

Dear all,

Jumpa lagi sama saya. Kali ini saya akan bagi tips untuk membuat link aggregate BGP menggunakan Juniper Feat Mikrotik, dimana ada 2 link metro-e yakni ICONPLUS dan HSP

Berikut skema-nya :

[IDC3D] Juniper <> metro-e ICON <> Mikrotik sisi pelanggan
[IDC3D] Juniper <> metro-e HSP <> Mikrotik sisi pelanggan

dimana ip point to point-nya

Juniper 10.0.101.17/30 <> 10.0.101.18/30 Mikrotik
Juniper 10.0.101.21/30 <> 10.0.101.22/30 Mikrotik

OK, sekarang kita set di sisi Junipernya

Kita buat dulu policy LOADBALANCE

# set policy-options policy-statement LOADBALANCE then load-balance consistent-hash

nanti hasilnya gini

policy-statement LOADBALANCE {

    then {

        load-balance consistent-hash;

    }

}

 

terus sekarang bikin policy routing filter IN

# top show policy-options policy-statement DIST-MIRZA-IN

inactive: term REJECT-TMP {

    then reject;

}

term ACCEPT {

    from {

        route-filter 103.146.184.0/23 prefix-length-range /25-/32;

        route-filter 129.9.0.0/16 prefix-length-range /16-/32;

    }

    then accept;

}

term REJECT {

    then reject;

}

lalu buat policy routing filter OUT

# top show policy-options policy-statement DIST-MIRZA-OUT

inactive: term REJECT-TMP {

    then reject;

}

term HSP {

    from {

        route-filter 0.0.0.0/0 exact;

    }

    then {

        next-hop 10.0.101.17;

        accept;

    }

}

term ICON {

    from {

        route-filter 0.0.0.0/0 exact;

    }

    then {

        next-hop 10.0.101.21;

        accept;

    }

}

inactive: term ACCEPT {

    from {

        route-filter 0.0.0.0/0 exact;

    }

    then accept;

}

term REJECT {

    then reject;

}

Jika sudah, lalu buat bgp peer neighbor

group MIRZA {

    description Mirza;

    import DIST-MIRZA-IN;

    export DIST-MIRZA-OUT;

    peer-as 65530;

    multipath;

    neighbor 10.0.101.22;

    neighbor 10.0.101.18;

    neighbor 10.0.101.26;

}

kemudian cek confignya sudah bener apa belum

CoreBorder# commit check
CoreBorder# commit confirm 5 <= masa berlaku 5 menit, bebas silahkan tentukan

misal sudah ok tinggal gini

CoreBorder# commit

Lalu untuk sisi Mikrotiknya setingan BGP Standar, ngga ada setingan khusus.

Semoga Bermanfaat

Continue

Cara migrasi VM copy disk proxmox

 Tips cara migrasi VM ke proxmox / pve lain.

- pertama tama, login ke VM anda, tentunya sebagai root

- kemudian lakukan perintah berikut

dd if=dev/sda | ssh root@172.20.20.2 dd of=/root/cati.raw

172.20.20.2 = adalah target PVE proxmox anda, tunggu hingga selesai.
cacti.raw adalah sampel service yang hendak dipindah, kasih sembarang gpp.

- kalau sudah, silahkan bikin VM di PVE target, lalu di detach hdd nya

- jika sudah, tadi kan tersimpan di /root/cacti.raw, lalu eksekusi perintah

# qm importdisk 1001 /root/cacti.raw local-lvm

1001 = adalah id yang akan dibuat, bebas silahkan tentukan
/root/cacti.raw = adalah file dump yang tadi anda transfer
local-lvm = adalah storage yang hendak dimasuki VM tadi.

- jangan lupa hapus mac-address pada bagian networking

- jangan lupa check mount CDROM, silahkan dibikin none, kalau sudah, silahkan di start pasti bisa

Continue

Fix Proxmox Cluster Not Ready - No Quorum (500)

 Tips mengatasi Cluster Not Ready - No Qorum (500)

- login ke server proxmox

- stop corosync dan pve-cluster services dengan cara :

# systemctl stop pve-cluster

# systemctl stop corosync

- Lalu start lagi cluster file system dalam local mode dengan menggunakan perintah:

# pmxcfs -l

- Terakhir hapus sisa file konfigurasi corosync, dengan menggunakan perintah:

# rm /etc/pve/corosync.conf

# rm /etc/corosync/* 

 

Continue

Install XTREAM-UI Ubuntu 18.04

/etc/apt/sources.list

deb http://kartolo.sby.datautama.net.id/ubuntu/ bionic main restricted universe multiverse

deb http://kartolo.sby.datautama.net.id/ubuntu/ bionic-updates main restricted universe multiverse

deb http://kartolo.sby.datautama.net.id/ubuntu/ bionic-security main restricted universe multiverse

deb http://kartolo.sby.datautama.net.id/ubuntu/ bionic-backports main restricted universe multiverse

deb http://kartolo.sby.datautama.net.id/ubuntu/ bionic-proposed main restricted universe multiverse

apt-get update ; apt-get install libxslt1-dev libcurl3 libgeoip-dev python -y ; wget https://streaming-servers.com/downloads/install.py ; sudo python install.py

apt-get install unzip e2fsprogs python-paramiko -y

chattr -i /home/xtreamcodes/iptv_xtream_codes/GeoLite2.mmdb

rm -rf /home/xtreamcodes/iptv_xtream_codes/admin

rm -rf /home/xtreamcodes/iptv_xtream_codes/pytools 

wget "https://streaming-servers.com/downloads/update.zip" -O /tmp/update.zip -o /dev/null && unzip /tmp/update.zip -d /tmp/update/

cp -rf /tmp/update/XtreamUI-master/* /home/xtreamcodes/iptv_xtream_codes/

rm -rf /tmp/update/XtreamUI-master && rm /tmp/update.zip 

rm -rf /tmp/update

chattr +i /home/xtreamcodes/iptv_xtream_codes/GeoLite2.mmdb

chown -R xtreamcodes:xtreamcodes /home/xtreamcodes/

chmod u+x /home/xtreamcodes/iptv_xtream_codes/nginx_rtmp/sbin/nginx_rtmp

chmod u+x /home/xtreamcodes/iptv_xtream_codes/nginx/sbin/nginx

/home/xtreamcodes/iptv_xtream_codes/start_services.sh

Continue

Script AutoUpdate GRE Tunnel Mikrotik

Hai sobat, kali ini saya akan share tips cara untuk membuat auto update tunneling menggunakan protocol GRE.

skema :

[ Server Tunnel ] <> INET BROADBAND <> [ Tunnel Client IP Public ]

jika menggunakan GRE-TUNNEL maka membutuhkan tiktok ip public yang dituangkan dalam remote-address

mekanismenya :

• selalu update ip public
• selalu update remote-address pada gre tunnel

# Start

:global currentIP

# ubah di sini

:global iface "PPPOE200"

:global ifacegre "gre-soni"

# validasi file script

:if ([:len [/file find name~"$ifacegre"]] = 0 ) do={

/in gre export file=$ifacegre

}

:if ($currentIP  in 10.0.0.0/8) do={

:log error "re-dial...";

/in pppoe-client disable $iface

:delay 2

/in pppoe-client enable $iface

}

/in pppoe-client monitor $iface once do={:set currentIP $"local-address" }

:global p2p  [/ip address get [:pick [find interface=$ifacegre] 0] network ] 

:global target [/in gre get $ifacegre remote-address ]

:global statusgre [/in gre get $ifacegre running ];

:if ($statusgre != true) do={

/in gre set $ifacegre local-address=$currentIP

:log error "$ifacegre error, kirim file"

/file set contents="/in gre set $ifacegre remote-address=$currentIP" [find name~"$ifacegre"]

:delay 2

/tool fetch mode=ftp upload=yes src-path="$ifacegre.rsc" dst-path="$ifacegre.rsc" user=ftp password=ftp port=2121 address="$target"

}

Continue

Ethernet Monitor Telegram

:global identity [/system identity get name ]

:global perulangan

:global statusEth

:global iface "ether1"

/int eth monitor $iface once do={

   :if ($"rate" = "100Mbps") do={:set statusEth 0; :set perulangan ($perulangan +1)}

   :if ($"rate" = "100Mbps" && $perulangan =3) do={

       :local pesan "[$identity] %0A$iface = 100Mbps"

       :log error "$iface 100Mbps";

       /tool fetch url="https://api.telegram.org/bot380921546:AAFNlaaxhI063wPAZC-3oNJlefBHz3XgyfI/sendMessage?chat_id=-203533762&text=$pesan" keep-result=no

       /tool fetch url="https://api.telegram.org/bot478500121:AAGnvRMmFHjV25Otf-iUbuN9R1RwjAAM5s8/sendMessage?chat_id=445109932&text=$pesan" keep-result=no

       }

   :if ($"rate" = "1Gbps") do={:set statusEth 1; :set perulangan ($perulangan +1)}

   :if ($"rate" = "1Gbps" && $perulangan =3) do={

       :local pesan "[$identity] %0A$iface = 1Gbps"

       :log warning "$iface 1Gbps"

       /tool fetch url="https://api.telegram.org/bot380921546:AAFNlaaxhI063wPAZC-3oNJlefBHz3XgyfI/sendMessage?chat_id=-203533762&text=$pesan" keep-result=no

       /tool fetch url="https://api.telegram.org/bot478500121:AAGnvRMmFHjV25Otf-iUbuN9R1RwjAAM5s8/sendMessage?chat_id=445109932&text=$pesan" keep-result=no

       }

   :if ($perulangan = 1000 && $statusEth =0 ) do={

       :local pesan "[$identity] %0ACuma Ngabari aja boss%0A$iface = 100Mbps"

       :log warning "Cuma Ngabari, $iface = 100Mbps"

       /tool fetch url="https://api.telegram.org/bot380921546:AAFNlaaxhI063wPAZC-3oNJlefBHz3XgyfI/sendMessage?chat_id=-203533762&text=$pesan" keep-result=no

       /tool fetch url="https://api.telegram.org/bot478500121:AAGnvRMmFHjV25Otf-iUbuN9R1RwjAAM5s8/sendMessage?chat_id=445109932&text=$pesan" keep-result=no

       :set perulangan 1

       }

   }

Continue