This document provides instructions for completing a competency test on networking skills. It details how to:
1) Plan a network topology with a server, gateway, and client devices.
2) Perform subnetting calculations to divide IP addresses into public and private networks.
3) Assemble and install a Debian server, configure networking and services like DHCP, Apache, and Squid proxy server.
4) Configure the router and firewall rules for network address translation and proxy access.
P4C x ELT = P4ELT: Its Theoretical Background (Kanazawa, 2024 March).pdf
Konfigurasi Server Gateway dengan fitur PROXY, WEBSERVER dan DHCP
1. Panduan Penyelesaian Ujian Kompetensi Keahlian
TKJ Paket III
Membuat perencanaan sesuai dengan topologi jaringan yang disediakan (Knowledge,Attitude)
(eth1) (eth0) Internet
PC/Laptop Client Server Gateway
Melakukan perhitungan subnetting terhadap ip address yang ditentukkan untuk network
public dan private
Eth1
Network A 192.168.100.0/28
Binary Bit (CIDR) 11111111.11111111.11111111.11110000
Konversi Desimal (Subnet) 255.255.255.240
Jumlah Subnet 2 (pangkat digit 1)
2 ^ 4 = 16 Subnet
Jumlah Host 2 (pangkat digit 0)
(2 ^ 4) - 2 = 16 – 2 = 14 Host
Jumlah Blok Subnet 256 – 240 = 16, 32, 48, 64, 80, 96, 112, 128, 144, 160,
176, 192, 208, 224, 240
Eth0
Network A 192.168.88.0/24
Binary Bit (CIDR) 11111111.11111111.11111111.00000000
Konversi Desimal (Subnet) 255.255.255.0
Jumlah Subnet 2 (pangkat digit 1)
2 ^ 0 = 0 Subnet
Jumlah Host 2 (pangkat digit 0)
(2 ^ 8) - 2 = 256 – 2 = 254 Host
Jumlah Blok Subnet 256 – 0 = 0
192.168.88.0/24192.168.100.0/28
192.168.100.1/28
192.168.100.2/28 (DHCP)
192.168.88.xxx/24
2. Perakitan dan Instalasi Server (Skill, Attitude)
Lakukan perakitan komputer dengan mengutamakan keselamatan kerja.
Lakukan installasi server Debian 6 dengan aturan pemartisian hardisk
(root filesystem 80 gb) dan (swap 2 x ukuran RAM)
Melakukan pembuatan dan penyusunan kabel jaringan dengan standar T568B (cross over)
Kiri Kanan
Orange – Putih Hijau – Putih
Orange Hijau
Hijau - Putih Orange – Putih
Biru Biru
Biru – Putih Biru – Putih
Hijau Orange
Coklat – Putih Coklat – Putih
Cokat Cokat
Melakukan konfigurasi Router (nat) sebagai Gateway Server. (Skill)
Konfigurasi ip address
# nano /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet static
address 192.168.100.1
netmask 255.255.255.240
network 192.168.100.0
broadcast 192.168.100.255
dns-nameservers 192.168.100.1
dns-search smkn4gorontalo.sch.id
Restart layanan
# /etc/init.d/networking restart
3. Konfigurasi ip forward
# nano /etc/sysctl.conf
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables
# See sysctl.conf (5) for information.
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
Konfigurasi Iptables untuk routing nat
# nano /etc/rc.local
#!/bin/sh -e
# rc.local
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
# In order to enable or disable this script just change the execution
# bits.
# By default this script does nothing.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
exit 0
Melakukan konfigurasi DHCP untuk interface jaringan lokal (Skill)
Install DHCP Server
# apt-get install dhcp3-server
Konfigurasi DHCP Server
# nano /etc/dhcp3/dhcpd.conf
# A slightly different configuration for an internal subnet.
subnet 192.168.100.0 netmask 255.255.255.240 {
range 192.168.100.2 192.168.100.6;
option domain-name-servers 8.8.8.8;
option domain-name "smkn4gorontalo.sch.id";
option routers 192.168.100.1;
option broadcast-address 192.168.100.15;
default-lease-time 600;
max-lease-time 7200;
}
Restart layanan DHCP Server
# /etc/init.d/isc-dhcp3-server restart
Lakukan restart (reboot) pada PC Server dan lakukan pengujian akses koneksi dari PC Client /
Laptop ke Server dengan tools (ping).
4. Melakukan konfigurasi Web Server
# apt-get install apache2 php5 php5-mysql mysql-server phpmyadmin
# nano /var/www/index.html
<html><head><title>UKK 2015 TKJ</title></head>
<body>Assalamualaikum <p>
Selamat datang di Server saya !
<br>Nama : Walid Umar
<br>Kelas : XII TKJ
<br>Alamat : Gorontalo, Jl. Jalaludin Tantu No. 60
<br>Email : walidumar@smkn4gorontalo.sch.id
</body>
</html>
# nano /etc/apache2/ports.conf
<IfModule mod_ssl.c>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 443 https
</IfModule>
Konfigurasi Proxy Server
# apt-cdrom add
# apt-get update
# apt-get install squid
# nano /etc/squid/squid.conf
http_port 3128 transparent
acl blok dstdomain "/etc/squid/situs"
no_cache deny blok
http_acces deny blok
acl jaringan src 192.168.100.0/28
http_acces allow jaringan
cache_mgr admin@smkn4gorontalo.sch.id
visible_hostname www.smkn4gorontalo.sch.id
#http_access deny all
# nano /etc/squid/situs
www.google.com
www.yahoo.com
google.com
yahoo.com
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -t nat -A PREROUTING -s 192.168.100.0/28 -p tcp --dport 80 -j REDIRECT --to-ports 3128
iptables -t nat -A PREROUTING -s 192.168.100.0/28 -p tcp --dport 443 -j REDIRECT --to-ports 3128