berawal dari pemutusan koneksi gabungan dengan jaringan internet kampus yg mengharuskan perangkat yang terkoneksi menggunakan explisit proxy, sementara sistem yg sy bangun menggunakan proxy juga namun sifatnya transparent maka terjadilah sebuah kisah. hehehe
double proxy bikin kepala ngeliyeng; yg keinget malah double tagging vlan *nahlo ga nyambungkan? sama, gue juga !
ok lanjut maka, beginilah alurnya
client--gateway--internet
topology standard lah ya.. dr kondisi diawal, diluar double proxy, maka koneksi gateway ke internet lancar dan ke client juga OK, baik ping ataupun http
masalah berawal dr client yg bisa melakukan ping ke internet tetapi tdk bs akses web (http, https) nah tersuspecnya apa kira2?
1. awalnya krn nilai RTT ping yang besar, dan TTL yang berkurang menjadi alasan
- maybe, koneksi lambat sehingga ga kuat ngankat request HTTP krn ukuran paket http lebih besar dr ICMP
- jaringan tdk ada masalah, krn layer 3 sdh OK, maka
2. apakah port 80 tdk bs diakses ?
- inspeksi selanjutnya mengarah ke layer aplikasi, OK kita coba scan port 80 dengan command "nmap -p 80 google.com" deng dong dan hasilnyaaaa ping OK tapi DNS nya tidak ke resolve
3. analisa DNS nya
- inspeksi berlanjut pada scanning lagi "nmap -p 80 8.8.8.8" daaan hasilnya terdeteksi, bahwa port 80 bisa, nahloo ternyata port 80 bs diakses tetapi DNS ny tdk bs
OK, berarti yg bermasalah adalah DNS nya, backward sebentar yeee
ceritanya TS (trouble shoot) nya td muter-muter sampe nge enable firewall, maksud hati tadi setelah di enable firewallnya di by past port 80 pas command ini diketikan "sudo ufw enable" lalu "sudo ufw allow 80" nah ping dr client ke IP 8.8.8.8 tdk bs, hahahaha sedaaap
kemudian, sy coba tambahkan configurasi, supaya icmp bs lewat dengan "sudo gedit /etc/ufw/before.rules " lalu sy copy paste 2 baris config dr internet daaaan hasilnya, bisa dtebak, tetp tdk berhasil, ya Allah
sedikit punya ide konyol dengan mengedit "sudo gedit /etc/ufw/after.rules" dan lagi lagi haruus di endure kesbaranya.. OK lah
lanjut muter-muternya sy kembalikan ke kondisi awal, hapus config di firewall, dan disable firewallnya, sy introgasi konfig DNS servernya, beberapa command buat ngetes sy masukkan, dan hasilnya sy tdk tau maksud dr output nya
here the commad
root@server:~# nslookup
> google.com
Server: 10.17.118.187
Address: 10.17.118.187#53
Non-authoritative answer:
Name: google.com
Address: 74.125.200.101
Name: google.com
Address: 74.125.200.102
Name: google.com
Address: 74.125.200.113
Name: google.com
Address: 74.125.200.138
Name: google.com
Address: 74.125.200.139
Name: google.com
Address: 74.125.200.100
> 10.17.118.187
Server: 10.17.118.187
Address: 10.17.118.187#53
** server can't find 187.118.17.10.in-addr.arpa.: NXDOMAIN
> ^Croot@server:~# dig test.com
; <<>> DiG 9.8.1-P1 <<>> test.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49021
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;test.com. IN A
;; ANSWER SECTION:
test.com. 7200 IN A 208.64.121.161
;; AUTHORITY SECTION:
test.com. 76421 IN NS ns66.worldnic.com.
test.com. 76421 IN NS ns65.worldnic.com.
;; ADDITIONAL SECTION:
ns65.worldnic.com. 14858 IN A 207.204.40.133
ns66.worldnic.com. 97261 IN A 206.188.198.33
;; Query time: 576 msec
;; SERVER: 10.17.118.187#53(10.17.118.187)
;; WHEN: Sat May 31 15:31:52 2014
;; MSG SIZE rcvd: 121
> google.com
Server: 10.17.118.187
Address: 10.17.118.187#53
Non-authoritative answer:
Name: google.com
Address: 74.125.200.101
Name: google.com
Address: 74.125.200.102
Name: google.com
Address: 74.125.200.113
Name: google.com
Address: 74.125.200.138
Name: google.com
Address: 74.125.200.139
Name: google.com
Address: 74.125.200.100
> 10.17.118.187
Server: 10.17.118.187
Address: 10.17.118.187#53
** server can't find 187.118.17.10.in-addr.arpa.: NXDOMAIN
> ^Croot@server:~# dig test.com
; <<>> DiG 9.8.1-P1 <<>> test.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49021
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;test.com. IN A
;; ANSWER SECTION:
test.com. 7200 IN A 208.64.121.161
;; AUTHORITY SECTION:
test.com. 76421 IN NS ns66.worldnic.com.
test.com. 76421 IN NS ns65.worldnic.com.
;; ADDITIONAL SECTION:
ns65.worldnic.com. 14858 IN A 207.204.40.133
ns66.worldnic.com. 97261 IN A 206.188.198.33
;; Query time: 576 msec
;; SERVER: 10.17.118.187#53(10.17.118.187)
;; WHEN: Sat May 31 15:31:52 2014
;; MSG SIZE rcvd: 121
dari state diatas sy cuma merasa ada yg ganjil kenapa ada IP : 10.17.118.187
lalu mulailah sy cek and ricek
gedit /etc/resolv.conf
and the output are
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 10.17.118.187
nameserver 10.17.118.251
nameserver 127.0.0.1
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 10.17.118.187
nameserver 10.17.118.251
nameserver 127.0.0.1
woooo pantas saja,
next suspect ke settingan /etc/network/interfaces
sy ganti, cukup IP saja, mastikan DNS disitu
lalu ini yg crusial
root@server:~# gedit /etc/dhcp/dhcpd.conf
saya pagerin nih config
#option domain-name "serverthesis.com";
#option domain-name-servers thesis1.com, thesis2.com;
#option domain-name-servers thesis1.com, thesis2.com;
#option domain-name-servers 10.10.10.1;
dan save lalu
root@server:~# service isc-dhcp-server restart
pada client disconnect network, lalu connect it again
tadaaaa, ALHAMDULILLAH
SOLVED !!!!!
depok, plaza quantum 2nd floor
31 mei 2014 [my new room]
thankyou Allah
0 komentar:
Posting Komentar