MikroTik sebagai DNS Server

Hi…

Bermula dari tugas kantor untuk membuat DNS Server untuk mempermudah akses beberapa server/perangkat yang ada dikantor. Misal, untuk akses server monitoring cacti, tidak perlu ketik IP di browser, hanya ketik domain/nama yang kita tentukan sendiri. Jadi saya memutuskan menggunakan mikrotik saja sebagai DNS server.

Ok, kita langsung saja ya…

Untuk Topologinya seperti berikut

Dalam lab ini, saya hanya menunjukan konfigurasi di R1 dan R2 (DNS Server).

KONFIGURASI PADA R1

Karena core router ada DHCP server, maka pada R1 kita buat DHCP Client saja

/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1 use-peer-dns=\
no

Set IP pada ether2 dan 3

/ip address
add address=192.168.86.1/24 interface=ether3 network=192.168.86.0
add address=192.168.64.1/24 interface=ether2 network=192.168.64.0

Selanjutnya, buat dhcp server di ether3, untuk mempermudah PC client

/ip dhcp-server
add address-pool=dhcp_pool0 disabled=no interface=ether3 name=dhcp1

/ip dhcp-server network
add address=192.168.86.0/24 dns-server=192.168.86.1 gateway=192.168.86.1

/ip pool
add name=dhcp_pool0 ranges=192.168.86.2-192.168.86.254

Kemudian, set DNS pada R1 agar mengarah pada R2 (DNS Server)

/ip dns
set allow-remote-requests=yes servers=192.168.64.2

Terakhir, set NAT masquerade agar dapat akses internet

/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1

KONFIGURASI PADA R2 – DNS SERVER

Set dulu IP nya

/ip address
add address=192.168.64.2/24 interface=ether4 network=192.168.64.0

Selanjutnya, set IP DNS. Dalam hal ini saya isi IP Core router, karena di core router sudah di set Public DNS

/ip dns
set allow-remote-requests=yes servers=172.30.0.1

Kemudian, kita set static DNS, yaitu memberi nama domain pada server internal. Konfigurasi kali ini saya menggunakan *.konfigurasi untuk nama domainnya

/ip dns static
add address=172.30.0.235 name=cacti.konfigurasi
add address=172.30.0.26 name=controller.konfigurasi
add address=172.21.100.11 name=proxmox1.konfigurasi

Set IP Forwarding NATnya, agar sebelum cek DNS luar, akan melakukan proses cek pada DNS internal terlebih dahulu

/ip firewall nat
add action=dst-nat chain=dstnat dst-port=53 protocol=tcp to-addresses=\
192.168.64.2 to-ports=53
add action=dst-nat chain=dstnat dst-port=53 protocol=udp to-addresses=\
192.168.64.2 to-ports=53

Terakhir, set default routee

/ip route
add distance=1 gateway=192.168.64.1

TEST PADA PC

C:\Users\konfigurasi>ping google.com

Pinging google.com [74.125.68.101] with 32 bytes of data:
Reply from 74.125.68.101: bytes=32 time=239ms TTL=42
Reply from 74.125.68.101: bytes=32 time=27ms TTL=42
Reply from 74.125.68.101: bytes=32 time=24ms TTL=42
Reply from 74.125.68.101: bytes=32 time=23ms TTL=42

Ping statistics for 74.125.68.101:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 239ms, Average = 78ms

C:\Users\konfigurasi>ping cacti.konfigurasi

Pinging cacti.konfigurasi [172.30.0.235] with 32 bytes of data:
Reply from 172.30.0.235: bytes=32 time=1ms TTL=63
Reply from 172.30.0.235: bytes=32 time<1ms TTL=63
Reply from 172.30.0.235: bytes=32 time<1ms TTL=63
Reply from 172.30.0.235: bytes=32 time=1ms TTL=63

Ping statistics for 172.30.0.235:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

C:\Users\konfigurasi>ping controller.konfigurasi

Pinging controller.konfigurasi [172.30.0.26] with 32 bytes of data:
Reply from 172.30.0.26: bytes=32 time=2ms TTL=127
Reply from 172.30.0.26: bytes=32 time=1ms TTL=127
Reply from 172.30.0.26: bytes=32 time=1ms TTL=127
Reply from 172.30.0.26: bytes=32 time=1ms TTL=127

Ping statistics for 172.30.0.26:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms

C:\Users\konfigurasi>ping proxmox1.konfigurasi

Pinging proxmox1.konfigurasi [172.21.100.11] with 32 bytes of data:
Reply from 172.21.100.11: bytes=32 time=4ms TTL=59
Reply from 172.21.100.11: bytes=32 time=4ms TTL=59
Reply from 172.21.100.11: bytes=32 time=4ms TTL=59
Reply from 172.21.100.11: bytes=32 time=4ms TTL=59

Ping statistics for 172.21.100.11:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 4ms, Average = 4ms

Ok, selamat mencoba………………

Static Route Juniper

Hi…

Kali ini kita akan coba konfigurasi static route pada Junos Juniper

Pertama, set ip address pada interface masing masing router

Juniper1

set interfaces em4 unit 0 family inet address 192.168.1.254/24
set interfaces em0 unit 0 family inet address 10.0.0.1/24

Juniper2

set interfaces em4 unit 0 family inet address 192.168.2.254/24
set interfaces em0 unit 0 family inet address 10.0.0.2/24

Setelah itu set static route nya

Juniper1

set routing-options static route 192.168.2.0/24 next-hop 10.0.0.2

Juniper2

set routing-options static route 192.168.1.0/24 next-hop 10.0.0.1

Jangan lupa di commit setelah itu cek di tabel routing nya

Juniper1

root> show route

inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.0/24 *[Direct/0] 00:19:14
> via em0.0
10.0.0.1/32 *[Local/0] 00:19:14
Local via em0.0
192.168.1.0/24 *[Direct/0] 00:19:14
> via em4.0
192.168.1.254/32 *[Local/0] 00:19:14
Local via em4.0
192.168.2.0/24 *[Static/5] 00:17:28
> to 10.0.0.2 via em0.0

Juniper2

root> show route

inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.0/24 *[Direct/0] 00:19:45
> via em0.0
10.0.0.2/32 *[Local/0] 00:19:45
Local via em0.0
192.168.1.0/24 *[Static/5] 00:17:50
> to 10.0.0.1 via em0.0
192.168.2.0/24 *[Direct/0] 00:19:45
> via em4.0
192.168.2.254/32 *[Local/0] 00:19:45
Local via em4.0

Coba ping dari PC1 ke PC2 dan sebaliknya

PC1> ping 192.168.2.1
84 bytes from 192.168.2.1 icmp_seq=1 ttl=62 time=1.508 ms
84 bytes from 192.168.2.1 icmp_seq=2 ttl=62 time=2.426 ms
84 bytes from 192.168.2.1 icmp_seq=3 ttl=62 time=3.035 ms
84 bytes from 192.168.2.1 icmp_seq=4 ttl=62 time=2.981 ms
84 bytes from 192.168.2.1 icmp_seq=5 ttl=62 time=2.175 ms

PC2> ping 192.168.1.1
84 bytes from 192.168.1.1 icmp_seq=1 ttl=62 time=1.009 ms
84 bytes from 192.168.1.1 icmp_seq=2 ttl=62 time=4.014 ms
84 bytes from 192.168.1.1 icmp_seq=3 ttl=62 time=3.336 ms
84 bytes from 192.168.1.1 icmp_seq=4 ttl=62 time=2.942 ms
84 bytes from 192.168.1.1 icmp_seq=5 ttl=62 time=3.512 ms