What I want to be IPv6 Enabled :

Number #0.1 : ALL INTERNET EXCHANGE, TIERS, NAPS, PROVIDERS, TELCO OPERATORS & WARNETS [How can this be in this categories ? I mean Internet Cafe :)]
Number #0.5 : BSD, UNIX, LINUX, CISCO, JUNIPER, MICROSOFT, APPLE [WEBsites & All Related Application Running On]
Number #1 : Google.Com [Most popular & Fastest Search Engine, Earth Map, Mail]
Number #2 : Yahoo.Com [Most Used Messenger, Mail]
Number #3 : You Tube and other popular tubes [Most Video Streaming]
Number #4 : CNN.COM BBC.COM and other NEWS WEBSITES [Most News]
Number #5 : WORDPRESS.COM, BLOGSPOT, MULTIPLY, RAPIDSHARES [Most BLOGS]
Number #6 : ALL SOFTWARES PROVIDERS
Number #7 : ALL CONTENT & GAMES PROVIDERS [PORNS ? YES !] & I SHOULD BE AWAY FROM THIS.
Number #8 : ALL BANKING SYSTEMS

In INDONESIA :

Number #0 : ALL NAPS, ISPs, INTERNET EXCHANGES, WARNETS, TELCO OPERATORS
Number #1 : DETIK.COM [DONE with SIGIT ISNANTO]
Number #2 : GAME CENTERS PROVIDERS [WHY DIDN'T THEY GO TO SCHOOL THIS LATE ?]
Number #3 : ALL WEBSITES
Number #4 : ALL BANKING SYSTEMS
Number #499 : WWW.17TAHUN.COM ? [SORRY NOPE HOSTED HERE :))]

WHY ?
Because we are in the shortage of applications to get everybody even an internet dummy interested on the Big Issue of Running Out of IPv4 Address.
And we are so close to the second, where every electronic boxes need IP for communicate.
Yes, I Know NAT can do it for now, but it’s limited for some features.

What I other thing know is still many of engines & boxes in some providers not IPv6 Supported yet.
Replacement will equal to cost
And Cost equals to How Revenue Calculated..
And Gross Profit equals to COGS deducted from Revenue..
And EBITDA derived from above..
And ETDA Bocah… [This is BETAWI Languange, just passed to the bottom]…
And Finally Net Profit Comes Up which might be 10% of Revenue :)) [kacian deh]…

[I'm not actually sure, I'm a Network Engineer or Finance Expert by looking at above terms :)]

So… What do you think Boss ?
Forget Transition !!
Forget That v6 Engines !! get Back to 4 cilinders ~!

Matilah… awak…

rgs
a. rahman isnaini r.sutan
NETSOFT NAP OPERATION
Cyber Bld, 8th Floor
Jakarta Selatan

2404:170:253::10

– 24 April 2008 –
Idea comes Up.
You tube fever

Ladies & Gentleman here comes the ipv6 Tube Indonesia.
Thanks to Indrajaya PP.
Please have this accessed and put your comments.

The url is : http://indotube6.indo.net.id

All work Copyright 2008

IndoInternet Broadcasting System

a. rahman isnaini r.sutan

Here some of log access (none ipv6 users yet ? or they ipv6 not available)

Read the rest of this entry »

Tampaknya ada beberapa hal di internet banking BCA yang perlu di suggest.
Misalnya untuk check tagihan telephone, listrik dan lainnya.
Semua member yang sudah login dapat melihat tagihan orang lain.

Mungkin tidak crucial.
Tapi orang lain dapat memanfaatkannya untuk keperluan tertentu.
Salah satu contoh adalah tagihan telephone seseorang yang saya capture :

Bagaimana ya bisa hanya yang punya nomer telephone yang tahu ?
Atau yang punya tagihan listrik yang tahu

wassalam
a. rahman isnaini r.sutan

Flashback
2 Tahun lalu…
April 2006, Muara Angke.
Ahli2 perikanan (fishmeat), perkerangan (shell), percumian(squid)… (Akbar & Erry Absen Kali ini)..
Seliweran pukul 22:00…

Malam sabtu, minggu lalu..
April 2008, Muara Angke.

Memang April adalah bulan barokah terutama bagi penggemar makanan ber vitamin lengkap.
Soalnya ada dua orang di technical team indo.net yang memperingati hari penampakan awal mereka kedunia yang fana ini.
Sesuai jadwal dan kompor dari teman2 di NOC.
Nah sebagai tradisi yang turun temurun dari sejak negara cyber lt.8 berdiri, setiap datang hari itu..
Yang punya hajatan hendaklah mempersiapkan segala sesuatunya..
Ya Cash, Credit Card, Softloan, atau lemburan,… atau minjem dulu ma temen sebelah.

Apa ajah yang penting jangan mencuri dan nyolong..
Karena mencuri itu disayang syaiton.

Akhirnya,
Sesuai janji jonny dan tradisi.
KFC meluncur dari tukang delivery disiang hari tepatnya sebelum jumatan.
Tidak butuh waktu lama bagi teman2 untuk melenyapkan Ayam2 pejantan terbungkus tepung dan merica..
Ditambah beras masak dan Panta…
Luzeattt… !!
Namanya juga jarang makan ginian.

Penasaran, makan malam banyak pilihannya.
Undian pun dilangsungkan, via SMS juga boleh.
Dukung muara angke dan kirim ke 777 (ini kan kode Otak2)..
Dukung WarSunda dan kirim ke 212
Dukung Nasi Padang dan kirim ke 0817 6388 604 (ini mah nomer gw, maklum promosi kampuang sendiri).

Alhasil score telak sesuai urutan 18-5-1
Pemenangnya adalah 777..
Selamat ya…
Maaf bagi yang tereliminasi, maklum rekan2 anak gunung semua..
Jarang2 makan SeaFood.

– 18:30 –
Ready to go.
Kriuk2 sudah kedengaran dari belakang gesper teman2ku.
Sptnya cacing2 itu sudah berdemo, dengan mengikat kepala…
Didalam saluran gelap pencernaan..

Meski tidak semua ikut, namun 4 kendaraan roda empat rombongan dibawa ke lokasi pembantaian & pembakaran Ikan dan Cumi…
2 x Phanter (dengan skema Sardine ABC)
1 x Taruna membawa boss wireless dan team
1 x Corolla Great Hijau lumut tahun 95, body mulus terawat,.. tangan pertama.. STNK Panjang.. (koq jadi iklan mobil ?)

Padahal tadinya ada RUSH dan AVANZA yang juga siap mengangkut jamaah seafood ini.
Namun karena ada kendala harus tune up dan masuk salon..
Dimaafkan, lain kali jangan absen !.

– 19:30 –
2 x Panther melaju kencang di kepadatan toll dalam kota (gimana caranya kencang ya ?)
Menembus diantara truck2 berat dan kendaraan pribadi lainnya.
Namun akhirnya tertahan di “The Bridge of Three” (Jembatan Tiga ? serius !).

1 x Taruna Biru mengekor dari belakang, mengingat telat nunggu boss pipis dulu.
Namun dengan segala perlengkapan yang ada, GPS, Peta Jakarta, sampai tanya tukang rokok..
Akhirnya masuk garis finish di urutan 1 didepan PLN Jakarta Utara Pluit Angke.

Panther Biru dengan Driver dan Navigator tembak mencoba masuk ke Radio pantau Sony Ericsson 608 i.
Ternyata Navigator salah baca peta dan bablas ke Muara Karang..
Spt tadi karena kencang menembus kemacetan, sayangnya papan pengumuman hijau keluar pluit tertutup box mobil ayam… yang sedang mengibaskan sayapnya
diwaktu malam.. (jangan2 temennya ayam KFC tadi siang)…

Setelah di selidiki di google, Navigator dan Driver hanya beda 40 km kampungnya di Ujung Pulau Sumatera…

Tunggu punya tunggu merapat Panther Silver dengan driver yang ulang tahun.
Karena agak malam, driver taruna kurang faham dan salah faham dikira panther biru.
Bablas masuk area perparkiran Muara Angke.
Wah ternyata Panther Biru masih jauh, mudah2an tidak sesat ke Tol Merak naik Ferry nyebrang ke Sumatera..

– 20:10 –
Satu hal yang tak pernah berubah di Muara Angke..
Timbangan tidak ada yang benar.
Bukankah yang merubah timbangan dosanya sangat besar ?
Sudahlah, mereka mungkin memilih lebih baik disayang syaiton ketimbang dibenci Tuhan..
Dan merugikan orang lain.

Segenap Ikan, Cumi, Udang, Kepiting dan Kerang sudah lengkap dan ready to be burn out.. (grilled kali…).
Waduh, ternyata rekan2 sudah nongkrong di Putra Bone.
Poto2…

Menunggu Seafood disediakan untuk dimakan…
Ada yang menggugah perhatian..
Terutama para lelaki di pojokan.
Ada apa dengan mereka ?

Selidik punya selidik…
Masya Allah… bak kata Jamal…
“Sebelah kiri Asap… Sebelah Kanan Azab”..
Segitiga bermuda… kata Ebenz..

Baru kali ini di muara angke nafsu makan jadi berkurang..
Nafsu yang lain jadi meradang :))
Ya syudahlah anggap ajah pertunjukan gratis.

Eh ada lagi pertunjukkan kedua..
Dengan meliuk2, penari erotis lelaki kewanitaan masuk arena.
Menggoda Abang berjenggot.. katanya paling ganteng menurut penari itu ?
Coba kalo penari itu tahu ibu disebelahnya abang ganteng itu istrinya..
Penari itu harus berpikir keras mencari yang masih perjaka lain ??
(koq tampangnya semua dah pada ga perjaka ?? ya)

–22:10–
Ikan kambing2 abis, Udang Habis, Kepiting Habis…
Sisa Squid Saos Padang (Cumi).. Squid yang ini bukan buat di restart.. tapi ditelan.
Ya lumayan buat teman2 di Office sebagai petugas malam yang selalu kedinginan dibawah AC 2 PK.

wassalam
a. rahman isnaini r.sutan
To : Bang Jamal & Bang Tossy Thanks for Foods…

#/bin/bash
#cd /
mt -f /dev/st0 status
sleep 3
mt -f /dev/st0 rewind
sleep 3
tar -cvf /dev/st0 -b 512 /var/www/ /var/lib/mysql/ /etc/httpd/ /var/named/chroot/ /etc/php.ini /etc/named.conf /etc/my.cnf > /var/log/backup/backup-tape-`date “+%Y%m%d”`.txt
sleep 2
gzip /var/log/backup/backup-tape-`date “+%Y%m%d”`.txt
sleep 20
#chown nmc /var/log/backup/backup-log-`date “+%Y%m%d”`.txt.gz
mt -f /dev/st0 offline

Here the data in which will be backed up by the script :

/var/www/ –> File-file web
/var/lib/mysql/ –> file-file databases
/etc/httpd/ –> Configuration Apache Web Server
/var/named/chroot/ –> Database Record DNS
/etc/php.ini –> Configuration PHP
/etc/named.conf –> Configuration DNS server
/etc/my.cnf –> Configuration MySQL Server

– IP –

Using STP for Redundancy, gives you :

- Resilience Time about 2 seconds for Link Recovery once primary trunk goes down and took over by the second one
- Resilience Time about 25 seconds for Link Recovery once primary trunk goes up and took over the link from the secondary trunk

Connection Scheme :

a. SWITCH 1 [SW1] -> VTP Server domain : cluster1.internal.net
- Port F0/1 Trunked to Port F0/2 [SW2]
- Port F0/2 Trunked to Port F0/1 [SW3]
- Port F0/24 Vlan Access 20 to PC-A
b. SWITCH 2 [SW2] VTP client domain : cluster1.internal.net
- Port F0/1 Trunked to Port F0/2 [SW3]
- Port F0/2 Trunked to Port F0/1 [SW1]
c. SWITCH 3 [SW3] VTP client domain : cluster1.internal.net
- Port F0/1 Trunked to Port F0/2 [SW1]
- Port F0/2 Trunked to Port F0/1 [SW2]
- Port F0/24 Vlan Access 20 to PC-B

Read the rest of this entry »

From we have been through for years, High CPU may caused by :

a. IP Input
b. BGP Router
c. BGP Scanner
d. Virtual Exec

as they seen in below captured realtime cpu process :

CPU utilization for five seconds: 18%/18%; one minute: 20%; five minutes: 21%
47 2297526152-2139485143 0 0.07% 0.08% 0.11% 0 IP Input
126 12 1483 8 0.00% 0.00% 0.00% 2 Virtual Exec
133 15002844 84059163 178 0.15% 0.01% 0.00% 0 BGP Router
136 688579928 4168349 165198 0.00% 1.98% 2.61% 0 BGP Scanner

Suggestion :

1. IP Input

- Check Number of & Move IP Secondaries on one interface, simplify !
- Check MLPPP / CEF load balancing config, replace with Inverse MUX
- Enable “ip cef” in global config
- Enable “ip route-cache same interface” on interface
- Enable “ip route-cache cef” on interface
- Check “ip nbar protocol discovery” on interface, disabled if it’s not needed !
- Check number of access-list rows
- Remove “log” sufix in access-list if it’s not needed
- Simplify your access-list by aggregating or use null 0 to block specific IP/Prefix
- Check service policy and how it matches the conditions (acl, prefix, ect), simplify !
- Check policy map and how it matches the conditions (acl, prefix, ect), simplify !

2. BGP Routing & Scanning
- Enable Fast switching [CEF]
- Filter more routes or internet routing table size (not full route)
- Check your Memory & Upgrade if needed
- Simplify your BGP config
- Simplify neighbors (peer-group).

3. Virtual Exec
- Check & Limit VTY
- Restrict VTY idle time login
- Check logging console > disabled
- Check Logging monitor > disabled

Other thing, simplify your config by removing any unused :

- access-list
- policy-map
- route-map
- prefix-list
- as-path access-list
- static routes
- BackUp your config periodically or even in shortime, should changes always made to this engine.

a. rahman isnaini r.sutan
2404:170:253::10

ip nbar protocol-discovery

To configure Networked-Based Application Recognition (NBAR) to discover traffic for all protocols known to NBAR on a particular interface, use the ip nbar protocol-discovery interface configuration command. To disable traffic discovery, use the no form of this command.

Example :

a. rahman isnaini r.sutan

High CPU - IP Input on Cisco Router [PART II]

As written in Part I Cisco High CPU due to IP Input :

PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process
47 22949526882139777808 1072 21.11% 26.99% 29.53% 0 IP Input

And everything has been checked on the list detail explained.
One more thing today I found : ACL rows + log.
The more rows more CPU resources.
It’s going to raise more if you have log applied at the end of acl row.

I’ve been minimizing and simplifizing my ACL.
It’s getting more and more space on CPU resources available that would give a more stable performance of your gear.

My suggestions :

- Remove the log sufix if it’s not realy needed.
- Replace deny ip host/network with null route (static).

That’s all

rgs.
a. rahman isnaini r.sutan

AusCERT (Australia Computer Emergency Respond Team) working with MyCERT (Malaysia CERT) invited APJII & FTII (gathered in ID-SIRTII)
participant for joining Security Training hosted in MIMOS Malaysia in 2004.

Indonesia team came from : ISPs, APJII, FTII, Postel, Cyber Crime Indonesian Police, IndoWLI, IT Peoples.
This training is intended to built a strong ID-SIRTII & MyCERT Team.
As we all know Internet Crime might not seen though the impact was realy bad.

Here are the participants & trainers

Here Engineer as TKI as well waiting for KLIA-CGK flight :

a. rahman isnaini r.sutan