Category Archives: Networking
How to Setup a VPN (PPTP) Server on Debian Linux
VPN-ing into your server will allow you to connect to every possible service running on it, as if you were sitting next to it on the same network, without individually forwarding every port combination for every service you would like to access remotely.
Using a VPN connection also has the upshot of, if desired, granting access to other computers on the network as if you where in it locally from anywhere across the internet.
While not the most secure of the VPN solutions out there, PPTP is by far the simplest to install, configure and connect to from any modern system and from windows specifically as the client is a part of the OS since the XP days and you don’t need to mess with certificates (like with L2TP+IPsec or SSL VPNs) on both sides of the connection.
Did i get you interested? then let’s go 🙂
Preface
You will need to forward port 1723 from the internet to the server to enable the connection (not covered here).
You will see me use VIM as the editor program, this is just because I’m used to it… you may use any other editor that you’d like.
Server Setup
Install the pptp server package:
sudo aptitude install pptpd
Edit the “/etc/pptpd.conf” configuration file:
sudo vim /etc/pptpd.conf
Add to it:
localip 192.168.1.5
remoteip 192.168.1.234-238,192.168.1.245
Where the “localip” is the address of the server, and the remoteip are the addresses that will be handed out to the clients, it is up to you to adjust these for your network’s requirements.
Edit the “/etc/ppp/pptpd-options” configuration file:
sudo vim /etc/ppp/pptpd-options
Append to the end of the file, the following directives:
ms-dns 192.168.1.1
nobsdcomp
noipx
mtu 1490
mru 1490
Where the IP used for the ms-dns directive is the DNS server for the local network your client will be connecting to and, again, it is your responsibility to adjust this to your network’s configuration.
Edit the chap secrets file:
sudo vim /etc/ppp/chap-secrets
Add to it the authentication credentials for a user’s connection, in the following syntax:
username * users-password *
Restart the connection’s daemon for the settings to take affect:
sudo /etc/init.d/pptpd restart
If you don’t want to grant yourself access to anything beyond the server, then you’re done on the server side.
Enable Forwarding (optional)
While this step is optional and could be viewed as a security risk for the extremely paranoid, it is my opinion that not doing it defeats the purpose of even having a VPN connection into your network.
By enabling forwarding we make the entire network available to us when we connect and not just the VPN server itself. Doing so allows the connecting client to “jump” through the VPN server, to all other devices on the network.
To achieve this we will be flipping the switch on the “forwarding” parameter of the system.
Edit the “sysctl” file:
sudo vim /etc/sysctl.conf
Find the “net.ipv4.ip_forward” line and change the parameter from 0 (disabled) to 1 (enabled):
net.ipv4.ip_forward=1
You can either restart the system or issue this command for the setting to take affect:
sudo sysctl -p
With forwarding enabled, all the server side settings are prepared.
We recommend using a “Split Tunnel” connection mode for the VPN client.
A more in depth explanation about the recommended “Split Tunnel” mode, as well as instructions for Ubuntu Linux users can be found in the “Setting up a “Split Tunnel” VPN (PPTP) Client on Ubuntu 10.04” guide.
MIKROTIK PISAH DOWNLOAD, BROWSE DAN GAME DI 1 LINE
Langsung aja ah…..
Test running well di RB750 OS ver.4.5
ISP= SAPIDI EXECUTIVE 512 – 2M
Mangle:
GAME
contoh buat Point Blank, game lain sesuaikan aja port/ip nya
chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=tcp dst-address=203.89.146.0/23 dst-port=39190 comment=”Point Blank”
chain=game action=mark-connection new-connection-mark=Game passthrough=yes protocol=udp dst-address=203.89.146.0/23 dst-port=40000-40010
chain=game action=mark-packet new-packet-mark=Game_pkt passthrough=no connection-mark=Game
chain=prerouting action=jump jump-target=game
POKER
chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp dst-address-list=LOAD POKER comment=”POKER”
chain=forward action=mark-connection new-connection-mark=Poker_con passthrough=yes protocol=tcp content=statics.poker.static.zynga.com
chain=forward action=mark-packet new-packet-mark=Poker passthrough=no connection-mark=Poker_con
BROWSING
chain=forward action=mark-connection new-connection-mark=http passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Game connection-bytes=0-262146 comment=”BROWSE”
chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http
chain=forward action=mark-packet new-packet-mark=http_pkt passthrough=no protocol=tcp connection-mark=http
UPLOAD
chain=prerouting action=mark-packet new-packet-mark=Upload passthrough=no protocol=tcp src-address=192.168.0.0/24 in-interface=Lan packet-mark=!icmp_pkt comment=”UPLOAD”
LIMIT DOWNLOAD
chain=forward action=mark-connection new-connection-mark=Download passthrough=yes protocol=tcp in-interface=WAN out-interface=Lan packet-mark=!Game_pkt connection-mark=!Poker_con connection bytes=262146-4294967295 comment=”LIMIT DOWNLOAD”
chain=forward action=mark-packet new-packet-mark=Download_pkt passthrough=no packet-mark=!Game_pk> connection-mark=Download
QUEUE
queue type
name=”Download” kind=pcq pcq-rate=256000 pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
name=”Http” kind=pcq pcq-rate=1M pcq-limit=50 pcq-classifier=dst-address pcq-total-limit=2000
name=”Game” kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address,dst-address,src-port,dst-port pcq-total-limit=2000
name=”Upload” kind=pcq pcq-rate=0 pcq-limit=50 pcq-classifier=src-address pcq-total-limit=2000
Queue Tree
name=”Main Browse” parent=Lan limit-at=0 priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
name=”Browse” parent=Main Browse packet-mark=http_pkt limit-at=0 queue=Http priority=8 max-limit=1M burst-limit=0 burst-threshold=0 burst-time=0s
name=”Game” parent=global-total packet-mark=Game_pkt limit-at=0 queue=Game priority=1 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
name=”Poker” parent=global-out packet-mark=Poker limit-at=0 queue=Game priority=3 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
name=”Download” parent=global-out packet-mark=Download_pkt limit-at=0 queue=Download priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s
name=”Main Upload” parent=global-in limit-at=0 priority=8 max-limit=256k burst-limit=0 burst-threshold=0 burst-time=0s
name=”Upload” parent=Main Upload packet-mark=Upload limit-at=0 queue=Upload priority=8 max-limit=0 burst-limit=0 burst-threshold=0 burst-time=0s
HASILNYA
BROWSING 1Mbs bagi rata sekampung (baca: satu jaringan)
DOWNLOAD 256Kbps bagi rata sekampung
GAME seadanya bandwith sesuai kebutuhan sekampung
POKER seadanya bandwith sesuai kebutuhan sekampung
UPLOAD seadanya bandwith bagi rata sesuai kebutuhan sekampung
Kutipan : http://nebulagame.wordpress.com/2010/02/02/mikrotik-pisah-download-browse-dan-game-di-1-line/
SPEEDY MAKIN MURAH – ABIS – ISP , Ayo ISP – LEBIH MURAH LAGE
JAKARTA,KOMPAS.com-Dalam upaya menjawab kebutuhan berinternet masyarakat yang semakin tinggi, PT. Telekomunikasi Indonesia Tbk (Telkom) meluncurkan Paket Speedy Beda Kecepatan atau Speedy Multi Speed.
Paket baru Speedy tersebut menyediakan pilihan kecepatan yang bervariasi atau multi speed , sehingga pelanggan dapat memilih jenis paket layanan yang sesuai dengan keinginan dan kebutuhannya.
“Kelebihan paket Speedy dengan beda kecepatan atau Speedy Multy Speed ini adalah paket terbaru yang menawarkan perbedaan kecepatan/ speed dalam pilihan paketnya,” kata Vice President Public and Marketing Communication Telkom Eddy Kurnia, Rabu (1/4) di Jakarta.
Speedy adalah produk layanan akses internet end-to-end Telkom dengan basis teknologi Asymmetric Digital Subscriber Line (ADSL), yang dapat menyalurkan data dan suara secara simultan melalui satu saluran telepon biasa dengan kecepatan yang dijaminkan sesuai dengan paket layanan yang diluncurkan dari modem sampai server.
Speedy Beda Kecepatan ( Multy Speed) terutama ditujukan bagi mereka yang selama ini telah mengakses internet secara dial up baik itu melalui TELKOMNet Instan maupun provider internet lainnya. “Pilihan yang tersedia bisa meningkatkan kenyamanan mengakses internet dengan tarif yang lebih kompetitif dibanding mengakses internet secara dial up,” jelas Eddy Kurnia.
Speedy Beda Kecepatan ( Multy Speed) terdiri dari tujuh paket, yakni Paket Mail, Paket Chat, Paket Family, Paket Load, Paket Game, Paket Eksekutif dan Paket Biz. ” Seperti namanya, Speedy Beda Kecepatan/Multi Speed menyasar seluruh segmen berinternet,” kata Eddy Kurnia.
Paket-paket tersebut memenuhi kebutuhan mulai dari rumahan, usaha kecil (SOHO/Small Office Home Office), para game mania, hingga untuk keperluan bisnis. Biaya registrasi Speedy Multy Speed ini hanya Rp.75.000.-
Paket Speedy Beda Kecepatan/Multy Speed
Tipe Paket Layanan Speedy KecepatanBiaya Bulanan Tarif Kelebihan Pakai (Kuota)
Paket Mail
Up to 1 MbpsRp 75.000 Rp 75/menit
Paket Chat
Up to 1 MbpsRp 145.000 Rp 25/menit
Paket Family
Up to 384 MbpsRp 195.000
Paket Load
Up to 512 MbpsRp 295.000
Paket Game
Up to 1 MbpsRp 645.000
Paket Executive
Up to 2 MbpsRp 995.000
Paket Biz
Up to 3 MbpsRp. 1.695.000
Internet gratis dengen memanfaatkan kelemahan telkomsel
Ada beberapahal yang menarik dari judul Internet Gratis dengan memanfaatkan kelemahan telkomsel, dimana saya akan coba bahas mekanisme dan sistematis yang digunakan.
Telkomsel merupakan salahsatu perusahhan yang bergerak di bidang telekomunikasi, dimana salahsatu konsentrasi usaha mereka adalah jaringan komunikasi selular. Namun kini dengan berkembangnya teknologi terutama munculnya 3G dan 3,5G maka media komunikasi selular ini secara bertahap di masukan komunikasi internet. Seingga pelanggannya dapat dengan leluasa menggunakan koneksi internet di mana saja kapan saja, dan jelas ini merupakan kontribusi secara inkan besar pagi perusahaan TELKOM ini. Read the rest of this entry
Virtual Server, Forward server LAN ke Jaringan Public
Kausnya adalah berikut
Kita melakukan instalasi DNS server dan Webserver dengan IP Prifat di lan, namun web dan DNS harus bisa di akses di jaringan public, bagaimana caranya ?
Modem ADSL (ip Publik : 125.x.x.x)
||======>(ip: 192.168.0.254/24)
||
||======>(ip: 192.168.0.1/24)
Mikrotik
|| ||=====>(ip:192.168.1.1/24)
|| ||
|| Client Lokal (192.168.1.0/24)
||=========>(ip:192.168.1.1/24)
||
DNS+WEB Server (192.168.1.2/24)
Jawabanya adalah dengan melakukan printah berikut di mikrotik
/ip firewall nat add chain=dstnat dst-address=125.x.x.x protocol=tcp dst-port=53 action=dst-nat to-addresses=192.168.1.2 to-ports=53
/ip firewall nat add chain=dstnat dst-address=125.x.x.x protocol=tcp dst-port=80 action=dst-nat to-addresses=192.168.1.2 to-ports=80
This Howto describes the installation of Roaring Penguin PPPoE for Debian GNU/Linux.
Requisites:
- Before you can install the software, you’ll need a kernel, 2.4.# minimum, compiled with:
- Networking options
- Socket Filtering
- Network device support
- PPP (point-to-point protocol) support
- PPP filtering
- PPP support for async serial ports
- PPP Deflate compression
- NB: You may find “PPP over Ethernet” listed. This option is not needed. You can experiment with it, but that’s ouside this manual’s scope.
- PPP (point-to-point protocol) support
- Networking options
- PPPd version 2.4.0 or higher (Debian Woody).
- For ‘Woody’ you can install pppd by using ‘apt’;
apt-get install ppp - For ‘Potato’ you can download a specially patched version of the pppd on www.roaringpenguin.com/pppoe/#download.
- For ‘Woody’ you can install pppd by using ‘apt’;
Installation of the Debian PPPoE client software
- Debian (tested on Woody) has a native pppoe package, but it won’t work properly. Apparently the default binaries are not okay.
- First install the Debian pppoe package (apt-get install pppoe). With the installation of Roaring Penguin lateron, the binaries of the Debian pppoe package are replaced, but not the startup scripts.
This wil provide a working /etc/init.d/ppp init-script, so your connection will start automatically upon startup. - You’ll need the Roaring Penguin PPPoE client, minimum rp-pppoe-3.5.
Version rp-pppoe-3.5.tar.gz is included in the ResNet Installation Package. The manual included in this package will bring you to this page. - Change directory (cd /path/to_download) where you’ve saved the ResNet Installation Package. This bundle includes a tar.gz with the Roaring Penguin-source and a manual (index.htm)
- tar xzvf resnet-rp.tar.gz to extract the bundle.
- tar xzvf rp-pppoe-3.5.tar.gz to extract the Roaring Penguin-source included in the bundle.
- cd rp-pppoe-3.5
- ./go (you can use adsl-setup to repeat in the future)
- USERNAME: enter the username of your service account, don’t forget the @tudelft suffix!
- INTERFACE: enter the interface that’s used for your PPPoE connection (eg: eth0)
- idle-time: choose an ‘idle disconnect time’ or no for ‘always on’
- DNS: press enter to skip manual DNS configuration specific for PPPoE, but instead keep the local DNS-server(s) of your building,
or enter the TUDelft DNS-servers: 130.161.180.1 and 130.161.180.65 - PASSWORD: enter your service account’s password. Repeat to check.
- FIREWALL: choose a firewall option. 0 (NONE) will suffice in most cases
- Summary: choose yes to accept or no to start over.
- It’s recommended to specify an ‘AccessConcentrator’ and ‘ServiceName’.
- edit /etc/ppp/pppoe.conf and change/add these lines:ACNAME="DePoort"
SERVICENAME="TUdelft-FTTD" - It’s also possible to specify these options on the commandline (if you don’t have a pppoe.conf):
eg:pppoe -I eth0 -T 80 -m 1452 -S TUdelft-FTTD -C DePoort
- edit /etc/ppp/pppoe.conf and change/add these lines:ACNAME="DePoort"
- adsl-start to start your connection. (use adsl-stop to disconnect)
- Have fun with your Linux pppoe connection 😉
- First install the Debian pppoe package (apt-get install pppoe). With the installation of Roaring Penguin lateron, the binaries of the Debian pppoe package are replaced, but not the startup scripts.
This Howto describes the installation of Roaring Penguin PPPoE for RedHat Linux.
Requisites:
Recent versions of RedHat (7.3 and higher) have a suitable kernel for PPPoE and are equiped with recent versions of the pppd, so no upgrades are required. If you’re using an older version, please check the requirements
Installation PPPoE client software:
- You’ll need a Roaring Penguin PPPoE client, minimum rp-pppoe-3.5. This version is shipped with RedHat from version 9.
Version rp-pppoe-3.5-1.i386.rpm is available in the ResNet Installation Package. The manual included in this package will bring you to this page. - Install using /bin/rpm -ih rp-pppoe-yourversion.rpm or install the package from a RedHat (version 9 minimum) repository (eg from your installation CDROM).
- Run: /usr/sbin/adsl-setup
- USERNAME: enter the username of your service account, don’t forget the @tudelft suffix!
- INTERFACE: enter the interface that’s used for your PPPoE connection (eg: eth0).
- idle-time: choose an ‘idle disconnect time’ or no for ‘always on’.
- DNS: press enter to skip manual DNS configuration specific for PPPoE, but instead keep the local DNS-server(s) of your building,
or enter the TUDelft DNS-servers: 130.161.180.1 and 130.161.180.65 - PASSWORD: enter your service account’s password. Repeat to check.
- FIREWALL: choose a firewall option. 0 (NONE) will suffice in most cases
- Summary: choose yes to accept or no to start over.
- It’s recommended to specify an ‘AccessConcentrator’ and ‘ServiceName’.
edit /etc/ppp/pppoe.conf and change/add these lines:ACNAME="DePoort"
SERVICENAME="TUdelft-FTTD" - Run: /usr/sbin/adsl-start to start your connection. (use adsl-stop to disconnect)
- If you want your connection to start upon startup, use chkconfig --add adsl to create the adsl init-scripts.
- Have fun with your Linux PPPoE connection 😉
Requirements for older RedHat distributions
- Your 2.2/2.4 series kernel must support:
- PPP filtering.
- PPP deflate compression.
- PPP async.
- If your kernel is a 2.2 series kernel, you’ll need a pppd version 2.3.10 or higher.
- If your kernel is a 2.4 series kernel, you’ll need a pppd version 2.4.0 or higher.
PCQ
From MikroTik Wiki
Per Connection Queue (PCQ) is a queuing discipline that can be used to dynamically equalize or shape traffic for multiple users, using little administration. It is possible to divide PCQ scenarios into three major groups: equal bandwidth for a number of users, certain bandwidth equal distribution between users, unknown bandwidth equal distribution between users.
Equal Bandwidth for a Number of Users
Use PCQ type queue when you need to equalize the bandwidth [and set max limit] for a number of users. We will set the 64kbps download and 32kbps upload limits.
There are two ways how to make this: using mangle and queue trees, or, using simple queues.
1. Mark all packets with packet-mark all:
/ip firewall mangle add chain=prerouting action=mark-packet new-packet-mark=all passthrough=no
2. Setup two PCQ queue types – one for download and one for upload. dst-address is classifier for user’s download traffic, src-address for upload traffic:
/queue type add name="PCQ_download" kind=pcq pcq-rate=64000 pcq-classifier=dst-address /queue type add name="PCQ_upload" kind=pcq pcq-rate=32000 pcq-classifier=src-address
3. Finally, two queue rules are required, one for download and one for upload:
/queue tree add parent=global-in queue=PCQ_download packet-mark=all /queue tree add parent=global-out queue=PCQ_upload packet-mark=all
If you don’t like using mangle and queue trees, you can skip step 1, do step 2, and step 3 would be to create one simple queue as shown here:
/queue simple add queue=PCQ_upload/PCQ_download target-addresses=192.168.0.0/24
Automating Cisco Router, Switch, Firewall backups.
tep 1: Download and install rancid.
——————————————————————–
For additional information on rancid’s complete functionality see the following site.
http://www.shrubbery.net/rancid/
Install rancid, build-essential, and expect.
sudo apt-get install rancid-core rancid-util build-essential expect
Step 2: Create .cloginrc file in the rancid directory.
——————————————————————–
Opend a terminal and type the following.
sudo gedit /var/lib/rancid/.cloginrc
Add entries for each router, switch, pix firewall you’d like to backup by using the following format.
add password IPADDRESS {telnetpassword} {enablepassword}
IPADDRESS = the actual ip address of the device you want to backup.
telnetpassword = the actual telnet password for the device you want to backup.
enablepassword = the actual enable password for the device you want to backup.
The “{}” are required. At the bottom of the .clogin add the following line if you require SSH access to your equipment.
add method * telnet ssh
With this clogin will first try to telnet then ssh to your equipment.
Step 3: Protect the .cloginrc file.
——————————————————————–
sudo chmod 640 /var/lib/rancid/.cloginrc
Step 4: Create a backup directory for backup configs.
——————————————————————–
sudo mkdir /var/lib/rancid/backups/
Step 5: Change ownership of the /usr/lib/rancid/backups/ directory.
——————————————————————–
sudo chown -R rancid.rancid /var/lib/rancid/backups/
Step 6: Change permissions to the rancid directory.
——————————————————————–
sudo chmod 770 /var/lib/rancid/
Step 7: Set password for rancid account
——————————————————————–
sudo passwd rancid
Step 8: Test .cloginrc
——————————————————————–
As the user rancid test accessing your equipment.
su rancid
Now using once of the network devices that you’ve put in the .cloginrc for rancid type the following in the open terminal.
/usr/lib/rancid/bin/clogin IPADDESSOFDEVICE
You should see the clogin telnet (or ssh) to the device in question and switch to enable mode on the device. If everything works the proceed on to step 8. Otherwise take a look at your /var/lib/rancid/.cloginrc .
Step 9: Test grabing a backup config from the same device.
——————————————————————–
As rancid run the following test to make sure that you have everything setup correctly.
/usr/lib/rancid/bin/clogin -c 'write term' IPADDESSOFDEVICE > /var/lib/rancid/backups/test.cfg
Verify the output:
less /var/lib/rancid/backups/test.cfg
If everthing checks out move on to step 10.
Step 10: Create the bash script for the backups
——————————————————————–
Here’s a sample script for you to copy and paste into a file (i.e. network_device_backup.sh) and to tweak, add, or change for your needs. But save the script somewhere the rancid user can access and execute the script from (i.e./var/lib/rancid/). If you are planning on backing up a various types of routers, switches, firewalls etc you may want to create serveral differnet scripts.
#!/bin/bash # Variables clogin=/usr/lib/rancid/bin/clogin path=/var/lib/rancid/backups/ tdy=`date +%m%d%Y` #backup network device $clogin -c 'write term' 192.168.0.1 > $path/foo-$tdy.cfg
NOTE: When rancid is installed the default shell for the rancid user is csh. So for the script above to work the “#!/bin/bash’ is needed.
Step 11: Make the script executable to rancid.
——————————————————————–
sudo chmod 700 /path/to/script
Step 12: Test the backup script.
——————————————————————–
Test your script logged in as rancid.
su rancid
Now from wherever you put the backup script verify that it works before adding it as a cron job. For this example I’m going to use the following location /var/lib/rancid/.scripts/routers.sh with the output path being /var/lib/rancid/backups/.
./var/lib/rancid/.scripts/routers.sh
verify the config file that was generated to the output path you specified.
less /var/lib/rancid/backups/foo-12202005.cfg
Step 13: Add script to CRON.
——————————————————————–
As rancid add your script to CRONTAB.
su rancid
Now add an entry for your script.
crontab -e
To backup your equipment every Friday at 5pm should look like…
0 17 * * 5 /var/lib/rancid/.scripts/routers.sh >/dev/null 2>&1
Save the entry (crtl+x).
Verify the entry in crontab is correct.
crontab -l
For more infor on CRONTAB see the following post.
http://ubuntuforums.org/showthread.php?t=102626
Fiber Optic Splicing
What is Fiber Optic Splicing
Knowledge of fiber optic splicing methods is vital to any company or fiber optic technician involved in Telecommunications or LAN and networking projects.
Simply put, fiber optic splicing involves joining two fiber optic cables together. The other, more common, method of joining fibers is called termination or connectorization. Fiber splicing typically results in lower light loss and back reflection than termination making it the preferred method when the cable runs are too long for a single length of fiber or when joining two different types of cable together, such as a 48-fiber cable to four 12-fiber cables. Splicing is also used to restore fiber optic cables when a buried cable is accidentally severed.
There are two methods of fiber optic splicing, fusion splicing & mechanical splicing. If you are just beginning to splice fiber, you might want to look at your long-term goals in this field in order to chose which technique best fits your economic and performance objectives.
Mechanical Splicing vs. Fusion Splicing
• Mechanical Splicing:
Mechanical splices are simply alignment devices, designed to
hold the two fiber ends in a precisely aligned position thus enabling light to pass from one fiber into the other. (Typical loss: 0.3 dB)
• Fusion Splicing:
In fusion splicing a machine is used to precisely align the two fiber ends then the glass ends are “fused” or “welded” together using some type of heat or electric arc. This produces a continuous connection between the fibers enabling very low loss light transmission. (Typical loss: 0.1 dB)
• Which method is better?
The typical reason for choosing one method over the other is economics. Mechanical splicing has a low initial investment ($1,000 – $2,000) but costs more per splice ($12-$40 each). While the cost per splice for fusion splicing is lower ($0.50 – $1.50 each), the initial investment is much higher ($15,000 – $50,000 depending on the accuracy and features of the fusion splicing machine being purchased). The more precise you need the alignment (better alignment results in lower loss) the more you pay for the machine.
As for the performance of each splicing method, the decision is often based on what industry you are working in. Fusion splicing produces lower loss and less back reflection than mechanical splicing because the resulting fusion splice points are almost seamless. Fusion splices are used primarily with single mode fiber where as Mechanical splices work with both single and multi mode fiber.
Many Telecommunications and CATV companies invest in fusion splicing for their long haul singlemode networks, but will still use mechanical splicing for shorter, local cable runs. Since analog video signals require minimal reflection for optimal performance, fusion splicing is preferred for this application as well. The LAN industry has the choice of either method, as signal loss and reflection are minor concerns for most LAN applications.
Fusion Splicing Method
As mentioned previously, fusion splicing is a junction of two or more optical fibers that have been permanently affixed by welding them together by an electronic arc.
Four basic steps to completing a proper fusion splice:
Step 1: Preparing the fiber – Strip the protective coatings, jackets, tubes, strength members, etc. leaving only the bare fiber showing. The main concern here is cleanliness.
Step 2: Cleave the fiber – Using a good fiber cleaver here is essential to a successful fusion splice. The cleaved end must be mirror-smooth and perpendicular to the fiber axis to obtain a proper splice. NOTE: The cleaver does not cut the fiber! It merely nicks the fiber and then pulls or flexes it to cause a clean break. The goal is to produce a cleaved end that is as perfectly perpendicular as possible. That is why a good cleaver for fusion splicing can often cost $1,000 to $3,000. These cleavers can consistently produce a cleave angle of 0.5 degree or less.
Step 3: Fuse the fiber – There are two steps within this step, alignment and heating. Alignment can be manual or automatic depending on what equipment you have. The higher priced equipment you use, the more accurate the alignment becomes. Once properly aligned the fusion splicer unit then uses an electrical arc to melt the fibers, permanently welding the two fiber ends together.
Step 4: Protect the fiber – Protecting the fiber from bending and tensile forces will ensure the splice not break during normal handling. A typical fusion splice has a tensile strength between 0.5 and 1.5 lbs and will not break during normal handling but it still requires protection from excessive bending and pulling forces. Using heat shrink tubing, silicone gel and/or mechanical crimp protectors will keep the splice protected from outside elements and breakage.
Mechanical Splicing Method
Mechanical splicing is an optical junction where the fibers are precisely aligned and held in place by a self-contained assembly, not a permanent bond. This method aligns the two fiber ends to a common centerline, aligning their cores so the light can pass from one fiber to another.
Four steps to performing a mechanical splice:
Step 1: Preparing the fiber – Strip the protective coatings, jackets, tubes, strength members, etc. leaving only the bare fiber showing. The main concern here is cleanliness.
Step 2: Cleave the fiber – The process is identical to the cleaving for fusion splicing but the cleave precision is not as critical.
Step 3: Mechanically join the fibers – There is no heat used in this method. Simply position the fiber ends together inside the mechanical splice unit. The index matching gel inside the mechanical splice apparatus will help couple the light from one fiber end to the other. Older apparatus will have an epoxy rather than the index matching gel holding the cores together.
Step 4: Protect the fiber – the completed mechanical splice provides its own protection for the splice.
Tips for Better Splices:
1. Thoroughly and frequently clean your splicing tools. When working with fiber, keep in mind that particles not visible to the naked eye could cause tremendous problems when working with fiber optics. “Excessive” cleaning of your fiber and tools will save you time and money down the road.
2. Properly maintain and operate your cleaver. The cleaver is your most valuable tool in fiber splicing. Within mechanical splicing you need the proper angle to insure proper end faces or too much light escaping into the air gaps between the two fibers will occur. The index matching gel will eliminate most of the light escape but cannot overcome a low quality cleave. You should expect to spend around $200 to $1,000 for a good quality cleaver suitable for mechanical splicing.
For Fusion splicing, you need an even more precise cleaver to achieve the exceptional low loss (0.05 dB and less). If you have a poor cleave the fiber ends might not melt together properly causing light loss and high reflection problems. Expect to pay $1,000 to $4,000 for a good cleaver to handle the precision required for fusion splicing. Maintaining your cleaver by following manufacturer instructions for cleaning as well as using the tool properly will provide you with a long lasting piece of equipment and ensuring the job is done right the first time.
3. Fusion parameters must be adjusted minimally and methodically (fusion splicing only). If you start changing the fusion parameters on the splicer as soon as there is a hint of a problem you might lose your desired setting. Dirty equipment should be your first check and them continue with the parameters. Fusion time and fusion current are the two key factors for splicing. Different variables of these two factors can produce the same splice results. High time and low current result in the same outcome as high current and low time. Make sure to change one variable at a time and keep checking until you have found the right fusion parameters for your fiber type.
Tecra Tools offers a large selection of fiber optic tool kits and fiber optic supplies.
We currently stock Fibrlok Mechanical Splicing Kit from 3M and the Miller Fiber Optic Cleaver.
Click here to see our Fiber Splicing Kit and let us help you find the right tools for all your fiber optic needs.
Mengenal Komunikasi Serat Optik
Media komunikasi digital pada dasarnya hanya ada tiga, tembaga, udara dan kaca. Tembaga kita kenal sebagai media komunikasi sejak lama, telah berevolusi dari hanya penghantar listrik menjadi penghantar elektromagnetik yang membawa pesan, suara, gambar dan data digital. Berkembangnya teknologi frekuensi radio menambah alternatif lain media komunikasi, kita sebut nirkabel atau wireless, sebuah komunikasi dengan udara sebagai penghantar. Tahun 1980-an kita mulai mengenal media komunikasi yang lain yang sekarang menjadi tulang punggung komunikasi dunia, yaitu serat optik, sebuah media yang memanfaatkan pulsa cahaya dalam sebuah ruang kaca berbentuk kabel, total internal reflection.
Sebuah kabel serat optik dibuat sekecil-kecilnya (mikroskopis) agar tak mudah patah/retak, tentunya dengan perlindungan khusus sehingga besaran wujud kabel akhirnya tetap mudah dipasang. Satu kabel serat optik disebut sebagai core. Untuk satu sambungan/link komunikasi serat optik dibutuhkan dua core, satu sebagai transmitter dan satu lagi sebagai receiver. Variasi kabel yang dijual sangat beragam sesuai kebutuhan, ada kabel 4 core, 6 core, 8 core, 12 core, 16 core, 24 core, 36 core hingga 48 core. Satu core serat optik yang terlihat oleh mata kita adalah masih berupa lapisan pelindungnya (coated), sedangkan kacanya sendiri yang menjadi inti transmisi data berukuran mikroskopis, tak terlihat oleh mata.
Bentuk kabel dikenal dua macam, kabel udara (KU) dan kabel tanah (KT). Kabel udara diperkuat oleh kabel baja untuk keperluan penarikan kabel di atas tiang. Baik KU maupun KT pada lapisan intinya paling tengah diperkuat oleh kabel khusus untuk menahan kabel tidak mudah bengkok (biasanya serat plastik yang keras). Di sekeliling inti tersebut dipasang beberapa selubung yang isinya adalah core serat optik, dilapisi gel (katanya berfungsi juga sebagai racun tikus) dan serat nilon, dibungkus lagi dengan bahan metal tipis hingga ke lapisan terluar kabel berupa plastik tebal. Dari berbagai jenis jumlah core, besaran wujud akhir kabel tidaklah terlalu signifikan ukuran diameternya.
Memotong kabel serat optik sangat mudah, cukup menggunakan gergaji kecil. Sering terjadi maling-maling tembaga salah mencuri, niatnya mencuri kabel tembaga yang laku di pasar besi/loak malah menggergaji kabel serat optik. Yang sulit adalah mengupasnya, namun hal ini dipermudah dengan pabrikan kabel menyertakan serat nilon khusus di bawah lapisan terluar yang keras sehingga cukup dikupas sedikit dan nilon tersebut berfungsi membelah lapisan terluar hingga panjang yang diinginkan untuk dikupas.
Untuk apa dikupas? Tentunya untuk keperluan penyambungan atau terminasi. Kita lihat dulu bagaimana pulsa cahaya bekerja di dalam serat kaca yang sangat sempit ini. Kabel serat optik yang paling umum dikenal dua macam, multi-mode dan single-mode. Transmitter cahaya berupa Light Emitting Diode (LED) atau Injection Laser Diode (ILD) menembakkan pulsa cahaya ke dalam kabel serat optik. Dalam kabel multi-mode pulsa cahaya selain lurus searah panjang kabel juga berpantulan ke dinding core hingga sampai ke tujuan, sisi receiver. Pada kabel single-mode pulsa cahaya ditembakkan hanya lurus searah panjang kabel. Kabel single-mode memberi kelebihan kapasitas bandwidth dan jarak yang lebih tinggi, hingga puluhan kilometer dengan skala bandwidth gigabit.
Inti kaca kabel single-mode umumnya berdiameter 8,3-10 mikron (jauh lebih kecil dari diameter rambut), dan pada multi-mode berukuran 50-100 mikron. Pulsa cahaya yang ditembakkan pada single mode adalah cahaya dengan panjang gelombang 1310-1550nm, sedangkan pada multi-mode adalah 850-1300nm.
Ujung kabel serat optik berakhir di sebuah terminasi, untuk hal tersebut dibutuhkan penyambungan kabel serat optik dengan pigtail serat optik di Optical Termination Board (OTB), bisa wallmount atau 1U rackmount. Dari OTB kabel serat optik tinggal disambung dengan patchcord serat optik ke perangkat multiplexer, switch atau bridge (converter to ethernet UTP).
Penyambungan kabel serat optik disebut sebagai splicing. Splicing menggunakan alat khusus yang memadukan dua ujung kabel seukuran rambut secara presisi, dibakar pada suhu tertentu sehingga kaca meleleh tersambung tanpa bagian coated-nya ikut meleleh. Setelah tersambung, bagian sambungan ditutup dengan selubung yang dipanaskan. Alat ini mudah dioperasikan, namun sangat mahal harganya. Inilah sebabnya meskipun harga kabel fiber optik sudah jauh lebih murah namun alat dan biaya lainnya masih mahal, terutama pada biaya pemasangan kabel, splicing dan terminasinya.
Pigtail yang disambungkan ke kabel optik bisa bermacam-macam konektornya, yang paling umum adalah konektor FC. Dari konektor FC di OTB ini kita tinggal menggunakan patchcord yang sesuai untuk disambungkan ke perangkat. Umumnya perangkat optik seperti switch atau bridge menggunakan konektor SC atau LC. Cukup menyulitkan ketika menyebut jenis konektor yang kita kehendaki kepada penjual, FC, SC, ST, atau LC.
Setelah kabel optik terpasang di OTB dilakukan pengujian end-to-end dengan menggunakan Optical Time Domain Reflectometer (OTDR). Dengan OTDR akan didapatkan kualitas kabel, seberapa besar loss cahaya dan berapa panjang kabel totalnya. Harga perangkat OTDR ini sangat mahal, meskipun pengoperasiannya relatif mudah. OTDR ini digunakan pula pada saat terjadi gangguan putusnya kabel laut atau terestrial antar kota, sehingga bisa ditentukan di titik mana kabel harus diperbaiki dan disambung kembali.
Untuk keperluan sederhana misalnya sambungan fiber optik antar gedung pada jarak ratusan meter (hingga 15km) kini teknologi bridge/converter-nya sudah semakin murah dengan kapasitas 100Mbps, sedangkan untuk full gigabit harga switch/module-switch-nya masih mahal. Jadi, meskipun harga kabel serat optik sudah di kisaran Rp10.000/m namun total pemasangannya membengkak karena ada biaya SDM yang menarik dan memasang kabel, biaya splicing setiap core-nya, pemasangan OTB, pengujian OTDR, penyediaan patchcord dan perangkat optiknya sendiri (switch/bridge).
Kutipan dari http://yulian.firdaus.or.id
My Life. My Adventure 