PT Telekomunikasi Indonesia Tbk

Design Document - Insert Blade B2250 LB DNS Cache

Version 1.0
Date 27 July 2023

PT.Multipolar Technology Tbk

LippoKuningan Building 17th Fl.
Jl. HR Rasuna Said Kav.B12
Jakarta 12920
P:+62-21-5460011.
F:+62-21-5460020.
W: www.multipolar.com
Document Information

Confidentiality Agreement
The information in this document shall not be disclosed outside of PT.Telekomunikasi Indonesia,Tbk
organization and shall not be duplicated, used or disclosed in whole or in part for any purpose other than to
evaluate this document. PT.Telekomunikasi Indonesia,Tbk shall have the right to duplicate, use or disclose
the information to the extent provided by the contract. This restriction does not limit the right of
PT.Telekomunikasi Indonesia Tbkto use information contained in this document if it is obtained from another
source and developed from the existing know-how and experience of PT.Telekomunikasi IndonesiaTbk.

Multipolar Technology shall have the right to disclose and use such information with other customer as it
sees fit. Multipolar Technology shall also have the right to see or disclose information or know-how
developed or learned in the course of performance under any agreement for services offered in this
document that relate generally to the art of Network Infrastructure or Voice over IP or IP Telephony
infrastructure design or implementation design services, provide that such information is not infringing on
any existing patent or copyright of PT.TelekomunikasiIndonesiaTbk.

Document Properties
Property Value
Customer Name PT Telekomunikasi Indonesia Tbk
Title Method of Procedure Document - Insert Blade B2250 LB DNS Cache
Version 1.0
File Name 731553504.docx Insert Blade B2250 LB DNS Cache.docx
Status Final

Release History
Rev Issue Date Owner(s) Status Description of Changes
1.0 27 July 2023 Irgy Fajrian D.

Distribution List
Name Organization Title Email
Yeri Haryanto Multipolar Manager HINTD1 yeri.Haryanto@multipolar.com
Fajar A Multipolar Team Leader fajar.ardyanto@multipolar.com
Yusuf Nur Aji N Multipolar Network Engineer yusuf.nugroho@multipolar.com
Irgy Fajrian Destriansyah Multipolar Network Engineer irgy.destriansyah@multipolar.com
Ruli Hakim Telkom Manager rulihakim@telkom.co.id
Syaripuddin Telkom Officer IP Broadband 710193@telkom.co.id
Budi Setiawan Telkom Officer IP Broadband budi.Setiawan@telkom.co.id

© Multipolar Technology v (CONFIDENTIAL)

Contents

Document Information...................................................................................................................................... ii
Confidentiality Agreement........................................................................................................................... ii
Document Properties.................................................................................................................................. ii
Release History.......................................................................................................................................... ii
Distribution List........................................................................................................................................... ii
Contents.......................................................................................................................................................... iii
List of Table...................................................................................................................................................... v
Chapter 1: Introduction..................................................................................................................................... 2
1.1 To Do................................................................................................................................................ 2
1.2 Objectives......................................................................................................................................... 2
1.3 Tools/ Requirements........................................................................................................................ 2
1.4 Site Location..................................................................................................................................... 2
1.5 Schedule Activity.............................................................................................................................. 2
1.6 Pre-Activity Works............................................................................................................................ 2
Chapter 2: Network Topology and Flow traffic................................................................................................. 2
2.1 Existing DNS system........................................................................................................................ 2
2.2 Requirements for Insert Blade.......................................................................................................... 2
Chapter 3: Insert Blade Strategy..................................................................................................................... 3
3.1 Technical Notes................................................................................................................................ 3
3.2 Testing Prerequisites........................................................................................................................ 3
3.3 Summary Steps................................................................................................................................ 3
3.3.1 First Batch (Existing Traffic Verification and Bypass Traffic from RED/PE)...................................3
3.3.2 Batch Two (Insert Blade)............................................................................................................... 4
3.3.3 Fallback Procedure....................................................................................................................... 4
Chapter 4: Document Acceptance................................................................................................................... 6
4.1.1 Revision Detail.............................................................................................................................. 6

© Multipolar Technology v (CONFIDENTIAL)

List of Figures
Figure 1. Existing DNS System........................................................................................................................ 2

© Multipolar Technology v (CONFIDENTIAL)

List of Table

Table 1. Engineer Contact................................................................................................................................ 2

Chapter 1: Introduction

1.1 To Do
This Document prepared for Insert Blade B2250 LB DNS Cache.

1.2 Objectives
Insert Blade B2250 LB DNS Cache.

1.3 Tools/ Requirements

 Laptop
 Internet access
 Client/user test
 Traffic Monitoring

1.4 Site Location

Node Name :

 LB-DNS-D4-GLK
 LB-DNS-D4-KBU
 LB-DNS-D7-BAL
 LB-DNS-D7-PTR
 LB-DNS-D2-JT2
 LB-DNS-D3-LBG
 LB-DNS-D2-BKS
 LB-DNS-D2-KBB
 LB-DNS-D2-SLP
 LB-DNS-D3-TSM

1.5 Schedule Activity

 Estimated time: 60 minute
 Service Impact : No
 Engineer List :

Engineer No HP Email Note

Fajar Ardyanto 082336290390 fajar.ardyanto@multipolar.com
Yusuf Nur Aji N. 089648123679 yusuf.nugroho@multipolar.com Remote
Irgy Fajrian D. 085155035504 irgy.destriansyah@multipolar.com

© Multipolar Technology v (CONFIDENTIAL)

1.6 Pre-Activity Works
 Backup and download file configuration Load balancer.
 Bypass from PE HSI

© Multipolar Technology v (CONFIDENTIAL)

Chapter 2: Network Topology and Flow traffic

2.1 Existing DNS system.

Below is the network topology of DNS system.
Back-End

RPZ Server DNS RESOLVER 1

Front-End
DNS RESOLVER 2

PE HSI
DNS Cache
DNSFW 1

DNSFW 2

PCEF

BRAS/BNG

Figure 1. Existing DNS System

1. Traffic DNS from user will be redirected by PE HSI to local DNS cache.
2. DNS cache will check:
• Whitelisting zone (free patching)
• User (IP) blacklist (security feature)
• Backlisting zone (internet+)
• Cache file.
3. Traffic DNS will be forward to DNS resolver if by checking in point 2 not found match answer.

2.2 Requirements for Insert Blade B2250 LB DNS Cache

For this activities we need :
1. Unit Blade B2250
2. UTP Cable for Management New Blade

© Multipolar Technology Method of Procedure Document v0.1 (CONFIDENTIAL) 7

Chapter 3: Insert Blade Strategy
This chapter identifies several considerations and requirements, including summary steps to Insert Blade
B2250 LB DNS Cache.

3.1 Technical Notes

This technical note describes certain considerations Insert Blade B2250 LB DNS Cache.
 Backup the existing configuration Load balancer.
 Bypass from PE HSI

3.2 Testing Prerequisites

The following steps have to be completed prior to testing:
 Dig DNS, Check traffic by tcpdump when blade ready to be inserted to LB DNS Cache System.

3.3 Summary Steps

The testing process will be conducted in three batches; this is to ensure the available time to verify each
service runs normally before and after testing.

3.3.1 Batch One (Existing Traffic Verification and Bypass Traffic from PE HSI)
This step, we have to make sure that existing user’s internet is running well before insert bew blade. We will
capture the service DNS before migration and integration activities.
We will Backup configuration and bypass from Redirector

N Estimated
Action Status
o Time
1 Collect information about condition of existing Network 5 Minutes OK
Check and capture from user/client test: NOK
# dig @ip_public_dns_xx kompas.com
# dig @ip_public_dns_xx detik.com
# dig @ip_public_dns_xx playboy.com
# dig @ip_public_dns_xx kompas.com
Make sure all dig success and user get DNS answer

2 Backup Configuration Load balancer : 5 Minutes OK

1. Login to Configuration Utility NOK
2. Create archives by the following step:
Navigate to SYSTEM  ARCHIVES  CREATE : Enter file name
of archives  click FINISHED.
3. Download archive has be create at point 2 by the following step :
Navigate to SYSTEM  ARCHIVES  Click file name was be
create in point 2  click DOWNLOAD.

3 Perform Experience test, make sure the Client-test can access internet 5 minutes OK
properly NOK

© Multipolar Technology Method of Procedure Document v0.1 (CONFIDENTIAL) 8

4 Bypass DNS Traffic (Port 53) on PE HSI 5 minutes OK

NOK

3.3.2 Batch Two (Insert Blade)

Estimated Time : 55 Minutes

N
Action Estimated Time Status
o
1 Insert New Blade B2250 to Available Slot on LB DNS Cache 10 Minutes OK

NOK
2 Plug UTP Cable to Port Management New Blade 5 Minutes OK

NOK

3 Add IP Address to Interface Management New Blade :

1. Login to GUI
2. Go to System ›› Clusters ›› Management IP Address
3. Add IP Address

4 Add Description to Interface Management New Blade :

1. Login to CLI
2. Insert this command
#tmsh
#modify net interface x/mgmt description to SW-XX-XX_Port_XX
#save sys config

5 Verfity the status : 5 Minutes OK

1. Login to CLI NOK
2. Insert this command
 tmsh show sys cluster
 tmsh show sys ha-status
 tmsh show sys software

6 Re-active License : 10 Minutes OK

1. Login to GUI
NOK
2. Go to System ›› License
3. Click Reactivate
4. Select Automatic for the Activation Method and click Next

7 Re-inline DNS Traffic (Port 53) on PE HSI 5 minutes OK

NOK

8 Collect information about condition of Network 5 Minutes OK

Check and capture from user/client test:
NOK
# dig @ip_public_dns_xx kompas.com

© Multipolar Technology Method of Procedure Document v0.1 (CONFIDENTIAL) 9

 # dig @ip_public_dns_xx detik.com
# dig @ip_public_dns_xx playboy.com
# dig @ip_public_dns_xx kompas.com
Make sure all dig success and user get DNS answer

9 Monitor and capture performance resources statistics (CPU, Memory, 30 Minutes (Pararel OK
with point 3,4)
etc) after insertion. NOK

© Multipolar Technology Method of Procedure Document v0.1 (CONFIDENTIAL) 10

3.3.3 Rollback Procedure
The fallback procedure will be executed if the following situation fulfills:

 Implementation has not finish until time limit reach.

 The unexpected situation happened like corrupt OS/firmware or system crash or traffic down.
Here’s the steps of fallback procedure :
N Estimated
Action Status
o Time
1 Disable Blade 5 Minutes Ok

 Log in to GUI Not

 System -> Cluster -> Click Slot [Number]
 Click Disable

2 Verfity the status : 5 Minutes Ok

1. Log In to CLI Not

2. Insert this command
 tmsh show sys cluster
 tmsh show sys ha-status
 tmsh show sys software

3 Collect information about condition of existing Network 5 Minutes Ok

Check and capture from user/client test: Not

# dig @ip_public_dns_xx kompas.com
# dig @ip_public_dns_xx detik.com
# dig @ip_public_dns_xx playboy.com
# dig @ip_public_dns_xx kompas.com
 Make sure all dig success and user get DNS answer

4 Monitor and capture performance resources statistics (CPU, Memory, etc) 30 Minutes Ok
(Pararel with
after insertion. point 3,5) Not

5 Test experience test to dig, nslookup and browsing test. Make sure dig, 15 Minutes Ok

nslookup and browsing test success and user get DNS answer Not

© Multipolar Technology Method of Procedure Document v0.1 (CONFIDENTIAL) 11

Chapter 4: Document Acceptance

Information Value
Project Name SP#7 Pengadaan dan Pemasangan Ekspan PCEF Sandvine dan Load
Balancer Cache DNS no. K.TEL.003066/HK.810/TSC-B0200000/2023,
EDC 12 Juli 2023
Title Methode of Procedure Document - Insert Blade B2250 LB DNS Cache
Version 1.0
Status Final
Revision Required? Y/N

4.1.1 Revision Detail

Document Approval
Name : Irgy Fajrian D Name :
Company : PT. Multipolar Technology Tbk Company :
Position : Network Engineer Position :
Date : 27 July 2023 Date
Signature : Signature

Name : Name
Company : Company
Position : Position
Date : Date
Signature : Signature

© Multipolar Technology Method of Procedure Document v0.1 (CONFIDENTIAL) 12

After approving this document, changes management is required if you want to make changes as it might
interrupt the project milestone. Multipolar shall assume that this document is fully accepted by Customer
without modification if there are no questions or acknowledgement within seven (7) days.

© Multipolar Technology Method of Procedure Document v0.1 (CONFIDENTIAL) 13