Monday, December 7, 2015

iBGP Peering (Physical Interface)

Setelah bongkar file lama ternyata nemu tulisan yang belum sempat ane posting, materi tentang BGP dan MPLS yang jumlah tulisannya lumayan banyak (ada sekitar 20 tulisan :D). Dan rencananya, akan saya update seminggu sekali 1 artikel (kalau ingat :D)

Oke, langsung ana tulis disini aja. Lab/materi yang pertama adalah iBGP Peering menggunakan interface fisik. biar gak terlalu lama, langsung TKP aja :v

Ini topologinya

Ada 3 router yang ane pakai, R1, R2, dan R3. dengan ip yang sudah ada di topologi. langsung aja play router GNS3 nya

ROUTER HAS NO SOFTWARE KEY
----------------------------
You have 23h45m to configure the router to be remotely accessible,
and to enter the key by pasting it in a Telnet window or in Winbox.
See www.mikrotik.com/key for more details.

Current installation "software ID": AGXU-K1TR
Please press "Enter" to continue!

Yang pertama, tambahkan IP pada masing-masing interface yang ada pada router. Jangan lupa ganti identitas router biar kagak bingung

[admin@MikroTik] > system identity set name=R1
[admin@R1] > ip address add address=12.12.12.1/24 interface=ether1
[admin@R1] > ip address add address=13.13.13.1/24 interface=ether2

[admin@MikroTik] > system identity set name=R2
[admin@R2] > ip address add address=12.12.12.2/24 interface=ether1
[admin@R2] > ip address add address=23.23.23.2/24 interface=ether2

[admin@MikroTik] > system identity set name=R3
[admin@R3] > ip address add address=23.23.23.3/24 interface=ether1
[admin@R3] > ip address add address=13.13.13.3/24 interface=ether2

Kita ubah dulu AS nya. semua router ada di AS yang sama yaitu 100

[admin@R1] > routing bgp instance set default as=100

[admin@R2] > routing bgp instance set default as=100

[admin@R3] > routing bgp instance set default as=100

Langkah selanjutnya, lakukan peering ke router tetangga. dengan remote address ip yang ada pada interface router

[admin@R1] > routing bgp peer add name=peer1 remote-address=12.12.12.2 remote-as=100
[admin@R1] > routing bgp peer add name=peer2 remote-address=13.13.13.3 remote-as=100

[admin@R2] > routing bgp peer add name=peer1 remote-address=12.12.12.1 remote-as=100
[admin@R2] > routing bgp peer add name=peer2 remote-address=23.23.23.3 remote-as=100

[admin@R3] > routing bgp peer add name=peer1 remote-address=23.23.23.2 remote-as=100
[admin@R3] > routing bgp peer add name=peer2 remote-address=13.13.13.1 remote-as=100

Jika sudah, sekarang cek status bgp peeringnya dengan perintah "routing bgp peer print status" dan pastikan semua statusnya established.

[admin@R1] > routing bgp peer print status
Flags: X - disabled, E - established
0   E name="peer1" instance=default remote-address=12.12.12.2 remote-as=100 tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=255 in-filter="" out-filter="" address-families=ip default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no remote-id=12.12.12.2 local-address=12.12.12.1 uptime=2m11s prefix-count=0 updates-sent=0 updates-received=0 withdrawn-sent=0  withdrawn-received=0 remote-hold-time=3m used-hold-time=3m used-keepalive-time=1m refresh-capability=yes as4-capability=yes state=established

1   E name="peer2" instance=default remote-address=13.13.13.3 remote-as=100 tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=255 in-filter="" out-filter="" address-families=ip default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no remote-id=13.13.13.3 local-address=13.13.13.1 uptime=46s prefix-count=0 updates-sent=0 updates-received=0 withdrawn-sent=0 withdrawn-received=0 remote-hold-time=3m used-hold-time=3m used-keepalive-time=1m refresh-capability=yes as4-capability=yes state=established

[admin@R2] > routing bgp peer print status
Flags: X - disabled, E - established
0    E name="peer1" instance=default remote-address=12.12.12.1 remote-as=100 tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=255 in-filter="" out-filter="" address-families=ip default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no remote-id=12.12.12.1 local-address=12.12.12.2 uptime=2m54s prefix-count=0 updates-sent=0 updates-received=0 withdrawn-sent=0 withdrawn-received=0 remote-hold-time=3m used-hold-time=3m used-keepalive-time=1m refresh-capability=yes as4-capability=yes state=established

1    E name="peer2" instance=default remote-address=23.23.23.3 remote-as=100 tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=255 in-filter="" out-filter="" address-families=ip default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no remote-id=13.13.13.3 local-address=23.23.23.2 uptime=2s prefix-count=0 updates-sent=0 updates-received=0 withdrawn-sent=0 withdrawn-received=0 remote-hold-time=3m used-hold-time=3m used-keepalive-time=1m refresh-capability=yes as4-capability=yes state=established

[admin@R3] > routing bgp peer print status
Flags: X - disabled, E - established
0    E name="peer1" instance=default remote-address=23.23.23.2 remote-as=100 tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=255 in-filter="" out-filter="" address-families=ip default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no remote-id=12.12.12.2 local-address=23.23.23.3 uptime=9s prefix-count=0 updates-sent=0 updates-received=0 withdrawn-sent=0 withdrawn-received=0 remote-hold-time=3m used-hold-time=3m used-keepalive-time=1m refresh-capability=yes as4-capability=yes state=established

1    E name="peer2" instance=default remote-address=13.13.13.1 remote-as=100 tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=255 in-filter="" out-filter="" address-families=ip default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no remote-id=12.12.12.1 local-address=13.13.13.3 uptime=1m37s prefix-count=0 updates-sent=0 updates-received=0 withdrawn-sent=0 withdrawn-received=0 remote-hold-time=3m used-hold-time=3m used-keepalive-time=1m refresh-capability=yes as4-capability=yes state=established

Mengadvertise network via BGP

established menandakan peering sudah terhubung atau sudah berhasil. Sekarang buat ip lookback (seakan-akan ada network/jaringan pada setiap router). Buatlah di masing-masing router

[admin@R1] > interface bridge add name=loopback
[admin@R1] > ip address add address=1.1.1.1/32 interface=loopback

[admin@R2] > interface bridge add name=loopback
[admin@R2] > ip address add address=2.2.2.2/32 interface=loopback

[admin@R3] > interface bridge add name=loopback
[admin@R3] > ip address add address=3.3.3.3/32 interface=loopback

Sekarang masukkan nerwork yang akan diadvertise oleh router bgp

[admin@R1] > routing bgp network add network=1.1.1.1/32

[admin@R2] > routing bgp network add network=2.2.2.2/32

[admin@R3] > routing bgp network add network=3.3.3.3/32

Dan cobalah lihat tabel routing "ip route print".

[admin@R1] > ip route print
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
 #            DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADC  1.1.1.1/32                       1.1.1.1                loopback                   0
 1 ADb   2.2.2.2/32                                               12.12.12.2                 200
 2 ADb   3.3.3.3/32                                               13.13.13.3                 200
 3 ADC  12.12.12.0/24                12.12.12.1             ether1                       0
 4 ADC  13.13.13.0/24                13.13.13.1             ether2                       0

ADb      : Active Dinamic bgp
ADC     : Active Dinamic Connected

Distance 200 adalah iBGP

Selamat mencoba dan semoga bermanfaat

1 comment: