Pada lab ini kita akan belajar melakukan filtering pada BGP menggunakan access list dan route map. Berikut topologi yang akan kita gunakan pada lab ini
 |
| Gambar 1 Topologi jaringan BGP |
Kita akan konfigurasi EBGP Peering antara ketiga router diatas, selanjutnya kita akan membuat beberapa IP Loopback di R1 yang nantinya akan kita filter. Oke langsung aja ya..
R1(config)#int e0/0R1(config-if)#no sh R1(config-if)#ip add 12.12.12.1 255.255.255.0 R1(config-if)#int l0 R1(config-if)#ip add 1.1.1.1 255.255.255.255 R1(config-if)#int l1 R1(config-if)#ip add 1.1.1.2 255.255.255.255 R1(config-if)#int l2 R1(config-if)#ip add 1.1.1.3 255.255.255.255 R1(config-if)#int l3 R1(config-if)#ip add 1.1.1.4 255.255.255.255 R1(config-if)#int l4 R1(config-if)#ip add 1.1.1.5 255.255.255.255 R1(config-if)#int l5 R1(config-if)#ip add 1.1.1.6 255.255.255.255 R1(config-if)#router bgp 1 R1(config-router)#neighbor 12.12.12.2 remote-as 2 R1(config-router)#net 1.1.1.1 mask 255.255.255.255 R1(config-router)#net 1.1.1.2 mask 255.255.255.255 R1(config-router)#net 1.1.1.3 mask 255.255.255.255 R1(config-router)#net 1.1.1.4 mask 255.255.255.255 R1(config-router)#net 1.1.1.5 mask 255.255.255.255 R1(config-router)#net 1.1.1.6 mask 255.255.255.255
R2(config)#int e0/0 R2(config-if)#no sh R2(config-if)#ip add 12.12.12.2 255.255.255.0 R2(config-if)#int e0/1 R2(config-if)#ip add 23.23.23.2 255.255.255.0 R2(config)#router bgp 2 R2(config-router)#neighbor 12.12.12.1 remote-as 1 R2(config-router)#neighbor 23.23.23.3 remote-as 3
R3(config)#int e0/0 R3(config-if)#no sh R3(config-if)#ip add 23.23.23.3 255.255.255.0 R3(config-if)#router bgp 3 R3(config-router)#neighbor 23.23.23.2 remote-as 2
Untuk pengujian, kita coba lihat tabel routing di R2 dan R3. Pastikan kedua router ini punya informasi tentang seluruh IP Loopback R1
R2(config-router)#do sh ip ro1.0.0.0/32 is subnetted, 6 subnets B 1.1.1.1 [20/0] via 12.12.12.1, 00:02:10 B 1.1.1.2 [20/0] via 12.12.12.1, 00:02:10 B 1.1.1.3 [20/0] via 12.12.12.1, 00:02:10 B 1.1.1.4 [20/0] via 12.12.12.1, 00:02:10 B 1.1.1.5 [20/0] via 12.12.12.1, 00:02:10 B 1.1.1.6 [20/0] via 12.12.12.1, 00:02:10 12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 12.12.12.0/24 is directly connected, Ethernet0/0 23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 23.23.23.0/24 is directly connected, Ethernet0/1
R3(config-router)#do sh ip ro 1.0.0.0/32 is subnetted, 6 subnets B 1.1.1.1 [20/0] via 23.23.23.2, 00:02:12 B 1.1.1.2 [20/0] via 23.23.23.2, 00:02:12 B 1.1.1.3 [20/0] via 23.23.23.2, 00:02:12 B 1.1.1.4 [20/0] via 23.23.23.2, 00:02:12 B 1.1.1.5 [20/0] via 23.23.23.2, 00:02:12 B 1.1.1.6 [20/0] via 23.23.23.2, 00:02:12 23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 23.23.23.0/24 is directly connected, Ethernet0/0
Sip2 R2 dan R3 sudah punya informasi tentang seluruh IP Loopback R1. Sekarang kita coba lakukan filtering ya.. tujuan kita biar R2 dan R3 gak punya informasi tentang IP yang genap
Oke sekarang kita coba lihat lagi tabel routing di R2 dan R3R1(config)#access-list 1 deny 1.1.1.0 0.0.0.254R1(config)#access-list 1 permit any R1(config)#route-map FILTERING R1(config-route-map)#match ip address 1 R1(config-route-map)#router bgp 1 R1(config-router)#neighbor 12.12.12.2 route-map FILTERING out R1(config-router)#do cle ip bgp *
R2(config-router)#do sh ip ro 1.0.0.0/32 is subnetted, 3 subnets B 1.1.1.1 [20/0] via 12.12.12.1, 00:00:44 B 1.1.1.3 [20/0] via 12.12.12.1, 00:00:44 B 1.1.1.5 [20/0] via 12.12.12.1, 00:00:44 12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 12.12.12.0/24 is directly connected, Ethernet0/0 23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 23.23.23.0/24 is directly connected, Ethernet0/1
Juozzzz kita udah berhasil melakukan filtering..R3(config-router)#do sh ip ro 1.0.0.0/32 is subnetted, 3 subnets B 1.1.1.1 [20/0] via 23.23.23.2, 00:01:35 B 1.1.1.3 [20/0] via 23.23.23.2, 00:01:35 B 1.1.1.5 [20/0] via 23.23.23.2, 00:01:35 23.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 23.23.23.0/24 is directly connected, Ethernet0/0
Tidak ada komentar:
Posting Komentar
Komentar