Kamis, 23 Februari 2017

Lab 119 - BGP Max AS Limit

Masih ngomongin BGP ya.. sekarang kita akan belajar tentang BGP Max AS Limit?? makanan apaan sih ini?? daripada bingung mending langsung ngelab aja ya.. ntar juga faham sendiri apa itu max as limit kalau udah selesai lab..

Ini topologi yang akan kita gunakan

Diasumsikan kita telah konfigurasi ip address sesuai standard IDN ya.. saya hanya akan menunjukkan konfigurasi BGP saja.
R1(config-router)#do sh run | s r b
router bgp 1
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 neighbor 12.12.12.2 remote-as 2
 neighbor 13.13.13.3 remote-as 3

R2(config-router)#do sh run | s r b
router bgp 2
 bgp log-neighbor-changes
 neighbor 12.12.12.1 remote-as 1
 neighbor 25.25.25.5 remote-as 5

R3(config-router)#do sh run | s r b
router bgp 3
 bgp log-neighbor-changes
 neighbor 13.13.13.1 remote-as 1
 neighbor 34.34.34.4 remote-as 4

R4(config-router)#do sh run | s r b
router bgp 4
 bgp log-neighbor-changes
 neighbor 34.34.34.3 remote-as 3
 neighbor 45.45.45.5 remote-as 5

R5(config-router)#do sh run | s r b
router bgp 5
 bgp log-neighbor-changes
 neighbor 25.25.25.2 remote-as 2
 neighbor 45.45.45.4 remote-as 4
Berikut hasilnya di R5
R5(config-router)#do sh ip bgp
BGP table version is 4, local router ID is 45.45.45.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, 
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, 
              x best-external, a additional-path, c RIB-compressed, 
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  1.1.1.1/32       25.25.25.2                             0 2 1 i
 *                    45.45.45.4                             0 4 3 1 i
Perhatikan bahwa R5 punya dua jalur untuk menuju 1.1.1.1, yaitu via 25.25.25.2 (as path nya 2 yaitu 2 dan 1), sedangkan jalur kedua via 45.45.45.4 (as pathnya 3 yaitu 4,3,dan 1).

Sekarang kita konfigurasikan agar R5 hanya menerima route yang nilai AS Path nya tidak lebih dari 2 dengan max as limit
R5(config)#router bgp 5
R5(config-router)#bgp maxas-limit 2
R5(config-router)#do cle ip bgp * soft
Kita coba cek hasilnya
R5(config-router)#do sh ip bgp
BGP table version is 4, local router ID is 45.45.45.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, 
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, 
              x best-external, a additional-path, c RIB-compressed, 
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  1.1.1.1/32       25.25.25.2                             0 2 1 i
Perhatikan bahwa saat ini R5 sudah tidak menerima route dari R4 yang nilai as path nya 3. Ingat bahwa kita mengkonfigurasikan max as limit agar hanya menerima route yang nilai as path nya tidak lebih dari 2 (maximal 2).

Tapi apakah R4 tidak mengirim update ke R5?? tentu saja R4 tetap mengirim, hanya saja R5 yang menolak.. coba kita debug di R5 yaaa
R5(config-router)#do debug bgp ipv4 unicast update
BGP updates debugging is on for address family: IPv4 Unicast 
R5(config-router)#do cle ip bgp *
berikut hasil debug nya
R5(config-router)#
*Feb 23 15:12:11.719: %BGP-5-ADJCHANGE: neighbor 25.25.25.2 Down User reset
*Feb 23 15:12:11.719: %BGP_SESSION-5-ADJCHANGE: neighbor 25.25.25.2 IPv4 Unicast 
topology base removed from session  User reset
*Feb 23 15:12:11.719: %BGP-5-ADJCHANGE: neighbor 45.45.45.4 Down User reset
*Feb 23 15:12:11.719: %BGP_SESSION-5-ADJCHANGE: neighbor 45.45.45.4 IPv4 Unicast 
topology base removed from session  User reset
*Feb 23 15:12:12.493: %BGP-5-ADJCHANGE: neighbor 25.25.25.2 Up 
*Feb 23 15:12:12.493: %BGP-5-ADJCHANGE: neighbor 45.45.45.4 Up 
*Feb 23 15:12:12.499: BGP: nbr_topo global 45.45.45.4 IPv4 Unicast:base 
(0xF2AE4E30:1) rcvd Refresh Start-of-RIB
*Feb 23 15:12:12.499: BGP: nbr_topo global 45.45.45.4 IPv4 Unicast:base 
(0xF2AE4E30:1) refresh_epoch is 2
*Feb 23 15:12:12.499:  Long AS-PATH 4 3 1 received from 45.45.45.4: More than 
configured MAXAS-LIMIT
*Feb 23 15:12:12.499: BGP(0): 45.45.45.4 rcv UPDATE w/ attr: nexthop 45.45.45.4, 
origin i, originator 0.0.0.0, merged path 4 3 1, AS_PATH , community , extended 
community , SSA attribute 
*Feb 23 15:12:12.499: BGPSSA ssacount is 0
*Feb 23 15:12:12.499: BGP(0): 45.45.45.4 rcv UPDATE about 1.1.1.1/32 -- DENIED 
due to: AS-PATH length over maxas-limit 2;
*Feb 23 15:12:12.499: %BGP-6-ASPATH: Long AS path 4 3 1 received from 45.45.45.4: 

Prefixes: 1.1.1.1/32 
R5(config-router)#
*Feb 23 15:12:12.499: BGP: nbr_topo global 45.45.45.4 IPv4 Unicast:base 
(0xF2AE4E30:1) rcvd Refresh End-of-RIB
*Feb 23 15:12:12.499: BGP: nbr_topo global 25.25.25.2 IPv4 Unicast:base 
(0xF2AB5E20:1) rcvd Refresh Start-of-RIB
*Feb 23 15:12:12.499: BGP: nbr_topo global 25.25.25.2 IPv4 Unicast:base 
(0xF2AB5E20:1) refresh_epoch is 2
*Feb 23 15:12:12.499: BGP(0): 25.25.25.2 rcvd UPDATE w/ attr: nexthop 
25.25.25.2, origin i, merged path 2 1, AS_PATH 
*Feb 23 15:12:12.499: BGP(0): 25.25.25.2 rcvd 1.1.1.1/32
*Feb 23 15:12:12.499: BGP: nbr_topo global 25.25.25.2 IPv4 Unicast:base 
(0xF2AB5E20:1) rcvd Refresh End-of-RIB
Perhatikan bahwa update dari R4 ditolak karena melebihi maximum as path..

Oke sampai disini dulu ya.. semoga bermanfaat..

Like the Post? Do share with your Friends.

Diposting oleh Pada
Label: ,

Tidak ada komentar:

Posting Komentar

Komentar

Langganan: Posting Komentar (Atom)

FeedBack

Jika Anda merasa terbantu dengan artikel dari Coretan Bocah IT, silahkan berlangganan GRATIS via email. Dengan begitu, Anda akan mendapat kiriman artikel setiap ada artikel baru yang terbit di Coretan Bocah IT

Masukkan Email :

IconIconIconFollow Me on Pinterest
Powered By Blogger Premium Theme By Lord HTML