Lab 139 – Inter-AS MPLS VPN – Option B (VPNv4 Between ASBR)

Pada postingan sebelumnya kita telah membahas Inter-AS MPLS VPN – Option A. Selanjutnya pada lab ini kita akan membahas Inter-AS MPLS VPN – Option B.

Jika pada Option A, kita tidak menjalankan MPLS antar service provider. Namun jika menggunakan Option B, maka kita juga akan menjalankan MPLS antar service provider.

Nantinya antar R4 dan R5 juga akan dikonfigurasikan MPLS.

Diasumsikan kita telah mengkonfigurasi seperti pada postingan selanjutnya ya.. jika belum, silahkan menuju postingan sebelumnya terlebih dahulu.

Pada lab ini kita akan melanjutkan konfigurasi dari lab selanjutnya. Pertama kita hapus dulu koneksi antar R4 dan R5.

R4(config)#no ip vrf A
R4(config)#no int e0/1.45
R5(config)#no ip vrf B
R5(config)#no int e0/0.45

Sekarang kita konfigurasikan addressing antar R4 dan R5. kali ini kita perlu membuat vrf ya

R4(config)#int e0/1
R4(config-if)#no sh
R4(config-if)#ip add 45.45.45.4 255.255.255.0
R5(config)#int e0/0
R5(config-if)#no sh
R5(config-if)#ip add 45.45.45.5 255.255.255.0

Selanjutnya kita konfigurasikan VPNv4 antar R4 dan R5

R4(config-if)#router bgp 100
R4(config-router)#nei 45.45.45.5 remote-as 200

R4(config-router)#address-family vpnv4
R4(config-router-af)#nei 45.45.45.5 activate
R5(config)#router bgp 200
R5(config-router)#nei 45.45.45.4 remote-as 100

R5(config-router)#address-family vpnv4
R5(config-router-af)#nei 45.45.45.4 activate

Pada lab ini kita akan menggunakan BGP untuk memforward MPLS label (kita tidak menggunakan LDP), untuk itu kita harus mengaktifkan mpls bgp forwarding seperti berikut

R4(config-router-af)#int e0/1
R4(config-if)#mpls bgp forwarding
R5(config-router)#int e0/0
R5(config-if)#mpls bgp forwarding

Sekarang kita coba tabel routing BGP di R4 dan R5

R4(config)#do sh ip bgp vpnv4 all
R4(config)#
R5(config)#do sh ip bgp vpnv4 all
R5(config)#

Perhatikan bahwa saat ini R4 dan R5 tidak memiliki tabel routing sama sekali. Kenapa bisa seperti ini? karena kita tidak membuat vrf pada R4 dan R5.

Untuk mengatasi masalah ini, kita bisa menggunakan 2 cara. cara pertama yaitu dengan membuat vrf dan mengimport seluruh VRF. berarti R4 harus mengimport 100:10 dan juga 200:20, begitu juga dengan R5 juga harus mengimport 100:10 dan 200:200.. tentu saja cara ini akan sangat panjang jika kita memiliki banyak vrf.

Solusi kedua adalah dengan menggunakan perintah no bgp default route-target filter seperti berikut

R4(config)#router bgp 100
R4(config-router)#no bgp default route-target filter
R5(config)#router bgp 200
R5(config-router)#no bgp default route-target filter

Sekarang coba kita cek lagi tabel routing BGP di R4 dan R5

R4(config-router)#do sh ip bgp vpnv4 all
BGP table version is 16, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10
*>i 1.1.1.1/32 2.2.2.2 0 100 0 10 i
Route Distinguisher: 200:20
*> 8.8.8.8/32 45.45.45.5 0 200 20 i
R5(config-router)#do sh ip bgp vpnv4 all
BGP table version is 15, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10
*> 1.1.1.1/32 45.45.45.4 0 100 10 i
Route Distinguisher: 200:20
*>i 8.8.8.8/32 7.7.7.7 0 100 0 20 i

Perhatikan bahwa saat ini R4 dan R5 sudah memiliki tabel routing BGP tentang customer A dan customer B.

Sekarang kita coba cek di masing-masing PE,

R2(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*> 1.1.1.1/32 12.12.12.1 0 0 10 i

Perhatikan bahwa PE di Service Provider 1 (R2) masih belum memiliki route menuju customer B. kita coba lihat PE di Service Provider 2

R7(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 9, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 200:20 (default for vrf B)
*> 8.8.8.8/32 78.78.78.8 0 0 20 i

Perhatikan bahwa PE di service provider 2 (R7) juga masih belum punya route menuju customer A.

Kenapa demikian? Hal ini dikarenakan PE di Service Provider 1 mengexport route-target 100:10, sedangkan PE di Service Provider 2 belum mengimport route-target tersebut. Begitu juga dengan PE di Service Provider 2 yang mengexport route-target 200:20 dan PE di service provider 1 belum mengimport route-target tersebut.

Oke kita lakukan konfigurasi berikut

R2(config)#ip vrf A
R2(config-vrf)#route-target import 200:20

Konfigurasi diatas digunakan oleh PE Service Provider 1 untuk mengimport route dari customer B. kita lihat hasilnya

R2(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*> 1.1.1.1/32 12.12.12.1 0 0 10 i
* i 8.8.8.8/32 45.45.45.5 0 100 0 200 20 i
Route Distinguisher: 200:20
* i 8.8.8.8/32 45.45.45.5 0 100 0 200 20 i

Perhatikan bahwa hasilnya sudah ada, selanjutnya kita lakukan di PE Service Provider 2.

R7(config)#ip vrf B
R7(config-vrf)#route-target import 100:10

Kita lihat hasilnya

R7(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 9, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10
* i 1.1.1.1/32 45.45.45.4 0 100 0 100 10 i
Route Distinguisher: 200:20 (default for vrf B)
* i 1.1.1.1/32 45.45.45.4 0 100 0 100 10 i
*> 8.8.8.8/32 78.78.78.8 0 0 20 i

Perhatikan bahwa saat ini masing-masing PE sudah memiliki tabel routing BGP yang lengkap.

Tapi tunggu dulu, R2 memang sudah mengenai 8.8.8.8, tapi route nya masih belum best. perhatikan bahwa tidak ada symbol > pada route tersebut. Untuk mengatasi hal tersebut kita bisa mengkonfigurasikan next-hop-self di ASBR seperti berikut

R4(config)#router bgp 100
R4(config-router)#address-family vpnv4
R4(config-router-af)#nei 2.2.2.2 next-hop-self

Kita coba lihat lagi di PE

R2(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 11, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*> 1.1.1.1/32 12.12.12.1 0 0 10 i
*>i 8.8.8.8/32 4.4.4.4 0 100 0 200 20 i
Route Distinguisher: 200:20
*>i 8.8.8.8/32 4.4.4.4 0 100 0 200 20 i

Perhatikan bahwa saat ini route-nya sudah best. selanjutnya kita lakukan di R5

R5(config)#router bgp 200
R5(config-router)#address-family vpnv4
R5(config-router-af)#nei 7.7.7.7 next-hop-self

Kita coba lihat hasilnya di R7

R7(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 11, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10
*>i 1.1.1.1/32 5.5.5.5 0 100 0 100 10 i
Route Distinguisher: 200:20 (default for vrf B)
*>i 1.1.1.1/32 5.5.5.5 0 100 0 100 10 i
*> 8.8.8.8/32 78.78.78.8 0 0 20 i

Perhatikan bahwa saat ini jalurnya sudah best. Terahir kita coba lihat di sisi customer

R1#sh ip rou
...
Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
8.0.0.0/32 is subnetted, 1 subnets
B 8.8.8.8 [20/0] via 12.12.12.2, 00:02:25
12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 12.12.12.0/24 is directly connected, Ethernet0/0
L 12.12.12.1/32 is directly connected, Ethernet0/0
R8#sh ip route
...
Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 78.78.78.7, 00:01:52
8.0.0.0/32 is subnetted, 1 subnets
C 8.8.8.8 is directly connected, Loopback0
78.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 78.78.78.0/24 is directly connected, Ethernet0/0
L 78.78.78.8/32 is directly connected, Ethernet0/0

Perhatikan bahwa saat ini customer 1 sudah punya tabel routing tentang customer 2, begitu juga dengan customer 2 juga sudah punya tabel routing tentang customer 1.

Kita coba lakukan ping

R1#ping 8.8.8.8 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/3 ms

Oke hasilnya sukses!!.. coba kita lakukan traceroute

R1#trace 8.8.8.8 sou lo0
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 12.12.12.2 1 msec 0 msec 0 msec
2 23.23.23.3 [MPLS: Labels 18/22 Exp 0] 2 msec 1 msec 2 msec
3 34.34.34.4 [MPLS: Label 22 Exp 0] 1 msec 1 msec 1 msec
4 45.45.45.5 [MPLS: Label 18 Exp 0] 2 msec 2 msec 1 msec
5 56.56.56.6 [MPLS: Labels 16/20 Exp 0] 1 msec 2 msec 1 msec
6 78.78.78.7 [MPLS: Label 20 Exp 0] 2 msec 1 msec 1 msec
7 78.78.78.8 1 msec 1 msec 2 msec

Perhatikan bahwa saat ini paket nya sudah berlabel. Jika Anda ingat, pada Option A, saat paket melewati 45.45.45.5, paket tersebut tidak berlabel. perhatikan hasil trace route saat menggunakan option A berikut

R1#trace 8.8.8.8 sou lo0
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 12.12.12.2 1 msec 5 msec 1 msec
2 23.23.23.3 [MPLS: Labels 18/16 Exp 0] 1 msec 1 msec 0 msec
3 45.45.45.4 [MPLS: Label 16 Exp 0] 0 msec 0 msec 1 msec
4 45.45.45.5 1 msec 1 msec 1 msec
5 56.56.56.6 [MPLS: Labels 16/20 Exp 0] 2 msec 1 msec 2 msec
6 78.78.78.7 [MPLS: Label 20 Exp 0] 1 msec 2 msec 1 msec
7 78.78.78.8 2 msec 1 msec 2 msec

Oke.. sudah tau bedanya kan?

Perhatikan ilustrasi berikut

R4(config-router-af)#do sh ip bgp vpnv4 all 8.8.8.8
BGP routing table entry for 200:20:8.8.8.8/32, version 15
Paths: (1 available, best #1, no table)
Advertised to update-groups:
6
Refresh Epoch 4
200 20
45.45.45.5 from 45.45.45.5 (5.5.5.5)
Origin IGP, localpref 100, valid, external, best
Extended Community: RT:200:20
mpls labels in/
out 22/18

Perhatikan bahwa saat paket keluar dari ASBR, paket tersebut akan diberikan label kembali. bandingkan dengan hasil show pada Option A berikut

R4(config)#do sh ip bgp vpnv4 all 8.8.8.8
BGP routing table entry for 100:10:8.8.8.8/32, version 8
Paths: (1 available, best #1, table A)
Advertised to update-groups:
3
Refresh Epoch 1
200 20
45.45.45.5 from 45.45.45.5 (5.5.5.5)
Origin IGP, localpref 100, valid, external, best
Extended Community: RT:100:10
mpls labels in/
out 16/nolabel

Oke.. sudah tau bedanya kan? sampai disini dulu yaa.. semoga bermanfaat.. semoga segera ada kesempatan untuk nulis lagi ya.. hehe

Lab 139 – Inter-AS MPLS VPN – Option B (VPNv4 Between ASBR)

Pada postingan sebelumnya kita telah membahas Inter-AS MPLS VPN – Option A. Selanjutnya pada lab ini kita akan membahas Inter-AS MPLS VPN – Option B.

Jika pada Option A, kita tidak menjalankan MPLS antar service provider. Namun jika menggunakan Option B, maka kita juga akan menjalankan MPLS antar service provider.

Nantinya antar R4 dan R5 juga akan dikonfigurasikan MPLS.

Diasumsikan kita telah mengkonfigurasi seperti pada postingan selanjutnya ya.. jika belum, silahkan menuju postingan sebelumnya terlebih dahulu.

Pada lab ini kita akan melanjutkan konfigurasi dari lab selanjutnya. Pertama kita hapus dulu koneksi antar R4 dan R5.

R4(config)#no ip vrf A
R4(config)#no int e0/1.45
R5(config)#no ip vrf B
R5(config)#no int e0/0.45

Sekarang kita konfigurasikan addressing antar R4 dan R5. kali ini kita perlu membuat vrf ya

R4(config)#int e0/1
R4(config-if)#no sh
R4(config-if)#ip add 45.45.45.4 255.255.255.0
R5(config)#int e0/0
R5(config-if)#no sh
R5(config-if)#ip add 45.45.45.5 255.255.255.0

Selanjutnya kita konfigurasikan VPNv4 antar R4 dan R5

R4(config-if)#router bgp 100
R4(config-router)#nei 45.45.45.5 remote-as 200

R4(config-router)#address-family vpnv4
R4(config-router-af)#nei 45.45.45.5 activate
R5(config)#router bgp 200
R5(config-router)#nei 45.45.45.4 remote-as 100

R5(config-router)#address-family vpnv4
R5(config-router-af)#nei 45.45.45.4 activate

Pada lab ini kita akan menggunakan BGP untuk memforward MPLS label (kita tidak menggunakan LDP), untuk itu kita harus mengaktifkan mpls bgp forwarding seperti berikut

R4(config-router-af)#int e0/1
R4(config-if)#mpls bgp forwarding
R5(config-router)#int e0/0
R5(config-if)#mpls bgp forwarding

Sekarang kita coba tabel routing BGP di R4 dan R5

R4(config)#do sh ip bgp vpnv4 all
R4(config)#
R5(config)#do sh ip bgp vpnv4 all
R5(config)#

Perhatikan bahwa saat ini R4 dan R5 tidak memiliki tabel routing sama sekali. Kenapa bisa seperti ini? karena kita tidak membuat vrf pada R4 dan R5.

Untuk mengatasi masalah ini, kita bisa menggunakan 2 cara. cara pertama yaitu dengan membuat vrf dan mengimport seluruh VRF. berarti R4 harus mengimport 100:10 dan juga 200:20, begitu juga dengan R5 juga harus mengimport 100:10 dan 200:200.. tentu saja cara ini akan sangat panjang jika kita memiliki banyak vrf.

Solusi kedua adalah dengan menggunakan perintah no bgp default route-target filter seperti berikut

R4(config)#router bgp 100
R4(config-router)#no bgp default route-target filter
R5(config)#router bgp 200
R5(config-router)#no bgp default route-target filter

Sekarang coba kita cek lagi tabel routing BGP di R4 dan R5

R4(config-router)#do sh ip bgp vpnv4 all
BGP table version is 16, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10
*>i 1.1.1.1/32 2.2.2.2 0 100 0 10 i
Route Distinguisher: 200:20
*> 8.8.8.8/32 45.45.45.5 0 200 20 i
R5(config-router)#do sh ip bgp vpnv4 all
BGP table version is 15, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10
*> 1.1.1.1/32 45.45.45.4 0 100 10 i
Route Distinguisher: 200:20
*>i 8.8.8.8/32 7.7.7.7 0 100 0 20 i

Perhatikan bahwa saat ini R4 dan R5 sudah memiliki tabel routing BGP tentang customer A dan customer B.

Sekarang kita coba cek di masing-masing PE,

R2(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*> 1.1.1.1/32 12.12.12.1 0 0 10 i

Perhatikan bahwa PE di Service Provider 1 (R2) masih belum memiliki route menuju customer B. kita coba lihat PE di Service Provider 2

R7(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 9, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 200:20 (default for vrf B)
*> 8.8.8.8/32 78.78.78.8 0 0 20 i

Perhatikan bahwa PE di service provider 2 (R7) juga masih belum punya route menuju customer A.

Kenapa demikian? Hal ini dikarenakan PE di Service Provider 1 mengexport route-target 100:10, sedangkan PE di Service Provider 2 belum mengimport route-target tersebut. Begitu juga dengan PE di Service Provider 2 yang mengexport route-target 200:20 dan PE di service provider 1 belum mengimport route-target tersebut.

Oke kita lakukan konfigurasi berikut

R2(config)#ip vrf A
R2(config-vrf)#route-target import 200:20

Konfigurasi diatas digunakan oleh PE Service Provider 1 untuk mengimport route dari customer B. kita lihat hasilnya

R2(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*> 1.1.1.1/32 12.12.12.1 0 0 10 i
* i 8.8.8.8/32 45.45.45.5 0 100 0 200 20 i
Route Distinguisher: 200:20
* i 8.8.8.8/32 45.45.45.5 0 100 0 200 20 i

Perhatikan bahwa hasilnya sudah ada, selanjutnya kita lakukan di PE Service Provider 2.

R7(config)#ip vrf B
R7(config-vrf)#route-target import 100:10

Kita lihat hasilnya

R7(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 9, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10
* i 1.1.1.1/32 45.45.45.4 0 100 0 100 10 i
Route Distinguisher: 200:20 (default for vrf B)
* i 1.1.1.1/32 45.45.45.4 0 100 0 100 10 i
*> 8.8.8.8/32 78.78.78.8 0 0 20 i

Perhatikan bahwa saat ini masing-masing PE sudah memiliki tabel routing BGP yang lengkap.

Tapi tunggu dulu, R2 memang sudah mengenai 8.8.8.8, tapi route nya masih belum best. perhatikan bahwa tidak ada symbol > pada route tersebut. Untuk mengatasi hal tersebut kita bisa mengkonfigurasikan next-hop-self di ASBR seperti berikut

R4(config)#router bgp 100
R4(config-router)#address-family vpnv4
R4(config-router-af)#nei 2.2.2.2 next-hop-self

Kita coba lihat lagi di PE

R2(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 11, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*> 1.1.1.1/32 12.12.12.1 0 0 10 i
*>i 8.8.8.8/32 4.4.4.4 0 100 0 200 20 i
Route Distinguisher: 200:20
*>i 8.8.8.8/32 4.4.4.4 0 100 0 200 20 i

Perhatikan bahwa saat ini route-nya sudah best. selanjutnya kita lakukan di R5

R5(config)#router bgp 200
R5(config-router)#address-family vpnv4
R5(config-router-af)#nei 7.7.7.7 next-hop-self

Kita coba lihat hasilnya di R7

R7(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 11, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10
*>i 1.1.1.1/32 5.5.5.5 0 100 0 100 10 i
Route Distinguisher: 200:20 (default for vrf B)
*>i 1.1.1.1/32 5.5.5.5 0 100 0 100 10 i
*> 8.8.8.8/32 78.78.78.8 0 0 20 i

Perhatikan bahwa saat ini jalurnya sudah best. Terahir kita coba lihat di sisi customer

R1#sh ip rou
...
Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
8.0.0.0/32 is subnetted, 1 subnets
B 8.8.8.8 [20/0] via 12.12.12.2, 00:02:25
12.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 12.12.12.0/24 is directly connected, Ethernet0/0
L 12.12.12.1/32 is directly connected, Ethernet0/0
R8#sh ip route
...
Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 78.78.78.7, 00:01:52
8.0.0.0/32 is subnetted, 1 subnets
C 8.8.8.8 is directly connected, Loopback0
78.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 78.78.78.0/24 is directly connected, Ethernet0/0
L 78.78.78.8/32 is directly connected, Ethernet0/0

Perhatikan bahwa saat ini customer 1 sudah punya tabel routing tentang customer 2, begitu juga dengan customer 2 juga sudah punya tabel routing tentang customer 1.

Kita coba lakukan ping

R1#ping 8.8.8.8 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/3 ms

Oke hasilnya sukses!!.. coba kita lakukan traceroute

R1#trace 8.8.8.8 sou lo0
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 12.12.12.2 1 msec 0 msec 0 msec
2 23.23.23.3 [MPLS: Labels 18/22 Exp 0] 2 msec 1 msec 2 msec
3 34.34.34.4 [MPLS: Label 22 Exp 0] 1 msec 1 msec 1 msec
4 45.45.45.5 [MPLS: Label 18 Exp 0] 2 msec 2 msec 1 msec
5 56.56.56.6 [MPLS: Labels 16/20 Exp 0] 1 msec 2 msec 1 msec
6 78.78.78.7 [MPLS: Label 20 Exp 0] 2 msec 1 msec 1 msec
7 78.78.78.8 1 msec 1 msec 2 msec

Perhatikan bahwa saat ini paket nya sudah berlabel. Jika Anda ingat, pada Option A, saat paket melewati 45.45.45.5, paket tersebut tidak berlabel. perhatikan hasil trace route saat menggunakan option A berikut

R1#trace 8.8.8.8 sou lo0
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 12.12.12.2 1 msec 5 msec 1 msec
2 23.23.23.3 [MPLS: Labels 18/16 Exp 0] 1 msec 1 msec 0 msec
3 45.45.45.4 [MPLS: Label 16 Exp 0] 0 msec 0 msec 1 msec
4 45.45.45.5 1 msec 1 msec 1 msec
5 56.56.56.6 [MPLS: Labels 16/20 Exp 0] 2 msec 1 msec 2 msec
6 78.78.78.7 [MPLS: Label 20 Exp 0] 1 msec 2 msec 1 msec
7 78.78.78.8 2 msec 1 msec 2 msec

Oke.. sudah tau bedanya kan?

Perhatikan ilustrasi berikut

R4(config-router-af)#do sh ip bgp vpnv4 all 8.8.8.8
BGP routing table entry for 200:20:8.8.8.8/32, version 15
Paths: (1 available, best #1, no table)
Advertised to update-groups:
6
Refresh Epoch 4
200 20
45.45.45.5 from 45.45.45.5 (5.5.5.5)
Origin IGP, localpref 100, valid, external, best
Extended Community: RT:200:20
mpls labels in/
out 22/18

Perhatikan bahwa saat paket keluar dari ASBR, paket tersebut akan diberikan label kembali. bandingkan dengan hasil show pada Option A berikut

R4(config)#do sh ip bgp vpnv4 all 8.8.8.8
BGP routing table entry for 100:10:8.8.8.8/32, version 8
Paths: (1 available, best #1, table A)
Advertised to update-groups:
3
Refresh Epoch 1
200 20
45.45.45.5 from 45.45.45.5 (5.5.5.5)
Origin IGP, localpref 100, valid, external, best
Extended Community: RT:100:10
mpls labels in/
out 16/nolabel

Oke.. sudah tau bedanya kan? sampai disini dulu yaa.. semoga bermanfaat.. semoga segera ada kesempatan untuk nulis lagi ya.. hehe

Lab 138 – Inter-AS MPLS VPN – Option A (Back to Back VRF)

Secara umum, saat kita mengkonfigurasikan MPLS VPN, maka setiap customer akan terhubung pada service provider yang sama.

Namun ada kalanya ada dua customer yang terhubung dengan service provider yang berbeda seperti berikut.

Tujuan kita pada topologi tersebut adalah agar Customer A dan Customer B bisa saling berkomunikasi.

Pertama kita konfigurasikan BGP antara R2 (PE) dengan R1 (CE). Berikut konfigurasi pada R2

R2(config)#ip vrf A
R2(config-vrf)#rd 100:10
R2(config-vrf)#route-target both 100:10

R2(config-vrf)#int e0/0
R2(config-if)#no sh
R2(config-if)#ip vrf forwarding A
R2(config-if)#ip add 12.12.12.2 255.255.255.0

R2(config-if)#router bgp 100
R2(config-router)#bgp router-id 2.2.2.2
R2(config-router)#address-family ipv4 vrf A
R2(config-router-af)#nei 12.12.12.1 remote-as 10
R2(config-router-af)#nei 12.12.12.1 activate

Berikut konfigurasi di R1

R1(config)#int e0/0
R1(config-if)#no sh
R1(config-if)#ip add 12.12.12.1 255.255.255.0

R1(config-if)#int lo0
R1(config-if)#ip add 1.1.1.1 255.255.255.255

R1(config-if)#router bgp 10
R1(config-router)#bgp router-id 1.1.1.1
R1(config-router)#nei 12.12.12.2 remote-as 100
R1(config-router)#net 1.1.1.1 mask 255.255.255.255

Untuk pengujian, pastikan R2 (PE) mengetahui ip loopback yang diadvertise oleh R1 (CE)

R2#show ip bgp vpnv4 all
BGP table version is 2, local router ID is 2.2.2.2
....
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*> 1.1.1.1/32 12.12.12.1 0 0 10 i

Oke.. konfigurasi antara R2(PE) dengan R1(CE) sudah selesai. Selanjutnya kita konfigurasikan juga antara R7(PE) dan R8(CE). Berikut konfigurasi di R7(PE)

R7(config)#ip vrf B
R7(config-vrf)#rd 200:20
R7(config-vrf)#route-target both 200:20

R7(config-vrf)#int e0/1
R7(config-if)#ip vrf for B
R7(config-if)#no sh
R7(config-if)#ip add 78.78.78.7 255.255.255.0

R7(config-if)#router bgp 200
R7(config-router)#bgp router-id 7.7.7.7
R7(config-router)#address-family ipv4 vrf B
R7(config-router-af)#nei 78.78.78.8 remote-as 20
R7(config-router-af)#nei 78.78.78.8 activate

Berikut konfigurasi di R8(CE)

R8(config)#int e0/0
R8(config-if)#no sh
R8(config-if)#ip add 78.78.78.8 255.255.255.0

R8(config-if)#int lo0
R8(config-if)#ip add 8.8.8.8 255.255.255.255

R8(config-if)#router bgp 20
R8(config-router)#bgp router-id 8.8.8.8
R8(config-router)#nei 78.78.78.7 remote-as 200
R8(config-router)#net 8.8.8.8 mask 255.255.255.255

Kita pastikan R7(PE) sudah mengetahui tentang loopback yang diadvertise oleh R8(CE)

R7(config-router-af)#do sh ip bgp vpnv4 all
BGP table version is 2, local router ID is 7.7.7.7
....
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 200:20 (default for vrf B)
*> 8.8.8.8/32 78.78.78.8 0 0 20 i

Oke sampai saat ini kita sudah selesai konfigurasi antara PE dan CE disisi kanan dan kiri. Selanjutnya kita akan konfigurasi MPLS Backbone pada ISP.

Berikut konfigurasi MPLS Backbone di ISP A

R2(config)#int e0/1
R2(config-if)#no sh
R2(config-if)#ip add 23.23.23.2 255.255.255.0

R2(config-if)#int lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.255

R2(config-if)#router ospf 1
R2(config-router)#net 23.23.23.2 0.0.0.0 are 0
R2(config-router)#net 2.2.2.2 0.0.0.0 are 0

R2(config-router)#int e0/1
R2(config-if)#mpls ip
R3(config)#int e0/0
R3(config-if)#no sh
R3(config-if)#ip add 23.23.23.3 255.255.255.0

R3(config-if)#int e0/1
R3(config-if)#no sh
R3(config-if)#ip add 34.34.34.3 255.255.255.0

R3(config-if)#int lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.255

R3(config-if)#router ospf 1
R3(config-router)#net 23.23.23.3 0.0.0.0 are 0
R3(config-router)#net 34.34.34.3 0.0.0.0 are 0
R3(config-router)#net 3.3.3.3 0.0.0.0 are 0

R3(config-router)#int rang e0/0-1
R3(config-if-range)#mpls ip
R4(config)#int e0/0
R4(config-if)#no sh
R4(config-if)#ip add 34.34.34.4 255.255.255.0

R4(config-if)#int lo0
R4(config-if)#ip add 4.4.4.4 255.255.255.255

R4(config-if)#router ospf 1
R4(config-router)#net 34.34.34.4 0.0.0.0 are 0
R4(config-router)#net 4.4.4.4 0.0.0.0 are 0

R4(config-router)#int e0/0
R4(config-if)#mpls ip

Konfigurasi diatas hanya untuk konfigurasi OSPF dan MPLS saja.. Selanjuntya kita konfigurasikan VPNv4 pada R2(PE) dan R4(PE). Berikut konfigurasi pada R2(PE)

R2(config)#router bgp 100
R2(config-router)#nei 4.4.4.4 remote-as 100
R2(config-router)#nei 4.4.4.4 upd lo0
R2(config-router)#address-family vpnv4
R2(config-router-af)#nei 4.4.4.4 activate

Berikut konfigurasi di R4(PE). Pada R4 kita perlu membuat VRF A untuk mengimport route yg diexport oleh R2

R4(config-if)#ip vrf A
R4(config-vrf)#rd 100:10
R4(config-vrf)#route-target import 100:10

R4(config-vrf)#router bgp 100
R4(config-router)#nei 2.2.2.2 remote-as 100
R4(config-router)#nei 2.2.2.2 upd lo0
R4(config-router)#address-family vpnv4
R4(config-router-af)#nei 2.2.2.2 activate

Untuk pengujian, pastikan bahwa R4 sudah mengetahui network 1.1.1.1 yang diadvertise oleh customer A

R4(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 3, local router ID is 4.4.4.4
....
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*>i 1.1.1.1/32 2.2.2.2 0 100 0 10 i

Perhatikan bahwa R4 sudah mengetahui keberadaan 1.1.1.1, ini artinya kita sudah berhasil.

Lakukan hal yang sama seperti diatas pada ISP B. Pertama kita konfigurasikan OSPF dan MPLS terlebih dahulu

R5(config)#int e0/1
R5(config-if)#no sh
R5(config-if)#ip add 56.56.56.5 255.255.255.0

R5(config-if)#int lo0
R5(config-if)#ip add 5.5.5.5 255.255.255.255

R5(config-if)#router ospf 1
R5(config-router)#net 56.56.56.5 0.0.0.0 are 0
R5(config-router)#net 5.5.5.5 0.0.0.0 are 0

R5(config-router)#int e0/1
R5(config-if)#mpls ip
R6(config)#int e0/0
R6(config-if)#no sh
R6(config-if)#ip add 56.56.56.6 255.255.255.0

R6(config-if)#int e0/1
R6(config-if)#no sh
R6(config-if)#ip add 67.67.67.6 255.255.255.0

R6(config-if)#int lo0
R6(config-if)#ip add 6.6.6.6 255.255.255.255

R6(config-if)#router ospf 1
R6(config-router)#net 56.56.56.6 0.0.0.0 are 0
R6(config-router)#net 67.67.67.6 0.0.0.0 are 0
R6(config-router)#net 6.6.6.6 0.0.0.0 are 0

R6(config-router)#int rang e0/0-1
R6(config-if-range)#mpls ip
R7(config)#int e0/0
R7(config-if)#no sh
R7(config-if)#ip add 67.67.67.7 255.255.255.0

R7(config-if)#int lo0
R7(config-if)#ip add 7.7.7.7 255.255.255.255

R7(config-if)#router ospf 1
R7(config-router)#net 67.67.67.7 0.0.0.0 are 0
R7(config-router)#net 7.7.7.7 0.0.0.0 are 0

R7(config-router)#int e0/0
R7(config-if)#mpls ip

Oke konfigurasi MPLS sudah selesai, selanjutnya kita konfigurasikan VPNv4 antara R5(PE) dan R7(PE). Berikut konfigurasi di R7

R7(config-if)#router bgp 200
R7(config-router)#nei 5.5.5.5 remote-as 200
R7(config-router)#nei 5.5.5.5 upd lo0
R7(config-router)#address-family vpnv4
R7(config-router-af)#nei 5.5.5.5 activate

Untuk konfigurasi R5, kita perlu membuat vrf B untuk mengimport route yang diexport oleh R7

R5(config)#ip vrf B
R5(config-vrf)#rd 200:20
R5(config-vrf)#route-target import 200:20

R5(config-vrf)#router bgp 200
R5(config-router)#nei 7.7.7.7 remote-as 200
R5(config-router)#nei 7.7.7.7 upd lo0
R5(config-router)#address-family vpnv4
R5(config-router-af)#nei 7.7.7.7 activate

Untuk pengujian.. pastikan bahwa R5 sudah mengetahui network 8.8.8.8

R5(config-router-af)#do sh ip bgp vpnv4 all
BGP table version is 3, local router ID is 5.5.5.5
....
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 200:20 (default for vrf B)
*>i 8.8.8.8/32 7.7.7.7 0 100 0 20 i

Oke.. sampai saat ini konfigurasi di ISP A dan ISP B sudah selesai..

Langkah terahir yang harus kita lakukan adalah mengkoneksikan antara ISP A dan ISP B. Jika kita memiliki beberapa VRF, kita bisa memanfaatkan sub interface untuk koneksi antara ISP A dan ISP B ini.

Berikut konfigurasi pada R4(ISP A). Kita perlu menambahkan route-target export pada vrf. Kenapa perlu menambahkan export? hal ini karena R4 bertindak sebagai PE dan R5 sebagai CE (perspektif dari R4), sehingga R4 perlu mengexport route dari R5 agar ISP A bisa mengetahui route dari R5.

R4(config-router)#ip vrf A
R4(config-vrf)#route-target export 100:10

R4(config-vrf)#int e0/1
R4(config-if)#no sh

R4(config-if)#int e0/1.45
R4(config-subif)#ip vrf forwarding A
R4(config-subif)#enc do 45
R4(config-subif)#ip add 45.45.45.4 255.255.255.0

R4(config-subif)#router bgp 100
R4(config-router)#address-family ipv4 vrf A
R4(config-router-af)#nei 45.45.45.5 remote-as 200

Berikut konfigurasi di R5(ISP B). Kita juga perlu menambahkan route-target export pada VRF. Kenapa perlu menambahkan export? hal ini karena R5 bertindak sebagai PE dan R4 sebagai CE (perspektif dari R5), sehingga R5 perlu mengexport route dari R4 agar ISP B bisa mengetahui route dari R4.

R5(config-router)#ip vrf B
R5(config-vrf)#route-target export 200:20

R5(config-vrf)#int e0/0
R5(config-if)#no sh

R5(config-if)#int e0/0.45
R5(config-subif)#ip vrf forwarding B
R5(config-subif)#enc do 45
R5(config-subif)#ip add 45.45.45.5 255.255.255.0

R5(config-subif)#router bgp 200
R5(config-router)#address-family ipv4 vrf B
R5(config-router-af)#nei 45.45.45.4 remote-as 100

Untuk pengujian,, pastikan customer A memiliki tabel routing tentang loopback customer B. begitu juga sebaliknya

R1(config-router)#do sh ip ro bgp
....
Gateway of last resort is not set

8.0.0.0/32 is subnetted, 1 subnets
B 8.8.8.8 [20/0] via 12.12.12.2, 00:08:31
R8(config-router)#do sh ip ro bgp
....
Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 78.78.78.7, 00:08:31

Oke.. customer A sudah punya tabel routing tentang loopback customer B, begitu juga sebaliknya. Terahir kita coba ping

R1(config-router)#do ping 8.8.8.8 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Okee!! ping sukses!! Kita coba traceroute

R1#trace 8.8.8.8 sou lo0
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 12.12.12.2 1 msec 5 msec 1 msec
2 23.23.23.3 [MPLS: Labels 18/16 Exp 0] 1 msec 1 msec 0 msec
3 45.45.45.4 [MPLS: Label 16 Exp 0] 0 msec 0 msec 1 msec
4 45.45.45.5 1 msec 1 msec 1 msec
5 56.56.56.6 [MPLS: Labels 16/20 Exp 0] 2 msec 1 msec 2 msec
6 78.78.78.7 [MPLS: Label 20 Exp 0] 1 msec 2 msec 1 msec
7 78.78.78.8 2 msec 1 msec 2 msec 

Perhatikan hasil traceroute diatas, terlihat bahwa paket tidak memiliki label saat melewati 45.45.45.5. Hal ini dikarenakan kita tidak menjalankan MPLS antar Service Provider.

Perhatikan ilustrasi berikut

R4(config)#do sh ip bgp vpnv4 all 8.8.8.8
BGP routing table entry for 100:10:8.8.8.8/32, version 8
Paths: (1 available, best #1, table A)
Advertised to update-groups:
3
Refresh Epoch 1
200 20
45.45.45.5 from 45.45.45.5 (5.5.5.5)
Origin IGP, localpref 100, valid, external, best
Extended Community: RT:100:10
mpls labels in/
out 16/nolabel

Perhatikan bahwa dari R4, route menuju 8.8.8.8 tidak memiliki label. Karena memang antar R4 dan R5 tidak menjalankan MPLS.

Oke sampai disini dulu yaa.. In Syaa Allah secepatnya saya akan update materi selanjutnya.. selanjutnya In Syaa Allah masih tentang Inter-AS MPLS VPN, di postingan selanjutnya kita akan menjalankan MPLS antar Service Provider

Lab 138 – Inter-AS MPLS VPN – Option A (Back to Back VRF)

Secara umum, saat kita mengkonfigurasikan MPLS VPN, maka setiap customer akan terhubung pada service provider yang sama.

Namun ada kalanya ada dua customer yang terhubung dengan service provider yang berbeda seperti berikut.

Tujuan kita pada topologi tersebut adalah agar Customer A dan Customer B bisa saling berkomunikasi.

Pertama kita konfigurasikan BGP antara R2 (PE) dengan R1 (CE). Berikut konfigurasi pada R2

R2(config)#ip vrf A
R2(config-vrf)#rd 100:10
R2(config-vrf)#route-target both 100:10

R2(config-vrf)#int e0/0
R2(config-if)#no sh
R2(config-if)#ip vrf forwarding A
R2(config-if)#ip add 12.12.12.2 255.255.255.0

R2(config-if)#router bgp 100
R2(config-router)#bgp router-id 2.2.2.2
R2(config-router)#address-family ipv4 vrf A
R2(config-router-af)#nei 12.12.12.1 remote-as 10
R2(config-router-af)#nei 12.12.12.1 activate

Berikut konfigurasi di R1

R1(config)#int e0/0
R1(config-if)#no sh
R1(config-if)#ip add 12.12.12.1 255.255.255.0

R1(config-if)#int lo0
R1(config-if)#ip add 1.1.1.1 255.255.255.255

R1(config-if)#router bgp 10
R1(config-router)#bgp router-id 1.1.1.1
R1(config-router)#nei 12.12.12.2 remote-as 100
R1(config-router)#net 1.1.1.1 mask 255.255.255.255

Untuk pengujian, pastikan R2 (PE) mengetahui ip loopback yang diadvertise oleh R1 (CE)

R2#show ip bgp vpnv4 all
BGP table version is 2, local router ID is 2.2.2.2
....
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*> 1.1.1.1/32 12.12.12.1 0 0 10 i

Oke.. konfigurasi antara R2(PE) dengan R1(CE) sudah selesai. Selanjutnya kita konfigurasikan juga antara R7(PE) dan R8(CE). Berikut konfigurasi di R7(PE)

R7(config)#ip vrf B
R7(config-vrf)#rd 200:20
R7(config-vrf)#route-target both 200:20

R7(config-vrf)#int e0/1
R7(config-if)#ip vrf for B
R7(config-if)#no sh
R7(config-if)#ip add 78.78.78.7 255.255.255.0

R7(config-if)#router bgp 200
R7(config-router)#bgp router-id 7.7.7.7
R7(config-router)#address-family ipv4 vrf B
R7(config-router-af)#nei 78.78.78.8 remote-as 20
R7(config-router-af)#nei 78.78.78.8 activate

Berikut konfigurasi di R8(CE)

R8(config)#int e0/0
R8(config-if)#no sh
R8(config-if)#ip add 78.78.78.8 255.255.255.0

R8(config-if)#int lo0
R8(config-if)#ip add 8.8.8.8 255.255.255.255

R8(config-if)#router bgp 20
R8(config-router)#bgp router-id 8.8.8.8
R8(config-router)#nei 78.78.78.7 remote-as 200
R8(config-router)#net 8.8.8.8 mask 255.255.255.255

Kita pastikan R7(PE) sudah mengetahui tentang loopback yang diadvertise oleh R8(CE)

R7(config-router-af)#do sh ip bgp vpnv4 all
BGP table version is 2, local router ID is 7.7.7.7
....
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 200:20 (default for vrf B)
*> 8.8.8.8/32 78.78.78.8 0 0 20 i

Oke sampai saat ini kita sudah selesai konfigurasi antara PE dan CE disisi kanan dan kiri. Selanjutnya kita akan konfigurasi MPLS Backbone pada ISP.

Berikut konfigurasi MPLS Backbone di ISP A

R2(config)#int e0/1
R2(config-if)#no sh
R2(config-if)#ip add 23.23.23.2 255.255.255.0

R2(config-if)#int lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.255

R2(config-if)#router ospf 1
R2(config-router)#net 23.23.23.2 0.0.0.0 are 0
R2(config-router)#net 2.2.2.2 0.0.0.0 are 0

R2(config-router)#int e0/1
R2(config-if)#mpls ip
R3(config)#int e0/0
R3(config-if)#no sh
R3(config-if)#ip add 23.23.23.3 255.255.255.0

R3(config-if)#int e0/1
R3(config-if)#no sh
R3(config-if)#ip add 34.34.34.3 255.255.255.0

R3(config-if)#int lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.255

R3(config-if)#router ospf 1
R3(config-router)#net 23.23.23.3 0.0.0.0 are 0
R3(config-router)#net 34.34.34.3 0.0.0.0 are 0
R3(config-router)#net 3.3.3.3 0.0.0.0 are 0

R3(config-router)#int rang e0/0-1
R3(config-if-range)#mpls ip
R4(config)#int e0/0
R4(config-if)#no sh
R4(config-if)#ip add 34.34.34.4 255.255.255.0

R4(config-if)#int lo0
R4(config-if)#ip add 4.4.4.4 255.255.255.255

R4(config-if)#router ospf 1
R4(config-router)#net 34.34.34.4 0.0.0.0 are 0
R4(config-router)#net 4.4.4.4 0.0.0.0 are 0

R4(config-router)#int e0/0
R4(config-if)#mpls ip

Konfigurasi diatas hanya untuk konfigurasi OSPF dan MPLS saja.. Selanjuntya kita konfigurasikan VPNv4 pada R2(PE) dan R4(PE). Berikut konfigurasi pada R2(PE)

R2(config)#router bgp 100
R2(config-router)#nei 4.4.4.4 remote-as 100
R2(config-router)#nei 4.4.4.4 upd lo0
R2(config-router)#address-family vpnv4
R2(config-router-af)#nei 4.4.4.4 activate

Berikut konfigurasi di R4(PE). Pada R4 kita perlu membuat VRF A untuk mengimport route yg diexport oleh R2

R4(config-if)#ip vrf A
R4(config-vrf)#rd 100:10
R4(config-vrf)#route-target import 100:10

R4(config-vrf)#router bgp 100
R4(config-router)#nei 2.2.2.2 remote-as 100
R4(config-router)#nei 2.2.2.2 upd lo0
R4(config-router)#address-family vpnv4
R4(config-router-af)#nei 2.2.2.2 activate

Untuk pengujian, pastikan bahwa R4 sudah mengetahui network 1.1.1.1 yang diadvertise oleh customer A

R4(config-vrf)#do sh ip bgp vpnv4 all
BGP table version is 3, local router ID is 4.4.4.4
....
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:10 (default for vrf A)
*>i 1.1.1.1/32 2.2.2.2 0 100 0 10 i

Perhatikan bahwa R4 sudah mengetahui keberadaan 1.1.1.1, ini artinya kita sudah berhasil.

Lakukan hal yang sama seperti diatas pada ISP B. Pertama kita konfigurasikan OSPF dan MPLS terlebih dahulu

R5(config)#int e0/1
R5(config-if)#no sh
R5(config-if)#ip add 56.56.56.5 255.255.255.0

R5(config-if)#int lo0
R5(config-if)#ip add 5.5.5.5 255.255.255.255

R5(config-if)#router ospf 1
R5(config-router)#net 56.56.56.5 0.0.0.0 are 0
R5(config-router)#net 5.5.5.5 0.0.0.0 are 0

R5(config-router)#int e0/1
R5(config-if)#mpls ip
R6(config)#int e0/0
R6(config-if)#no sh
R6(config-if)#ip add 56.56.56.6 255.255.255.0

R6(config-if)#int e0/1
R6(config-if)#no sh
R6(config-if)#ip add 67.67.67.6 255.255.255.0

R6(config-if)#int lo0
R6(config-if)#ip add 6.6.6.6 255.255.255.255

R6(config-if)#router ospf 1
R6(config-router)#net 56.56.56.6 0.0.0.0 are 0
R6(config-router)#net 67.67.67.6 0.0.0.0 are 0
R6(config-router)#net 6.6.6.6 0.0.0.0 are 0

R6(config-router)#int rang e0/0-1
R6(config-if-range)#mpls ip
R7(config)#int e0/0
R7(config-if)#no sh
R7(config-if)#ip add 67.67.67.7 255.255.255.0

R7(config-if)#int lo0
R7(config-if)#ip add 7.7.7.7 255.255.255.255

R7(config-if)#router ospf 1
R7(config-router)#net 67.67.67.7 0.0.0.0 are 0
R7(config-router)#net 7.7.7.7 0.0.0.0 are 0

R7(config-router)#int e0/0
R7(config-if)#mpls ip

Oke konfigurasi MPLS sudah selesai, selanjutnya kita konfigurasikan VPNv4 antara R5(PE) dan R7(PE). Berikut konfigurasi di R7

R7(config-if)#router bgp 200
R7(config-router)#nei 5.5.5.5 remote-as 200
R7(config-router)#nei 5.5.5.5 upd lo0
R7(config-router)#address-family vpnv4
R7(config-router-af)#nei 5.5.5.5 activate

Untuk konfigurasi R5, kita perlu membuat vrf B untuk mengimport route yang diexport oleh R7

R5(config)#ip vrf B
R5(config-vrf)#rd 200:20
R5(config-vrf)#route-target import 200:20

R5(config-vrf)#router bgp 200
R5(config-router)#nei 7.7.7.7 remote-as 200
R5(config-router)#nei 7.7.7.7 upd lo0
R5(config-router)#address-family vpnv4
R5(config-router-af)#nei 7.7.7.7 activate

Untuk pengujian.. pastikan bahwa R5 sudah mengetahui network 8.8.8.8

R5(config-router-af)#do sh ip bgp vpnv4 all
BGP table version is 3, local router ID is 5.5.5.5
....
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 200:20 (default for vrf B)
*>i 8.8.8.8/32 7.7.7.7 0 100 0 20 i

Oke.. sampai saat ini konfigurasi di ISP A dan ISP B sudah selesai..

Langkah terahir yang harus kita lakukan adalah mengkoneksikan antara ISP A dan ISP B. Jika kita memiliki beberapa VRF, kita bisa memanfaatkan sub interface untuk koneksi antara ISP A dan ISP B ini.

Berikut konfigurasi pada R4(ISP A). Kita perlu menambahkan route-target export pada vrf. Kenapa perlu menambahkan export? hal ini karena R4 bertindak sebagai PE dan R5 sebagai CE (perspektif dari R4), sehingga R4 perlu mengexport route dari R5 agar ISP A bisa mengetahui route dari R5.

R4(config-router)#ip vrf A
R4(config-vrf)#route-target export 100:10

R4(config-vrf)#int e0/1
R4(config-if)#no sh

R4(config-if)#int e0/1.45
R4(config-subif)#ip vrf forwarding A
R4(config-subif)#enc do 45
R4(config-subif)#ip add 45.45.45.4 255.255.255.0

R4(config-subif)#router bgp 100
R4(config-router)#address-family ipv4 vrf A
R4(config-router-af)#nei 45.45.45.5 remote-as 200

Berikut konfigurasi di R5(ISP B). Kita juga perlu menambahkan route-target export pada VRF. Kenapa perlu menambahkan export? hal ini karena R5 bertindak sebagai PE dan R4 sebagai CE (perspektif dari R5), sehingga R5 perlu mengexport route dari R4 agar ISP B bisa mengetahui route dari R4.

R5(config-router)#ip vrf B
R5(config-vrf)#route-target export 200:20

R5(config-vrf)#int e0/0
R5(config-if)#no sh

R5(config-if)#int e0/0.45
R5(config-subif)#ip vrf forwarding B
R5(config-subif)#enc do 45
R5(config-subif)#ip add 45.45.45.5 255.255.255.0

R5(config-subif)#router bgp 200
R5(config-router)#address-family ipv4 vrf B
R5(config-router-af)#nei 45.45.45.4 remote-as 100

Untuk pengujian,, pastikan customer A memiliki tabel routing tentang loopback customer B. begitu juga sebaliknya

R1(config-router)#do sh ip ro bgp
....
Gateway of last resort is not set

8.0.0.0/32 is subnetted, 1 subnets
B 8.8.8.8 [20/0] via 12.12.12.2, 00:08:31
R8(config-router)#do sh ip ro bgp
....
Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 78.78.78.7, 00:08:31

Oke.. customer A sudah punya tabel routing tentang loopback customer B, begitu juga sebaliknya. Terahir kita coba ping

R1(config-router)#do ping 8.8.8.8 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Okee!! ping sukses!! Kita coba traceroute

R1#trace 8.8.8.8 sou lo0
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 12.12.12.2 1 msec 5 msec 1 msec
2 23.23.23.3 [MPLS: Labels 18/16 Exp 0] 1 msec 1 msec 0 msec
3 45.45.45.4 [MPLS: Label 16 Exp 0] 0 msec 0 msec 1 msec
4 45.45.45.5 1 msec 1 msec 1 msec
5 56.56.56.6 [MPLS: Labels 16/20 Exp 0] 2 msec 1 msec 2 msec
6 78.78.78.7 [MPLS: Label 20 Exp 0] 1 msec 2 msec 1 msec
7 78.78.78.8 2 msec 1 msec 2 msec 

Perhatikan hasil traceroute diatas, terlihat bahwa paket tidak memiliki label saat melewati 45.45.45.5. Hal ini dikarenakan kita tidak menjalankan MPLS antar Service Provider.

Perhatikan ilustrasi berikut

R4(config)#do sh ip bgp vpnv4 all 8.8.8.8
BGP routing table entry for 100:10:8.8.8.8/32, version 8
Paths: (1 available, best #1, table A)
Advertised to update-groups:
3
Refresh Epoch 1
200 20
45.45.45.5 from 45.45.45.5 (5.5.5.5)
Origin IGP, localpref 100, valid, external, best
Extended Community: RT:100:10
mpls labels in/
out 16/nolabel

Perhatikan bahwa dari R4, route menuju 8.8.8.8 tidak memiliki label. Karena memang antar R4 dan R5 tidak menjalankan MPLS.

Oke sampai disini dulu yaa.. In Syaa Allah secepatnya saya akan update materi selanjutnya.. selanjutnya In Syaa Allah masih tentang Inter-AS MPLS VPN, di postingan selanjutnya kita akan menjalankan MPLS antar Service Provider

Lab 137 – MPLS l2VPN Cisco

Assalamu’alaikum.. bagaimana kabarnya teman teman? Alhamdulillah hari ini ada kesempatan untuk nulis lagi.. hari ini saya akan menulis konfigurasi MPLS L2VPN di cisco.

Oke langsung saja ya, berikut topologi yang akan kita gunakan pada lab ini

Tujuan kita adalah R4 dan R5 harus saling bisa berkomunikasi menggunakan ip yang berada dalam satu subnet. R6 dan R7 juga harus bisa berkomunikasi menggunakan ip satu segment.

Oke.. pertama kita konfigurasikan ip address pada bagian MPLS Backbone

R1(config)#int e0/0
R1(config-if)#no sh
R1(config-if)#ip add 12.12.12.1 255.255.255.0

R1(config-if)#int lo0
R1(config-if)#ip add 1.1.1.1 255.255.255.255
R2(config)#int e0/0
R2(config-if)#no sh
R2(config-if)#ip add 12.12.12.2 255.255.255.0

R2(config-if)#int e0/1
R2(config-if)#no sh
R2(config-if)#ip add 23.23.23.2 255.255.255.0

R2(config-if)#int lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.255
R3(config)#int e0/0
R3(config-if)#no sh
R3(config-if)#ip add 23.23.23.3 255.255.255.0

R3(config-if)#int lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.255

Oke.. lanjut kita konfigurasikan IGP pada MPLS Backbone.. kali ini kita menggunakan OSPF

R1(config-if)#router ospf 1
R1(config-router)#net 12.12.12.1 0.0.0.0 are 0
R1(config-router)#net 1.1.1.1 0.0.0.0 are 0
R2(config-if)#router ospf 1
R2(config-router)#net 12.12.12.2 0.0.0.0 are 0
R2(config-router)#net 23.23.23.2 0.0.0.0 are 0
R2(config-router)#net 2.2.2.2 0.0.0.0 are 0
R3(config-if)#router ospf 1
R3(config-router)#net 23.23.23.3 0.0.0.0 are 0
R3(config-router)#net 3.3.3.3 0.0.0.0 are 0

Selanjutnya kita konfigurasikan MPLS

R1(config)#mpls label protocol ldp
R1(config)#mpls ldp router-id lo0 force

R1(config)#int e0/0
R1(config-if)#mpls ip
R2(config)#mpls label protocol ldp
R2(config)#mpls ldp router-id lo0 force

R2(config)#int rang e0/0-1
R2(config-if-range)#mpls ip
R3(config)#mpls label protocol ldp
R3(config)#mpls ldp router-id lo0 force

R3(config)#int e0/0
R3(config-if)#mpls ip

Terahir kita konfigurasikan xconnect antar router PE seperti berikut

R1(config-if)#int e0/1
R1(config-if)#no sh
R1(config-if)#xconnect 3.3.3.3 45 encapsulation mpls
R1(config-if-xconn)#end
R3(config-if)#int e0/1
R3(config-if)#no sh
R3(config-if)#xconnect 1.1.1.1 45 encapsulation mpls
R3(config-if-xconn)#end

Konfigurasi diatas digunakan untuk menghubungkan antara R4 dan R5. Untuk pengujian, bisa menggunakan perintah berikut

R1#show xconnect all
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware

XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP ac Et0/1(Ethernet) UP mpls 3.3.3.3:45 UP

Perhatikan bahwa status nya sudah UP. selanjutnya kita konfigurasikan ip address pada R4 dan R5 menggunakan ip yang satu segment

R4(config)#int e0/0
R4(config-if)#no sh
R4(config-if)#ip add 45.45.45.4 255.255.255.0
R5(config)#int e0/0
R5(config-if)#no sh
R5(config-if)#ip add 45.45.45.5 255.255.255.0

Untuk pengujian, kita coba lakukan ping dari R4 ke R5.. pastikan hasilnya berhasil!

R4(config-if)#do ping 45.45.45.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 45.45.45.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Oke.. hasilnya adalah sukses!!!!

O yaa.. sekarang R4 dan R5 itu seolah-olah benar-benar terhubung langsung.. kalau ndak percaya coba kita lihat cdp neighbor

R4(config-if)#do sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID
R1 Eth 0/0 153 R Linux Uni Eth 0/1
R5 Eth 0/0 159 R Linux Uni Eth 0/0

Perhatikan bahwa R4 neighbor an dengan R5..

Oke.. konfigurasi antara R4 dan R5 sudah selesai.. sekarang kita konfigurasikan antara R6 dan R7.. disini kita akan menggunakan enkapsulasi PPP yaa..

Pertama konfigurasi antar PE dulu

R1(config)#int se2/0
R1(config-if)#no sh
R1(config-if)#encapsulation ppp
R1(config-if)#xconnect 3.3.3.3 67 enc mpls
R1(config-if-xconn)#exit
R3(config-if)#int se2/0
R3(config-if)#no sh
R3(config-if)#enc ppp
R3(config-if)#xconnect 1.1.1.1 67 enc mpls
R3(config-if-xconn)#exit

Untuk pengujian, kita cek status xconnect nya

R1(config-if)#do sh xcon all
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware

XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP ac Et0/1(Ethernet) UP mpls 3.3.3.3:45 UP
UP ac Se2/0(PPP) UP mpls 3.3.3.3:67 UP

Perhatikan bahwa status nya sudah up. Lanjut kita konfigurasikan disisi R6 dan R7

R6(config)#int se2/0
R6(config-if)#enc ppp
R6(config-if)#ip add 67.67.67.6 255.255.255.0
R6(config-if)#exit
R7(config)#int se2/0
R7(config-if)#no sh
R7(config-if)#enc ppp
R7(config-if)#ip add 67.67.67.7 255.255.255.0
R7(config-if)#exit

Untuk pengujian, kita coba lakukan ping dari R6 ke R7

R6(config-if)#do ping 67.67.67.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 67.67.67.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 18/18/19 ms

Okee suksess. kita coba lihat cdp neighbor nya

R6(config-if)#do sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID
R7 Ser 2/0 128 R Linux Uni Ser 2/0

Perhatikan bahwa R6 dan R7 bertetangga secara langsung.. oke sampai disini dulu yaa.. semoga bermanfaat..

Lab 137 – MPLS l2VPN Cisco

Assalamu’alaikum.. bagaimana kabarnya teman teman? Alhamdulillah hari ini ada kesempatan untuk nulis lagi.. hari ini saya akan menulis konfigurasi MPLS L2VPN di cisco.

Oke langsung saja ya, berikut topologi yang akan kita gunakan pada lab ini

Tujuan kita adalah R4 dan R5 harus saling bisa berkomunikasi menggunakan ip yang berada dalam satu subnet. R6 dan R7 juga harus bisa berkomunikasi menggunakan ip satu segment.

Oke.. pertama kita konfigurasikan ip address pada bagian MPLS Backbone

R1(config)#int e0/0
R1(config-if)#no sh
R1(config-if)#ip add 12.12.12.1 255.255.255.0

R1(config-if)#int lo0
R1(config-if)#ip add 1.1.1.1 255.255.255.255
R2(config)#int e0/0
R2(config-if)#no sh
R2(config-if)#ip add 12.12.12.2 255.255.255.0

R2(config-if)#int e0/1
R2(config-if)#no sh
R2(config-if)#ip add 23.23.23.2 255.255.255.0

R2(config-if)#int lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.255
R3(config)#int e0/0
R3(config-if)#no sh
R3(config-if)#ip add 23.23.23.3 255.255.255.0

R3(config-if)#int lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.255

Oke.. lanjut kita konfigurasikan IGP pada MPLS Backbone.. kali ini kita menggunakan OSPF

R1(config-if)#router ospf 1
R1(config-router)#net 12.12.12.1 0.0.0.0 are 0
R1(config-router)#net 1.1.1.1 0.0.0.0 are 0
R2(config-if)#router ospf 1
R2(config-router)#net 12.12.12.2 0.0.0.0 are 0
R2(config-router)#net 23.23.23.2 0.0.0.0 are 0
R2(config-router)#net 2.2.2.2 0.0.0.0 are 0
R3(config-if)#router ospf 1
R3(config-router)#net 23.23.23.3 0.0.0.0 are 0
R3(config-router)#net 3.3.3.3 0.0.0.0 are 0

Selanjutnya kita konfigurasikan MPLS

R1(config)#mpls label protocol ldp
R1(config)#mpls ldp router-id lo0 force

R1(config)#int e0/0
R1(config-if)#mpls ip
R2(config)#mpls label protocol ldp
R2(config)#mpls ldp router-id lo0 force

R2(config)#int rang e0/0-1
R2(config-if-range)#mpls ip
R3(config)#mpls label protocol ldp
R3(config)#mpls ldp router-id lo0 force

R3(config)#int e0/0
R3(config-if)#mpls ip

Terahir kita konfigurasikan xconnect antar router PE seperti berikut

R1(config-if)#int e0/1
R1(config-if)#no sh
R1(config-if)#xconnect 3.3.3.3 45 encapsulation mpls
R1(config-if-xconn)#end
R3(config-if)#int e0/1
R3(config-if)#no sh
R3(config-if)#xconnect 1.1.1.1 45 encapsulation mpls
R3(config-if-xconn)#end

Konfigurasi diatas digunakan untuk menghubungkan antara R4 dan R5. Untuk pengujian, bisa menggunakan perintah berikut

R1#show xconnect all
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware

XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP ac Et0/1(Ethernet) UP mpls 3.3.3.3:45 UP

Perhatikan bahwa status nya sudah UP. selanjutnya kita konfigurasikan ip address pada R4 dan R5 menggunakan ip yang satu segment

R4(config)#int e0/0
R4(config-if)#no sh
R4(config-if)#ip add 45.45.45.4 255.255.255.0
R5(config)#int e0/0
R5(config-if)#no sh
R5(config-if)#ip add 45.45.45.5 255.255.255.0

Untuk pengujian, kita coba lakukan ping dari R4 ke R5.. pastikan hasilnya berhasil!

R4(config-if)#do ping 45.45.45.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 45.45.45.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Oke.. hasilnya adalah sukses!!!!

O yaa.. sekarang R4 dan R5 itu seolah-olah benar-benar terhubung langsung.. kalau ndak percaya coba kita lihat cdp neighbor

R4(config-if)#do sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID
R1 Eth 0/0 153 R Linux Uni Eth 0/1
R5 Eth 0/0 159 R Linux Uni Eth 0/0

Perhatikan bahwa R4 neighbor an dengan R5..

Oke.. konfigurasi antara R4 dan R5 sudah selesai.. sekarang kita konfigurasikan antara R6 dan R7.. disini kita akan menggunakan enkapsulasi PPP yaa..

Pertama konfigurasi antar PE dulu

R1(config)#int se2/0
R1(config-if)#no sh
R1(config-if)#encapsulation ppp
R1(config-if)#xconnect 3.3.3.3 67 enc mpls
R1(config-if-xconn)#exit
R3(config-if)#int se2/0
R3(config-if)#no sh
R3(config-if)#enc ppp
R3(config-if)#xconnect 1.1.1.1 67 enc mpls
R3(config-if-xconn)#exit

Untuk pengujian, kita cek status xconnect nya

R1(config-if)#do sh xcon all
Legend: XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up DN=Down AD=Admin Down IA=Inactive
SB=Standby RV=Recovering NH=No Hardware

XC ST Segment 1 S1 Segment 2 S2
------+---------------------------------+--+---------------------------------+--
UP ac Et0/1(Ethernet) UP mpls 3.3.3.3:45 UP
UP ac Se2/0(PPP) UP mpls 3.3.3.3:67 UP

Perhatikan bahwa status nya sudah up. Lanjut kita konfigurasikan disisi R6 dan R7

R6(config)#int se2/0
R6(config-if)#enc ppp
R6(config-if)#ip add 67.67.67.6 255.255.255.0
R6(config-if)#exit
R7(config)#int se2/0
R7(config-if)#no sh
R7(config-if)#enc ppp
R7(config-if)#ip add 67.67.67.7 255.255.255.0
R7(config-if)#exit

Untuk pengujian, kita coba lakukan ping dari R6 ke R7

R6(config-if)#do ping 67.67.67.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 67.67.67.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 18/18/19 ms

Okee suksess. kita coba lihat cdp neighbor nya

R6(config-if)#do sh cdp nei
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone,
D - Remote, C - CVTA, M - Two-port Mac Relay

Device ID Local Intrfce Holdtme Capability Platform Port ID
R7 Ser 2/0 128 R Linux Uni Ser 2/0

Perhatikan bahwa R6 dan R7 bertetangga secara langsung.. oke sampai disini dulu yaa.. semoga bermanfaat..

Lab 136 – Superlab L3VPN Cisco (Bagian 6 Pengujian)

Helloooo ketemu lagi nih…. sebenarnya di lab sebelumnya saya sudah bilang kalau itu adalah lab terahir dari seri superlab L3VPN Cisco.. tapi ternyata pada lab tersebut sudah terlalu panjang.. jadi saya putuskan untuk membuat satu lab tambahan lagi.. hehehe…

Pada lab ini kita hanya akan melakukan pengujian yaaa..

Oke.. untuk pengujian,, kita tinggal melihat dari sisi CE saja.. pertama kita akan cek di CE Kantor A.. kita lihat dari sisi R9 saja…

Intinya nanti R9 harus bisa ping ke Kantor A cabang 1, cabang 2, dan services.

R9#show ip route
Gateway of last resort is not set

9.0.0.0/32 is subnetted, 1 subnets
C 9.9.9.9 is directly connected, Loopback0
13.0.0.0/32 is subnetted, 1 subnets
O IA 13.13.13.13 [110/21] via 69.69.69.6, 00:09:04, Ethernet0/0
19.0.0.0/32 is subnetted, 1 subnets
O IA 19.19.19.19 [110/21] via 69.69.69.6, 00:09:04, Ethernet0/0
20.0.0.0/32 is subnetted, 1 subnets
O E2 20.20.20.20 [110/1] via 69.69.69.6, 00:09:04, Ethernet0/0
69.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 69.69.69.0/24 is directly connected, Ethernet0/0
L 69.69.69.9/32 is directly connected, Ethernet0/0
138.138.0.0/24 is subnetted, 1 subnets
O IA 138.138.138.0 [110/11] via 69.69.69.6, 00:09:04, Ethernet0/0
O IA 192.192.192.0/24 [110/11] via 69.69.69.6, 00:09:04, Ethernet0/0

Perhatikan bahwa R9 sudah memiliki tabel routing untuk menuju kantor A cabang 1 (13.13.13.13), kantor A cabang 2 (19.19.19.19), dan services (20.20.20.20). sekarang kita coba lakukan ping.

R9#ping 13.13.13.13
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.13.13.13, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R9#ping 19.19.19.19
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 19.19.19.19, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R9#ping 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Oke.. hasilnya sukses!!!

lanjut kita cek dari kantor B.. Kantor pusat B (R10) harus bisa melakukan ping ke Kantor Cabang 1 (R15), Cabang 2 (R18), dan services (R20).. kita coba lihat tabel routing di R10

R10(config)#do sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 1 subnets
C 10.10.10.10 is directly connected, Loopback0
15.0.0.0/32 is subnetted, 1 subnets
O IA 15.15.15.15 [110/21] via 106.106.106.6, 00:11:51, Ethernet0/0
18.0.0.0/32 is subnetted, 1 subnets
O IA 18.18.18.18 [110/21] via 106.106.106.6, 00:11:51, Ethernet0/0
20.0.0.0/32 is subnetted, 1 subnets
O E2 20.20.20.20 [110/1] via 106.106.106.6, 00:11:51, Ethernet0/0
106.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 106.106.106.0/24 is directly connected, Ethernet0/0
L 106.106.106.10/32 is directly connected, Ethernet0/0
157.157.0.0/24 is subnetted, 1 subnets
O IA 157.157.157.0 [110/11] via 106.106.106.6, 00:11:51, Ethernet0/0
182.182.0.0/24 is subnetted, 1 subnets
O IA 182.182.182.0 [110/11] via 106.106.106.6, 00:11:51, Ethernet0/0

Oke.. tabel routingnya sudah lengkap.. sekarang kita coba lakukan ping

R10(config)#do ping 15.15.15.15
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 15.15.15.15, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R10(config)#do ping 18.18.18.18
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 18.18.18.18, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R10(config)#do ping 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Hasilnya berhasil!!!!

Lanjut kita coba cek dari Kantor pusat C (R11), pastikan Kantor pusat C bisa ping ke Kantor cabang 1 (R14), cabang 2 (R16), dan services (R20). kita cek tabel routing di R11

R11(config)#do sh ip route
Gateway of last resort is not set

11.0.0.0/32 is subnetted, 1 subnets
C 11.11.11.11 is directly connected, Loopback0
14.0.0.0/32 is subnetted, 1 subnets
D 14.14.14.14 [90/435200] via 116.116.116.6, 00:13:47, Ethernet0/0
16.0.0.0/32 is subnetted, 1 subnets
D 16.16.16.16 [90/435200] via 116.116.116.6, 00:13:47, Ethernet0/0
20.0.0.0/32 is subnetted, 1 subnets
D EX 20.20.20.20 [170/2560025856] via 116.116.116.6, 00:13:47, Ethernet0/0
116.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 116.116.116.0/24 is directly connected, Ethernet0/0
L 116.116.116.11/32 is directly connected, Ethernet0/0
148.148.0.0/24 is subnetted, 1 subnets
D 148.148.148.0 [90/307200] via 116.116.116.6, 00:13:47, Ethernet0/0
167.167.0.0/24 is subnetted, 1 subnets
D 167.167.167.0 [90/307200] via 116.116.116.6, 00:13:47, Ethernet0/0

Oke tabel routing nya sudah lengkap.. kita coba ping

R11(config)#do ping 14.14.14.14
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 14.14.14.14, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R11(config)#do ping 16.16.16.16
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 16.16.16.16, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R11(config)#do ping 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Oke berhasill… terahir, kita coba cek dari Kantor D yaaa.. pastikan Kantor pusat D (R12) bisa ping ke Kantor Cabang 1 (R17) dan services (R20).. pertama kita coba lihat tabel routing

R12(config)#do sh ip route
Gateway of last resort is not set

12.0.0.0/32 is subnetted, 1 subnets
C 12.12.12.12 is directly connected, Loopback0
17.0.0.0/32 is subnetted, 1 subnets
D 17.17.17.17 [90/435200] via 128.128.128.8, 00:23:53, Ethernet0/0
20.0.0.0/32 is subnetted, 1 subnets
D EX 20.20.20.20 [170/2560025856] via 128.128.128.8, 00:48:49, Ethernet0/0
128.128.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 128.128.128.0/24 is directly connected, Ethernet0/0
L 128.128.128.12/32 is directly connected, Ethernet0/0
172.172.0.0/24 is subnetted, 1 subnets
D 172.172.172.0 [90/307200] via 128.128.128.8, 00:23:53, Ethernet0/0

Tabel routing sudah lengkap.. sekarang kita coba lakukan ping

R12(config)#do ping 17.17.17.17
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 17.17.17.17, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/6 ms
R12(config)#do ping 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Oke sudah berhasil!!!!! Alhamdulillah ini adalah postingan terahir dari seri Superlab L3VPN Cisco ini yaa… dan hasilnya in syaa allah sukses!!!!!! selamat mencoba!!!

Lab 136 – Superlab L3VPN Cisco (Bagian 6 Pengujian)

Helloooo ketemu lagi nih…. sebenarnya di lab sebelumnya saya sudah bilang kalau itu adalah lab terahir dari seri superlab L3VPN Cisco.. tapi ternyata pada lab tersebut sudah terlalu panjang.. jadi saya putuskan untuk membuat satu lab tambahan lagi.. hehehe…

Pada lab ini kita hanya akan melakukan pengujian yaaa..

Oke.. untuk pengujian,, kita tinggal melihat dari sisi CE saja.. pertama kita akan cek di CE Kantor A.. kita lihat dari sisi R9 saja…

Intinya nanti R9 harus bisa ping ke Kantor A cabang 1, cabang 2, dan services.

R9#show ip route
Gateway of last resort is not set

9.0.0.0/32 is subnetted, 1 subnets
C 9.9.9.9 is directly connected, Loopback0
13.0.0.0/32 is subnetted, 1 subnets
O IA 13.13.13.13 [110/21] via 69.69.69.6, 00:09:04, Ethernet0/0
19.0.0.0/32 is subnetted, 1 subnets
O IA 19.19.19.19 [110/21] via 69.69.69.6, 00:09:04, Ethernet0/0
20.0.0.0/32 is subnetted, 1 subnets
O E2 20.20.20.20 [110/1] via 69.69.69.6, 00:09:04, Ethernet0/0
69.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 69.69.69.0/24 is directly connected, Ethernet0/0
L 69.69.69.9/32 is directly connected, Ethernet0/0
138.138.0.0/24 is subnetted, 1 subnets
O IA 138.138.138.0 [110/11] via 69.69.69.6, 00:09:04, Ethernet0/0
O IA 192.192.192.0/24 [110/11] via 69.69.69.6, 00:09:04, Ethernet0/0

Perhatikan bahwa R9 sudah memiliki tabel routing untuk menuju kantor A cabang 1 (13.13.13.13), kantor A cabang 2 (19.19.19.19), dan services (20.20.20.20). sekarang kita coba lakukan ping.

R9#ping 13.13.13.13
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.13.13.13, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R9#ping 19.19.19.19
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 19.19.19.19, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R9#ping 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Oke.. hasilnya sukses!!!

lanjut kita cek dari kantor B.. Kantor pusat B (R10) harus bisa melakukan ping ke Kantor Cabang 1 (R15), Cabang 2 (R18), dan services (R20).. kita coba lihat tabel routing di R10

R10(config)#do sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 1 subnets
C 10.10.10.10 is directly connected, Loopback0
15.0.0.0/32 is subnetted, 1 subnets
O IA 15.15.15.15 [110/21] via 106.106.106.6, 00:11:51, Ethernet0/0
18.0.0.0/32 is subnetted, 1 subnets
O IA 18.18.18.18 [110/21] via 106.106.106.6, 00:11:51, Ethernet0/0
20.0.0.0/32 is subnetted, 1 subnets
O E2 20.20.20.20 [110/1] via 106.106.106.6, 00:11:51, Ethernet0/0
106.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 106.106.106.0/24 is directly connected, Ethernet0/0
L 106.106.106.10/32 is directly connected, Ethernet0/0
157.157.0.0/24 is subnetted, 1 subnets
O IA 157.157.157.0 [110/11] via 106.106.106.6, 00:11:51, Ethernet0/0
182.182.0.0/24 is subnetted, 1 subnets
O IA 182.182.182.0 [110/11] via 106.106.106.6, 00:11:51, Ethernet0/0

Oke.. tabel routingnya sudah lengkap.. sekarang kita coba lakukan ping

R10(config)#do ping 15.15.15.15
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 15.15.15.15, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R10(config)#do ping 18.18.18.18
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 18.18.18.18, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R10(config)#do ping 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Hasilnya berhasil!!!!

Lanjut kita coba cek dari Kantor pusat C (R11), pastikan Kantor pusat C bisa ping ke Kantor cabang 1 (R14), cabang 2 (R16), dan services (R20). kita cek tabel routing di R11

R11(config)#do sh ip route
Gateway of last resort is not set

11.0.0.0/32 is subnetted, 1 subnets
C 11.11.11.11 is directly connected, Loopback0
14.0.0.0/32 is subnetted, 1 subnets
D 14.14.14.14 [90/435200] via 116.116.116.6, 00:13:47, Ethernet0/0
16.0.0.0/32 is subnetted, 1 subnets
D 16.16.16.16 [90/435200] via 116.116.116.6, 00:13:47, Ethernet0/0
20.0.0.0/32 is subnetted, 1 subnets
D EX 20.20.20.20 [170/2560025856] via 116.116.116.6, 00:13:47, Ethernet0/0
116.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 116.116.116.0/24 is directly connected, Ethernet0/0
L 116.116.116.11/32 is directly connected, Ethernet0/0
148.148.0.0/24 is subnetted, 1 subnets
D 148.148.148.0 [90/307200] via 116.116.116.6, 00:13:47, Ethernet0/0
167.167.0.0/24 is subnetted, 1 subnets
D 167.167.167.0 [90/307200] via 116.116.116.6, 00:13:47, Ethernet0/0

Oke tabel routing nya sudah lengkap.. kita coba ping

R11(config)#do ping 14.14.14.14
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 14.14.14.14, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
R11(config)#do ping 16.16.16.16
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 16.16.16.16, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R11(config)#do ping 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Oke berhasill… terahir, kita coba cek dari Kantor D yaaa.. pastikan Kantor pusat D (R12) bisa ping ke Kantor Cabang 1 (R17) dan services (R20).. pertama kita coba lihat tabel routing

R12(config)#do sh ip route
Gateway of last resort is not set

12.0.0.0/32 is subnetted, 1 subnets
C 12.12.12.12 is directly connected, Loopback0
17.0.0.0/32 is subnetted, 1 subnets
D 17.17.17.17 [90/435200] via 128.128.128.8, 00:23:53, Ethernet0/0
20.0.0.0/32 is subnetted, 1 subnets
D EX 20.20.20.20 [170/2560025856] via 128.128.128.8, 00:48:49, Ethernet0/0
128.128.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 128.128.128.0/24 is directly connected, Ethernet0/0
L 128.128.128.12/32 is directly connected, Ethernet0/0
172.172.0.0/24 is subnetted, 1 subnets
D 172.172.172.0 [90/307200] via 128.128.128.8, 00:23:53, Ethernet0/0

Tabel routing sudah lengkap.. sekarang kita coba lakukan ping

R12(config)#do ping 17.17.17.17
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 17.17.17.17, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/6 ms
R12(config)#do ping 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Oke sudah berhasil!!!!! Alhamdulillah ini adalah postingan terahir dari seri Superlab L3VPN Cisco ini yaa… dan hasilnya in syaa allah sukses!!!!!! selamat mencoba!!!

Lab 135 – Superlab L3VPN Cisco (Bagian 5 Konfigurasi PE&CE)

Pada lab sebelumnya kita sudah membahas konfigurasi IBGP pada seluruh router PE.. selanjutnya pada lab ini kita akan mengkonfigurasikan bagian PE dan CE.. sepertinya pembahasan ini akan menjadi pembahasan terahir dari superlab ini deh.. hehehe… siap2 berpisah lagi yaa… tapi doakan saja agar saya bisa segera menulis lagi di blog yaa.. hehe

Oke langsung saja yaa

Sebelum ke konfigurasi,, saya akan sampaikan konfigurasinya yaa… untuk RD nya nanti akan menggunakan list berikut

  • Services -> 10:100
  • Kantor A -> 10:200
  • Kantor B -> 10:300
  • Kantor C -> 10:400
  • Kantod D-> 10:500
Adapun untuk routing protocol, kita akan menggunakan sesuai list berikut
  • Services -> Static
  • Kantor A -> OSPF
  • Kantor B -> OSPF
  • Kantor C -> EIGRP
  • Kantod D -> EIGRP

Oke.. pertama kita akan konfigurasi PE1 yaa.. yaitu di R5.. pertama kita konfigurasikan dulu vrf nya,

R5(config)#ip vrf Services
R5(config-vrf)#rd 10:100
R5(config-vrf)#route-target export 10:100
R5(config-vrf)#route-target import 10:200
R5(config-vrf)#route-target import 10:300
R5(config-vrf)#route-target import 10:400
R5(config-vrf)#route-target import 10:500

R5(config-vrf)#int e0/1
R5(config-if)#ip vrf forwarding Services
R5(config-if)#ip add 205.205.205.5 255.255.255.0

Selanjutnya kita konfigurasi addressing di bagian CE

R20(config)#int e0/0
R20(config-if)#no sh
R20(config-if)#ip add 205.205.205.20 255.255.255.0

R20(config-if)#int lo0
R20(config-if)#ip add 20.20.20.20 255.255.255.255

Oke.. lanjut kita konfigurasikan static routing di bagian PE untuk menuju CE yaa.. ingat bahwa dibagian Service kita menggunakan static routing..

R5(config)#ip route vrf Services 20.20.20.20 255.255.255.255 205.205.205.20

Untuk pengujian.. kita lakukan ping dari router PE ke ip loopback CE

R5(config)#do ping vrf Services 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

Oke.. selanjutnya kita konfigurasikan default route di router CE

R20(config-if)#ip route 0.0.0.0 0.0.0.0 205.205.205.5

Sekarang kita redistribute static routing yang ada di PE ke IBGP..

R5(config)#router bgp 10
R5(config-router)#address-family ipv4 vrf Services
R5(config-router-af)#redistribute static

Oke.. konfigurasi di PE1 done!!!

Lanjut kita konfigurasi di PE2 yaaa.. pertama kita konfigurasikan vrf nya dulu yaa

R6(config)#ip vrf A
R6(config-vrf)#rd 10:200
R6(config-vrf)#route-target export 10:200
R6(config-vrf)#route-target import 10:200
R6(config-vrf)#route-target import 10:100
R6(config-vrf)#exit

R6(config)#ip vrf B
R6(config-vrf)#rd 10:300
R6(config-vrf)#route-target export 10:300
R6(config-vrf)#route-target import 10:300
R6(config-vrf)#route-target import 10:100
R6(config-vrf)#exit

R6(config)#ip vrf C
R6(config-vrf)#rd 10:400
R6(config-vrf)#route-target export 10:400
R6(config-vrf)#route-target import 10:400
R6(config-vrf)#route-target import 10:100
R6(config-vrf)#exit

R6(config)#int e0/1
R6(config-if)#ip vrf forwarding A
R6(config-if)#no sh
R6(config-if)#ip add 69.69.69.6 255.255.255.0

R6(config-if)#int e0/2
R6(config-if)#ip vrf forwarding B
R6(config-if)#no sh
R6(config-if)#ip add 106.106.106.6 255.255.255.0

R6(config-if)#int e0/3
R6(config-if)#ip vrf forwarding C
R6(config-if)#no sh
R6(config-if)#ip add 116.116.116.6 255.255.255.0

Lanjut kita konfigurasikan routing protocolnya yaa.. ingat bahwa kantor A dan B menggunakan OSPF sedangkan kantor C menggunakan EIGRP.

R6(config)#router ospf 200 vrf A
R6(config-router)#
*Apr 27 14:01:50.405: %OSPF-4-NORTRID: OSPF process 200 failed to allocate
unique router-id and cannot start
R6(config-router)#router-id 200.200.200.200
R6(config-router)#net 69.69.69.6 0.0.0.0 are 0
R6(config-router)#exit

R6(config)#router ospf 300 vrf B
*Apr 27 14:03:00.368: %OSPF-4-NORTRID: OSPF process 300 failed to allocate
unique router-id and cannot start
R6(config-router)#router-id 30.30.30.30
R6(config-router)#net 106.106.106.6 0.0.0.0 are 0
R6(config-router)#exit

R6(config)#router eigrp 400
R6(config-router)#address-family ipv4 vrf C autonomous-system 400
R6(config-router-af)#network 116.116.116.6 0.0.0.0

Oke.. sekarang kita konfigurasi di bagian CE yaa

R9(config)#int e0/0
R9(config-if)#no sh
R9(config-if)#ip add 69.69.69.9 255.255.255.0

R9(config-if)#int lo0
R9(config-if)#ip add 9.9.9.9 255.255.255.255

R9(config-if)#router ospf 200
R9(config-router)#net 69.69.69.9 0.0.0.0 are 0
R9(config-router)#net 9.9.9.9 0.0.0.0 are 0
R10(config)#int e0/0
R10(config-if)#no sh
R10(config-if)#ip add 106.106.106.10 255.255.255.0

R10(config-if)#int lo0
R10(config-if)#ip add 10.10.10.10 255.255.255.255

R10(config-if)#router ospf 300
R10(config-router)#net 106.106.106.10 0.0.0.0 are 0
R10(config-router)#net 10.10.10.10 0.0.0.0 are 0
R11(config)#int e0/0
R11(config-if)#no sh
R11(config-if)#ip add 116.116.116.11 255.255.255.0

R11(config-if)#int lo0
R11(config-if)#ip add 11.11.11.11 255.255.255.255

R11(config-if)#router ei 400
R11(config-router)#net 116.116.116.11 0.0.0.0
R11(config-router)#net 11.11.11.11 0.0.0.0

Oke.. terahir kita konfigurasikan redistribution nya di router PE

R6(config)#router bgp 10
R6(config-router)#address-family ipv4 vrf A
R6(config-router-af)#redistribute ospf 200

R6(config-router-af)#address-family ipv4 vrf B
R6(config-router-af)#redistribute ospf 300

R6(config-router-af)#address-family ipv4 vrf C
R6(config-router-af)#redistribute eigrp 400
R6(config)#router ospf 200
R6(config-router)#redistribute bgp 10 subnets

R6(config-router)#router ospf 300
R6(config-router)#redistribute bgp 10 subnets

R6(config)#router ei 400
R6(config-router)#address-family ipv4 vrf C autonomous-system 400
R6(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1

Oke.. kita sudah selesai.. untuk pengujian, kita coba lihat tabel routing masing-masing vrf

R6(config-router-af)#do sh ip rou vrf A

Routing Table: A
Gateway of last resort is not set

9.0.0.0/32 is subnetted, 1 subnets
O 9.9.9.9 [110/11] via 69.69.69.9, 00:14:46, Ethernet0/1
69.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 69.69.69.0/24 is directly connected, Ethernet0/1
L 69.69.69.6/32 is directly connected, Ethernet0/1
R6(config-router-af)#do sh ip rou vrf B

Routing Table: B
Gateway of last resort is not set

10.0.0.0/32 is subnetted, 1 subnets
O 10.10.10.10 [110/11] via 106.106.106.10, 00:15:01, Ethernet0/2
106.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 106.106.106.0/24 is directly connected, Ethernet0/2
L 106.106.106.6/32 is directly connected, Ethernet0/2
R6(config-router-af)#do sh ip rou vrf C

Routing Table: C
Gateway of last resort is not set

11.0.0.0/32 is subnetted, 1 subnets
D 11.11.11.11 [90/409600] via 116.116.116.11, 00:02:05, Ethernet0/3
116.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 116.116.116.0/24 is directly connected, Ethernet0/3
L 116.116.116.6/32 is directly connected, Ethernet0/3

Oke.. sudah berhasill..

lanjut kita konfigurasi di PE3 yaa… seperti biasa, pertama kita konfigurasikan vrf nya dulu

R8(config)#ip vrf C
R8(config-vrf)#rd 10:400
R8(config-vrf)#route-target export 10:400
R8(config-vrf)#route-target import 10:100
R8(config-vrf)#route-target import 10:400
R8(config-vrf)#exit

R8(config)#ip vrf A
R8(config-vrf)#rd 10:200
R8(config-vrf)#route-target export 10:200
R8(config-vrf)#route-target import 10:200
R8(config-vrf)#route-target import 10:100
R8(config-vrf)#exit

R8(config)#ip vrf D
R8(config-vrf)#rd 10:500
R8(config-vrf)#route-target export 10:500
R8(config-vrf)#route-target import 10:500
R8(config-vrf)#route-target import 10:100
R8(config-vrf)#exit

R8(config)#int e0/1
R8(config-if)#ip vrf forwarding C
R8(config-if)#ip add 148.148.148.8 255.255.255.0

R8(config-if)#int e0/2
R8(config-if)#ip vrf forwarding A
R8(config-if)#ip add 138.138.138.8 255.255.255.0

R8(config-if)#int e0/3
R8(config-if)#ip vrf forwarding D
R8(config-if)#ip add 128.128.128.8 255.255.255.0

R8(config-if)#int rang e0/1-3
R8(config-if-range)#no sh

oke konfigurasi vrf sudah selesai.. lanjut kita konfigurasikan routing protocol di PE.. untuk kantor A akan menggunakan OSPF, sedangkan kantor C dan D menggunakan EIGRP

R8(config)#router eigrp 400
R8(config-router)#address-family ipv4 vrf C autonomous-system 400
R8(config-router-af)#network 148.148.148.8 0.0.0.0
R8(config-router-af)#exit

R8(config)#router ospf 200 vrf A
R8(config-router)#router-id 200.200.200.200
R8(config-router)#network 138.138.138.8 0.0.0.0 are 0
R8(config-router)#exit

R8(config)#router eigrp 500
R8(config-router)#address-family ipv4 vrf D autonomous-system 500
R8(config-router-af)#network 128.128.128.8 0.0.0.0
R8(config-router-af)#exit

Oke.. konfigurasi di PE sudah selesai.. lanjut kita konfigurasikan di bagian CE

R14(config)#int e0/0
R14(config-if)#no sh
R14(config-if)#ip add 148.148.148.14 255.255.255.0

R14(config-if)#int lo0
R14(config-if)#ip add 14.14.14.14 255.255.255.255

R14(config-if)#router eigrp 400
R14(config-router)#net 148.148.148.14 0.0.0.0
R14(config-router)#net 14.14.14.14 0.0.0.0
R13(config)#int e0/0
R13(config-if)#no sh
R13(config-if)#ip add 138.138.138.13 255.255.255.0

R13(config-if)#int lo0
R13(config-if)#ip add 13.13.13.13 255.255.255.255

R13(config-if)#router ospf 200
R13(config-router)#net 138.138.138.13 0.0.0.0 are 0
R13(config-router)#net 13.13.13.13 0.0.0.0 are 0
R12(config)#int e0/0
R12(config-if)#no sh
R12(config-if)#ip add 128.128.128.12 255.255.255.0

R12(config-if)#int lo0
R12(config-if)#ip add 12.12.12.12 255.255.255.255

R12(config-if)#router eigrp 500
R12(config-router)#net 128.128.128.12 0.0.0.0
R12(config-router)#net 12.12.12.12 0.0.0.0

Lanjut kita konfigurasikan redistributionnya di router PE

R8(config)#router bgp 10
R8(config-router)#address-family ipv4 vrf C
R8(config-router-af)#redistribute eigrp 400

R8(config-router-af)#address-family ipv4 vrf A
R8(config-router-af)#redistribute ospf 200

R8(config-router-af)#address-family ipv4 vrf D
R8(config-router-af)#redistribute eigrp 500
R8(config-router-af)#exit

R8(config-router)#router eigrp 400
R8(config-router)#address-family ipv4 vrf C autonomous-system 400
R8(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1
R8(config-router-af)#exit

R8(config-router)#router ospf 200 vrf A
R8(config-router)#redistribute bgp 10 subnets
R8(config-router)#exit

R8(config)#router eigrp 500
R8(config-router)#address-family ipv4 vrf D autonomous-system 500
R8(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1
R8(config-router-af)#exit

Okkeeee konfigurasi di PE3 sudah selesai..

Lanjut kita konfigurasi di PE4..

R7(config)#ip vrf C
R7(config-vrf)#rd 10:400
R7(config-vrf)#route-target export 10:400
R7(config-vrf)#route-target import 10:400
R7(config-vrf)#route-target import 10:100
R7(config-vrf)#exit

R7(config)#ip vrf B
R7(config-vrf)#rd 10:300
R7(config-vrf)#route-target export 10:300
R7(config-vrf)#route-target import 10:300
R7(config-vrf)#route-target import 10:100
R7(config-vrf)#exit

R7(config)#int e0/2
R7(config-if)#ip vrf forwarding C
R7(config-if)#no sh
R7(config-if)#ip add 167.167.167.7 255.255.255.0

R7(config-if)#int e0/1
R7(config-if)#ip vrf forwarding B
R7(config-if)#no sh
R7(config-if)#ip add 157.157.157.7 255.255.255.0
R7(config)#router eigrp 400
R7(config-router)#address-family ipv4 vrf C autonomous-system 400
R7(config-router-af)#network 167.167.167.7 0.0.0.0
R7(config-router-af)#exit
R7(config-router)#exit

R7(config)#router ospf 300 vrf B
R7(config-router)#router-id 30.30.30.30
R7(config-router)#network 157.157.157.7 0.0.0.0 are 0
R7(config-router)#exit

Oke.. kita lanjut konfig di CE

R16(config)#int e0/0
R16(config-if)#no sh
R16(config-if)#ip add 167.167.167.16 255.255.255.0

R16(config-if)#int lo0
R16(config-if)#ip add 16.16.16.16 255.255.255.255

R16(config-if)#router ei 400
R16(config-router)#net 167.167.167.16 0.0.0.0
R16(config-router)#net 16.16.16.16 0.0.0.0
R15(config)#int e0/0
R15(config-if)#no sh
R15(config-if)#ip add 157.157.157.15 255.255.255.0

R15(config-if)#int lo0
R15(config-if)#ip add 15.15.15.15 255.255.255.255

R15(config-if)#router ospf 300
R15(config-router)#net 157.157.157.15 0.0.0.0 are 0
R15(config-router)#net 15.15.15.15 0.0.0.0 are 0

Terahir kita konfigurasikan redistribution di PE

R7(config)#router bgp 10
R7(config-router)#address-family ipv4 vrf C
R7(config-router-af)#redistribute eigrp 400
R7(config-router-af)#exit

R7(config-router)#address-family ipv4 vrf B
R7(config-router-af)#redistribute ospf 300
R7(config-router-af)#exit

R7(config-router)#router eigrp 400
R7(config-router)#address-family ipv4 vrf C autonomous-system 400
R7(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1
R7(config-router-af)#exit
R7(config-router)#exit

R7(config)#router ospf 300 vrf B
R7(config-router)#redistribute bgp 10 subnets
R7(config-router)#exit

Oke.. konfigurasi di PE4 sudah selesai…

lanjut kita konfigurasi di PE5 yaa.. ahirnya ini terahir juga..hehe udah lumayan capek nih.. hehe

R2(config)#ip vrf A
R2(config-vrf)#rd 10:200
R2(config-vrf)#route-target export 10:200
R2(config-vrf)#route-target import 10:200
R2(config-vrf)#route-target import 10:100
R2(config-vrf)#exit

R2(config)#ip vrf B
R2(config-vrf)#rd 10:300
R2(config-vrf)#route-target export 10:300
R2(config-vrf)#route-target import 10:300
R2(config-vrf)#route-target import 10:100
R2(config-vrf)#exit

R2(config)#ip vrf D
R2(config-vrf)#rd 10:500
R2(config-vrf)#route-target export 10:500
R2(config-vrf)#route-target import 10:500
R2(config-vrf)#route-target import 10:100
R2(config-vrf)#exit

R2(config)#int e0/3
R2(config-if)#no sh
R2(config-if)#ip vrf forwarding A
R2(config-if)#ip add 192.192.192.2 255.255.255.0

R2(config-if)#int e0/2
R2(config-if)#no sh
R2(config-if)#ip vrf forwarding B
R2(config-if)#ip add 182.182.182.2 255.255.255.0

R2(config-if)#int e0/1
R2(config-if)#no sh
R2(config-if)#ip vrf forwarding D
R2(config-if)#ip add 172.172.172.2 255.255.255.0
R2(config-if)#exit
R2(config)#router ospf 200 vrf A
R2(config-router)#router-id 200.200.200.200
R2(config-router)#net 192.192.192.2 0.0.0.0 are 0
R2(config-router)#exit

R2(config)#router ospf 300 vrf B
R2(config-router)#router-id 30.30.30.30
R2(config-router)#net 182.182.182.2 0.0.0.0 are 0
R2(config-router)#exit

R2(config)#router eigrp 500
R2(config-router)#address-family ipv4 vrf D autonomous-system 500
R2(config-router-af)#network 172.172.172.2 0.0.0.0
R2(config-router-af)#exit

Oke.. lanjut kita konfigurasikan di bagian CE

R19(config)#int e0/0
R19(config-if)#no sh
R19(config-if)#ip add 192.192.192.19 255.255.255.0

R19(config-if)#int lo0
R19(config-if)#ip add 19.19.19.19 255.255.255.255

R19(config-if)#router ospf 200
R19(config-router)#network 192.192.192.19 0.0.0.0 are 0
R19(config-router)#net 19.19.19.19 0.0.0.0 are 0
R18(config)#int e0/0
R18(config-if)#no sh
R18(config-if)#ip add 182.182.182.18 255.255.255.0

R18(config-if)#int lo0
R18(config-if)#ip add 18.18.18.18 255.255.255.255

R18(config-if)#router ospf 300
R18(config-router)#network 182.182.182.18 0.0.0.0 are 0
R18(config-router)#net 18.18.18.18 0.0.0.0 are 0
R17(config)#int e0/0
R17(config-if)#no sh
R17(config-if)#ip add 172.172.172.17 255.255.255.0

R17(config-if)#int lo0
R17(config-if)#ip add 17.17.17.17 255.255.255.255

R17(config-if)#router ei 500
R17(config-router)#net 172.172.172.17 0.0.0.0
R17(config-router)#net 17.17.17.17 0.0.0.0

Oke.. terahir kita lakukan redistribution di router PE

R2(config)#router bgp 10
R2(config-router)#address-family ipv4 vrf A
R2(config-router-af)#redistribute ospf 200
R2(config-router-af)#exit

R2(config-router)#address-family ipv4 vrf B
R2(config-router-af)#redistribute ospf 300
R2(config-router-af)#exit

R2(config-router)#address-family ipv4 vrf D
R2(config-router-af)#redistribute eigrp 500
R2(config-router-af)#exit

R2(config-router)#router ospf 200 vrf A
R2(config-router)#redistribute bgp 10 subnets
R2(config-router)#exit

R2(config)#router ospf 300 vrf B
R2(config-router)#redistribute bgp 10 subnets
R2(config-router)#exit

R2(config)#router eigrp 500
R2(config-router)#address-family ipv4 vrf D autonomous-system 500
R2(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1
R2(config-router-af)#exit

Oke.. sepertinya sudah selesai deh semuanya.. hehee

sebenarnya pengen nya sih postingan ini postingan terahir dari seri superlab L3VPN Cisco.. tapi karena sudah terlalu panjang.. kita sudahi dulu sampai disini yaa.. kita akan lanjut di lab berikutnya untuk pengujian… oke sampai jumpa lagi yaaa

Lab 135 – Superlab L3VPN Cisco (Bagian 5 Konfigurasi PE&CE)

Pada lab sebelumnya kita sudah membahas konfigurasi IBGP pada seluruh router PE.. selanjutnya pada lab ini kita akan mengkonfigurasikan bagian PE dan CE.. sepertinya pembahasan ini akan menjadi pembahasan terahir dari superlab ini deh.. hehehe… siap2 berpisah lagi yaa… tapi doakan saja agar saya bisa segera menulis lagi di blog yaa.. hehe

Oke langsung saja yaa

Sebelum ke konfigurasi,, saya akan sampaikan konfigurasinya yaa… untuk RD nya nanti akan menggunakan list berikut

  • Services -> 10:100
  • Kantor A -> 10:200
  • Kantor B -> 10:300
  • Kantor C -> 10:400
  • Kantod D-> 10:500
Adapun untuk routing protocol, kita akan menggunakan sesuai list berikut
  • Services -> Static
  • Kantor A -> OSPF
  • Kantor B -> OSPF
  • Kantor C -> EIGRP
  • Kantod D -> EIGRP

Oke.. pertama kita akan konfigurasi PE1 yaa.. yaitu di R5.. pertama kita konfigurasikan dulu vrf nya,

R5(config)#ip vrf Services
R5(config-vrf)#rd 10:100
R5(config-vrf)#route-target export 10:100
R5(config-vrf)#route-target import 10:200
R5(config-vrf)#route-target import 10:300
R5(config-vrf)#route-target import 10:400
R5(config-vrf)#route-target import 10:500

R5(config-vrf)#int e0/1
R5(config-if)#ip vrf forwarding Services
R5(config-if)#ip add 205.205.205.5 255.255.255.0

Selanjutnya kita konfigurasi addressing di bagian CE

R20(config)#int e0/0
R20(config-if)#no sh
R20(config-if)#ip add 205.205.205.20 255.255.255.0

R20(config-if)#int lo0
R20(config-if)#ip add 20.20.20.20 255.255.255.255

Oke.. lanjut kita konfigurasikan static routing di bagian PE untuk menuju CE yaa.. ingat bahwa dibagian Service kita menggunakan static routing..

R5(config)#ip route vrf Services 20.20.20.20 255.255.255.255 205.205.205.20

Untuk pengujian.. kita lakukan ping dari router PE ke ip loopback CE

R5(config)#do ping vrf Services 20.20.20.20
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 20.20.20.20, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

Oke.. selanjutnya kita konfigurasikan default route di router CE

R20(config-if)#ip route 0.0.0.0 0.0.0.0 205.205.205.5

Sekarang kita redistribute static routing yang ada di PE ke IBGP..

R5(config)#router bgp 10
R5(config-router)#address-family ipv4 vrf Services
R5(config-router-af)#redistribute static

Oke.. konfigurasi di PE1 done!!!

Lanjut kita konfigurasi di PE2 yaaa.. pertama kita konfigurasikan vrf nya dulu yaa

R6(config)#ip vrf A
R6(config-vrf)#rd 10:200
R6(config-vrf)#route-target export 10:200
R6(config-vrf)#route-target import 10:200
R6(config-vrf)#route-target import 10:100
R6(config-vrf)#exit

R6(config)#ip vrf B
R6(config-vrf)#rd 10:300
R6(config-vrf)#route-target export 10:300
R6(config-vrf)#route-target import 10:300
R6(config-vrf)#route-target import 10:100
R6(config-vrf)#exit

R6(config)#ip vrf C
R6(config-vrf)#rd 10:400
R6(config-vrf)#route-target export 10:400
R6(config-vrf)#route-target import 10:400
R6(config-vrf)#route-target import 10:100
R6(config-vrf)#exit

R6(config)#int e0/1
R6(config-if)#ip vrf forwarding A
R6(config-if)#no sh
R6(config-if)#ip add 69.69.69.6 255.255.255.0

R6(config-if)#int e0/2
R6(config-if)#ip vrf forwarding B
R6(config-if)#no sh
R6(config-if)#ip add 106.106.106.6 255.255.255.0

R6(config-if)#int e0/3
R6(config-if)#ip vrf forwarding C
R6(config-if)#no sh
R6(config-if)#ip add 116.116.116.6 255.255.255.0

Lanjut kita konfigurasikan routing protocolnya yaa.. ingat bahwa kantor A dan B menggunakan OSPF sedangkan kantor C menggunakan EIGRP.

R6(config)#router ospf 200 vrf A
R6(config-router)#
*Apr 27 14:01:50.405: %OSPF-4-NORTRID: OSPF process 200 failed to allocate
unique router-id and cannot start
R6(config-router)#router-id 200.200.200.200
R6(config-router)#net 69.69.69.6 0.0.0.0 are 0
R6(config-router)#exit

R6(config)#router ospf 300 vrf B
*Apr 27 14:03:00.368: %OSPF-4-NORTRID: OSPF process 300 failed to allocate
unique router-id and cannot start
R6(config-router)#router-id 30.30.30.30
R6(config-router)#net 106.106.106.6 0.0.0.0 are 0
R6(config-router)#exit

R6(config)#router eigrp 400
R6(config-router)#address-family ipv4 vrf C autonomous-system 400
R6(config-router-af)#network 116.116.116.6 0.0.0.0

Oke.. sekarang kita konfigurasi di bagian CE yaa

R9(config)#int e0/0
R9(config-if)#no sh
R9(config-if)#ip add 69.69.69.9 255.255.255.0

R9(config-if)#int lo0
R9(config-if)#ip add 9.9.9.9 255.255.255.255

R9(config-if)#router ospf 200
R9(config-router)#net 69.69.69.9 0.0.0.0 are 0
R9(config-router)#net 9.9.9.9 0.0.0.0 are 0
R10(config)#int e0/0
R10(config-if)#no sh
R10(config-if)#ip add 106.106.106.10 255.255.255.0

R10(config-if)#int lo0
R10(config-if)#ip add 10.10.10.10 255.255.255.255

R10(config-if)#router ospf 300
R10(config-router)#net 106.106.106.10 0.0.0.0 are 0
R10(config-router)#net 10.10.10.10 0.0.0.0 are 0
R11(config)#int e0/0
R11(config-if)#no sh
R11(config-if)#ip add 116.116.116.11 255.255.255.0

R11(config-if)#int lo0
R11(config-if)#ip add 11.11.11.11 255.255.255.255

R11(config-if)#router ei 400
R11(config-router)#net 116.116.116.11 0.0.0.0
R11(config-router)#net 11.11.11.11 0.0.0.0

Oke.. terahir kita konfigurasikan redistribution nya di router PE

R6(config)#router bgp 10
R6(config-router)#address-family ipv4 vrf A
R6(config-router-af)#redistribute ospf 200

R6(config-router-af)#address-family ipv4 vrf B
R6(config-router-af)#redistribute ospf 300

R6(config-router-af)#address-family ipv4 vrf C
R6(config-router-af)#redistribute eigrp 400
R6(config)#router ospf 200
R6(config-router)#redistribute bgp 10 subnets

R6(config-router)#router ospf 300
R6(config-router)#redistribute bgp 10 subnets

R6(config)#router ei 400
R6(config-router)#address-family ipv4 vrf C autonomous-system 400
R6(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1

Oke.. kita sudah selesai.. untuk pengujian, kita coba lihat tabel routing masing-masing vrf

R6(config-router-af)#do sh ip rou vrf A

Routing Table: A
Gateway of last resort is not set

9.0.0.0/32 is subnetted, 1 subnets
O 9.9.9.9 [110/11] via 69.69.69.9, 00:14:46, Ethernet0/1
69.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 69.69.69.0/24 is directly connected, Ethernet0/1
L 69.69.69.6/32 is directly connected, Ethernet0/1
R6(config-router-af)#do sh ip rou vrf B

Routing Table: B
Gateway of last resort is not set

10.0.0.0/32 is subnetted, 1 subnets
O 10.10.10.10 [110/11] via 106.106.106.10, 00:15:01, Ethernet0/2
106.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 106.106.106.0/24 is directly connected, Ethernet0/2
L 106.106.106.6/32 is directly connected, Ethernet0/2
R6(config-router-af)#do sh ip rou vrf C

Routing Table: C
Gateway of last resort is not set

11.0.0.0/32 is subnetted, 1 subnets
D 11.11.11.11 [90/409600] via 116.116.116.11, 00:02:05, Ethernet0/3
116.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 116.116.116.0/24 is directly connected, Ethernet0/3
L 116.116.116.6/32 is directly connected, Ethernet0/3

Oke.. sudah berhasill..

lanjut kita konfigurasi di PE3 yaa… seperti biasa, pertama kita konfigurasikan vrf nya dulu

R8(config)#ip vrf C
R8(config-vrf)#rd 10:400
R8(config-vrf)#route-target export 10:400
R8(config-vrf)#route-target import 10:100
R8(config-vrf)#route-target import 10:400
R8(config-vrf)#exit

R8(config)#ip vrf A
R8(config-vrf)#rd 10:200
R8(config-vrf)#route-target export 10:200
R8(config-vrf)#route-target import 10:200
R8(config-vrf)#route-target import 10:100
R8(config-vrf)#exit

R8(config)#ip vrf D
R8(config-vrf)#rd 10:500
R8(config-vrf)#route-target export 10:500
R8(config-vrf)#route-target import 10:500
R8(config-vrf)#route-target import 10:100
R8(config-vrf)#exit

R8(config)#int e0/1
R8(config-if)#ip vrf forwarding C
R8(config-if)#ip add 148.148.148.8 255.255.255.0

R8(config-if)#int e0/2
R8(config-if)#ip vrf forwarding A
R8(config-if)#ip add 138.138.138.8 255.255.255.0

R8(config-if)#int e0/3
R8(config-if)#ip vrf forwarding D
R8(config-if)#ip add 128.128.128.8 255.255.255.0

R8(config-if)#int rang e0/1-3
R8(config-if-range)#no sh

oke konfigurasi vrf sudah selesai.. lanjut kita konfigurasikan routing protocol di PE.. untuk kantor A akan menggunakan OSPF, sedangkan kantor C dan D menggunakan EIGRP

R8(config)#router eigrp 400
R8(config-router)#address-family ipv4 vrf C autonomous-system 400
R8(config-router-af)#network 148.148.148.8 0.0.0.0
R8(config-router-af)#exit

R8(config)#router ospf 200 vrf A
R8(config-router)#router-id 200.200.200.200
R8(config-router)#network 138.138.138.8 0.0.0.0 are 0
R8(config-router)#exit

R8(config)#router eigrp 500
R8(config-router)#address-family ipv4 vrf D autonomous-system 500
R8(config-router-af)#network 128.128.128.8 0.0.0.0
R8(config-router-af)#exit

Oke.. konfigurasi di PE sudah selesai.. lanjut kita konfigurasikan di bagian CE

R14(config)#int e0/0
R14(config-if)#no sh
R14(config-if)#ip add 148.148.148.14 255.255.255.0

R14(config-if)#int lo0
R14(config-if)#ip add 14.14.14.14 255.255.255.255

R14(config-if)#router eigrp 400
R14(config-router)#net 148.148.148.14 0.0.0.0
R14(config-router)#net 14.14.14.14 0.0.0.0
R13(config)#int e0/0
R13(config-if)#no sh
R13(config-if)#ip add 138.138.138.13 255.255.255.0

R13(config-if)#int lo0
R13(config-if)#ip add 13.13.13.13 255.255.255.255

R13(config-if)#router ospf 200
R13(config-router)#net 138.138.138.13 0.0.0.0 are 0
R13(config-router)#net 13.13.13.13 0.0.0.0 are 0
R12(config)#int e0/0
R12(config-if)#no sh
R12(config-if)#ip add 128.128.128.12 255.255.255.0

R12(config-if)#int lo0
R12(config-if)#ip add 12.12.12.12 255.255.255.255

R12(config-if)#router eigrp 500
R12(config-router)#net 128.128.128.12 0.0.0.0
R12(config-router)#net 12.12.12.12 0.0.0.0

Lanjut kita konfigurasikan redistributionnya di router PE

R8(config)#router bgp 10
R8(config-router)#address-family ipv4 vrf C
R8(config-router-af)#redistribute eigrp 400

R8(config-router-af)#address-family ipv4 vrf A
R8(config-router-af)#redistribute ospf 200

R8(config-router-af)#address-family ipv4 vrf D
R8(config-router-af)#redistribute eigrp 500
R8(config-router-af)#exit

R8(config-router)#router eigrp 400
R8(config-router)#address-family ipv4 vrf C autonomous-system 400
R8(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1
R8(config-router-af)#exit

R8(config-router)#router ospf 200 vrf A
R8(config-router)#redistribute bgp 10 subnets
R8(config-router)#exit

R8(config)#router eigrp 500
R8(config-router)#address-family ipv4 vrf D autonomous-system 500
R8(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1
R8(config-router-af)#exit

Okkeeee konfigurasi di PE3 sudah selesai..

Lanjut kita konfigurasi di PE4..

R7(config)#ip vrf C
R7(config-vrf)#rd 10:400
R7(config-vrf)#route-target export 10:400
R7(config-vrf)#route-target import 10:400
R7(config-vrf)#route-target import 10:100
R7(config-vrf)#exit

R7(config)#ip vrf B
R7(config-vrf)#rd 10:300
R7(config-vrf)#route-target export 10:300
R7(config-vrf)#route-target import 10:300
R7(config-vrf)#route-target import 10:100
R7(config-vrf)#exit

R7(config)#int e0/2
R7(config-if)#ip vrf forwarding C
R7(config-if)#no sh
R7(config-if)#ip add 167.167.167.7 255.255.255.0

R7(config-if)#int e0/1
R7(config-if)#ip vrf forwarding B
R7(config-if)#no sh
R7(config-if)#ip add 157.157.157.7 255.255.255.0
R7(config)#router eigrp 400
R7(config-router)#address-family ipv4 vrf C autonomous-system 400
R7(config-router-af)#network 167.167.167.7 0.0.0.0
R7(config-router-af)#exit
R7(config-router)#exit

R7(config)#router ospf 300 vrf B
R7(config-router)#router-id 30.30.30.30
R7(config-router)#network 157.157.157.7 0.0.0.0 are 0
R7(config-router)#exit

Oke.. kita lanjut konfig di CE

R16(config)#int e0/0
R16(config-if)#no sh
R16(config-if)#ip add 167.167.167.16 255.255.255.0

R16(config-if)#int lo0
R16(config-if)#ip add 16.16.16.16 255.255.255.255

R16(config-if)#router ei 400
R16(config-router)#net 167.167.167.16 0.0.0.0
R16(config-router)#net 16.16.16.16 0.0.0.0
R15(config)#int e0/0
R15(config-if)#no sh
R15(config-if)#ip add 157.157.157.15 255.255.255.0

R15(config-if)#int lo0
R15(config-if)#ip add 15.15.15.15 255.255.255.255

R15(config-if)#router ospf 300
R15(config-router)#net 157.157.157.15 0.0.0.0 are 0
R15(config-router)#net 15.15.15.15 0.0.0.0 are 0

Terahir kita konfigurasikan redistribution di PE

R7(config)#router bgp 10
R7(config-router)#address-family ipv4 vrf C
R7(config-router-af)#redistribute eigrp 400
R7(config-router-af)#exit

R7(config-router)#address-family ipv4 vrf B
R7(config-router-af)#redistribute ospf 300
R7(config-router-af)#exit

R7(config-router)#router eigrp 400
R7(config-router)#address-family ipv4 vrf C autonomous-system 400
R7(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1
R7(config-router-af)#exit
R7(config-router)#exit

R7(config)#router ospf 300 vrf B
R7(config-router)#redistribute bgp 10 subnets
R7(config-router)#exit

Oke.. konfigurasi di PE4 sudah selesai…

lanjut kita konfigurasi di PE5 yaa.. ahirnya ini terahir juga..hehe udah lumayan capek nih.. hehe

R2(config)#ip vrf A
R2(config-vrf)#rd 10:200
R2(config-vrf)#route-target export 10:200
R2(config-vrf)#route-target import 10:200
R2(config-vrf)#route-target import 10:100
R2(config-vrf)#exit

R2(config)#ip vrf B
R2(config-vrf)#rd 10:300
R2(config-vrf)#route-target export 10:300
R2(config-vrf)#route-target import 10:300
R2(config-vrf)#route-target import 10:100
R2(config-vrf)#exit

R2(config)#ip vrf D
R2(config-vrf)#rd 10:500
R2(config-vrf)#route-target export 10:500
R2(config-vrf)#route-target import 10:500
R2(config-vrf)#route-target import 10:100
R2(config-vrf)#exit

R2(config)#int e0/3
R2(config-if)#no sh
R2(config-if)#ip vrf forwarding A
R2(config-if)#ip add 192.192.192.2 255.255.255.0

R2(config-if)#int e0/2
R2(config-if)#no sh
R2(config-if)#ip vrf forwarding B
R2(config-if)#ip add 182.182.182.2 255.255.255.0

R2(config-if)#int e0/1
R2(config-if)#no sh
R2(config-if)#ip vrf forwarding D
R2(config-if)#ip add 172.172.172.2 255.255.255.0
R2(config-if)#exit
R2(config)#router ospf 200 vrf A
R2(config-router)#router-id 200.200.200.200
R2(config-router)#net 192.192.192.2 0.0.0.0 are 0
R2(config-router)#exit

R2(config)#router ospf 300 vrf B
R2(config-router)#router-id 30.30.30.30
R2(config-router)#net 182.182.182.2 0.0.0.0 are 0
R2(config-router)#exit

R2(config)#router eigrp 500
R2(config-router)#address-family ipv4 vrf D autonomous-system 500
R2(config-router-af)#network 172.172.172.2 0.0.0.0
R2(config-router-af)#exit

Oke.. lanjut kita konfigurasikan di bagian CE

R19(config)#int e0/0
R19(config-if)#no sh
R19(config-if)#ip add 192.192.192.19 255.255.255.0

R19(config-if)#int lo0
R19(config-if)#ip add 19.19.19.19 255.255.255.255

R19(config-if)#router ospf 200
R19(config-router)#network 192.192.192.19 0.0.0.0 are 0
R19(config-router)#net 19.19.19.19 0.0.0.0 are 0
R18(config)#int e0/0
R18(config-if)#no sh
R18(config-if)#ip add 182.182.182.18 255.255.255.0

R18(config-if)#int lo0
R18(config-if)#ip add 18.18.18.18 255.255.255.255

R18(config-if)#router ospf 300
R18(config-router)#network 182.182.182.18 0.0.0.0 are 0
R18(config-router)#net 18.18.18.18 0.0.0.0 are 0
R17(config)#int e0/0
R17(config-if)#no sh
R17(config-if)#ip add 172.172.172.17 255.255.255.0

R17(config-if)#int lo0
R17(config-if)#ip add 17.17.17.17 255.255.255.255

R17(config-if)#router ei 500
R17(config-router)#net 172.172.172.17 0.0.0.0
R17(config-router)#net 17.17.17.17 0.0.0.0

Oke.. terahir kita lakukan redistribution di router PE

R2(config)#router bgp 10
R2(config-router)#address-family ipv4 vrf A
R2(config-router-af)#redistribute ospf 200
R2(config-router-af)#exit

R2(config-router)#address-family ipv4 vrf B
R2(config-router-af)#redistribute ospf 300
R2(config-router-af)#exit

R2(config-router)#address-family ipv4 vrf D
R2(config-router-af)#redistribute eigrp 500
R2(config-router-af)#exit

R2(config-router)#router ospf 200 vrf A
R2(config-router)#redistribute bgp 10 subnets
R2(config-router)#exit

R2(config)#router ospf 300 vrf B
R2(config-router)#redistribute bgp 10 subnets
R2(config-router)#exit

R2(config)#router eigrp 500
R2(config-router)#address-family ipv4 vrf D autonomous-system 500
R2(config-router-af)#redistribute bgp 10 metric 1 1 1 1 1
R2(config-router-af)#exit

Oke.. sepertinya sudah selesai deh semuanya.. hehee

sebenarnya pengen nya sih postingan ini postingan terahir dari seri superlab L3VPN Cisco.. tapi karena sudah terlalu panjang.. kita sudahi dulu sampai disini yaa.. kita akan lanjut di lab berikutnya untuk pengujian… oke sampai jumpa lagi yaaa