kali ini kita akan belajar konfigurasi protokol BGP dengan router juniper di GNS 3. nah, di dalam BGP sendiri terdapat 2 macam yaitu :
- IBGP = sebagai protokol untuk infomasi antar AS yang sama. ( konfigurasi )
- EBGP = sebagai protokol untuk informasi beda AS. (Konfigurasi )
siapkan GNS 3 dan router Junipernya dan uat topology seperti dibawah:
- Semarang
## Last changed: 2012-06-17 16:59:57 UTC
version 8.3R2.8;
system {
host-name Semarang;
root-authentication {
encrypted-password “$1$3T8rkYBw$F2lhbybMkAYpOM2ubkbNA/”; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 222.222.222.1/30;
}
}
}
fxp1 {
unit 0 {
family inet {
address 222.222.222.9/30;
}
}
}
fxp2 {
unit 0 {
family inet {
address 212.222.222.1/30;
}
}
}
fxp3 {
unit 0 {
family inet {
address 212.222.222.9/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 1.1.1.1/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop [ 212.222.222.2 212.222.222.10 ];
}
autonomous-system 11;
}
protocols {
bgp {
group internal {
type internal;
export all;
neighbor 212.222.222.2 {
peer-as 11;
}
neighbor 212.222.222.10 {
peer-as 11;
}
}
group external {
type external;
export all;
neighbor 222.222.222.2 {
peer-as 10;
}
neighbor 222.222.222.10 {
peer-as 12;
}
}
}
}
policy-options {
policy-statement all {
term 1 {
from {
protocol direct;
route-filter 1.1.1.1/32 exact;
}
then accept;
}
}
}
- AccessNet_ITTELKOM
## Last changed: 2012-06-17 15:23:06 UTC
version 8.3R2.8;
system {
host-name AccessNet_ITTELKOM;
root-authentication {
encrypted-password “$1$JC2ci6tP$.boHuK0K3Vza83Ll6g/VJ1″; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 222.222.222.2/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 4.4.4.4/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 222.222.222.1;
}
autonomous-system 10;
}
protocols {
bgp {
group external {
export all;
peer-as 11;
neighbor 222.222.222.1;
}
}
}
policy-options {
policy-statement all {
term 1 {
from {
protocol direct;
route-filter 4.4.4.4/32 exact;
}
then accept;
}
}
}
- Surabaya
## Last changed: 2012-06-17 15:49:08 UTC
version 8.3R2.8;
system {
host-name Surabaya;
root-authentication {
encrypted-password “$1$lH9zdg27$BZEz7FagxtUfRhrVURV6E.”; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 222.222.222.10/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 5.5.5.5/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 222.222.222.9;
}
autonomous-system 12;
}
protocols {
bgp {
group external {
export all;
peer-as 11;
neighbor 222.222.222.9;
}
}
}
policy-options {
policy-statement all {
term 1 {
from {
protocol direct;
route-filter 5.5.5.5/32 exact;
}
then accept;
}
}
}
- UNDIP
## Last changed: 2012-06-17 15:48:39 UTC
version 8.3R2.8;
system {
host-name UNDIP;
root-authentication {
encrypted-password “$1$HVZD.G7j$L9OHJa5KbKw0GMHf/2TtE0″; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 212.222.222.2/30;
}
}
}
fxp1 {
unit 0 {
family inet {
address 212.222.222.5/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 2.2.2.2/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 212.222.222.1;
}
autonomous-system 11;
}
protocols {
bgp {
group internal {
type internal;
export all;
neighbor 212.222.222.1 {
peer-as 11;
}
neighbor 212.222.222.6 {
peer-as 11;
}
}
}
}
policy-options {
policy-statement all {
term 1 {
from {
protocol direct;
route-filter 2.2.2.2/32 exact;
}
then accept;
}
}
}
- UNNES
## Last changed: 2012-06-17 15:50:34 UTC
version 8.3R2.8;
system {
host-name UNNESS;
root-authentication {
encrypted-password “$1$O3qD491L$7geLK74jz1yzQzQT.QCSJ1″; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 212.222.222.10/30;
}
}
}
fxp1 {
unit 0 {
family inet {
address 212.222.222.6/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 3.3.3.3/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 212.222.222.9;
}
autonomous-system 11;
}
protocols {
bgp {
group internal {
type internal;
export all;
neighbor 212.222.222.5 {
peer-as 11;
}
neighbor 212.222.222.9 {
peer-as 11;
}
}
}
}
policy-options {
policy-statement all {
term 1 {
from {
protocol direct;
route-filter 3.3.3.3/32 exact;
}
then accept;
}
}
}
nah, setelah itu. kita coba cek. Penulis mengeceknya di salah satu router, yaitu di router wilayah semarang.
- Show route
- Show BGP summary
Selanjutnya kita melihat keterangan BGP yang telah kita buat dengan perintah :
- show route protocol bgp detail
Sekarang kita akan lihat neighbornya dengan cara :
- Show BGP Neighbor
kemudian kita akan lihat group dari BGP nya, seperti ynag kita bahas di atas, mana yang internal mana yang external
- Show bgp group
selanjutnya tahap akhir, kita coba ping dari AccessNet
- Ping ke arah UNDIP ( ping 212.222.222.5 )
- Ping ke arah Surabaya ( ping 212.222.222.10 )
alhamdulillah, semuanya sudah berhasil ,kini tinggal anda mencobanya dengan penambahan router yang lain semoga bermanfaat.