Senin, 19 November 2012

Lab114. Inter-AS MPLS VPN

Objective : Mempelajari cara mengkonfigurasikan MPLS VPN dengan menggunakan Inter - AS

Topologi Lab :
Konfigurasi PE1

!
ip vrf R1
 rd 1:1
 route-target export 1:1
 route-target import 1:1
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 !
interface Loopback100
 ip vrf forwarding R1
 ip address 100.100.100.1 255.255.255.255
 !
interface Serial1/0
 ip address 12.12.12.1 255.255.255.0
 mpls bgp forwarding
 mpls ip
 serial restart-delay 0
!
interface FastEthernet2/0
 ip address 13.13.13.1 255.255.255.0
 duplex auto
 speed auto
 mpls ip
!
router ospf 1
 log-adjacency-changes
 network 1.1.1.1 0.0.0.0 area 0
 network 13.13.13.1 0.0.0.0 area 0
!
router bgp 13
 no synchronization
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 13
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 12.12.12.2 remote-as 24
 no auto-summary
 !
 address-family vpnv4
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 send-community extended
  neighbor 3.3.3.3 next-hop-self
  neighbor 12.12.12.2 activate
  neighbor 12.12.12.2 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf R1
  no synchronization
  redistribute connected
 exit-address-family
!

Konfigurasi PE2

!
ip vrf R2
 rd 1:1
 route-target export 1:1
 route-target import 1:1
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
 !
interface Loopback100
 ip vrf forwarding R2
 ip address 100.100.100.2 255.255.255.255
 !
interface Serial1/0
 ip address 12.12.12.2 255.255.255.0
 mpls bgp forwarding
 mpls ip
 serial restart-delay 0
!
interface FastEthernet2/0
 ip address 24.24.24.2 255.255.255.0
 duplex auto
 speed auto
 mpls ip
!
router eigrp 24
 network 2.2.2.2 0.0.0.0
 network 24.24.24.2 0.0.0.0
!
router bgp 24
 no synchronization
 bgp log-neighbor-changes
 neighbor 4.4.4.4 remote-as 24
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 12.12.12.1 remote-as 13
 no auto-summary
 !
 address-family vpnv4
  neighbor 4.4.4.4 activate
  neighbor 4.4.4.4 send-community extended
  neighbor 4.4.4.4 next-hop-self
  neighbor 12.12.12.1 activate
  neighbor 12.12.12.1 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf R2
  no synchronization
  redistribute connected
 exit-address-family
!

Konfigurasi PE3

!
ip vrf R3
 rd 1:1
 route-target export 1:1
 route-target import 1:1
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
 !
interface Loopback100
 ip vrf forwarding R3
 ip address 100.100.100.3 255.255.255.255
!
interface FastEthernet1/0
 ip address 13.13.13.3 255.255.255.0
 duplex auto
 speed auto
 mpls ip
!
router ospf 1
 log-adjacency-changes
 network 3.3.3.3 0.0.0.0 area 0
 network 13.13.13.3 0.0.0.0 area 0
!
router bgp 13
 no synchronization
 bgp log-neighbor-changes
 neighbor 1.1.1.1 remote-as 13
 neighbor 1.1.1.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 1.1.1.1 activate
  neighbor 1.1.1.1 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf R3
  no synchronization
  redistribute connected
 exit-address-family
!

Konfigurasi PE4

!
ip vrf R4
 rd 1:1
 route-target export 1:1
 route-target import 1:1
!
interface Loopback0
 ip address 4.4.4.4 255.255.255.255
!
interface Loopback100
 ip vrf forwarding R4
 ip address 100.100.100.4 255.255.255.255
!
interface FastEthernet1/0
 ip address 24.24.24.4 255.255.255.0
 duplex auto
 speed auto
 mpls ip
!
router eigrp 24
 network 4.4.4.4 0.0.0.0
 network 24.24.24.4 0.0.0.0
!
router bgp 24
 no synchronization
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 24
 neighbor 2.2.2.2 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf R4
  no synchronization
  redistribute connected
 exit-address-family
!

Verifikasi Lab Tahap 1

Pada tahapan ini, masing-masing customer yang berada pada ISP yang sama bisa saling berkomunikasi.

Verifikasi PE3
Verifikasi PE4

 Tahap 2. Menghubungkan MPLS-VPN Antar ISP

Mengkoneksikan antar interface serialnya
 

Metoda yang digunakan untuk inter-AS MPLS VPN kali ini adalah dengan menambahkan konfigurasi external MP-BGP pada Router PE yang terhubung ke ISP lain.

Cek hasilnya.
Hasil nya masih sama dengan route yang diatas.

Cek BGP advertisement nya
Udah dapat sebenarnya, tetapi untuk IP Next Hop nya unreachable.

Ada 3 cara agar next hop nya bisa reachable, yakni :
  1. network 12.12.12.0/24 diadvertise ke BGP
  2. network 12.12.12.0/24 diadvertise ke IGP
  3. menggunakan perintah next-hop-self
Kali ini menggunakan next-hop-self saja, namun perlu diingat untuk konfigurasikannya bukan di BGP nya melainkan di MP-BGP nya. Jadi dikonfigurasikan dibawah address-family vpnv4 nya.


Cek lagi di Router PE3 dan Router PE4

Test ping end to end

Tidak ada komentar:

Posting Komentar