Python Script: HP Switch

Ternyata skrip python yang biasa saya gunakan untuk mengambil konfigurasi perangkat Cisco tidak bisa digunakan untuk HP Switch (model ProCurve maupun Aruba). Setelah googling sana sini akhirnya bikin skrip baru memakai pexpect. HP Switch yang digunakan untuk percobaan adalah model HP J9780A 2530-8-PoEP.

Modul yang dibutuhkan untuk skrip ini.

#!/usr/bin/env python3
import pexpect
import sys

Parameter yang digunakan.

HOST = "10.0.0.1"
USER = "admin"
PASS = "admin"

Pertama pexpect akan melakukan telnet ke perangkat.

t = pexpect.spawn('telnet {}'.format(HOST))

Perangkat akan menanyakan username untuk login

# username
t.expect('Username:')
t.sendline(USER)

…dan password.

# password
t.expect('Password:')
t.sendline(PASS)

Sampai sini kita akan mengambil hostname dari perangkat.

# get hostname
t.expect('#')
NAME = str(t.before.decode().split(' ')[-1])
print(NAME+'\r\n')
PROMPT = str(NAME+'#')

Mari kita nonaktifkan paging mode supaya tidak perlu menekan spacebar.

# no pagination
t.sendline('no page')
t.expect(PROMPT)

Dan akhirnya kita akan mengambil sh ver dan sh run dari perangkat.

# show version
t.sendline('sh ver')
t.expect(PROMPT)
print(t.before.decode())

# show configuration
t.sendline('sh run')
t.expect(PROMPT)
print(t.before.decode())

 

 

Advertisements

CCIE Bootcamp: QoS

Hari ke-6 dibahas tentang QoS. Quality of Service (QoS) dibutuhkan untuk memberikan suatu prioritas pada layanan tertentu misalnya trafik ke server yang khusus untuk kerjaan, menurunkan prioritas untuk layanan browsing dan lain-lain. Di Cisco salah satu cara untuk membuat QoS adalah menggunakan Modular QoS CLI (MQC). Tahapan MQC dibagi menjadi:

  1. Membuat access-list
  2. Membuat class-map
  3. Membuat policy-map
  4. Memasang service-policy di interface

Access-list (ACL) kita buat untuk menyaring aplikasi apa saja yang akan kita buat QoS-nya. Contoh di bawah untuk aplikasi VoIP.

ip access-list extended QoS-VoIP-Control
 permit tcp any any eq 1720
 permit tcp any any range 11000 11999
 permit udp any any eq 2427
 permit tcp any any eq 2428
 permit tcp any any range 2000 2002
 permit udp any any eq 1719
 permit udp any any eq 5060
ip access-list extended QoS-VoIP-RTCP
 permit udp any any range 16384 32767

 

Setelah itu kita membuat class-map. Class-map akan berisi ACL, protocol atau precedence/dsp yang akan kita buat QoS-nya.

class-map match-any QoS-VoIP-Remark
 match ip dscp ef 
 match ip dscp cs3 
 match ip dscp af31 
class-map match-any QoS-VoIP-Control-UnTrust
 match access-group name QoS-VoIP-Control
class-map match-any QoS-VoIP-RTP-UnTrust
 match protocol rtp audio 
 match access-group name QoS-VoIP-RTCP

 

Setelah mengelompokan dalam class-map kita akan menentukan policy-map untuk mengatur berapa banyak bandwidth yang dialokasikan untuk class-map tertentu

policy-map QoS-Policy-UnTrust
 class QoS-VoIP-RTP-UnTrust
 priority percent 70
 set dscp ef
 class QoS-VoIP-Control-UnTrust
 bandwidth percent 5
 set dscp af31
 class QoS-VoIP-Remark
 set dscp default
 class class-default
 fair-queue

 

Terakhir kita memasang policy-map tersebut di interface.

interface FastEthernet0/0
 service-policy output QoS-Policy-UnTrust

Sebenarnya ada cara yang lebih mudah untuk membuat QoS untuk VoIP yaitu dengan perintah auto qos voip di interface.

interface FastEthernet0/0
 auto qos voip

 

Hasilnya akan sama dengan konfigurasi QoS di atas 😀

CCIE Bootcamp: MPLS

Hari ke-5 saya akan menulis mengenai MPLS dasar mulai dari OSPF, LDP, BGP, MP-BGP dan PE-CE routing menggunakan RIP dan EIGRP. Mari kita mulai dari konfigurasi alamat IP.

Konfigurasi PE1:

interface Loopback0
 ip address 10.10.10.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.10.1 255.255.255.252
!
router ospf 1
 log-adjacency-changes
 network 10.10.10.1 0.0.0.0 area 0
 network 192.168.10.1 0.0.0.0 area 0

 

Konfigurasi P:

interface Loopback0
 ip address 10.10.10.10 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.10.2 255.255.255.252
!
interface FastEthernet0/1
 ip address 192.168.20.1 255.255.255.252
!
router ospf 1
 network 10.10.10.10 0.0.0.0 area 0
 network 192.168.10.2 0.0.0.0 area 0
 network 192.168.20.1 0.0.0.0 area 0

 

Konfigurasi PE2:

interface Loopback0
 ip address 10.10.10.2 255.255.255.252
!
interface FastEthernet0/0
 ip address 192.168.20.2 255.255.255.252
!
router ospf 1
 network 10.10.10.2 0.0.0.0 area 0
 network 192.168.20.2 0.0.0.0 area 0

 

Konfigurasi di CE-A1:

interface Loopback0
 ip address 10.0.0.1 255.255.255.255
!
interface Serial0/0
 ip address 192.168.0.2 255.255.255.252

 

Konfigurasi di CE-A2

interface Loopback0
 ip address 10.0.0.2 255.255.255.255
!
interface Serial0/0
 ip address 192.168.0.6 255.255.255.252

 

Konfigurasi di CE-B1

interface Loopback0
 ip address 10.0.0.1 255.255.255.255
!
interface Serial0/0
 ip address 192.168.0.2 255.255.255.252

 

Konfigurasi di CE-B2

interface Loopback0
 ip address 10.0.0.2 255.255.255.255
!
interface Serial0/0
 ip address 192.168.0.6 255.255.255.252

 

Setelah konfigurasi dasar IP dan OSPF selesai kita lanjut dengan menjalankan Label Distribution Protocol (LDP).

Konfigurasi PE1:

mpls ldp router-id Loopback0
!
mpls ip
!
interface FastEthernet0/0
 mpls ip

 

Konfigurasi P:

mpls ldp router-id Loopback0
!
mpls ip
!
interface FastEthernet0/0
 mpls ip
!
interface FastEthernet0/1
 mpls ip

 

Konfigurasi PE2:

mpls ldp router-id Loopback0
!
mpls ip
!
interface FastEthernet0/0
 mpls ip

 

Kita bisa mengecek status neighbor LDP dengan perintah show mpls ldp neighbor.

PE1#sh mpls ldp neighbor
 Peer LDP Ident: 10.10.10.10:0; Local LDP Ident 10.10.10.1:0
 TCP connection: 10.10.10.10.25695 - 10.10.10.1.646
 State: Oper; Msgs sent/rcvd: 8/8; Downstream
 Up time: 00:00:20
 LDP discovery sources:
 FastEthernet0/0, Src IP addr: 192.168.10.2
 Addresses bound to peer LDP Ident:
 192.168.10.2 10.10.10.10 192.168.20.1
P#sh mpls ldp neighbor
 Peer LDP Ident: 10.10.10.1:0; Local LDP Ident 10.10.10.10:0
 TCP connection: 10.10.10.1.646 - 10.10.10.10.25695
 State: Oper; Msgs sent/rcvd: 8/9; Downstream
 Up time: 00:00:54
 LDP discovery sources:
 FastEthernet0/0, Src IP addr: 192.168.10.1
 Addresses bound to peer LDP Ident:
 192.168.10.1 10.10.10.1
 Peer LDP Ident: 10.10.10.2:0; Local LDP Ident 10.10.10.10:0
 TCP connection: 10.10.10.2.646 - 10.10.10.10.25231
 State: Oper; Msgs sent/rcvd: 9/9; Downstream
 Up time: 00:00:54
 LDP discovery sources:
 FastEthernet0/1, Src IP addr: 192.168.20.2
 Addresses bound to peer LDP Ident:
 192.168.20.2 10.10.10.2
PE2#sh mpls ldp neighbor
 Peer LDP Ident: 10.10.10.10:0; Local LDP Ident 10.10.10.2:0
 TCP connection: 10.10.10.10.25231 - 10.10.10.2.646
 State: Oper; Msgs sent/rcvd: 9/9; Downstream
 Up time: 00:01:06
 LDP discovery sources:
 FastEthernet0/0, Src IP addr: 192.168.20.1
 Addresses bound to peer LDP Ident:
 192.168.10.2 10.10.10.10 192.168.20.1

 

Sampai di sini tidak ada penambahan konfigurasi untuk router P. Sekarang mari kita konfigurasi VRF untuk site A dan B.

Di PE1:

ip vrf B1
 rd 65000:2
 route-target export 65000:2
 route-target import 65000:2

 

Di PE2:

ip vrf A2
 rd 65000:1
 route-target export 65000:1
 route-target import 65000:1
!
ip vrf B2
 rd 65000:2
 route-target export 65000:2
 route-target import 65000:2

 

Setelah itu kita konfigurasi BGP dan MP-BGP.

BGP di PE1:

router bgp 65000
 neighbor 10.10.10.2 remote-as 65000
 neighbor 10.10.10.2 update-source Loopback0

 

MP-BGP di PE1:

router bgp 65000
 !
 address-family vpnv4
 neighbor 10.10.10.2 activate
 neighbor 10.10.10.2 send-community extended

 

BGP di PE2:

router bgp 65000
 neighbor 10.10.10.1 remote-as 65000
 neighbor 10.10.10.1 update-source Loopback0

 

MP-BGP di PE1:

router bgp 65000
 !
 address-family vpnv4
 neighbor 10.10.10.1 activate
 neighbor 10.10.10.1 send-community extended

 

Mari kita cek status neighbor untuk BGP dan MP-BGP.

BGP

PE1#sh ip bgp summary
BGP router identifier 10.10.10.1, local AS number 65000
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.10.10.2 4 65000 19 19 1 0 0 00:14:25 0
PE2#sh ip bgp summary
BGP router identifier 10.10.10.2, local AS number 65000
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.10.10.1 4 65000 19 19 1 0 0 00:14:41 0

 

MP-BGP

PE1#sh ip bgp vpnv4 all summary
BGP router identifier 10.10.10.1, local AS number 65000
BGP table version is 9, main routing table version 9
4 network entries using 560 bytes of memory
4 path entries using 272 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 1260 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 15 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.10.10.2 4 65000 20 20 9 0 0 00:15:05 2
PE2#sh ip bgp vpnv4 all summary
BGP router identifier 10.10.10.2, local AS number 65000
BGP table version is 9, main routing table version 9
4 network entries using 560 bytes of memory
4 path entries using 272 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 1260 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 15 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.10.10.1 4 65000 20 20 9 0 0 00:15:33 2

 

Sampai di sini kita sudah siap untuk menambahkan customer A dan B ke dalam MPLS. Pertama kita akan menambahkan customer A dengan menggunakan routing protocol RIP.

Konfigurasi di PE1:

ip vrf A1
 rd 65000:1
 route-target export 65000:1
 route-target import 65000:1
!
interface Serial0/0
 ip vrf forwarding A1
 ip address 192.168.0.1 255.255.255.252
!
router rip
 version 2
 !
 address-family ipv4 vrf A1
 redistribute bgp 65000 metric transparent
 network 192.168.0.0
 no auto-summary
 version 2
!
router bgp 65000
 !
 address-family ipv4 vrf A1
 redistribute rip

 

Konfigurasi di PE2:

ip vrf A2
 rd 65000:1
 route-target export 65000:1
 route-target import 65000:1
!
interface Serial0/0
 ip vrf forwarding A2
 ip address 192.168.0.5 255.255.255.252
!
router rip
 version 2
 !
 address-family ipv4 vrf A2
 redistribute bgp 65000 metric transparent
 network 192.168.0.0
 no auto-summary
 version 2
!
router bgp 65000
 !
 address-family ipv4 vrf A2
 redistribute rip

 

Konfigurasi di CE-A1

router rip
 version 2
 network 0.0.0.0
 no auto-summary

 

Konfigurasi di CE-A2

router rip
 version 2
 network 0.0.0.0
 no auto-summary

 

Mari kita cek tabel routing di CE-A1 dan CE-A2.

CE-A1#sh ip route rip
 10.0.0.0/32 is subnetted, 2 subnets
R 10.0.0.2 [120/2] via 192.168.0.1, 00:00:15, Serial0/0
 192.168.0.0/30 is subnetted, 2 subnets
R 192.168.0.4 [120/1] via 192.168.0.1, 00:00:15, Serial0/0
CE-A1#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/16/24 ms
CE-A2#sh ip route rip
 10.0.0.0/32 is subnetted, 2 subnets
R 10.0.0.1 [120/2] via 192.168.0.5, 00:00:25, Serial0/0
 192.168.0.0/30 is subnetted, 2 subnets
R 192.168.0.0 [120/1] via 192.168.0.5, 00:00:25, Serial0/0
CE-A2#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/11/16 ms

 

Selanjutnya kita akan menambahkan customer B dengan routing protocol EIGRP

Konfigurasi di PE1:

ip vrf B1
 rd 65000:2
 route-target export 65000:2
 route-target import 65000:2
!
interface Serial0/1
 ip vrf forwarding B1
 ip address 192.168.0.1 255.255.255.252
!
router eigrp 65000
 !
 address-family ipv4 vrf B1
 redistribute bgp 65000 metric 1 1 1 1 1
 network 192.168.0.0
 no auto-summary
 autonomous-system 100
!
router bgp 65000
 !
 address-family ipv4 vrf B1
 redistribute eigrp 100

 

Konfigurasi di PE2:

ip vrf B2
 rd 65000:2
 route-target export 65000:2
 route-target import 65000:2
!
interface Serial0/1
 ip vrf forwarding B2
 ip address 192.168.0.1 255.255.255.252
!
router eigrp 65000
 !
 address-family ipv4 vrf B2
 redistribute bgp 65000 metric 1 1 1 1 1
 network 192.168.0.0
 no auto-summary
 autonomous-system 100
!
router bgp 65000
 !
 address-family ipv4 vrf B2
 redistribute eigrp 100

 

Konfigurasi di CE-B1

router eigrp 100
 network 10.0.0.0
 network 192.168.0.0
 no auto-summary

 

Konfigurasi di CE-B2

router eigrp 100
 network 10.0.0.0
 network 192.168.0.0
 no auto-summary

 

Kita cek lagi tabel routing di CE-B1 dan CE-B2.

CE-B1#sh ip route eigrp
 10.0.0.0/32 is subnetted, 2 subnets
D 10.0.0.2 [90/2809856] via 192.168.0.1, 00:06:56, Serial0/0
 192.168.0.0/30 is subnetted, 2 subnets
D 192.168.0.4 [90/2681856] via 192.168.0.1, 00:06:56, Serial0/0
CE-B1#ping 10.0.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/16 ms
CE-B2#sh ip route eigrp
 10.0.0.0/32 is subnetted, 2 subnets
D 10.0.0.1 [90/2809856] via 192.168.0.5, 00:07:38, Serial0/0
 192.168.0.0/30 is subnetted, 2 subnets
D 192.168.0.0 [90/2681856] via 192.168.0.5, 00:07:38, Serial0/0
CE-B2#ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/13/16 ms

 

Sekarang mari kita menambahkan multicast di B1 dan B2. Kita konfigurasi multicast dengan static RP melewati tunnel GRE.

Konfigurasi B1:

ip multicast-routing
!
interface Loopback0
 ip pim sparse-mode
 ip igmp join-group 239.0.0.1
!
interface Tunnel1
 ip address 12.12.12.1 255.255.255.252
 ip pim sparse-mode
 tunnel source Loopback0
 tunnel destination 10.0.0.2
!
ip pim rp-address 10.0.0.1

 

Konfigurasi B2:

ip multicast-routing
!
interface Loopback0
 ip pim sparse-mode
!
interface Tunnel1
 ip address 12.12.12.2 255.255.255.252
 ip pim sparse-mode
 tunnel source Loopback0
 tunnel destination 10.0.0.1
!
ip pim rp-address 10.0.0.1

 

Mari kita ping IP multicast 239.0.0.1 dari B2

CE-B2#ping 239.0.0.1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 239.0.0.1, timeout is 2 seconds:
Reply to request 0 from 12.12.12.1, 16 ms

 

Mari kita lihat juga informasi tentang RP di B2.

CE-B2#sh ip mroute
 IP Multicast Routing Table
 Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
 L - Local, P - Pruned, R - RP-bit set, F - Register flag,
 T - SPT-bit set, J - Join SPT, M - MSDP created entry,
 X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
 U - URD, I - Received Source Specific Host Report,
 Z - Multicast Tunnel, z - MDT-data group sender,
 Y - Joined MDT-data group, y - Sending to MDT-data group
 Outgoing interface flags: H - Hardware switched, A - Assert winner
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode
(*, 239.0.0.1), 00:10:07/stopped, RP 10.0.0.1, flags: SPF
 Incoming interface: Null, RPF nbr 0.0.0.0
 Outgoing interface list: Null
(12.12.12.2, 239.0.0.1), 00:03:36/00:02:26, flags: PFT
 Incoming interface: Tunnel1, RPF nbr 0.0.0.0, Registering
 Outgoing interface list: Null
(*, 224.0.1.40), 00:11:37/00:02:35, RP 10.0.0.1, flags: SJCL
 Incoming interface: Null, RPF nbr 0.0.0.0
 Outgoing interface list:
 Loopback0, Forward/Sparse, 00:11:37/00:02:35
 CE-B2#sh ip pim rp mapping
 PIM Group-to-RP Mappings
Group(s): 224.0.0.0/4, Static
 RP: 10.0.0.1 (?)

CCIE Bootcamp: BGP

Hari ke-5 saya menulis mengenai BGP attributes dan bagaimana mengubah jalur menggunakan atribut ini. Atribut yang akan diubah adalah Weight (Cisco proprietary), Local Preference dan AS-Path. Kita lihat topologi dan konfigurasi berikut.

Konfigurasi R1:

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
!
interface FastEthernet0/1
 ip address 13.13.13.1 255.255.255.0
!
router bgp 1
 network 1.1.1.1 mask 255.255.255.255
 neighbor 12.12.12.2 remote-as 2
 neighbor 13.13.13.3 remote-as 3

 

Konfigurasi R2:

interface FastEthernet0/0
 ip address 12.12.12.2 255.255.255.0
!
interface FastEthernet0/1
 ip address 23.23.23.2 255.255.255.0
!
router bgp 2
 neighbor 12.12.12.1 remote-as 1
 neighbor 23.23.23.3 remote-as 3

 

Konfigurasi R3:

interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface Loopback1
 ip address 10.0.0.1 255.255.255.255
!
interface Loopback2
 ip address 10.0.0.2 255.255.255.255
!
interface Loopback3
 ip address 10.0.0.3 255.255.255.255
!
interface FastEthernet0/0
 ip address 13.13.13.3 255.255.255.0
!
interface FastEthernet0/1
 ip address 23.23.23.3 255.255.255.0
!
router bgp 3
 network 10.0.0.1 mask 255.255.255.255
 network 10.0.0.2 mask 255.255.255.255
 network 10.0.0.3 mask 255.255.255.255
 neighbor 13.13.13.1 remote-as 1
 neighbor 23.23.23.2 remote-as 2

 

Mari kita lihat tabel BGP di R1.

R1#sh ip bgp
BGP table version is 7, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
* 10.0.0.1/32 12.12.12.2 0 2 3 i
*> 13.13.13.3 0 0 3 i
* 10.0.0.2/32 12.12.12.2 0 2 3 i
*> 13.13.13.3 0 0 3 i
* 10.0.0.3/32 12.12.12.2 0 2 3 i
*> 13.13.13.3 0 0 3 i

 

Jalur ke loopback R3 akan langsung lewat R3, kita akan mengubah ke R2 terlebih dahulu.
 

1. Weight
Nilai awal Weight adalah 0, BGP akan memilih jalur yang memiliki nilai yang lebih tinggi. Weight ini hanya berlaku untuk router itu sendiri. Kita akan membuat jalur ke 10.0.0.1 melewati R2.

R1(config)#access-list 1 permit 10.0.0.1
R1(config)#route-map PATH-SELECT permit 10
R1(config-route-map)#match ip address 1
R1(config-route-map)#set weight 100

 

Route-map ini akan dipasang di BGP neighbor R2 ke arah masuk (in). Path menuju 10.10.10.1 datang dari R2 dan R3 menuju R1, supaya R1 lebih memilih jalur R2 maka harus diubah atributnya dari arah R2 ke R1 di R1.

R1(config)#router bgp 1
R1(config-router)#neighbor 12.12.12.2 route-map PATH-SELECT in
R1(config-router)#end
R1#clear ip bgp * soft

 

Perintah clear ip bgp * soft adalah untuk soft reload koneksi BGP ke semua neighbor, mari kita lihat tabel BGP-nya.

R1#sh ip bgp
BGP table version is 8, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 10.0.0.1/32 12.12.12.2 100 2 3 i
* 13.13.13.3 0 0 3 i
*> 10.0.0.2/32 13.13.13.3 0 0 3 i
*> 10.0.0.3/32 13.13.13.3 0 0 3 i

 

Ok jalur ke 10.0.0.1 sudah melalui R2 tapi coba lihat jalur selain 10.0.0.1 tidak ada lagi yang lewat R2. Ini terjadi karena pada dasarnya route-map mempunyai implicit deny, yaitu pada akhir sequence semua akan di-deny. Sekarang mari kita tambahkan permit di akhir route-map.

R1(config)#route-map PATH-SELECT permit 100
R1(config-route-map)#do clear ip bgp * soft
R1(config-route-map)#do sh ip bgp
BGP table version is 8, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 10.0.0.1/32 12.12.12.2 100 2 3 i
* 13.13.13.3 0 0 3 i
* 10.0.0.2/32 12.12.12.2 0 2 3 i
*> 13.13.13.3 0 0 3 i
* 10.0.0.3/32 12.12.12.2 0 2 3 i
*> 13.13.13.3 0 0 3 i

 

Sekarang sudah ok semua.

2. Local Preference
Nilai awal Local Preference adalah 100, BGP akan memilih jalur yang memiliki nilai yang lebih tinggi. Local Preference ini hanya berlaku untuk AS itu sendiri. Kita akan membuat jalur ke 10.10.10.2 melewati R2.

R1(config)#route-map PATH-SELECT permit 20
R1(config-route-map)#match ip address 2
R1(config-route-map)#set local-preference 200
R1(config-route-map)#do clear ip bgp * soft
R1(config-route-map)#do sh ip bgp
BGP table version is 9, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 10.0.0.1/32 12.12.12.2 100 2 3 i
* 13.13.13.3 0 0 3 i
*> 10.0.0.2/32 12.12.12.2 200 0 2 3 i
* 13.13.13.3 0 0 3 i
* 10.0.0.3/32 12.12.12.2 0 2 3 i
*> 13.13.13.3 0 0 3 i

 

Ok, jalur ke 10.10.10.2 sudah lewat R2. Kita tidak perlu menambahkan route-map ke neighbor di BGP karena kita memakai route-map yang sama.

 

3. AS-Path
BGP akan memilih AS-path yang lebih pendek. Kita bisa mengubah AS-path dari R3 menjadi lebih panjang sehingga BGP lebih memilih R2. Pengubahan AS-path ini dilakukan di R3 ke arah R1 dengan route-map ke arah luar (out).

R3(config)#access-list 3 permit 10.0.0.3
R3(config)#route-map PATH-SELECT permit 30
R3(config-route-map)#match ip address 3
R3(config-route-map)#set as-path prepend 3 3 3
R3(config-route-map)#route-map PATH-SELECT permit 100
R3(config-route-map)#router bgp 3
R3(config-router)#nei 13.13.13.1 route-map PATH-SELECT out
R3(config-router)#do clear ip bgp * soft
R1#sh ip bgp
BGP table version is 10, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 10.0.0.1/32 12.12.12.2 100 2 3 i
* 13.13.13.3 0 0 3 i
*> 10.0.0.2/32 12.12.12.2 200 0 2 3 i
* 13.13.13.3 0 0 3 i
*> 10.0.0.3/32 12.12.12.2 0 2 3 i
* 13.13.13.3 0 0 3 3 3 3 i

 

Jalur ke 10.0.0.3 lewat R3 akan melewati 4 AS sedangkan melewati R2 hanya 2 AS, BGP akan memilih jalur lewat R2.

CCIE Bootcamp: OSPF dan IPv6

Hari ke-3 dibahas tentang OSPF dan IPv6, untuk materi ini akan saya gabungkan menjadi satu topologi. Saya akan menjalankan OSPF dengan IPv4 dan IPv6 pada topologi hub and spoke di frame relay. IPv4 akan menggunakan tipe broadcast sedangkan IPv6 akan menggunakan tipe non-broadcast.

Konfigurasi Frame Relay Switch sama dengan yang digunakan pada lab RIP di tulisan sebelumnya.

 

OSPF dengan IPv4

Konfigurasi R1:

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0
 ip address 123.123.123.1 255.255.255.0
 encapsulation frame-relay
!
router ospf 1
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 0

 

Konfigurasi R2:

interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface Serial0/0
 ip address 123.123.123.2 255.255.255.0
 encapsulation frame-relay
!
router ospf 1
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 0

 

Konfigurasi R3:

interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface Serial0/0
 ip address 123.123.123.3 255.255.255.0
 encapsulation frame-relay
!
router ospf 1
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 0

 

Dengan konfigurasi awal ini mari kita lihat proses OSPF-nya apakah sudah ada koneksi dengan neighbor.

R1#sh ip ospf neighbor
R1#

 

Ternyata belum ada neighbor, mari kita lihat konfigurasi OSPF untuk interface s0/0.

R1#sh ip ospf interface s0/0
Serial0/0 is up, line protocol is up
 Internet Address 123.123.123.1/24, Area 0
 Process ID 1, Router ID 1.1.1.1, Network Type NON_BROADCAST, Cost: 64
 Transmit Delay is 1 sec, State DR, Priority 1
 Designated Router (ID) 1.1.1.1, Interface address 123.123.123.1
 No backup designated router on this network

 

Tipe network-nya ternyata non-broadcast, OSPF menggunakan multicast untuk mencari neighbor untuk ini kita harus mengubah tipe network menjadi broadcast di masing-masing router.

R1(config)#int s0/0
R1(config-if)#ip ospf network broadcast
R2(config)#int s0/0
R2(config-if)#ip ospf network broadcast
R3(config)#int s0/0
R3(config-if)#ip ospf network broadcast

 

Tunggu sampai muncul notifikasi neighbor.

R1(config-if)#
*Mar 1 01:35:36.203: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/0 from LOADING to FULL, Loading Done
*Mar 1 01:35:38.451: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/0 from LOADING to FULL, Loading Done

 

Sekarang mari kita cek lagi status neighbor.

R1#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/DROTHER 00:00:32 123.123.123.2 Serial0/0
3.3.3.3 1 FULL/DR 00:00:39 123.123.123.3 Serial0/0

 

Dari informasi di atas kita melihat bahwa R3 menjadi DR untuk area 0. Pada topologi hub and spoke, DR harus dimiliki oleh hub yaitu R1. Kita bisa mengubah DR menggunakan perintah ip ospf priority, dimana 255 adalah prioritas paling tinggi dan 0 berarti router tidak akan ikut serta pada pemilihan DR/BDR.

R1(config)#int s0/0
R1(config-if)#ip ospf priority 255
R2(config)#int s0/0
R2(config-if)#ip ospf priority 0
R3(config)#int s0/0
R3(config-if)#ip ospf priority 0

 

Kita cek lagi status neighbor-nya.

R1#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/DROTHER 00:00:36 123.123.123.2 Serial0/0
3.3.3.3 0 FULL/DROTHER 00:00:35 123.123.123.3 Serial0/0
R2#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 255 FULL/DR 00:00:30 123.123.123.1 Serial0/0
R3#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
1.1.1.1 255 FULL/DR 00:00:34 123.123.123.1 Serial0/0

 

Sepertinya semua sudah ok, mari kita cek route-nya.

R1#sh ip route
 1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
 2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/65] via 123.123.123.2, 00:02:15, Serial0/0
 3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/65] via 123.123.123.3, 00:05:46, Serial0/0
 123.0.0.0/24 is subnetted, 1 subnets
C 123.123.123.0 is directly connected, Serial0/0
R2#sh ip route
 1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 123.123.123.1, 00:02:13, Serial0/0
 2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
 3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/65] via 123.123.123.3, 00:02:13, Serial0/0
 123.0.0.0/24 is subnetted, 1 subnets
C 123.123.123.0 is directly connected, Serial0/0
R3#sh ip route
 1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/65] via 123.123.123.1, 00:05:37, Serial0/0
 2.0.0.0/32 is subnetted, 1 subnets
O 2.2.2.2 [110/65] via 123.123.123.2, 00:02:01, Serial0/0
 3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
 123.0.0.0/24 is subnetted, 1 subnets
C 123.123.123.0 is directly connected, Serial0/0

 

Sepertinya ok juga, mari kita ping tiap loopback dari masing-masing router.

R1#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/9/20 ms
R1#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms
R2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
R2#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R3#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/12 ms
R3#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

 

Kalau kita lihat informasi route di R2, next hop untuk 3.3.3.3 adalah 123.123.123.3, kita cek pemetaan dari frame relay.

R2#sh frame-relay map
Serial0/0 (up): ip 123.123.123.1 dlci 201(0xC9,0x3090), dynamic,
 broadcast,, status defined, active
R2#ping 123.123.123.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 123.123.123.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R3#sh frame-relay map
Serial0/0 (up): ip 123.123.123.1 dlci 301(0x12D,0x48D0), dynamic,
 broadcast,, status defined, active
R3#ping 123.123.123.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 123.123.123.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

 

Hanya IP serial R1 yang dikenali oleh R2 dan R3 sehingga kita harus tambahkan frame relay map antara R2 dan R3.

R2(config)#int s0/0
R2(config-if)#frame-relay map ip 123.123.123.3 201
R3(config)#int s0/0
R3(config-if)#frame-relay map ip 123.123.123.2 301

 

Sekarang mari kita ping kembali.

R2#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
R3#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms

 

OSPF dengan IPv6

Sekarang kita akan menambahkan IPv6 ke topologi sebelumnya dan tidak perlu menghapus konfigurasi IPv4. Implementasi ini biasa disebut Dual-Stack IPv4 dan IPv6 untuk transisi dari IPv4 ke IPv6.

Konfigurasi R1:

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 1::1/128
 ipv6 ospf 1 area 0
!
interface Serial0/0
 ipv6 address FE80::1 link-local
 ipv6 address 123::1/64
 ipv6 ospf network broadcast
 ipv6 ospf priority 255
 ipv6 ospf 1 area 0
!
ipv6 router ospf 1
 router-id 1.1.1.1

 

Konfigurasi R2:

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 2::2/128
 ipv6 ospf 1 area 0
!
interface Serial0/0
 ipv6 address FE80::2 link-local
 ipv6 address 123::2/64
 ipv6 ospf network broadcast
 ipv6 ospf priority 255
 ipv6 ospf 1 area 0
!
ipv6 router ospf 1
 router-id 2.2.2.2

 

Konfigurasi R3:

ipv6 unicast-routing
!
interface Loopback0
 ipv6 address 3::3/128
 ipv6 ospf 1 area 0
!
interface Serial0/0
 ipv6 address FE80::3 link-local
 ipv6 address 123::3/64
 ipv6 ospf network broadcast
 ipv6 ospf priority 255
 ipv6 ospf 1 area 0
!
ipv6 router ospf 1
 router-id 3.3.3.3

 

Kalau kita lihat di atas ada dua IPv6 yang dikonfigurasi yaitu alamat link-local dan global unicast. Frame relay dan OSPF menggunakan link-local untuk berkomunikasi antar router. Pada topologi di atas alamat link-local tidak dapat digunakan untuk berkomunikasi dengan loopback, karena loopback menggunakan alamat global unicast maka diperlukan alamat global unicast untuk saling berkomunikasi. Kita lihat konfigurasi OSPF di interface s0/0.

R1#sh ipv6 ospf int s0/0
Serial0/0 is up, line protocol is up
 Link Local Address FE80::1, Interface ID 6
 Area 0, Process ID 1, Instance ID 0, Router ID 1.1.1.1
 Network Type BROADCAST, Cost: 64
 Transmit Delay is 1 sec, State DR, Priority 255
 Designated Router (ID) 1.1.1.1, local address FE80::1

 

Kita lihat status neighbor.

R1#sh ipv6 ospf neighbor
R1#

 

Ternyata belum ada neighbor, di sini kita harus menambahkan frame relay map untuk alamat link-local dan global unicast.

Di R1

interface Serial0/0
 frame-relay map ipv6 FE80::2 102 broadcast
 frame-relay map ipv6 123::2 102
 frame-relay map ipv6 FE80::3 103 broadcast
 frame-relay map ipv6 123::3 103

 

Di R2

interface Serial0/0
 frame-relay map ipv6 FE80::1 201 broadcast
 frame-relay map ipv6 123::1 201
 frame-relay map ipv6 FE80::3 201
 frame-relay map ipv6 123::3 201

 

Di R3

interface Serial0/0
 frame-relay map ipv6 FE80::1 301 broadcast
 frame-relay map ipv6 123::1 301
 frame-relay map ipv6 FE80::2 301
 frame-relay map ipv6 123::2 301

 

Sekarang kita cek lagi status neighbor-nya.

R1#sh ipv6 ospf neighbor
Neighbor ID Pri State Dead Time Interface ID Interface
3.3.3.3 255 FULL/DR 00:00:34 6 Serial0/0
2.2.2.2 255 FULL/DROTHER 00:00:38 6 Serial0/0

 

Ternyata R1 belum menjadi DR, kita tambahkan kembali ipv6 ospf priority.

R1(config)#int s0/0
R1(config-if)# ipv6 ospf priority 255
R2(config-if)#int s0/0
R2(config-if)#ipv6 ospf priority 0
R3(config-if)#int s0/0
R3(config-if)#ipv6 ospf priority 0

 

Lalu kita cek hasilnya.

R1#sh ipv6 ospf neighbor
Neighbor ID Pri State Dead Time Interface ID Interface
3.3.3.3 0 FULL/DROTHER 00:00:31 6 Serial0/0
2.2.2.2 0 FULL/DROTHER 00:00:33 6 Serial0/0
R2#sh ipv6 ospf neighbor
Neighbor ID Pri State Dead Time Interface ID Interface
1.1.1.1 255 FULL/DR 00:00:37 6 Serial0/0
R3#sh ipv6 ospf neighbor
Neighbor ID Pri State Dead Time Interface ID Interface
1.1.1.1 255 FULL/DR 00:00:32 6 Serial0/0

 

Sekarang mari kita ping.

R1#ping 2::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms
R1#ping 3::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms
R2#ping 1::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/2/4 ms
R2#ping 3::3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3::3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/3/4 ms
R3#ping 1::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms
R3#ping 2::2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

 

Sekarang kita punya topologi yang menjalankan IPv4 dan IPv6 secara bersamaan.

CCIE Bootcamp: RIP dan EIGRP

Hari ke-2 dibahas tentang RIP dan EIGRP, untuk tulisan blog kali ini saya hanya ambil dua kasus masing-masing satu untuk RIP dan EIGRP.

RIP: Split Horizon
Split horizon adalah suatu metoda untuk menghindari routing loops, mekanismenya dengan menolak mengirim route kembali melalui interface tempat route tersebut diterima. Contohnya apabila route 10.0.0.0/8 diterima melalui interface Fa0/0 maka split horizon tidak akan mengirim kembali route 10.0.0.0/8 tersebut melalui interface Fa0/0

Pada hub and spoke dengan routing RIP, split horizon akan menjadi masalah karena informasi route dari satu spoke tidak akan diteruskan ke spoke yang lain. Solusi untuk mengatasi ini ada dua, yaitu: disable split horizon dan konfigurasi hub sebagai point to point. Kita lihat pada gambar, R1 berfungsi sebagai hub, R2 dan R3 sebagai spoke.

Solusi 1: Disable Split Horizon

Konfigurasi FRSW:

frame-relay switching
!
interface Serial0/0
 description "To R2"
 no ip address
 encapsulation frame-relay
 clock rate 2000000
 frame-relay intf-type dce
 frame-relay route 201 interface Serial0/2 102
!
interface Serial0/1
 description "To R3"
 no ip address
 encapsulation frame-relay
 clock rate 2000000
 frame-relay intf-type dce
 frame-relay route 301 interface Serial0/2 103
!
interface Serial0/2
 description "To R1"
 no ip address
 encapsulation frame-relay
 clock rate 2000000
 frame-relay intf-type dce
 frame-relay route 102 interface Serial0/0 201
 frame-relay route 103 interface Serial0/1 301

 

Konfigurasi R1:

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0
 no ip address
 encapsulation frame-relay
!
interface Serial0/0.123 multipoint
 ip address 123.123.123.1 255.255.255.0
 frame-relay map ip 123.123.123.3 103 broadcast
 frame-relay map ip 123.123.123.2 102 broadcast
!
router rip
 version 2
 network 0.0.0.0
 no auto-summary

 

Konfigurasi R2:

interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface Serial0/0
 ip address 123.123.123.2 255.255.255.0
 encapsulation frame-relay
 frame-relay map ip 123.123.123.3 201
 frame-relay map ip 123.123.123.1 201 broadcast
!
router rip
 version 2
 network 0.0.0.0
 no auto-summary

 

Konfigurasi R3:

interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface Serial0/0
 ip address 123.123.123.3 255.255.255.0
 encapsulation frame-relay
 frame-relay map ip 123.123.123.2 301
 frame-relay map ip 123.123.123.1 301 broadcast
!
router rip
 version 2
 network 0.0.0.0
 no auto-summary

 

Mari kita cek melalui perintah sh ip route rip.

R1#sh ip route rip
     1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R       1.0.0.0/8 [120/2] via 123.123.123.3, 00:02:05, Serial0/0.123
                  [120/2] via 123.123.123.2, 00:01:52, Serial0/0.123
     2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R       2.2.2.2/32 [120/1] via 123.123.123.2, 00:00:24, Serial0/0.123
R       2.0.0.0/8 [120/1] via 123.123.123.2, 00:01:52, Serial0/0.123
     3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
R       3.3.3.3/32 [120/1] via 123.123.123.3, 00:00:10, Serial0/0.123
R       3.0.0.0/8 [120/1] via 123.123.123.3, 00:02:05, Serial0/0.123

 

Sepertinya tidak ada masalah pada R1, semua route interface loopback diterima. Selanjutnya kita cek pada R2 dan R3.

R2#sh ip route rip
     1.0.0.0/32 is subnetted, 1 subnets
R       1.1.1.1 [120/1] via 123.123.123.1, 00:00:08, Serial0/0
R3#sh ip route rip
     1.0.0.0/32 is subnetted, 1 subnets
R       1.1.1.1 [120/1] via 123.123.123.1, 00:00:06, Serial0/0

 

Kita lihat di sini R2 dan R3 tidak menerima route dari masing-masing interface loopback. Sekarang mari kita disable split horizon di interface multipoint di R1.

R1(config)#int s0/0.123
R1(config-subif)#no ip split-horizon

 

Tunggu sebentar dan cek lagi informasi route di R2 dan R3

R2#sh ip route rip
     1.0.0.0/32 is subnetted, 1 subnets
R       1.1.1.1 [120/1] via 123.123.123.1, 00:00:03, Serial0/0
     3.0.0.0/32 is subnetted, 1 subnets
R       3.3.3.3 [120/2] via 123.123.123.3, 00:00:03, Serial0/0

R3#sh ip route rip
     1.0.0.0/32 is subnetted, 1 subnets
R       1.1.1.1 [120/1] via 123.123.123.1, 00:00:01, Serial0/0
     2.0.0.0/32 is subnetted, 1 subnets
R       2.2.2.2 [120/2] via 123.123.123.2, 00:00:01, Serial0/0

 

Lalu ping.

R2#ping 3.3.3.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/8 ms

 

Solusi 2: Konfigurasi Hub Sebagai Point to Point

Di sini kita akan mengubah interface multipoint di R1 menjadi point to point. Solusi ini membutuhkan pengubahan alamat IP di semua router.

Konfigurasi R1:

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Serial0/0
 no ip address
 encapsulation frame-relay
!
interface Serial0/0.2 point-to-point
 ip address 12.12.12.1 255.255.255.0
 frame-relay interface-dlci 102
!
interface Serial0/0.3 point-to-point
 ip address 13.13.13.1 255.255.255.0
 frame-relay interface-dlci 103
!
router rip
 version 2
 network 0.0.0.0
 no auto-summary

 

Konfigurasi R2:

interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface Serial0/0
 ip address 12.12.12.2 255.255.255.0
 encapsulation frame-relay
!
router rip
 version 2
 network 0.0.0.0
 no auto-summary

 

Konfigurasi R3:

interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface Serial0/0
 ip address 13.13.13.3 255.255.255.0
 encapsulation frame-relay
!
router rip
 version 2
 network 0.0.0.0
 no auto-summary

 

Mari kita cek.

R1#sh ip route rip
 2.0.0.0/32 is subnetted, 1 subnets
R 2.2.2.2 [120/1] via 12.12.12.2, 00:00:16, Serial0/0.2
 3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 13.13.13.3, 00:00:06, Serial0/0.3
R2#sh ip route rip
 1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 12.12.12.1, 00:00:03, Serial0/0
 3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/2] via 12.12.12.1, 00:00:03, Serial0/0
 13.0.0.0/24 is subnetted, 1 subnets
R 13.13.13.0 [120/1] via 12.12.12.1, 00:00:03, Serial0/0
R3#sh ip route rip
 1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 13.13.13.1, 00:00:24, Serial0/0
 2.0.0.0/32 is subnetted, 1 subnets
R 2.2.2.2 [120/2] via 13.13.13.1, 00:00:24, Serial0/0
 12.0.0.0/24 is subnetted, 1 subnets
R 12.12.12.0 [120/1] via 13.13.13.1, 00:00:24, Serial0/0

 

Dan ping.

R2#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/8 ms

 

EIGRP: Unequal Cost Load Balancing

Load balancing adalah kemampuan untuk mendistribusikan trafik melalui interface yang mempunyai suatu nilai yang sama ke tujuan. Di EIGRP nilai ini dapat diubah dengan mengubah parameter bandwidth dan delay. Mari kita lihat topologi dan konfigurasi berikut.

Konfigurasi R1

interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 12.12.12.1 255.255.255.0
!
interface FastEthernet0/1
 ip address 13.13.13.1 255.255.255.0
!
router eigrp 10
 network 1.1.1.1 0.0.0.0
 network 12.12.12.1 0.0.0.0
 network 13.13.13.1 0.0.0.0
 no auto-summary

 

Konfigurasi R2

int Loopback0
 ip add 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 12.12.12.2 255.255.255.0
!
interface FastEthernet0/1
 ip address 24.24.24.2 255.255.255.0
!
router eigrp 10
 net 12.12.12.2 0.0.0.0
 net 2.2.2.2 0.0.0.0
 net 24.24.24.2 0.0.0.0
 no auto-summary

 

Konfigurasi R3

interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
 ip address 13.13.13.3 255.255.255.0
!
interface FastEthernet0/1
 ip address 34.34.34.3 255.255.255.0
!
router eigrp 10
 network 3.3.3.3 0.0.0.0
 network 13.13.13.3 0.0.0.0
 network 34.34.34.3 0.0.0.0
 no auto-summary

 

Konfigurasi R4

interface Loopback0
 ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
 ip address 24.24.24.4 255.255.255.0
!
interface FastEthernet0/1
 ip address 34.34.34.4 255.255.255.0
!
router eigrp 10
 network 4.4.4.4 0.0.0.0
 network 24.24.24.4 0.0.0.0
 network 34.34.34.4 0.0.0.0
 no auto-summary

 

Apabila tidak ada perubahan apapun maka dari R1 menuju ke loopback R4 akan mempunyai dua jalur melalui R2 dan R3

R1#sh ip route eigrp
 34.0.0.0/24 is subnetted, 1 subnets
D 34.34.34.0 [90/307200] via 13.13.13.3, 00:00:22, FastEthernet0/1
 2.0.0.0/32 is subnetted, 1 subnets
D 2.2.2.2 [90/409600] via 12.12.12.2, 00:00:15, FastEthernet0/0
 3.0.0.0/32 is subnetted, 1 subnets
D 3.3.3.3 [90/409600] via 13.13.13.3, 00:00:14, FastEthernet0/1
 4.0.0.0/32 is subnetted, 1 subnets
D 4.4.4.4 [90/435200] via 13.13.13.3, 00:00:13, FastEthernet0/1
 [90/435200] via 12.12.12.2, 00:00:13, FastEthernet0/0
 24.0.0.0/24 is subnetted, 1 subnets
D 24.24.24.0 [90/307200] via 12.12.12.2, 00:00:13, FastEthernet0/0
R1#sh ip route 4.4.4.4
Routing entry for 4.4.4.4/32
 Known via "eigrp 10", distance 90, metric 435200, type internal
 Redistributing via eigrp 10
 Last update from 12.12.12.2 on FastEthernet0/0, 00:03:57 ago
 Routing Descriptor Blocks:
 * 13.13.13.3, from 13.13.13.3, 00:03:57 ago, via FastEthernet0/1
 Route metric is 435200, traffic share count is 1
 Total delay is 7000 microseconds, minimum bandwidth is 10000 Kbit
 Reliability 255/255, minimum MTU 1500 bytes
 Loading 1/255, Hops 2
 12.12.12.2, from 12.12.12.2, 00:03:57 ago, via FastEthernet0/0
 Route metric is 435200, traffic share count is 1
 Total delay is 7000 microseconds, minimum bandwidth is 10000 Kbit
 Reliability 255/255, minimum MTU 1500 bytes
 Loading 1/255, Hops 2

 

Dalam hal ini yang terjadi adalah equal cost load balancing. Sekarang kita akan membagi trafik ke R4 dengan perbandingan 2:1, untuk setiap 2 paket dari R1 melewati R2 maka ada satu paket dari R1 melewati R3. Parameter yang akan kita ubah adalah bandwidth (K1) dan delay (K3) dengan nilai K lain adalah 0.

Bandwidth = 10^7 / minimum Bw kbps
Delay = delay in tens of microseconds
Metric = 256 x (Bandwidth + Delay)

Kalau kita membutuhkan perbandingan 2:1, maka kita harus mempunyai metric menuju R3 dua kali lebih besar yaitu 870400. Dengan rumus di atas maka akan kita dapatkan minimum Bw = 3703, silakan hitung sendiri darimana dapatnya 😀 Nilai ini kita masukan di interface Fa0/1 dengan perintah bandwidth.

R1(config)#int f0/1
 R1(config-if)#bandwidth 3703
 R1(config-if)#end

 

Kita hapus tabel routing

R1#clear ip route *

 

Lalu kita lihat nilai metric menuju R4

R1#sh ip eigrp topology 4.4.4.4/32
IP-EIGRP (AS 10): Topology entry for 4.4.4.4/32
 State is Passive, Query origin flag is 1, 1 Successor(s), FD is 435200
 Routing Descriptor Blocks:
 12.12.12.2 (FastEthernet0/0), from 12.12.12.2, Send flag is 0x0
 Composite metric is (435200/409600), Route is Internal
 Vector metric:
 Minimum bandwidth is 10000 Kbit
 Total delay is 7000 microseconds
 Reliability is 255/255
 Load is 1/255
 Minimum MTU is 1500
 Hop count is 2
 13.13.13.3 (FastEthernet0/1), from 13.13.13.3, Send flag is 0x0
 Composite metric is (870400/409600), Route is Internal
 Vector metric:
 Minimum bandwidth is 3703 Kbit
 Total delay is 7000 microseconds
 Reliability is 255/255
 Load is 1/255
 Minimum MTU is 1500
 Hop count is 2

 

Sekarang kita tambahkan perintah variance di EIGRP dengan nilai 2 (untuk perbandingan 2:1)

R1(config)#router eigrp 10
R1(config-router)#var
R1(config-router)#variance 2

 

Mari kita lihat lagi tabel routing untuk 4.4.4.4

R1#sh ip route 4.4.4.4
Routing entry for 4.4.4.4/32
 Known via "eigrp 10", distance 90, metric 435200, type internal
 Redistributing via eigrp 10
 Last update from 13.13.13.3 on FastEthernet0/1, 00:02:26 ago
 Routing Descriptor Blocks:
 13.13.13.3, from 13.13.13.3, 00:02:26 ago, via FastEthernet0/1
 Route metric is 870400, traffic share count is 1
 Total delay is 7000 microseconds, minimum bandwidth is 3703 Kbit
 Reliability 255/255, minimum MTU 1500 bytes
 Loading 1/255, Hops 2
 * 12.12.12.2, from 12.12.12.2, 00:02:26 ago, via FastEthernet0/0
 Route metric is 435200, traffic share count is 2
 Total delay is 7000 microseconds, minimum bandwidth is 10000 Kbit
 Reliability 255/255, minimum MTU 1500 bytes
 Loading 1/255, Hops 2

 

Di sini kita lihat sekarang trafik terbagi menjadi 2:1 untuk R2:R3.

CCIE Bootcamp: Frame Relay

Tulisan ini merupakan rangkaian blog dari CCIE Bootcamp 9 hari yang diadakan oleh ID Networkers (bukan iklan loh!). Tulisan ini merupakan ringkasan dari materi yang penulis dapatkan pada hari sebelumnya dan untuk hari pertama membahas tentang Frame Relay.

Frame Relay adalah teknologi untuk menghubungkan perangkat dalam wide area network (WAN) menggunakan metode packet switching dan bekerja di physical dan data link layer pada OSI layers. Sebelum Frame Relay dapat mengirimkan paket data, Frame Relay membutuhkan informasi yang memetakan antara alamat data link layer (L2) dan network layer (L3). Ada dua metoda untuk pemetaan ini yaitu pemetaan secara dinamis maupun statis (dynamic and static mapping). Pemetaan secara dinamis bergantung pada Frame Relay Inverse Address Resolution Protocol (Inverse ARP) untuk menentukan alamat tujuan berdasarkan DLCI.

Untuk menghubungkan dua router menggunakan Frame Relay kita dapat menggunakan Frame Relay Switch, walaupun kita dapat menggunakan koneksi back to back tapi untuk kasus ini kita akan menggunakan Frame Relay Switch.

Frame Relay Topology

Konfigurasi Frame Relay Switch:

frame-relay switching
!
interface Serial0/0
 no ip address
 encapsulation frame-relay
 clock rate 2000000
 frame-relay intf-type dce
 frame-relay route 102 interface Serial0/1 201
!
interface Serial0/1
 no ip address
 encapsulation frame-relay
 clock rate 2000000
 frame-relay intf-type dce
 frame-relay route 201 interface Serial0/0 102

 

Dynamic Mapping
Dengan pemetaan dinamis kita cukup memberikan alamat IP dan set enkapsulasi interface sebagai Frame Relay.

Konfigurasi R1:

interface Serial0/0
 ip address 12.12.12.1 255.255.255.0
 encapsulation frame-relay

 

Static Mapping
Pemetaan dengan Inverse ARP akan di-override oleh pemetaan statis.

Konfigurasi R2:

interface Serial0/0
 ip address 12.12.12.2 255.255.255.0
 encapsulation frame-relay
 frame-relay map ip 12.12.12.1 201 broadcast

 

Parameter broadcast di atas berguna untuk melewatkan paket multicast yang digunakan oleh routing protocol.

 

Frame Relay pada Sub Interface
Selain pada interface utama, Frame Relay juga dapat digunakan pada sub interface.

Konfigurasi Frame Relay pada sub interface:

Dynamic Mapping (R1)

interface Serial0/0
 no ip address
 encapsulation frame-relay
!
interface Serial0/0.1 multipoint
 ip address 12.12.12.1 255.255.255.0
 frame-relay interface-dlci 102

 

Static Mapping (R2)

interface Serial0/0
 no ip address
 encapsulation frame-relay
!
interface Serial0/0.1 multipoint
 ip address 12.12.12.2 255.255.255.0
 frame-relay map ip 12.12.12.1 201 broadcast

 

Kita dapat menggunakan kombinasi pemetaan dinamis dan statis untuk tiap router.
Pada sub interface ada dua mode yang dapat digunakan, dengan mode multipoint dan point to point.

Catatan: Dengan mode point to point kita tidak dapat menggunakan static mapping.

R1(config-subif)#frame-relay map ip 12.12.12.2 102 broadcast
 Only frame-relay interface-dlci command should beused on point-to-point interfaces not frame-relay map

 

Tips: Kita tidak dapat mengubah secara langsung dari mode multipoint ke point to point, untuk ini kita bisa menggunakan perintah default. Jangan lupa untuk mencatat konfigurasi sebelumnya!

R1(config)#int s0/0.1 point-to-point
% Warning: cannot change link type

R1(config)#default interface s0/0
Building configuration...
Interface Serial0/0 set to default configuration

 

Konfigurasi Frame Relay pada sub interface dengan mode point to point di R1:

interface Serial0/0
 no ip address
 encapsulation frame-relay
!
interface Serial0/0.1 point-to-point
 ip address 12.12.12.1 255.255.255.0
 frame-relay interface-dlci 102

 

Verifikasi
Untuk memastikan kalau Frame Relay sudah berjalan kita bisa menggunakan perintah show frame-relay map atau show frame-relay pvc.

R1#sh frame-relay map
Serial0/0 (up): ip 12.12.12.2 dlci 102(0x66,0x1860), dynamic,
 broadcast,, status defined, active

R1#sh frame-relay pvc
PVC Statistics for interface Serial0/0 (Frame Relay DTE)
Active Inactive Deleted Static
 Local 1 0 0 0
 Switched 0 0 0 0
 Unused 0 0 0 0
DLCI = 102, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0
input pkts 1 output pkts 1 in bytes 34
 out bytes 34 dropped pkts 0 in pkts dropped 0
 out pkts dropped 0 out bytes dropped 0
 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0
 out BECN pkts 0 in DE pkts 0 out DE pkts 0
 out bcast pkts 1 out bcast bytes 34
 5 minute input rate 0 bits/sec, 0 packets/sec
 5 minute output rate 0 bits/sec, 0 packets/sec
 pvc create time 00:00:57, last time pvc status changed 00:00:47

 

Dan tentu saja ping 😀

R1#ping 12.12.12.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.12.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/6/16 ms