Lompat ke konten Lompat ke sidebar Lompat ke footer
Beranda / Cisco | Inter-AS MPLS VPN

Cisco | Inter-AS MPLS VPN

Oleh Hasugian Posting Komentar

Kondisi diatas terjadi bila customer yg sama namun terkoneksi ke ISP yang berbeda ingin bisa saling komunikasi satu sam yg lain. R1 dan R3 milki ISP-A, R2 dan R4 milik ISP-B. 

Tahap 1: Konifgurasi MPLS VPN dimasing-masing router KISP
VRF customer menggunakan ip loopback dimasing-masing router.

Konfigurasi Router ISP-A-R1

ISP-A-R1(config)#mpls ip
ISP-A-R1(config)#ip vrf IMC-1
ISP-A-R1(config-vrf)#rd 1:1
ISP-A-R1(config-vrf)#route-target 1:1
ISP-A-R1(config-vrf)#exi

 ISP-A-R1(config)#interface lo100
ISP-A-R1(config-if)#ip vrf forwarding IMC-1
ISP-A-R1(config-if)#ip address 100.100.100.1 255.255.255.255
ISP-A-R1(config-if)#exi

 ISP-A-R1(config)#interface fa0/0
ISP-A-R1(config-if)#ip address 13.13.13.1 255.255.255.0
ISP-A-R1(config-if)#mpls ip
ISP-A-R1(config-if)#no shu
ISP-A-R1(config-if)#exi

 ISP-A-R1(config)#interface lo0
ISP-A-R1(config-if)#ip address 1.1.1.1 255.255.255.255
ISP-A-R1(config-if)#exi

 ISP-A-R1(config)#router ospf 1
ISP-A-R1(config-router)#net 13.13.13.1 0.0.0.0 area 0
ISP-A-R1(config-router)#net 1.1.1.1 0.0.0.0 area 0
ISP-A-R1(config-router)#exi

 ISP-A-R1(config)#router bgp 13
ISP-A-R1(config-router)#neighbor 3.3.3.3 remot 13
ISP-A-R1(config-router)#neighbor 3.3.3.3 update-source lo0

 ISP-A-R1(config-router)#address-family vpnv4
ISP-A-R1(config-router-af)#neighbor 3.3.3.3 activate
ISP-A-R1(config-router-af)#exi

 ISP-A-R1(config-router)#address-family ipv4 vrf IMC-1
ISP-A-R1(config-router-af)#redistribute connected
ISP-A-R1(config-router-af)#

Konfigurasi Router ISP-A-R3

ISP-A-R3(config)#mpls ip
ISP-A-R3(config)#ip vrf IMC-3
ISP-A-R3(config-vrf)#rd 1:1
ISP-A-R3(config-vrf)#route-target 1:1
ISP-A-R3(config-vrf)#exi

 ISP-A-R3(config)#interface lo100
ISP-A-R3(config-if)#ip vrf forwarding IMC-3
ISP-A-R3(config-if)#IP ADDress 100.100.100.3 255.255.255.255
ISP-A-R3(config-if)#ex

 ISP-A-R3(config)#interface fa0/0
ISP-A-R3(config-if)#mpls ip
ISP-A-R3(config-if)#ip address 13.13.13.3 255.255.255.0
ISP-A-R3(config-if)#no sh
ISP-A-R3(config-if)#ex

 ISP-A-R3(config)#interface lo0
ISP-A-R3(config-if)#ip address 3.3.3.3 255.255.255.255
ISP-A-R3(config-if)#exi

 ISP-A-R3(config)#router ospf 1
ISP-A-R3(config-router)#network 13.13.13.3 0.0.0.0 area 0
ISP-A-R3(config-router)#network 3.3.3.3 0.0.0.0 area 0
ISP-A-R3(config-router)#exi

 ISP-A-R3(config)#router bgp 13
ISP-A-R3(config-router)#neighbor 1.1.1.1 remot 13
ISP-A-R3(config-router)#neighbor 1.1.1.1 update-source lo0

 ISP-A-R3(config-router)#address-family vpnv4
ISP-A-R3(config-router-af)#neighbor 1.1.1.1 activate
ISP-A-R3(config-router-af)#exi

 ISP-A-R3(config-router)#address-family IPv4 VRf IMC-3
ISP-A-R3(config-router-af)#redistribute connected
ISP-A-R3(config-router-af)#


Konfigurasi Router ISP-B-R2

ISP-B-R2(config)#mpls ip
ISP-B-R2(config)#ip vrf IMC-2
ISP-B-R2(config-vrf)#rd 1:1
ISP-B-R2(config-vrf)#route-target 1:1
ISP-B-R2(config-vrf)#exi

 ISP-B-R2(config)#interface lo100
ISP-B-R2(config-if)#ip vrf forwarding IMC-2
ISP-B-R2(config-if)#ip address 100.100.100.2 255.255.255.255
ISP-B-R2(config-if)#ex

 ISP-B-R2(config)#interface fa0/0
ISP-B-R2(config-if)#mpls ip
ISP-B-R2(config-if)#ip address 24.24.24.2 255.255.255.0
ISP-B-R2(config-if)#no sh
ISP-B-R2(config-if)#ex

 ISP-B-R2(config)#interface lo0
ISP-B-R2(config-if)#ip address 2.2.2.2 255.255.255.255
ISP-B-R2(config-if)#ex

 ISP-B-R2(config)#routeR ospf 1
ISP-B-R2(config-router)#network 24.24.24.2 0.0.0.0 area 0
ISP-B-R2(config-router)#network 2.2.2.2 0.0.0.0 area 0
ISP-B-R2(config-router)#ex

 ISP-B-R2(config)#router bgp 24
ISP-B-R2(config-router)#neighbor 4.4.4.4 remote-as 24
ISP-B-R2(config-router)#neighbor 4.4.4.4 update-source lo0
ISP-B-R2(config-router)#

 ISP-B-R2(config-router)#address-family vpnv4
ISP-B-R2(config-router-af)#neighbor 4.4.4.4 activate
ISP-B-R2(config-router-af)#ex

 ISP-B-R2(config-router)#address-family ipv4 vrf IMC-2
ISP-B-R2(config-router-af)#redistribute connected
ISP-B-R2(config-router-af)#
ISP-B-R2(config-router-af)#


Konfigurasi Router ISP-B-R4

 ISP-B-R4(config)#mpls ip
ISP-B-R4(config)#ip vrf IMC-4
ISP-B-R4(config-vrf)#RD 1:1
ISP-B-R4(config-vrf)#route-target 1:1
ISP-B-R4(config-vrf)#exi

 ISP-B-R4(config)#interface lo100
ISP-B-R4(config-if)#ip vrf forwarding IMC-4
ISP-B-R4(config-if)#ip address 100.100.100.4 255.255.255.255
ISP-B-R4(config-if)#exi

 ISP-B-R4(config)#interface fa0/0
ISP-B-R4(config-if)#mpls ip
ISP-B-R4(config-if)#ip address 24.24.24.4 255.255.255.0
ISP-B-R4(config-if)#no sh
ISP-B-R4(config-if)#ex

 ISP-B-R4(config)#interface lo0
ISP-B-R4(config-if)#ip address 4.4.4.4 255.255.255.255
ISP-B-R4(config-if)#exi

 ISP-B-R4(config)#router ospf 1
ISP-B-R4(config-router)#network 24.24.24.4 0.0.0.0 are 0
ISP-B-R4(config-router)#network 4.4.4.4 0.0.0.0 area 0
ISP-B-R4(config-router)#exit

 ISP-B-R4(config)#router bgp 24
ISP-B-R4(config-router)#neighbor 2.2.2.2 remot 24
ISP-B-R4(config-router)#neighbor 2.2.2.2 update-source lo0
ISP-B-R4(config-router)#

 ISP-B-R4(config-router)#address-family vpnv4
ISP-B-R4(config-router-af)#neighbor 2.2.2.2 activate

 ISP-B-R4(config-router-af)#exi

 ISP-B-R4(config-router)#address-family ipv4 vrf IMC-4
ISP-B-R4(config-router)#redistribute connected
ISP-B-R4(config-router)#
Verfikasi Tahap 1:

Pada tahap ini masing-masing customer yang berada di ISO yg sama bisa saling komunikasi.


Verfikasi Customer ISP-A (R3)

Verfikasi Customer ISP-B (R4)
Verfikasi Tahap 2:

Menghubungkan MPLS-VPN antar ISP

 Mengkoneksikan antar interface fa0/1

 ISP-A-R1(config)#interface fa0/1
ISP-A-R1(config-if)#ip address 12.12.12.1 255.255.255.0
ISP-A-R1(config-if)#mpls ip

ISP-B-R2(config)#interface fa0/1
ISP-B-R2(config-if)#ip address 12.12.12.2 255.255.255.0
ISP-B-R2(config-if)#mpls ip

Metode yg kita gunakan untuk inter-AS MPLS VPN kali ini adalah dengan menambahkan konfigurasi exyterna MP-BGP pada router PE yg terhubung ke ISP lain.

ISP-A-R1(config)#router bgp 13
ISP-A-R1(config-router)#NEIghbor 12.12.12.2 REMOT 24
ISP-A-R1(config-router)#ADDress-family VPnv4
ISP-A-R1(config-router-af)#NEIghbor 12.12.12.2 ACTivate
ISP-A-R1(config-router-af)#EXI

ISP-B-R2(config)#router bgp 24
ISP-B-R2(config-router)#neig 12.12.12.1 remot 13
ISP-B-R2(config-router)#address-family VPnv4
ISP-B-R2(config-router-af)#neig 12.12.12.1 acti
ISP-B-R2(config-router-af)#exi

Cek hasilnya


Tidak ada perubahan

Cek BGP advertisenya

Router ISP-B-R4

Router ISP-A-R3

Sebenarnya sdh dapat networknya, kira2 mengapa ini terjadi??. IP next hop nya unreachable..

Ada 3 cara yg bs kt lakukan untuk menyelesaikan masalah ini, 
  1. Advertise 12.12.12.0/24 ke BGP
  2. Advertise 12.12.12.0/24  ke IGP
  3. Next-hop self
Kali ini kita menggunakan next-hop self saja, namun konfigurasi bukan di BGP namun di MP-BGP nya.

ISP-A-R1(config)#router bgp 13
ISP-A-R1(config-router)#address-family vpnv4
ISP-A-R1(config-router-af)#neighbor 3.3.3.3 next-hop-self
ISP-A-R1(config-router-af)#exi

ISP-B-R2(config)#router bgp 24
ISP-B-R2(config-router)#address-family vpnv4
ISP-B-R2(config-router-af)#neighbor 4.4.4.4 next-hop-self
ISP-B-R2(config-router-af)#exi




Lakukan PING dari ISP-B-R4 ke ip masing-masing router 


Cek pelabelan MPLS nya




Ya pelabelan berjalan dengan baik...
Sucess,..!!!



Posting Komentar untuk "Cisco | Inter-AS MPLS VPN"

Posting Komentar