Cisco | MPLS - VPN + Static Routing
Kita membahas materi MPLS VPV, Goal dari pembahasa ini adalah, kita ingin IP Loopback BRI.KIRI dan IP Loopback BRI.KANAN bisa saling terhubung lewat MPLS protocol. Begitu BCA.KIRI dan BCA.KANAN juga bisa terhubung.
Tahap 1
Tahap pertama sekali yang kita lakukan adalah:
1. Konfigurasi IP Address di router R1 (PE-1), R2 (P) dan R3 (PE-2)
Router PE-1
PE-1#conf
PE-1(config)#interface fa0/0
PE-1(config-if)#ip address 12.12.12.1 255.255.255.252
PE-1(config-if)#no sh
PE-1(config-if)#ex
PE-1(config)#interface lo1
PE-1(config-if)#ip address 10.10.10.1 255.255.255.255
PE-1(config-if)#ex
PE-1(config)#router ospf 1
PE-1(config-router)#network 10.10.10.1 0.0.0.0 area 0
PE-1(config-router)#network 12.12.12.1 0.0.0.0 area 0
PE-1(config-router)#exi
Router P
P#conf
P(config)#interface fa0/0
P(config-if)#ip address 12.12.12.2 255.255.255.252
P(config-if)#no shutdown
P(config-if)#ex
P(config)#interface fa0/1
P(config-if)#ip address 13.13.13.2 255.255.255.252
P(config-if)#no sh
P(config-if)#ex
P(config)#interface lo1
P(config-if)#ip address 10.10.10.10 255.255.255.255
P(config-if)#ex
P(config)#
P(config)#router ospf 1
P(config-router)#network 10.10.10.10 0.0.0.0 area 0
P(config-router)#network 12.12.12.2 0.0.0.0 area 0
P(config-router)#network 13.13.13.2 0.0.0.0 area 0
P(config-router)#
Router PE-2
PE-2#conf
PE-2(config)#interface fa0/1
PE-2(config-if)#ip address 13.13.13.1 255.255.255.252
PE-2(config-if)#no sh
PE-2(config-if)#ex
PE-2(config)#interface lo1
PE-2(config-if)#ip address 10.10.10.2 255.255.255.255
PE-2(config-if)#ex
PE-2(config)#router ospf 1
PE-2(config-router)#network 10.10.10.2 0.0.0.0 area 0
PE-2(config-router)#network 13.13.13.1 0.0.0.0 area 0
PE-2(config-router)#exi
Verifikasi
Kemudian pastikan router PE-1 bisa ping ke PE-2
Tahap berikutnya konfigurasi BGP untuk melewatkan informasi routing vpn dam vrf.
Router PE-1
PE-1(config)#router bgp 65000
PE-1(config-router)#neig 10.10.10.2 remot 65000
PE-1(config-router)#neig 10.10.10.2 upda Lo1
Router PE-2
PE-2(config)#router bgp 65000
PE-2(config-router)#neig 10.10.10.1 remot 65000
PE-2(config-router)#neig 10.10.10.1 upda Lo1
Verifikasi BGP
Router PE-1
PE-1(config)#mpls ip
PE-1(config)#interface fa0/0
PE-1(config-if)#mpls ip
Router P
mpls ip
interface fa0/0
mpls ip
exit
mpls ip
interface fa0/1
mpls ip
Router PE-1
PE-1(config)#mpls ip
PE-1(config)#interface fa0/1
PE-1(config-if)#mpls ip
PE-1(config)#mpls ip
PE-1(config)#interface fa0/1
PE-1(config-if)#mpls ip
Verifikasi Router PE-1 dan PE-2, Untuk pengecekan apakah MPLS sudah jalan dengan baik.
Tahap 2
Tahap kedua ini adalah menghubungkan Router CE (Customer Edge), yaitu network yang di BRI dengan BCA.
PE Router
CE Router
Konfigurasi VRF
Router PE-1
PE-1(config)#ip vrf BRI.KIRI
PE-1(config-vrf)#rd 65000:1
PE-1(config-vrf)#route-target export 65000:1
PE-1(config-vrf)#route-target import 65000:1
PE-1(config-vrf)#EXI
PE-1(config)#ip vrf BCA.KIRI
PE-1(config-vrf)#rd 65000:2
PE-1(config-vrf)#route-target export 65000:2
PE-1(config-vrf)#route-target import 65000:2
Router PE-2
PE-2(config)#ip vrf BRI.KANAN
PE-2(config-vrf)#rd 65000:1
PE-2(config-vrf)#route-target export 65000:1
PE-2(config-vrf)#route-target import 65000:1
PE-2(config-vrf)#EXI
PE-2(config)#ip vrf BCA.KANAN
PE-2(config-vrf)#rd 65000:2
PE-2(config-vrf)#route-target export 65000:2
PE-2(config-vrf)#route-target import 65000:2
PE-2(config-vrf)#EXI
Konfigurasi IP address VRF pada interface router PE menuju CE
Router PE-1
PE-1(config)#interface fa0/1
PE-1(config-if)#description ##Link to BRI##
PE-1(config-if)#ip vrf forwarding BRI.KIRI
PE-1(config-if)#ip address 172.16.10.1 255.255.255.252
PE-1(config-if)#no shu
PE-1(config-if)#exi
PE-1(config)#interface fa1/0
PE-1(config-if)#description ##Link to BCA##
PE-1(config-if)#ip vrf forwarding BCA.KIRI
PE-1(config-if)#ip address 172.16.10.1 255.255.255.252
PE-1(config-if)#EX
Router PE-2
PE-2(config)#interface fa1/0
PE-2(config-if)#description ##Link to BRI##
PE-2(config-if)#ip vrf forwarding BRI.KANAN
PE-2(config-if)#ip address 172.16.20.1 255.255.255.252
PE-2(config-if)#no shu
PE-2(config-if)#exi
PE-2(config)#
PE-2(config)#interface fa0/0
PE-2(config-if)#description ##Link to BCA##
PE-2(config-if)#ip vrf forwarding BCA.KANAN
PE-2(config-if)#ip address 172.16.20.1 255.255.255.252
PE-2(config-if)#no shu
PE-2(config-if)#EXi
Verifkasi
Success...!!!
Tahap kedua ini adalah menghubungkan Router CE (Customer Edge), yaitu network yang di BRI dengan BCA.
PE Router
- Membuat VRF
- Konfigigurasi IP VRF di ruter PE-1 dan PE-2
- Mengaktifkan MP-BGP
- Routing PC - CE
CE Router
- Konigurasi IP Addess CE
- Routing Default Route
Konfigurasi VRF
Router PE-1
PE-1(config)#ip vrf BRI.KIRI
PE-1(config-vrf)#rd 65000:1
PE-1(config-vrf)#route-target export 65000:1
PE-1(config-vrf)#route-target import 65000:1
PE-1(config-vrf)#EXI
PE-1(config)#ip vrf BCA.KIRI
PE-1(config-vrf)#rd 65000:2
PE-1(config-vrf)#route-target export 65000:2
PE-1(config-vrf)#route-target import 65000:2
Router PE-2
PE-2(config)#ip vrf BRI.KANAN
PE-2(config-vrf)#rd 65000:1
PE-2(config-vrf)#route-target export 65000:1
PE-2(config-vrf)#route-target import 65000:1
PE-2(config-vrf)#EXI
PE-2(config)#ip vrf BCA.KANAN
PE-2(config-vrf)#rd 65000:2
PE-2(config-vrf)#route-target export 65000:2
PE-2(config-vrf)#route-target import 65000:2
PE-2(config-vrf)#EXI
Konfigurasi IP address VRF pada interface router PE menuju CE
Router PE-1
PE-1(config)#interface fa0/1
PE-1(config-if)#description ##Link to BRI##
PE-1(config-if)#ip vrf forwarding BRI.KIRI
PE-1(config-if)#ip address 172.16.10.1 255.255.255.252
PE-1(config-if)#no shu
PE-1(config-if)#exi
PE-1(config)#interface fa1/0
PE-1(config-if)#description ##Link to BCA##
PE-1(config-if)#ip vrf forwarding BCA.KIRI
PE-1(config-if)#ip address 172.16.10.1 255.255.255.252
PE-1(config-if)#EX
Router PE-2
PE-2(config)#interface fa1/0
PE-2(config-if)#description ##Link to BRI##
PE-2(config-if)#ip vrf forwarding BRI.KANAN
PE-2(config-if)#ip address 172.16.20.1 255.255.255.252
PE-2(config-if)#no shu
PE-2(config-if)#exi
PE-2(config)#
PE-2(config)#interface fa0/0
PE-2(config-if)#description ##Link to BCA##
PE-2(config-if)#ip vrf forwarding BCA.KANAN
PE-2(config-if)#ip address 172.16.20.1 255.255.255.252
PE-2(config-if)#no shu
PE-2(config-if)#EXi
Verifkasi
Nah, sekarang kita mengaktifkan MP-BGP digunakan untuk membawa informasi routing, IPv4 prefixes, VPN Customer menuju PE router lainnya.
Router PE-1
PE-1(config)#router bgp 65000
PE-1(config-router)#address-family vpnv4
PE-1(config-router-af)#neig 10.10.10.2 activate
PE-1(config-router-af)#exi
Router PE-2
PE-2(config)#router bgp 65000
PE-2(config-router)#address-family vpnv4
PE-2(config-router-af)#neig 10.10.10.1 activate
PE-2(config-router-af)#exi
Yang Terhir adalah konfigurasi static routing di PE-1 dan PE-2
Router PE-1
ip route vrf BRI.KIRI 10.10.4.1 255.255.255.255 172.16.10.2
router bgp 65000
address-family ipv4 vrf BRI.KIRI
redistribute static
redistribute connected
exi
ip route vrf BCA.KIRI 10.10.5.1 255.255.255.255 172.16.10.2
router bgp 65000
address-family ipv4 vrf BCA.KIRI
redistribute static
redistribute connected
exi
Router PE-2
ip route vrf BRI.KANAN 10.10.6.1 255.255.255.255 172.16.20.2
router bgp 65000
address-family ipv4 vrf BRI.KANAN
redistribute static
redistribute connected
exi
ip route vrf BCA.KANAN 10.10.7.1 255.255.255.255 172.16.20.2
router bgp 65000
address-family ipv4 vrf BCA.KANAN
redistribute static
redistribute connected
exi
Konfigurasi terahir adalah konfigurasi IP addrees dan default route di masing-masing router CE
Router CE-1 (BRI.KIRI)
interface FastEthernet0/1
ip address 172.16.10.2 255.255.255.252
no shu
exi
!
interface Loopback1
ip address 10.10.4.1 255.255.255.255
exi
ip route 0.0.0.0 0.0.0.0 172.16.10.1
Router CE-2 (BRI.KAKAN)
interface FastEthernet0/1
ip address 172.16.10.2 255.255.255.252
no shu
exi
!
interface Loopback1
ip address 10.10.7.1 255.255.255.255
exi
ip route 0.0.0.0 0.0.0.0 172.16.20.1
Verifikasi, ping dan traceroute darii CE-1 le router CE-2
Lakukan ping dari router (BRI.KIRI ke BRI.KANAN
Success...!!!
Jika terhubung maka konfigurasi semua router sudah benar. MPLS sudah berjalan dengan benar.
Posting Komentar untuk "Cisco | MPLS - VPN + Static Routing"