Cisco | BGP Filtering - Route Filtering
KONFIGURASI R1
router bgp 10
network 13.13.13.0 mask 255.255.255.252
router bgp 10
network 13.13.13.0 mask 255.255.255.252
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 10
neighbor 2.2.2.2 update-source Loopback0
neighbor 2.2.2.2 remote-as 10
neighbor 2.2.2.2 update-source Loopback0
neighbor 13.13.13.2 remote-as 65002
KONFIGURASI R2
router bgp 10
bgp log-neighbor-changes
redistribute ospf 2
neighbor 1.1.1.1 remote-as 10
neighbor 1.1.1.1 update-source Loopback0
neighbor 1.1.1.1 next-hop-self
neighbor 11.11.11.1 remote-as 20
router ospf 2
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 10.10.10.0 0.0.0.3 area 0
R2#
KONFIGURASI R3
router bgp 20
bgp log-neighbor-changes
network 172.16.10.0 mask 255.255.255.0
network 192.168.10.0
neighbor 11.11.11.2 remote-as 10
KONFIGURASI R5
router bgp 65002
bgp log-neighbor-changes
network 13.13.13.0 mask 255.255.255.252
network 5.5.5.5 mask 2255.255.255.255
neighbor 13.13.13.1 remote-as 10
VERIFIKASI:
Kita ingin menghentikan informasi network 172.16.10.0/24 yg berasala dari R3 dan mengirim informasi tersebut ke R2. Apabila R2 menghentikan infromasi update tersebutAS 100 kita harus mendefenisikan sebuah ACL untk melakuka filtering update .
TAMBAHKAN PERINTAH INI DI R2
router bgp 10
neighbor 1.1.1.1 distribute-list 1 out
exit
access-list 1 deny 172.16.10.0 0.0.0.255
access-list 1 permit any
exit
Note:
neighbor 1.1.1.1 distribute-list 1 out #artinya tembak ke IP loopback R1, karena mereka peeringnya pake ip loopback. Sehingga hasilnya di R1 dan R5 network 172.16.10.0/24 tidak akn muncul lgi.
LALU VERIFIKASI
Posting Komentar untuk "Cisco | BGP Filtering - Route Filtering"