Cisco | MPLS - L3VPN - VRF (Tag VLAN)
Berikut konfigurasi dari masing-maing perangkat.
TAHAP-1: KONFIGURASI INTERFACE & ROUING OSPF
hostname CS-903-01
!
router ospf 1
!
interface gi2
no shutdown
ip address 10.0.1.1 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi1
no shutdown
ip address 10.0.1.9 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi3
no shutdown
ip address 10.0.1.5 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi4
no shutdown
ip address 10.0.1.13 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface Loopback0
ip address 10.1.1.1 255.255.255.255
ip ospf 1 area 0
!
-------------------------------------
!
router ospf 1
!
interface gi2
no shutdown
ip address 10.0.1.1 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi1
no shutdown
ip address 10.0.1.9 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi3
no shutdown
ip address 10.0.1.5 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi4
no shutdown
ip address 10.0.1.13 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface Loopback0
ip address 10.1.1.1 255.255.255.255
ip ospf 1 area 0
!
-------------------------------------
hostname CS-903-02
!
router ospf 1
!
interface gi2
no shutdown
ip address 10.0.1.18 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi1
no shutdown
ip address 10.0.1.10 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi3
no shutdown
ip address 10.0.1.26 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi4
no shutdown
ip address 10.0.1.29 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface Loopback0
ip address 10.1.1.3 255.255.255.255
ip ospf 1 area 0
!
-------------------------------------
!
router ospf 1
!
interface gi2
no shutdown
ip address 10.0.1.18 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi1
no shutdown
ip address 10.0.1.10 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi3
no shutdown
ip address 10.0.1.26 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi4
no shutdown
ip address 10.0.1.29 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface Loopback0
ip address 10.1.1.3 255.255.255.255
ip ospf 1 area 0
!
-------------------------------------
hostname ASR-902-01
!
router ospf 1
!
interface gi2
no shutdown
ip address 10.0.1.17 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi1
no shutdown
ip address 10.0.1.2 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi3
no shutdown
ip address 10.0.1.21 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface Loopback0
ip address 10.1.1.2 255.255.255.255
ip ospf 1 area 0
exit
!
-------------------------------------
hostname ASR-902-03
!
router ospf 1
mpls ldp autoconfig
!
interface gi2
no shutdown
ip address 10.0.1.30 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi1
no shutdown
ip address 10.0.1.14 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface Loopback0
ip address 10.1.1.5 255.255.255.255
ip ospf 1 area 0
exit
!
!
router ospf 1
!
interface gi2
no shutdown
ip address 10.0.1.17 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi1
no shutdown
ip address 10.0.1.2 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi3
no shutdown
ip address 10.0.1.21 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface Loopback0
ip address 10.1.1.2 255.255.255.255
ip ospf 1 area 0
exit
!
-------------------------------------
hostname ASR-902-03
!
router ospf 1
mpls ldp autoconfig
!
interface gi2
no shutdown
ip address 10.0.1.30 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface gi1
no shutdown
ip address 10.0.1.14 255.255.255.252
ip ospf network point-to-point
ip ospf 1 area 0
exit
!
interface Loopback0
ip address 10.1.1.5 255.255.255.255
ip ospf 1 area 0
exit
!
VERIFIKASI:
sh ip ospf neig
TAHAP-2 : KONFIG ROUTING BGP
CS-903-01
router bgp 65001
bgp router-id 10.1.1.1
bgp cluster-id 65001
bgp log-neighbor-changes
neighbor iBGP peer-group
neighbor iBGP remote-as 65001
neighbor 10.0.1.10 remote-as 65001
neighbor iBGP update-source Loopback0
neighbor 10.1.1.2 peer-group iBGP
neighbor 10.1.1.3 peer-group iBGP
neighbor 10.1.1.4 peer-group iBGP
neighbor 10.1.1.5 peer-group iBGP
!
address-family vpnv4
neighbor iBGP route-reflector-client
neighbor 10.0.1.10 activate
neighbor 10.0.1.10 next-hop-self
neighbor 10.1.1.2 activate
neighbor 10.1.1.3 activate
neighbor 10.1.1.4 activate
neighbor 10.1.1.5 activate
exit-address-family
!
CS-903-02
router bgp 65001
bgp router-id 10.1.1.1
bgp cluster-id 65001
bgp log-neighbor-changes
neighbor iBGP peer-group
neighbor iBGP remote-as 65001
neighbor 10.0.1.10 remote-as 65001
neighbor iBGP update-source Loopback0
neighbor 10.1.1.2 peer-group iBGP
neighbor 10.1.1.3 peer-group iBGP
neighbor 10.1.1.4 peer-group iBGP
neighbor 10.1.1.5 peer-group iBGP
!
address-family vpnv4
neighbor iBGP route-reflector-client
neighbor 10.0.1.10 activate
neighbor 10.0.1.10 next-hop-self
neighbor 10.1.1.2 activate
neighbor 10.1.1.3 activate
neighbor 10.1.1.4 activate
neighbor 10.1.1.5 activate
exit-address-family
!
CS-903-02
router bgp 65001
bgp router-id 10.1.1.3
bgp cluster-id 65001
bgp log-neighbor-changes
neighbor iBGP peer-group
neighbor iBGP remote-as 65001
neighbor 10.0.1.10 remote-as 65001
neighbor iBGP update-source Loopback0
neighbor 10.1.1.2 peer-group iBGP
neighbor 10.1.1.1 peer-group iBGP
neighbor 10.1.1.4 peer-group iBGP
neighbor 10.1.1.5 peer-group iBGP
!
address-family vpnv4
neighbor iBGP route-reflector-client
neighbor 10.0.1.10 activate
neighbor 10.0.1.10 next-hop-self
neighbor 10.1.1.2 activate
neighbor 10.1.1.1 activate
neighbor 10.1.1.4 activate
neighbor 10.1.1.5 activate
exit-address-family
bgp router-id 10.1.1.3
bgp cluster-id 65001
bgp log-neighbor-changes
neighbor iBGP peer-group
neighbor iBGP remote-as 65001
neighbor 10.0.1.10 remote-as 65001
neighbor iBGP update-source Loopback0
neighbor 10.1.1.2 peer-group iBGP
neighbor 10.1.1.1 peer-group iBGP
neighbor 10.1.1.4 peer-group iBGP
neighbor 10.1.1.5 peer-group iBGP
!
address-family vpnv4
neighbor iBGP route-reflector-client
neighbor 10.0.1.10 activate
neighbor 10.0.1.10 next-hop-self
neighbor 10.1.1.2 activate
neighbor 10.1.1.1 activate
neighbor 10.1.1.4 activate
neighbor 10.1.1.5 activate
exit-address-family
ASR-920-01
router bgp 65001
bgp router-id 10.1.1.2
neighbor iBGP peer-group
nei iBGP remote-as 65001
neighbor iBGP update-source lo0
neighbor 10.1.1.1 peer-group iBGP
neighbor 10.1.1.3 peer-group iBGP
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.3 activate
exit
router bgp 65001
bgp router-id 10.1.1.2
neighbor iBGP peer-group
nei iBGP remote-as 65001
neighbor iBGP update-source lo0
neighbor 10.1.1.1 peer-group iBGP
neighbor 10.1.1.3 peer-group iBGP
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.3 activate
exit
ASR-920-02
router bgp 65001
bgp router-id 10.1.1.4
neighbor iBGP peer-group
nei iBGP remote-as 65001
neighbor iBGP update-source lo0
neighbor 10.1.1.1 peer-group iBGP
neighbor 10.1.1.3 peer-group iBGP
!
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.3 activate
!
address-family vpnv4
neighbor 10.1.1.2 activate
neighbor 10.1.1.5 activate
neighbor 10.1.1.4 activate
exit
router bgp 65001
bgp router-id 10.1.1.4
neighbor iBGP peer-group
nei iBGP remote-as 65001
neighbor iBGP update-source lo0
neighbor 10.1.1.1 peer-group iBGP
neighbor 10.1.1.3 peer-group iBGP
!
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.3 activate
!
address-family vpnv4
neighbor 10.1.1.2 activate
neighbor 10.1.1.5 activate
neighbor 10.1.1.4 activate
exit
ASR-920-03
router bgp 65001
bgp router-id 10.1.1.5
neighbor iBGP peer-group
nei iBGP remote-as 65001
neighbor iBGP update-source lo0
neighbor 10.1.1.1 peer-group iBGP
neighbor 10.1.1.3 peer-group iBGP
!
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.3 activate
!
address-family vpnv4
neighbor 10.1.1.2 activate
neighbor 10.1.1.5 activate
neighbor 10.1.1.4 activate
exit
VERIFIKASI:
router bgp 65001
bgp router-id 10.1.1.5
neighbor iBGP peer-group
nei iBGP remote-as 65001
neighbor iBGP update-source lo0
neighbor 10.1.1.1 peer-group iBGP
neighbor 10.1.1.3 peer-group iBGP
!
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.3 activate
!
address-family vpnv4
neighbor 10.1.1.2 activate
neighbor 10.1.1.5 activate
neighbor 10.1.1.4 activate
exit
VERIFIKASI:
TAHAP-3 : KONFIG MPLS DI PORT AREA BACKBONE
CS-903-01
mpls label protocol ldp
mpls ldp router-id lo0 force
!
int range gi1-4
mpls ip
exi
----
CS-903-02
mpls label protocol ldp
mpls ldp router-id lo0 force
!
int range gi1-4
mpls ip
exi
-------------
ASR-902-01
mpls label protocol ldp
mpls ldp router-id lo0 force
!
int range gi1-3
mpls ip
exi
----------
ASR-902-03
mpls label protocol ldp
mpls ldp router-id lo0 force
!
int range gi1-2
mpls ip
exi
VERIFIKASI:
#sh mpls ldp neighbor
#sh mpls forwarding-table
# sh mpls ldp discovery
mpls label protocol ldp
mpls ldp router-id lo0 force
!
int range gi1-4
mpls ip
exi
----
CS-903-02
mpls label protocol ldp
mpls ldp router-id lo0 force
!
int range gi1-4
mpls ip
exi
-------------
ASR-902-01
mpls label protocol ldp
mpls ldp router-id lo0 force
!
int range gi1-3
mpls ip
exi
----------
ASR-902-03
mpls label protocol ldp
mpls ldp router-id lo0 force
!
int range gi1-2
mpls ip
exi
VERIFIKASI:
#sh mpls ldp neighbor
#sh mpls forwarding-table
# sh mpls ldp discovery
TAHAP-4: KONFIG VRF TENANT BCA & BRI & IP ADDRESS
ASR-902-01
ip vrf BCA_10.87
rd 10:100
route-target import 10:100
route-target export 10:100
!
router ospf 100 VRf BCA_10.87
router-id 10.1.1.2
exit
int gi4.10
no sh
encapsulation dot1q 10
ip vrf forwarding BCA_10.87
ip add 10.87.10.1 255.255.255.0
ip ospf network point-to-point
ip ospf 100 area 0
exit
!
---------
ip vrf BRI_192.168
rd 11:100
route-target import 11:100
route-target export 11:100
!
router ospf 101 vrf BRI_192.168
router-id 10.1.1.2
exit
int gi4.11
no sh
encapsulation dot1q 11
ip vrf forwarding BRI_192.168
ip add 192.168.11.1 255.255.255.0
ip ospf network point-to-point
ip ospf 101 area 0
exit
!
VERIFIKASI:
sh ip vrf BCA_10.87
sh ip vrf BRI_192.168
===============================
ASR-902-03
ip vrf BCA_10.87
rd 10:100
route-target import 10:100
route-target export 10:100
!
router ospf 100 VRf BCA_10.87
router-id 10.1.1.5
exit
int gi3.10
no sh
description BCA_SITE_B
encapsulation dot1q 10
ip vrf forwarding BCA_10.87
ip add 10.87.20.1 255.255.255.0
ip ospf network point-to-point
ip ospf 100 area 0
exit
!
---------
ip vrf BRI_192.168
rd 11:100
route-target import 11:100
route-target export 11:100
!
router ospf 101 vrf BRI_192.168
router-id 10.1.1.5
exit
int gi3.11
no sh
description BRI_SITE_B
encapsulation dot1q 11
ip vrf forwarding BRI_192.168
ip add 192.168.12.1 255.255.255.0
ip ospf network point-to-point
ip ospf 101 area 0
exit
!
VERIFIKASI:
ASR-902-01
ip vrf BCA_10.87
rd 10:100
route-target import 10:100
route-target export 10:100
!
router ospf 100 VRf BCA_10.87
router-id 10.1.1.2
exit
int gi4.10
no sh
encapsulation dot1q 10
ip vrf forwarding BCA_10.87
ip add 10.87.10.1 255.255.255.0
ip ospf network point-to-point
ip ospf 100 area 0
exit
!
---------
ip vrf BRI_192.168
rd 11:100
route-target import 11:100
route-target export 11:100
!
router ospf 101 vrf BRI_192.168
router-id 10.1.1.2
exit
int gi4.11
no sh
encapsulation dot1q 11
ip vrf forwarding BRI_192.168
ip add 192.168.11.1 255.255.255.0
ip ospf network point-to-point
ip ospf 101 area 0
exit
!
VERIFIKASI:
sh ip vrf BCA_10.87
sh ip vrf BRI_192.168
===============================
ASR-902-03
ip vrf BCA_10.87
rd 10:100
route-target import 10:100
route-target export 10:100
!
router ospf 100 VRf BCA_10.87
router-id 10.1.1.5
exit
int gi3.10
no sh
description BCA_SITE_B
encapsulation dot1q 10
ip vrf forwarding BCA_10.87
ip add 10.87.20.1 255.255.255.0
ip ospf network point-to-point
ip ospf 100 area 0
exit
!
---------
ip vrf BRI_192.168
rd 11:100
route-target import 11:100
route-target export 11:100
!
router ospf 101 vrf BRI_192.168
router-id 10.1.1.5
exit
int gi3.11
no sh
description BRI_SITE_B
encapsulation dot1q 11
ip vrf forwarding BRI_192.168
ip add 192.168.12.1 255.255.255.0
ip ospf network point-to-point
ip ospf 101 area 0
exit
!
VERIFIKASI:
sh ip route vrf BCA_10.87 ospf
sh ip route vrf BRI_192.168 ospf
sh ip route vrf BCA_10.87
sh ip vrf BCA_10.87
sh ip vrf BRI_192.168
sh ip route vrf BRI_192.168 ospf
sh ip route vrf BCA_10.87
sh ip vrf BCA_10.87
sh ip vrf BRI_192.168
------------------------------------------------------------
TAHAP-5 : REDISTRIBUTE BGP TO OSPF - OSPF TO BGP
==================================
TAHAP-5 : REDISTRIBUTE BGP TO OSPF - OSPF TO BGP
==================================
ASR-902-01
router ospf 100 vrf BCA_10.87
redistribute bgp 65001 subnets
exit
!
router bgp 65001
address-family ipv4 vrf BCA_10.87
redistribute ospf 100
exit
!
router ospf 101 vrf BRI_192.168
redistribute bgp 65001 subnets
exit
!
router bgp 65001
address-family ipv4 vrf BRI_192.168
redistribute ospf 101
exit
----------------------------------------
ASR-902-03
router ospf 100 vrf BCA_10.87
redistribute bgp 65001 subnets
exit
!
router bgp 65001
address-family ipv4 vrf BCA_10.87
redistribute ospf 100
exit
!
router ospf 101 vrf BRI_192.168
redistribute bgp 65001 subnets
exit
!
router bgp 65001
address-family ipv4 vrf BRI_192.168
redistribute ospf 101
exit
router ospf 100 vrf BCA_10.87
redistribute bgp 65001 subnets
exit
!
router bgp 65001
address-family ipv4 vrf BCA_10.87
redistribute ospf 100
exit
!
router ospf 101 vrf BRI_192.168
redistribute bgp 65001 subnets
exit
!
router bgp 65001
address-family ipv4 vrf BRI_192.168
redistribute ospf 101
exit
----------------------------------------
ASR-902-03
router ospf 100 vrf BCA_10.87
redistribute bgp 65001 subnets
exit
!
router bgp 65001
address-family ipv4 vrf BCA_10.87
redistribute ospf 100
exit
!
router ospf 101 vrf BRI_192.168
redistribute bgp 65001 subnets
exit
!
router bgp 65001
address-family ipv4 vrf BRI_192.168
redistribute ospf 101
exit
TAHAP-6 : KONFIG SWITCH SW-9200-01 & SW-9200-02
==========================================================
==========================================================
vlan 10
name BCA
name BCA
!
vlan 11
name BRI!
interface Ethernet0/0
description #Linkt-ASR-920-01#
switchport trunk encapsulation dot1q
switchport mode trunk
end
!
interface Ethernet0/0
description #Linkt-ASR-920-01#
switchport trunk encapsulation dot1q
switchport mode trunk
end
!
interface Ethernet0/1
switchport access vlan 10
switchport mode access
!
interface Ethernet0/1
switchport access vlan 11
switchport mode access
switchport access vlan 10
switchport mode access
!
interface Ethernet0/1
switchport access vlan 11
switchport mode access
VERIFIKASI:
ASR-902-01
sh ip route vrf BCA_10.87 | i 10.
sh ip route vrf BRI_192.168 | i 192.
ping vrf BCA_10.87 10.87.20.1
ASR-902-01
sh ip route vrf BCA_10.87 | i 10.
sh ip route vrf BRI_192.168 | i 192.
ping vrf BCA_10.87 10.87.20.1
ping vrf BRI_192.168 192.168.12.1
ASR-902-03
VERIFIKASI:
- trace route dari router ASR-902-01 to 10.87.20.10
- ping dari SITE-A ke SITE-B pada vrf BCA (source 10.87.10.10 to 10.87.20.10).
===========SUKSES======
Posting Komentar untuk "Cisco | MPLS - L3VPN - VRF (Tag VLAN)"