Translate

Great Day with BPN : Interconnecting OSPF Network with BGP


08 Oktober 2016, Hari ini adalah hari yang cukup menyenangkan bagi saya dan setelah 2 tahun lamanya saya meng-update blog ini wkwkwkwkw

Hari ini saya belajar OSPF dan BGP dengan mas(ter) Rivaldo Ibrahim a.k.a Baim, mas(ter) Adit Ilhandi, mas(ter) Rifki a.k.a Bejo, mas(ter) Abdul Fatah, Memang sih awalnya saya dengan teman sekolah saya (aldi) datang dari SMK Taruna Bhakti Depok dan memiliki tujuan untuk Belajar Konsep dari NAT di BPN, namun disela waktu kosong kami mencoba config OSPF dan BGP pada Router MikroTik yang di gabungkan dengan Router Cisco 1841 untuk Internetworking-nya, Dan saya pun ingin mem-postingnya kedalam blog saya yang tidak update selama 2 tahun hehehe, sebenarnya scenarionya sih kita membuat Interconnection dengan BGP dan didalam AS itu ada OSPF Multi-Area (Standard, NSSA, Stub)

Jujur, ini pertama kalinya saya mencoba OSPF dan BGP pada Real Devices dan untuk Internetworking-nya saya menggabungkan Cisco 1841 (yang ditengah) dengan RB941-2n sebagai router yang meng-advertise prefix yang dimiliki dari AS100 dan AS200, Cisco 1841 sendiri memiliki AS150 yang digunakan hanya untuk transit eBGP dan setelah turun dari Router BGP masuk kedalam Router Gateway yang menggunakan RB951-2n dan menjalankan static route kearah Router BGP, NAT dan juga distribute default route untuk OSPF Area dibawahnya, setelah turun kebawah ada Router Distribusi yang terhubung dengan Not-So-Stubby-Area (NSSA) dan juga Stub Area, Kemudian didalam Router Gateway kami menjalankan Tunnel L2TP + IPSec agar kedua Local Area Network pada Stub Area bisa saling terhubung satu sama lain melalui Tunnel, tentu saja ditambahkan routing untuk kedua network tersebut, namun disini kami hanya menggunakan static route

Sebelumnya saya gambarkan menggunakan GNS3 untuk design topologi namun tidak untuk config, tapi tenang saja config + screenshot saya sertakan dibawah

1. R-BGP-100 as BGP Router AS100 (RB951-2n)
/routing bgp instance
set default as=100
/ip address
add address=110.110.110.1/30 interface=ether1 network=110.110.110.0
add address=11.11.11.1/30 interface=ether2 network=11.11.11.0
/routing bgp network
add network=11.11.11.0/30
add network=110.110.110.0/30
/routing bgp peer
add name=peer1 remote-address=110.110.110.2 remote-as=150
/system identity
set name=R-BGP-100
2. R-GW-100 as Gateway Router AS100 (RB951-2n)
/ip pool
add name=l2tp ranges=1.1.1.2-1.1.1.254
/ppp profile
set 1 local-address=1.1.1.1 remote-address=l2tp
/routing ospf instance
set [ find default=yes ] distribute-default=always-as-type-2
/interface l2tp-server server
set enabled=yes ipsec-secret=123 use-ipsec=yes
/ip address
add address=11.11.11.2/30 interface=ether1 network=11.11.11.0
add address=10.10.10.1/30 interface=ether2 network=10.10.10.0
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add distance=1 gateway=11.11.11.1
add distance=1 dst-address=192.168.2.0/24 gateway=1.1.1.254
/ppp secret
add name=l2tp password=123
/routing ospf network
add area=backbone network=10.10.10.0/30
/system identity
set name=R-GW-100
3. R-DIST-100 as Distribution Router AS100 (RB951-2n)
/routing ospf area
add area-id=0.0.0.1 default-cost=1 inject-summary-lsas=no name=area1 \
    translator-role=translate-never type=nssa
add area-id=0.0.0.2 default-cost=1 inject-summary-lsas=no name=area2 \
    translator-role=translate-never type=nssa
add area-id=0.0.0.10 default-cost=1 inject-summary-lsas=yes name=stub type=\
    stub
/ip address
add address=10.10.10.2/30 interface=ether1 network=10.10.10.0
add address=172.16.10.1/30 interface=ether2 network=172.16.10.0
add address=172.16.20.1/30 interface=ether3 network=172.16.20.0
add address=100.100.100.2/30 interface=ether4 network=100.100.100.0
/routing ospf network
add area=backbone network=10.10.10.0/30
add area=area2 network=172.16.20.0/30
add area=area1 network=172.16.10.0/30
add area=stub network=100.100.100.0/30
/system identity
set name=R-DIST-100
4. R-STUB-100 as Stub Area Router AS100 (RB750)
/ip pool
add name=dhcp_pool1 ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether5 name=dhcp1
/routing ospf area
add area-id=0.0.0.10 inject-summary-lsas=yes name=stub type=\
    stub
/ip address
add address=100.100.100.1/30 interface=ether1 network=100.100.100.0
add address=192.168.1.1/24 interface=ether5 network=192.168.1.0
/ip dhcp-server network
add address=192.168.1.0/24 gateway=192.168.1.1
/routing ospf network
add area=stub network=100.100.100.0/30
add area=stub network=192.168.1.0/24
/system identity
set name=R-STUB-100
5. R-NSSA-100-1 as NSSA Area-1 Router AS100 (RB941-2ND-TC)
/routing ospf area
add area-id=0.0.0.1 default-cost=1 inject-summary-lsas=no name=area1 type=nssa
/ip address
add address=172.16.10.2/30 interface=ether1 network=172.16.10.0
add address=100.100.100.1/30 interface=ether2 network=100.100.100.0
/routing ospf network
add area=area1 network=172.16.10.0/30
add area=area2 network=100.100.100.0/30
/system identity
set name=R-NSSA-1
6. R-NSSA-100-2 as NSSA Area-2 Router AS100 (RB941-2ND-TC)
/routing ospf area
add area-id=0.0.0.2 inject-summary-lsas=no name=area2 type=nssa
/ip address
add address=200.200.200.1/30 interface=ether2 network=200.200.200.0
add address=172.16.20.2/30 interface=ether1 network=172.16.20.0
/routing ospf network
add area=area2 network=172.16.20.0/30
add area=area1 network=200.200.200.0/30
/system identity
set name=R-NSSA-2

Cisco 1841 Configuration
  1. router bgp 150
  2.  neighbor 110.110.110.1 remote-as 100
  3.  neighbor 120.120.120.1 remote-as 200
  4.  no auto-summary


7. R-BGP-200 as BGP Router AS200 (RB951-2n)
/routing bgp instance
set default as=200
/ip address
add address=120.120.120.1/30 interface=ether1 network=120.120.120.0
add address=12.12.12.1/30 interface=ether2 network=12.12.12.0
/routing bgp network
add network=120.120.120.0/30
add network=12.12.12.0/30
/routing bgp peer
add name=peer1 remote-address=120.120.120.2 remote-as=150
/system identity
set name=R-BGP-200
 8. R-GW-200 as Gateway Router AS200 (RB951-2n)
/interface l2tp-client
add connect-to=11.11.11.2 disabled=no ipsec-secret=123 mrru=1600 name=\
    l2tp-out1 password=123 use-ipsec=yes user=l2tp
/routing ospf instance
set [ find default=yes ] distribute-default=always-as-type-2
/interface l2tp-server server
set ipsec-secret=123
/ip address
add address=12.12.12.2/30 interface=ether1 network=12.12.12.0
add address=20.20.20.1/30 interface=ether2 network=20.20.20.0
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add distance=1 gateway=12.12.12.1
add distance=1 dst-address=192.168.1.0/24 gateway=1.1.1.1
/routing ospf network
add area=backbone network=20.20.20.0/30
/system identity
set name=R-GW-200
9.  R-DIST-200 as Distribution Router AS200 (RB951-2n)
/routing ospf area
add area-id=0.0.0.1 default-cost=1 inject-summary-lsas=no name=area1 \
    translator-role=translate-never type=nssa
add area-id=0.0.0.2 default-cost=1 inject-summary-lsas=no name=area2 \
    translator-role=translate-never type=nssa
add area-id=0.0.0.10 default-cost=1 inject-summary-lsas=yes name=stub type=stub
/ip address
add address=20.20.20.2/30 interface=ether1 network=20.20.20.0
add address=172.16.10.1/30 interface=ether2 network=172.16.10.0
add address=172.16.20.1/30 interface=ether3 network=172.16.20.0
add address=100.100.100.1/30 interface=ether4 network=100.100.100.0
/routing ospf network
add area=backbone network=20.20.20.0/30
add area=area1 network=172.16.10.0/30
add area=area2 network=172.16.20.0/30
add area=stub network=100.100.100.0/30
/system identity
set name=R-DIST-200
10. R-STUB-200 as Stub Area AS200 (RB951-2n)
/ip pool
add name=dhcp_pool1 ranges=192.168.2.2-192.168.2.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether5 name=dhcp1
/routing ospf area
add area-id=0.0.0.10 default-cost=1 inject-summary-lsas=yes name=stub \
    type=stub
/ip address
add address=100.100.100.2/30 interface=ether1 network=100.100.100.0
add address=192.168.2.1/24 interface=ether5 network=192.168.2.0
/ip dhcp-server network
add address=192.168.2.0/24 gateway=192.168.2.1
/routing ospf network
add area=stub network=100.100.100.0/30
add area=stub network=192.168.2.0/24
/system identity
set name=R-STUB-200 

11. R-NSSA-200-1 as NSSA Area-1 AS200 (RB941-2ND-TC)
/routing ospf area
add area-id=0.0.0.1 default-cost=1 inject-summary-lsas=no name=area1 \
    translator-role=translate-never type=nssa
/ip address
add address=172.16.10.2/30 interface=ether1 network=172.16.10.0
/routing ospf network
add area=area1 network=172.16.10.0/30
/system identity
set name=R-NSSA-1
12. R-NSSA-200-2 as NSSA Area-2 AS200 (RB941-2ND-TC)
/routing ospf area
add area-id=0.0.0.2 default-cost=1 inject-summary-lsas=no name=area2 \
    translator-role=translate-never type=nssa
/ip address
add address=172.16.20.2/30 interface=ether1 network=172.16.20.0
/routing ospf network
add area=area2 network=172.16.20.0/30
/system identity
set name=R-NSSA-2

Sekian configuration yang saya buat dengan teman teman di Best-Path Networks, Mohon maaf jika ada kesalahan konfigurasi, namun sudah kami coba dan berhasil :) mohon maaf juga untuk tuan rumah karena saya OOT dari tujuan awal hehehe, dan dibawah ini ada beberapa dokumentasi yang saya kumpulkan :D





















Pantang Pulang, Sebelum PING Reply
Sekian & Terima Kasih :D