Skip to main content

Lab BGP Attribute (Community)

LAB 8. BGP Attribute (Community)




BGP Community digunakan untuk menambah info-info tambahan pada setiap prefix yang diadvertise ke router naighbor yang menjalankan BGP. Ada 4 community default yang bisa kita gunakan atau bisa juga menggunakan nilai numerik. 

Di topologi sebelumnya, kita cabut kabel antara R3 dan R4 lalu sambung kabel antara R3 dan R4, kemudian sambung kabel dari R2 ke R4 sesuai topologi, kemudian hapus config bekas lab sebelumnya.


R1,R2,R3

R1(config)#no router bgp 1234 

R2(config)#no router bgp 1234 

R3(config)#no router bgp 1234


R3

R3(config)#default int f0/1

R4

R4(config)#default int f0/0 

R4(config)#default int lo44 

R4(config)#no int lo0 

R4(config)#no router bgp 4 

R4(config)#no router eigrp 10

Kita config Ip address di R2,R4

R2

R2(config)#int g1/0 

R2(config-if)#ip add 24.24.24.2 255.255.255.0 

R2(config-if)#no shutdown

 R2(config)#int lo22

 R2(config-if)#ip add 22.22.22.22 255.255.255.255

 R4

 R4(config)#int g1/0

 R4(config-if)#ip add 24.24.24.4 255.255.255.0

 R4(config-if)#no shutdown

 R4(config-if)#exit

 R4(config)#int lo0

 R4(config-if)#ip add 4.4.4.4 255.255.255.255 Kita

Config  semua router. Disini R2 berperan sebagai route reflector server R1 

R1(config)#router bgp 123

 R1(config-router)#network 11.11.11.11 mask 255.255.255.255 R1(config-router)#neighbor 2.2.2.2 remote-as 123

 R1(config-router)#neighbor 2.2.2.2 update-source Loopback0

 R2

 R2(config)#router bgp 123

 R2(config-router)#neighbor 1.1.1.1 remote-as 123

 R2(config-router)#neighbor 1.1.1.1 up lo0

 R2(config-router)#neighbor 1.1.1.1 route-reflector-client

 R2(config-router)#neighbor 1.1.1.1 next-hop-self

 R2(config-router)#neighbor 3.3.3.3 remote-as 123

 R2(config-router)#neighbor 3.3.3.3 update lo0

 R2(config-router)#neighbor 3.3.3.3 route-reflector-client

 R2(config-router)#neighbor 3.3.3.3 next-hop-self

 R2(config-router)#neighbor 24.24.24.4 remote-as 4

 R2(config-router)#network 22.22.22.22 mask 255.255.255.255

R3

 R3(config)#int lo33

 R3(config-if)#ip add 33.33.33.33 255.255.255.255

 R3(config)#router bgp 123

 R3(config-router)#neighbor 2.2.2.2 remote-as 123

 R3(config-router)#neighbor 2.2.2.2 up lo0

 R3(config-router)#network 33.33.33.33 mask 255.255.255.255

 R4

 R4(config)#router bgp 4

 R4(config-router)#neighbor 24.24.24.2 remote-as 123

 R4(config-router)#network 4.4.4.4 mask 255.255.255.255

 R4(config-router)#exit Kita cek bgp route di R1 dan R4

 R1

R1#sh ip bgp

BGP table version is 6, local router ID is 11.11.11.11

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*>i4.4.4.4/32 2.2.2.2 0 100 0 4 i

*> 11.11.11.11/32  0.0.0.0 0 32768 i

*>i22.22.22.22/32  2.2.2.2 0 100 0 i

*>i33.33.33.33/32  3.3.3.3 0 100 0 i


R4


R4(config)#do show ip bgp

BGP table version is 5, local router ID is 4.4.4.4 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network     Next Hop      Metric LocPrf Weight Path
*> 4.4.4.4/32  0.0.0.0          0              32768 i
*> 11.11.11.11/32  24.24.24.2                 0 123 i
*> 22.22.22.22/32  24.24.24.2          0        0 123 i
*> 33.33.33.33/32  24.24.24.2                 0 123


Selanjutnya, kita set community ‘no-export’ di R1 (no Export tidak diadvertise ke e BGP)


R1

R1(config)#access-list 1 permit host 11.11.11.11 R1(config)#route-map NO-EXPORT

R1(config-route-map)#match ip address 1 R1(config-route-map)#set community no-export R1(config-route-map)#router bgp 123

R1(config-router)#neighbor 2.2.2.2 route-map NO-EXPORT out

R1(config-router)#neighbor 2.2.2.2 send-community


Sekarang Kita cek Hasil BGO R3,R4 bandingkan hasilnya pastikan network 11.11.11.11.11/32 sudah gak ada

R3

R3(config)#do sh ip bgp

BGP table version is 5, local router ID is 33.33.33.33

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*>i4.4.4.4/32 2.2.2.2 0 100 0 4 i

*>i11.11.11.11/32  1.1.1.1 0 100 0 i

*>i22.22.22.22/32  2.2.2.2 0 100 0 i

*> 33.33.33.33/32  0.0.0.0 0 32768 i


R4

R4(config)#do show ip bgp

BGP table version is 6, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

Network Next Hop Metric LocPrf Weight Path

*> 4.4.4.4/32 0.0.0.0 0 32768 i

*> 22.22.22.22/32  24.24.24.2 0 0 123 i

*> 33.33.33.33/32  24.24.24.2 0 123 i


Kita cek apakah pada prefix terdapat informasi tambahan yaitu no-export


R2

R2(config)#do show ip bgp 11.11.11.11

BGP routing table entry for 11.11.11.11/32, version 6

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)

Flag: 0x880 Advertised to update-groups: 1 Local, (Received from a RR-client)

1.1.1.1 (metric 156160) from 1.1.1.1 (11.11.11.11)

Origin IGP, metric 0, localpref 100, valid, internal, best

Community: no-export


Sekarang, kita gentian ke community “no-advertise” di R3 (no-export tidak diadvertise ke i-BGP/e-BGP)


R3

R3(config)#access-list 1 permit host 33.33.33.33 R3(config)#route-map NO-ADVERTISE

R3(config-route-map)#match ip address 1 R3(config-route-map)#set community no-advertise R3(config-route-map)#router bgp 123

R3(config-router)#neighbor 2.2.2.2 route-map NO-ADVERTISE out R3(config-router)#neighbor 2.2.2.2 send-community

R3(config-router)#exit


Kita cek BGP route di R1 dan R4, pastikan network 33.33.33.33/32 tidak ada.


R1

R1(config)#do show ip bgp

Network Next Hop Metric LocPrf Weight Path

*>i4.4.4.4/32 2.2.2.2 0 100 0 4 i

*> 11.11.11.11/32  0.0.0.0 0 32768 i

*>i22.22.22.22/32  2.2.2.2 0 100 0 i


R4

R4(config)#do show ip bgp

Network Next Hop Metric LocPrf Weight Path

*> 4.4.4.4/32 0.0.0.0 0 32768 i

*> 22.22.22.22/32  24.24.24.2 0 0 123 i


R2

R2(config)#do show ip bgp 33.33.33.33

BGP routing table entry for 33.33.33.33/32, version 7

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to any peer)

Flag: 0x880

Not advertised to any peer

Local, (Received from a RR-client)

3.3.3.3 (metric 156160) from 3.3.3.3 (33.33.33.33)

Origin IGP, metric 0, localpref 100, valid, internal, best

Community: no-advertise


Comments

Post a Comment

Popular posts from this blog

Backup config with paramiko

  Backup config with paramiko Backup konfigurasi merupakan pekerjaan yang sangat penting. Agar jika pada saat melakukan konfigurasi terjadi masalah, kita bisa mengembalikan konfigurasi device ke kondisi semula. Tentu saja akan sangat merepotkan jika kita harus melakukan backup konfigurasi pada 100 device. Untuk melakukan pekerjaan tersebut, kita bisa menggunakan python. Ada banyak cara yang bisa kita gunakan untuk backup konfigurasi device menggunakan python, salah satunya menggunakan paramiko. Kita akan mencoba membuat script python menggunakan paramiko untuk backup konfigurasi router. Masih pakai topology dan konfigurasi yang tadi. Ubuntu root@NetworkAutomation-1:~# cp paramiko1.py backup.py root@NetworkAutomation-1:~# nano backup.py root@NetworkAutomation-1:~# cat backup.py import paramiko import time ip_address = "192.168.10.2" username = "cisco" password = "cisco123" ssh_client = paramiko.SSHClient() ssh_client.set_missing_host_key_policy(paramiko.Aut...
Post a Comment
Read more

Konfigurasi Event OSPF Adjacency (Email)

  Konfigurasi Event OSPF Adjacency (Email) LAB INI LANJUTAN SAMA SEPERTI LAB SEBELUM SEBELUMNYA Selain event syslog tadi kita juga bisa memanfaatkan EEM ini untuk mengirimkan informasi ke email kita, misalnya OSPF kita down maka, router kita otomatis akan mengirimkan debug ospf ke email kita. Untuk topology masih sama. KONFIG R1 R1(config)#event manager applet OSPF_DOWN R1(config-applet)#event syslog pattern "Nbr 2.2.2.2 on FastEthernet0/0 from FULL to DOWN" R1(config-applet)#action 1.0 cli command "enable" R1(config-applet)#action 2.0 cli command "debug ip ospf adj" R1(config-applet)#action 3.0 mail server "smtp.gmail.com" to "uuqeili@gmail.com" from "R1@idn.id" subject "OSPF IS DOWN" body "Please fix OSPF" R1(config-applet)#exit Untuk Pengecekkan, kita bisa coba debug aja,  dan hapus EEM interface down,  Dan kita bisa lihat di email kita apa hasilnyaa... selesai
Post a Comment
Read more

Initial Configuration

  Initial Configuration Kita akan menggunakan SSH untuk belajar automation Telnet tidak enkripsi, diabandingkan ssh yang sudah melakukan enkripsi TOPOLOGI R1 R1(config)#interface f0/0 R1(config-if)#ip add 192.168.10.2 255.255.255.0 R1(config-if)#no shutdown R1(config-if)#exit R1(config)#ip domain-name smkidn.sch.id R1(config)#username cisco privilege 15 secret smkidn123 R1(config)#crypto key generate rsa modulus 1024 R1(config)#line vty 0 4 R1(config-line)#transport input ssh R1(config-line)#login local Untuk pengujian, kita coba lakukan ssh dari ubuntu ke router. Sebelumnya konfigurasi dulu ip address nya seperti dibawah ini : Ubuntu root@NetworkAutomation-1:~# ifconfig eth0 192.168.10.1 netmask 255.255.255.0 root@NetworkAutomation-1:~# ifconfig eth0 Link encap:Ethernet HWaddr da:f2:40:f4:fd:c0  inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0 Cek ping dan coba connect ke router via ssh Ubuntu root@NetworkAutomation-1:~# ssh cisco@192.168.10.2 The authenticity o...
Post a Comment
Read more