Difference between revisions of "IPv6: VyOS: BGP Sederhana"

From OnnoWiki
Jump to navigation Jump to search
 
(9 intermediate revisions by the same user not shown)
Line 46: Line 46:
 
  e4 --> LAN 10.1.2.0/24
 
  e4 --> LAN 10.1.2.0/24
  
Setiap kali menjalankan VM VyOS di GNS3, lakukan
+
Jika ada masalah dengan VM VyOS di GNS3, lakukan
  
 
  sudo chown root:useranda /dev/kvm
 
  sudo chown root:useranda /dev/kvm
Line 99: Line 99:
 
ISP1
 
ISP1
  
 +
configure
 
  set protocols bgp 10 parameters router-id 192.168.1.1
 
  set protocols bgp 10 parameters router-id 192.168.1.1
  set protocols bgp 10 network 2001:10:100:100::/64
+
  set protocols bgp 10 address-family ipv6-unicast network '2001:10:100:100::/64'
  set protocols bgp 10 network 2001:10:100:200::/64
+
  set protocols bgp 10 address-family ipv6-unicast network '2001:10:100:200::/64'
 +
set protocols bgp 10 neighbor 2001:192:168:1::2 ebgp-multihop '2'
 +
set protocols bgp 10 neighbor 2001:192:168:1::2 remote-as 30
 
  set protocols bgp 10 neighbor 2001:192:168:1::2 update-source 2001:192:168:1::1
 
  set protocols bgp 10 neighbor 2001:192:168:1::2 update-source 2001:192:168:1::1
  set protocols bgp 10 neighbor 2001:192:168:1::2 remote-as 30
+
  set protocols bgp 10 neighbor 2001:192:168:1::2 address-family ipv6-unicast
 +
set protocols bgp 10 neighbor 2001:192:168:3::2 ebgp-multihop '2'
 +
set protocols bgp 10 neighbor 2001:192:168:3::2 remote-as 20
 
  set protocols bgp 10 neighbor 2001:192:168:3::2 update-source 2001:192:168:3::1
 
  set protocols bgp 10 neighbor 2001:192:168:3::2 update-source 2001:192:168:3::1
  set protocols bgp 10 neighbor 2001:192:168:3::2 remote-as 20
+
  set protocols bgp 10 neighbor 2001:192:168:3::2 address-family ipv6-unicast
  
show
 
 
  commit
 
  commit
 
  exit
 
  exit
Line 113: Line 117:
 
ISP2
 
ISP2
  
 +
configure
 
  set protocols bgp 20 parameters router-id 192.168.2.1
 
  set protocols bgp 20 parameters router-id 192.168.2.1
  set protocols bgp 20 network 2001:10:10:10::/64
+
  set protocols bgp 20 address-family ipv6-unicast network '2001:10:10:10::/64'
  set protocols bgp 20 network 2001:10:10:20::/64
+
  set protocols bgp 20 address-family ipv6-unicast network '2001:10:10:20::/64'
  set protocols bgp 20 neighbor 2001:192:168:3::1 update-source 2001:192:168:2::1
+
  set protocols bgp 20 neighbor 2001:192:168:3::1 ebgp-multihop '2'
 
  set protocols bgp 20 neighbor 2001:192:168:3::1 remote-as 10
 
  set protocols bgp 20 neighbor 2001:192:168:3::1 remote-as 10
 +
set protocols bgp 20 neighbor 2001:192:168:3::1 update-source 2001:192:168:3::2
 +
set protocols bgp 20 neighbor 2001:192:168:3::1 address-family ipv6-unicast
 +
set protocols bgp 20 neighbor 2001:192:168:2::2 ebgp-multihop '2'
 +
set protocols bgp 20 neighbor 2001:192:168:2::2 remote-as 30
 
  set protocols bgp 20 neighbor 2001:192:168:2::2 update-source 2001:192:168:2::1
 
  set protocols bgp 20 neighbor 2001:192:168:2::2 update-source 2001:192:168:2::1
  set protocols bgp 20 neighbor 2001:192:168:2::2 remote-as 30
+
  set protocols bgp 20 neighbor 2001:192:168:2::2 address-family ipv6-unicast
  
show
 
 
  commit
 
  commit
 
  exit
 
  exit
Line 127: Line 135:
 
ISP3
 
ISP3
  
 +
configure
 
  set protocols bgp 30 parameters router-id 192.168.1.2
 
  set protocols bgp 30 parameters router-id 192.168.1.2
  set protocols bgp 30 network 2001:10:1:1::/64
+
  set protocols bgp 30 address-family ipv6-unicast network '2001:10:1:1::/64'
  set protocols bgp 30 network 2001:10:1:2::/64
+
  set protocols bgp 30 address-family ipv6-unicast network '2001:10:1:2::/64'
 +
set protocols bgp 30 neighbor 2001:192:168:1::1 ebgp-multihop '2'
 +
set protocols bgp 30 neighbor 2001:192:168:1::1 remote-as 10
 
  set protocols bgp 30 neighbor 2001:192:168:1::1 update-source 2001:192:168:1::2
 
  set protocols bgp 30 neighbor 2001:192:168:1::1 update-source 2001:192:168:1::2
  set protocols bgp 30 neighbor 2001:192:168:1::1 remote-as 10
+
  set protocols bgp 30 neighbor 2001:192:168:1::1 address-family ipv6-unicast
 +
set protocols bgp 30 neighbor 2001:192:168:2::1 ebgp-multihop '2'
 +
set protocols bgp 30 neighbor 2001:192:168:2::1 remote-as 20
 
  set protocols bgp 30 neighbor 2001:192:168:2::1 update-source 2001:192:168:1::2
 
  set protocols bgp 30 neighbor 2001:192:168:2::1 update-source 2001:192:168:1::2
  set protocols bgp 30 neighbor 2001:192:168:2::1 remote-as 20
+
  set protocols bgp 30 neighbor 2001:192:168:2::1 address-family ipv6-unicast
  
show
 
 
  commit
 
  commit
 
  exit
 
  exit
Line 142: Line 154:
  
 
  show interfaces
 
  show interfaces
  show ip bgp scan
+
  show ipv6 bgp summary
show ip bgp summary
+
  show ipv6 bgp neighbors
  show ip bgp rsclient summary
+
  show ipv6 bgp neighbors 2001:192:168:1::2
  show ip bgp neighbors 192.168.1.2  
+
  show ipv6 route
  show ip route
+
 
 +
 
 +
==Setting Client==
 +
 
 +
PC GNS3 tidak baik & tidak reliable untuk IPv6. Menjalankan VirtualBox juga tidak mungkin karena /dev/kvm di di duduki oleh VyOS. Client yang paling reliable adalah VyOS di jadikan PC1, PC2, PC3.
 +
 
 +
VyOS Client LAN1
 +
 
 +
configure
 +
set interfaces ethernet eth1 address '2001:10:100:100::100/64'
 +
set protocols static route6 ::/0 next-hop 2001:10:100:100::1 distance '1'
 +
commit
 +
exit
 +
 
 +
ping 2001:10:10:10::1
 +
ping 2001:10:10:10::100
 +
ping 2001:10:1:1::1
 +
ping 2001:10:1:1::100
 +
 
 +
VyOS Client LAN2
 +
 
 +
configure
 +
set interfaces ethernet eth1 address '2001:10:10:10::100/64'
 +
set protocols static route6 ::/0 next-hop 2001:10:10:10::1 distance '1'
 +
commit
 +
exit
 +
 
 +
 
 +
ping 2001:10:1:1::1
 +
ping 2001:10:1:1::100
 +
ping 2001:10:100:100::1
 +
ping 2001:10:100:100::100
 +
 
 +
VyOS Client LAN3
 +
 
 +
configure
 +
set interfaces ethernet eth1 address '2001:10:1:1::100/64'
 +
set protocols static route6 ::/0 next-hop 2001:10:1:1::1 distance '1'
 +
commit
 +
exit
 +
 
 +
ping 2001:10:10:10::1
 +
ping 2001:10:10:10::100
 +
ping 2001:10:100:100::1
 +
ping 2001:10:100:100::100
  
 
==Referensi==
 
==Referensi==
  
 
* https://wiki.vyos.net/wiki/User_Guide#BGP
 
* https://wiki.vyos.net/wiki/User_Guide#BGP
 
+
* https://wiki.vyos.net/wiki/User_Guide#IPv6_2
  
 
==Pranala Menarik==
 
==Pranala Menarik==

Latest revision as of 10:25, 7 April 2019

Bgp-multihoming.png


Ada tiga (3) ISP

ISP1:

IP 192.168.1.1/24 menuju ISP3
IP 192.168.3.1/24 menuju ISP2
AS 10
IP 10.100.100.0/24
IP 10.100.200.0/24

ISP2

IP 192.168.2.1/24 - menuju ISP3
IP 192.168.3.2/24 - menuju ISP1
AS 20
IP 10.10.10.0/24
IP 10.10.20.0/24

ISP3 (kita)

IP 192.168.1.2/24 - menuju ISP1
IP 192.168.2.2/24 - menuju ISP2
AS 30
IP 10.1.1.0/24
IP 10.1.2.0/24 


Sambungan

R1
e1 --> R3 e1
e2 --> R2 e2 
e3 --> LAN 10.100.100.0/24
e4 --> LAN 10.100.200.0/24
R2
e1 --> R3 e2
e2 --> R1 e2
e3 --> LAN 10.10.10.0/24
e4 --> LAN 10.10.20.0/24
R3
e1 --> R1 e1
e2 --> R2 e1
e3 --> LAN 10.1.1.0/24
e4 --> LAN 10.1.2.0/24

Jika ada masalah dengan VM VyOS di GNS3, lakukan

sudo chown root:useranda /dev/kvm

sebelum me-RUN setiap VM VyOS satu per satu.

Setup connection

ISP1

configure
set interfaces ethernet eth1 address 2001:192:168:1::1/64
set interfaces ethernet eth2 address 2001:192:168:3::1/64
set interfaces ethernet eth3 address 2001:10:100:100::1/64
set interfaces ethernet eth4 address 2001:10:100:200::1/64
show
commit
exit


ISP2

configure
set interfaces ethernet eth1 address 2001:192:168:2::1/64
set interfaces ethernet eth2 address 2001:192:168:3::2/64
set interfaces ethernet eth3 address 2001:10:10:10::1/64
set interfaces ethernet eth4 address 2001:10:10:20::1/64
show
commit
exit


ISP3

configure
set interfaces ethernet eth1 address 2001:192:168:1::2/64
set interfaces ethernet eth2 address 2001:192:168:2::2/64
set interfaces ethernet eth3 address 2001:10:1:1::1/64
set interfaces ethernet eth4 address 2001:10:1:2::1/64
show
commit
exit

BGP Peering

Consider that IP connectivity between ISPs edge routers and Our Core router is already set up and working properly. So we can start to establish BGP peering to both ISPs.

ISP1

configure
set protocols bgp 10 parameters router-id 192.168.1.1
set protocols bgp 10 address-family ipv6-unicast network '2001:10:100:100::/64'
set protocols bgp 10 address-family ipv6-unicast network '2001:10:100:200::/64'
set protocols bgp 10 neighbor 2001:192:168:1::2 ebgp-multihop '2'
set protocols bgp 10 neighbor 2001:192:168:1::2 remote-as 30
set protocols bgp 10 neighbor 2001:192:168:1::2 update-source 2001:192:168:1::1
set protocols bgp 10 neighbor 2001:192:168:1::2 address-family ipv6-unicast
set protocols bgp 10 neighbor 2001:192:168:3::2 ebgp-multihop '2'
set protocols bgp 10 neighbor 2001:192:168:3::2 remote-as 20
set protocols bgp 10 neighbor 2001:192:168:3::2 update-source 2001:192:168:3::1
set protocols bgp 10 neighbor 2001:192:168:3::2 address-family ipv6-unicast
commit
exit

ISP2

configure
set protocols bgp 20 parameters router-id 192.168.2.1
set protocols bgp 20 address-family ipv6-unicast network '2001:10:10:10::/64'
set protocols bgp 20 address-family ipv6-unicast network '2001:10:10:20::/64'
set protocols bgp 20 neighbor 2001:192:168:3::1 ebgp-multihop '2'
set protocols bgp 20 neighbor 2001:192:168:3::1 remote-as 10
set protocols bgp 20 neighbor 2001:192:168:3::1 update-source 2001:192:168:3::2
set protocols bgp 20 neighbor 2001:192:168:3::1 address-family ipv6-unicast
set protocols bgp 20 neighbor 2001:192:168:2::2 ebgp-multihop '2'
set protocols bgp 20 neighbor 2001:192:168:2::2 remote-as 30
set protocols bgp 20 neighbor 2001:192:168:2::2 update-source 2001:192:168:2::1
set protocols bgp 20 neighbor 2001:192:168:2::2 address-family ipv6-unicast
commit
exit

ISP3

configure
set protocols bgp 30 parameters router-id 192.168.1.2
set protocols bgp 30 address-family ipv6-unicast network '2001:10:1:1::/64'
set protocols bgp 30 address-family ipv6-unicast network '2001:10:1:2::/64'
set protocols bgp 30 neighbor 2001:192:168:1::1 ebgp-multihop '2'
set protocols bgp 30 neighbor 2001:192:168:1::1 remote-as 10
set protocols bgp 30 neighbor 2001:192:168:1::1 update-source 2001:192:168:1::2
set protocols bgp 30 neighbor 2001:192:168:1::1 address-family ipv6-unicast
set protocols bgp 30 neighbor 2001:192:168:2::1 ebgp-multihop '2'
set protocols bgp 30 neighbor 2001:192:168:2::1 remote-as 20
set protocols bgp 30 neighbor 2001:192:168:2::1 update-source 2001:192:168:1::2
set protocols bgp 30 neighbor 2001:192:168:2::1 address-family ipv6-unicast
commit
exit

Test

show interfaces
show ipv6 bgp summary
show ipv6 bgp neighbors 
show ipv6 bgp neighbors 2001:192:168:1::2
show ipv6 route


Setting Client

PC GNS3 tidak baik & tidak reliable untuk IPv6. Menjalankan VirtualBox juga tidak mungkin karena /dev/kvm di di duduki oleh VyOS. Client yang paling reliable adalah VyOS di jadikan PC1, PC2, PC3.

VyOS Client LAN1

configure
set interfaces ethernet eth1 address '2001:10:100:100::100/64'
set protocols static route6 ::/0 next-hop 2001:10:100:100::1 distance '1'
commit
exit
ping 2001:10:10:10::1
ping 2001:10:10:10::100
ping 2001:10:1:1::1
ping 2001:10:1:1::100

VyOS Client LAN2

configure
set interfaces ethernet eth1 address '2001:10:10:10::100/64'
set protocols static route6 ::/0 next-hop 2001:10:10:10::1 distance '1'
commit
exit


ping 2001:10:1:1::1
ping 2001:10:1:1::100
ping 2001:10:100:100::1
ping 2001:10:100:100::100

VyOS Client LAN3

configure
set interfaces ethernet eth1 address '2001:10:1:1::100/64'
set protocols static route6 ::/0 next-hop 2001:10:1:1::1 distance '1'
commit
exit
ping 2001:10:10:10::1
ping 2001:10:10:10::100
ping 2001:10:100:100::1
ping 2001:10:100:100::100

Referensi

Pranala Menarik