Scribd Logo
Upload

Welcome to Scribd!

  • Tutorials VPN MPLS Dengan GNS3

    Uploaded by

    Adi Siagian
    18 views10 pages

    Original Title

    vpn-mpls

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    18 views10 pages

    Tutorials VPN MPLS Dengan GNS3

    Uploaded by

    Adi Siagian

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    Tutoiials vPN HPIS uengan uNSS

    Copyrlght 2009 Sutadl (8lack-ustadz) Page 1


    1. 192.168.2.2/24
    2. 3.1/24
    3. 2.1/24
    4. 3.2/24
    3. 1.2/24
    6. 6.2/24
    7. 4.1/24
    8. 3.1/24
    9. 1.1/24
    10. 6.1/24
    11. 4.2/24
    12. 3.2/24
    13. 7.1
    14. 7.2
    13. 8.1
    16. 8.2
    17. 9.1
    18. 9.2
    Tutoiials vPN HPIS uengan uNSS
    Copyrlght 2009 Sutadl (8lack-ustadz) Page 2
    kCNIIGUkASI I IN1LkIACL LCC8ACk
    Core1 : 192.168.100.2/32
    Core2 : 192.168.100.4/32
    Core3 : 192.168.100.3/32
    L1 : 192.168.100.1/32
    L2 : 192.168.100.3/32
    8outer<conllg>#lnterlace loopback0
    kCNIIGUkASI I IN1LkIACL LCC8ACk pada router Costomer
    uSA1_A : 202.147.192.1/32
    uSA1_8 : 192.1/32
    CA8AnC_A : 192.2/32
    CA8AnC_8 : 192.2/32
    ING kCU1Lk DLM SA1U NL1WCkk
    1. SL11ING kCU1ING DNAMIC
    L1
    router ospl 100
    network 192.168.2.0 0.0.0.233 area 100 core
    network 192.168.100.1 0.0.0.0 area 100 loopback L1
    L2
    router ospl 100
    network 192.168.3.0 0.0.0.233 area 100 core
    network 192.168.100.3 0.0.0.0 area 100 loopback L2
    CCkL1
    router ospl 100
    network 192.168.2.0 0.0.0.233 area 100 -> L1
    network 192.168.8.0 0.0.0.233 area 100 -> core2
    network 192.168.9.0 0.0.0.233 area 100 -> core3
    network 192.168.100.2 0.0.0.0 area 100 loopback core
    CCkL2
    router ospl 100
    Tutoiials vPN HPIS uengan uNSS
    Copyrlght 2009 Sutadl (8lack-ustadz) Page S
    network 192.168.7.0 0.0.0.233 area 100 -> core3
    network 192.168.8.0 0.0.0.233 area 100 -> core1
    network 192.168.100.4 0.0.0.0 area 100 loopback core
    CCkL3
    router ospl 100
    network 192.168.3.0 0.0.0.233 area 100 -> L2
    network 192.168.7.0 0.0.0.233 area 100 -> core2
    network 192.168.9.0 0.0.0.233 area 100 -> core1
    network 192.168.100.3 0.0.0.0 area 100 loopback core
    CLk kCU1ING
    er|ksa router
    show lp route
    lnC (CC8L. L1.L2)/ 8ACk8CnL
    2. Ak1IIkAN 8G
    L1
    router bgp 100
    no synchronlzatlon
    nelghbor 192.168.100.3 remote-as 100
    nelghbor 192.168.100.3 update-source Loopback0
    no auto-summary
    L2
    router bgp 100
    no synchronlzatlon
    nelghbor 192.168.100.1 remote-as 100
    nelghbor 192.168.100.1 update-source Loopback0
    no auto-summary
    cek status 8G
    show lp bgp nelghbors atau
    show lp bgp summary
    statusnya harus LS1A8LISnLD
    Tutoiials vPN HPIS uengan uNSS
    Copyrlght 2009 Sutadl (8lack-ustadz) Page 4
    1unne| sudah terbentuk
    3. Ak1IIkAN MLS
    L1
    lp cel
    mpls label protocol ldp
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/3
    descrlptlon *** Connectlon to core 1 ***
    lp address 192.168.2.1 233.233.233.0
    mpls lp
    L2
    lp cel
    mpls label protocol ldp
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/3
    descrlptlon *** Connectlon to core 3***
    lp address 192.168.3.2 233.233.233.0
    mpls lp
    Core 1
    lp cel
    mpls label protocol ldp
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/0
    descrlptlon *** Connectlon to L1 ***
    lp address 192.168.2.2 233.233.233.0
    mpls lp
    exlt
    lp cel
    Tutoiials vPN HPIS uengan uNSS
    Copyrlght 2009 Sutadl (8lack-ustadz) Page S
    mpls label protocol ldp
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/2
    descrlptlon *** Connectlon to core 2 ***
    lp address 192.168.8.2 233.233.233.0
    mpls lp
    exlt
    lp cel
    mpls label protocol ldp
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/3
    descrlptlon *** Connectlon to core 3 ***
    lp address 192.168.9.1 233.233.233.0
    mpls lp
    exlt
    Core 2
    lp cel
    mpls label protocol ldp
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/0
    descrlptlon *** Connectlon to core 1 ***
    lp address 192.168.8.1 233.233.233.0
    mpls lp
    exlt
    lp cel
    mpls label protocol ldp
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/1
    descrlptlon *** Connectlon to core 3 ***
    lp address 192.168.7.2 233.233.233.0
    mpls lp
    exlt
    Core 3
    lp cel
    mpls label protocol ldp
    Tutoiials vPN HPIS uengan uNSS
    Copyrlght 2009 Sutadl (8lack-ustadz) Page 6
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/0
    descrlptlon *** Connectlon to core 2 ***
    lp address 192.168.7.1 233.233.233.0
    mpls lp
    exlt
    lp cel
    mpls label protocol ldp
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/1
    descrlptlon *** Connectlon to L2 ***
    lp address 192.168.3.1 233.233.233.0
    mpls lp
    exlt
    lp cel
    mpls label protocol ldp
    mpls ldp router-ld loopback0 lorce
    lnterlace Lthernet 1/2
    descrlptlon *** Connectlon to core 1 ***
    lp address 192.168.9.2 233.233.233.0
    mpls lp
    exlt
    Cek Status MLS
    show mpls ldp nelghbor
    4. konf|guras| kouter V|rtua|
    L1 # sh run
    lp vrl vpn1
    rd 100 : 1 , route dlstlnghuser (pembeda)
    route-target export 100 : 1
    route-target lmport 100 : 1
    lp vrl vpn2
    rd 100 : 2
    route-target export 100 : 2
    Tutoiials vPN HPIS uengan uNSS
    Copyrlght 2009 Sutadl (8lack-ustadz) Page 7
    route-target lmport 100 : 2
    L2
    lp vrl vpn1
    rd 100 : 1 , route dlstlnghuser (pembeda)
    route-target export 100 : 1
    route-target lmport 100 : 1
    lp vrl vpn2
    rd 100 : 2
    route-target export 100 : 2
    route-target lmport 100 : 2
    S. App|y router V|rtua| ke Interface yang mengarah ke Customer
    L1
    lnterlace Lthernet 1/0
    descrlptlon ***koneksl ke uSA1 A***
    lp vrl lorwardlng vpn1
    lp address 192.168.1.2 233.233.233.0
    exlt
    lnterlace Lthernet 1/1
    descrlptlon ***koneksl ke uSA1 8***
    lp vrl lorwardlng vpn2
    lp address 192.168.6.2 233.233.233.0
    L2
    lnterlace Lthernet 1/1
    descrlptlon ***koneksl ke CA8AnC A***
    lp vrl lorwardlng vpn1
    lp address 192.168.4.1 233.233.233.0
    exlt
    lnterlace Lthernet 1/2
    descrlptlon ***koneksl ke CA8AnC 8***
    lp vrl lorwardlng vpn2
    Tutoiials vPN HPIS uengan uNSS
    Copyrlght 2009 Sutadl (8lack-ustadz) Page 8
    lp address 192.168.3.1 233.233.233.0
    Cek kout|ng tab|e kouter V|rtua|
    ada L1 & L2
    show lp ro vrl vpn1
    show lp ro vrl vpn2
    Salah satu lnterlace Connected
    6. Menambahkan kout|ng Stat|c pada kout|ng V|rtua|
    Perintah berikut menambahkan routing static ke arah PUSAT A DAN PUSAT B
    L1
    lp route vrl vpn1 202.147.192.1 233.233.233.233 192.168.1.1
    lp route vrl vpn2 202.147.192.1 233.233.233.233 192.168.6.1
    Perintah berikut menambahkan routing static ke arah CABANG A DAN CABANG B
    L2
    lp route vrl vpn1 202.147.192.2 233.233.233.233 192.168.4.2
    lp route vrl vpn2 202.147.192.2 233.233.233.233 192.168.3.2
    Cek tambahan routlng statlc dl router vlrtual
    Show lp ro vrl vpn1
    Show lp ro vrl vpn2
    Akan ada 3 barls routlng, 1 Connected, 2 statlc
    7. Akt|fas| M-8G
    L1
    8outer bgp 100
    Address-lamlly vpnv4
    nelghbor 192.168.100.3 actlvate
    nelghbor 192.168.100.3 send-communlty both
    Lxlt-address-lamlly
    Lxlt
    L2
    Tutoiials vPN HPIS uengan uNSS
    Copyrlght 2009 Sutadl (8lack-ustadz) Page 9
    8outer bgp 100
    Address-lamlly vpnv4
    nelghbor 192.168.100.1 actlvate
    nelghbor 192.168.100.1 send-communlty both
    Lxlt-address-lamlly
    Lxlt
    Cek Status
    Show lp bgp nelghbors
    Llhat pada baglan address-lamlly, vpnv4 sudah aktll atau belum
    8otulng prellx M-8C :
    Show runnlng-conllg
    "menyunt|kkan" rout|ng pref|x untuk vrf vpn1 dan vrf vpn2 |angsung terbentuk, sbb:
    L1# sh run
    address-lamlly lpv4 vrl vpn2
    no synchronlzatlon
    exlt-address-lamlly
    !
    address-lamlly lpv4 vrl vpn1
    no synchronlzatlon
    exlt-address-lamlly
    !
    me-nyunt|k-kan rout|ng tab|e vrf vpn1 yang stat|c dan connected.
    L1
    8outer bgp 100
    Address-lamlly lpv4 vrl vpn1
    8edlstrlbute connected
    8edlstrlbute statlc
    8outer bgp 100
    Address-lamlly lpv4 vrl vpn2
    8edlstrlbute connected
    8edlstrlbute statlc
    L2
    8outer bgp 100
    Address-lamlly lpv4 vrl vpn1
    Tutoiials vPN HPIS uengan uNSS
    Copyrlght 2009 Sutadl (8lack-ustadz) Page 1u
    8edlstrlbute connected
    8edlstrlbute statlc
    8outer bgp 100
    Address-lamlly lpv4 vrl vpn2
    8edlstrlbute connected
    8edlstrlbute statlc
    Cek koneksl
    uSA1 A : lng 202.147.192.2
    uSA1 8 : lng 202.147.192.2
    CA8AnC A : lng 202.147.192.1
    CA8AnC 8 : lng 202.147.192.1
    telnet <lp loopback>
    konllgurasl termlnal llne, vlrtual termlnal dan password
    uSA1 A dan uSA1 8
    Llne vty 0
    assword passwordnya
    CA8AnC A dan CA8AnC 8
    Llne vty 0
    assword passwordnya

    You might also like