Lab BGP Juniper

A.
Introduction:
Key : configure= masuk mode configurasi, commit = untuk mengesekusi dan menyimpan config.
Rollback = memanggil konfigurasi sebelumnya.
Command Line interface Review
Exec mode:
------------Amnesiac (ttyd0)
login: root
Password:
--- JUNOS 7.4R1.7 built 2005-10-21 01:29:55 UTC
root@% cli
root>
Configuration Mode:
-------------------------root> configure
Entering configuration mode
[edit]
root#
Create User root# set system login user lab class super-user authentication plain-text-password
Check configuration
root# show | compare
root# commit check
Save config and execute root# commit
(save for 2 minutes only root# commit confirmed 2 )
(backup config using name conf1 root# save conf1)
Setting hostnamne
lab # set system host-nam e juniper-lab
lab# commit
Rollback
lab# show | compare rollback 1
lab# rollback 1
(noted : rollback no-change lab@juniper-lab# rollback 0)
Show configuration
Simple lab# show or lab > show configuration
continuously lab# show | no-more
match certain word lab > show configuration | match interface
find certain word and later lab > show configuration | find interface
set configuration lab > show configuration | display set
show logging
log system lab > show log messages
log with 100 lines latest lab > show log messages | last 100
log hardware lab > show log chassis
log user lab > show system users
Hierarchial configuration
Entering lab config lab# edit system login user lab
Entering upper config lab# up
Entering top configuration lab# top
B. Initial System configuration
Key : delete= menghapus konfigurasi, load override terminal = copy paste config keseluruhan, load merge
terminal relative= copy paste config sebagian
Delete everything under this level? [yes,no] (no) yes

lab# load override terminal
copy paste configuration here
finished using enter and ctrl+d keys
lab# load merge terminal relative
copy paste configuration here
finished using enter and ctrl+d keys
lab# commit check
lab# commit
lab# run show interfaces terse
Interface
Admin Link Proto Local
dsc
up up
fxp0
up up
fxp0.0
up up inet 192.168.1.123/24
fxp1
up up
fxp1.1
up up inet 172.168.1.1/30
fxp1.2
up up inet 172.168.2.1/30
fxp2
up up
fxp2.1
up up inet 172.168.1.2/30
fxp2.2
up up inet 172.168.2.2/30
fxp3
up up
fxp4
up up
fxp4.1
up up inet 10.10.10.1/30
Remote
Configure R1
lab# set interfaces fxp0 unit 0 description "to-R2" family inet address 172.168.1.1/30
Configure R2
lab# set interfaces fxp0.0 description "to-R1" family inet address 172.168.1.2/30
Configure R3
How to check
R1 to R2
lab# run ping 172.168.1.2
R2 to R1
R2 to R3
R3 to R2
rapid count 1000

rapid count 1000
rapid count 1000
rapid count 1000
noted: assure that there isnt connectivity between R1 and R3

lab# delete
This will delete the entire configuration
C. Static Routing
Page 1 of 20
Routing permanent, manual, metric/preference=5, mengenal source dan gateway.

Key : next-hop: gateway untuk network.
Configure R1
lab# set routing-options static route 172.168.2.0/30 next-hop 172.168.1.2
Configure R3
lab# set routing-options static route 172.168.1.0/30 next-hop 172.168.2.1
How to check on R1
lab# run show route
E. OSPF Protocol
Linkstate protocol, Cost (10^8/bandwith), LSA, OSPF Area
R2
lab# set protocols ospf area 1 interface fxp0.0 authentication md5 10 key cibulan
lab# set protocols ospf area 0 interface fxp1.0 authentication simple-password ciawi
lab# run show ospf neighbor logical-router R2 assure connection is failed
R3
lab# set protocols ospf area 0 interface fxp0.0 authentication simple-password ciawi
lab# run show ospf neighbor logical-router Rx assure connection is success
Applying policy
R1
lab# set routing-options static route 10.10.1.0/24 reject
lab# set policy-options policy-statement rip-export from protocol static
lab# set policy-options policy-statement rip-export then accept
lab# set protocols ospf export ospf-export
lab# run show route protocol ospf assure R3 receive route from R1
F. ISIS Protocol
Linkstate , ISO, ISIS Area, Level 2/L2, Level 1/L1, L1/L2
Configure R1
lab# set protocols ospf area 1 interface fxp0.0
lab# set protocols ospf area 1 interface lo0.0
configure R2
lab# set protocols ospf area 0 interface lo0.0
Configure R3
how to check
lab# run show ospf interface
lab# run show ospf neighbor
lab# run show route
lab# run ping 172.168.1.2 (from
R1
lab# set interfaces lo0.0 family iso address 49.0000.0000.19216.8101.00
lab # set protocols isis interface fxp0.0 level 1 disable
lab # set protocols isis interface lo0.0 passive
R2
R1)
R2)
R2)
R3)
Applying authentication
R1
lab# set protocols ospf area 1 interface fxp0.0 authentication md5 10 key cibulan
lab# run show ospf neighbor assure connection is failed
R3
lab# run show route protocol isis assure R3 receive route from R1
Page 2 of 20
G. IBGP
AS number sama, routing table scalable, Multiservice.
Lab # set
Lab # set
Lab # set
Lab # set
Lab # set
routing-options autonomous-system 65002

protocols bgp group ibgp multihop
protocols bgp group ibgp type internal neighbor 192.168.1.1 peer-as 65001
protocols bgp group ibgp neighbor 192.168.1.3 peer-as 65003
protocols bgp group ibgp local-address 192.168.1.2
R3
Lab # set
Lab # set
Lab # set
Lab # set
Lab # set

protocols bgp group ibgp type internal neighbor 192.168.1.2
protocols bgp group ibgp peer-as 65002
Assure:
Lab # run show bgp summary
IBGP Route Reflection

R1
Lab # set routing-options autonomous-system 65000
Lab # set protocols bgp group ibgp type internal neighbor 192.168.1.2
Lab # set protocols bgp group ibgp local-address 192.168.1.1
R2
Lab # set
Lab # set
Lab # set
Lab # set
Teknik untuk mendukung full mesh dengan membagi suatu domain menjadi beberapa cluster
Step:
1. IGP (ISIS) sudah ada
2. Tentukan area cluster dng ID yang berbeda
3. Antar dan Inter cluster menggunakan IBGP
4. Pastikan PE-SBY-1 dan PE-SMG-1 menerima route bgp dari PE-MDN-1

protocols bgp group ibgp neighbor 192.168.1.3
R3
Lab # set routing-options autonomous-system 65000
Lab # set protocols bgp group ibgp type internal neighbor 192.168.1.2
Lab # set protocols bgp group ibgp local-address 192.168.1.3
10.0.3.1
10.0.3.2
10.0.3.3
10.0.3.4
10.0.6.6
10.0.6.7
10.0.6.8
em1/9
172.16.10.1/30
em3/4
172.16.2.5/30
em1/1
172.16.1.1/30
em2/2
172.16.1.5/30
PE-SBY-1
em1/4
172.16.2.6/30
em1/1
172.16.1.2/30
PE-MDN-1
RR-JKT-1
RR-JKT-2
RR-JKT-3
PE-JKT-4
PE-SBY-1
PE-SMG-1
RR-JKT-3
RR-JKT-1
PE-MDN-1
Assure:
Lab # run show bgp summary
H. EBGP
AS number berbeda, routing table scalable, Multiservice.
Cluster 0.0.0.2
Cluster 0.0.0.1
em2/9
172.16.10.2/30
em3/7
172.16.2.10/30
em2/3
172.16.1.10/30
em3/6
172.16.2.18/30
em1/8
172.16.10.6/30
em1/6
172.16.2.17/30
RR-JKT-2
em2/5
172.16.2.6/30
em2/7
172.16.2.9/30
em1/3
172.16.1.9/30
em2/2
172.16.1.6/30
em2/5
172.16.2.5/30
em3/8
172.16.10.5/30
PE-JKT-4
PE-SMG-1
Cluster 0.0.0.3
R1
Lab # set
Lab # set
Lab # set
Lab # set
Lab # set
R2

protocols bgp group ibgp peer-as 65002
PE-MDN-1
-------------interfaces {
em1 {
unit 0 {
family inet {
address 172.16.1.2/30;
Page 3 of 20
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.1.5/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.3.1/32;
}
family iso {
address 49.0001.0010.0000.0301.00;
}
}
}
}
routing-options {
static {
route 100.100.1.0/24 reject;
route 100.100.2.0/24 reject;
route 100.100.3.0/24 reject;
}
autonomous-system 65212;
}
protocols {
bgp {
export static;
group cluster-0001 {
type internal;
local-address 10.0.3.1;
neighbor 10.0.3.2;
neighbor 10.0.3.3;
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
policy-options {
policy-statement static {
from protocol static;
then accept;
}
}
RR-JKT-1
-----------interfaces {
em1 {
unit 0 {
family inet {
address 172.16.1.1/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.1.10/30;
}
family iso;
}
}
em3 {
unit 0 {
family inet {
address 172.16.2.5/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.3.2/32;
}
family iso {
address 49.0001.0010.0000.0302.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
type internal;
cluster 0.0.0.1;
neighbor 10.0.3.1;
neighbor 10.0.3.3;
}
group RR {
type internal;
neighbor 10.0.3.4;
neighbor 10.0.6.6;
}
}
isis {
interface em1.0 {
level 1 disable;
Page 4 of 20
}
interface em2.0 {
level 1 disable;
}
interface em3.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
policy-options {
policy-statement bgp-vrf {
from protocol bgp;
then accept;
}
}
RR-JKT-2
em1 {
unit 0 {
family inet {
address 172.16.1.9/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.1.6/30;
}
family iso;
}
}
em3 {
unit 0 {
family inet {
address 172.16.2.18/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.3.3/32;
}
family iso {
address 49.0001.0010.0000.0303.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
type internal;
cluster 0.0.0.1;
neighbor 10.0.3.1;
neighbor 10.0.3.2;
}
group RR {
type internal;
multihop;
neighbor 10.0.3.4;
neighbor 10.0.6.6;
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface em3.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
RR-JKT-3
------------interfaces {
em1 {
unit 0 {
family inet {
address 172.16.2.6/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.10.2/30;
}
family iso;
}
}
em3 {
unit 0 {
family inet {
address 172.16.2.10/30;
}
family iso;
}
}
Page 5 of 20
lo0 {
unit 0 {
family inet {
address 10.0.3.4/32;
}
family iso {
address 49.0001.0010.0000.0304.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
type internal;
cluster 0.0.0.2;
neighbor 10.0.6.7;
}
group RR {
type internal;
multihop;
neighbor 10.0.3.2;
neighbor 10.0.6.6;
neighbor 10.0.3.3;
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface em3.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
PE-JKT-4
em1 {
unit 0 {
family inet {
address 172.16.2.17/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.2.9/30;
}
family iso;
}
}
em3 {
unit 0 {
family inet {
address 172.16.10.5/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.6.6/32;
}
family iso {
address 49.0001.0010.0000.0606.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
type internal;
cluster 0.0.0.3;
neighbor 10.0.6.8;
}
group RR {
type internal;
multihop;
neighbor 10.0.3.2;
neighbor 10.0.3.4;
neighbor 10.0.3.3;
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface em3.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
Page 6 of 20
PE-SBY-1
em1 {
unit 0 {
family inet {
address 172.16.10.1/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.2.5/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.6.7/32;
}
family iso {
address 49.0001.0010.0000.0607.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
type internal;
neighbor 10.0.3.4;
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
PE-SMG-1
em1 {
unit 0 {
family inet {
address 172.16.10.6/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.2.6/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.6.8/32;
}
family iso {
address 49.0001.0010.0000.0608.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
type internal;
neighbor 10.0.6.6;
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
IBGP Confideration
Teknik untuk mendukung full mesh dengan membagi suatu AS menjadi AS sub-confideration.
Step:
1.
2.
3.
4.
5.
IGP sudah ada (ISIS)

Tentukan AS primary misal 65212
Tentukan AS confideration ditiap domain
Dalam satu domain harus menggunakan IBGP
Antar domain harus logical full mesh dng menggunakan EBGP
Page 7 of 20
6.
Pastikan PE-SBY-1 dan PE-SMG-1 menerima route bgp dari PE-MDN-1
PE-MDN-1
-------------interfaces {
em1 {
unit 0 {
family inet {
address 172.16.1.2/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.1.5/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.3.1/32;
}
family iso {
address 49.0001.0010.0000.0301.00;
}
}
}
}
routing-options {
static {
route 100.100.1.0/24 reject;
route 100.100.2.0/24 reject;
route 100.100.3.0/24 reject;
}
confederation 65212 members [ 65000 65001 65002 ];
}
protocols {
bgp {
export static;
group 65000 {
type internal;
neighbor 10.0.3.2;
neighbor 10.0.3.3;
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
policy-options {
then accept;
}
}
RR-JKT-1
em1 {
unit 0 {
family inet {
address 172.16.1.1/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.1.10/30;
}
family iso;
}
}
Page 8 of 20
em3 {
unit 0 {
family inet {
address 172.16.2.5/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.3.2/32;
}
family iso {
address 49.0001.0010.0000.0302.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
group 65000 {
type internal;
neighbor 10.0.3.1;
neighbor 10.0.3.3;
}
group 65212 {
type external;
multihop;
neighbor 10.0.3.4 {
peer-as 65002;
}
neighbor 10.0.6.6 {
peer-as 65001;
}
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface em3.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
policy-options {
policy-statement bgp-vrf {
from protocol bgp;

then accept;
}
}
RR-JKT-2
em1 {
unit 0 {
family inet {
address 172.16.1.9/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.1.6/30;
}
family iso;
}
}
em3 {
unit 0 {
family inet {
address 172.16.2.18/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.3.3/32;
}
family iso {
address 49.0001.0010.0000.0303.00;
}
}
}
}
routing-options {
confederation 65212 members [ 65000 65001 65002 65003 ];
}
protocols {
bgp {
group 65000 {
type internal;
neighbor 10.0.3.1;
neighbor 10.0.3.2;
}
group 65212 {
type external;
multihop;
Page 9 of 20
neighbor 10.0.3.4 {
peer-as 65002;
}
neighbor 10.0.6.6 {
peer-as 65001;
}
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface em3.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
RR-JKT-3
em1 {
unit 0 {
family inet {
address 172.16.2.6/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.10.2/30;
}
family iso;
}
}
em3 {
unit 0 {
family inet {
address 172.16.2.10/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.3.4/32;
}
family iso {
address 49.0001.0010.0000.0304.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
group 65002 {
type internal;
neighbor 10.0.6.7;
}
group 65212 {
type external;
multihop;
neighbor 10.0.3.2 {
peer-as 65000;
}
neighbor 10.0.6.6 {
peer-as 65001;
}
neighbor 10.0.3.3 {
peer-as 65000;
}
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface em3.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
PE-JKT-4
em1 {
unit 0 {
family inet {
address 172.16.2.17/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
Page 10 of 20
interface lo0.0 {
level 1 disable;
}
address 172.16.2.9/30;
}
family iso;
}
}
em3 {
unit 0 {
family inet {
address 172.16.10.5/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.6.6/32;
}
family iso {
address 49.0001.0010.0000.0606.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
group 65001 {
type internal;
neighbor 10.0.6.8;
}
group 65212 {
type external;
multihop;
neighbor 10.0.3.2 {
peer-as 65000;
}
neighbor 10.0.3.4 {
peer-as 65002;
}
neighbor 10.0.3.3 {
peer-as 65000;
}
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface em3.0 {
level 1 disable;
}
}
}
PE-SBY-1
em1 {
unit 0 {
family inet {
address 172.16.10.1/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.2.5/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.6.7/32;
}
family iso {
address 49.0001.0010.0000.0607.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
group 65002 {
type internal;
neighbor 10.0.3.4;
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
Page 11 of 20
}
PE-SMG-1
em1 {
unit 0 {
family inet {
address 172.16.10.6/30;
}
family iso;
}
}
em2 {
unit 0 {
family inet {
address 172.16.2.6/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.6.8/32;
}
family iso {
address 49.0001.0010.0000.0608.00;
}
}
}
}
routing-options {
}
protocols {
bgp {
group 65001 {
type internal;
neighbor 10.0.6.6;
}
}
isis {
interface em1.0 {
level 1 disable;
}
interface em2.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
}
}
Untuk memastikan gunakan
show bgp summary melihat summary bgp
show route receive-protocol bgp (neighbor) melihat route bgp yang diterima dari peer neighbornya
show route protocol bgp melihat semua route bgp
Export-import BGP
Export BGP policy disisi outbound trafik keluar contoh : advertise route via BGP
root@PE-SBY-1# show policy-options
policy-statement bgp-export {
then accept;
}
root@PE-SBY-1# show protocols
bgp {
type internal;
export bgp-export;
neighbor 10.0.3.4;
}
}
Import BGP policy disisi inbound trafik datang contoh: bloking prefix, as path
policy-statement bgp-import {
term 1 {
from {
protocol bgp;
route-filter 150.0.0.0/24 exact;
}
then reject;
}
term last {
then accept;
Page 12 of 20
}
}
fxp1.6/6
172.168.4.1/30
group RR {
type internal;
import bgp-import;
neighbor 10.0.3.4;
neighbor 10.0.6.6;
}
Fxp4.7/7
172.168.4.5/30
c2
c1
fxp1.2/2
172.168.1.5/30
fxp2.3/3
172.168.1.10/30
Install Community bgp

Community merupakan attribute BGP yang digunakan untuk memanage route berdasarkan ID contoh
65111:200 mempunyai prefix 150/24
untuk memastikan :
how route advertising-protocol bgp (neighbor) extensive
Fxp3.7/7
172.168.4.6/30
AS 1946
AS 1945
root@PE-SMG-1# show policy-options

policy-statement community {
from {
protocol bgp;
}
then {
community add c-65111:200;
accept;
}
}
community c-65111:200 members 65111:200;
Fxp2.6/6
172.168.4.2/30
fxp3.3/3
172.168.1.9/30
t1
fxp2.2/2
172.168.1.6/30
r1
AS 2009
r1
r2
c1
c2
p1
t1
lo0.1 192.168.1.1
lo0.2 192.168.1.2
lo0.3 192.168.1.3
lo0.4192.168.1.4
lo0.5 192.168.1.5
lo0.6 10.10.10.1
fxp2.1/1
172.168.1.2/30
fxp1.1/1
172.168.1.1/30
fxp1.4/4
172.168.2.2/30
fxp2.4/4
172.168.2.1/30
p1
r2
fxp3.5/5
172.168.3.5/30
fxp4.5/5
172.168.3.6/30
AS 1982
Case:
Lewatkan prefix 150/24 dari PE-SBY-1 ke Custom er
PE-MDN-1 tidak boleh menerima prefix 150/24, lakukan filter di RR-JKT-1 dan RR-JKT-2
Pasang community 65111:200 untuk prefix 150/24 di PE-SMG-1 sehingga diterima di Customer.
Customer
LoadbalanceEBGP ada2:
1.
2.
Multihop based on local address

Multipath based on Link layer
Case:
Load balance antara r2 dng p1
Step1
konfigurasi static route between r2 and p1
pastikan routing sudah load balance dengan menerapkan policy load balance
lab# show policy-options
policy-statement load-balance {
then {
load-balance per-packet;
}
}
lab# show routing-options
static {
route 192.168.1.5/32 next-hop [ 172.168.2.1 172.168.3.6 ];
}
forwarding-table {
Page 13 of 20
export load-balance;
}
Pastikan r2 bisa ping ke ip loopback p1
Dan route sudah menunjukkan load balance
lab# run show route
192.168.1.5/32 *[Static/5] 00:23:52
to 172.168.2.1 via fxp1.4
to 172.168.3.6 via fxp3.5

lab# run show route forwarding-table
192.168.1.5/32 user 1
ulst 131070 2
172.168.2.1
ucst 495 2 fxp1.4
172.168.3.6
ucst 490 2 fxp3.5
Step 2
Konfigurasi multihop di P1 dan r2
Di P1
lab# show protocols bgp
group 1982 {
type external;
multihop;
neighbor 192.168.1.2 {
peer-as 2009;
}
}
Di r2
group 1982 {
type external;
multihop;
neighbor 192.168.1.5 {
peer-as 1982;
}
}
Untuk verifikasi:
lab# run show bgp neighbor 192.168.1.5 logical-router r2
Peer: 192.168.1.5+2236 AS 1982 Local: 192.168.1.2+179 AS 2009
Type: External State: Established Flags: <ImportEval Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Options: <Multihop Preference LocalAddress HoldTime PeerAS Refresh>
Local Address: 192.168.1.2 Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 192.168.1.5
Local ID: 192.168.1.2
Active Holdtime: 90
Keepalive Interval: 30
Peer index: 0
NLRI advertised by peer: inet-unicast
NLRI for this session: inet-unicast
Peer supports Refresh capability (2)
Table inet.0 Bit: 10001
RIB State: BGP restart is complete
Send state: in sync
Active prefixes:
0
Received prefixes:
0
Suppressed due to damping: 0
Advertised prefixes:
0
Last traffic (seconds): Received 23 Sent 23 Checked 23
Input messages: Total 22 Updates 0
Refreshes 0 Octets 444
Output messages: Total 23 Updates 0
Output Queue[0]: 0
Load balance antara r1 dng c1 dan c2

Konfigurasi di c1
group 1945 {
type external;
neighbor 172.168.1.9 {
peer-as 2009;
}
}
Konfigurasi di c2
group external {
type external;
neighbor 172.168.1.6 {
peer-as 2009;
}
}
Konfigurasi di r1 dng menggunakan multipath
group external {
type external;
multipath;
neighbor 172.168.1.10 {
peer-as 1945;
}
neighbor 172.168.1.5 {
peer-as 1946;
}
}
lab# run show bgp neighbor 172.168.1.5
Peer: 172.168.1.5+179 AS 1945 Local: 172.168.1.6+3545 AS 2009
Type: External State: Established Flags: <Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Options: <Preference HoldTime PeerAS Multipath Refresh>
Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 192.168.1.4
Local ID: 192.168.1.1
Active Holdtime: 90
Keepalive Interval: 30
Peer index: 1
Local Interface: fxp2.2
NLRI advertised by peer: inet-unicast
NLRI for this session: inet-unicast
Peer supports Refresh capability (2)
Table inet.0 Bit: 10001
RIB State: BGP restart is complete
Send state: in sync
Active prefixes:
0
Received prefixes:
0
Suppressed due to damping: 0
Advertised prefixes:
0
Last traffic (seconds): Received 10 Sent 10 Checked 10
Input messages: Total 4
Updates 0
Output messages: Total 5
Updates 0
Output Queue[0]: 0
Pa g e 14 of 20
Modifiying BGP attribute
For example on OSPF configuration
Case:
1. advertise IP loopback c1 shg p1 bisa ping ip tersebut
Protocol OSPF
di c1
lab# show policy-options
policy-statement loopback {
term 1 {
from {
protocol direct;
}
then accept;
}
term 2 {
then reject;
}
}
group 1945 {
type external;
export loopback;
neighbor 172.168.1.9 {
peer-as 2009;
}
}
I. Logical Router
Configure R1
lab# top edit logical-routers R1
lab# set interfaces lo0 unit 1 description "to-R2" family inet address 192.168.1.1/32
lab# set protocols ospf area 0 interface lo0.0 passive
configure R2
lab# top edit logical-routers R2
lab# set interfaces lo0 unit 1 description "to-R2" family inet address 192.168.1.2/32
lab# set protocols ospf area 0 interface lo0.1 passive
lab # run show ospf neighbor
lab # run show ospf interface
BGP attribute
----------------Origin menunjukkan asal dari suatu source route secara default origin disimbolkan I
Contoh
lab# run show route protocol bgp terse
inet.0: 14 destinations, 16 routes (14 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
vlan
Sub interface dari interface
Configure logical router R1 lab@lab # set logical-routers R1

Entering config logical-router lab@lab # edit logical-routers r1
A Destination
P Prf Metric 1 Metric 2 Next hop
AS path
* 10.10.10.1/32
B 170
100
>172.168.1.5 1946 I
B 170
100
>172.168.1.10 1945 1946 I
172.168.1.8/30 B 170
100
>172.168.1.10 1945 I
* 172.168.2.0/30 B 170
100
>172.168.1.2 I
* 172.168.3.4/30 B 170
100
>172.168.1.2 I
* 172.168.4.0/30 B 170
100
>172.168.1.10 1945 I
* 192.168.1.3/32 B 170
100
>172.168.1.10 1945 I
Origin bisa dimanipulasi menjadi incomplete, egp dll
Untuk incomplete disimbolkan ?
Pa g e 15 of 20
Di c2
-------policy-statement static {
term 1 {
from {
protocol static;
}
then {
origin incomplete;
accept;
}
}
term 2 {
then reject;
}
}
Untuk mengubah ke egp spt dibawah ini:
term 1 {
from {
protocol static;
}
then {
origin egp;
accept;
}
}
term 2 {
then reject;
}
}
Hasilnya bisa dilihat di r1

lab# run show route protocol bgp terse logical-router r1
A Destination
AS path
* 10.10.10.1/32
B 170
100
>172.168.1.5 1946 ?
B 170
100
>172.168.1.10 1945 1946 I
172.168.1.8/30 B 170
100
>172.168.1.10 1945 I
* 172.168.2.0/30 B 170
100
>172.168.1.2 I
* 172.168.3.4/30 B 170
100
>172.168.1.2 I
* 172.168.4.0/30 B 170
100
>172.168.1.10 1945 I
* 192.168.1.3/32 B 170
100
>172.168.1.10 1945 I
As-path
Jalur yang telah dipilih oleh suatu route didalam BGP
Di c2
term 1 {
from {
protocol static;
}
then {
as-path-prepend "1947 1947";
accept;
}
}
term 2 {
then reject;
}
}
lab# run show route protocol bgp terse logical-router r1

A Destination
AS path
* 10.10.10.1/32
B 170
100
>172.168.1.10 1945 1946 I
B 170
100
>172.168.1.5 1947 1947 1946 I
* 172.168.2.0/30 B 170
100
>172.168.1.2 I
* 172.168.3.4/30 B 170
100
>172.168.1.2 I
Pastikan jalur route sudah benar melalui c1 dari p1
lab# run traceroute 10.10.10.1
traceroute to 10.10.10.1 (10.10.10.1), 30 hops max, 40 byte packets
1 172.168.2.2 (172.168.2.2) 1.981 ms 1.441 ms 1.032 ms
2 172.168.1.1 (172.168.1.1) 1.175 ms 1.134 ms 1.102 ms
3 172.168.1.10 (172.168.1.10) 1.398 ms 1.493 ms 0.989 ms
4 172.168.4.2 (172.168.4.2) 1.210 ms 1.507 ms 4.401 ms
5 10.10.10.1 (10.10.10.1) 1.573 ms 2.391 ms 1.526 ms
Next-hop
IP address yng ditunjuk oleh router untuk menentukan active route
MED ( Multiple Exit Discriminator )
EBGP EBGP
EBGP IBGP
IBGP IBGP
Local preference hanya terjadi di IBGP

Contoh ubah local preference untuk route 10.10.10.1 di local as
policy-statement resolve {
term 1 {
from protocol bgp;
then {
next-hop self;
}
}
term 2 {
from {
protocol direct;
}
then accept;
}
term 3 {
from {
Pa g e 16 of 20
protocol bgp;
}
then {
local-preference 150;
}
}
then accept;
}
Untuk verifikasi
lab# run show route 10.10.10.1 detail
10.10.10.1/32 (1 entry, 1 announced)
*BGP Preference: 170/-151
Next-hop reference count: 17
Source: 192.168.1.1
Next hop: 172.168.1.1 via fxp2.1, selected
Protocol next hop: 192.168.1.1
Indirect next hop: 8683198 131072
State: <Active Int Ext>
Local AS: 2009 Peer AS: 2009
Age: 1:28
Metric2: 1
Task: BGP_2009.192.168.1.1+179
Announcement bits (3): 2-KRT 3-BGP.0.0.0.0+179 4-Resolve tree 1
AS path: 1946 I
Localpref: 150
Router ID: 192.168.1.1
Multiple Exit Discriminator
---------------------------------
Community route yang telah di tag misal 65000:1100
Lampiran
Di r1
interfaces {
fxp1 {
unit 1 {
vlan-id 1;
family inet {
address 172.168.1.1/30;
}
}
}
fxp2 {
unit 2 {
vlan-id 2;
family inet {
address 172.168.1.6/30;
}
}
}
fxp3 {
unit 3 {
vlan-id 3;
family inet {
address 172.168.1.9/30;
}
}
}
lo0 {
unit 1 {
family inet {
address 192.168.1.1/32;
}
}
}
}
protocols {
bgp {
group internal {
type internal;
export resolve;
neighbor 192.168.1.2;
}
group external {
type external;
export direct;
multipath;
neighbor 172.168.1.10 {
peer-as 1945;
}
neighbor 172.168.1.5 {
peer-as 1946;
}
}
}
ospf {
area 0.0.0.0 {
interface fxp1.1;
interface lo0.1;
}
}
}
policy-options {
policy-statement direct {
term 1 {
from {
protocol direct;
}
then accept;
}
term 2 {
from {
protocol bgp;
}
then accept;
}
term last {
then reject;
}
}
Pa g e 17 of 20
policy-statement resolve {
term 1 {
from protocol bgp;
then {
next-hop self;
}
}
term 2 {
from {
protocol direct;
}
}
then accept;
}
}
routing-options {
}
Di r2
interfaces {
fxp1 {
unit 4 {
vlan-id 4;
family inet {
address 172.168.2.2/30;
}
}
}
fxp2 {
unit 1 {
vlan-id 1;
family inet {
address 172.168.1.2/30;
}
}
}
fxp3 {
unit 5 {
vlan-id 5;
family inet {
address 172.168.3.5/30;
}
}
}
lo0 {
unit 2 {
family inet {
address 192.168.1.2/32;
}
}
}
}
protocols {
bgp {
group internal {
type internal;
export direct;
neighbor 192.168.1.1;
}
group 1982 {
type external;
multihop;
neighbor 192.168.1.5 {
peer-as 1982;
}
}
}
ospf {
area 0.0.0.0 {
interface lo0.2;
interface fxp2.1;
}
}
}
policy-options {
policy-statement direct {
term 1 {
from {
protocol direct;
}
then accept;
}
term last {
then reject;
}
}
policy-statement load-balance {
then {
load-balance per-packet;
}
}
}
routing-options {
static {
route 192.168.1.5/32 next-hop [ 172.168.2.1 172.168.3.6 ];
}
forwarding-table {
export load-balance;
}
}
Di p1
interfaces {
fxp2 {
unit 4 {
vlan-id 4;
family inet {
address 172.168.2.1/30;
}
}
}
fxp4 {
unit 5 {
Pa g e 18 of 20
vlan-id 5;
family inet {
address 172.168.3.6/30;
}
}
}
lo0 {
unit 5 {
family inet {
address 192.168.1.5/32;
}
}
}
}
protocols {
bgp {
group 1982 {
type external;
multihop;
neighbor 192.168.1.2 {
peer-as 2009;
}
}
}
}
routing-options {
static {
route 192.168.1.2/32 next-hop [ 172.168.2.2 172.168.3.5 ];
}
}
Di c1
interfaces {
fxp1 {
unit 6 {
vlan-id 6;
family inet {
address 172.168.4.1/30;
}
}
}
fxp4 {
unit 3 {
vlan-id 3;
family inet {
address 172.168.1.10/30;
}
}
}
lo0 {
unit 3 {
family inet {
address 192.168.1.3/32;
}
}
}
}
protocols {
bgp {
group external {
type external;
neighbor 172.168.1.9 {
peer-as 2009;
}
neighbor 172.168.4.2 {
peer-as 1946;
}
}
}
}
policy-options {
term 1 {
from {
protocol direct;
}
then accept;
}
term 2 {
then reject;
}
}
}
routing-options {
}
Di c2
interfaces {
fxp1 {
unit 2 {
vlan-id 2;
family inet {
address 172.168.1.5/30;
}
}
}
fxp2 {
unit 6 {
vlan-id 6;
family inet {
address 172.168.4.2/30;
}
}
}
fxp3 {
unit 7 {
vlan-id 7;
family inet {
address 172.168.4.6/30;
}
}
}
lo0 {
unit 4 {
family inet {
Pa g e 19 of 20
address 192.168.1.4/32;
}
}
}
}
protocols {
bgp {
group external {
type external;
export static;
neighbor 172.168.1.6 {
peer-as 2009;
}
}
group 1945 {
type external;
export static1;
neighbor 172.168.4.1 {
peer-as 1945;
}
}
}
}
policy-options {
term 1 {
from {
protocol static;
}
then {
accept;
}
}
term 2 {
then reject;
}
}
policy-statement static1 {
term 1 {
from {
protocol static;
}
then accept;
}
term 2 {
then reject;
}
}
}
routing-options {
static {
route 10.10.10.1/32 next-hop 172.168.4.5;
}
}
unit 7 {
vlan-id 7;
family inet {
address 172.168.4.5/30;
}
}
}
lo0 {
unit 6 {
family inet {
address 10.10.10.1/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 172.168.4.6;
}
}
interfaces {
fxp4 {
Pa g e 20 of 20

Lab BGP Juniper

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lab BGP Juniper

Uploaded by

Copyright:

Available Formats

A.

Delete everything under this level? [yes,no] (no) yes

rapid count 1000

noted: assure that there isnt connectivity between R1 and R3

Routing permanent, manual, metric/preference=5, mengenal source dan gateway.

routing-options autonomous-system 65002

routing-options autonomous-system 65003

IBGP Route Reflection

routing-options autonomous-system 65000

routing-options autonomous-system 65001

IGP sudah ada (ISIS)

Pastikan PE-SBY-1 dan PE-SMG-1 menerima route bgp dari PE-MDN-1

from protocol bgp;

show route protocol bgp melihat semua route bgp

Install Community bgp

root@PE-SMG-1# show policy-options

Multihop based on local address

to 172.168.3.6 via fxp3.5

Load balance antara r1 dng c1 dan c2

Modifiying BGP attribute

For example on OSPF configuration

Sub interface dari interface

Configure logical router R1 lab@lab # set logical-routers R1

Hasilnya bisa dilihat di r1

lab# run show route protocol bgp terse logical-router r1

Local preference hanya terjadi di IBGP

Community route yang telah di tag misal 65000:1100

You might also like