Home > World Of ICT > Peering BGP untuk memisahkan rute Internasional dan IIX

Peering BGP untuk memisahkan rute Internasional dan IIX


Diketahui : Salah satu Perguruan Tinggi di Pulau Sumatera yang dikenal dengan PTN XYZ berlangganan bandwidth pada ISP ABC (ASN 23947) sebesar 1 STM (155 Mbps) dengan alokasi 100 Mbps untuk koneksi Indonesia Exchange dan 55 Mbps untuk Koneksi Internasional , PTN XYZ (ASN 56237) menginginkan agar dilakukan pemisahan rute dari jaringan kampus mereka untuk tujuan ke internasional dan Indonesia Exchange, ISP menyiapkan 2 Peering BGP yaitu ke Internasional (Peer-Intl:27.50.31.177/30)  dan IIX (Peer-IIX:27.50.25.233/30)

Soal: Anda selaku pengelola jaringan diminta untuk mengatasi permasalahan ini dengan menggunakan mikrotik router OS.

Mari kita coba selesaikan secara bersama, pertama kita gambar dulu topologinya kira kira seperti ini

Untuk menyelesaikan persoalan ini saya menggunakan Mikrotik Level 6 dan editor Winbox ver 5.6

Check apakah Interface Ethernet sudah terdeteksi dengan baik

[gigih@ASBR-UNILA] > /interface print 
Flags: D - dynamic, X - disabled, R - running, S - slave 
 #     NAME           TYPE               MTU L2MTU  MAX-L2MTU
 0  R  p2p-ix         ether             1500
 1  R  gtw-254        ether             1500
 2  R  p2p-iix        ether             1500 16383      16383
[gigih@ASBR-UNILA] >

Check apakah IP Address sudah terdeteksi dengan baik

[gigih@ASBR-UNILA] > /ip address print 
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE
 0   ;;; iix
     27.50.25.234/30    27.50.25.232    p2p-iix
 1   ;;; unila
     103.3.46.254/24    103.3.46.0      gtw-254
 2   ;;; ix
     27.50.31.178/30    27.50.31.176    p2p-ix
[gigih@ASBR-UNILA] >

Pengaturan Peering BGP ke ISP dengan 2 Peer (1 ke IIX dan 1 ke Internasional)

  • BGP instance
[gigih@ASBR-UNILA] > /routing bgp instance print 
Flags: X - disabled 
 0 X name="default" as=65530 router-id=0.0.0.0 redistribute-connected=no redistribute-static=no 
     redistribute-rip=no redistribute-ospf=no redistribute-other-bgp=no out-filter="" 
     client-to-client-reflection=yes ignore-as-path-len=no routing-table="" 

 1   name="AS56237-INTLEXT-UNILA" as=56237 router-id=27.50.31.178 redistribute-connected=no 
     redistribute-static=no redistribute-rip=no redistribute-ospf=no 
     redistribute-other-bgp=no out-filter="" 
     client-to-client-reflection=no ignore-as-path-len=no routing-table="" 

 2   name="AS56237-IDNEXT-UNILA" as=56237 router-id=27.50.25.234 redistribute-connected=no 
     redistribute-static=no redistribute-rip=no redistribute-ospf=no redistribute-other-bgp=no 
     out-filter=connected-in client-to-client-reflection=yes ignore-as-path-len=no routing-table="" 
[gigih@ASBR-UNILA] >
  • BGP Peer
[gigih@ASBR-UNILA] > /routing bgp peer print 
Flags: X - disabled, E - established 
 #   INSTANCE                       REMOTE-ADDRESS         
 0 E AS56237-INTLEXT-UNILA          27.50.31.177           
 1 X AS56237-INTLEXT-UNILA          103.3.46.253       
 2 X AS56237-INTLEXT-UNILA          (unknown)         
 3 E AS56237-INTLEXT-UNILA          (unknown)              
 4 X AS56237-INTLEXT-UNILA          (unknown)              
 5 E AS56237-IDNEXT-UNILA           27.50.25.233           
            
[gigih@ASBR-UNILA] >
  • Prefix Filter dari IIX agar tidak bocor
[gigih@ASBR-UNILA] > /routing filter print 
Flags: X - disabled 
 0   chain=connected-in prefix=0.0.0.0 prefix-length=0-7 invert-match=no action=discard 

 1   chain=connected-in prefix=0.0.0.0 prefix-length=8-24 invert-match=no action=accept 
     set-in-nexthop=27.50.25.233 

 2   chain=connected-in prefix=0.0.0.0 prefix-length=25-32 invert-match=no action=discard 

 3   chain=connected-in prefix=0.0.0.0 prefix-length=0-32 invert-match=no action=discard 
[gigih@ASBR-UNILA] > 

  • Check Peer BGP status
[gigih@ASBR-UNILA] > routing bgp peer print status 
Flags: X - disabled, E - established 
 0 E name="P2P-UNILA-MORATELINDO" instance=AS56237-INTLEXT-UNILA remote-address=27.50.31.177 remote-as=23947 
     tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=default in-filter="" 
     out-filter="" address-families=ip default-originate=never remove-private-as=yes as-override=no passive=no 
     use-bfd=no remote-id=10.0.1.1 local-address=27.50.31.178 uptime=14h56m30s prefix-count=416140 
     updates-sent=2 updates-received=536651 withdrawn-sent=0 withdrawn-received=7765 remote-hold-time=1m30s 
     used-hold-time=1m30s used-keepalive-time=30s refresh-capability=yes as4-capability=yes state=established 

 1 X name="PEER-TO-2" instance=AS56237-INTLEXT-UNILA remote-address=103.3.46.253 remote-as=65009 tcp-md5-key="" 
     nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=default in-filter="" out-filter="" 
     address-families=ip default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no 

 2 X name="PEER-IPV6-HE" instance=AS56237-INTLEXT-UNILA remote-address=(unknown) remote-as=6939 tcp-md5-key="" 
     nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=default in-filter="" out-filter="" 
     address-families=ip,ipv6 default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no 

 3 E name="PEER-IPv6-MORA" instance=AS56237-INTLEXT-UNILA remote-address=(unknown) remote-as=23947 tcp-md5-key=">
     nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=default in-filter="" out-filter="" 
     address-families=ip,ipv6 default-originate=never remove-private-as=yes as-override=no passive=no 
     use-bfd=no remote-id=202.43.180.251 local-address=2400:dc00:fc01:3::2 uptime=23h58m14s prefix-count=9875 
     updates-sent=1 updates-received=27192 withdrawn-sent=0 withdrawn-received=754 remote-hold-time=1m30s 
     used-hold-time=1m30s used-keepalive-time=30s refresh-capability=yes as4-capability=yes state=established 

 4 X name="PEER-IPV6-TO-2" instance=AS56237-INTLEXT-UNILA remote-address=(unknown) remote-as=65009 tcp-md5-key=">
     nexthop-choice=default multihop=no route-reflect=no hold-time=3m ttl=default in-filter="" out-filter="" 
     address-families=ip,ipv6 default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no 

-- [Q quit|D dump|right|down]

Terakhir check apakah trafik sudah terpisah

[gigih@ASBR-UNILA] > tool traceroute www.yahoo.com
 # ADDRESS                                 RT1   RT2   RT3   STATUS                                              
 1 27.50.31.177                            26ms  26ms  25ms
 2 202.43.177.38                           23ms  23ms  23ms
 3 0.0.0.0                                 0ms   0ms   0ms 
 4 0.0.0.0                                 0ms   0ms   0ms
 5 202.79.197.131                          52ms  52ms  52ms
 6 203.84.209.77                           48ms  48ms  48ms 
 7 106.10.128.9                            118ms 52ms  52ms
 8 106.10.128.23                           47ms  47ms  47ms        
 9 106.10.128.53                           53ms  53ms  53ms
10 106.10.170.118                          106ms 77ms  64ms
[gigih@ASBR-UNILA] > tool traceroute www.detik.com
 # ADDRESS                                 RT1   RT2   RT3   STATUS                                              
 1 27.50.25.233                            23ms  23ms  23ms      
 2 218.100.36.2                            23ms  23ms  23ms  
 3 218.100.27.192                          23ms  23ms  23ms  
 4 203.190.244.6                           23ms  23ms  23ms  
 5 203.190.242.69                          23ms  23ms  23ms           

[gigih@ASBR-UNILA] > 



 

  1. asep
    May 11, 2015 at 4:59 am

    untuk settingan ip routenya mana gan gak lengkap nih , nanggung banget

    • May 18, 2015 at 6:17 am

      Untuk routing BGP tidak menggunakan perintah ip route, table routing sudah otomatis diterima dari advertise prefix IP dari BGP Peering partner.

  2. gara
    July 30, 2015 at 1:44 am

    assalamu’alaikum , bang saya dah ikuti seperti contoh yang diatas … yang beda inix dan nap nya berbeda AS … apakah sama tutz nya bang, soalnya saya buat sama seperti diatas, tapi gak jalan adakah yang saya harus taambahkan

    • August 3, 2015 at 7:35 am

      Harusnya sih sama saja, yang penting NAP tadi juga mengadvertise AS kita.

  3. cahyo
    August 27, 2015 at 2:57 am

    buat settingan pref-in dan pref-out nya gimana bang

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: