Belajar Mengkonfigurasi MPLS-VPN
(PE-CE with RIP)di Junos http://iwing.wordpress.com
Berhubung masih nobitol makanya masih script kiddies, maklum baru belajar hehehehe...........@_@
--------------------------------------------------------------------------------------------
! Topology yang digunakan !
--------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------
! Konfigurasi Router cnc1 (CE1) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc1# show
## Last changed: 2010-07-05 00:11:55 UTC
version 8.4R4.2;
system {
host-name cnc1;
root-authentication {
encrypted-password "$1$rdYbfs2s$UfeiORYzSrjvML7X.mIHy0"; ## SECRET-DATA
}
login {
message "\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n
\n!Access to this device is limited to authorized user only!\n
\n!WARNING!!!:ALL unathourized access is prohibited. !\n
\n!========================================================!\n\n";
user iwing {
uid 2001;
class super-user;
authentication {
encrypted-password "$1$rQy0ZTV0$A1hVDjhzF2niCbd/4MI0K."; ## SECRET-DATA
}
}
}
services {
ftp;
ssh;
telnet;
web-management {
http {
port 80;
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 192.168.10.1/24;
}
}
}
fxp2 {
unit 0 {
family inet {
address 192.168.80.1/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 1.1.1.1/32;
}
}
}
}
protocols {
rip {
group ripiwing {
export advertise-rip-routes;
neighbor fxp0.0;
neighbor fxp2.0;
}
}
}
policy-options {
policy-statement advertise-rip-routes {
term 1 {
from protocol [ direct rip ];
then accept;
}
}
}
[edit]
root@cnc1#
------------------------------------------------------------------------------------------------
! Konfigurasi Router cnc2 (PE1) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# show
## Last changed: 2010-07-05 00:09:58 UTC
version 8.4R4.2;
system {
host-name cnc2;
root-authentication {
encrypted-password "$1$QeV0HEqD$DcAIEpD8DU94YaIzoqsfo/"; ## SECRET-DATA
}
login {
message "\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n
\n!Access to this device is limited to authorized user only!\n
\n!WARNING!!!:ALL unathourized access is prohibited. !\n
\n!========================================================!\n\n";
user iwing {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$a1HVR5jH$yoUbW1IOcAHOdAQCahOpy0"; ## SECRET-DATA
}
}
}
services {
ftp;
ssh;
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 192.168.10.2/24;
}
family mpls;
}
}
fxp1 {
unit 0 {
family inet {
address 192.168.20.1/24;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 2.2.2.2/32;
}
}
}
}
routing-options {
router-id 2.2.2.2;
autonomous-system 100;
}
protocols {
rsvp {
traceoptions {
file ldp-log;
flag all;
flag packets detail;
}
interface fxp1.0;
interface fxp0.0;
}
mpls {
label-switched-path pe-cnc2-to-pe-cnc4 {
to 4.4.4.4;
}
interface fxp1.0;
interface fxp0.0;
}
bgp {
family inet {
unicast;
}
group pe-cnc2-to-pe-cnc4 {
type internal;
local-address 2.2.2.2;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
peer-as 100;
neighbor 4.4.4.4;
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface lo0.0 {
passive;
}
interface fxp1.0;
label-switched-path pe-cnc2-to-pe-cnc4;
}
}
}
policy-options {
policy-statement rip-export {
term 1 {
from protocol bgp;
then accept;
}
term 2 {
then reject;
}
}
policy-statement vpncnc-export-policy {
term 1 {
from protocol rip;
then {
community add vpncnc;
accept;
}
}
term 2 {
then reject;
}
}
policy-statement vpncnc-import-policy {
term 1 {
from {
protocol bgp;
community vpncnc;
}
then accept;
}
term 2 {
then reject;
}
}
community vpncnc members target:100:01;
}
routing-instances {
vpncnc {
instance-type vrf;
interface fxp0.0;
route-distinguisher 100:01;
vrf-import vpncnc-import-policy;
vrf-export vpncnc-export-policy;
vrf-table-label;
protocols {
rip {
group ripiwing {
export rip-export;
neighbor fxp0.0;
}
}
}
}
}
[edit]
root@cnc2#
------------------------------------------------------------------------------------------------
! Konfigurasi Router cnc3 (P) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc3# show
## Last changed: 2010-07-05 00:11:56 UTC
version 8.4R4.2;
system {
host-name cnc3;
root-authentication {
encrypted-password "$1$rdYbfs2s$UfeiORYzSrjvML7X.mIHy0"; ## SECRET-DATA
}
login {
message "\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n
\n!Access to this device is limited to authorized user only!\n
\n!WARNING!!!:ALL unathourized access is prohibited. !\n
\n!========================================================!\n\n";
user iwing {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$nBU.RVsT$LMG9TWM9OUQZGvInqYfEu1"; ## SECRET-DATA
}
}
}
services {
ftp;
ssh;
web-management {
http {
port 80;
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 192.168.30.1/24;
}
family mpls;
}
}
fxp1 {
unit 0 {
family inet {
address 192.168.20.2/24;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 3.3.3.3/32;
}
}
}
}
routing-options {
router-id 3.3.3.3;
autonomous-system 100;
}
protocols {
rsvp {
traceoptions {
file ldp-log;
flag all;
flag packets detail;
}
interface fxp0.0;
interface fxp1.0;
}
mpls {
interface all;
interface fxp0.0;
interface fxp1.0;
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface lo0.0 {
passive;
}
interface fxp0.0;
interface fxp1.0;
}
}
}
[edit]
root@cnc3#
------------------------------------------------------------------------------------------------
! Konfigurasi Router cnc4 (PE2) !
------------------------------------------------------------------------------------------------
root@cnc4# show
## Last changed: 2010-07-05 00:11:28 UTC
version 8.4R4.2;
system {
host-name cnc4;
root-authentication {
encrypted-password "$1$rdYbfs2s$UfeiORYzSrjvML7X.mIHy0"; ## SECRET-DATA
}
login {
message "\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n
\n!Access to this device is limited to authorized user only!\n
\n!WARNING!!!:ALL unathourized access is prohibited. !\n
\n!========================================================!\n\n";
user iwing {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$a4h8jH/6$WNgvFOgNFh2cnvlaHnZms1"; ## SECRET-DATA
}
}
}
services {
ftp;
ssh;
web-management {
http {
port 80;
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
address 192.168.30.2/24;
}
family mpls;
}
}
fxp2 {
unit 0 {
family inet {
address 192.168.40.1/24;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 4.4.4.4/32;
}
}
}
}
routing-options {
router-id 4.4.4.4;
autonomous-system 100;
}
protocols {
rsvp {
traceoptions {
file ldp-log;
flag all;
flag packets detail;
}
interface fxp0.0;
interface fxp2.0;
}
mpls {
label-switched-path pe-cnc4-to-pe-cnc2 {
to 2.2.2.2;
}
interface fxp0.0;
interface fxp2.0;
}
bgp {
family inet {
unicast;
}
group pe-cnc4-to-pe-cnc2 {
type internal;
local-address 4.4.4.4;
family inet {
unicast;
}
family inet-vpn {
unicast;
}
peer-as 100;
neighbor 2.2.2.2;
}
}
ospf {
traffic-engineering;
area 0.0.0.0 {
interface lo0.0 {
passive;
}
interface fxp0.0;
interface fxp1.0;
label-switched-path pe-cnc4-to-pe-cnc2;
}
}
}
policy-options {
policy-statement rip-export {
term 1 {
from protocol bgp;
then accept;
}
term 2 {
then reject;
}
}
policy-statement vpncnc-export-policy {
term 1 {
from protocol rip;
then {
community add vpncnc;
accept;
}
}
term 2 {
then reject;
}
}
policy-statement vpncnc-import-policy {
term 1 {
from {
protocol bgp;
community vpncnc;
}
then accept;
}
term 2 {
then reject;
}
}
community vpncnc members target:100:01;
}
routing-instances {
vpncnc {
instance-type vrf;
interface fxp2.0;
route-distinguisher 100:01;
vrf-import vpncnc-import-policy;
vrf-export vpncnc-export-policy;
vrf-table-label;
protocols {
rip {
group ripiwing {
export rip-export;
neighbor fxp2.0;
}
}
}
}
}
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! Konfigurasi Router cnc5 (CE2) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc5# show
## Last changed: 2010-07-05 00:12:27 UTC
version 8.4R4.2;
system {
host-name cnc5;
root-authentication {
encrypted-password "$1$rdYbfs2s$UfeiORYzSrjvML7X.mIHy0"; ## SECRET-DATA
}
login {
message "\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n
\n!Access to this device is limited to authorized user only!\n
\n!WARNING!!!:ALL unathourized access is prohibited. !\n
\n!========================================================!\n\n";
user iwing {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$nBU.RVsT$LMG9TWM9OUQZGvInqYfEu1"; ## SECRET-DATA
}
}
}
services {
ftp;
ssh;
web-management {
http {
port 80;
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp2 {
unit 0 {
family inet {
address 192.168.40.2/24;
}
}
}
fxp4 {
unit 0 {
family inet {
address 192.168.90.1/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 5.5.5.5/32;
}
}
}
}
protocols {
rip {
group ripiwing {
export advertise-rip-routes;
neighbor fxp2.0;
neighbor fxp4.0;
}
}
}
policy-options {
policy-statement advertise-rip-routes {
term 1 {
from protocol [ direct rip ];
then accept;
}
}
}
[edit]
root@cnc5#
------------------------------------------------------------------------------------------------
! How to check 1 (run show mpls interface) and (run show rsvp interface) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# run show mpls interface
Interface State Administrative groups
fxp1.0 Up <none>
[edit]
root@cnc2# run show rsvp interface
RSVP interface: 2 active
Active Subscr- Static Available Reserved Highwater
Interface State resv iption BW BW BW mark
fxp0.0 Up 0 100% 10Mbps 10Mbps 0bps 0bps
fxp1.0 Up 1 100% 10Mbps 10Mbps 0bps 0bps
[edit]
root@cnc2#
edit]
root@cnc3# run show mpls interface
Interface State Administrative groups
fxp0.0 Up <none>
fxp1.0 Up <none>
[edit]
root@cnc3# run show rsvp interface
RSVP interface: 2 active
Active Subscr- Static Available Reserved Highwater
Interface State resv iption BW BW BW mark
fxp0.0 Up 1 100% 10Mbps 10Mbps 0bps 0bps
fxp1.0 Up 1 100% 10Mbps 10Mbps 0bps 0bps
[edit]
root@cnc3#
[edit]
root@cnc4# run show mpls interface
Interface State Administrative groups
fxp0.0 Up <none>
[edit]
root@cnc4# run show rsvp interface
RSVP interface: 2 active
Active Subscr- Static Available Reserved Highwater
Interface State resv iption BW BW BW mark
fxp0.0 Up 1 100% 10Mbps 10Mbps 0bps 0bps
fxp2.0 Up 0 100% 10Mbps 10Mbps 0bps 0bps
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! How to check 2 (run show mpls lsp) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# run show mpls lsp
Ingress LSP: 1 sessions
To From State Rt ActivePath P LSPname
4.4.4.4 2.2.2.2 Up 2 * pe-cnc2-to-pe-cnc4
Total 1 displayed, Up 1, Down 0
Egress LSP: 1 sessions
To From State Rt Style Labelin Labelout LSPname
2.2.2.2 4.4.4.4 Up 0 1 FF 3 - pe-cnc4-to-pe-cnc2
Total 1 displayed, Up 1, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
[edit]
root@cnc2#
root@cnc3# run show mpls lsp
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Transit LSP: 2 sessions
To From State Rt Style Labelin Labelout LSPname
2.2.2.2 4.4.4.4 Up 1 1 FF 100000 3 pe-cnc4-to-pe-cnc2
4.4.4.4 2.2.2.2 Up 1 1 FF 100016 3 pe-cnc2-to-pe-cnc4
Total 2 displayed, Up 2, Down 0
[edit]
root@cnc3#
[edit]
root@cnc4# run show mpls lsp
Ingress LSP: 1 sessions
To From State Rt ActivePath P LSPname
2.2.2.2 4.4.4.4 Up 2 * pe-cnc4-to-pe-cnc2
Total 1 displayed, Up 1, Down 0
Egress LSP: 1 sessions
To From State Rt Style Labelin Labelout LSPname
4.4.4.4 2.2.2.2 Up 0 1 FF 3 - pe-cnc2-to-pe-cnc4
Total 1 displayed, Up 1, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! How to check 3 (run show bgp summary) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# run show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 0 0 0 0 0 0
bgp.l3vpn.0 2 2 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn
State|#Active/Received/Damped...
4.4.4.4 100 25 24 0 0 9:25 Establ
inet.0: 0/0/0
bgp.l3vpn.0: 2/2/0
vpncnc.inet.0: 2/2/0
[edit]
root@cnc2#
[edit]
root@cnc4# run show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 0 0 0 0 0 0
bgp.l3vpn.0 2 2 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn
State|#Active/Received/Damped...
2.2.2.2 100 23 26 0 0 10:23 Establ
inet.0: 0/0/0
bgp.l3vpn.0: 2/2/0
vpncnc.inet.0: 2/2/0
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! How to check 4 (run show bgp neighbor) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# run show bgp neighbor
Peer: 4.4.4.4+1124 AS 100 Local: 2.2.2.2+179 AS 100
Type: Internal State: Established Flags: <ImportEval Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Options: <Preference LocalAddress AddressFamily PeerAS Rib-group Refresh>
Address families configured: inet-unicast inet-vpn-unicast
Local Address: 2.2.2.2 Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 4.4.4.4 Local ID: 2.2.2.2 Active Holdtime: 90
Keepalive Interval: 30 Peer index: 0
BFD: disabled, down
NLRI advertised by peer: inet-unicast inet-vpn-unicast
NLRI for this session: inet-unicast inet-vpn-unicast
Peer supports Refresh capability (2)
Table inet.0 Bit: 10000
RIB State: BGP restart is complete
Send state: in sync
Active prefixes: 0
Received prefixes: 0
Suppressed due to damping: 0
Advertised prefixes: 0
Table bgp.l3vpn.0
RIB State: BGP restart is complete
RIB State: VPN restart is complete
Send state: not advertising
Active prefixes: 2
Received prefixes: 2
Suppressed due to damping: 0
Table vpncnc.inet.0 Bit: 30000
RIB State: BGP restart is complete
RIB State: VPN restart is complete
Send state: in sync
Active prefixes: 2
Received prefixes: 2
Suppressed due to damping: 0
Advertised prefixes: 2
Last traffic (seconds): Received 17 Sent 28 Checked 2
Input messages: Total 27 Updates 1 Refreshes 0 Octets 635
Output messages: Total 26 Updates 1 Refreshes 0 Octets 616
Output Queue[0]: 0
Output Queue[1]: 0
Output Queue[2]: 0
[edit]
root@cnc2#
[edit]
root@cnc4# run show bgp neighbor
Peer: 2.2.2.2+179 AS 100 Local: 4.4.4.4+1124 AS 100
Type: Internal State: Established Flags: <ImportEval Sync>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Options: <Preference LocalAddress AddressFamily PeerAS Rib-group Refresh>
Address families configured: inet-unicast inet-vpn-unicast
Local Address: 4.4.4.4 Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 2.2.2.2 Local ID: 4.4.4.4 Active Holdtime: 90
Keepalive Interval: 30 Peer index: 0
BFD: disabled, down
NLRI advertised by peer: inet-unicast inet-vpn-unicast
NLRI for this session: inet-unicast inet-vpn-unicast
Peer supports Refresh capability (2)
Table inet.0 Bit: 10000
RIB State: BGP restart is complete
Send state: in sync
Active prefixes: 0
Received prefixes: 0
Suppressed due to damping: 0
Advertised prefixes: 0
Table bgp.l3vpn.0
RIB State: BGP restart is complete
RIB State: VPN restart is complete
Send state: not advertising
Active prefixes: 2
Received prefixes: 2
Suppressed due to damping: 0
Table vpncnc.inet.0 Bit: 30000
RIB State: BGP restart is complete
RIB State: VPN restart is complete
Send state: in sync
Active prefixes: 2
Received prefixes: 2
Suppressed due to damping: 0
Advertised prefixes: 2
Last traffic (seconds): Received 3 Sent 21 Checked 3
Input messages: Total 25 Updates 1 Refreshes 0 Octets 563
Output messages: Total 28 Updates 1 Refreshes 0 Octets 654
Output Queue[0]: 0
Output Queue[1]: 0
Output Queue[2]: 0
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! How to check 5 !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# run ping 192.168.80.2 count 5 routing-instance vpncnc
PING 192.168.80.2 (192.168.80.2): 56 data bytes
64 bytes from 192.168.80.2: icmp_seq=0 ttl=63 time=18.945 ms
64 bytes from 192.168.80.2: icmp_seq=1 ttl=63 time=3.332 ms
64 bytes from 192.168.80.2: icmp_seq=2 ttl=63 time=5.550 ms
64 bytes from 192.168.80.2: icmp_seq=3 ttl=63 time=5.015 ms
64 bytes from 192.168.80.2: icmp_seq=4 ttl=63 time=5.008 ms
--- 192.168.80.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.332/7.570/18.945/5.736 ms
[edit]
root@cnc2#
[edit]
root@cnc4# run ping 192.168.90.2 count 5 routing-instance vpncnc
PING 192.168.90.2 (192.168.90.2): 56 data bytes
64 bytes from 192.168.90.2: icmp_seq=0 ttl=63 time=29.854 ms
64 bytes from 192.168.90.2: icmp_seq=1 ttl=63 time=7.215 ms
64 bytes from 192.168.90.2: icmp_seq=2 ttl=63 time=15.643 ms
64 bytes from 192.168.90.2: icmp_seq=3 ttl=63 time=6.009 ms
64 bytes from 192.168.90.2: icmp_seq=4 ttl=63 time=5.309 ms
--- 192.168.90.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 5.309/12.806/29.854/9.299 ms
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! How to check 6 (run show route) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc1# run show route
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.1/32 *[Direct/0] 00:14:13
> via lo0.0
5.5.5.5/32 *[RIP/100] 00:12:37, metric 2, tag 0
> to 192.168.10.2 via fxp0.0
192.168.10.0/24 *[Direct/0] 00:14:13
> via fxp0.0
192.168.10.1/32 *[Local/0] 00:14:13
Local via fxp0.0
192.168.80.0/24 *[Direct/0] 00:14:13
> via fxp2.0
192.168.80.1/32 *[Local/0] 00:14:13
Local via fxp2.0
192.168.90.0/24 *[RIP/100] 00:12:37, metric 2, tag 0
> to 192.168.10.2 via fxp0.0
224.0.0.9/32 *[RIP/100] 00:14:16, metric 1
MultiRecv
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)
[edit]
root@cnc1#
[edit]
root@cnc2# run show route
inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.2/32 *[Direct/0] 00:13:12
> via lo0.0
3.3.3.3/32 *[OSPF/10] 00:12:03, metric 10
> to 192.168.20.2 via fxp1.0
4.4.4.4/32 *[OSPF/10] 00:11:33, metric 1
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
192.168.20.0/24 *[Direct/0] 00:13:12
> via fxp1.0
192.168.20.1/32 *[Local/0] 00:13:12
Local via fxp1.0
192.168.30.0/24 *[OSPF/10] 00:11:33, metric 11
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
224.0.0.5/32 *[OSPF/10] 00:13:20, metric 1
MultiRecv
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
4.4.4.4/32 *[RSVP/7] 00:11:28, metric 1
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)
vpncnc.inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.1/32 *[RIP/100] 00:12:50, metric 2, tag 0
> to 192.168.10.1 via fxp0.0
5.5.5.5/32 *[BGP/170] 00:11:28, MED 2, localpref 100, from 4.4.4.4
AS path: I
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
192.168.10.0/24 *[Direct/0] 00:13:11
> via fxp0.0
192.168.10.2/32 *[Local/0] 00:13:11
Local via fxp0.0
192.168.80.0/24 *[RIP/100] 00:12:50, metric 2, tag 0
> to 192.168.10.1 via fxp0.0
192.168.90.0/24 *[BGP/170] 00:11:28, MED 2, localpref 100, from 4.4.4.4
AS path: I
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
224.0.0.9/32 *[RIP/100] 00:13:18, metric 1
MultiRecv
mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 00:13:18, metric 1
Receive
1 *[MPLS/0] 00:13:18, metric 1
Receive
2 *[MPLS/0] 00:13:18, metric 1
Receive
16 *[VPN/0] 00:13:13
to table vpncnc.inet.0, Pop
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
100:1:5.5.5.5/32
*[BGP/170] 00:11:52, MED 2, localpref 100, from 4.4.4.4
AS path: I
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
100:1:192.168.90.0/24
*[BGP/170] 00:11:52, MED 2, localpref 100, from 4.4.4.4
AS path: I
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
[edit]
root@cnc2#
[edit]
root@cnc3# run show route
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.2/32 *[OSPF/10] 00:13:05, metric 10
> to 192.168.20.1 via fxp1.0
3.3.3.3/32 *[Direct/0] 00:14:05
> via lo0.0
4.4.4.4/32 *[OSPF/10] 00:13:05, metric 10
> to 192.168.30.2 via fxp0.0
192.168.20.0/24 *[Direct/0] 00:14:05
> via fxp1.0
192.168.20.2/32 *[Local/0] 00:14:05
Local via fxp1.0
192.168.30.0/24 *[Direct/0] 00:14:05
> via fxp0.0
192.168.30.1/32 *[Local/0] 00:14:05
Local via fxp0.0
224.0.0.5/32 *[OSPF/10] 00:14:19, metric 1
MultiRecv
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)
mpls.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 00:14:15, metric 1
Receive
1 *[MPLS/0] 00:14:15, metric 1
Receive
2 *[MPLS/0] 00:14:15, metric 1
Receive
100000 *[RSVP/7] 00:12:56, metric 1
> to 192.168.20.1 via fxp1.0, label-switched-path pe-cnc4-to-pe-cnc2
100000(S=0) *[RSVP/7] 00:12:56, metric 1
> to 192.168.20.1 via fxp1.0, label-switched-path pe-cnc4-to-pe-cnc2
100016 *[RSVP/7] 00:12:36, metric 1
> to 192.168.30.2 via fxp0.0, label-switched-path pe-cnc2-to-pe-cnc4
100016(S=0) *[RSVP/7] 00:12:36, metric 1
> to 192.168.30.2 via fxp0.0, label-switched-path pe-cnc2-to-pe-cnc4
[edit]
root@cnc3#
[edit]
root@cnc4# run show route
inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.2/32 *[OSPF/10] 00:12:55, metric 1
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
3.3.3.3/32 *[OSPF/10] 00:13:04, metric 10
> to 192.168.30.1 via fxp0.0
4.4.4.4/32 *[Direct/0] 00:14:06
> via lo0.0
192.168.20.0/24 *[OSPF/10] 00:12:32, metric 11
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
192.168.30.0/24 *[Direct/0] 00:14:06
> via fxp0.0
192.168.30.2/32 *[Local/0] 00:14:06
Local via fxp0.0
224.0.0.5/32 *[OSPF/10] 00:14:13, metric 1
MultiRecv
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2.2.2.2/32 *[RSVP/7] 00:12:50, metric 1
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)
vpncnc.inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.1/32 *[BGP/170] 00:12:50, MED 2, localpref 100, from 2.2.2.2
AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
5.5.5.5/32 *[RIP/100] 00:14:04, metric 2, tag 0
> to 192.168.40.2 via fxp2.0
192.168.40.0/24 *[Direct/0] 00:14:04
> via fxp2.0
192.168.40.1/32 *[Local/0] 00:14:04
Local via fxp2.0
192.168.80.0/24 *[BGP/170] 00:12:50, MED 2, localpref 100, from 2.2.2.2
AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
192.168.90.0/24 *[RIP/100] 00:14:04, metric 2, tag 0
> to 192.168.40.2 via fxp2.0
224.0.0.9/32 *[RIP/100] 00:14:12, metric 1
MultiRecv
mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
0 *[MPLS/0] 00:14:12, metric 1
Receive
1 *[MPLS/0] 00:14:12, metric 1
Receive
2 *[MPLS/0] 00:14:12, metric 1
Receive
16 *[VPN/0] 00:14:06
to table vpncnc.inet.0, Pop
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
100:1:1.1.1.1/32
*[BGP/170] 00:12:57, MED 2, localpref 100, from 2.2.2.2
AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
100:1:192.168.80.0/24
*[BGP/170] 00:12:57, MED 2, localpref 100, from 2.2.2.2
AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
[edit]
root@cnc4#
[edit]
root@cnc5# run show route
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.1/32 *[RIP/100] 00:13:08, metric 2, tag 0
> to 192.168.40.1 via fxp2.0
5.5.5.5/32 *[Direct/0] 00:14:26
> via lo0.0
192.168.40.0/24 *[Direct/0] 00:14:26
> via fxp2.0
192.168.40.2/32 *[Local/0] 00:14:26
Local via fxp2.0
192.168.80.0/24 *[RIP/100] 00:13:08, metric 2, tag 0
> to 192.168.40.1 via fxp2.0
192.168.90.0/24 *[Direct/0] 00:14:26
> via fxp4.0
192.168.90.1/32 *[Local/0] 00:14:26
Local via fxp4.0
224.0.0.9/32 *[RIP/100] 00:14:29, metric 1
MultiRecv
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)
[edit]
root@cnc5#
------------------------------------------------------------------------------------------------
! How to check 7 (run show route table vpncnc.inet.0) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# run show route table vpncnc.inet.0
vpncnc.inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.1/32 *[RIP/100] 00:14:13, metric 2, tag 0
> to 192.168.10.1 via fxp0.0
5.5.5.5/32 *[BGP/170] 00:12:51, MED 2, localpref 100, from 4.4.4.4
AS path: I
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
192.168.10.0/24 *[Direct/0] 00:14:34
> via fxp0.0
192.168.10.2/32 *[Local/0] 00:14:34
Local via fxp0.0
192.168.80.0/24 *[RIP/100] 00:14:13, metric 2, tag 0
> to 192.168.10.1 via fxp0.0
192.168.90.0/24 *[BGP/170] 00:12:51, MED 2, localpref 100, from 4.4.4.4
AS path: I
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
224.0.0.9/32 *[RIP/100] 00:14:41, metric 1
MultiRecv
[edit]
root@cnc2#
[edit]
root@cnc4# run show route table vpncnc.inet.0
vpncnc.inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1.1.1.1/32 *[BGP/170] 00:14:21, MED 2, localpref 100, from 2.2.2.2
AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
5.5.5.5/32 *[RIP/100] 00:15:35, metric 2, tag 0
> to 192.168.40.2 via fxp2.0
192.168.40.0/24 *[Direct/0] 00:15:35
> via fxp2.0
192.168.40.1/32 *[Local/0] 00:15:35
Local via fxp2.0
192.168.80.0/24 *[BGP/170] 00:14:21, MED 2, localpref 100, from 2.2.2.2
AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
192.168.90.0/24 *[RIP/100] 00:15:35, metric 2, tag 0
> to 192.168.40.2 via fxp2.0
224.0.0.9/32 *[RIP/100] 00:15:43, metric 1
MultiRecv
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! How to check 8 (run show route table bgp.l3vpn.0) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# run show route table bgp.l3vpn.0
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
100:1:5.5.5.5/32
*[BGP/170] 00:13:47, MED 2, localpref 100, from 4.4.4.4
AS path: I
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
100:1:192.168.90.0/24
*[BGP/170] 00:13:47, MED 2, localpref 100, from 4.4.4.4
AS path: I
> to 192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
[edit]
root@cnc2#
[edit]
root@cnc4# run show route table bgp.l3vpn.0
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
100:1:1.1.1.1/32
*[BGP/170] 00:14:57, MED 2, localpref 100, from 2.2.2.2
AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
100:1:192.168.80.0/24
*[BGP/170] 00:14:57, MED 2, localpref 100, from 2.2.2.2
AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! How to check 9 (run show route table bgp.l3vpn.0 detail []) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# run show route table bgp.l3vpn.0 detail 192.168.90.0/24
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
100:1:192.168.90.0/24 (1 entry, 0 announced)
*BGP Preference: 170/-101
Route Distinguisher: 100:1
Next hop type: Indirect
Next-hop reference count: 6
Source: 4.4.4.4
Next hop type: Router, Next hop index: 420
Next hop: 192.168.20.2 via fxp1.0 weight 0x1, selected
Label-switched-path pe-cnc2-to-pe-cnc4
Label operation: Push 16, Push 100016(top)
Protocol next hop: 4.4.4.4
Push 16
Indirect next hop: 89c4000 131070
State: <Active Int Ext>
Local AS: 100 Peer AS: 100
Age: 14:08 Metric: 2 Metric2: 1
Task: BGP_100.4.4.4.4+1124
AS path: I
Communities: target:100:1
VPN Label: 16
Localpref: 100
Router ID: 4.4.4.4
Secondary Tables: vpncnc.inet.0
[edit]
root@cnc2#
[edit]
root@cnc4# run show route table bgp.l3vpn.0 detail 192.168.80.0/24
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
100:1:192.168.80.0/24 (1 entry, 0 announced)
*BGP Preference: 170/-101
Route Distinguisher: 100:1
Next hop type: Indirect
Next-hop reference count: 6
Source: 2.2.2.2
Next hop type: Router, Next hop index: 420
Next hop: 192.168.30.1 via fxp0.0 weight 0x1, selected
Label-switched-path pe-cnc4-to-pe-cnc2
Label operation: Push 16, Push 100000(top)
Protocol next hop: 2.2.2.2
Push 16
Indirect next hop: 89cb000 131070
State: <Active Int Ext>
Local AS: 100 Peer AS: 100
Age: 15:23 Metric: 2 Metric2: 1
Task: BGP_100.2.2.2.2+179
AS path: I
Communities: target:100:1
VPN Label: 16
Localpref: 100
Router ID: 2.2.2.2
Secondary Tables: vpncnc.inet.0
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! How to check 10 (run show route table mpls protocol vpn detail) !
------------------------------------------------------------------------------------------------
[edit]
root@cnc2# run show route table mpls protocol vpn detail
mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
16 (1 entry, 0 announced)
*VPN Preference: 0
Next table: vpncnc.inet.0
Label operation: Pop
Next-hop reference count: 1
State: <Active NotInstall Int Ext>
Age: 15:55
Task: RT
AS path: I
[edit]
root@cnc2#
[edit]
root@cnc4# run show route table mpls protocol vpn detail
mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
16 (1 entry, 0 announced)
*VPN Preference: 0
Next table: vpncnc.inet.0
Label operation: Pop
Next-hop reference count: 1
State: <Active NotInstall Int Ext>
Age: 16:58
Task: RT
AS path: I
[edit]
root@cnc4#
------------------------------------------------------------------------------------------------
! How to check 11 (ping from Custumer to Custumer)
------------------------------------------------------------------------------------------------
"Sekian dulu, semoga bermanfaat dan salam sedogedoi", saya mau belajar lagi teorinya T_T, kalau
ada yang keliru tolong beritahu saya, terima kasih... @_@ “CMIIW”
Top Related