Cisco: BGP Dua Link No Transit: Difference between revisions

Latest revision as of 02:30, 1 January 2019

sumber: http://routerric.blogspot.com/2010/03/bgp-transit-ass-and-how-to-avoid.html

Mungkinkah kita membuat supaya BGP AS yang kita gunakan tidak menjadi transit path?

BB1 ------ R1 (AS 101) ------- R2 (AS 101) ------- BB2

Hal ini dapat dengan mudah dilakukan dengan (1) distribute-list. Cara ini tidak scale dengan mudah jika ip address berubah dikemudian hari karena harus melihat access lists

Atau dengan (2) prefix-list, cara ini lebih mudah untuk berkembang tanpa perlu melihat jika IP address berubah.

OPTION 1 - menggunakan no-export community

Disini community no-export di berlakukan ke semua ALL incoming bgp routes.

R1
route-map NOEXPORT
set community no-export  

router bgp 101
neigh {ip addr BB1} route-map NOEXPORT in
neigh {ip addr r2} send-community

OPTION 2 – menggunakan perintah filter-list

Disini kita membuat as-path access list dan hanya mengijinkan bgp routes originated dari AS asal router (AS 101) yang di advertised out.

R2
ip as-path access-list 1 permit ^$

router bgp 101
neigh {ip addrBB2} filter-list 1 out

Dua perintah di atas digunakan

show ip bgp {ip address} advertise

untuk memverifikasi advertised routes.

Referensi

http://routerric.blogspot.com/2010/03/bgp-transit-ass-and-how-to-avoid.html

@@ Line 1: / Line 1: @@
 sumber: http://routerric.blogspot.com/2010/03/bgp-transit-ass-and-how-to-avoid.html
-How can you prevent your own BGP AS becoming a transit path? This can be achieved by making use of a distribute-list or a prefix-list. However these methods do not scale well as future ip addressing changes or additions require access lists to be revisited.
+Mungkinkah kita membuat supaya BGP AS yang kita gunakan tidak menjadi transit path?
   BB1 ------ R1 (AS 101) ------- R2 (AS 101) ------- BB2
-Here are 2 options that scale and do not require revisiting when ip addresses change.
+Hal ini dapat dengan mudah dilakukan dengan (1) distribute-list. Cara ini tidak scale dengan mudah jika ip address berubah dikemudian hari karena harus melihat access lists
-OPTION 1 - Make use of the no-export community.
+Atau dengan (2) prefix-list, cara ini lebih mudah untuk berkembang tanpa perlu melihat jika IP address berubah.
+==OPTION 1 - menggunakan no-export community==
 -------------------------------------------------------------
-Here i apply the community no-export to ALL incoming bgp routes.
+Disini community no-export di berlakukan ke semua ALL incoming bgp routes.
   R1
@@ Line 21: / Line 24: @@
-OPTION 2 – Make use of the filter-list command
+==OPTION 2 – menggunakan perintah filter-list==
------------------------------------------------------------
-Here i create an as-path access list and only allow bgp routes originated in the routers own as (AS 101) to be advertised out.
+Disini kita membuat as-path access list dan hanya mengijinkan bgp routes originated dari AS asal router (AS 101) yang di advertised out.
   R2
@@ Line 32: / Line 34: @@
   neigh {ip addrBB2} filter-list 1 out
+Dua perintah di atas digunakan
+ show ip bgp {ip address} advertise
-With both commands i use show ip bgp {ip address} advertise for verification of advertised routes.
+untuk memverifikasi advertised routes.
@@ Line 45: / Line 50: @@
 ==Pranala Menarik==
+* [[TCP/IP: Advanced Routing]]
 * [[Quagga]]
 * [[Mikrotik]]
 * [[Cisco]]
 * [[Juniper]]
+* [[BIRD: Routing]]
+* [[IPv6]]

Cisco: BGP Dua Link No Transit: Difference between revisions

Latest revision as of 02:30, 1 January 2019

Contents

OPTION 1 - menggunakan no-export community

OPTION 2 – menggunakan perintah filter-list

Referensi

Pranala Menarik

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools