Belajar Mengkonfigurasi MPLS-VPN (PE-CE with OSPF)di
Junoshttp://iwing.wordpress.com Berhubung masih nobitol makanya
masih script kiddies, maklum baru belajar [email protected][email protected]
-------------------------------------------------------------------------------------------!
Topology yang digunakan !
--------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------------------!
Konfigurasi Router cnc1 (CE1) !
------------------------------------[email protected]cnc1#
show ## Last changed: 2010-07-04 13:57:49 UTC version 8.4R4.2;
system { host-name cnc1; root-authentication { encrypted-password
"$1$rdYbfs2s$UfeiORYzSrjvML7X.mIHy0"; ## SECRET-DATA } login {
message
"\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n \n!Access to this device is
limited to authorized user only!\n \n!WARNING!!!:ALL unathourized
access is prohibited. !\n
\n!========================================================!\n\n";
user iwing { uid 2001; class super-user; authentication {
encrypted-password "$1$rQy0ZTV0$A1hVDjhzF2niCbd/4MI0K."; ##
SECRET-DATA } } }
services { ftp; ssh; telnet; web-management { http { port 80; }
} } syslog { user * { any emergency; } file messages { any notice;
authorization info; } file interactive-commands {
interactive-commands any; } } } interfaces { fxp0 { unit 0 { family
inet { address 192.168.10.1/24; } } } fxp2 { unit 0 { family inet {
address 192.168.80.1/24; } } } lo0 { unit 0 { family inet { address
1.1.1.1/32; } } } } protocols { ospf { area 0.0.0.0 { interface
lo0.0 { passive; } interface fxp0.0; interface fxp2.0; } } } [edit]
[email protected]#
-----------------------------------------------------------------------------------------------!
Konfigurasi Router cnc2 (PE1) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# show ## Last changed: 2010-07-04 13:29:13 UTC version
8.4R4.2; system { host-name cnc2; root-authentication {
encrypted-password "$1$QeV0HEqD$DcAIEpD8DU94YaIzoqsfo/"; ##
SECRET-DATA
} login { message
"\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n \n!Access to this device is
limited to authorized user only!\n \n!WARNING!!!:ALL unathourized
access is prohibited. !\n
\n!========================================================!\n\n";
user iwing { uid 2000; class super-user; authentication {
encrypted-password "$1$a1HVR5jH$yoUbW1IOcAHOdAQCahOpy0"; ##
SECRET-DATA } } } services { ftp; ssh; telnet; } syslog { user * {
any emergency; } file messages { any notice; authorization info; }
file interactive-commands { interactive-commands any; } } }
interfaces { fxp0 { unit 0 { family inet { address 192.168.10.2/24;
} family mpls; } } fxp1 { unit 0 { family inet { address
192.168.20.1/24; } family mpls; } } lo0 { unit 0 { family inet {
address 2.2.2.2/32; } } } } routing-options { router-id 2.2.2.2;
autonomous-system 100; } protocols { rsvp { traceoptions { file
ldp-log; flag all; flag packets detail; } interface fxp1.0;
interface fxp0.0;
} mpls { label-switched-path pe-cnc2-to-pe-cnc4 { to 4.4.4.4; }
interface fxp1.0; interface fxp0.0; } bgp { family inet { unicast;
} group pe-cnc2-to-pe-cnc4 { type internal; local-address 2.2.2.2;
family inet { unicast; } family inet-vpn { unicast; } peer-as 100;
neighbor 4.4.4.4; } } ospf { traffic-engineering; area 0.0.0.0 {
interface lo0.0 { passive; } interface fxp1.0; label-switched-path
pe-cnc2-to-pe-cnc4; } } } policy-options { policy-statement
vpncnc-export-policy { term 1 { from protocol ospf; then {
community add vpncnc; accept; } } term 2 { then reject; } }
policy-statement vpncnc-import-policy { term 1 { from { protocol
bgp; community vpncnc; } then accept; } term 2 { then reject; } }
community vpncnc members target:100:01; } routing-instances {
vpncnc { instance-type vrf; interface fxp0.0; route-distinguisher
100:01; vrf-import vpncnc-import-policy; vrf-export
vpncnc-export-policy; vrf-table-label;
protocols { ospf { export vpncnc-import-policy; area 0.0.0.0 {
interface fxp0.0; } } } } } [edit] [email protected]#
-----------------------------------------------------------------------------------------------!
Konfigurasi Router cnc3 (P) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# show ## Last changed: 2010-07-04 12:39:54 UTC version
8.4R4.2; system { host-name cnc3; root-authentication {
encrypted-password "$1$rdYbfs2s$UfeiORYzSrjvML7X.mIHy0"; ##
SECRET-DATA } login { message
"\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n \n!Access to this device is
limited to authorized user only!\n \n!WARNING!!!:ALL unathourized
access is prohibited. !\n
\n!========================================================!\n\n";
user iwing { uid 2000; class super-user; authentication {
encrypted-password "$1$nBU.RVsT$LMG9TWM9OUQZGvInqYfEu1"; ##
SECRET-DATA } } } services { ftp; ssh; web-management { http { port
80; } } } syslog { user * { any emergency; } file messages { any
notice; authorization info; } file interactive-commands {
interactive-commands any; } } } interfaces { fxp0 { unit 0 { family
inet { address 192.168.30.1/24; } family mpls; } } fxp1 {
unit 0 { family inet { address 192.168.20.2/24; } family mpls; }
} lo0 { unit 0 { family inet { address 3.3.3.3/32; } } } }
routing-options { router-id 3.3.3.3; autonomous-system 100; }
protocols { rsvp { traceoptions { file ldp-log; flag all; flag
packets detail; } interface fxp0.0; interface fxp1.0; } mpls {
interface all; interface fxp0.0; interface fxp1.0; } ospf {
traffic-engineering; area 0.0.0.0 { interface lo0.0 { passive; }
interface fxp0.0; interface fxp1.0; } } } [edit] [email protected]#
-----------------------------------------------------------------------------------------------!
Konfigurasi Router cnc4 (PE2) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# show ## Last changed: 2010-07-04 13:54:31 UTC version
8.4R4.2; system { host-name cnc4; root-authentication {
encrypted-password "$1$rdYbfs2s$UfeiORYzSrjvML7X.mIHy0"; ##
SECRET-DATA } login { message
"\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n \n!Access to this device is
limited to authorized user only!\n \n!WARNING!!!:ALL unathourized
access is prohibited. !\n
\n!========================================================!\n\n";
user iwing { uid 2000; class super-user; authentication {
encrypted-password "$1$a4h8jH/6$WNgvFOgNFh2cnvlaHnZms1"; ##
SECRET-DATA
} } } services { ftp; ssh; web-management { http { port 80; } }
} syslog { user * { any emergency; } file messages { any notice;
authorization info; } file interactive-commands {
interactive-commands any; } } } interfaces { fxp0 { unit 0 { family
inet { address 192.168.30.2/24; } family mpls; } } fxp2 { unit 0 {
family inet { address 192.168.40.1/24; } family mpls; } } lo0 {
unit 0 { family inet { address 4.4.4.4/32; } } } } routing-options
{ router-id 4.4.4.4; autonomous-system 100; } protocols { rsvp {
traceoptions { file ldp-log; flag all; flag packets detail; }
interface fxp0.0; interface fxp2.0; } mpls { label-switched-path
pe-cnc4-to-pe-cnc2 { to 2.2.2.2; } interface fxp0.0; interface
fxp2.0; }
bgp { family inet { unicast; } group pe-cnc4-to-pe-cnc2 { type
internal; local-address 4.4.4.4; family inet { unicast; } family
inet-vpn { unicast; } peer-as 100; neighbor 2.2.2.2; } } ospf {
traffic-engineering; area 0.0.0.0 { interface lo0.0 { passive; }
interface fxp0.0; interface fxp1.0; label-switched-path
pe-cnc4-to-pe-cnc2; } } } policy-options { policy-statement
vpncnc-export-policy { term 1 { from protocol ospf; then {
community add vpncnc; accept; } } term 2 { then reject; } }
policy-statement vpncnc-import-policy { term 1 { from { protocol
bgp; community vpncnc; } then accept; } term 2 { then reject; } }
community vpncnc members target:100:01; } routing-instances {
vpncnc { instance-type vrf; interface fxp2.0; route-distinguisher
100:01; vrf-import vpncnc-import-policy; vrf-export
vpncnc-export-policy; vrf-table-label; protocols { ospf { export
vpncnc-import-policy; area 0.0.0.0 { interface fxp2.0; } }
} } } [edit] [email protected]#
-----------------------------------------------------------------------------------------------!
Konfigurasi Router cnc5 (CE2) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# show ## Last changed: 2010-07-04 13:28:14 UTC version
8.4R4.2; system { host-name cnc5; root-authentication {
encrypted-password "$1$rdYbfs2s$UfeiORYzSrjvML7X.mIHy0"; ##
SECRET-DATA } login { message
"\n\n!========================================================!\n
\n!Router cnc, maintened by:iwing !\n \n!Access to this device is
limited to authorized user only!\n \n!WARNING!!!:ALL unathourized
access is prohibited. !\n
\n!========================================================!\n\n";
user iwing { uid 2000; class super-user; authentication {
encrypted-password "$1$a4h8jH/6$WNgvFOgNFh2cnvlaHnZms1"; ##
SECRET-DATA } } } services { ftp; ssh; web-management { http { port
80; } } } syslog { user * { any emergency; } file messages { any
notice; authorization info; } file interactive-commands {
interactive-commands any; } } } interfaces { fxp2 { unit 0 { family
inet { address 192.168.40.2/24; } } } fxp4 { unit 0 { family inet {
address 192.168.90.1/24; } } } lo0 { unit 0 {
family inet { address 5.5.5.5/32; } } } } protocols { ospf {
area 0.0.0.0 { interface lo0.0 { passive; } interface fxp2.0;
interface fxp4.0; } } } [edit] [email protected]#
-----------------------------------------------------------------------------------------------!
How to check 1 (run show mpls interface) and (run show rsvp
interface) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run show mpls interface Interface State Administrative
groups fxp1.0 Up [edit] [email protected]# run show rsvp interface RSVP
interface: 2 active Active Subscr- Static Interface State resv
iption BW fxp0.0 Up 0 100% 10Mbps fxp1.0 Up 1 100% 10Mbps [edit]
[edit] [email protected]# run show mpls interface Interface State
Administrative groups fxp0.0 Up fxp1.0 Up [edit] [email protected]# run
show rsvp interface RSVP interface: 2 active Active Subscr- Static
Interface State resv iption BW fxp0.0 Up 1 100% 10Mbps fxp1.0 Up 1
100% 10Mbps [edit] [email protected]# [edit] [email protected]# run show mpls
interface Interface State Administrative groups fxp0.0 Up [edit]
[email protected]# run show rsvp interface RSVP interface: 2 active Active
Subscr- Static Interface State resv iption BW fxp0.0 Up 1 100%
10Mbps fxp2.0 Up 0 100% 10Mbps [edit] [email protected]#
Available BW 10Mbps 10Mbps
Reserved BW 0bps 0bps
Highwater mark 0bps 0bps
Available BW 10Mbps 10Mbps
Reserved BW 0bps 0bps
Highwater mark 0bps 0bps
Available BW 10Mbps 10Mbps
Reserved BW 0bps 0bps
Highwater mark 0bps 0bps
-----------------------------------------------------------------------------------------------!
How to check 2 (run show mpls lsp) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run show mpls lsp Ingress LSP: 1 sessions To From State
Rt ActivePath P LSPname 4.4.4.4 2.2.2.2 Up 2 * pe-cnc2-to-pe-cnc4
Total 1 displayed, Up 1, Down 0 Egress LSP: 1 sessions To From
State 2.2.2.2 4.4.4.4 Up Total 1 displayed, Up 1, Down 0 Transit
LSP: 0 sessions Total 0 displayed, Up 0, Down 0 [edit] [email protected]#
[edit] [email protected]# run show mpls lsp Ingress LSP: 0 sessions Total 0
displayed, Up 0, Down 0 Egress LSP: 0 sessions Total 0 displayed,
Up 0, Down 0 Transit LSP: 2 sessions To From State 2.2.2.2 4.4.4.4
Up 4.4.4.4 2.2.2.2 Up Total 2 displayed, Up 2, Down 0 [edit]
[email protected]# edit] [email protected]# run show mpls lsp Ingress LSP: 1
sessions To From State Rt ActivePath 2.2.2.2 4.4.4.4 Up 2 Total 1
displayed, Up 1, Down 0 Egress LSP: 1 sessions To From State
4.4.4.4 2.2.2.2 Up Total 1 displayed, Up 1, Down 0 Transit LSP: 0
sessions Total 0 displayed, Up 0, Down 0 [edit] [email protected]# Rt Style
Labelin Labelout LSPname 1 1 FF 100000 3 pe-cnc4-to-pe-cnc2 1 1 FF
100016 3 pe-cnc2-to-pe-cnc4 Rt Style Labelin Labelout LSPname 0 1
FF 3 - pe-cnc4-to-pe-cnc2
P *
LSPname pe-cnc4-to-pe-cnc2
Rt Style Labelin Labelout LSPname 0 1 FF 3 -
pe-cnc2-to-pe-cnc4
-----------------------------------------------------------------------------------------------!
How to check 3 (run show bgp summary) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run show bgp summary Groups: 1 Peers: 1 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 0 0 0 0 0 0 bgp.l3vpn.0 2 2 0 0 0 0 Peer AS InPkt OutPkt
OutQ Flaps Last Up/Dwn State|#Active/Received/Damped... 4.4.4.4 100
194 146 0 0 57:45 Establ inet.0: 0/0/0 bgp.l3vpn.0: 2/2/0
vpncnc.inet.0: 2/2/0 [edit] [email protected]# [edit] [email protected]# run show
bgp summary Groups: 1 Peers: 1 Down peers: 0 Table Tot Paths Act
Paths Suppressed History Damp State Pending inet.0 0 0 0 0 0 0
bgp.l3vpn.0 2 2 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn
State|#Active/Received/Damped... 2.2.2.2 100 145 197 0 0 1:21:36
Establ inet.0: 0/0/0 bgp.l3vpn.0: 2/2/0 vpncnc.inet.0: 2/2/0 [edit]
[email protected]#
-----------------------------------------------------------------------------------------------!
How to check 4 (run show bgp neighbor) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run show bgp neighbor Peer: 4.4.4.4+179 AS 100 Local:
2.2.2.2+2470 AS 100 Type: Internal State: Established Flags: Last
State: OpenConfirm Last Event: RecvKeepAlive Last Error: None
Options: Address families configured: inet-unicast inet-vpn-unicast
Local Address: 2.2.2.2 Holdtime: 90 Preference: 170 Number of
flaps: 0 Peer ID: 4.4.4.4 Local ID: 2.2.2.2 Active Holdtime: 90
Keepalive Interval: 30 Peer index: 0 BFD: disabled, down NLRI
advertised by peer: inet-unicast inet-vpn-unicast NLRI for this
session: inet-unicast inet-vpn-unicast Peer supports Refresh
capability (2) Table inet.0 Bit: 10000 RIB State: BGP restart is
complete Send state: in sync Active prefixes: 0 Received prefixes:
0 Suppressed due to damping: 0 Advertised prefixes: 0 Table
bgp.l3vpn.0 RIB State: BGP restart is complete RIB State: VPN
restart is complete Send state: not advertising Active prefixes: 2
Received prefixes: 2 Suppressed due to damping: 0 Table
vpncnc.inet.0 Bit: 40000 RIB State: BGP restart is complete RIB
State: VPN restart is complete
Send state: in sync Active prefixes: 2 Received prefixes: 2
Suppressed due to damping: 0 Advertised prefixes: 2 Last traffic
(seconds): Received 9 Sent 21 Checked 14 Input messages: Total 223
Updates 9 Refreshes 3 Output messages: Total 166 Updates 11
Refreshes 3 Output Queue[0]: 0 Output Queue[1]: 0 Output Queue[3]:
0 [edit] [email protected]#
Octets 4935 Octets 4047
[edit] [email protected]# run show bgp neighbor Peer: 2.2.2.2+2470 AS
100 Local: 4.4.4.4+179 AS 100 Type: Internal State: Established
Flags: Last State: OpenConfirm Last Event: RecvKeepAlive Last
Error: None Options: Address families configured: inet-unicast
inet-vpn-unicast Local Address: 4.4.4.4 Holdtime: 90 Preference:
170 Number of flaps: 0 Peer ID: 2.2.2.2 Local ID: 4.4.4.4 Active
Holdtime: 90 Keepalive Interval: 30 Peer index: 0 BFD: disabled,
down NLRI advertised by peer: inet-unicast inet-vpn-unicast NLRI
for this session: inet-unicast inet-vpn-unicast Peer supports
Refresh capability (2) Table inet.0 Bit: 10000 RIB State: BGP
restart is complete Send state: in sync Active prefixes: 0 Received
prefixes: 0 Suppressed due to damping: 0 Advertised prefixes: 0
Table bgp.l3vpn.0 RIB State: BGP restart is complete RIB State: VPN
restart is complete Send state: not advertising Active prefixes: 2
Received prefixes: 2 Suppressed due to damping: 0 Table
vpncnc.inet.0 Bit: 40000 RIB State: BGP restart is complete RIB
State: VPN restart is complete Send state: in sync Active prefixes:
2 Received prefixes: 2 Suppressed due to damping: 0 Advertised
prefixes: 2 Last traffic (seconds): Received 9 Sent 20 Checked 31
Input messages: Total 165 Updates 11 Refreshes 3 Octets 4028 Output
messages: Total 224 Updates 9 Refreshes 3 Octets 4988 Output
Queue[0]: 0 Output Queue[1]: 0 Output Queue[3]: 0 [edit]
[email protected]#
-----------------------------------------------------------------------------------------------!
How to check 5 !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run ping 192.168.80.2 count 5 routing-instance vpncnc
PING 192.168.80.2 (192.168.80.2): 56 data bytes 64 bytes from
192.168.80.2: icmp_seq=0 ttl=63 time=14.727 ms 64 bytes from
192.168.80.2: icmp_seq=1 ttl=63 time=2.671 ms 64 bytes from
192.168.80.2: icmp_seq=2 ttl=63 time=2.209 ms 64 bytes from
192.168.80.2: icmp_seq=3 ttl=63 time=2.963 ms 64 bytes from
192.168.80.2: icmp_seq=4 ttl=63 time=3.306 ms --- 192.168.80.2 ping
statistics --5 packets transmitted, 5 packets received, 0% packet
loss round-trip min/avg/max/stddev = 2.209/5.175/14.727/4.789 ms
[edit] [email protected]# [edit] [email protected]# run ping 192.168.90.2 count 5
routing-instance vpncnc PING 192.168.90.2 (192.168.90.2): 56 data
bytes 64 bytes from 192.168.90.2: icmp_seq=0 ttl=63 time=14.421 ms
64 bytes from 192.168.90.2: icmp_seq=1 ttl=63 time=4.052 ms 64
bytes from 192.168.90.2: icmp_seq=2 ttl=63 time=4.367 ms 64 bytes
from 192.168.90.2: icmp_seq=3 ttl=63 time=2.962 ms 64 bytes from
192.168.90.2: icmp_seq=4 ttl=63 time=5.776 ms --- 192.168.90.2 ping
statistics --5 packets transmitted, 5 packets received, 0% packet
loss round-trip min/avg/max/stddev = 2.962/6.316/14.421/4.151 ms
[edit] [email protected]#
-----------------------------------------------------------------------------------------------!
How to check 6 (run show route) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run show route inet.0: 8 destinations, 8 routes (8
active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, *
= Both 1.1.1.1/32 5.5.5.5/32 192.168.10.0/24 192.168.10.1/32
192.168.80.0/24 192.168.80.1/32 192.168.90.0/24 224.0.0.5/32
*[Direct/0] 01:28:56 > via lo0.0 *[OSPF/10] 00:05:01, metric 20
> to 192.168.10.2 via fxp0.0 *[Direct/0] 01:28:56 > via
fxp0.0 *[Local/0] 01:28:56 Local via fxp0.0 *[Direct/0] 01:28:56
> via fxp2.0 *[Local/0] 01:28:56 Local via fxp2.0 *[OSPF/10]
00:05:01, metric 30 > to 192.168.10.2 via fxp0.0 *[OSPF/10]
01:28:59, metric 1 MultiRecv
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active,
0 holddown, 1 hidden) [edit] [email protected]# [edit] [email protected]# run show
route inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0
hidden) + = Active Route, - = Last Active, * = Both
2.2.2.2/32 3.3.3.3/32 4.4.4.4/32 192.168.20.0/24 192.168.20.1/32
192.168.30.0/24 224.0.0.5/32
*[Direct/0] 00:57:56 > via lo0.0 *[OSPF/10] 00:57:07, metric
10 > to 192.168.20.2 via fxp1.0 *[OSPF/10] 00:56:50, metric 1
> to 192.168.20.2 via fxp1.0, label-switched-path
pe-cnc2-to-pe-cnc4 *[Direct/0] 00:57:56 > via fxp1.0 *[Local/0]
00:57:56 Local via fxp1.0 *[OSPF/10] 00:56:50, metric 11 > to
192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
*[OSPF/10] 00:58:01, metric 1 MultiRecv
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0
hidden) + = Active Route, - = Last Active, * = Both 4.4.4.4/32
*[RSVP/7] 00:56:45, metric 1 > to 192.168.20.2 via fxp1.0,
label-switched-path pe-cnc2-to-pe-cnc4
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active,
0 holddown, 1 hidden) vpncnc.inet.0: 7 destinations, 7 routes (7
active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, *
= Both 1.1.1.1/32 5.5.5.5/32 192.168.10.0/24 192.168.10.2/32
192.168.80.0/24 192.168.90.0/24 224.0.0.5/32 *[OSPF/10] 00:03:32,
metric 10 > to 192.168.10.1 via fxp0.0 *[BGP/170] 00:03:38, MED
10, localpref 100, from 4.4.4.4 AS path: I > to 192.168.20.2 via
fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4 *[Direct/0] 00:03:45
> via fxp0.0 *[Local/0] 00:03:45 Local via fxp0.0 *[OSPF/10]
00:03:32, metric 20 > to 192.168.10.1 via fxp0.0 *[BGP/170]
00:03:38, MED 20, localpref 100, from 4.4.4.4 AS path: I > to
192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
*[OSPF/10] 00:03:47, metric 1 MultiRecv
mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0
hidden) + = Active Route, - = Last Active, * = Both 0 1 2 17
*[MPLS/0] 00:58:00, metric Receive *[MPLS/0] 00:58:00, metric
Receive *[MPLS/0] 00:58:00, metric Receive *[VPN/0] 00:03:47 to
table vpncnc.inet.0, 1 1 1 Pop
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0
hidden) + = Active Route, - = Last Active, * = Both
100:1:5.5.5.5/32 *[BGP/170] 00:03:38, MED 10, localpref 100, from
4.4.4.4 AS path: I > to 192.168.20.2 via fxp1.0,
label-switched-path pe-cnc2-to-pe-cnc4 100:1:192.168.90.0/24
*[BGP/170] 00:03:38, MED 20, localpref 100, from 4.4.4.4 AS path: I
> to 192.168.20.2 via fxp1.0, label-switched-path
pe-cnc2-to-pe-cnc4
[edit] [email protected]# [edit] [email protected]# run show route inet.0: 8
destinations, 8 routes (8 active, 0 holddown, 0 hidden) + = Active
Route, - = Last Active, * = Both 2.2.2.2/32 3.3.3.3/32 4.4.4.4/32
192.168.20.0/24 192.168.20.2/32 192.168.30.0/24 192.168.30.1/32
224.0.0.5/32 *[OSPF/10] 01:44:33, metric 10 > to 192.168.20.1
via fxp1.0 *[Direct/0] 01:46:32 > via lo0.0 *[OSPF/10] 01:45:12,
metric 10 > to 192.168.30.2 via fxp0.0 *[Direct/0] 01:46:32 >
via fxp1.0 *[Local/0] 01:46:32 Local via fxp1.0 *[Direct/0]
01:46:32 > via fxp0.0 *[Local/0] 01:46:32 Local via fxp0.0
*[OSPF/10] 01:46:41, metric 1 MultiRecv
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active,
0 holddown, 1 hidden) mpls.0: 7 destinations, 7 routes (7 active, 0
holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 0 1
2 100000 100000(S=0) 100016 100016(S=0) [edit] [email protected]# [edit]
[email protected]# run show route inet.0: 7 destinations, 7 routes (7
active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, *
= Both 2.2.2.2/32 3.3.3.3/32 4.4.4.4/32 192.168.20.0/24
192.168.30.0/24 192.168.30.2/32 224.0.0.5/32 *[OSPF/10] 01:20:52,
metric 1 > to 192.168.30.1 via fxp0.0, label-switched-path
pe-cnc4-to-pe-cnc2 *[OSPF/10] 01:21:31, metric 10 > to
192.168.30.1 via fxp0.0 *[Direct/0] 01:22:25 > via lo0.0
*[OSPF/10] 01:20:43, metric 11 > to 192.168.30.1 via fxp0.0,
label-switched-path pe-cnc4-to-pe-cnc2 *[Direct/0] 01:22:25 >
via fxp0.0 *[Local/0] 01:22:25 Local via fxp0.0 *[OSPF/10]
01:22:32, metric 1 MultiRecv *[MPLS/0] 01:46:40, metric 1 Receive
*[MPLS/0] 01:46:40, metric 1 Receive *[MPLS/0] 01:46:40, metric 1
Receive *[RSVP/7] 01:44:20, metric 1 > to 192.168.20.1 via
fxp1.0, *[RSVP/7] 01:44:20, metric 1 > to 192.168.20.1 via
fxp1.0, *[RSVP/7] 01:44:14, metric 1 > to 192.168.30.2 via
fxp0.0, *[RSVP/7] 01:44:14, metric 1 > to 192.168.30.2 via
fxp0.0,
label-switched-path pe-cnc4-to-pe-cnc2 label-switched-path
pe-cnc4-to-pe-cnc2 label-switched-path pe-cnc2-to-pe-cnc4
label-switched-path pe-cnc2-to-pe-cnc4
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0
hidden) + = Active Route, - = Last Active, * = Both 2.2.2.2/32
*[RSVP/7] 01:20:47, metric 1 > to 192.168.30.1 via fxp0.0,
label-switched-path pe-cnc4-to-pe-cnc2
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active,
0 holddown, 1 hidden) vpncnc.inet.0: 7 destinations, 7 routes (7
active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, *
= Both 1.1.1.1/32 5.5.5.5/32 192.168.40.0/24 192.168.40.1/32
192.168.80.0/24 192.168.90.0/24 224.0.0.5/32 *[BGP/170] 00:05:38,
MED 10, localpref 100, from 2.2.2.2 AS path: I > to 192.168.30.1
via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2 *[OSPF/10]
00:05:45, metric 10 > to 192.168.40.2 via fxp2.0 *[Direct/0]
00:05:59 > via fxp2.0 *[Local/0] 00:05:59 Local via fxp2.0
*[BGP/170] 00:05:38, MED 20, localpref 100, from 2.2.2.2 AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path
pe-cnc4-to-pe-cnc2 *[OSPF/10] 00:05:45, metric 20 > to
192.168.40.2 via fxp2.0 *[OSPF/10] 00:06:00, metric 1 MultiRecv
mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0
hidden) + = Active Route, - = Last Active, * = Both 0 1 2 17
*[MPLS/0] 01:22:31, metric Receive *[MPLS/0] 01:22:31, metric
Receive *[MPLS/0] 01:22:31, metric Receive *[VPN/0] 00:06:00 to
table vpncnc.inet.0, 1 1 1 Pop
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0
hidden) + = Active Route, - = Last Active, * = Both
100:1:1.1.1.1/32 *[BGP/170] 00:05:38, MED 10, localpref 100, from
2.2.2.2 AS path: I > to 192.168.30.1 via fxp0.0,
label-switched-path pe-cnc4-to-pe-cnc2 100:1:192.168.80.0/24
*[BGP/170] 00:05:38, MED 20, localpref 100, from 2.2.2.2 AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path
pe-cnc4-to-pe-cnc2 [edit] [email protected]# [edit] [email protected]# run show
route inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0
hidden) + = Active Route, - = Last Active, * = Both 1.1.1.1/32
5.5.5.5/32 192.168.40.0/24 192.168.40.2/32 192.168.80.0/24
*[OSPF/10] 00:04:16, metric 20 > to 192.168.40.1 via fxp2.0
*[Direct/0] 01:00:33 > via lo0.0 *[Direct/0] 01:00:33 > via
fxp2.0 *[Local/0] 01:00:33 Local via fxp2.0 *[OSPF/10] 00:04:16,
metric 30
192.168.90.0/24 192.168.90.1/32 224.0.0.5/32
> to 192.168.40.1 via fxp2.0 *[Direct/0] 01:00:33 > via
fxp4.0 *[Local/0] 01:00:33 Local via fxp4.0 *[OSPF/10] 01:00:34,
metric 1 MultiRecv
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active,
0 holddown, 1 hidden) [edit] [email protected]#
-----------------------------------------------------------------------------------------------!
How to check 6 (run show route table vpncnc.inet.0) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run show route table vpncnc.inet.0 vpncnc.inet.0: 7
destinations, 7 routes (7 active, 0 holddown, 0 hidden) + = Active
Route, - = Last Active, * = Both 1.1.1.1/32 5.5.5.5/32
192.168.10.0/24 192.168.10.2/32 192.168.80.0/24 192.168.90.0/24
224.0.0.5/32 [edit] [email protected]# [edit] [email protected]# run show route
table vpncnc.inet.0 vpncnc.inet.0: 7 destinations, 7 routes (7
active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, *
= Both 1.1.1.1/32 5.5.5.5/32 192.168.40.0/24 192.168.40.1/32
192.168.80.0/24 192.168.90.0/24 224.0.0.5/32 [edit] [email protected]#
*[BGP/170] 00:09:07, MED 10, localpref 100, from 2.2.2.2 AS path: I
> to 192.168.30.1 via fxp0.0, label-switched-path
pe-cnc4-to-pe-cnc2 *[OSPF/10] 00:09:14, metric 10 > to
192.168.40.2 via fxp2.0 *[Direct/0] 00:09:28 > via fxp2.0
*[Local/0] 00:09:28 Local via fxp2.0 *[BGP/170] 00:09:07, MED 20,
localpref 100, from 2.2.2.2 AS path: I > to 192.168.30.1 via
fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2 *[OSPF/10] 00:09:14,
metric 20 > to 192.168.40.2 via fxp2.0 *[OSPF/10] 00:09:29,
metric 1 MultiRecv *[OSPF/10] 00:06:30, metric 10 > to
192.168.10.1 via fxp0.0 *[BGP/170] 00:06:36, MED 10, localpref 100,
from 4.4.4.4 AS path: I > to 192.168.20.2 via fxp1.0,
label-switched-path pe-cnc2-to-pe-cnc4 *[Direct/0] 00:06:43 >
via fxp0.0 *[Local/0] 00:06:43 Local via fxp0.0 *[OSPF/10]
00:06:30, metric 20 > to 192.168.10.1 via fxp0.0 *[BGP/170]
00:06:36, MED 20, localpref 100, from 4.4.4.4 AS path: I > to
192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
*[OSPF/10] 00:06:45, metric 1 MultiRecv
-----------------------------------------------------------------------------------------------!
How to check 7 (run show route table bgp.l3vpn.0) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run show route table bgp.l3vpn.0 bgp.l3vpn.0: 2
destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active
Route, - = Last Active, * = Both 100:1:5.5.5.5/32 *[BGP/170]
00:07:03, MED 10, localpref 100, from 4.4.4.4 AS path: I > to
192.168.20.2 via fxp1.0, label-switched-path pe-cnc2-to-pe-cnc4
100:1:192.168.90.0/24 *[BGP/170] 00:07:03, MED 20, localpref 100,
from 4.4.4.4 AS path: I > to 192.168.20.2 via fxp1.0,
label-switched-path pe-cnc2-to-pe-cnc4 [edit] [email protected]# [edit]
[email protected]# run show route table bgp.l3vpn.0 bgp.l3vpn.0: 2
destinations, 2 routes (2 active, 0 holddown, 0 hidden) + = Active
Route, - = Last Active, * = Both 100:1:1.1.1.1/32 *[BGP/170]
00:09:55, MED 10, localpref 100, from 2.2.2.2 AS path: I > to
192.168.30.1 via fxp0.0, label-switched-path pe-cnc4-to-pe-cnc2
100:1:192.168.80.0/24 *[BGP/170] 00:09:55, MED 20, localpref 100,
from 2.2.2.2 AS path: I > to 192.168.30.1 via fxp0.0,
label-switched-path pe-cnc4-to-pe-cnc2 [edit] [email protected]#
-----------------------------------------------------------------------------------------------!
How to check 8 (run show route table bgp.l3vpn.0 detai []) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run show route table bgp.l3vpn.0 detail 192.168.90.0/24
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0
hidden) 100:1:192.168.90.0/24 (1 entry, 0 announced) *BGP
Preference: 170/-101 Route Distinguisher: 100:1 Next hop type:
Indirect Next-hop reference count: 6 Source: 4.4.4.4 Next hop type:
Router, Next hop index: 422 Next hop: 192.168.20.2 via fxp1.0
weight 0x1, selected Label-switched-path pe-cnc2-to-pe-cnc4 Label
operation: Push 17, Push 100016(top) Protocol next hop: 4.4.4.4
Push 17 Indirect next hop: 8967000 131070 State: Local AS: 100 Peer
AS: 100 Age: 7:46 Metric: 20 Metric2: 1 Task: BGP_100.4.4.4.4+179
AS path: I Communities: target:100:1 rte-type:0.0.0.0:1:0 VPN
Label: 17 Localpref: 100 Router ID: 4.4.4.4 Secondary Tables:
vpncnc.inet.0
[edit] [email protected]# [edit] [email protected]# run show route table
bgp.l3vpn.0 detail 192.168.80.0/24 bgp.l3vpn.0: 2 destinations, 2
routes (2 active, 0 holddown, 0 hidden) 100:1:192.168.80.0/24 (1
entry, 0 announced) *BGP Preference: 170/-101 Route Distinguisher:
100:1 Next hop type: Indirect Next-hop reference count: 6 Source:
2.2.2.2 Next hop type: Router, Next hop index: 422 Next hop:
192.168.30.1 via fxp0.0 weight 0x1, selected Label-switched-path
pe-cnc4-to-pe-cnc2 Label operation: Push 17, Push 100000(top)
Protocol next hop: 2.2.2.2 Push 17 Indirect next hop: 89a4000
131070 State: Local AS: 100 Peer AS: 100 Age: 11:25 Metric: 20
Metric2: 1 Task: BGP_100.2.2.2.2+2470 AS path: I Communities:
target:100:1 rte-type:0.0.0.0:1:0 VPN Label: 17 Localpref: 100
Router ID: 2.2.2.2 Secondary Tables: vpncnc.inet.0 [edit]
[email protected]#
-----------------------------------------------------------------------------------------------!
How to check 9 (run show route table mpls protocol vpn detail) !
-----------------------------------------------------------------------------------------------[edit]
[email protected]# run show route table mpls protocol vpn detail mpls.0: 4
destinations, 4 routes (4 active, 0 holddown, 0 hidden) 17 (1
entry, 0 announced) *VPN Preference: 0 Next table: vpncnc.inet.0
Label operation: Pop Next-hop reference count: 1 State: Age: 9:04
Task: RT AS path: I [edit] [email protected] [edit] [email protected]# run show
route table mpls protocol vpn detail mpls.0: 4 destinations, 4
routes (4 active, 0 holddown, 0 hidden) 17 (1 entry, 0 announced)
*VPN Preference: 0 Next table: vpncnc.inet.0 Label operation: Pop
Next-hop reference count: 1 State: Age: 13:26 Task: RT AS path: I
[edit] [email protected]#
-----------------------------------------------------------------------------------------------!
How to check 10 (ping from Custumer to Custumer)
------------------------------------------------------------------------------------------------
"Sekian dulu, semoga bermanfaat dan salam sedogedoi", saya mau
belajar lagi teorinya T_T, kalau ada yang keliru tolong beritahu
saya, terima kasih... @[email protected] CMIIW
![JunOSluk.kis.p.lodz.pl/KSBG/wyklad/v2017/02 JUNIPER... · Juniper - JunOS 22 [edit] user@router# edit protocols ospf area 51 stub [edit protocols ospf area 0.0.0.51 stub] user@router#](https://img.pdfslide.net/doc/110x75/6110e194f9d81657a43878bc/juniper-juniper-junos-22-edit-userrouter-edit-protocols-ospf-area-51.jpg?t=1679811307)
