Topic: Belajar BGP confederation

Bismillahi rohman nir rohim,
Assalamu'alaikum wr. wb.

Pada artikel ini, penulis mencoba untuk mempelajari apa itu BGP confederation, gunanya, cara bekerjanya dan bagaimana cara mengkonfigurasinya.

Tulisan ini bersifat generik dan umum (implementasi yang hampir sama/seragam antara satu perangkat router dengan router lainnya, perbedaan mungkin hanya masalah penulisan perintah). Tulisan ini dibuat secara sederhana (garis besar) dan tidak terlalu detil, sehingga pembaca wajib mencari sumber referensi utama/tambahan yang lebih akurat/terpercaya seperti dokumentasi RFC/Request for Comment, atau Wikipedia dsb.

Sebagai alat peraga penulis menggunakan 5 perangkat router MikroTik RB450G dengan RouterOS versi 4.11 (untuk dokumentasi konfigurasi perangkat router MikroTik dapat dirujuk ke http://wiki.mikrotik.com/wiki/Main_Page).

Tujuan dan tahapan :
1. Dapat menjelaskan apa itu BGP dan bagaimana cara bekerjanya?
2. Dapat menjelaskan apa itu BGP confederation, kenapa dibutuhkan?
3. Dapat menyusun langkah konfigurasi BGP confederation
4. Dapat menyusun langkah troubleshooting BGP confederation

Kebutuhan :
1. Pengetahuan dasar OSI dan TCP/IP layer
2. Pengetahuan dasar pengalamatan IP subnet
3. Pengetahuan dasar konfigurasi perangkat router MikroTik
4. Pengetahuan dasar operasi Border Gateway Protocol/BGP
5. Pengetahuan lanjut tentang perbedaan operasi iBGP dan eBGP, dan atribut BGP

http://2.bp.blogspot.com/_xQ33F-E6AP0/TOzgheEtx2I/AAAAAAAAAE8/9ITLP6ZTx5c/s1600/Diagram-bgp-confed1.png
Penjelasan diagram topologi laboratorium BGP confederation :
- 5 router
- 5 BGP Autonomous Systems (AS)
- CIDR subnet 10.32.0.0/16 untuk dibagikan kepada 5 router (atau 5 Autonomous System/AS)

1. Apa itu BGP, dan bagaimana cara bekerjanya?

Untuk mempersingkat artikel ini, pembaca dapat merujuk istilah Border Gateway Protocol/BGP pada situs Wikipedia berikut http://en.wikipedia.org/wiki/Bgp

2. Apa itu BGP confederation? kenapa dibutuhkan?

Untuk dokumentasi lengkap BGP confederation, pembaca dipersilahkan membaca dokumentasi RFC 5065 berikut http://tools.ietf.org/html/rfc5065

Secara sederhana, BGP confederation adalah sebuah mekanisme pada BGP yang dikembangkan untuk memperpendek/memperkecil rentang path Autonomous System (AS_PATH) dalam sebuah rute BGP (termasuk pada update rute) sehingga mengurangi kompleksitas kendali administrasi AS dari peer BGP speaker.

Penjelasan :
- Pada skema terlampir diatas (mohon garis dari r2 ke r3 diabaikan untuk sementara), pada mulanya (sebelum dilakukan BGP confederation) sebuah rute (atau update rute) dari AS 65513 (r2) menuju AS 65514 (r3) akan melewati 3 transit AS yaitu AS 65510 (r1), AS 65511 (r4) dan AS 65512 (r5), namun setelah dilakukan mekanisme BGP confederation antara 3 AS : AS 65510 (r1), 65511 (r4) dan 65512 (r5) dengan menggunakan AS baru 65515, maka AS_PATH yang terkandung dalam update rute BGP dari AS 65513 (r2) menuju AS 65514 (r3) akan diringkas-diperpendek (AS 65510, 65511, 65512) dan digantikan-ditambah dengan AS 65515 (walaupun aliran data dari AS 65513 (r2) akan tetap melalui ketiga transit AS sebelumnya : AS 65510 (r1), AS 65511 (r4), AS 65512 (r5) dan berakhir pada AS 65514 (r3)).

- Mengurangi jumlah mesh/sambungan ke-BGP peer yang harus dibuat (khusus pada penerapan internal BGP/iBGP)

Langkah konfigurasi BGP confederation :
1. Menentukan IP subnet yang akan digunakan untuk setiap AS (atau router), baik itu secara CIDR maupun VLSM (bila belum terbentuk)
2. Menyiapkan konektifitas dasar antar router (bila belum tersambung)
3. Konfigurasi eBGP dasar untuk setiap AS pada router
4. Menyiapkan peering dengan peer AS - mengaktifkan BGP pada router, berikut cek update rute eBGP
5. Menyiapkan route-filter untuk eBGP peer (opsional tapi diutamakan)
6. Menyiapkan eBGP confederation antar beberapa peer eBGP speaker
7. Mengamati hasil eBGP confederation pada tabel rute
8. Kesimpulan?

1. Menentukan IP subnet yang akan digunakan untuk setiap AS (atau router), baik itu secara CIDR maupun VLSM (bila belum terbentuk)

contoh :
10.32.0.0/16
10.32.0.0/19    r1    AS 65510
10.32.32.0/19    r2    AS 65511
10.32.64.0/19    r3    AS 65512
10.32.96.0/19    r4    AS 65513
10.32.128.0/19    r5    AS 65514

2. Menyiapkan konektifitas dasar antar router (bila belum tersambung)

contoh pada r1 AS 65510 :
10.32.0.0/19
10.32.0.0/24    khusus loopback
10.32.1.0/24    sambungan ke r2
10.32.2.0/24    sambungan ke r4
10.32.3.0/24    alokasi jaringan eceran/retail
10.32.4.0/24    alokasi jaringan dedicated/corporate

[admin@r2] > /ping 10.32.1.1 count=4 src-address=10.32.1.2
10.32.1.1 64 byte ping: ttl=64 time=1 ms
10.32.1.1 64 byte ping: ttl=64 time<1 ms
10.32.1.1 64 byte ping: ttl=64 time<1 ms
10.32.1.1 64 byte ping: ttl=64 time<1 ms
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0/0.2/1 ms

3. Konfigurasi eBGP dasar untuk setiap AS pada router
- Menyiapkan IP loopback

[admin@r1] > /ip address print detail 
Flags: X - disabled, I - invalid, D - dynamic 
 1   ;;; ip_lo0
     address=10.32.0.1/32 network=10.32.0.1 broadcast=10.32.0.1 interface=lo0 actual-interface=lo0

- Menyiapkan BGP router-id

[admin@r1] > /routing bgp instance set numbers=0 router-id=10.32.0.1

- Menyiapkan BGP Autonomous System Number/ASN

[admin@r1] > /routing bgp instance set numbers=0 as=65510

4. Menyiapkan peering dengan peer AS - mengaktifkan BGP pada router, berikut cek update rute eBGP
- Menyiapkan rute statis mengarah ke IP loopback router BGP tetangga (pilihan tapi diutamakan)

[admin@r1] > /ip route add dst-address=10.32.32.1/32 gateway=10.32.1.2 comment=ke_r2_lo0

[admin@r1] > /ip route print 
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 4 A S  ;;; ke_r2_lo0
        10.32.32.1/32                      10.32.1.2          1

- Menyiapkan peering dengan router tetangga BGP dengan parameter :
    nama peer (opsional)
    remote-as (wajib)
    remote-address (wajib)
    update-source (pilihan tapi diutamakan)
    interface (pilihan tapi diutamakan)
    multihop (opsional tergantung topologi jaringan)

[admin@r1] > /routing bgp peer add name=r2 remote-address=10.32.32.1 remote-as=65513 interface=ether2 update-source=lo0

- Menyiapkan network/subnet lokal yang akan diumumkan ke router BGP tetangga

[admin@r1] > /routing bgp network add network=10.32.2.0/24 synchronize=yes comment=retail

- Mengaktifkan BGP pada router

[admin@r1] > /routing bgp instance enable numbers=0
[admin@r1] > /routing bgp peer print        
Flags: X - disabled, E - established 
 #   INSTANCE  REMOTE-ADDRESS                                 REMOTE-AS  
 0   default   10.32.32.1                                     65513

Permasalahan :
tetangga BGP r2 belum aktif/tidak mau peering?

[admin@r1] > /log print 
11:45:21 route,bgp,info Reject connection: EBGP peer is not on a shared network and multihop is not configured 
11:45:21 route,bgp,info     RemoteAddress=10.32.32.1 
11:45:21 route,bgp,info Failed to open TCP connection 
11:45:21 route,bgp,info     RemoteAddress=10.32.32.1 

[admin@r1] > /routing bgp peer set numbers=0 multihop=yes 
[admin@r2] > /routing bgp peer print 
Flags: X - disabled, E - established 
 #   INSTANCE  REMOTE-ADDRESS                                 REMOTE-AS  
 0 E default   10.32.0.1                                      65510

- Melihat tabel rute BGP (update)

[admin@r1] > /ip route print 
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 ADC  10.4.4.0/24        10.4.4.33       ether1             0       
 1 ADC  10.32.0.1/32       10.32.0.1       lo0                0       
 2 ADC  10.32.1.0/24       10.32.1.1       ether2             0       
 3  Db  10.32.1.0/24                       10.32.32.1         20      
 4 ADC  10.32.2.0/24       10.32.2.1       ether3             0       
 5  Db  10.32.2.0/24                       10.32.96.1         20      
 6 ADC  10.32.3.0/24       10.32.3.0       br0                0       
 7 ADC  10.32.4.0/24       10.32.4.0       br0                0       
 8 A S  ;;; ke_r2_lo0
        10.32.32.1/32                      10.32.1.2          1       
 9 ADb  10.32.33.0/24                      10.32.32.1         20      
10 ADb  10.32.34.0/24                      10.32.32.1         20      
11  Db  10.32.65.0/24                      10.32.128.1        20      
12 A S  10.32.96.1/32                      10.32.2.2          1       
13 ADb  10.32.97.0/24                      10.32.96.1         20      
14 ADb  10.32.98.0/24                      10.32.96.1         20      
15 ADb  10.32.99.0/24                      10.32.96.1         20      
16  Db  10.32.129.0/24                     10.32.128.1        20      
17  Db  10.32.130.0/24                     10.32.128.1        20

Permasalahan :
terlalu banyak rute BGP yang tidak aktif/tidak ada?

[admin@r1] > /routing bgp peer set numbers=0 nexthop-choice=force-self 
[admin@r1] > /routing bgp peer set numbers=1 nexthop-choice=force-self  
[admin@r1] > /routing bgp peer resend-all                              

[admin@r1] > /ip route print where bgp
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 3  Db  10.32.1.0/24                       10.32.32.1         20      
 5  Db  10.32.2.0/24                       10.32.96.1         20      
 9 ADb  10.32.33.0/24                      10.32.32.1         20      
10 ADb  10.32.34.0/24                      10.32.32.1         20      
11 ADb  10.32.65.0/24                      10.32.96.1         20      
12 ADb  10.32.66.0/24                      10.32.96.1         20      
13 ADb  10.32.67.0/24                      10.32.96.1         20      
15 ADb  10.32.97.0/24                      10.32.96.1         20      
16 ADb  10.32.98.0/24                      10.32.96.1         20      
17 ADb  10.32.99.0/24                      10.32.96.1         20      
18 ADb  10.32.129.0/24                     10.32.96.1         20      
19 ADb  10.32.130.0/24                     10.32.96.1         20

Permasalahan :
tabel rute BGP terlalu penuh oleh pengumuman rute yang tidak penting dari router tetangga BGP?

5. Menyiapkan route-filter untuk eBGP peer (opsional tapi diutamakan)
- Menyaring network/subnet lokal dari pengumuman router tetangga BGP

[admin@r1] > /routing filter add chain=bgp-r2-in prefix=10.32.0.0/24 prefix-length=24-32 action=discard protocol=bgp 
[admin@r1] > /routing filter print           
Flags: X - disabled 
 0   chain=bgp-r2-in prefix=10.32.0.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

 1   chain=bgp-r2-in prefix=10.32.1.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

 2   chain=bgp-r2-in prefix=10.32.2.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

 3   chain=bgp-r2-in prefix=10.32.3.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

 4   chain=bgp-r2-in prefix=10.32.4.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

 5   chain=bgp-r4-in prefix=10.32.0.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

 6   chain=bgp-r4-in prefix=10.32.1.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

 7   chain=bgp-r4-in prefix=10.32.2.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

 8   chain=bgp-r4-in prefix=10.32.3.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

 9   chain=bgp-r4-in prefix=10.32.4.0/24 prefix-length=24-32 protocol=bgp invert-match=no action=discard 

[admin@r1] > /routing bgp peer set numbers=0 in-filter=bgp-r2-in 
[admin@r1] > /routing bgp peer set numbers=1 in-filter=bgp-r4-in 
[admin@r1] > /ip route print terse where bgp
 9 ADb  dst-address=10.32.33.0/24 gateway=10.32.32.1 gateway-status=10.32.32.1 recursive via 10.32.1.2 ether2 distance=20 scope=40 target-scope=30 bgp-as-path=65513 bgp-origin=igp received-from=r2 
10 ADb  dst-address=10.32.34.0/24 gateway=10.32.32.1 gateway-status=10.32.32.1 recursive via 10.32.1.2 ether2 distance=20 scope=40 target-scope=30 bgp-as-path=65513 bgp-origin=igp received-from=r2 
11 ADb  dst-address=10.32.65.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=65511,65512 bgp-origin=igp received-from=r4 
12 ADb  dst-address=10.32.66.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=65511,65512,65514 bgp-origin=igp received-from=r4 
13 ADb  dst-address=10.32.67.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=65511,65512,65514 bgp-origin=igp received-from=r4 
15 ADb  dst-address=10.32.97.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=65511 bgp-origin=igp received-from=r4 
16 ADb  dst-address=10.32.98.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=65511 bgp-origin=igp received-from=r4 
17 ADb  dst-address=10.32.99.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=65511 bgp-origin=igp received-from=r4 
18 ADb  dst-address=10.32.129.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=65511,65512 bgp-origin=igp received-from=r4 
19 ADb  dst-address=10.32.130.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=65511,65512 bgp-origin=igp received-from=r4 

[admin@r1] > /routing bgp advertisements print 
PEER     PREFIX               NEXTHOP          AS-PATH                                                                                     ORIGIN     LOCAL-PREF
r2       10.32.65.0/24        10.32.0.1        65511,65512                                                                                 igp       
r2       10.32.66.0/24        10.32.0.1        65511,65512,65514                                                                           igp       
r2       10.32.67.0/24        10.32.0.1        65511,65512,65514                                                                           igp       
r2       10.32.2.0/24         10.32.0.1                                                                                                    igp       
r2       10.32.3.0/24         10.32.0.1                                                                                                    igp       
r2       10.32.130.0/24       10.32.0.1        65511,65512                                                                                 igp       
r2       10.32.98.0/24        10.32.0.1        65511                                                                                       igp       
r2       10.32.97.0/24        10.32.0.1        65511                                                                                       igp       
r2       10.32.99.0/24        10.32.0.1        65511                                                                                       igp       
r2       10.32.4.0/24         10.32.0.1                                                                                                    igp       
r2       10.32.1.0/24         10.32.0.1                                                                                                    igp       
r2       10.32.129.0/24       10.32.0.1        65511,65512                                                                                 igp       
r4       10.32.2.0/24         10.32.0.1                                                                                                    igp       
r4       10.32.3.0/24         10.32.0.1                                                                                                    igp       
r4       10.32.34.0/24        10.32.0.1        65513                                                                                       igp       
r4       10.32.33.0/24        10.32.0.1        65513                                                                                       igp       
r4       10.32.4.0/24         10.32.0.1                                                                                                    igp       
r4       10.32.1.0/24         10.32.0.1                                                                                                    igp

- Tes sambungan

contoh dari r1 AS 65510 menuju r3 AS 65514

[admin@r1] > /ping 10.32.65.1 count=4              
10.32.65.1 64 byte ping: ttl=62 time=1 ms
10.32.65.1 64 byte ping: ttl=62 time<1 ms
10.32.65.1 64 byte ping: ttl=62 time<1 ms
10.32.65.1 64 byte ping: ttl=62 time<1 ms
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0/0.2/1 ms

[admin@r1] > /tool traceroute 10.32.65.1
     ADDRESS                                    STATUS
   1       10.32.2.2 1ms 1ms 1ms 
   2      10.32.97.2 1ms 1ms 1ms 
   3      10.32.65.1 1ms 1ms 1ms

6. Menyiapkan eBGP confederation antar beberapa peer eBGP speaker
- Menyiapkan BGP confederation-id

contoh konfederasi pada r1 AS 65510, r4 AS 65511 dan r5 AS 65512 dengan AS konfederasi 65515

[admin@r1] > /routing bgp instance print 
Flags: X - disabled 
 0   name="default" as=65510 router-id=10.32.0.1 redistribute-connected=no redistribute-static=no redistribute-rip=no redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no routing-table="" 

[admin@r1] > /routing bgp instance set numbers=0 confederation=65515 confederation-peers=65511,65512
[admin@r1] > /routing bgp instance print detail                                                     
Flags: X - disabled 
 0   name="default" as=65510 router-id=10.32.0.1 redistribute-connected=no redistribute-static=no redistribute-rip=no redistribute-ospf=no redistribute-other-bgp=no out-filter="" confederation=65515 confederation-peers=65511-65512 client-to-client-reflection=yes ignore-as-path-len=no routing-table="" 

[admin@r1] > /routing bgp peer print 
Flags: X - disabled, E - established 
 #   INSTANCE                                                 REMOTE-ADDRESS                                                                         REMOTE-AS  
 0   default                                                  10.32.32.1                                                                             65513      
 1 E default                                                  10.32.96.1                                                                             65511      

[admin@r2] > /ip route print detail where bgp
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit

Permasalahan :

[admin@r2] > /log print 
11:00:59 route,bgp,error Invalid remote AS, expected 65510 
11:00:59 route,bgp,error     RemoteAddress=10.32.0.1 
11:00:59 route,bgp,error     RemoteAs=65515

- Merubah ASN pada router tetangga BGP

[admin@r2] > /routing bgp peer print detail 
Flags: X - disabled, E - established 
 0   name="r1" instance=default remote-address=10.32.0.1 remote-as=65510 tcp-md5-key="" nexthop-choice=force-self multihop=yes route-reflect=no hold-time=3m ttl=255 in-filter=bgp-r1-in out-filter="" address-families=ip update-source=lo0 interface=ether2 default-originate=never remove-private-as=no as-override=no passive=no use-bfd=no 

[admin@r2] > /routing bgp peer set numbers=0 remote-as=65515
[admin@r2] > /log print 
11:03:42 system,info bgp peer r1 changed by admin 
11:03:43 route,bgp,info TCP connection established 
11:03:43 route,bgp,info     RemoteAddress=10.32.0.1 

[admin@r2] > /routing bgp peer print        
Flags: X - disabled, E - established 
 #   INSTANCE                                                 REMOTE-ADDRESS                                                                         REMOTE-AS  
 0 E default                                                  10.32.0.1                                                                              65515

- Mengumumkan kembali network pada AS lokal ke router BGP tetangga (bila diperlukan)

[admin@r2] > /routing bgp peer resend-all

- Melihat isi tabel rute BGP

[admin@r1] > /ip route print where bgp
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
20 ADb  10.32.33.0/24                      10.32.32.1         20      
21 ADb  10.32.34.0/24                      10.32.32.1         20      
22 ADb  10.32.65.0/24                      10.32.96.1         20      
23 ADb  10.32.66.0/24                      10.32.96.1         20      
24 ADb  10.32.67.0/24                      10.32.96.1         20      
25 ADb  10.32.97.0/24                      10.32.96.1         20      
26 ADb  10.32.98.0/24                      10.32.96.1         20      
27 ADb  10.32.99.0/24                      10.32.96.1         20      
11 ADb  10.32.129.0/24                     10.32.96.1         20      
15 ADb  10.32.130.0/24                     10.32.96.1         20

7. Mengamati hasil eBGP confederation pada tabel rute

[admin@r1] > /ip route print terse where bgp
20 ADb  dst-address=10.32.33.0/24 gateway=10.32.32.1 gateway-status=10.32.32.1 recursive via 10.32.1.2 ether2 distance=20 scope=40 target-scope=30 bgp-as-path=65513 bgp-origin=igp received-from=r2 
21 ADb  dst-address=10.32.34.0/24 gateway=10.32.32.1 gateway-status=10.32.32.1 recursive via 10.32.1.2 ether2 distance=20 scope=40 target-scope=30 bgp-as-path=65513 bgp-origin=igp received-from=r2 
22 ADb  dst-address=10.32.65.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=(65511,65512) bgp-local-pref=100 bgp-origin=igp received-from=r4 
23 ADb  dst-address=10.32.66.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=(65511,65512)65514 bgp-local-pref=100 bgp-origin=igp received-from=r4 
24 ADb  dst-address=10.32.67.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=(65511,65512)65514 bgp-local-pref=100 bgp-origin=igp received-from=r4 
25 ADb  dst-address=10.32.97.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=(65511) bgp-local-pref=100 bgp-origin=igp received-from=r4 
26 ADb  dst-address=10.32.98.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=(65511) bgp-local-pref=100 bgp-origin=igp received-from=r4 
27 ADb  dst-address=10.32.99.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=(65511) bgp-local-pref=100 bgp-origin=igp received-from=r4 
11 ADb  dst-address=10.32.129.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=(65511,65512) bgp-local-pref=100 bgp-origin=igp received-from=r4 
15 ADb  dst-address=10.32.130.0/24 gateway=10.32.96.1 gateway-status=10.32.96.1 recursive via 10.32.2.2 ether3 distance=20 scope=40 target-scope=30 bgp-as-path=(65511,65512) bgp-local-pref=100 bgp-origin=igp received-from=r4 

[admin@r2] > /ip route print detail  where bgp 
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 3 ADb  dst-address=10.32.2.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515" bgp-origin=igp received-from=r1 

 4 ADb  dst-address=10.32.3.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515" bgp-origin=igp received-from=r1 

 5 ADb  dst-address=10.32.4.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515" bgp-origin=igp received-from=r1 

 9 ADb  dst-address=10.32.65.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515" bgp-origin=igp received-from=r1 

10 ADb  dst-address=10.32.66.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515,65514" bgp-origin=igp received-from=r1 

11 ADb  dst-address=10.32.67.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515,65514" bgp-origin=igp received-from=r1 

12 ADb  dst-address=10.32.97.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515" bgp-origin=igp received-from=r1 

13 ADb  dst-address=10.32.98.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515" bgp-origin=igp received-from=r1 

14 ADb  dst-address=10.32.99.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515" bgp-origin=igp received-from=r1 

15 ADb  dst-address=10.32.129.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515" bgp-origin=igp received-from=r1 

16 ADb  dst-address=10.32.130.0/24 gateway=10.32.0.1 gateway-status=10.32.0.1 recursive via 10.32.1.1 ether2 distance=20 scope=40 target-scope=30 
        bgp-as-path="65515" bgp-origin=igp received-from=r1

- Tes sambungan

contoh dari r2 AS 65512 ke r3 AS 65514
[admin@r2] >  /ping 10.32.65.1 count=4             
10.32.65.1 64 byte ping: ttl=61 time=1 ms
10.32.65.1 64 byte ping: ttl=61 time<1 ms
10.32.65.1 64 byte ping: ttl=61 time<1 ms
10.32.65.1 64 byte ping: ttl=61 time<1 ms
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0/0.2/1 ms

[admin@r2] > /tool traceroute 10.32.65.1
     ADDRESS                                    STATUS
   1       10.32.1.1 1ms 1ms 1ms 
   2       10.32.2.2 1ms 1ms 1ms 
   3      10.32.97.2 1ms 1ms 1ms 
   4      10.32.65.1 1ms 1ms 1ms

8. Kesimpulan?

Hanya sebuah catatan belajar, bila ada kesalahan/kekurangan - mohon dikoreksi dari rekan2 KIOSer ya smile

Referensi BGP confederation lainnya untuk belajar :
Cisco BGP
Juniper
Vyatta
Quagga

Alhamdulillahi robbil alamin,
InsyaAlloh, semoga bermanfaat,
Wassalamu'alaikum wr. wb.

Re: Belajar BGP confederation

mantap bos..

Ada sedikit peryanyaan:
-gimana kl ada penambahan/pengurangan router didlm bgp confed,
apa semua member harus di reconfig?
-bagaimana dgn kebutuhan bandwitdh, apakah ada perbedaan dgn atau tanpa confed?
-jika ada salah satu member bgp confed yg link nya up/down, apakah akan mengganggu mempengaruhi konektivitas yg lainnya.

mohon pencerahannya.

Re: Belajar BGP confederation

halo harba smile

-gimana kl ada penambahan/pengurangan router didlm bgp confed,
apa semua member harus di reconfig?

pada konteks ebgp, yang harus di-konfig adalah semua router ebgp yang akan melakukan peering confed.

-bagaimana dgn kebutuhan bandwitdh, apakah ada perbedaan dgn atau tanpa confed?
-jika ada salah satu member bgp confed yg link nya up/down, apakah akan mengganggu mempengaruhi konektivitas yg lainnya.

punteun, agak kurang jelas konteks pertanyaannya : apakah bandwidth untuk routing updates? atau untuk transit?
bila untuk routing updates, bgp bekerja mirip ospf dgn triggered-updates - jadi bandwidth masih wajar.
bila untuk bandwidth transit, sebuah jaringan ebgp harus siap menjadi jaringan transit tentunya smile

konektifitas bila ada peer yang down dalam confed, tentunya harus melihat berapa router dan AS yang diwakili (pada saat down), bila 1 confed ada 3 AS - seperti contoh diatas - tentunya tetap berjalan. dan bila keadaan confed bubar - maka bgp akan kembali kepada pemilihan panjang rentang AS_PATH.

insyaAlloh HTH smile

Re: Belajar BGP confederation

makasih