Route Server

Saat ini, tim IIX-JI APJII Jawa TImur sedang melakukan proses transisi fungsional route server (RS). Berikut detailnya.

BGP Community yang didukung

No.ActionStandardExtendedLarge
1Do not advertise to peer-as0:peer-asrt:0:peer-as7597:0:peer-as
2Prefix dari IIX-JK265000:1040
3Prefix ke IIX-JK265000:2040

Cara terhubung ke route server IIX-JI

Detail informasi RS IIX-JI

RS2

ASN: 7597
IP: 103.19.76.2/24
IPv6: 2001:7fa:2:50ba:0:0:2:2/112
Platform: Bird
Transparent AS: Ya

RS3

ASN: 7597
IP: 103.19.76.3/24
IPv6: 2001:7fa:2:50ba:0:0:2:3/112
Platform: Bird
Transparent AS: Ya

Contoh konfigurasi

Berikut ini beberapa contoh konfigurasi beberapa platform untuk terhubung ke RS IIX-JI.

Cisco

IOS

no bgp enforce-first-as
!
neighbor IIX-peer maximum-prefix 20000
neighbor v6IIX-peer maximum-prefix 10000
!
neighbor 103.19.76.2 remote-as 7597
neighbor 103.19.76.2 peer-group IIX-peer
neighbor 103.19.76.2 description iix_rs2
!
neighbor 103.19.76.3 remote-as 7597
neighbor 103.19.76.3 peer-group IIX-peer
neighbor 103.19.76.3 description iix_rs3
!
neighbor 2001:7fa:2:50ba:0:0:2:2 remote-as 7597
neighbor 2001:7fa:2:50ba:0:0:2:2 peer-group v6IIX-peer
neighbor 2001:7fa:2:50ba:0:0:2:2 description iix_rs2
!
neighbor 2001:7fa:2:50ba:0:0:2:3 remote-as 7597
neighbor 2001:7fa:2:50ba:0:0:2:3 peer-group v6IIX-peer
neighbor 2001:7fa:2:50ba:0:0:2:3 description iix_rs3

IOS-XR

neighbor 103.19.76.2
  remote-as 7597
  use neighbor-group IIX
  description iix_rs2
  enforce-first-as disable
  address-family ipv4 unicast
    maximum-prefix 20000 restart 30
!
neighbor 103.19.76.3
  remote-as 7597
  use neighbor-group IIX
  description iix_rs3
  enforce-first-as disable
  address-family ipv4 unicast
    maximum-prefix 20000 restart 30
!
neighbor 2001:7fa:2:50ba:0:0:2:2
  remote-as 7597
  use neighbor-group IIXv6
  description iix_rs2
  enforce-first-as disable
  address-family ipv6 unicast
    maximum-prefix 10000 restart 30
!
neighbor 2001:7fa:2:50ba:0:0:2:3
  remote-as 7597
  use neighbor-group IIXv6
  description iix_rs3
  enforce-first-as disable
  address-family ipv6 unicast
    maximum-prefix 10000 restart 30

Juniper

"configuration protocols bgp"

group iix-rserver2 {
    type external;
    neighbor 103.19.76.2 {
        description "ipv4 IIX-rserver2";
        family inet {
            unicast {
                prefix-limit {
                    maximum 20000;
                }
            }
        }
        peer-as 7597;
    }
}

group iix-rserver3 {
    type external;
    neighbor 103.19.76.3 {
        description "ipv4 IIX-rserver3";
        family inet {
            unicast {
                prefix-limit {
                    maximum 20000;
                }
            }
        }
        peer-as 7597;
    }
}

group v6iix-rserver2 {
    type external;
    neighbor 2001:7fa:2:50ba:0:0:2:2 {
        description "ipv6 IIX-rserver2";
        family inet {
            unicast {
                prefix-limit {
                    maximum 10000;
                }
            }
        }
        peer-as 7597;
    }
}

group v6iix-rserver3 {
    type external;
    neighbor 2001:7fa:2:50ba:0:0:2:3 {
        description "ipv6 IIX-rserver3";
        family inet {
            unicast {
                prefix-limit {
                    maximum 10000;
                }
            }
        }
        peer-as 7597;
    }
}

Mikrotik

/routing bgp peer
add in-filter="in-iix-ji " max-prefix-limit=20000 max-prefix-restart-time=30s \
    name="rs-iix-ji-1-v4 " out-filter="out-iix-ji " remote-address=103.19.76.2 \
    remote-as=7597 remove-private-as=yes
add in-filter="in-iix-ji " max-prefix-limit=20000 max-prefix-restart-time=30s \
    name="rs-iix-ji-2-v4 " out-filter="out-iix-ji " remote-address=103.19.76.3 \
    remote-as=7597 remove-private-as=yes
add address-families=ipv6 in-filter="in-iix-ji -v6" max-prefix-limit=10000 \
    max-prefix-restart-time=30s name=rs-iix-ji-1-v6 out-filter="out-iix-ji -v6" \
    remote-address=2001:7fa:2:50ba::2:2 remote-as=7597 remove-private-as=yes
add address-families=ipv6 in-filter="in-iix-ji -v6" max-prefix-limit=10000 \
    max-prefix-restart-time=30s name=rs-iix-ji-2-v46 out-filter=\
    "out-iix-ji -v6" remote-address=2001:7fa:2:50ba::2:3 remote-as=7597 \
    remove-private-as=yes

Contoh penggunaan Community

Cisco

R2(config)# ip bgp-community new-format
R2(config)# access-list 1 permit 203.89.31.0 mask 255.255.255.0
R2(config)# route-map out-no-export permit 10
R2(config-route-map)# match ip address 1
R2(config-route-map)# set community 0:23456
R2(config-route-map)# exit
R2(config)# route-map out-no-export permit 20
R2(config-route-map)# exit
R2(config)# router bgp 24521
R2(config-router)# neighbor 103.19.76.2 send-community
R2(config-router)# neighbor 103.19.76.2 route-map out-no-export out

Juniper

set policy-options community no-advertise members 0:23456
set policy-statement ke-iix-ji term prefix from 203.89.31.0/24 exact
set policy-statement ke-iix-ji term prefix then community add no-advertise
set policy-statement ke-iix-ji term prefix then accept
set policy-statement ke-iix-ji term liyone then reject

Mikrotik

/routing filter
add action=accept bgp-communities=0:23456 chain="out-iix-ji " prefix=203.89.31.0/24
add action=discard chain="out-iix-ji " prefix=0.0.0.0/0 prefix-length=0-32

Hal-hal yang perlu dihindari

  1. Tidak menerapkan rule filter pada bgp yang akan diaktifkan
  2. Kesalahan penulisan commuity tagging
  3. Apabila telah selesai konfigurasi bisa dicheck pada looking glas yang tersedia.