Judul : Lab Super Mikrotik 20
link : Lab Super Mikrotik 20
Lab Super Mikrotik 20
Topologi
- OSPF
- BGP
- Route Reflector
- EoIP
- VLAN
- PPPoE
- Recrusive Gateway
Tujuan
Menghubungkan semua Router. Keempat Router ditengah menggunakan OSPF untuk mengenali satu sama lain kemudian empat Router itu kita buat tunnel EoIP sehingga seperti membentuk Switch, tiap empat Router memiliki dua cabang Router, kedua Router tersebut dipisahkan dengan VLAN, dua Router cabang tersebut terhubung dengan PPPoE server yaitu Router R1, Antar Router yang terhubung dengan PPPoE pada R1 bertukar informasi menggunakan BGP.
OSPF Backbone
Kita konfigurasi 4 Router yang berada di tengah untuk membuat loopback interface kemudian EoIP tunnel sehingga seperti membentuk SwitchIP Address
R1
/interface bridge
add name=lo0
/ip address
add address=13.13.13.1/24 interface=ether1 network=13.13.13.0
add address=14.14.14.1/24 interface=ether2 network=14.14.14.0
add address=1.1.1.1 interface=lo0 network=1.1.1.1
R2
/interface bridge
add name=lo0
/ip address
add address=23.23.23.2/24 interface=ether1 network=23.23.23.0
add address=24.24.24.2/24 interface=ether2 network=24.24.24.0
add address=2.2.2.2 interface=lo0 network=2.2.2.2
R3
/interface bridge
add name=lo0
/ip address
add address=13.13.13.3/24 interface=ether1 network=13.13.13.0
add address=23.23.23.3/24 interface=ether2 network=23.23.23.0
add address=3.3.3.3 interface=lo0 network=3.3.3.3
R4
/interface bridge
add name=lo0
/ip address
add address=24.24.24.4/24 interface=ether1 network=24.24.24.0
add address=14.14.14.4/24 interface=ether2 network=14.14.14.0
add address=4.4.4.4 interface=lo0 network=4.4.4.4
Konfigurasi OSPF
R1
//routing ospf instance
set [ find default=yes ] redistribute-bgp=as-type-2 redistribute-connected=\
as-type-2 router-id=1.1.1.1
/routing ospf network
add area=backbone network=13.13.13.0/24
add area=backbone network=14.14.14.0/24
add area=backbone network=1.1.1.1/32
R2
/routing ospf instance
set [ find default=yes ] router-id=2.2.2.2
/routing ospf network
add area=backbone network=23.23.23.0/24
add area=backbone network=24.24.24.0/24
add area=backbone network=2.2.2.2/32
R3
/routing ospf instance
set [ find default=yes ] router-id=3.3.3.3
/routing ospf network
add area=backbone network=13.13.13.0/24
add area=backbone network=23.23.23.0/24
add area=backbone network=3.3.3.3/32
R4
/routing ospf instance
set [ find default=yes ] router-id=4.4.4.4
/routing ospf network
add area=backbone network=24.24.24.0/24
add area=backbone network=14.14.14.0/24
add area=backbone network=4.4.4.4/32
EoIP Tunnel
Buat EoIP tunnel antar Router hingga membentuk 4 tunnel yang saling terhubung antar RouterR1
/interface eoip
add !keepalive mac-address=FE:DD:81:B2:61:7E name=to-r3 remote-address=\
3.3.3.3 tunnel-id=13
add !keepalive mac-address=FE:D3:CD:6A:7A:64 name=to-r4 remote-address=\
4.4.4.4 tunnel-id=14
R2
/interface eoip
add !keepalive mac-address=FE:41:CC:85:C5:31 name=to-r3 remote-address=\
3.3.3.3 tunnel-id=23
add !keepalive mac-address=FE:06:1A:EF:72:F8 name=to-r4 remote-address=\
4.4.4.4 tunnel-id=24
R3
/interface eoip
add !keepalive mac-address=FE:01:7C:D1:0F:24 name=to-r1 remote-address=\
1.1.1.1 tunnel-id=13
add !keepalive mac-address=FE:C5:C2:39:0E:98 name=to-r2 remote-address=\
2.2.2.2 tunnel-id=23
R4
/interface eoip
add !keepalive mac-address=FE:C2:9D:9E:4F:C9 name=to-r1 remote-address=\
1.1.1.1 tunnel-id=14
add !keepalive mac-address=FE:B1:3D:13:EA:94 name=to-r2 remote-address=\
2.2.2.2 tunnel-id=24
VLAN Interface
R1
/interface vlan
add interface=to-r3 l2mtu=65531 name=vlan10 vlan-id=10
add interface=to-r4 l2mtu=65531 name=vlan10-r4 vlan-id=10
add interface=to-r3 l2mtu=65531 name=vlan20 vlan-id=20
add interface=to-r4 l2mtu=65531 name=vlan20-r4 vlan-id=20
R2
/interface vlan
add interface=to-r3 l2mtu=65531 name=vlan10-r3tr vlan-id=10
add interface=to-r4 l2mtu=65531 name=vlan10-r4tr vlan-id=10
add interface=to-r3 l2mtu=65531 name=vlan20-r3tr vlan-id=20
add interface=to-r4 l2mtu=65531 name=vlan20-r4tr vlan-id=20
R3
/interface vlan
add interface=to-r1 l2mtu=65531 name=vlan10-r1tr vlan-id=10
add interface=to-r2 l2mtu=65531 name=vlan10-r2tr vlan-id=10
add interface=to-r1 l2mtu=65531 name=vlan20-r1tr vlan-id=20
add interface=to-r2 l2mtu=65531 name=vlan20-r2tr vlan-id=20
R4
/interface vlan
add interface=to-r1 l2mtu=65531 name=vlan10-r1tr vlan-id=10
add interface=to-r2 l2mtu=65531 name=vlan10-r2tr vlan-id=10
add interface=to-r1 l2mtu=65531 name=vlan20-r1tr vlan-id=20
add interface=to-r2 l2mtu=65531 name=vlan20-r2tr vlan-id=20
Bridging
Bridge antara interface fisik dengan Interface VLANR1
/interface bridge
add name=vlan10-br
add name=vlan20-br
/interface bridge port
add bridge=vlan10-br interface=ether3
add bridge=vlan10-br interface=vlan10
add bridge=vlan10-br interface=vlan10-r4
add bridge=vlan20-br interface=ether4
add bridge=vlan20-br interface=vlan20
add bridge=vlan20-br interface=vlan20-r4
R2
/interface bridge
add name=vlan10-br
add name=vlan20-br
/interface bridge port
add bridge=vlan10-br interface=ether3
add bridge=vlan10-br interface=vlan10-r3tr
add bridge=vlan10-br interface=vlan10-r4tr
add bridge=vlan20-br interface=ether4
add bridge=vlan20-br interface=vlan20-r3tr
add bridge=vlan20-br interface=vlan20-r4tr
R3
/interface bridge
add name=vlan10-br
add name=vlan20-br
/interface bridge port
add bridge=vlan10-br interface=ether3
add bridge=vlan10-br interface=vlan10-r1tr
add bridge=vlan10-br interface=vlan10-r2tr
add bridge=vlan20-br interface=ether4
add bridge=vlan20-br interface=vlan20-r1tr
add bridge=vlan20-br interface=vlan20-r2tr
R4
/interface bridge
add name=vlan10-br
add name=vlan20-br
/interface bridge port
add bridge=vlan10-br interface=ether3
add bridge=vlan10-br interface=vlan10-r1tr
add bridge=vlan10-br interface=vlan10-r2tr
add bridge=vlan20-br interface=ether4
add bridge=vlan20-br interface=vlan20-r1tr
add bridge=vlan20-br interface=vlan20-r2tr
PPPoE
Router R1 akan menjadi PPPoE server untuk PPPoE client Router, pertama berikan alamat IP pada setiap Interface bridge VLANR1
/ip addressKonfigurasi IP Pool
add address=10.10.10.1/24 interface=vlan10-br network=10.10.10.0
add address=20.20.20.1/24 interface=vlan20-br network=20.20.20.0
/ip poolKonfigurasi username dan password yang akan digunakan PPPoE client untuk terhubung dengan Server
add name=pppoe-vlan10 ranges=10.10.10.10-10.10.10.100
add name=pppoe-vlan20 ranges=20.20.20.20-20.20.20.120
/ppp profileBarulah aktifkan PPPoE server pada R1 ini
add local-address=10.10.10.1 name=vlan10-prof remote-address=pppoe-vlan10 \
use-encryption=yes
add
add local-address=20.20.20.1 name=vlan20-prof remote-address=pppoe-vlan20 \
use-encryption=yes
/ppp secret
add name=vlan10 password=vlan10 profile=vlan10-prof service=pppoe
add name=vlan20 password=vlan20 profile=vlan20-prof service=pppoe
/interface pppoe-server server
add default-profile=vlan10-prof disabled=no interface=vlan10-br service-name=\
vlan10-pppoe
add default-profile=vlan20-prof disabled=no interface=vlan20-br service-name=\
vlan20-pppoe
BGP & PPPoE Client
Setelah PPPoE server selesai sekarang kita konfigurasi BGP dan PPPoE clientPPPoE Client
Dua Router yang terhubung pada setiap 4 Router ditengah akan kita konfigurasi sebagai PPPoE client untuk terhubung langsung dengan R1R5
/interface bridge
add name=lo0
/ip address
add address=5.5.5.5 interface=lo0 network=5.5.5.5
/interface pppoe-client
add disabled=no interface=ether1 name=pppoe-out1 password=vlan20 \
service-name=vlan20-pppoe user=vlan20
R6
/interface bridge
add name=lo0
/ip address
add address=6.6.6.6 interface=lo0 network=6.6.6.6
/interface pppoe-client
add disabled=no interface=ether1 name=pppoe-out1 password=vlan10 user=vlan10
R7
/interface bridge
add name=lo0
/ip address
add address=7.7.7.7 interface=lo0 network=7.7.7.7
/interface pppoe-client
add disabled=no interface=ether1 name=vlan10 password=vlan10 user=vlan10
R8
/interface bridge
add name=lo0
/ip address
add address=8.8.8.8 interface=lo0 network=8.8.8.8
/interface pppoe-client
add disabled=no interface=ether1 name=vlan10 password=vlan20 user=vlan20
R9
/interface bridge
add name=lo0
/ip address
add address=9.9.9.9 interface=lo0 network=9.9.9.9
/interface pppoe-client
add disabled=no interface=ether1 name=vlan10 password=vlan10 user=vlan10
R10
/interface bridge
add name=lo0
/ip address
add address=10.10.10.10 interface=lo0 network=10.10.10.10
/interface pppoe-client
add disabled=no interface=ether1 name=vlan20 password=vlan20 user=vlan20
R11
/interface bridge
add name=lo0
/ip address
add address=11.11.11.11 interface=lo0 network=11.11.11.11
/interface pppoe-client
add disabled=no interface=ether1 name=vlan10 password=vlan10 user=vlan10
R12
/interface bridge
add name=lo0
/ip address
add address=12.12.12.12 interface=lo0 network=12.12.12.12
/interface pppoe-client
add disabled=no interface=ether1 name=vlan20 password=vlan20 user=vlan20
BGP
R1
Router ini akan menjadi Route Reflector Server dan akan melakukan peering pada Router yang ada di pinggir, selain itu Router ini juga akan melakukan Redistribute dari BGP ke OSPF./routing bgp instanceNote alamat IP yang didapatkan dapat berbeda beda karena bersifat dynamic, alamat IP remote-address diatas dapat diganti sesuai alamat IP yang anda dapat, untuk memastikannya kita lihat PPPoE server pada R1 ini
set default as=1 redistribute-connected=yes redistribute-ospf=yes router-id=\
1.1.1.1
/routing bgp peer
add name=peer1 remote-address=20.20.20.120 remote-as=1 route-reflect=yes
add name=peer2 remote-address=20.20.20.119 remote-as=1 route-reflect=yes
add name=peer3 remote-address=10.10.10.100 remote-as=1 route-reflect=yes
add name=peer4 remote-address=20.20.20.118 remote-as=1 route-reflect=yes
add name=peer5 remote-address=10.10.10.99 remote-as=1 route-reflect=yes
add name=peer6 remote-address=10.10.10.98 remote-as=1 route-reflect=yes
add name=peer7 remote-address=20.20.20.117 remote-as=1 route-reflect=yes
add name=peer8 remote-address=10.10.10.97 remote-as=1 route-reflect=yes
[admin@R1] > ppp active print
Flags: R - radius
# NAME SERVICE CALLER-ID ADDRESS UPTIME ENCODING
0 vlan20 pppoe 00:51:DE:68:4F:00 20.20.20.120 3h35m6s
1 vlan10 pppoe 00:51:DE:3C:00:00 10.10.10.100 3h33m2s
2 vlan10 pppoe 00:51:DE:A0:A1:00 10.10.10.99 3h30m45s
3 vlan20 pppoe 00:51:DE:5D:38:00 20.20.20.119 3h30m44s
4 vlan10 pppoe 00:51:DE:3C:0F:00 10.10.10.98 3h27m43s
5 vlan20 pppoe 00:51:DE:87:90:00 20.20.20.118 3h25m15s
6 vlan10 pppoe 00:51:DE:5A:23:00 10.10.10.97 3h21m21s
7 vlan20 pppoe 00:51:DE:B6:AF:00 20.20.20.117 3h18m42s
R5, R8, R10, R12 (VLAN 20)
Konfigurasi BGP Peering untuk Router yang berada di VLAN 20/routing bgp instanceNote : Ganti Router ID dengan nomor Router masing-masing, misalnya pada R10 diganti menjadi 10.10.10.10
set default as=1 redistribute-connected=yes router-id=5.5.5.5
/routing bgp peer
add in-filter=bgp-in-filter name=peer1 remote-address=20.20.20.1 remote-as=1
R6, R7, R9, R11 (VLAN 10)
Konfigurasi BGP Peering untuk Router yang berada di VLAN 10/routing bgp instance
set default as=1 redistribute-connected=yes router-id=6.6.6.6
/routing bgp peer
add in-filter=bgp-in-filter name=peer1 remote-address=10.10.10.1 remote-as=1
Filtering
Berikut ini adalah perintah untuk memfilter informasi yang masuk untuk memodifikasi nilai scope dan target scope./routing filter
add chain=bgp-in-filter set-scope=10 set-target-scope=20
Konfirmasi
Lihatlah Routing table pada beberapa Router untuk membuktikan apakah konfigurasi sudah berhasil atau belum[admin@R6] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADb 1.1.1.1/32 10.10.10.1 200
1 ADb 2.2.2.2/32 10.10.10.1 200
2 ADb 3.3.3.3/32 10.10.10.1 200
3 ADb 4.4.4.4/32 10.10.10.1 200
4 ADb 5.5.5.5/32 20.20.20.120 200
5 ADC 6.6.6.6/32 6.6.6.6 lo0 0
6 ADb 7.7.7.7/32 10.10.10.99 200
7 ADb 8.8.8.8/32 20.20.20.119 200
8 ADb 9.9.9.9/32 10.10.10.98 200
9 ADb 10.10.10.0/24 10.10.10.1 200
10 ADC 10.10.10.1/32 10.10.10.100 pppoe-out1 0
11 ADb 10.10.10.10/32 20.20.20.118 200
12 ADb 10.10.10.97/32 10.10.10.1 200
13 ADb 10.10.10.98/32 10.10.10.1 200
14 ADb 10.10.10.99/32 10.10.10.1 200
15 ADb 10.10.10.100/32 10.10.10.1 200
16 ADb 11.11.11.11/32 10.10.10.97 200
17 ADb 12.12.12.12/32 20.20.20.117 200
18 ADb 13.13.13.0/24 10.10.10.1 200
19 ADb 14.14.14.0/24 10.10.10.1 200
20 ADb 20.20.20.0/24 10.10.10.1 200
21 ADb 20.20.20.1/32 20.20.20.120 200
22 ADb 20.20.20.117/32 10.10.10.1 200
23 ADb 20.20.20.118/32 10.10.10.1 200
24 ADb 20.20.20.119/32 10.10.10.1 200
25 ADb 20.20.20.120/32 10.10.10.1 200
26 ADb 23.23.23.0/24 10.10.10.1 200
27 ADb 24.24.24.0/24 10.10.10.1 200
[admin@R2] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADo 1.1.1.1/32 24.24.24.4 110
23.23.23.3
1 ADC 2.2.2.2/32 2.2.2.2 lo0 0
2 ADo 3.3.3.3/32 23.23.23.3 110
3 ADo 4.4.4.4/32 24.24.24.4 110
4 ADo 5.5.5.5/32 24.24.24.4 110
23.23.23.3
5 ADo 6.6.6.6/32 24.24.24.4 110
23.23.23.3
6 ADo 7.7.7.7/32 24.24.24.4 110
23.23.23.3
7 ADo 8.8.8.8/32 24.24.24.4 110
23.23.23.3
8 ADo 9.9.9.9/32 24.24.24.4 110
23.23.23.3
9 ADo 10.10.10.0/24 24.24.24.4 110
23.23.23.3
10 ADo 10.10.10.1/32 24.24.24.4 110
23.23.23.3
11 ADo 10.10.10.10/32 24.24.24.4 110
23.23.23.3
12 ADo 10.10.10.97/32 24.24.24.4 110
23.23.23.3
13 ADo 10.10.10.98/32 24.24.24.4 110
23.23.23.3
14 ADo 10.10.10.99/32 24.24.24.4 110
23.23.23.3
15 ADo 10.10.10.100/32 24.24.24.4 110
23.23.23.3
16 ADo 11.11.11.11/32 24.24.24.4 110
23.23.23.3
17 ADo 12.12.12.12/32 24.24.24.4 110
23.23.23.3
18 ADo 13.13.13.0/24 23.23.23.3 110
19 ADo 14.14.14.0/24 24.24.24.4 110
20 ADo 20.20.20.0/24 24.24.24.4 110
23.23.23.3
21 ADo 20.20.20.1/32 24.24.24.4 110
23.23.23.3
22 ADo 20.20.20.117/32 24.24.24.4 110
23.23.23.3
23 ADo 20.20.20.118/32 24.24.24.4 110
23.23.23.3
24 ADo 20.20.20.119/32 24.24.24.4 110
23.23.23.3
25 ADo 20.20.20.120/32 24.24.24.4 110
23.23.23.3
26 ADC 23.23.23.0/24 23.23.23.2 ether1 0
27 ADC 24.24.24.0/24 24.24.24.2 ether2 0
Demikianlah Artikel Lab Super Mikrotik 20
Sekianlah artikel Lab Super Mikrotik 20 kali ini, mudah-mudahan bisa memberi manfaat untuk anda semua. baiklah, sampai jumpa di postingan artikel lainnya.
Anda sekarang membaca artikel Lab Super Mikrotik 20 dengan alamat link https://anothers-stuff.blogspot.com/2017/02/lab-super-mikrotik-20.html
