[LAB 2]IPv6 Implementation on Enterprise Network

1

Read Me

2

● Ini adalah modul gratis, kamu boleh membagikan, menggunakan, atau mengambil sebagian materi dari modul ini, tanpa menghapus credit footer dari webiptek.com..

● Jika kamu menemukan kesalahan pada teori yang disampaikan, mohon sampaikan koreksi tersebut ke pembuat (kontak tercantum di bawah).

● Isi bisa saja berubah tanpa pemberitahuan, baik dari segi struktur maupun materi.● Buka link berikut untuk melihat modul terupdate: https://files.webiptek.com/IPv6

Penjelasan dalam format video (Bahasa Indonesia), tonton di link berikut:(belum tersedia)

Syarat mengerjakan Lab 2 - IPv6 Implementation on Enterprise Network, kamu harus sudah memahami:1. Konsep IPv62. Routing OSPF dan BGP

Last Update: 10/04/2021

Contributor

3

Nama Kontak

Rizqi Aldi Prayugo xdnroot@gmail.com xdnroot

Ingin berkontribusi?Kamu bisa menambahkan materi dan/atau merevisi materi yang sudah ada.Hubungi saya (Rizqi) melalui sosial media atau email di atas.Cukup sampaikan materi yang ingin kamu tambahkan atau revisi dalam bentuk dokumen atau presentasi.

Lab Summary

4

1. OSPFv32. BGP

Konfigurasi menggunakan perangkat Cisco, Juniper, dan Mikrotik.

Topology

5

OSPF Objective:Gunakan ospf single area (backbone).Pastikan masing-masing router bisa ping ke loopback router tetangganya.

BGP Objective:R1 = AS 100R2 = AS 200Advertise prefix loopback0 ke neighbor.Pastikan masing-masing router bisa ping ke loopback router tetangganya.

Cisco: OSPF Configuration

6

! Konfigurasi di R1ipv6 router ospf 1 router-id 1.1.1.1 passive-interface Loopback0!interface GigabitEthernet0/0 ipv6 address 2001:DB8:12::1/64 ipv6 ospf 1 area 0!interface Loopback0 ipv6 address 2001:DB8::1/128 ipv6 ospf 1 area 0

! Konfigurasi di R2ipv6 router ospf 1 router-id 2.2.2.2 passive-interface Loopback0!interface GigabitEthernet0/0 ipv6 address 2001:DB8:12::2/64 ipv6 ospf 1 area 0!interface Loopback0 ipv6 address 2001:DB8::2/128 ipv6 ospf 1 area 0

Cisco: OSPF Verification (1)

7

Cek IPv6 OSPF neighbor.

Cisco: OSPF Verification (2)

8

Cek IPv6 OSPF routing table.

R1# show ipv6 route ospf...O 2001:DB8::2/128 [110/1] via FE80::ECB:CDFF:FECD:3F00, GigabitEthernet0/0

R2# show ipv6 route ospf ...O 2001:DB8::1/128 [110/1] via FE80::ECB:CDFF:FECD:9E00, GigabitEthernet0/0

Cisco: BGP Configuration

9

! Konfigurasi R1! Pastikan sudah konfigurasi IPv6! di interface terkait.router bgp 100 bgp router-id 1.1.1.1 no bgp default ipv4-unicast neighbor 2001:DB8:12::2 remote-as 200 ! address-family ipv6 network 2001:DB8::1/128 neighbor 2001:DB8:12::2 activate

! Konfigurasi R2! Pastikan sudah konfigurasi IPv6! di interface terkait.router bgp 200 bgp router-id 2.2.2.2 no bgp default ipv4-unicast neighbor 2001:DB8:12::1 remote-as 100 ! address-family ipv6 network 2001:DB8::2/128 neighbor 2001:DB8:12::1 activate

Cisco: BGP Verification (1)

10

Cek BGP neighbor di R1.

R1#show bgp ipv6 unicast summary BGP router identifier 1.1.1.1, local AS number 100BGP table version is 3, main routing table version 32 network entries using 336 bytes of memory2 path entries using 208 bytes of memory2/2 BGP path/bestpath attribute entries using 304 bytes of memory1 BGP AS-PATH entries using 24 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryBGP using 872 total bytes of memoryBGP activity 5/3 prefixes, 5/3 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd2001:DB8:12::2 4 200 14 13 3 0 0 00:09:12 1

Cisco: BGP Verification (2)

11

Cek BGP neighbor di R2.

R2#show bgp ipv6 unicast summary BGP router identifier 2.2.2.2, local AS number 200BGP table version is 5, main routing table version 52 network entries using 336 bytes of memory2 path entries using 208 bytes of memory2/2 BGP path/bestpath attribute entries using 304 bytes of memory1 BGP AS-PATH entries using 24 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryBGP using 872 total bytes of memoryBGP activity 6/4 prefixes, 6/4 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd2001:DB8:12::1 4 100 14 15 5 0 0 00:09:59 1

Cisco: BGP Verification (3)

12

Cek routing table IPv6 BGP di R1.

R1#show bgp ipv6 unicast BGP table version is 3, local router ID is 1.1.1.1Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incompleteRPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path *> 2001:DB8::1/128 :: 0 32768 i *> 2001:DB8::2/128 2001:DB8:12::2 0 0 200 i

Cisco: BGP Verification (4)

13

Cek routing table IPv6 BGP di R2.

R2#show bgp ipv6 unicastBGP table version is 5, local router ID is 2.2.2.2Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incompleteRPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path *> 2001:DB8::1/128 2001:DB8:12::1 0 0 100 i *> 2001:DB8::2/128 :: 0 32768 i

Juniper: OSPF Configuration

14

# Konfigurasi pada R1# Konfigurasi IPv6 Addressset interfaces em0 unit 0 family inet6 address 2001:db8:12::1/64set interfaces lo0 unit 0 family inet6 address 2001:db8::1/128# Konfigurasi router IDset routing-options router-id 1.1.1.1# Advertise network pada interface em0.0 dan lo0.0set protocols ospf3 area 0.0.0.0 interface em0.0set protocols ospf3 area 0.0.0.0 interface lo0.0 passive

# Konfigurasi pada R2# Konfigurasi IPv6 Addressset interfaces em0 unit 0 family inet6 address 2001:db8:12::2/64set interfaces lo0 unit 0 family inet6 address 2001:db8::2/128# Konfigurasi router IDset routing-options router-id 2.2.2.2# Advertise network pada interface em0.0 dan lo0.0set protocols ospf3 area 0.0.0.0 interface em0.0set protocols ospf3 area 0.0.0.0 interface lo0.0 passive

Juniper: OSPF Verification

15

root@R1> show ospf3 neighbor ID Interface State Pri Dead2.2.2.2 em0.0 Full 128 36 Neighbor-address fe80::ecb:cdff:fec9:7d00

root@R2> show ospf3 neighbor ID Interface State Pri Dead1.1.1.1 em0.0 Full 128 36 Neighbor-address fe80::ecb:cdff:fe7f:8a00

Juniper: OSPF Verification

16

root@R1> show route protocol ospf3 inet6.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

2001:db8::2/128 *[OSPF3/10] 00:03:05, metric 1 > to fe80::ecb:cdff:fec9:7d00 via em0.0ff02::5/128 *[OSPF3/10] 00:04:33, metric 1 MultiRecv

root@R2> show route protocol ospf3 inet6.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

2001:db8::1/128 *[OSPF3/10] 00:04:06, metric 1 > to fe80::ecb:cdff:fe7f:8a00 via em0.0ff02::5/128 *[OSPF3/10] 00:05:04, metric 1 MultiRecv

Juniper: BGP Configuration

17

# Pastikan sudah konfigurasi IPv6 address# Konfigurasi R1set routing-options router-id 1.1.1.1 #set router-idset routing-options autonomous-system 100 #set autonomous systemset protocols bgp group eBGP type external #set type external BGP (eBGP)set protocols bgp group eBGP neighbor 2001:db8:12::2 peer-as 200 #peering ke R2# Advertise directly connected prefixset policy-options policy-statement adv-to-external term direct from protocol directset policy-options policy-statement adv-to-external term direct then acceptset protocols bgp group eBGP export adv-to-external

# Konfigurasi R2set routing-options router-id 2.2.2.2 #set router-idset routing-options autonomous-system 200 #set autonomous systemset protocols bgp group eBGP type external #set type external BGP (eBGP)set protocols bgp group eBGP neighbor 2001:db8:12::1 peer-as 100 #peering ke R1# Advertise directly connected prefixset policy-options policy-statement adv-to-external term direct from protocol directset policy-options policy-statement adv-to-external term direct then acceptset protocols bgp group eBGP export adv-to-external

Juniper: BGP Verification (1)

18

Cek BGP neigbors status.

root@R1> show bgp summary Groups: 1 Peers: 1 Down peers: 0Table Tot Paths Act Paths Suppressed History Damp State Pendinginet6.0 2 1 0 0 0 0Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...2001:db8:12::2 200 41 51 0 0 16:46 Establ inet6.0: 1/2/2/0

root@R2> show bgp summary Groups: 1 Peers: 1 Down peers: 0Table Tot Paths Act Paths Suppressed History Damp State Pendinginet6.0 2 1 0 0 0 0Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...2001:db8:12::1 100 41 42 0 0 17:04 Establ inet6.0: 1/2/2/0

Juniper: BGP Verification (2)

19

root@R1> show route protocol bgp inet6.0: 7 destinations, 8 routes (7 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

2001:db8::2/128 *[BGP/170] 00:06:41, localpref 100 AS path: 200 I > to 2001:db8:12::2 via em0.02001:db8:12::/64 [BGP/170] 00:06:41, localpref 100 AS path: 200 I > to 2001:db8:12::2 via em0.0

root@R2> show route protocol bgp inet6.0: 7 destinations, 8 routes (7 active, 0 holddown, 0 hidden)+ = Active Route, - = Last Active, * = Both

2001:db8::1/128 *[BGP/170] 00:07:58, localpref 100 AS path: 100 I > to 2001:db8:12::1 via em0.02001:db8:12::/64 [BGP/170] 00:07:58, localpref 100 AS path: 100 I > to 2001:db8:12::1 via em0.0

Mikrotik: OSPF Configuration

20

# Konfigurasi R1# Konfigurasi IPv6 Address/interface bridge add name=loopback0/ipv6 address add address=2001:db8:12::1/64 advertise=no interface=ether1/ipv6 address add address=2001:db8::1/128 advertise=no interface=loopback0# Konfigurasi Routing OSPFv3/routing ospf-v3 instance set default router-id=1.1.1.1/routing ospf-v3 interface add area=backbone interface=ether1/routing ospf-v3 interface add area=backbone interface=loopback0 passive=yes

# Konfigurasi R2# Konfigurasi IPv6 Address/interface bridge add name=loopback0/ipv6 address add address=2001:db8:12::2/64 advertise=no interface=ether1/ipv6 address add address=2001:db8::2/128 advertise=no interface=loopback0# Konfigurasi Routing OSPFv3/routing ospf-v3 instance set default router-id=2.2.2.2/routing ospf-v3 interface add area=backbone interface=ether1/routing ospf-v3 interface add area=backbone interface=loopback0 passive=yes

Mikrotik: OSPF Verification (1)

21

Cek OSPF Neighbor.

[admin@R1] > routing ospf-v3 neighbor print 0 instance=default router-id=2.2.2.2 address=fe80::ecb:cdff:fe9c:6300 interface=ether1 priority=1 dr=2.2.2.2 backup-dr=1.1.1.1 state="Full" state-changes=6 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=26m6s

[admin@R2] > routing ospf-v3 neighbor print 0 instance=default router-id=1.1.1.1 address=fe80::ecb:cdff:fe51:2b00 interface=ether1 priority=1 dr=2.2.2.2 backup-dr=1.1.1.1 state="Full" state-changes=5 ls-retransmits=0 ls-requests=0 db-summaries=0 adjacency=26m40s

Mikrotik: OSPF Verification (2)

22

Cek routing table OSPF.

[admin@R1] > ipv6 route print detail where ospfFlags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, o - ospf, b - bgp, U - unreachable 0 ADo dst-address=2001:db8::2/128 gateway=fe80::ecb:cdff:fe9c:6300%ether1 gateway-status=fe80::ecb:cdff:fe9c:6300%ether1 reachable distance=110 scope=20 target-scope=10 ospf-metric=20

[admin@R2] > ipv6 route print detail where ospfFlags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, o - ospf, b - bgp, U - unreachable 0 ADo dst-address=2001:db8::/64 gateway=fe80::ecb:cdff:fe51:2b00%ether1 gateway-status=fe80::ecb:cdff:fe51:2b00%ether1 reachable distance=110 scope=20 target-scope=10 ospf-metric=20

Mikrotik: BGP Configuration

23

# Pastikan sudah konfigurasi IPv6 address di interface terkait

# Konfigurasi pada R1# Konfigurasi BGP router-id/routing bgp instance set default as=100 router-id=1.1.1.1# Konfigurasi BGP peering ke R2/routing bgp peer add address-families=ipv6 name=to-R2 remote-address=2001:db8:12::2 remote-as=200# Advertise prefix 2001:db8::1/128/routing bgp network add network=2001:db8::1/128

# Konfigurasi pada R2# Konfigurasi BGP router-id/routing bgp instance set default as=200 router-id=2.2.2.2# Konfigurasi BGP peering ke R1/routing bgp peer add address-families=ipv6 name=to-R1 remote-address=2001:db8:12::1 remote-as=100# Advertise prefix 2001:db8::2/128/routing bgp network add network=2001:db8::2/128

Mikrotik: BGP Verification (1)

24

Cek BGP neighbor status, pastikan sudah established.

Mikrotik: BGP Verification (2)

25

Cek routing table IPv6 BGP.

[admin@R1] > ipv6 route print detail where bgpFlags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, o - ospf, b - bgp, U - unreachable 0 ADb dst-address=2001:db8::2/128 gateway=fe80::ecb:cdff:fe9c:6300%ether1 gateway-status=fe80::ecb:cdff:fe9c:6300%ether1 reachable distance=20 scope=40 target-scope=10 bgp-as-path="200" bgp-origin=igp received-from=to-R2

[admin@R2] > ipv6 route print detail where bgpFlags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, o - ospf, b - bgp, U - unreachable 0 ADb dst-address=2001:db8::1/128 gateway=fe80::ecb:cdff:fe51:2b00%ether1 gateway-status=fe80::ecb:cdff:fe51:2b00%ether1 reachable distance=20 scope=40 target-scope=10 bgp-as-path="100" bgp-origin=igp received-from=to-R1

References1. https://academy.apnic.net/en/virtual-labs/

26