Lokasi Ardelindo Aples Depok


View Ardelindo Aples in a larger map

Sabtu, 06 Juni 2009

MPLS Virtual WAN Mobile Internet Broadband Access



Pada blog sebelumnya kita membahas konfigurasi MPLS Virtual WAN, dengan memanfaatkan VPN bridging dan Routing BGP. Sekarang kita membahas akses MPLS Virtual WAN melalui mobile internet broadband access (Ex: Smart Telecom Internet Unlimited 153kbps), untuk menghubungi komputer yang berada di subnet ardelindo (192.168.0.0/24), ruang pelatihan (192.168.3.0/24) dan customer (192.168.1.0/24).

Datacenter customer dan ardelindo datacenter adalah storage penyimpanan data terpusat, jadi saya bisa setiap saat mengambil file yang diperlukan agar bisa dikerjakan dirumah. Kedua saya juga bisa melakukan remote maintenance walaupun sedang berada diluar kantor.
Lokasi saya berada di perumahan bukit rivaria sawangan - depok, yang saya gunakan Personal Computer rakitan, terhubung langsung ke HP nokia 2865 melalui kabel DKU-2. Device ppp0 adalah perangkat yang dibuat linux otomatis saat kita terhubung ke jaringan Smart Telecom Internet Unlimited. Alamat IP VPN adaah sebagai berikut:

Rumah Sawangan
root@ubuntu:~# ifconfig ppp0
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.10.54.194 P-t-P:10.17.4.12 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1000 Metric:1
RX packets:4284 errors:1 dropped:0 overruns:0 frame:0
TX packets:4492 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:1615893 (1.5 MiB) TX bytes:612388 (598.0 KiB)

Kantor Ardelindo
root@aples-desktop:~# ifconfig tap0
tap0 Link encap:Ethernet HWaddr 00:ff:1c:6b:97:d1
inet addr:10.8.1.1 Bcast:10.8.1.255 Mask:255.255.255.0
inet6 addr: fe80::2ff:1cff:fe6b:97d1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:762478 errors:0 dropped:0 overruns:0 frame:0
TX packets:844504 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:71179776 (67.8 MB) TX bytes:77438801 (73.8 MB)

Customer ABCDE
root@ubuntu:~# ifconfig tap0
tap0 Link encap:Ethernet HWaddr 00:ff:c7:6f:74:d5
inet addr:10.8.1.4 Bcast:10.8.1.255 Mask:255.255.255.0
inet6 addr: fe80::2ff:c7ff:fe6f:74d5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:103107 errors:0 dropped:0 overruns:0 frame:0
TX packets:55442 errors:0 dropped:99 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:7824984 (7.4 MB) TX bytes:4262522 (4.0 MB)


Pengujian koneksi
Setelah semua terhubung ke jaringan VPN, kita lakukan test koneksi dengan ICMP melalui PC Desktop rumah sawangan.
root@ubuntu:~# ping 10.8.1.1
PING 10.8.1.1 (10.8.1.1) 56(84) bytes of data.
64 bytes from 10.8.1.1: icmp_seq=2 ttl=64 time=527 ms
64 bytes from 10.8.1.1: icmp_seq=3 ttl=64 time=543 ms
64 bytes from 10.8.1.1: icmp_seq=4 ttl=64 time=559 ms

--- 10.8.1.1 ping statistics ---
4 packets transmitted, 3 received, 25% packet loss, time 3007ms
rtt min/avg/max/mdev = 527.763/543.808/559.862/13.118 ms

root@ubuntu:~# ping 10.8.1.4
PING 10.8.1.4 (10.8.1.4) 56(84) bytes of data.
64 bytes from 10.8.1.4: icmp_seq=3 ttl=64 time=585 ms
64 bytes from 10.8.1.4: icmp_seq=4 ttl=64 time=586 ms
64 bytes from 10.8.1.4: icmp_seq=6 ttl=64 time=606 ms

--- 10.8.1.4 ping statistics ---
6 packets transmitted, 3 received, 50% packet loss, time 5010ms
rtt min/avg/max/mdev = 585.956/593.302/606.980/9.720 ms

dari hasil diatas kita lihat bahwa semua sudah terhubung dengan jaringan VPN.

Konfigurasi Routing BGP
Nah sekarang kita lakukan konfigurasi routing BGP untuk menghubungkan subnet kantor ardelindo, ruang pelatihan dan customer. Dalam contoh ini saya hanya perlihatkan settingan BGP nya, untuk keterangan lebih detail lihat di tutorial MPLS Virtual WAN.
Kantor Ardelindo
root@ubuntu:~# telnet 10.8.1.1 bgpd
bgpd> enable
bgpd# configure terminal
bgpd(config)# show running-config
router bgp 1001
bgp router-id 10.8.1.1
network 10.8.1.0/24
network 122.200.50.0/24
network 192.168.0.0/24
neighbor 10.8.1.4 remote-as 1005
neighbor 10.8.1.13 remote-as 1008
neighbor 192.168.0.90 remote-as 1001
neighbor 192.168.0.253 remote-as 1001

Customer ABCDE
root@ubuntu:~# telnet 10.8.1.4 bgpd
bgpd# show running-config
router bgp 1005
bgp router-id 10.8.1.4
network 192.168.1.0/24
neighbor 10.8.1.1 remote-as 1001
neighbor 10.8.1.13 remote-as 1008

Rumah Sawangan
root@ubuntu:~# telnet 127.0.0.1 bgpd
bgpd# show running-config
router bgp 1008
bgp router-id 10.8.1.13
neighbor 10.8.1.1 remote-as 1001
neighbor 10.8.1.4 remote-as 1005

Routing Table BGP
Kemudian setelah terhubung kita lihat routing table melalui zebra dan bgpd.
Rumah Sawangan
root@ubuntu:~# telnet 127.0.0.1 zebra
Router> show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
K>* 0.0.0.0/0 is directly connected, ppp0
B 10.8.1.0/24 [20/0] via 10.8.1.1 inactive, 01:26:21
C>* 10.8.1.0/24 is directly connected, tap0
C>* 10.17.4.12/32 is directly connected, ppp0
B>* 122.200.50.0/24 [20/0] via 10.8.1.1, tap0, 01:26:21
C>* 127.0.0.0/8 is directly connected, lo
K * 169.254.0.0/16 is directly connected, eth0 inactive
B>* 192.168.0.0/24 [20/0] via 10.8.1.1, tap0, 01:26:21
B>* 192.168.1.0/24 [20/0] via 10.8.1.4, tap0, 01:24:26
S>* 192.168.1.99/32 [1/0] via 10.8.1.4, tap0
S>* 192.168.1.100/32 [1/0] via 10.8.1.4, tap0
Interface tap0 : perangkat VPN bridging

root@ubuntu:~# telnet 127.0.0.1 bgpd
bgpd> show ip bgp
BGP table version is 0, local router ID is 10.8.1.13
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.8.1.0/24 10.8.1.1 0 0 1001 i
*> 122.200.50.0/24 10.8.1.1 0 0 1001 i
*> 192.168.0.0 10.8.1.1 0 0 1001 i
*> 192.168.1.0 10.8.1.4 0 0 1005 i
*> 192.168.6.0 10.8.1.2 0 1001 1003 i
*> 192.168.10.0 10.8.1.2 0 1001 1003 i
Total number of prefixes 6

bgpd> show ip bgp neighbors
BGP neighbor is 10.8.1.1, remote AS 1001, local AS 1008, external link
BGP version 4, remote router ID 10.8.1.1
BGP state = Established, up for 01:18:43
Last read 00:00:43, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received(old & new)
Address family IPv4 Unicast: advertised and received
Received 179 messages, 0 notifications, 0 in queue
Sent 180 messages, 1 notifications, 0 in queue
Route refresh request: received 0, sent 0
Minimum time between advertisement runs is 30 seconds

For address family: IPv4 Unicast
Community attribute sent to this neighbor(both)
7 accepted prefixes

bgpd> show ip bgp summary
BGP router identifier 10.8.1.13, local AS number 1008
3 BGP AS-PATH entries
0 BGP community entries
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.8.1.1 4 1001 181 183 0 0 0 01:20:39 7
10.8.1.4 4 1005 176 188 0 0 0 01:21:32 1
Total number of neighbors 2

root@ubuntu:~# netstat -nr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.99 10.8.1.4 255.255.255.255 UGH 0 0 0 tap0
192.168.1.100 10.8.1.4 255.255.255.255 UGH 0 0 0 tap0
10.17.4.12 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.6.0 10.8.1.2 255.255.255.0 UG 0 0 0 tap0
192.168.4.0 10.8.1.1 255.255.255.0 UG 0 0 0 tap0
122.200.50.0 10.8.1.1 255.255.255.0 UG 0 0 0 tap0
192.168.3.0 10.8.1.1 255.255.255.0 UG 0 0 0 tap0
192.168.0.0 10.8.1.1 255.255.255.0 UG 0 0 0 tap0
10.8.1.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0
192.168.10.0 10.8.1.2 255.255.255.0 UG 0 0 0 tap0
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
Interface tap0 : perangkat VPN bridging


Kantor Ardelindo
root@ubuntu:~# telnet 10.8.1.1 zebra
Router> show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
K>* 0.0.0.0/0 via 122.200.52.1, eth1
C>* 10.8.1.0/24 is directly connected, tap0
C>* 10.8.10.0/24 is directly connected, tap1
C>* 122.200.52.0/25 is directly connected, eth1
C>* 127.0.0.0/8 is directly connected, lo
C>* 192.168.0.0/24 is directly connected, eth3
K>* 192.168.0.63/32 via 10.8.1.5, tap0
K>* 192.168.0.218/32 via 10.8.1.5, tap0
B>* 192.168.1.0/24 [20/0] via 10.8.1.4, tap0, 01:25:44
S>* 192.168.1.99/32 [1/0] via 10.8.1.4, tap0
S>* 192.168.1.100/32 [1/0] via 10.8.1.4, tap0

root@ubuntu:~# telnet 10.8.1.1 bgpd
bgpd> show ip bgp
BGP table version is 0, local router ID is 10.8.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.8.1.0/24 0.0.0.0 0 32768 i
*> 122.200.50.0/24 0.0.0.0 0 32768 i
*> 192.168.0.0 0.0.0.0 0 32768 i
*> 192.168.1.0 10.8.1.13 0 1008 1005 i
*>i192.168.3.0 192.168.0.253 0 100 0 i
*>i192.168.4.0 192.168.0.253 0 100 0 i
*> 192.168.6.0 10.8.1.2 0 0 1003 i
*> 192.168.10.0 10.8.1.2 0 0 1003 i
Total number of prefixes 8

bgpd> show ip bgp summary
BGP router identifier 10.8.1.1, local AS number 1001
RIB entries 15, using 960 bytes of memory
Peers 8, using 20 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.8.1.2 4 1003 1915 1970 0 0 0 1d02h09m 2
10.8.1.4 4 1005 7162 7391 0 0 0 2d12h46m Idle
10.8.1.12 4 1007 82 121 0 0 0 5d03h37m Active
10.8.1.13 4 1008 1237 1387 0 0 0 01:24:49 1
192.168.0.90 4 1001 148 153 0 0 0 2d05h02m Active
192.168.0.253 4 1001 2894 2942 0 0 0 00:07:48 2
Total number of neighbors 6


Customer ABCDE
root@ubuntu:~# telnet 10.8.1.4 zebra
Router> show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
I - ISIS, B - BGP, > - selected route, * - FIB route
K>* 0.0.0.0/0 via 192.168.0.2, eth3
B 10.8.1.0/24 [20/0] via 10.8.1.1 inactive, 01:27:16
C>* 10.8.1.0/24 is directly connected, tap0
B>* 122.200.50.0/24 [20/0] via 10.8.1.1, tap0, 01:27:16
C>* 127.0.0.0/8 is directly connected, lo
K>* 169.254.0.0/16 is directly connected, eth1
B 192.168.0.0/24 [20/0] via 10.8.1.1, tap0, 01:27:16
C>* 192.168.0.0/24 is directly connected, eth3
S>* 192.168.0.71/32 [1/0] via 10.8.1.2, tap0
S>* 192.168.0.253/32 [1/0] via 10.8.1.2, tap0
C>* 192.168.1.0/24 is directly connected, eth1

root@ubuntu:~# telnet 10.8.1.4 bgpd
bgpd> show ip bgp
BGP table version is 0, local router ID is 10.8.1.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.8.1.0/24 10.8.1.13 0 1008 1001 i
*> 122.200.50.0/24 10.8.1.13 0 1008 1001 i
*> 192.168.0.0 10.8.1.13 0 1008 1001 i
*> 192.168.1.0 0.0.0.0 0 32768 i
*> 192.168.3.0 10.8.1.13 0 1008 1001 i
*> 192.168.4.0 10.8.1.13 0 1008 1001 i
*> 192.168.6.0 10.8.1.13 0 1008 1001 1003 i
*> 192.168.10.0 10.8.1.13 0 1008 1001 1003 i
Total number of prefixes 8

bgpd> show ip bgp summary
BGP router identifier 10.8.1.4, local AS number 1005
RIB entries 15, using 960 bytes of memory
Peers 3, using 7536 bytes of memory

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.8.1.1 4 1001 5868 7357 0 0 0 2d12h52m Idle
10.8.1.13 4 1008 693 712 0 0 0 01:31:35 7
Total number of neighbors 2

Pengujian koneksi antar subnet
Dari hasil routing diatas bisa kita simpulkan sekarang semua subnet sudah terhubung. Untuk meyakinkan kita lakukan test ICMP dari PC rumah sawangan ke setiap server yang ada pada gambar topologi diatas.

Ke Kantor Ardelindo
root@ubuntu:~# ping 192.168.0.71 (Ardelindo Datacenter)
PING 192.168.0.71 (192.168.0.71) 56(84) bytes of data.
64 bytes from 192.168.0.71: icmp_seq=2 ttl=64 time=509 ms
64 bytes from 192.168.0.71: icmp_seq=4 ttl=64 time=609 ms
64 bytes from 192.168.0.71: icmp_seq=5 ttl=64 time=530 ms

root@ubuntu:~# ping 192.168.0.3 (Ardelindo IP Phone)
PING 192.168.0.3 (192.168.0.3) 56(84) bytes of data.
64 bytes from 192.168.0.3: icmp_seq=1 ttl=63 time=1130 ms
64 bytes from 192.168.0.3: icmp_seq=2 ttl=63 time=685 ms
64 bytes from 192.168.0.3: icmp_seq=3 ttl=63 time=681 ms


Ke Customer ABCDE
root@ubuntu:~# ping 192.168.1.100 (Datacenter)
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
64 bytes from 192.168.1.100: icmp_seq=1 ttl=63 time=585 ms
64 bytes from 192.168.1.100: icmp_seq=2 ttl=63 time=628 ms
64 bytes from 192.168.1.100: icmp_seq=3 ttl=63 time=606 ms

root@ubuntu:~# ping 192.168.1.102 (Application Server)
PING 192.168.1.102 (192.168.1.102) 56(84) bytes of data.
64 bytes from 192.168.1.102: icmp_seq=1 ttl=63 time=643 ms
64 bytes from 192.168.1.102: icmp_seq=2 ttl=63 time=601 ms
64 bytes from 192.168.1.102: icmp_seq=3 ttl=63 time=1398 ms

root@ubuntu:~# ping 192.168.1.99 (Webmail)
PING 192.168.1.99 (192.168.1.99) 56(84) bytes of data.
64 bytes from 192.168.1.99: icmp_seq=1 ttl=64 time=572 ms
64 bytes from 192.168.1.99: icmp_seq=2 ttl=64 time=589 ms
64 bytes from 192.168.1.99: icmp_seq=3 ttl=64 time=625 ms

root@ubuntu:~# ping 192.168.1.103 (Backup Server)
PING 192.168.1.103 (192.168.1.103) 56(84) bytes of data.
64 bytes from 192.168.1.103: icmp_seq=1 ttl=63 time=801 ms
64 bytes from 192.168.1.103: icmp_seq=2 ttl=63 time=685 ms
64 bytes from 192.168.1.103: icmp_seq=3 ttl=63 time=644 ms
64 bytes from 192.168.1.103: icmp_seq=4 ttl=63 time=843 ms

Akses Ardelindo dan Customer ABCDE
Sekarang kita lakukan akses secara nyata menggunakan nautilus untuk mengambil data yang ada di ardelindo dan customer, serta melakukan akses webmail secara lokal.

Koneksi ke Ardelindo Datacenter

Koneksi Ke Ardelindo Hotspot Management


Koneksi Ke Customer ABCDE

Linux Training: www.ardelindo.com
Di terbitkan oleh Ardelindo Aples Blog Tutorial Hari Sabtu, Juni 06, 2009

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)