Home

DHCP Configuration

1 Comment

Gw lupa….dari awal gw bikin ini blog ga pernah bahas DHCP Config detail…(yang lama ada sih)

wokeh, kali ini kita bahas *buka buku catetan gw dulu*

========================================

DHCP (Dynamic Host Control Protocol) adalah suatu metode/protocol untuk memberikan IP ke device2 yang terhubung kejaringan… btw, gue salah tulis…bukan Control Protocol, tapi Configuration Protocol

Klo kita setel 1-1 IP ke 100 komputer…ya mabok juga

This is the desain we use throughout the article (sebenernya bisa pake packet tracer, Cuma ada beberapa fitur yang ga bisa dijalanin disana)

Setting PC supaya dapet DHCP

Klo GNS3…kita mesti set dulu di PC nya

Kita verifikasi dengan show interface brief

Look at the Method…it says…DHCP

========================================

Configuring DHCP on Cisco Router

Penjelasan:

  • Ip dhcp pool LAN_1, create pool dhcp yang bernama LAN_1 (nama bebas), jadi device2 yang minta IP ngambilnya dari “kolam” ini
  • Network 10.10.10.0 255.255.255.0, ip yang dikasi dari pool ini range-nya dari 10.10.10.0 sampai 10.10.10.255
  • Default-router 10.10.10.1, ini adalah default-gateway yang dikasi oleh dhcp pool nya
  • Dns-server 10.10.10.10 10.10.10.20, untuk ngasi IP DNS Server ke device2nya…bisa lebih dari 1 DNS Server (10.10 dan 10.20)
  • Option 150 ip 10.10.10.100, ini fitur yang dipake untuk Cisco IP Phone guna mendapatkan IP CallManager (bisa diatur/auto-assign dari dhcp pool juga)
  • Ip dhcp excluded-address 10.10.10.0 10.10.10.20, ini maksudnya JANGAN memberikan ip dari range 10.10 sampe 10.20 ke device2 yang ada
  • Ip dhcp excluded-address 10.10.10.100, untuk memcegah router memberikan IP spesifik/tertentu kepada router (which is router ga akan ngasi 10.100 ke end devices)

Catatan:

  • DHCP bisa kita create di non-router (contohnya di Windows Server, biasanya untuk menghemat kinerja router…jgn salah…router ngasi DHCP juga termasuk KERJA loh…)
  • Kita bisa men-create lebih dari satu pool DHCP dalam satu router(contohnya untuk sub-interface, int fa0/0.10 dapet ip X.X.X.X dan int fa0/0.20 dapet ip Y.Y.Y.Y)
  • Default-gateway BIASANYA adalah interface si router itu sendiri yang mengarah ke LAN (so pastikan default-router [ip] nya adalah ip router)
  • Dns server kita bisa set lebih dari satu (maksimum kaga tau gw…bisa banyak kok…waktu itu gw set ampe 5 dns server, itu masih bisa nambah)
  • Excluded address bisa kita set berdasarkan range (dari ip 10.0 sampe 10.20 ga bole dikasi ke end devices)
  • Ato kita bisa kasih secara spesifik seperti 10.10.10.100, tapi ya manual…ketik satu2 ip yang ga boleh apa aja (10.20 ga bole, 10.150 ga bole, 10.200 ga bole, dst.)

Let’s see the effect

See…dikasi ip 10.10.10.21, karena dari 0 sampe 20 ga bole dikasi (Cuma kekurangannya adalah default gatewaynya di GNS3 kita harus input manual…klo di PC asli jalan kok)

Verifikasinya bisa kita tampilkan dengan cara show ip dhcp binding

Nah…disitu dijelaskan…mac address aaaa.bbbb.cccc dapet ip X.X.X.X

Lease expiration = ini IP dicabut lagi dari peredaran, dikasi ke alat lain yang membutuhkan. Klo emang ga ada yang request IP, bisa aja dikasi lagi ke end device yang sama

Default expiration time nya adalah 12 jam, bisa dirubah ga ?!? bisa…tambahin aja di (dhcp-config) nya command ini

Artinya…IP ini akan dilepas setelah 2 hari 5 jam…ato mo selamanya ?!? ketik aja lease infinite

Trus bisa ga kita pengen end device dengan mac-address spesifik, selalu dapet IP yang sama ?!? bisa…tenang aja, apa sih yang engga buat lo…hahaha

Contoh mac-address aaaa.bbbb.cccc selalu dapet ip 10.10.10.150

Whoops…ga bisa di pool ini, kita create pool baru de…memang butuh dhcp pool khusus

Jadi…device dengan mac-address aaaa.bbbb.cccc tetep di network 10.10.10.0 kan ?! yoi

Nah…DHCP yang kita bahas tadi kan masih satu LAN dengan PC-PC yang ada…gimana klo beda LAN ?

Gimana klo DHCP_2 yang ngasi IP ?? (see design above)

Cara nya adalah dengan bantuan ip helper-address

Dengan bantuan command ip helper-address, tiap broadcast yang dikirim oleh end devices yang minta ip akan di redirect ke 12.12.12.2 which is interface DHCP_2 yang mengarah ke DHCP_1

Maksudnya tiap broadcast apa?!? remember…itu client default ip nya kan autoconfiguration (ipnya 169.X.X.X) betul ga !?

Mereka minta ip ke server gimana caranya !??! emang tau dia IP server ?!? orang dia-nya aja ga punya IP (at least beda network ama DHCP Server-nya)

Makanya mereka “teriak” dengan ip 255.255.255.255 alias pake ip broadcast, nahhh…defaultnya…broadcast itu ga dikirim keluar dari router

Dengan bantuin ip helper-address…broadcast itu “dibantuin” untuk keluar dari jaringan LAN

Apa aja sih broadcast yang bisa dibantuin selain broadcast minta DHCP ?!?

.

.

.

…gw lupa nyatet yang itu…pernah dijelasin sih….hahaha

en by the way…selain di router, di Multilayer Switch alias Switch layer 3 yang ada fitur routing nya juga bisa kita config DHCP

now…how we configure static DHCP assign kek dibawah ini

static DHCP

di R1

R1-DHCP(config)#ip dhcp pool FOR-PC
R1-DHCP(dhcp-config)#host 192.168.1.100 255.255.255.0
R1-DHCP(dhcp-config)#client-identifier 01cc.0253.1c00.00

mac address R2-PC adalah cc02.531c.0000

kode ethernet adalah 01…so 01+cc02.531c.0000 = 01cc.0253.1c00.00 (geser titik-nya aja…)

di R2

R2-PC(config)#int fa0/0
R2-PC(config-if)#ip address dhcp client-id FastEthernet0/0

R2-PC(config-if)#
*Mar 1 00:12:45.871: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/0 assigned DHCP address 192.168.1.100, mask 255.255.255.0, hostname R2-PC

BGP Configuration (part 1)

12 Comments

(article yang lama akan coba gw update disini…dan gw coba jelasin in english…biar gaya)

Today we learn about how to configure basic BGP configuration such as,

  • e-BGP
  • i-BGP (with loopback)
  • BGP Full Mesh
  • peer-group
  • BGP authentication
  • And BGP Summarization

And the topology we use throughout this article is like this

Note: IP Scheme is 192.168.XX.X..where XX is the combined number of routers, such as R2 and R3 would be 192.168.23.2 and 23.3

We use OSPF as IGP (Internal) Protocol in AS 1

I already assume you have good understanding how to configure basic IP Configuration on Cisco Router here…

I’m trying to explain step-by-step…including error, note, important detail that I learn when configuring basic BGP Configuration

================================================

Configuring e-BGP

e-BGP (external BGP) = Connecting different BGP AS (Autonomous System)

We configure R1 and R5

Wait a little longer (10-20s)…BGP Convergence is verrrry slooow

To see list of BGP neighbor, we could use show ip bgp summary

to perform eBGP WITHOUT connecting directly…we must use eBGP-multihop (we’ll talk about it in the next parts)

================================================

Configuring i-BGP

i-BGP (internal BGP) = Connecting BGP within AS

We Configure R1 and R3

If R1 peering within AS (i-BGP), we must check wether route to destination peer is exist within routing table (show ip route)

of course…how would R1 know how to deliver BGP Packet (request for Peering with R3) if He doesnt know where to send the packet ?!? *face palm*

So…one of the differences between e-BGP and i-BGP is i-BGP peering routers are not necessary to be directly connected

Configuring i-BGP with Loopback

The question is…if the physical link down…would it be down too with the BGP Peering right ?!?

There are 2 answers: add another physical link to BGP neighborship table, or (the easiest one)…add loopback IP

Because Loopback Interface is never down (remember…this interface is virtual), Loopback Interface will be down if the Router itself down

As long as the routers know how to send packet to loopback IP (acquired via IGP such as OSPF), the neighborship and peering will be fine

To configure i-BGP with loopback, delete neighborship with physical interface first (no neighbor [physical IP] remote-as [AS Number])

the keyword is update-source [interface]

Lets verify the list of the neighbors

=====================================================

BGP Full Mesh

Now…R1 peering with R5 (e-BGP) and R1 peering with R3 (i-BGP)

The next task is…will R3 reach R5 without extra configuration ?!?

Both R3 and R5 connect to R1. To reach R5 (or R3), R1 must advertise the route to both Routers, lets see if R1 advertise rute 10.10.15.1 to R3 (show ip bgp)

The rules of advertising rute is same like i-BGP peering…He must know the route to it/destination

When we see the configuration above, maybe one or two of us will ask the same question

Why 23.0 use mask…why 34.0 not ?!? the answer is…it doesnt matter, it still same result

If we only advertise network WITHOUT mask…BGP will assume that route is classfull (and 192.168.34.0 is classful right ?!? C Class IP)

Note…if we use network 0.0.0.0 mask 0.0.0.0 (some of you will do it because of laziness…JUST ADD ALL !! haha)

The result is not what you are thinking…the router will advertise DEFAULT ROUTE !!! (just think of it…0.0.0.0 0.0.0.0 is default route right ?!?)

So…the way we handle advertised route in BGP is different than IGP such as OSPF

Now lets see if R3 (also R5 will get the same result) get the advertised route…

Lets ping

Ping to R5 10.10.15.5 success, but will it be the same if R3 ping to one of R5 loopback IP such as 5.5.5.5 ?!?

Why is this happen ?? when R3 ping to 10.10.15.5 which is R5, R1 know where to route the packet (directly connected, exist in R1’s routing table)

But when R3 ping to R5 5.5.5.5 loopback IP, lets see R1 routing table

Now we know the problem (5.5.5.5 doesnt exist in R1’s Routing table)…so what is the solution ?!?

Because R1 doesnt know how to route the packet…we must add static route to R5 loopback ip, then see if that static route exist in routing table, advertise using BGP, check using show ip bgp

Lets check on R3…will it be able to ping loopback ip on R5 ?!?

Unreachable…the packets stop on R2 (23.2) and R4 (34.4)

Why is this happen ?!? because R2 and R4 doesnt know where to route the packets !!! (of course…they doesnt know where the F*** 5.5.5.5 is !!!)

The solution ?!? make R2 (and R4) run BGP too (5.5.5.5 acquired via BGP right ?!?)

To make sure a proper BGP implementation, we must configure all router to run BGP? is it like another route protocol?

yes, just like EIGRP and OSPF, BGP is another type of routing protocol right ?!? but this protocol is more suitable in ISP environment

Note: same config apply ro R4, R3, R1

Let see…

But..there is some question…i-BGP peering doesnt need to be directly connected, but now we connect all of them

Isn’t it waste of energy and time ?!?! yes…this is what we called i-BGP Full Mesh

So…imagine if there is more than 4 router…

The formula is n(n-1)/2..where N = sum of all router

So..if there is 25 router..it would be 600 peerings !!!

To overcome this complicated BGP Behavior…BGP has features called Route-Reflector and Route Confederation (later we’ll configure them)

=========================================

BGP Peer-Group

Imagine you type all this…

To reduce that repetition…BGP has feature called Peer-Group

Let me show you the example

============================================================================

BGP Authentication

Its quite simple (lets keep it simple though wkwkwk)

BGP Default authentication is using MD5

===========================================================================

BGP Summarization

BGP auto-summarization is off by default

BGP Summarize route using aggregate command

Lets advertise loopbacks IP from R5

Lets see on R1

dont worry about 5.0.0.0 below 3.3.3.3, I’m advertised static route into BGP remember…thats why that network exist

To reduce routing table and bgp “show ip bgp” table, on R5 we must use route aggregation

Lets see the effect on R1

Whoops…nothing change…except there is “*> “…a blank network

So…we must add a little command here (summary-only)

And the effect…

Yuppp…it works…

See the last line…S 5.0.0.0 [1/0]…its static (S)…not BGP (B), why ?!? because Static Route AD (Administrative Distance) is better than BGP

So…can it be pinged ?!?…yes, sure it can

Thats all folks for today…part 2 coming soon (BGP Route Modification with Path Attributes) insya Allah