OSPF Filtering Administrative Distance - NETBLOG
OSPF Filtering Administrative Distance

OSPF Filtering Administrative Distance

6/11/2017 08:07:00 PM
OSPF Filtering (Administrative Distance)

Oke guys, pada kesempatan kali ini saya akan ngebahas fitur dari OSPF, nah OSPF filtering ini hampir sama dengan EIGRP filtering. Pada OSPF filtering kita dapat memakai beberapa parameter untuk melakukan filte, diantaranya:
1.Administrative Distance
2. Prefix List
3. Maximum Prefix
4. Ganjil Genap (memfilter network yang memiliki IP ganjil ataupun genap).

Untuk kegunaannya sama saja yaitu membatasi network yang terdaftar di routing table. Pada lab kali ini saya akan menggunakan parameter yaitu mengubah Administrative Distance 255 atau AD yang berstatus Unreachable.

Untuk memperjelas, langsung masuk ke labnya.

Topologi

Skenario:
Memfilter agar network pada area 1 tidak terdaftar di area 2.

Pertama kita konfigurasikan IP dan routing protocol OSPF pada setiap router
Konfigurasi di R1:
R1(config)#int fa0/0
R1(config-if)#no sh
R1(config-if)#ip add 14.14.14.1 255.255.255.0
R1(config-if)#int fa0/1
R1(config-if)#no sh
R1(config-if)#ip add 12.12.12.1 255.255.255.0
R1(config-if)#int lo0
R1(config-if)#ip add 1.1.1.1 255.255.255.255
R1(config-if)#int lo1
R1(config-if)#ip add 11.11.11.11 255.255.255.255
R1(config-if)#router ospf 18
R1(config-router)#no aut
R1(config-router)#net 12.12.12.1 0.0.0.0 area 0
R1(config-router)#net 14.14.14.1 0.0.0.0 area 0
R1(config-router)#net 1.1.1.1 0.0.0.0 area 0
R1(config-router)#net 11.11.11.11 0.0.0.0 area 0
Konfigurasi di R2:
R2(config)#int fa0/0
R2(config-if)#no sh
R2(config-if)#ip add 12.12.12.2 255.255.255.0
R2(config-if)#int fa0/1
R2(config-if)#no sh
R2(config-if)#ip add 23.23.23.2 255.255.255.0
R2(config-if)#int lo0
R2(config-if)#ip add 2.2.2.2 255.255.255.255
R2(config-if)#int lo1
R2(config-if)#ip add 22.22.22.22 255.255.255.255
R2(config)#router ospf 18
R2(config-router)#net 12.12.12.2 0.0.0.0 area 0
R2(config-router)#net 23.23.23.2 0.0.0.0 area 0
R2(config-router)#net 23.23.23.2 0.0.0.0 area 0
R2(config-router)#net 2.2.2.2 0.0.0.0 area 0
R2(config-router)#net 22.22.22.22 0.0.0.0 area 0
Konfigurasi di R3:
R3(config)#int fa0/0
R3(config-if)#no sh
R3(config-if)#ip add 23.23.23.3 255.255.255.0
R3(config-if)#int fa0/1
R3(config-if)#no sh
R3(config-if)#ip add 35.35.35.3 255.255.255.0
R3(config-if)#int lo0
R3(config-if)#ip add 3.3.3.3 255.255.255.255
R3(config-if)#int lo1
R3(config-if)#ip add 33.33.33.33 255.255.255.255
R3(config-if)#router ospf 18
R3(config-router)#net 23.23.23.3 0.0.0.0 area 0
R3(config-router)#net 35.35.35.3 0.0.0.0 area 0
R3(config-router)#net 3.3.3.3 0.0.0.0 area 0
R3(config-router)#net 33.33.33.33 0.0.0.0 area 0

Konfigurasi di R4:
R4(config)#int fa0/0
R4(config-if)#no sh
R4(config-if)#ip add 14.14.14.4 255.255.255.0
R4(config-if)#int lo0
R4(config-if)#ip add 4.4.4.4 255.255.255.255
R4(config-if)#int lo1
R4(config-if)#ip add 44.44.44.11 255.255.255.255
R4(config-if)#router ospf 18
R4(config-router)#net 14.14.14.4 0.0.0.0 area 0
R4(config-router)#net 4.4.4.4 0.0.0.0 area 1
R4(config-router)#net 44.44.44.11 0.0.0.0 area 1
Konfigurasi di R5:
R5(config)#int fa0/0
R5(config-if)#no sh
R5(config-if)#ip add 35.35.35.5 255.255.255.0
R5(config-if)#int lo0
R5(config-if)#ip add 5.5.5.5 255.255.255.255
R5(config-if)#int lo1
R5(config-if)#ip add 55.55.55.11 255.255.255.255
R5(config-if)#int lo2
R5(config-if)#ip add 55.55.55.22 255.255.255.255
R5(config-if)#int lo3
R5(config-if)#ip add 55.55.55.33 255.255.255.255
R5(config-if)#int lo4
R5(config-if)#ip add 55.55.55.44 255.255.255.255
R5(config-if)#int lo5
R5(config-if)#ip add 55.55.55.55 255.255.255.255
R5(config-if)#router ospf 18
R5(config-router)#net 35.35.35.5 0.0.0.0 area 0
R5(config-router)#net 5.5.5.5 0.0.0.0 area 2
R5(config-router)#net 55.55.55.11 0.0.0.0 area 2
R5(config-router)#net 55.55.55.22 0.0.0.0 area 2
R5(config-router)#net 55.55.55.33 0.0.0.0 area 2
R5(config-router)#net 55.55.55.44 0.0.0.0 area 2
R5(config-router)#net 55.55.55.55 0.0.0.0 area 2
Setelah itu cek routing table pada R5

R5#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

 Gateway of last resort is not set

      1.0.0.0/32 is subnetted, 1 subnets
O       1.1.1.1 [110/31] via 35.35.35.3, 00:09:56, FastEthernet0/0
     35.0.0.0/24 is subnetted, 1 subnets
C       35.35.35.0 is directly connected, FastEthernet0/0
     2.0.0.0/32 is subnetted, 1 subnets
O       2.2.2.2 [110/21] via 35.35.35.3, 00:09:56, FastEthernet0/0
     33.0.0.0/32 is subnetted, 1 subnets
O       33.33.33.33 [110/11] via 35.35.35.3, 00:09:56, FastEthernet0/0
     3.0.0.0/32 is subnetted, 1 subnets
O       3.3.3.3 [110/11] via 35.35.35.3, 00:09:57, FastEthernet0/0
     4.0.0.0/32 is subnetted, 1 subnets
O IA    4.4.4.4 [110/41] via 35.35.35.3, 00:09:57, FastEthernet0/0
     55.0.0.0/32 is subnetted, 5 subnets
C       55.55.55.55 is directly connected, Loopback5
C       55.55.55.33 is directly connected, Loopback3
C       55.55.55.44 is directly connected, Loopback4
C       55.55.55.22 is directly connected, Loopback2
C       55.55.55.11 is directly connected, Loopback1
     5.0.0.0/32 is subnetted, 1 subnets
C       5.5.5.5 is directly connected, Loopback0
     23.0.0.0/24 is subnetted, 1 subnets
O       23.23.23.0 [110/20] via 35.35.35.3, 00:09:59, FastEthernet0/0
     22.0.0.0/32 is subnetted, 1 subnets
O       22.22.22.22 [110/21] via 35.35.35.3, 00:09:59, FastEthernet0/0
     11.0.0.0/32 is subnetted, 1 subnets
O       11.11.11.11 [110/31] via 35.35.35.3, 00:09:59, FastEthernet0/0
     12.0.0.0/24 is subnetted, 1 subnets
O       12.12.12.0 [110/30] via 35.35.35.3, 00:09:59, FastEthernet0/0
     44.0.0.0/32 is subnetted, 4 subnets
O IA    44.44.44.11 [110/41] via 35.35.35.3, 00:10:01, FastEthernet0/0
     14.0.0.0/24 is subnetted, 1 subnets
O       14.14.14.0 [110/40] via 35.35.35.3, 00:10:01, FastEthernet0/0

 Nah disini terlihat bahwa semua network pada area 1 itu terdaftar di routing table R5.

 Untuk membuat agar semua network pada area 1 itui tidak terdaftar pada routing table, pertama kita buat dulu access list yang berfungsi untuk melakukan drop paket, ketika router yang memiliki network tersebut mengadvertise networknya. Kita buat access listnya pada router yang ingin tidak memiliki network tertentu.

 R5(config)#access-list 1 permit 44.44.44.11

 Setelah itu, kita ubah Administrative Distance network yang telah kita drop tadi menggunakan access-list.

 R5(config)#router ospf 18
R5(config-router)# distance 255 0.0.0.0 255.255.255.255 1

 Setelah itu cek routing table di R5.

R5#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     1.0.0.0/32 is subnetted, 1 subnets
O       1.1.1.1 [110/31] via 35.35.35.3, 00:09:56, FastEthernet0/0
     35.0.0.0/24 is subnetted, 1 subnets
C       35.35.35.0 is directly connected, FastEthernet0/0
     2.0.0.0/32 is subnetted, 1 subnets
O       2.2.2.2 [110/21] via 35.35.35.3, 00:09:56, FastEthernet0/0
     33.0.0.0/32 is subnetted, 1 subnets
O       33.33.33.33 [110/11] via 35.35.35.3, 00:09:56, FastEthernet0/0
     3.0.0.0/32 is subnetted, 1 subnets
O       3.3.3.3 [110/11] via 35.35.35.3, 00:09:57, FastEthernet0/0
     4.0.0.0/32 is subnetted, 1 subnets
O IA    4.4.4.4 [110/41] via 35.35.35.3, 00:09:57, FastEthernet0/0
     55.0.0.0/32 is subnetted, 5 subnets
C       55.55.55.55 is directly connected, Loopback5
C       55.55.55.33 is directly connected, Loopback3
C       55.55.55.44 is directly connected, Loopback4
C       55.55.55.22 is directly connected, Loopback2
C       55.55.55.11 is directly connected, Loopback1
     5.0.0.0/32 is subnetted, 1 subnets
C       5.5.5.5 is directly connected, Loopback0
     23.0.0.0/24 is subnetted, 1 subnets
O       23.23.23.0 [110/20] via 35.35.35.3, 00:09:59, FastEthernet0/0
     22.0.0.0/32 is subnetted, 1 subnets
O       22.22.22.22 [110/21] via 35.35.35.3, 00:09:59, FastEthernet0/0
     11.0.0.0/32 is subnetted, 1 subnets
O       11.11.11.11 [110/31] via 35.35.35.3, 00:09:59, FastEthernet0/0
     12.0.0.0/24 is subnetted, 1 subnets
O       12.12.12.0 [110/30] via 35.35.35.3, 00:09:59, FastEthernet0/0
     14.0.0.0/24 is subnetted, 1 subnets
O       14.14.14.0 [110/40] via 35.35.35.3, 00:10:01, FastEthernet0/0

 Nah disini terlihat bahwa IP 44.44.44.11 sudah tidak terdaftar di routing table R5.

 Dengan ini berarti blocking yang kita lakukan BERHASILL!!!...

Selessaiiii.....



See u on next post....













Quote

Jangan pernah bosan untuk belajar, selalu belajar dan temukan hal baru. Karena belum tentu hasil yang akan kita dapat itu dapat diraih dengan usaha yang mudah, semudah menjatuhkan sesuatu. Bisa saja kita harus mendapatkan dengan usaha yang sulit, seperti menjadi sebuah benda kecil ditumpukkan jerami.

Next
« Prev Post
Previous
Next Post »
Langganan: Posting Komentar (Atom)