 |
| Gambar 1 Passive Interface OSPF Mikrotik |
Febriyan Net - Ada salah satu parameter pada jaringan OSPF yang lumayan berguna jika dalam jaringan skala besar, yaitu Passive Interface . Passive interface digunakan untuk menentukan apakah interface pada router dapat menerima atau mengirim traffik ospf atau tidak. Untuk pengimplementasiannya sendiri agar kita bisa menentukkan interface mana yang akan digunakan ospf dan interface mana yang tidak digunakan untuk ospf, agar nantinya tidak boros resource karena ospf akan membroadcast traffik (hello packet) ke semua port pada router. Langsung saja berikut topologi yang akan kita buat :
 |
| Gambar 2 Topologi Passive Interface |
Konfigurasikan alamat ip terlebih dahulu pada masing masing router . Oh, iya setiap router juga membuat interface loopback sesuai dengan nomor router masing masing. contoh : loopback pada R1 = 1.1.1.1/32 .
R1
[admin@R1] > ip address add interface=ether1 address=10.10.10.1/24
[admin@R1] > interface bridge add name=lo0
[admin@R1] > ip address add interface=lo0 address=1.1.1.1/32
[admin@R1] >
[admin@R1] > interface bridge add name=lo0
[admin@R1] > ip address add interface=lo0 address=1.1.1.1/32
[admin@R1] >
R2
[admin@R2] > ip address add interface=ether1 address=10.10.10.2/24
[admin@R2] > interface bridge add name=lo0
[admin@R2] > ip address add interface=lo0 address=2.2.2.2/32
[admin@R2] > ip address add interface=ether2 address=11.11.11.2/24
[admin@R2] >
[admin@R2] > interface bridge add name=lo0
[admin@R2] > ip address add interface=lo0 address=2.2.2.2/32
[admin@R2] > ip address add interface=ether2 address=11.11.11.2/24
[admin@R2] >
R3
[admin@R3] > ip address add interface=ether1 address=11.11.11.3/24
[admin@R3] > interface bridge add name=lo0
[admin@R3] > ip address add interface=lo0 address=3.3.3.3/32
[admin@R3] >
[admin@R3] > interface bridge add name=lo0
[admin@R3] > ip address add interface=lo0 address=3.3.3.3/32
[admin@R3] >
Oke, setelah alamat ip sudah terpasang, jangan lupa lakukan pengujian pada masing masing link dengan menggunakan perintah ping . Selanjutnya, konfigurasikan OSPF seperti biasa :
R1
[admin@R1] > routing ospf network add network=10.10.10.0/24 area=backbone
[admin@R1] > routing ospf network add network=1.1.1.1/32 area=backbone
[admin@R1] >
[admin@R1] > routing ospf network add network=1.1.1.1/32 area=backbone
[admin@R1] >
R2
[admin@R2] > routing ospf area add name=area1 area-id=0.0.0.1
[admin@R2] > routing ospf network add area=backbone network=10.10.10.0/24
[admin@R2] > routing ospf network add area=backbone network=2.2.2.2/32
[admin@R2] > routing ospf network add area=area1 network=11.11.11.0/24
[admin@R2] >
[admin@R2] > routing ospf network add area=backbone network=10.10.10.0/24
[admin@R2] > routing ospf network add area=backbone network=2.2.2.2/32
[admin@R2] > routing ospf network add area=area1 network=11.11.11.0/24
[admin@R2] >
R3
[admin@R3] > routing ospf area add name=area1 area-id=0.0.0.1
[admin@R3] > routing ospf network add area=area1 network=11.11.11.0/24
[admin@R3] > routing ospf network add area=area1 network=3.3.3.3/32
[admin@R3] >
[admin@R3] > routing ospf network add area=area1 network=11.11.11.0/24
[admin@R3] > routing ospf network add area=area1 network=3.3.3.3/32
[admin@R3] >
Nah, sekarang coba kita lihat table routing pada masing masing router . apakah semua network sudah teradvertise ke semua router ?
Table routing R3 .
[admin@R3] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADo 1.1.1.1/32 11.11.11.2 110
1 ADo 2.2.2.2/32 11.11.11.2 110
2 ADC 3.3.3.3/32 3.3.3.3 lo0 0
3 ADo 10.10.10.0/24 11.11.11.2 110
4 ADC 11.11.11.0/24 11.11.11.3 ether1 0
[admin@R3] >
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADo 1.1.1.1/32 11.11.11.2 110
1 ADo 2.2.2.2/32 11.11.11.2 110
2 ADC 3.3.3.3/32 3.3.3.3 lo0 0
3 ADo 10.10.10.0/24 11.11.11.2 110
4 ADC 11.11.11.0/24 11.11.11.3 ether1 0
[admin@R3] >
Nah, by default jika passive interface tidak dikonfigurasikan, maka secara otomatis akan menggunakan passive=no dalam artian interface akan menerima maupun mengirim advertise network . Nah, sekarang kita coba konfigurasikan agar Ether1 router R3 tidak mengirim maupun menerima advertise network , berikut konfigurasinya :
Konfigurasi R3 :
[admin@R3] > routing ospf interface add interface=ether1 passive=yes
[admin@R3] >
[admin@R3] >
Setelah itu coba kita cek kembali table routing nya :
Table Routing R3 :
[admin@R3] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADC 3.3.3.3/32 3.3.3.3 lo0 0
1 ADC 11.11.11.0/24 11.11.11.3 ether1 0
[admin@R3] >
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADC 3.3.3.3/32 3.3.3.3 lo0 0
1 ADC 11.11.11.0/24 11.11.11.3 ether1 0
[admin@R3] >
Terlihat tidak ada rute untuk menuju ke network lain selain network yang terhubung langsung dengan router R3. Artinya, Router R3 tidak menerima LSA ataupun Hello Packet yang berasal dari R2 yang terhubung melalui Ether1 .
Cek juga table routing pada router selain R3 , apakah mendapatkan advertise network menuju ke R3 (3.3.3.3) ?
Table Routing R1 :
[admin@R1] > ip route print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADC 1.1.1.1/32 1.1.1.1 lo0 0
1 ADo 2.2.2.2/32 10.10.10.2 110
2 ADC 10.10.10.0/24 10.10.10.1 ether1 0
3 ADo 11.11.11.0/24 10.10.10.2 110
[admin@R1] >
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme,
B - blackhole, U - unreachable, P - prohibit
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 ADC 1.1.1.1/32 1.1.1.1 lo0 0
1 ADo 2.2.2.2/32 10.10.10.2 110
2 ADC 10.10.10.0/24 10.10.10.1 ether1 0
3 ADo 11.11.11.0/24 10.10.10.2 110
[admin@R1] >
Tidak ada rute menuju ke loopback R3, artinya R3 juga tidak mengirim advertise network ke router lain .
Terimakasih
0 comments