Lab kali ini kita akan membahas bagaimana cara konfigurasi filtering pada routing RIP menggunakan standart ACL.
Lab 6 - RIP - Filtering - Standar ACL
Topologi yang digunakan :
Skenario adalah sbb :
- Router R1 akan melakukan advertise semua IP Loopback ke arah routing RIP
- Router R2 akan melakukan filtering terhadap IP Loopback tertentu dari R1.
Konfigurasi R1:
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
ip address 10.0.0.1 255.255.255.255
!
interface Loopback2
ip address 10.0.0.2 255.255.255.255
!
interface Loopback3
ip address 10.0.0.3 255.255.255.255
!
interface Loopback4
ip address 10.0.0.4 255.255.255.255
!
interface Loopback5
ip address 10.0.0.5 255.255.255.255
!
interface Loopback6
ip address 10.0.0.6 255.255.255.255
!
interface FastEthernet0/0
ip address 12.12.12.1 255.255.255.0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
ip address 10.0.0.1 255.255.255.255
!
interface Loopback2
ip address 10.0.0.2 255.255.255.255
!
interface Loopback3
ip address 10.0.0.3 255.255.255.255
!
interface Loopback4
ip address 10.0.0.4 255.255.255.255
!
interface Loopback5
ip address 10.0.0.5 255.255.255.255
!
interface Loopback6
ip address 10.0.0.6 255.255.255.255
!
interface FastEthernet0/0
ip address 12.12.12.1 255.255.255.0
!
router rip
version 2
network 1.0.0.0
network 10.0.0.0
network 11.0.0.0
network 12.0.0.0
no auto-summary
version 2
network 1.0.0.0
network 10.0.0.0
network 11.0.0.0
network 12.0.0.0
no auto-summary
Konfigurasi R2 :
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 12.12.12.2 255.255.255.0
!
interface FastEthernet0/1
ip address 23.23.23.2 255.255.255.0
!
router rip
version 2
network 2.0.0.0
network 12.0.0.0
network 23.0.0.0
no auto-summary
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
ip address 12.12.12.2 255.255.255.0
!
interface FastEthernet0/1
ip address 23.23.23.2 255.255.255.0
!
router rip
version 2
network 2.0.0.0
network 12.0.0.0
network 23.0.0.0
no auto-summary
Konfigurasi R3 :
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 23.23.23.3 255.255.255.0
!
router rip
version 2
network 3.0.0.0
network 23.0.0.0
no auto-summary
R2(config-router)#do sh ip route
Gateway of last resort is not set
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 23.23.23.3, 00:00:11, FastEthernet0/1
23.0.0.0/24 is subnetted, 1 subnets
C 23.23.23.0 is directly connected, FastEthernet0/1
10.0.0.0/32 is subnetted, 6 subnets
R 10.0.0.2 [120/1] via 12.12.12.1, 00:00:25, FastEthernet0/0
R 10.0.0.3 [120/1] via 12.12.12.1, 00:00:25, FastEthernet0/0
R 10.0.0.1 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
R 10.0.0.6 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
R 10.0.0.4 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
R 10.0.0.5 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, FastEthernet0/0
Selanjutnya kita akan coba melakukan filtering dari router R2 untuk IP Loopback R1 yang di advertise ke RIP difilter hanya yang genap saja yang boleh dilewatkan.ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 23.23.23.3 255.255.255.0
!
router rip
version 2
network 3.0.0.0
network 23.0.0.0
no auto-summary
Kita cek routing table pada R2 :
R2(config-router)#do sh ip route
Gateway of last resort is not set
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 23.23.23.3, 00:00:11, FastEthernet0/1
23.0.0.0/24 is subnetted, 1 subnets
C 23.23.23.0 is directly connected, FastEthernet0/1
10.0.0.0/32 is subnetted, 6 subnets
R 10.0.0.2 [120/1] via 12.12.12.1, 00:00:25, FastEthernet0/0
R 10.0.0.3 [120/1] via 12.12.12.1, 00:00:25, FastEthernet0/0
R 10.0.0.1 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
R 10.0.0.6 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
R 10.0.0.4 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
R 10.0.0.5 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, FastEthernet0/0
R2(config-router)#exit
R2(config)#access-list 1 permit 0.0.0.0 255.255.255.254
R2(config)#router ripR2(config)#access-list 1 permit 0.0.0.0 255.255.255.254
R2(config-router)#distribute-list 1 in fa0/0
R2(config-router)#do clear ip route *
Kita cek lagi routing table di R2 :
R2(config)#do sh ip route
Gateway of last resort is not set2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 23.23.23.3, 00:00:01, FastEthernet0/1
23.0.0.0/24 is subnetted, 1 subnets
C 23.23.23.0 is directly connected, FastEthernet0/1
10.0.0.0/32 is subnetted, 3 subnets
R 10.0.0.2 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
R 10.0.0.6 [120/1] via 12.12.12.1, 00:00:01, FastEthernet0/0
R 10.0.0.4 [120/1] via 12.12.12.1, 00:00:03, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, FastEthernet0/0
Terlihat bahwa untuk routing table IP Loopback R1 yang diterima di R2 hanya menerima dari IP yang genap saja.
Kita coba balik, agar IP Loopback R1 yang diterima hanya yang ganjil saja.
R2(config)#no access-list 1
R2(config)#access-list 1 permit 0.0.0.1 255.255.255.254
R2(config)#do clear ip route *
Kita cek lagi routing table di R2 :
R2(config)#do sh ip route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 12.12.12.1, 00:00:02, FastEthernet0/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 23.23.23.3, 00:00:02, FastEthernet0/1
23.0.0.0/24 is subnetted, 1 subnets
C 23.23.23.0 is directly connected, FastEthernet0/1
10.0.0.0/32 is subnetted, 3 subnets
R 10.0.0.3 [120/1] via 12.12.12.1, 00:00:02, FastEthernet0/0
R 10.0.0.1 [120/1] via 12.12.12.1, 00:00:04, FastEthernet0/0
R 10.0.0.5 [120/1] via 12.12.12.1, 00:00:04, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, FastEthernet0/0
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 12.12.12.1, 00:00:02, FastEthernet0/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 23.23.23.3, 00:00:02, FastEthernet0/1
23.0.0.0/24 is subnetted, 1 subnets
C 23.23.23.0 is directly connected, FastEthernet0/1
10.0.0.0/32 is subnetted, 3 subnets
R 10.0.0.3 [120/1] via 12.12.12.1, 00:00:02, FastEthernet0/0
R 10.0.0.1 [120/1] via 12.12.12.1, 00:00:04, FastEthernet0/0
R 10.0.0.5 [120/1] via 12.12.12.1, 00:00:04, FastEthernet0/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, FastEthernet0/0
Terlihat bahwa untuk IP Loopback R1 yang diterima di R2 hanya yang ganjil saja.
Sehingga untuk filtering menggunakan standar ACL dan distribute-list konfigurasinya sudah berjalan dengan baik :)
Tidak ada komentar:
Posting Komentar