Arsitektur Basic Untuk Menjadi Subnet atau Mitra ISP
Thursday, December 19, 2019
Edit
disini saya akan mensimulasikan hasil lab saya
Katakanlah saya dikasih ip public 180.251.20.0/24 kemudian akan didistribusikan ke perangkat perangkat dan pelanggan
Router-Core-BGP = mempunyai service iBGP
Router-Core-Distribusi = mempunyai service iBGP,PPPOE-Server
Switch-Core = mempunyai service Bridge-Filtering
Pelanggan
1. SDN-Sahapi = mendapatkan ip public dynamic
2. SDN-Serongga = mendapatkan ip public dynamic
3. SDN-Sei-2 = mendapatkan ip public static
Yang ke 3 pelanggan tersebut akan mendapatkan ip public
Kita langsung praktekan saja ya..
-----------Core-BGP
/interface ethernet
set [ find default-name=ether2 ] name=ether2-Core-Distribusi
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/routing bgp instance
add as=64522 client-to-client-reflection=no name=Suneo-AS router-id=180.251.20.1
/ip address
add address=180.251.20.1 interface=ether2-Core-Distribusi network=180.251.20.2
/routing bgp peer
add instance=Suneo-AS name=Peer-Suneo-Distribusi remote-address=180.251.20.2 remote-as=64522 ttl=default update-source=ether2-Core-Distribusi
/system identity
set name=Core-BGP
/tool romon
set enabled=yes
-----------Core-Distribusi
/interface ethernet
set [ find default-name=ether1 ] name=ether1-Core-BGP
set [ find default-name=ether2 ] name=ether2-SwitchCore
/interface vlan
add interface=ether2-SwitchCore name=vlan22 vlan-id=22
add interface=ether2-SwitchCore name=vlan99-manajemen vlan-id=99
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool-ip-public-vlan-22 ranges=180.251.20.111-180.251.20.112
/ppp profile
add local-address=180.251.20.0 name=profile-ppp-vlan-22 rate-limit=1M/2M remote-address=pool-ip-public-vlan-22
/routing bgp instance
add as=64522 client-to-client-reflection=no name=Suneo-AS router-id=180.251.20.2
/interface pppoe-server server
add default-profile=default-encryption disabled=no interface=vlan22 service-name=pppoe-server-vlan-22
/ip address
add address=180.251.20.3 interface=vlan99-manajemen network=180.251.20.4
add address=180.251.20.2 interface=ether1-Core-BGP network=180.251.20.1
/ppp secret
add name=sdn-sehapi password=sdn-sehapi profile=profile-ppp-vlan-22 service=pppoe
add local-address=180.251.20.0 name=sdn-sei2 password=sdn-sei2 profile=default-encryption remote-address=180.251.20.11 service=pppoe
add name=sdn-serongga password=sdn-serongga profile=profile-ppp-vlan-22 service=pppoe
/routing bgp network
add comment=vlan-manajemen network=180.251.20.3/32 synchronize=no
add comment=vlan-manajemen network=180.251.20.4/32 synchronize=no
add comment=pelanggan-ip-public network=180.251.20.111/32 synchronize=no
add comment=pelanggan-ip-public network=180.251.20.112/32 synchronize=no
add comment=pelanggan-ip-public-static-sei-2 network=180.251.20.11/32 synchronize=no
/routing bgp peer
add instance=Suneo-AS name=Peer-Suneo-Core-BGP remote-address=180.251.20.1 remote-as=64522 ttl=default update-source=ether1-Core-BGP
/system identity
set name=Core-Distribusi
/tool romon
set enabled=yes
-----------Switch-Core
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] name=ether1-trunk
/interface vlan
add interface=bridge1 name=vlan99-manajemen vlan-id=99
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=bridge1 interface=ether1-trunk
add bridge=bridge1 interface=ether2 pvid=22
add bridge=bridge1 interface=ether3 pvid=22
add bridge=bridge1 interface=ether4 pvid=22
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1-trunk vlan-ids=99
add bridge=bridge1 tagged=ether1-trunk untagged=ether2,ether3,ether4 vlan-ids=22
/ip address
add address=180.251.20.4 interface=vlan99-manajemen network=180.251.20.3
/ip route
add distance=1 gateway=180.251.20.3
/system identity
set name=Switch-Core
/tool romon
set enabled=yes
-----------SDN-Sehapi
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 password=sdn-sehapi profile=default-encryption user=sdn-sehapi
/ip dhcp-client
add disabled=no interface=ether1
/system identity
set name=SDN-SEHAPI
/tool romon
set enabled=yes
-----------SDN-Serongga
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 password=sdn-serongga profile=default-encryption user=sdn-serongga
/ip dhcp-client
add disabled=no interface=ether1
/system identity
set name=sdn-serongga
/tool romon
set enabled=yes
-----------SDN-Sei-2
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 password=sdn-sei2 profile=default-encryption user=sdn-sei2
/ip dhcp-client
add disabled=no interface=ether1
/system identity
set name=SDN-SEI-2
/tool romon
set enabled=yes
Sekilas ini topologi mirip ISP yah... memang topologi ISP kok cuma perangkat nya mikrotik hahhaa
Yang mau konsul RT RW net nya menjadi ISP bisa kontak saya ya.. ;)
Semoga Bermanfaat
Penulis : Een Pahlefi,S.Kom