Konfigurasi Sederhana OpenBGPD pada FreeBSD.

By : Kabayan OpenBGPD adalah aplikasi gratis untuk implementasi BGP. Sama halnya dengan quagga dan zebra. OpenBGPD bawaan asli dari OpenBSD....

By : Kabayan

OpenBGPD adalah aplikasi gratis untuk implementasi BGP. Sama halnya dengan quagga dan zebra.
OpenBGPD bawaan asli dari OpenBSD.
Jadi kalau mau menggunakan semua fitur OpenBGPD lebih optimal silahkan menggunakan OpenBSD sebagai OSnya.

Disini tidak dijelaskan optimasi kernel untuk running OpenBGPD.
Silahkan cari sendiri bahan2nya, misalkan mengaktifkan PF ALTQ dsb.

Langsung ke topik.

1. Installasi.

- cd /usr/port/net/openbgpd && make install clean

2. Konfigurasi

- Buat file bgpd.conf di /usr/local/etc
vi /usr/local/etc/bgpd.conf
isinya:

##ip upstream1 = 10.10.1.1
##ip upstream2 = 10.10.2.2
##ip internal = 192.168.10.1

##as upstream1 = 1234
##as upstream2 = 5678
##as sendiri   = 91011

AS 91011
router-id 192.168.10.254
holdtime 180
holdtime min 3
listen on 127.0.0.1
listen on 10.10.1.1
listen on 10.10.2.2
listen on 192.168.10.1

fib-update yes
nexthop qualify via bgp
log updates

network 10.10.1.1/30
network 10.10.2.2/30
network 192.168.10.0/24

group "upstreams" {
        announce       all
        announce        capabilities yes
softreconfig    in yes
        softreconfig    out yes
neighbor 10.10.1.1 {
remote-as 1234
descr "upstream1"
multihop 2
set {localpref 100}
}
neighbor 10.10.2.2 {
remote-as 5678
descr "upstream2"
multihop 2
set {localpref 100}
}

}

deny from any
deny from any prefix 0.0.0.0/0

# Bogus Networks
deny to any prefix 10.0.0.0/8 prefixlen >= 8
deny from any prefix 10.0.0.0/8 prefixlen >= 8
deny from any prefix 172.16.0.0/12 prefixlen >= 12
deny from any prefix 192.168.0.0/16 prefixlen >= 16
deny from any prefix 169.254.0.0/16 prefixlen >= 16
deny from any prefix 192.0.2.0/24 prefixlen >= 24
deny from any prefix 224.0.0.0/4 prefixlen >= 4
deny from any prefix 240.0.0.0/4 prefixlen >= 4

allow from {group upstream} prefixlen 8 - 24
allow to {group upstreams} prefixlen 8 - 30
deny to {group upstreams} prefixlen > 24

- ubah permission nya

chmod 600 /usr/local/etc/bgpd.conf

- cek konfigurasinya
bgpd -n
---- akan muncul ----
configuration ok

- jalankan openbgpd

/usr/local/etc/rc.d/ openbgpd forcestart

- Cek bgpnya

bgpctl sh
--- akan muncul ---
Neighbor             AS       MsgRcvd    MsgSent    OutQ Up/Down State/PrfRcvd
upstream1           1234      94447         66     0     01:03:29 263444
upstream2           5678      94447         66     0     01:03:29 263444

- Selesai

## Catatan

kalau ada kesalahan atau menambakan rules lainnya di konfigurasi silahkan buka manual bgpd.conf (man bgpd.conf)

IndoFreeBSD

Konfigurasi Sederhana OpenBGPD pada FreeBSD.

Labels:

COMMENTS

100+ Social Counters$type=social_counter

MAIN QUOTE$quote=Steve Jobs

/fa-clock-o/ WEEK TRENDING$type=list

RECENT WITH THUMBS$type=blogging$m=0$cate=0$sn=0$rm=0$c=4$va=0

RECENT$type=list-tab$date=0$au=0$c=5

REPLIES$type=list-tab$com=0$c=4$src=recent-comments

RANDOM$type=list-tab$date=0$au=0$c=5$src=random-posts

/fa-fire/ YEAR POPULAR$type=one

Konfigurasi Sederhana OpenBGPD pada FreeBSD.

Labels:

SHARE:

COMMENTS

100+ Social Counters$type=social_counter

MAIN QUOTE$quote=Steve Jobs

/fa-clock-o/ WEEK TRENDING$type=list

RECENT WITH THUMBS$type=blogging$m=0$cate=0$sn=0$rm=0$c=4$va=0

RECENT$type=list-tab$date=0$au=0$c=5

REPLIES$type=list-tab$com=0$c=4$src=recent-comments

RANDOM$type=list-tab$date=0$au=0$c=5$src=random-posts

/fa-fire/ YEAR POPULAR$type=one