Lab 17. RIP - Filtering - Distribute List

RIP Filtering

• Setiap route yang diterima oleh Router RIP akan dimasukkan ke dalam RIP Database. Namun route tersebut masih dapat diatur sehingga tidak semuanya perlu untuk ditampilkan ke dalam tabel routing.
• Filtering dapat diterapkan pada inbound dan outbound.
• Untuk melakukan filtering dapat menggunakan Offset List, Distribute List serta merubah nilai Administrative Distance sebuah route nya.
• Penggunaan passive interface akan memfilter outbound saja, karena RIP tidak akan mengirimkan update apapun, namun masih tetap bisa menerima update dari router lain.

Distribute List digunakan untuk mengontrol proses dan mengadvertise route di dalam routing update. Ada dua perintah distribute list yaitu:

• Distribute-list in digunakan untuk mengontrol proses dan mengadvertise route yang masuk di update routing.
• Distribute-list out digunakan untuk mengontrol proses dan mengadvertise route yang keluar di update routing.

Tujuan Lab :

• Memfilter beberapa route untuk tidak ditampilkan dalam tabel routing

Topologi Lab :

Metode Lab :

• Masih menggunakan topologi sebelumnya
• Buat beberapa IP Loopback di Router R1 kemudian advertise ke RIP
• Cek route tersebut di Router R3
• Buat filtering route dengan Distribute List terhadap route ganjil di Router R2 ke arah Router R3
• Cek kembali di Router R3 dan pastikan route yang difilter tidak muncul lagi dalam tabel routing

Verifikasi Lab :

• Cek tabel routing di sisi Router R3 baik sebelum dan setelah difiltering

Konfigurasi Router R1

hostname R1

!

interface Loopback0

 no ip address

!

interface Loopback1

 ip address 10.0.0.1 255.255.255.255

!

interface Loopback2

 ip address 10.0.0.2 255.255.255.255

!

interface Loopback3

 ip address 10.0.0.3 255.255.255.255

!

interface Loopback4

 ip address 10.0.0.4 255.255.255.255

!

interface Loopback5

 ip address 10.0.0.5 255.255.255.255

!

interface Loopback6

 ip address 10.0.0.6 255.255.255.255

!

interface Serial0/0

 ip address 12.12.12.1 255.255.255.0

 clock rate 2000000

!

router rip

 version 2

 network 10.0.0.0

 network 12.0.0.0

 no auto-summary

!

Konfigurasi Router R2

hostname R2

!

interface FastEthernet0/0

 ip address 23.23.23.2 255.255.255.0

 duplex auto

 speed auto

!

interface Serial0/0

 ip address 12.12.12.2 255.255.255.0

 clock rate 2000000

!

router rip

 version 2

 network 12.0.0.0

 network 23.0.0.0

 no auto-summary

Konfigurasi Router R3

hostname R2

!

interface FastEthernet0/0

 ip address 23.23.23.3 255.255.255.0

 duplex auto

 speed auto

!

router rip

 version 2

 network 23.0.0.0

 no auto-summary

Cek tabel routing pada Router R3, pastikan semua IP Loopback Router R1 terlihat route nya di Router R3

R3#sh ip route rip

     10.0.0.0/32 is subnetted, 6 subnets

R       10.0.0.2 [120/2] via 23.23.23.2, 00:00:27, FastEthernet0/0

R       10.0.0.3 [120/2] via 23.23.23.2, 00:00:27, FastEthernet0/0

R       10.0.0.1 [120/2] via 23.23.23.2, 00:00:27, FastEthernet0/0

R       10.0.0.6 [120/2] via 23.23.23.2, 00:00:27, FastEthernet0/0

R       10.0.0.4 [120/2] via 23.23.23.2, 00:00:27, FastEthernet0/0

R       10.0.0.5 [120/2] via 23.23.23.2, 00:00:27, FastEthernet0/0

     12.0.0.0/24 is subnetted, 1 subnets

R       12.12.12.0 [120/1] via 23.23.23.2, 00:00:27, FastEthernet0/0

Untuk memastikannya, lakukan tes ping ke salah satu IP Loopback tersebut

R3#ping 10.0.0.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/36/60 ms

Selanjutnya lakukan filtering pada Router R2, di mana IP Loopback Router R1 yang diadvertise ke dalam RIP difilter hanya yang genap saja yang boleh diizinkan. Pada lab ini saya menggunakan distribute-list out karena route menuju keluar jaringan Router R2 dengan filter tujuannya yaitu Router R3.

R2(config)#router rip

R2(config-router)#distribute-list 1 out FastEthernet0/0

R2(config)#access-list 1 permit 0.0.0.0 255.255.255.254

R2#clear ip route *

Jika diterapkan pada Router R2 ditribute-list in di set terhadap interface Serial0/0, maka pada sisi Router R2 juga hanya akan memiliki route genap saja, sama seperti halnya pada Router R3

Cek kembali tabel routing Router R3

R3#sh ip route rip

     10.0.0.0/32 is subnetted, 3 subnets

R       10.0.0.2 [120/2] via 23.23.23.2, 00:00:27, FastEthernet0/0

R       10.0.0.6 [120/2] via 23.23.23.2, 00:00:27, FastEthernet0/0

R       10.0.0.4 [120/2] via 23.23.23.2, 00:00:27, FastEthernet0/0

     12.0.0.0/24 is subnetted, 1 subnets

R       12.12.12.0 [120/1] via 23.23.23.2, 00:00:27, FastEthernet0/0

Dalam kondisi ini hanya IP 10.0.0.2, 10.0.0.4 dan 10.0.0.6 saja yang dapat diping, sedangkan 10.0.0.1, 10.0.0.3 dan 10.0.0.5 tidak dapat di ping

R3#ping 10.0.0.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

R3#ping 10.0.0.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/35/60 ms

R3#ping 10.0.0.3

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

R3#ping 10.0.0.4

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 8/31/56 ms

R3#ping 10.0.0.5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

R3#ping 10.0.0.6

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.6, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 12/34/64 ms

Perlu diperhatikan bahwa yang difiler hanya route nya saja, bukan paketnya. Artinya kalau dibuat defalut di Router R3 ke ara Router R2, maka IP yang tidak tampil dalam tabel routing tetap dapat di ping

R3(config)#ip route 0.0.0.0 0.0.0.0 23.23.23.2

R3#ping 10.0.0.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/32/80 ms

R3#ping 10.0.0.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/36/56 ms

R3#ping 10.0.0.3

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/31/56 ms

R3#ping 10.0.0.4

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.4, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/35/68 ms

R3#ping 10.0.0.5

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.5, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 24/36/52 ms

R3#ping 10.0.0.6

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.0.0.6, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/28/44 ms

Sumber: id-networkers

Next Lab >> Lab 18. RIP - Filtering - Administrative Distance

Previous Lab >> Lab 16. RIP Convergence Timers