Scribd Logo
Upload

Welcome to Scribd!

  • Campus Networks Typical Configuration Examples

    Uploaded by

    christyan leon
    13 views5 pages

    Original Title

    00-2 Contents

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views5 pages

    Campus Networks Typical Configuration Examples

    Uploaded by

    christyan leon

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Campus Networks Typical Configuration Examples Contents

    Contents

    1 About This Document.............................................................................................................1


    2 Quick Guide to This Document............................................................................................ 4
    3 Campus Network Connectivity Deployment.....................................................................6
    3.1 Key Points of Network Connectivity Deployment........................................................................................................ 6
    3.2 Deployment Differences Between Two-Layer and Three-Layer Network Architectures................................ 8
    3.3 Deployment Differences Between a Standalone AC and an ACU2..................................................................... 10
    3.4 Typical CSS and Stack Deployment................................................................................................................................ 11
    3.5 Native AC Solution: Core Switches Function as the Gateway for Wired and Wireless Users.....................23
    3.6 Native AC Solution: Aggregation Switches Function as Gateways for Wired and Wireless Users........... 37
    3.7 Native AC + SVF Solution: the Parent Containing Core Switches Functions as the Gateway for Wired
    and Wireless Users.......................................................................................................................................................................53
    3.8 Native AC + SVF Solution: Parents Containing Aggregation Switches Function as Gateways for Wired
    and Wireless Users.......................................................................................................................................................................72
    3.9 Standalone AC Solution: Core Switches Function as the Gateway for Wired and Wireless Users........... 93
    3.10 Standalone AC Solution: Aggregation Switches Function as Gateways for Wired and Wireless Users
    ......................................................................................................................................................................................................... 115
    3.11 Standalone AC Solution: Core Switches and ACs Function as the Gateways for Wired and Wireless
    Users Respectively..................................................................................................................................................................... 139
    3.12 Standalone AC Solution: Aggregation Switches and ACs Function as the Gateways for Wired and
    Wireless Users Respectively....................................................................................................................................................162

    4 Campus Egress Deployment............................................................................................. 186


    4.1 Key Points of Campus Egress Deployment................................................................................................................ 186
    4.2 Deploying Firewalls as Egress Devices........................................................................................................................ 188
    4.3 Deploying Firewalls in Off-Path Mode........................................................................................................................207
    4.4 Connecting Firewalls to Egress Routers Directly..................................................................................................... 225
    4.5 Deploying IPSec on Firewalls for Secure Communication with the Headquarters......................................244
    4.6 Deploying IPSec on Egress Routers for Communication Between the Headquarters and Branch........ 262
    4.7 Connecting an Egress Router in a Branch to the Headquarters Through a Private Line.......................... 276

    5 Wireless Coverage Deployment....................................................................................... 292


    5.1 Key Points of Wireless Coverage Deployment..........................................................................................................292
    5.2 Common WLAN Coverage...............................................................................................................................................292
    5.3 Agile Distributed Wi-Fi Coverage..................................................................................................................................294
    5.4 High-Density WLAN Coverage....................................................................................................................................... 297

    Issue 01 (2020-06-04) Copyright © Huawei Technologies Co., Ltd. ii


    Campus Networks Typical Configuration Examples Contents

    5.5 WDS Backhaul..................................................................................................................................................................... 300

    6 Wired and Wireless User Access Authentication Deployment.................................311


    6.1 Key Points of User Access Authentication Deployment........................................................................................ 311
    6.2 Native AC + Free Mobility Solution: Core Switches Function as the Authentication Point for Wired and
    Wireless Users............................................................................................................................................................................. 313
    6.3 Native AC + Policy Association Solution: Core Switches Function as the Authentication Point for Wired
    and Wireless Users.................................................................................................................................................................... 340
    6.4 Native AC + NAC Solution: Core Switches Function as the Authentication Point for Wired and Wireless
    Users............................................................................................................................................................................................... 370
    6.5 Native AC + Policy Association Solution: Aggregation Switches Function as the Authentication Points
    for Wired and Wireless Users................................................................................................................................................ 397
    6.6 Native AC + NAC Solution: Aggregation Switches Function as the Authentication Points for Wired and
    Wireless Users............................................................................................................................................................................. 430
    6.7 Native AC + Free Mobility Solution: Parent (Core Switches) in an SVF System Functions as the
    Authentication Point................................................................................................................................................................. 460
    6.8 Native AC + NAC Solution: Parent (Core Switches) in an SVF System Functions as the Authentication
    Point............................................................................................................................................................................................... 486
    6.9 Standalone AC + NAC Solution: Core Switches and ACs Function as the Authentication Points for
    Wired and Wireless Users Respectively.............................................................................................................................. 512
    6.10 Standalone AC + NAC Solution: Aggregation Switches and ACs Function as the Authentication Points
    for Wired and Wireless Users Respectively....................................................................................................................... 543

    7 Security Deployment.......................................................................................................... 580


    7.1 Key Points of Security Deployment.............................................................................................................................. 580
    7.2 Campus Internal Network Security.............................................................................................................................. 581
    7.2.1 Deployment Roadmap.................................................................................................................................................. 581
    7.2.2 Example for Configuring Device Login Security................................................................................................... 595
    7.2.3 Example for Configuring Access Device Security................................................................................................. 598
    7.2.4 Example for Configuring Core Device Security..................................................................................................... 601
    7.2.5 Example for Configuring Wireless Service Security............................................................................................. 603
    7.3 Campus Egress Security....................................................................................................................................................604

    8 QoS Deployment................................................................................................................. 622


    8.1 Key Points of QoS Deployment..................................................................................................................................... 622
    8.2 Aggregation Switch: Increasing the Priority of Special Traffic........................................................................... 623

    9 Campus Network Deployment Practices....................................................................... 629


    9.1 Network Deployment in Small- and Medium-Sized Stores (AR Router Functioning as an Egress
    Gateway)...................................................................................................................................................................................... 629
    9.1.1 Application Scenario and Service Requirements.................................................................................................. 629
    9.1.2 Solution Design................................................................................................................................................................ 630
    9.1.3 Deployment Roadmap and Data Plan..................................................................................................................... 631
    9.1.4 Deployment Procedure..................................................................................................................................................636
    9.1.4.1 Configuring the AR6300............................................................................................................................................ 636
    9.1.4.2 Configuring the S5731-S........................................................................................................................................... 639
    9.1.4.3 Configuring the AC6605............................................................................................................................................ 645

    Issue 01 (2020-06-04) Copyright © Huawei Technologies Co., Ltd. iii


    Campus Networks Typical Configuration Examples Contents

    9.1.5 Verifying the Deployment............................................................................................................................................ 651


    9.1.6 Configuration Files..........................................................................................................................................................651
    9.2 Higher Education Campus Network Deployment (ME60 Used as the Gateway and Authentication
    Point + Firewall Used as the Egress)...................................................................................................................................655
    9.2.1 Application Scenario and Service Requirements.................................................................................................. 655
    9.2.2 Solution Design................................................................................................................................................................ 657
    9.2.3 Deployment Roadmap and Data Plan..................................................................................................................... 660
    9.2.4 Deployment Procedure.................................................................................................................................................. 676
    9.2.4.1 Configuring Access Switches (S5735-L)............................................................................................................... 676
    9.2.4.2 Configuring Aggregation Switches (S6730-H).................................................................................................. 678
    9.2.4.3 Configuring the Core Switch (S12708E).............................................................................................................. 679
    9.2.4.4 Configuring the ME60................................................................................................................................................ 682
    9.2.4.5 Configuring Firewalls (USG6315E)........................................................................................................................ 690
    9.2.5 Verifying the Deployment............................................................................................................................................ 696
    9.2.6 Configuration Files..........................................................................................................................................................697
    9.3 Deployment of a Subway Bearer Network Featuring High-Speed Self Recovery........................................709
    9.3.1 Service Requirements and Solution Description...................................................................................................709
    9.3.2 Basic Configurations...................................................................................................................................................... 713
    9.3.2.1 Data Plan........................................................................................................................................................................ 713
    9.3.2.2 Configuring Device Information............................................................................................................................. 717
    9.3.2.3 Configuring Interfaces................................................................................................................................................718
    9.3.2.4 Enabling BFD................................................................................................................................................................. 720
    9.3.3 Deploying OSPF............................................................................................................................................................... 720
    9.3.3.1 Deployment Roadmap............................................................................................................................................... 721
    9.3.3.2 Configuring OSPF........................................................................................................................................................ 721
    9.3.4 Deploying MPLS LDP..................................................................................................................................................... 723
    9.3.4.1 Deployment Roadmap............................................................................................................................................... 724
    9.3.4.2 Data Plan........................................................................................................................................................................ 724
    9.3.4.3 Enabling MPLS LDP.....................................................................................................................................................725
    9.3.4.4 Configuring Synchronization Between LDP and OSPF................................................................................... 726
    9.3.4.5 Configuring LDP GR.................................................................................................................................................... 727
    9.3.4.6 Configuring BFD for LSPs.......................................................................................................................................... 728
    9.3.5 Deploying MPLS TE........................................................................................................................................................ 729
    9.3.5.1 Deployment Roadmap............................................................................................................................................... 729
    9.3.5.2 Data Plan........................................................................................................................................................................ 730
    9.3.5.3 Configuring MPLS TE Tunnels and Hot Standby.............................................................................................. 733
    9.3.5.4 Configuring RSVP GR..................................................................................................................................................737
    9.3.5.5 Configuring BFD for CR-LSPs................................................................................................................................... 737
    9.3.6 Deploying L3VPN Services and Protection (HoVPN).......................................................................................... 740
    9.3.6.1 Deployment Roadmap............................................................................................................................................... 740
    9.3.6.2 Data Plan........................................................................................................................................................................ 742
    9.3.6.3 Configuring MP-BGP...................................................................................................................................................746
    9.3.6.4 Configuring L3VPN......................................................................................................................................................749

    Issue 01 (2020-06-04) Copyright © Huawei Technologies Co., Ltd. iv


    Campus Networks Typical Configuration Examples Contents

    9.3.6.5 Configuring Reliability Protection.......................................................................................................................... 751


    9.3.7 Configuration Files..........................................................................................................................................................756
    9.3.7.1 Core_SPE1 configuration file................................................................................................................................... 756
    9.3.7.2 Core_SPE2 configuration file................................................................................................................................... 762
    9.3.7.3 Core_SPE3 configuration file................................................................................................................................... 768
    9.3.7.4 Site1_UPE1 configuration file.................................................................................................................................. 774
    9.3.7.5 Site1_UPE2 configuration file.................................................................................................................................. 778
    9.3.7.6 Site2_UPE3 configuration file.................................................................................................................................. 781
    9.3.7.7 Site2_UPE4 configuration file.................................................................................................................................. 785
    9.3.7.8 Site3_UPE5 configuration file.................................................................................................................................. 788
    9.3.7.9 Site3_UPE6 configuration file.................................................................................................................................. 791
    9.4 ISP Network Deployment for Internet Access of Home Users and Enterprise Users................................. 795
    9.4.1 Application Scenario and Service Requirements.................................................................................................. 795
    9.4.2 Solution Design................................................................................................................................................................ 796
    9.4.3 Deployment Roadmap and Data Plan..................................................................................................................... 798
    9.4.4 Deployment Procedure.................................................................................................................................................. 804
    9.4.4.1 Configuring Egress Gateways (S6730-H)............................................................................................................ 804
    9.4.4.2 Configuring a Stack of Aggregation Switches (S5731-H-5)......................................................................... 807
    9.4.4.3 Configuring Aggregation Switches (S6730-H).................................................................................................. 809
    9.4.4.4 Configuring the Access Switch S5735-L-6........................................................................................................... 810
    9.4.5 Verifying the Deployment............................................................................................................................................ 813
    9.4.6 Configuration Files..........................................................................................................................................................814
    9.5 ISP Network Deployment for Integrated Access in Large Enterprises............................................................. 823
    9.5.1 Application Scenario and Service Requirements.................................................................................................. 823
    9.5.2 Solution Design................................................................................................................................................................ 824
    9.5.3 Deployment Roadmap and Data Plan..................................................................................................................... 826
    9.5.4 Deployment Procedure.................................................................................................................................................. 829
    9.5.4.1 Configuring PE1............................................................................................................................................................829
    9.5.4.2 Configuring PE2............................................................................................................................................................836
    9.5.4.3 Configuring P Devices................................................................................................................................................ 842
    9.5.4.4 Configuring RRs............................................................................................................................................................ 848
    9.5.4.5 Configuring Router......................................................................................................................................................851
    9.5.4.6 Configuring SW1.......................................................................................................................................................... 855
    9.5.4.7 Configuring SW2.......................................................................................................................................................... 856
    9.5.5 Verifying the Deployment............................................................................................................................................ 857
    9.5.6 Configuration Files..........................................................................................................................................................858
    9.6 ISP Backbone Network Deployment for Mutual Access of Sites in an Enterprise....................................... 877
    9.6.1 Application Scenario and Service Requirements.................................................................................................. 877
    9.6.2 Solution Design................................................................................................................................................................ 878
    9.6.3 Deployment Roadmap and Data Plan..................................................................................................................... 879
    9.6.4 Deployment Procedure.................................................................................................................................................. 883
    9.6.4.1 Configuring S12700E-4_P1....................................................................................................................................... 883

    Issue 01 (2020-06-04) Copyright © Huawei Technologies Co., Ltd. v


    Campus Networks Typical Configuration Examples Contents

    9.6.4.2 Configuring S12700E-4_P3....................................................................................................................................... 887


    9.6.4.3 Configuring RR_1......................................................................................................................................................... 890
    9.6.4.4 Configuring Router_1................................................................................................................................................. 893
    9.6.5 Verifying the Deployment............................................................................................................................................ 895
    9.6.6 Configuration Files..........................................................................................................................................................896

    Issue 01 (2020-06-04) Copyright © Huawei Technologies Co., Ltd. vi

    You might also like