Scribd Logo
Upload

Welcome to Scribd!

  • Template Nip Vpnl3 Multivrf Atn905 Scl2100er Colorado 29 - 180124

    Uploaded by

    Cesar Lopez
    7 views8 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views8 pages

    Template Nip Vpnl3 Multivrf Atn905 Scl2100er Colorado 29 - 180124

    Uploaded by

    Cesar Lopez

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 8

    #HUAWEI A905 STREET CELL MVRF

    #R9 SCL2100ER COLORADO 29

    ! hostname

    system-view
    sysname R09-415273R-905A-01

    ! Configure Loopbacks

    interface Loopback 0
    description for IPSYSTEM
    ip address 10.75.148.177 255.255.255.255

    ! configuration FTP

    ftp server enable


    ftp client-source -i Loopback0

    ! configure info-center

    info-center source SHELL channel 4 log level informational


    info-center loghost source LoopBack0
    info-center loghost 10.209.41.58
    info-center loghost 10.119.164.208

    ! configure time

    clock timezone MEX minus 06:00:00


    clock daylight-saving-time MEX repeating 02:00 first Sun Apr 02:00 last Sun Oct
    01:00 2015 2037

    ! enable bfd

    bfd

    ! configure aaa database

    aaa
    local-user root password cipher Ma2!sD8#
    Changeme_123
    local-user root service-type ssh ftp
    local-user root level 15
    local-user root ftp-directory cfcard:
    local-user telcel password cipher Telcel@123
    local-user telcel service-type ssh ftp
    local-user telcel level 15
    local-user telcel ftp-directory cfcard:

    ! configure Wireless_In diffserv

    diffserv domain Wireless_In


    ip-dscp-inbound 0 phb be green
    ip-dscp-inbound 8 phb af1 green
    ip-dscp-inbound 18 phb af2 green
    ip-dscp-inbound 26 phb ef green
    ip-dscp-inbound 34 phb af3 green
    ip-dscp-inbound 46 phb ef green
    ip-dscp-inbound 56 phb af4 green

    ! configure Wireless_Out diffserv

    diffserv domain Wireless_Out


    8021p-outbound be green map 0
    8021p-outbound af1 green map 4
    8021p-outbound af2 green map 2
    8021p-outbound af3 green map 3
    8021p-outbound af4 green map 6
    8021p-outbound ef green map 5

    flow-queue Telcel_FlowQueue-L3_300
    queue be wfq weight 23
    queue af1 wfq weight 23
    queue af2 wfq weight 23
    queue af3 wfq weight 5
    queue af4 wfq weight 5
    queue af3 pq shaping 30000
    queue ef pq shaping 60000

    qos-profile Telcel_FlowQueue-L3_300
    user-queue cir 300000 pir 300000 flow-queue Telcel_FlowQueue-L3_300

    ! configure NTP

    quit
    undo ntp-service server disable
    ntp-service unicast-server 10.33.19.70
    ntp-service unicast-server 10.40.56.70 preference

    ! configure BGP

    bgp 65000
    router-id 10.75.148.177
    graceful-restart

    ! configure SNMP

    snmp-agent
    snmp-agent community write cipher Huawei_oam_IPRAN
    snmp-agent sys-info version all
    snmp-agent group v3 IPRAN privacy
    snmp-agent target-host trap address udp-domain 10.119.155.13 source LoopBack0 vpn-
    instance Telcel_IP_OAM params securityname cipher Huawei_oam_IPRAN
    snmp-agent target-host trap address udp-domain 10.191.155.10 source LoopBack0
    params securityname cipher Huawei_oam_IPRAN
    snmp-agent target-host trap address udp-domain 10.191.155.12 source LoopBack0
    params securityname cipher Huawei_oam_IPRAN
    snmp-agent target-host trap address udp-domain 10.191.155.13 source LoopBack0
    params securityname cipher Huawei_oam_IPRAN
    snmp-agent trap enable
    y
    snmp-agent trap source LoopBack0
    snmp-agent trap enable feature-name lldp
    snmp-agent extend error-code enable
    snmp-agent usm-user v3 IPRAN
    snmp-agent usm-user v3 IPRAN group IPRAN
    snmp-agent usm-user v3 IPRAN authentication-mode sha
    TiPran!21
    TiPran!21
    snmp-agent usm-user v3 IPRAN privacy-mode aes128
    TiPran!21
    TiPran!21
    snmp-agent trap source LoopBack0
    snmp-agent extend error-code enable
    snmp-agent trap enable
    y

    ! configure SSH

    undo ssh server compatible-ssh1x enable


    stelnet server enable
    ssh authentication-type default password
    ssh client first-time enable

    ! configure user-interfaces

    user-interface vty 0 4
    authentication-mode aaa
    user privilege level 15
    protocol inbound ssh

    user-interface vty 16 20
    authentication-mode aaa
    user privilege level 15
    protocol inbound ssh

    hwtacacs-server template telcel


    hwtacacs-server authentication 10.119.248.18
    hwtacacs-server authentication 10.211.6.237 secondary
    hwtacacs-server authorization 10.119.248.18
    hwtacacs-server authorization 10.211.6.237 secondary
    hwtacacs-server accounting 10.119.248.18
    hwtacacs-server accounting 10.211.6.237 secondary
    hwtacacs-server shared-key cipher secret123
    hwtacacs-server source-ip 10.171.71.93
    undo hwtacacs-server user-name domain-included

    aaa
    authentication-scheme telcel
    authentication-mode hwtacacs local

    authorization-scheme telcel
    authorization-mode hwtacacs local
    authorization-cmd 15 hwtacacs local
    accounting-scheme telcel
    accounting-mode hwtacacs
    accounting send-update
    accounting start-fail online

    !Configuración VPN FRR

    system
    route-policy VPN_FRR permit node 10
    apply backup-nexthop auto

    !Configuración de VPNs de servicios

    ip vpn-instance Telcel_2G
    ipv4-family
    route-distinguisher 65000:11
    vpn frr route-policy VPN_FRR
    apply-label per-instance

    ip vpn-instance Telcel_3G
    ipv4-family
    route-distinguisher 65000:1100
    vpn frr route-policy VPN_FRR
    apply-label per-instance

    ip vpn-instance Telcel_CFE
    ipv4-family
    route-distinguisher 65000:800
    vpn frr route-policy VPN_FRR
    apply-label per-instance

    ip vpn-instance Telcel_LTE
    ipv4-family
    route-distinguisher 65000:5
    vpn frr route-policy VPN_FRR
    apply-label per-instance

    ip vpn-instance Telcel_IP_OAM
    ipv4-family
    route-distinguisher 65000:6
    vpn frr route-policy VPN_FRR
    apply-label per-instance

    !Configuración de políticas de servicios

    route-policy advertise_OAM permit node 10


    description advertise_OAM_service_ip_to_transmission
    apply community 8151:285 64800:1 8151:377 additive

    route-policy advertise_2G permit node 10


    description advertise_2G_service_ip_to_transmission
    apply community 8151:285 8151:342 8151:379 64800:1 additive

    route-policy advertise_3G permit node 10


    description advertise_3G_service_ip_to_transmission
    apply community 8151:285 8151:376 64800:1 additive

    route-policy advertise_LTE permit node 10


    description advertise_LTE_service_ip_to_transmission
    apply community 8151:285 8151:375 64800:1 additive

    route-policy advertise_CFE permit node 10


    description advertise_CFE_service_ip_to_transmission
    apply community 8151:285 8151:391 64800:1 additive

    route-policy advertise_CAC permit node 10


    description advertise_CAC_service_ip_to_transmission
    apply community 8151:285 64800:1 8151:377 additive

    route-policy advertise_WIFI permit node 10


    description advertise_WIFI_service_ip_to_transmission
    apply community 8151:285 64800:1 8151:378 additive

    route-policy advertise_SPIDERCLOUD permit node 10


    description advertise_SPIDERCLOUD_service_ip_to_transmission
    apply community 8151:285 64800:1 8151:391 additive

    ip ip-prefix default-route index 10 permit 0.0.0.0 0

    route-policy receive_default_route permit node 100


    description only_ receive_default_route_from_transmission
    if-match ip-prefix default-route
    apply local-preference 200

    !Asociar VPN de servicios a puertos

    interface GigabitEthernet0/2/1
    description To_UNINET_UG0-1804-0044
    undo shutdown
    mtu 1530
    mode user-termination
    dcn

    interface GigabitEthernet0/2/1.100
    description To_UNINET_C30-2003-0673_Telcel_3G
    control-vid 10 qinq-termination
    qinq termination pe-vid 417 ce-vid 100
    ip binding vpn-instance Telcel_3G
    ip address 10.206.57.243 255.255.255.254
    arp broadcast enable
    qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 100
    trust upstream Wireless_Out
    trust 8021p

    interface GigabitEthernet0/2/1.101
    description To_UNINET_C30-2003-0673_Telcel_LTE
    control-vid 11 qinq-termination
    qinq termination pe-vid 417 ce-vid 101
    ip binding vpn-instance Telcel_LTE
    ip address 10.206.60.243 255.255.255.254
    arp broadcast enable
    qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 101
    trust upstream Wireless_Out
    trust 8021p

    interface GigabitEthernet0/2/1.103
    description To_UNINET_C30-2003-0673_Telcel_2G
    control-vid 13 qinq-termination
    qinq termination pe-vid 417 ce-vid 103
    ip binding vpn-instance Telcel_2G
    ip address 10.206.59.243 255.255.255.254
    arp broadcast enable
    qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 103
    trust upstream Wireless_Out
    trust 8021p

    interface GigabitEthernet0/2/1.104
    description To_UNINET_C30-2003-0673_Telcel_CFE
    control-vid 14 qinq-termination
    qinq termination pe-vid 417 ce-vid 104
    ip binding vpn-instance Telcel_CFE
    ip address 10.206.56.243 255.255.255.254
    arp broadcast enable
    qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 104
    trust upstream Wireless_Out
    trust 8021p

    interface GigabitEthernet0/2/1.106
    description To_UNINET_C30-2003-0673_Telcel_IP_OAM
    control-vid 16 qinq-termination
    qinq termination pe-vid 417 ce-vid 106
    ip binding vpn-instance Telcel_IP_OAM
    ip address 10.206.58.243 255.255.255.254
    arp broadcast enable
    qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 106
    trust upstream Wireless_Out
    trust 8021p

    interface LoopBack 0
    description for IPSYSTEM
    ip binding vpn-instance Telcel_IP_OAM
    ip address 10.75.148.177 255.255.255.255

    !Levantar peer bgp hacia cada VPN de servicios

    bgp 65000

    ipv4-family vpn-instance Telcel_2G


    import-route direct route-policy advertise_2G
    peer 10.206.59.242 as-number 8151
    peer 10.206.59.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
    4
    peer 10.206.59.242 bfd enable
    peer 10.206.59.242 route-policy receive_default_route import
    peer 10.206.59.242 advertise-community

    ipv4-family vpn-instance Telcel_3G


    import-route direct route-policy advertise_3G
    peer 10.206.57.242 as-number 8151
    peer 10.206.57.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
    4
    peer 10.206.57.242 bfd enable
    peer 10.206.57.242 route-policy receive_default_route import
    peer 10.206.57.242 advertise-community
    ipv4-family vpn-instance Telcel_CFE
    import-route direct route-policy advertise_CFE
    peer 10.206.56.242 as-number 8151
    peer 10.206.56.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
    4
    peer 10.206.56.242 bfd enable
    peer 10.206.56.242 route-policy receive_default_route import
    peer 10.206.56.242 advertise-community

    ipv4-family vpn-instance Telcel_LTE


    import-route direct route-policy advertise_LTE
    peer 10.206.60.242 as-number 8151
    peer 10.206.60.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
    4
    peer 10.206.60.242 bfd enable
    peer 10.206.60.242 route-policy receive_default_route import
    peer 10.206.60.242 advertise-community

    ipv4-family vpn-instance Telcel_IP_OAM


    import-route direct route-policy advertise_OAM
    peer 10.206.58.242 as-number 8151
    peer 10.206.58.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
    4
    peer 10.206.58.242 bfd enable
    peer 10.206.58.242 route-policy receive_default_route import
    peer 10.206.58.242 advertise-community

    !Asignación de servcios sin QINQ

    interface GigabitEthernet0/2/3
    description To_SCL2100ER COLORADO 29
    undo shutdown

    interface GigabitEthernet0/2/3.40
    vlan-type dot1q 40
    description To_SCL2100ER COLORADO 29/LTE_S1U-S1MME-SYNC
    ip bi vpn Telcel_LTE
    ip address 10.111.21.169 255.255.255.248
    statistic enable
    trust upstream Wireless_In

    interface GigabitEthernet0/2/3.43
    vlan-type dot1q 43
    description To_SCL2100ER COLORADO 29/LTE-OAM
    ip bi vpn Telcel_IP_OAM
    ip address 10.111.141.169 255.255.255.248
    statistic enable
    trust upstream Wireless_In

    set net-manager vpn-instance Telcel_IP_OAM

    commit

    return
    save
    y
    ************ejecutar después de conectar la línea************
    system-view
    undo dcn
    y
    undo interface loopback0
    return
    save
    y

    You might also like