Escolar Documentos
Profissional Documentos
Cultura Documentos
Dados - CPE
• Configurações básicas
• Frame Relay - INET, VPN MPLS DATA e VOX S/ INET
• ETH
• Configurações Diferenciadas
• BIP / VOXNG e IP
• VPN MPLS
• Script de Configuração
• Cianet
• DMSW – Datacom
• Conversor ECI
• E-Line
Circuitos e Routers
Internet
- Frame-Relay
- Ethernet
VOXNG / IP
VPN
- Data
- Multi
- Prime
E-Line (VPN L2)
HyperTerminal
Velociade 9600
Inicializa
Ctrl+Break
Romom1>confreg 0x2143
Romom2>reset
- no
Router>enable
Router#config terminal
Router(config)#config-register 0x2103
Router(config)#exit
Router#wr
Router#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]Y
Router#reload
Proceed with reload? [confirm] Y
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: no
Configurações Básicas
Reset Digitel (Reset)
HyperTerminal
Tera Term
Putty
Velociade - 57600
Inicializa
Login: nr2g
Senha: digitel
Configurações Básicas
Reset Digitel Senha
Inicializa
Mode test
Linux secure
Nova senha
Confirma nova senha
Login: nr2g
Senha: nova senha
Cisco
username admin privilege 15 secret XXXXXX
enable secret XXXXXXX
Digitel
NR2Ga>SHOW SYSTEM ALL
Applying to:USER0
TYPE ADMINISTRATOR
LOGIN root
Applying to:USER1
TYPE ADMINISTRATOR
LOGIN nr2g
Applying to: WEBAUTH
NR2Ga>
- Primeiro IP de rede
- Último IP broadcast
Configurações Básicas
Telnet habilitado (com as senhas padrões)(Cisco)
line vty 0 4
password XXXXXXX
login
DLCI
INET – 16
VOX – 17
VPN – 100
Salvar configuração
Router#copy running-config startup-config
Router#wr
NR2Ga>CONFIG SAVE
Configurações Básicas
Configurações básica (Cisco)
hostname NOME_DO_CLIENTE_DESIGNADOR
service password-encryption (Criptografa as senhas)
no ip http Server (Desabilita o HTTP Server)
line vty 0 4
password XXXXXX
login
exec-timeout 5 0
Nas interfaces
Comando de visualização
Configuração
hostname NOME_DO_CLIENTE_DESIG
service password-encryption
enable secret SENHA_PADRÃO
username admin privilege 15 secret SENHA_PADRÃO
interface fastEthernet0/0
description LAN-INET
ip address 189.114.225.25 255.255.255.248
no shutdown
...Continua
Frame Relay - INET, VPN MPLS DATA e VOX S/ INET
interface serial0/0/0
description UPLINK-INET
no ip address
encapsulation frame-relay ietf
frame-relay lmi-type ansi
no shutdown
no ip http Server
line con 0
line aux 0
line vty 0 4
password SENHA_PADRÃO
login
exec-timeout 5 0
exit
exit
wr
Frame Relay - INET, VPN MPLS DATA e VOX S/ INET
Digitel
Muda o DLCI e senhas dependendo do serviço – 16, 100 ou 17
Comando de visualização
DUMP ALL (mostra toda configuração do router)
DUMP LAN ALL (mostra a configuração das interfaces lan)
SHOW LAN ALL (mostra o status das interfaces – up ou down, erros, negociação...)
SHOW SYSTEM ALL (mostra a configuração de sistema – USERS, data, versão...)
Configuração
...Continua
Frame Relay - INET, VPN MPLS DATA e VOX S/ INET
SET WAN WAN0 PURGE
SET WAN WAN0 PROTO FRAMERELAY PROTOCOL ANSI
SET WAN WAN0 PVC0 DLCI 100
SET WAN WAN0 PVC0 IP 10.0.0.26 MASK 255.255.255.252 PEER 10.0.0.25
SET WAN WAN0 UP
CONFIG SAVE
Ethernet
VLAN (Virtual LAN)
- Portas:
hostname NOME_DO_CLIENTE_DESIG
service password-encryption
enable secret SENHA_PADRÃO
username admin privilege 15 secret SENHA_PADRÃO
interface FastEthernet0/0
description WAN
no ip address
no shutdown
interface FastEthernet0/0.2000
description WAN
encapsulation dot1Q 2000
ip address 201.47.1.242 255.255.255.252
...continua
Ethernet
interface FastEthernet0/1
description LAN
ip address 201.47.3.201 255.255.255.248
no shutdown
no ip http Server
line vty 0 4
password SENHA_PADRÃO
login
exec-timeout 5 0
wr
OBS: Sempre verificar a negociação e erros (colisão e crc) das portas eth.
Preferencialmente deixar as intefaces em auto duplex e speed.
speed auto
speed 100
duplex auto
full-duplex
...continua
Ethernet
- Alterar negociação
Applying to interface:LAN0
TYPE STATIC ...
IP 200.139.112.14 TX ERRORS: 0
RX ERRORS: 0
MAC 00:00:00:00:00:00
TX DROPPED: 0
MASK 255.255.255.248 RX DROPPED: 0
BROADCAST 200.139.112.15 TX OVERRUN: 0
MTU 1500 RX OVERRUN: 0
COLLISIONS: 0
IP6 0:0:0:0:0:0:0:0/0
CRC ERRORS: 0
TUN6TO4 NO BROADCASTS RECEIVED: 16618
RELAY6TO4 192.88.99.1 LAST RECEIVED PACKET TIME (s): 0.01
MODE AUTO TRANSMIT QUEUE LENGHT: 0
TOTAL TRANSMIT QUEUE LENGHT: 1000
COMMENT
Digitel []
não mostra com subiu e sim como está configurado LAST TRANSMITED PACKET TIME (s): 0.01
INTERFACE: eth0 LINK STATUS: UP
ADMINSTATUS: UP LAST LINK STATUS CHANGE TIME (s): 66883.08
LAST ADMIN STATUS CHANGE TIME (s): 66884.79
PACKETS SENT: 3131121
PACKETS RECEIVED: 3291425
BYTES SENT: 1066701734
BYTES RECEIVED: 1587856495
...
Ethernet
IP Secundário ou Interface Virtual
Digitel
Cisco
interface FastEthernet0/1
description LAN
ip address 201.47.3.201 255.255.255.248
ip address 192.168.103.1 255.255.255.0 Secondary
no shutdown
...continua
Configurações diferenciadas
DHCP
interface FastEthernet0/0
ip address 10.0.0.1 255.255.255.0
SNMP
interface FastEthernet0/0
ip address 10.10.10.1 255.255.255.0
ip nat inside
Configuração
hostname NOME_DO_CLIENTE_DESIG
enable secret SENHA_PADRÃO
username admin privilege 15 secret SENHA_PADRÃO
service password-encryption
Configurar VRF
ip vrf ipinet
ip vrf ipvox
...Continua
BIP / VOXNG (CISCO)
Configurar QOS (Somente para o CPE)
...
BIP / VOXNG (CISCO)
Interfaces WANs
...
interface Serial0/0/0
no ip address
Rotas
bandwidth 2048
encapsulation frame-relay IETF
ip route vrf ipvox 0.0.0.0 0.0.0.0 10.143.48.17
frame-relay lmi-type ansi ip route vrf ipinet 0.0.0.0 0.0.0.0 200.175.30.13
no shutdown
...
VPN MPLS
Modalidades:
- Data:
VPN simples sem QOS (sem priorização)
Routers: Cisco e Digitel
- Multi:
VPN com QOS sem garantia de banda
Routers: Cisco
- Prime:
VPN com QOS com garantia de banda
Routers: Cisco
VPN MPLS
Padrões
- Multi
VPN MPLS Multi
Padrão 1 Padrão 2
Diamond
Gold Gold
Silver Silver
Bronze
Best-Effort Best-Effort
- Prime
- Multi/Prime:
Classes de Serviços
– Marcação DSCP (RFC 2597/2598)
Multi 1
Multi 2
25% para Diamond BE utilizando Gold 50% 100% BE Gold 100% Gold 75%
cada fila sem uso. 50% da eliminando a demais sem independente Silver
Demais 25% banda BE utilização das demais utilizando
restante
Prime
policy-map mark-DSCP
class AF31
set ip dscp af31
class AF22
set ip dscp af22
class AF13
set ip dscp af13
class class-default
set ip dscp default
class-map match-any EF
match input-interface FastEthernet0/0
class-map match-any EF
match access-group name acl-EF
class-map match-any EF
match ip precedence 5
VPN MPLS
Política de QOS Prime: police-map
service-policy service-policy
input output
Nuvem MPLS
Cliente Ethernet Serial GVT
/ ETH
Tráfego sem 1841
priorização
Marca o Prioriza o Tráfego
tráfego tráfego Priorizado
interface Serial0/0/0
bandwidth 1024
no ip address
encapsulation frame-relay IETF
frame-relay traffic-shaping Assume a velocidade definida no map-class
frame-relay lmi-type ansi
interface FastEthernet0/0
description LAN_Conectada_GVT
bandwidth 20480 Velocidade do Link em KByte
interface FastEthernet0/0.373
encapsulation dot1Q 373
ip address 10.2.1.2 255.255.255.252
service-policy output GVT-shape-hierarquical
policy-map GVT-shape-hierarchical
class Ethernet
shape average 20480000 Velocidade do Link Byte
service-policy Prime6-policy
Marcação:
class-map match-any EF
interface FastEthernet0/1 match access-group name acl-EF
description LAN_CLIENTE_X class-map match-any AF31
ip address 10.25.1.253 255.255.254.0
match access-group name acl-AF31
service-policy input mark-DSCP
class-map match-any AF22
match input-interface FastEthernet0/1
policy-map mark-DSCP
class EF
set ip dscp ef ip access-list extended acl-EF
class AF31 permit tcp any any eq 2900
set ip dscp af31 permit udp any any eq 2900
class AF22 ip access-list extended acl-AF31
set ip dscp af22 permit tcp any any eq 1434
class class-default permit tcp any any eq 1993
set ip dscp default permit ip any host 10.25.1.50
VPN MPLS
policy-map Prime6-policy
class Diamond
priority percent 50
Normalmente as pontas comuns possuem uma rota default apontada para GVT. Na ponta Matriz a
rota default é apontada para rede do cliente, além de possuir rotas específicas para as demais
pontas, porem isto não é uma regra.
VPN MPLS
Ponta 1 Ponta 2
Nuvem MPLS
GVT
WAN 10.0.1.0/30 WAN 10.0.2.0/30
LAN 192.168.1.0/24 LAN 192.168.2.0/24
Matriz
IP 192.168.0.2
Ponta 2
ip route 0.0.0.0 0.0.0.0 10.0.2.1
Matriz
ip route 0.0.0.0 0.0.0.0 192.168.0.2
ip route 192.168.1.0 255.255.255.0 10.0.0.1
ip route 192.168.2.0 255.255.255.0 10.0.0.1
VPN MPLS
Priorizado do Passport para o cliente
Ponta 1 Ponta 2
ETH VLAN X
Trafego sem
WAN X priorização
service-policy Fe0/0
Trafego sem Tráfego
output
priorização B2B
Priorizado
Fe0/1
VLAN Y
Priorizado pelo B2B
WAN Y
sentido cliente
B2B
policy-map Prime6-policy
class Diamond
hostname RB2BPAECLI01
bandwidth percent 50
police cir percent 50 bc 125 ms
ip vrf acesso1
conform-action transmit
ip vrf acesso2
exceed-action drop
...
violate-action drop
ip vrf acessoN
class Gold
bandwidth percent 12
class-map match-any Diamond
police cir percent 12
match ip dscp ef
exceed-action set-dscp-transmit default
class-map match-any Gold
violate-action set-dscp-transmit default
match ip dscp af31
class Silver
class-map match-any Silver
bandwidth percent 25
match ip dscp af22
police cir percent 25
class-map match-any Bronze
exceed-action set-dscp-transmit default
match ip dscp af13
violate-action set-dscp-transmit default
class class-default
class-map match-any Ethernet
fair-queue
match any
random-detect dscp-based
VPN MPLS
interface FastEthernet0/0.2097
policy-map GVT-shape-hierarchical1
Description CLIENTE: UNIMED - PP – CTA-XXXXXX
class Ethernet
bandwidth 4096
shape average 4096000
encapsulation dot1Q 2097
service-policy Prime6-policy
ip vrf forwarding acesso1
ip address 10.41.219.2 255.255.255.252
policy-map GVT-shape-hierarchical2
service-policy output GVT-shape-hierarchical1
class Ethernet
shape average 20480000
interface FastEthernet0/0.2099
service-policy Prime6-policy
Description CLIENTE: UNIMED – PP – CTA-XXXXXX
...
bandwidth 20480
policy-map GVT-shape-hierarchicalN
encapsulation dot1Q 2099
class Ethernet
ip vrf forwarding acesso2
shape average XXXX000
ip address 10.41.220.2 255.255.255.252
service-policy Prime6-policy
service-policy output GVT-shape-hierarchical2
...
interface FastEthernet0/0.706
interface FastEthernet0/0.XXXX
description CLIENTE_B2B
Description CLIENTE: UNIMED – PP – CTA-XXXXXX
ip address 10.141.10.20 255.255.255.0
bandwidth XXXX
encapsulation dot1Q 706
encapsulation dot1Q XXXX
ip vrf forwarding acessoN
ip route 0.0.0.0 0.0.0.0 10.141.10.254
ip address XXX.XXX.XXX.XXX 255.255.255.252
service-policy output GVT-shape-hierarchicalN
VPN MPLS
interface FastEthernet0/1.2098
Description CLIENTE: UNIMED – LAN – CTA-XXXXXX
bandwidth 4096
encapsulation dot1Q 2098
ip vrf forwarding acesso1
ip address 10.41.219.5 255.255.255.252
service-policy output GVT-shape-hierarchical1
interface FastEthernet0/1.2100
Description CLIENTE: UNIMED – LAN – CTA-XXXXXX
bandwidth 20480
encapsulation dot1Q 2100
ip vrf forwarding acesso2
ip address 10.41.220.5 255.255.255.252
service-policy output GVT-shape-hierarchical2
...
interface FastEthernet0/1.XXXX
Description CLIENTE: UNIMED – LAN – CTA-XXXXXX
bandwidth XXXX
encapsulation dot1Q XXXX
ip vrf forwarding acessoN
ip address XXX.XXX.XXX.XXX 255.255.255.252
service-policy output GVT-shape-hierarchicalN
VPN MPLS
interface FastEthernet0/0
description LAN_Conectada_GVT
bandwidth 20480
interface FastEthernet0/0.373
encapsulation dot1Q 373
ip address 10.2.1.2 255.255.255.252
service-policy output GVT-shape-hierarquical
interface FastEthernet0/1
description LAN_Barigui_Pe_Agostinho
ip address 10.25.1.253 255.255.254.0
service-policy input mark-DSCP
http://10.200.1.36/engenharia/scripts/cpe/config_vox-ng.php
Script de Configuração
Script de Configuração
Cuidado:
CiaView
CiaVlan (java)
Java
Configuração
Alterar o campo IP para o de gerência (IP com final impar para o ARD e par para o
Cliente)
Cianet
Configuração
Após a alteração a conexão será perdida com o Cianet. Altere o IP do Notebook para um no
mesmo range (neste caso 10.141.231.1) e acesse o Cianet pelo IP que acabou de configurar:
Cianet
Configuração
Para alterar as negociações de portas abra a aba “Portas” e altere a opção “Tipo de Mídia”
Obs.: Por padrão deixar em “Auto_Config” somente alterar se houver problemas na negociação.
Cianet
Problemas de acesso
...
DMSW Datacom
...
Eth 1/2
Octets input : 2522398157638
Octets output : 3669989357810
Unicast input : 16056818359
Unicast output : 26795494480
Discard input : 4137
Discard output : 0
Error input : 0
Error output : 0
Unknown protos input : 0
QLen : 0
Conversor ECI
Acesso ao conversor via cabo serial utilizando HyperTerminal/Tera Term (usar VT100)
show running-config
VLANs X Portas
DM9225-Lab2#show vlan
====================================================================
Name |VTag| Tagged ports | Untagged ports
--------------------+----+---------------------+--------------------
default |1 | |
mgmt_703 |703 |1/1/1 |
service_data_2560 |2560|1/1/1,1/2/1 |
service_voip_2561 |2561|1/1/1,1/2/2 |
Number of entries: 4
Conversor ECI
Status das interfaces
DM9225-Lab2#show interface
============================================================================
===
|Port |Name |Type |State |Link|DuplSpeed |Flow |Backpres|Default
Vlan
+-----+--------+--------+-------+----+----------+-------+--------
+-------------
1/1/1 10-1000T enable up full-1000 disable disable 0001
1/2/1 100TX enable down unknown disable disable 0001
1/2/2 100TX enable up half-100 disable disable 0001
1/2/3 100TX enable down unknown disable disable 0001
1/2/4 100TX enable down unknown disable disable 0001
1/3/1 DUAL enable down unknown disable disable 0001
Alterar Negociação
NHO-30WUD8XB(config)#interface 1/2/3
NHO-30WUD8XB(config-if 1/2/3)#duplex full
NHO-30WUD8XB(config-if 1/2/3)#speed 100
Conversor ECI
Estatísticas da interface
Tagged X SVLAN
SVLAN 2601
2601 SVLAN
SVLAN 2608
2608
ou Untagged ARD VLAN 2000
VLAN 2000 VLAN 2050
VLAN 2050
EDD DSLAM
Porta 13 HE
DIST PE
DSLAM
DSLAM =
= RIN
RIN
SVLAN 2601
SVLAN 2601
MPLS
Layer 2 VPN
HE
Cisco
ARD Switch
Tagged Y DSLAM
ou Untagged
EDD
CIR 50% HE
Tráfego SVLAN
SVLAN 2608
Tráfego do
do PONTA 2 2608
VLAN 2050
2050
Cliente VLAN
Cliente
DSLAM
DSLAM =
= RIN
RIN SVLAN (2608)
SVLAN (2608)
Vlan
Vlan Serviço
Serviço 2050
2050 SVLAN
SVLAN 2608
2608
Vlan Serviço 2050
Tráfego do
Cliente Tráfego do
Cliente
E-LINE (VPN L2)
Topologia
SVLAN (2601)
SVLAN (2601)
Vlan
Vlan Serviço
Serviço 2000
2000
Vlan
Vlan do
do Cliente
Cliente Vlan Serviço 2000
Ponta
Ponta A
A 2000
2000 Tráfego do
Tráfego do
Cliente Insere
Insere Cliente
Vlan
Vlan 2601
2601
Tagged X SVLAN
SVLAN 2601
2601 SVLAN
SVLAN 2608
2608
ou Untagged ARD VLAN 2000
VLAN 2000 VLAN 2050
VLAN 2050
EDD DSLAM
Porta 13 HE
Insere
Insere DIST PE
DSLAM
DSLAM =
= RIN
RIN
Vlan
Vlan 2000
2000 SVLAN 2601
SVLAN 2601
MPLS
Layer 2 VPN
HE
Remove
Remove
Remove
Remove
Cisco
Vlan 2608
Vlan 2608 ARD Switch
Vlan
Vlan 2050
2050
Tagged Y DSLAM
ou Untagged
EDD
CIR 50% HE
Tráfego SVLAN
SVLAN 2608
Tráfego do
do PONTA B 2608
VLAN 2050
2050
Cliente VLAN
Cliente
DSLAM
DSLAM =
= RIN
RIN SVLAN (2608)
SVLAN (2608)
Vlan
Vlan Serviço
Serviço 2050
2050 SVLAN
Vlan
Vlan do
do Cliente
Cliente SVLAN 2608
2608
Vlan Serviço 2050
Ponta B
Ponta B 2050
2050 Tráfego do
Cliente Tráfego do
Cliente
E-LINE (VPN L2)
EPL x EVPL x Contingência
E-LINE (VPN L2)
Cisco ME3400
DSLAM-A DSLAM-B
Rede
GVT
E-LINE (VPN L2)
Configuração
service password-encryption
service unsupported-transceiver
no errdisable detect cause gbic-invalid
sdm prefer layer-2
interface FastEthernet0
description SEM_USO
no ip address G0/3
no ip route-cache Cliente GVT
shutdown G0/1
G0/4
E-LINE (VPN L2)
VLANs e Gerencia
interface Vlan708
vlan 708
description MGMT_EDD
name MGMT_EDD
ip address 10.141.3.129 255.255.255.0
no ip route-cache
vlan 710
name MGMT_EDDBACKUP
interface Vlan710
description MGMT_EDDBACKUP
vlan 2001
ip address 10.141.2.65 255.255.255.0
name EVC1
no ip route-cache
class-map match-all MGMT_EDDBACKUP
interface Vlan2001
match vlan 710
description VLAN_SERVICO
class-map match-all MGMT_EDD
ip address 25.25.25.1 255.255.255.0 (Remoto)
match vlan 708
ip address 25.25.25.2 255.255.255.0 (Principal)
no ip route-cache
ip default-gateway 10.141.3.254
E-LINE (VPN L2)
Gerencia X Contingência
contingência
G0/4
VLAN 710
E-LINE (VPN L2)
Spanning-tree
CONCENTRADOR (root):
G0/4 G0/4
REMOTO:
Bloqueada
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- -----------------
Gi0/3 Root FWD 4 128.3 P2p
Gi0/4 Alt BLK 4 128.4 P2p
E-LINE (VPN L2)
Monitoramento
- Principal e Remoto
ip sla responder
- Remoto
ip sla 2525
udp-jitter 25.25.25.2 2525 num-packets 50 interval 3000
timeout 1000
frequency 240
ip sla schedule 2525 life forever start-time now
interface GigabitEthernet0/3
description WAN_GVT_PRINC
service-policy output OUTPUT-CLIENT
interface GigabitEthernet0/4
description WAN_GVT_CONTING
service-policy output OUTPUT-CLIENT