Dados - Treinamento

Configuração de Circuito de
Dados - CPE
Rafael Colli Gonçalves

Confidencial
Agenda
• Configurações básicas
• Frame Relay - INET, VPN MPLS DATA e VOX S/ INET
• ETH
• Configurações Diferenciadas
• BIP / VOXNG e IP
• VPN MPLS
• Script de Configuração
• Cianet
• DMSW – Datacom
• Conversor ECI
• E-Line
Circuitos e Routers
Internet
- Frame-Relay
- Ethernet
VOXNG / IP
VPN
- Data
- Multi
- Prime
E-Line (VPN L2)
Routers , Switches e Conversores de Mídia

- Cisco 1841 e 1900 (todos os serviços)
- Cisco ME3400 (EDD) – E-Line
- Digitel (Internet até 10M e VPN Data)
- Cianet (Circuitos até 70M)
- ECI DM9225 – Portas Gigabit
- DMSW Datacom
Configurações Básicas
Reset Cisco (excluir ACL e serviços pré-configurados)
HyperTerminal
Velociade 9600
Inicializa
Ctrl+Break
Romom1>confreg 0x2143
Romom2>reset
- no
Router>enable
Router#config terminal
Router(config)#config-register 0x2103
Router(config)#exit
Router#wr
Router#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]Y
Router#reload
Proceed with reload? [confirm] Y
--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]: no
Reset Digitel (Reset)
HyperTerminal
Tera Term
Putty
Velociade - 57600
Inicializa
Barra de espaço (entrar no setup)

Mode test
Run clconf
Restart now
Login: nr2g
Senha: digitel
Reset Digitel Senha
Inicializa
Barra de espaço (entrar no setup)
Mode test
Linux secure
(vai reiniciar e pedir uma nova senha)
Nova senha
Confirma nova senha
Login: nr2g
Senha: nova senha
Alterar a senha e salvar as configurações

Login admin + Senhas padrão (VPN, VOX e INET)
NÃO PASSAR PARA O CLIENTE
Cisco
username admin privilege 15 secret XXXXXX
enable secret XXXXXXX
Digitel
NR2Ga>SHOW SYSTEM ALL
Applying to:USER0
TYPE ADMINISTRATOR
LOGIN root
Applying to:USER1
TYPE ADMINISTRATOR
LOGIN nr2g
Applying to: WEBAUTH
NR2Ga>
SET SYSTEM USER0 PASS XXXXXXXX

SET SYSTEM USER1 PASS XXXXXXXX
SET SYSTEM USER2 TYPE ADMINISTRATOR LOGIN admin PASS XXXXXXXX
IPs
WAN (Wide Area Network)
- Conexão entre GVT e Router no cliente (normalmente /30)
LAN (Local Area Network)
- Conexão com a rede do cliente
- Primeiro IP de rede
- Último IP broadcast
Telnet habilitado (com as senhas padrões)(Cisco)
line vty 0 4
password XXXXXXX
login
DLCI
INET – 16
VOX – 17
VPN – 100
Salvar configuração
Router#copy running-config startup-config
Router#wr
NR2Ga>CONFIG SAVE
Configurações básica (Cisco)
hostname NOME_DO_CLIENTE_DESIGNADOR
service password-encryption (Criptografa as senhas)
no ip http Server (Desabilita o HTTP Server)
enable secret XXXXXX

username admin privilege 15 secret XXXXXX
line vty 0 4
password XXXXXX
login
exec-timeout 5 0
Nas interfaces
no ip redirects Indica melhor rota na mesma rede

no ip unreachables MSG ICMP de host inalcançavel
no ip proxy-arp Cria conexões pelo arp (sem gateway)
Frame Relay - INET, VPN MPLS DATA e VOX S/ INET
Cisco
Muda o DLCI e senhas dependendo do serviço – 16, 100 ou 17
Comando de visualização
show running-config (mostra toda configuração do router)

show running-config interface fa0/0 (mostra a configuração de uma interface fa0/0)
show interface fa0/0 (mostra o status da interface – up ou down, erros, negociação...)
Configuração
hostname NOME_DO_CLIENTE_DESIG
service password-encryption
enable secret SENHA_PADRÃO
username admin privilege 15 secret SENHA_PADRÃO
interface fastEthernet0/0
description LAN-INET
ip address 189.114.225.25 255.255.255.248
no shutdown
...Continua
interface serial0/0/0
description UPLINK-INET
no ip address
encapsulation frame-relay ietf
frame-relay lmi-type ansi
no shutdown
interface serial0/0/0.16 point-to-point

description UPLINK-INET
ip address 189.58.139.46 255.255.255.252
frame-relay interface-dlci 16
exit
no shutdown
ip route 0.0.0.0 0.0.0.0 189.58.139.45
no ip http Server
line con 0
line aux 0
line vty 0 4
password SENHA_PADRÃO
login
exec-timeout 5 0
exit
exit
wr
Digitel
Muda o DLCI e senhas dependendo do serviço – 16, 100 ou 17
Comando de visualização
DUMP ALL (mostra toda configuração do router)
DUMP LAN ALL (mostra a configuração das interfaces lan)
SHOW LAN ALL (mostra o status das interfaces – up ou down, erros, negociação...)
SHOW SYSTEM ALL (mostra a configuração de sistema – USERS, data, versão...)
Configuração
CONFIG PURGE ALL
SET SYSTEM HOSTNAME NOME_DO_CLIENTE_DESIG
SET LAN LAN0 PURGE

SET LAN LAN0 IP 192.168.233.17 MASK 255.255.255.248
SET LAN LAN0 UP
...Continua
SET WAN WAN0 PURGE
SET WAN WAN0 PROTO FRAMERELAY PROTOCOL ANSI
SET WAN WAN0 PVC0 DLCI 100
SET WAN WAN0 PVC0 IP 10.0.0.26 MASK 255.255.255.252 PEER 10.0.0.25
SET WAN WAN0 UP
SET ROUTES PURGE

SET ROUTES DEFAULT GW1 10.0.0.25
SET ROUTES ROUTE0 NET 192.168.0.0. MASK 255.255.255.0 GATEWAY 192.168.233.18
SET ROUTES UP
SET SYSTEM USER0 PASS SENHA_PADRÃO

SET SYSTEM USER2 TYPE ADMINISTRATOR LOGIN admin PASS SENHA_PADRÃO
CONFIG SAVE
Ethernet
VLAN (Virtual LAN)
- Portas:
Trunk / Tagged – Pode passar várias VLANs

Access / Untagged – Passa somente IP
Sempre configurar a porta WAN do router como Trunk / Tagged
- Pode usar mais de um serviço na mesma porta

- Gerência Cianet
Ethernet
Cisco
interface FastEthernet0/0
description WAN
no ip address
no shutdown
interface FastEthernet0/0.2000
description WAN
encapsulation dot1Q 2000
ip address 201.47.1.242 255.255.255.252
...continua
Ethernet
description LAN
ip address 201.47.3.201 255.255.255.248
no shutdown
ip route 0.0.0.0 0.0.0.0 201.47.1.241
no ip http Server
line vty 0 4
password SENHA_PADRÃO
login
exec-timeout 5 0
wr
OBS: Sempre verificar a negociação e erros (colisão e crc) das portas eth.
Preferencialmente deixar as intefaces em auto duplex e speed.
speed auto
speed 100
duplex auto
full-duplex
Clear count (apaga os contadores)

Ethernet
Camargo_Correia#show inter FastEthernet0/1
FastEthernet0/1 is up, line protocol is up
Hardware is Gt96k FE, address is 0024.c400.b419 (bia 0024.c400.b419)
Interface e Porta devem
Description: estar UP.
LAN_Cliente
Obs.: Em links frame
Internet address is se o protocolo (LMI) não esteja UP o acesso deve ser verificado
187.58.240.249/29
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input
A interface não00:04:42, output como
precisa ser configurada 00:00:06, output
Full-duplex hang deve
mas sempre neversubir em Full-duplex,
Last clearing
100Mb/S ou 1000Mb/ of "show interface" counters 00:04:39
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
30 second input rate 7000 bits/sec, 0 packets/sec
30 second output rate 5000 bits/sec, 0 packets/sec
31712 packets input, 14419450 bytes
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
1 input errors, 1 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
27680 packets output, 20446833 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer
Taxas de erros, failures,
colisões 0 output
e CRC sempre buffers
devem estar zeradosswapped out
Ethernet
Digitel
CONFIG PURGE ALL
SET SYSTEM HOSTNAME NOME_DO_CLIENTE_DESIG
SET LAN LAN0 PURGE

SET LAN LAN0 UP
SET LAN LAN0.2023 PURGE
SET LAN LAN0.2023 IP 10.10.10.2 MASK 255.255.255.252
SET LAN LAN0.2023 UP
SET LAN LAN1 PURGE

SET LAN LAN1 UP
SET ROUTES PURGE

SET ROUTES DEFAULT GW1 10.10.10.1
SET ROUTES UP
...continua
Ethernet

SET SYSTEM USER2 TYPE ADMINISTRATOR LOGIN admin PASS SENHA_PADRÃO
CONFIG SAVE
- Comando de visualização das interfaces
DUMP LAN ALL (mostra a configuração das interfaces lan)
- Alterar negociação
SET LAN LAN0 MODE 100FD

SET LAN LAN0 MODE AUTO
Ethernet
SHOW LAN ALL
Applying to interface:LAN0
TYPE STATIC ...
IP 200.139.112.14 TX ERRORS: 0
RX ERRORS: 0
MAC 00:00:00:00:00:00
TX DROPPED: 0
MASK 255.255.255.248 RX DROPPED: 0
BROADCAST 200.139.112.15 TX OVERRUN: 0
MTU 1500 RX OVERRUN: 0
COLLISIONS: 0
IP6 0:0:0:0:0:0:0:0/0
CRC ERRORS: 0
TUN6TO4 NO BROADCASTS RECEIVED: 16618
RELAY6TO4 192.88.99.1 LAST RECEIVED PACKET TIME (s): 0.01
MODE AUTO TRANSMIT QUEUE LENGHT: 0
TOTAL TRANSMIT QUEUE LENGHT: 1000
COMMENT
Digitel []
não mostra com subiu e sim como está configurado LAST TRANSMITED PACKET TIME (s): 0.01
INTERFACE: eth0 LINK STATUS: UP
ADMINSTATUS: UP LAST LINK STATUS CHANGE TIME (s): 66883.08
LAST ADMIN STATUS CHANGE TIME (s): 66884.79
PACKETS SENT: 3131121
PACKETS RECEIVED: 3291425
BYTES SENT: 1066701734
BYTES RECEIVED: 1587856495
...
Ethernet
IP Secundário ou Interface Virtual
Digitel
SET LAN LAN0 PURGE

SET LAN LAN0 UP
SET LAN LAN0:1 PURGE
SET LAN LAN0:1 IP 10.10.10.1 MASK 255.255.255.0
SET LAN LAN0:1 UP
Cisco
description LAN
ip address 201.47.3.201 255.255.255.248
ip address 192.168.103.1 255.255.255.0 Secondary
no shutdown
...continua
Configurações diferenciadas
DHCP
ip dhcp pool NOME

network 10.0.0.0 255.255.255.0
default-router 10.0.0.1
dns-server 10.0.0.2 10.0.0.3
ip dhcp excluded-address 10.0.0.1 10.0.0.10
ip address 10.0.0.1 255.255.255.0
SNMP
snmp-server community public RO
access-list 50 permit 172.18.2.115 0.0.0.0

snmp-server community public RO 50
Obs: O cliente pode definir outra community no lugar de public

Configurações diferenciadas
NAT
ip address 10.10.10.1 255.255.255.0
ip nat inside
interface Serial0/0/0.16 point-to-point

ip address 189.58.142.50 255.255.255.252
ip nat outside
ip nat inside source list 7 interface Serial0/0/0.16 overload

VOXNG / IP Com Internet (CISCO)
DLCIs
DLCI 16 (Dados) VRF ipinet

DLCI 17 (Voz) VRF ipvox
Configuração
Configurar VRF
ip vrf ipinet
ip vrf ipvox
...Continua
BIP / VOXNG (CISCO)
Configurar QOS (Somente para o CPE)
class-map match-any EF ...

match input-interface FastEthernet0/0
class-map match-any Diamond

Interfaces LANs
match ip dscp ef
policy-map mark-DSCP
description LAN-VOX
class EF
ip vrf forwarding ipvox
set ip dscp ef
ip address 10.143.137.249 255.255.255.248
class class-default service-policy input mark-DSCP
set ip dscp default no shutdown
policy-map Vox-policy
class Diamond interface FastEthernet0/1
priority percent 50 description LAN-INET
ip vrf forwarding ipinet
police cir percent 50 bc 125 ms
ip address 200.146.95.57 255.255.255.248
conform-action transmit
service-policy input mark-DSCP
exceed-action drop
no shutdown
violate-action drop
class class-default
... continua
fair-queue
random-detect dscp-based
...
BIP / VOXNG (CISCO)
Interfaces WANs
...
interface Serial0/0/0
no ip address
Rotas
bandwidth 2048
encapsulation frame-relay IETF
ip route vrf ipvox 0.0.0.0 0.0.0.0 10.143.48.17
frame-relay lmi-type ansi ip route vrf ipinet 0.0.0.0 0.0.0.0 200.175.30.13
no shutdown

description UPLINK-INET Velocidade do Frame-Relay
ip vrf forwarding ipinet
ip address 200.175.30.14 255.255.255.252 map-class frame-relay qos-vox-rules
frame-relay interface-dlci 16 frame-relay cir 2048000
frame-relay class qos-vox-rules frame-relay bc 256000
no shutdown frame-relay mincir 2048000
service-policy output Vox-policy
description UPLINK-VOX
ip vrf forwarding ipvox
Teste de Ping
ip address 10.143.8.254 255.255.255.252
frame-relay class qos-vox-rules ping vrf ipinet XXX.XXX.XXX.XXX
no shutdown ping vrf ipvox XXX.XXX.XXX.XXX
...
VPN MPLS
Modalidades:
- Data:
VPN simples sem QOS (sem priorização)
Routers: Cisco e Digitel
- Multi:
VPN com QOS sem garantia de banda
Routers: Cisco
- Prime:
VPN com QOS com garantia de banda
Routers: Cisco
VPN MPLS
Padrões
- Data: Não tem padrão
- Multi
VPN MPLS Multi
Padrão 1 Padrão 2
Diamond
Gold Gold
Silver Silver
Bronze
Best-Effort Best-Effort
- Prime
VPN MPLS Prime

Classe de Serviço Padrao 1 Padrao 2 Padrao 3 Padrao 4 Padrao 5 Padrao 6
Diamond (VoIP) 0% 0% 0% 25% 37,5% 50%
Gold 25% 37,5% 50% 25% 12,5% 12,5%
Silver 25% 25% 12,5% 25% 25% 12,5%
Bronze 25% 12,5% 12,5% 0% 0% 0%
Best-Effort 25% 25% 25% 25% 25% 25%
VPN MPLS
Priorização
- Data: Não tem de priorização
- Multi/Prime:
- Classificação por protocolo: IP, TCP, UDP, ICMP e etc.

- Classificação por precedente bit
- Classificação por interface: Fastethernet0/0, Fastethernet0/1
VPN MPLS
Classes de Serviços
– Marcação DSCP (RFC 2597/2598)
Classe de serviço DSCP Queue Type Prioridade PVC Passport

Diamond EF Priority-Queue Strict-High CBR
Class Based W eighted
Gold AF31 High RT-VBR
Fair Queue (CBW FQ)
Silver AF22 Medium-High RT-VBR
Fair Queue (CBW FQ)
Bronze AF13 Medium-Low nRT-VBR
Fair Queue (CBW FQ)
Best-Effort Best-Effort Fair Queue Low nRT-VBR
VPN MPLS Layer 3 Cisco a fila Gold deve usar AF21

VPN MPLS
Max 50% Max 50% Max 50% Max 50%
Multi 1
25% para Diamond Silver Diamond 100% BE Diamont Diamont Max

cada fila sem uso. utilizando Max de sua demais sem Max demais Gold
Demais 25% 50% da capacidade utilização filas sem utilizando
banda Pode ocupar utilização restante
a BE independente
das demais
Multi 2
25% para Diamond BE utilizando Gold 50% 100% BE Gold 100% Gold 75%
cada fila sem uso. 50% da eliminando a demais sem independente Silver
Demais 25% banda BE utilização das demais utilizando
restante
Diamont Gold Silver Bronze Best-Effort

EF AF31 AF22 AF13 (BE)
VPN MPLS
Limitado Limitado Limitado Limitado Limitado Limitado
Prime
100% em Diamond Best-Effort Diamond Utilização Diamont Diamont

todas as filas sem uso. utilizando 100% e BE somente BE 100% demais 100% Gold
BE 100% 0% demais filas filas sem utilizando
utilizando 0% utilização mais de
50% 100% demais
0%
Diamont Gold Silver Bronze Best-Effort

EF AF31 AF22 AF13 (BE)
VPN MPLS
Classificação/Marcação: policy-map
class AF31
set ip dscp af31
class AF22
set ip dscp af22
class AF13
set ip dscp af13
class class-default
set ip dscp default
class-map match-any AF31

match access-group name acl-AF31
ip access-list extended acl-AF31

permit udp any any range 16000 20000
permit tcp any any range ftp-data telnet
VPN MPLS
Classificação/Marcação: classificação do tráfego
- Mapeamento por interface física
class-map match-any EF
- Mapeamento por protocolo (endereço IP, porta TCP, etc.)
match access-group name acl-EF
ip access-list extended acl-EF

permit ip any host 10.10.10.1
- Mapeamento por precedence bit
match ip precedence 5
VPN MPLS
Política de QOS Prime: police-map
policy-map Prime6-policy ...

class Diamond
priority percent 50 class-map match-any Diammond
police cir percent 50 bc 125 ms match ip dscp ef
conform-action transmit class-map match-any Gold
exceed-action drop match ip dscp af31
violate-action drop class-map match-any Silver
class Gold match ip dscp af22
bandwidth percent 12
police cir percent 12
exceed-action set-dscp-transmit default
violate-action set-dscp-transmit default
class Silver
class class-default
fair-queue
...
VPN MPLS
Política de QOS Multi: police-map
Multi 1 Multi 2
policy-map Multi1-policy policy-map Multi2

class Diamond class class-default
priority percent 50
police cir percent 50 bc 125 ms random-detect dscp 0 20 25 5
conform-action transmit random-detect dscp 14 30 35 5
exceed-action drop random-detect dscp 20 55 60 5
random-detect dscp 26 240 300 5
violate-action drop
class class-default

match ip dscp ef
VPN MPLS
Configuração das interfaces
service-policy service-policy
input output
Nuvem MPLS
Cliente Ethernet Serial GVT
/ ETH
Tráfego sem 1841
priorização
Marca o Prioriza o Tráfego
tráfego tráfego Priorizado
Interface Cliente - LAN
interface FastEthernet0/0 Interface conectada à rede do cliente.

VPN MPLS
Interface GVT – WAN – Serial
interface Serial0/0/0
bandwidth 1024
no ip address
frame-relay traffic-shaping Assume a velocidade definida no map-class
frame-relay lmi-type ansi

description UPLINK-MPLS
ip address 10.0.0.18 255.255.255.252
frame-relay class qos-Multi
map-class frame-relay qos-Multi

frame-relay cir 1024000 Velocidade do Link
frame-relay bc 128000 Velocidade do Link / 8
frame-relay mincir 1024000 Velocidade do Link
service-policy output Multi-policy
VPN MPLS
Interface GVT – ETH – WAN
description LAN_Conectada_GVT
bandwidth 20480 Velocidade do Link em KByte
ip address 10.2.1.2 255.255.255.252
service-policy output GVT-shape-hierarquical
policy-map GVT-shape-hierarchical
class Ethernet
shape average 20480000 Velocidade do Link Byte
service-policy Prime6-policy
class-map match-any Ethernet

match any
VPN MPLS
Seqüência de marcação e priorização do tráfego (QoS)
Marcação:
interface FastEthernet0/1 match access-group name acl-EF
description LAN_CLIENTE_X class-map match-any AF31
ip address 10.25.1.253 255.255.254.0
class EF
set ip dscp ef ip access-list extended acl-EF
class AF31 permit tcp any any eq 2900
set ip dscp af31 permit udp any any eq 2900
class AF22 ip access-list extended acl-AF31
set ip dscp af22 permit tcp any any eq 1434
class class-default permit tcp any any eq 1993
set ip dscp default permit ip any host 10.25.1.50
VPN MPLS
policy-map Prime6-policy
class Diamond
priority percent 50
Priorização e garantia de banda: police cir percent 50 bc 125 ms

exceed-action drop
violate-action drop
class Gold
description LAN_Conectada_GVT bandwidth percent 12
bandwidth 20480 police cir percent 12
interface FastEthernet0/0.373 exceed-action set-dscp-transmit default
class Silver
ip address 10.2.1.2 255.255.255.252 bandwidth percent 12
service-policy output GVT-shape-hierarquical police cir percent 12
policy-map GVT-shape-hierarchical exceed-action set-dscp-transmit default
class Ethernet
class class-default
shape average 20480000
fair-queue
service-policy Prime6-policy random-detect dscp-based
class-map match-any Diammond

class-map match-any Ethernet match ip dscp ef
class-map match-any Gold
match any
match ip dscp af31
class-map match-any Silver
match ip dscp af22
VPN MPLS
Rotas
Normalmente as pontas comuns possuem uma rota default apontada para GVT. Na ponta Matriz a
rota default é apontada para rede do cliente, além de possuir rotas específicas para as demais
pontas, porem isto não é uma regra.
VPN MPLS
Ponta 1 Ponta 2
Nuvem MPLS
GVT
WAN 10.0.1.0/30 WAN 10.0.2.0/30
LAN 192.168.1.0/24 LAN 192.168.2.0/24
Matriz
IP 192.168.0.2
Ponta 1 WAN 10.0.0.0/30

Servidor / Router
ip route 0.0.0.0 0.0.0.0 10.0.1.1 LAN 192.168.0.0/24 Cliente
Ponta 2
ip route 0.0.0.0 0.0.0.0 10.0.2.1
Matriz
ip route 0.0.0.0 0.0.0.0 192.168.0.2
ip route 192.168.1.0 255.255.255.0 10.0.0.1
ip route 192.168.2.0 255.255.255.0 10.0.0.1
VPN MPLS
Priorizado do Passport para o cliente
Ponta 1 Ponta 2
Frame Nuvem MPLS Frame

GVT - Passports
Tráfego Priorizado Tráfego Priorizado
ETH VLAN X
Trafego sem
WAN X priorização
service-policy Fe0/0
Trafego sem Tráfego
output
priorização B2B
Priorizado
Fe0/1
VLAN Y
Priorizado pelo B2B
WAN Y
sentido cliente
Passport NÃO consegue

priorizar o tráfego em links ETH
Matriz
VPN MPLS Multi e Prime em ETH
utilizam router B2B para fazer
priorização no lugar do Passport
VPN MPLS
B2B
class Diamond
hostname RB2BPAECLI01
ip vrf acesso1
ip vrf acesso2
exceed-action drop
...
violate-action drop
ip vrf acessoN
class Gold
match ip dscp ef
class-map match-any Gold
match ip dscp af31
class Silver
match ip dscp af22
class-map match-any Bronze
match ip dscp af13
class class-default
class-map match-any Ethernet
fair-queue
match any
VPN MPLS
policy-map GVT-shape-hierarchical1
Description CLIENTE: UNIMED - PP – CTA-XXXXXX
class Ethernet
bandwidth 4096
ip vrf forwarding acesso1
ip address 10.41.219.2 255.255.255.252
policy-map GVT-shape-hierarchical2
service-policy output GVT-shape-hierarchical1
class Ethernet
Description CLIENTE: UNIMED – PP – CTA-XXXXXX
...
bandwidth 20480
policy-map GVT-shape-hierarchicalN
class Ethernet
shape average XXXX000
ip address 10.41.220.2 255.255.255.252
...
interface FastEthernet0/0.XXXX
description CLIENTE_B2B
Description CLIENTE: UNIMED – PP – CTA-XXXXXX
ip address 10.141.10.20 255.255.255.0
bandwidth XXXX
encapsulation dot1Q XXXX
ip vrf forwarding acessoN
ip route 0.0.0.0 0.0.0.0 10.141.10.254
ip address XXX.XXX.XXX.XXX 255.255.255.252
service-policy output GVT-shape-hierarchicalN
VPN MPLS
Description CLIENTE: UNIMED – LAN – CTA-XXXXXX
bandwidth 4096
ip address 10.41.219.5 255.255.255.252
bandwidth 20480
ip address 10.41.220.5 255.255.255.252
...
interface FastEthernet0/1.XXXX
bandwidth XXXX
encapsulation dot1Q XXXX
ip vrf forwarding acessoN
ip address XXX.XXX.XXX.XXX 255.255.255.252
service-policy output GVT-shape-hierarchicalN
VPN MPLS
ip route vrf acesso1 0.0.0.0 0.0.0.0 10.41.219.1 (PP)

ip route vrf acesso1 192.168.100.0 255.255.255.0 10.41.219.6 (CLI)
ip route vrf acesso2 0.0.0.0 0.0.0.0 10.41.220.1 (PP)
ip route vrf acesso2 192.168.200.0 255.255.255.0 10.41.220.5 (CLI)
...
ip route vrf acessoN 0.0.0.0 0.0.0.0 Passport
ip route vrf acessoN XXX.XXX.XXX.XXX 255.255.255.0 Cliente
O B2B não deve ultrapassar 20M somando os acessos

VPN MPLS
policy-map Multi
class class-default
Multi 2 bandwidth percent 100
class-map match-any AF22 random-detect dscp 20 55 60 5
match access-group name acl-AF22 random-detect dscp 26 240 300 5
match access-group name acl-AF13 interface FastEthernet0/0
description LAN-MPLS
policy-map mark-DSCP ip address 172.16.4.1 255.255.255.0
class AF31 service-policy input mark-DSCP
set ip dscp af31
class AF22 interface Serial0/0/0
bandwidth 1024
set ip dscp af22
no ip address
class AF13
set ip dscp af13
frame-relay traffic-shaping
class class-default frame-relay lmi-type ansi
set ip dscp default
description UPLINK-MPLS
ip address 10.0.0.18 255.255.255.252
VPN MPLS
ip route 0.0.0.0 0.0.0.0 10.0.0.17

permit tcp any any eq 3389
permit udp any any eq 3389
map-class frame-relay qos-Multi

frame-relay cir 1024000
frame-relay bc 128000
frame-relay mincir 1024000
service-policy output Multi
VPN MPLS
Multi 1
policy-map Multi
class-map match-any EF class Diamond
match access-group name acl-EF priority percent 50
class-map match-any AF31 police cir percent 50 bc 125 ms
match access-group name acl-AF31 conform-action transmit
class-map match-any AF22 exceed-action drop
violate-action drop
class class-default
match ip dscp ef bandwidth percent 50
policy-map mark-DSCP random-detect dscp 0 20 25 5
class EF random-detect dscp 20 55 60 5
set ip dscp ef random-detect dscp 26 240 300 5
class AF31
set ip dscp af31
class AF22
description LAN-MPLS
set ip dscp af22
ip address 192.168.0.1 255.255.255.0
class class-default
set ip dscp default
VPN MPLS
interface Serial0/0/0 map-class frame-relay qos-Multi
no ip address frame-relay cir 512000
encapsulation frame-relay IETF frame-relay bc 64000
frame-relay traffic-shaping frame-relay mincir 512000

service-policy output Multi

description VPN WAN
ip address 10.0.0.2 255.255.255.252
ip route 0.0.0.0 0.0.0.0 10.0.0.1


VPN MPLS
Prime class Diamond
priority percent 50
exceed-action drop
match access-group name acl-EF violate-action drop
class-map match-any AF31 class Gold
match access-group name acl-AF31 bandwidth percent 12
class-map match-any AF22 police cir percent 12
class-map match-any Diammond class Silver
match ip dscp ef bandwidth percent 12
class-map match-any Gold police cir percent 12
match ip dscp af31 conform-action transmit
match ip dscp af22 class class-default
fair-queue
class-map match-any Ethernet random-detect dscp-based
match any
policy-map GVT-shape-hierarchical
class Ethernet
VPN MPLS

permit tcp any any eq 2900
class EF
permit udp any any eq 2900
set ip dscp ef
class AF31
set ip dscp af31 ip access-list extended acl-AF31
class AF22 permit tcp any any eq 1434
set ip dscp af22 permit tcp any any eq 1993
class class-default permit ip any host 10.25.1.41
set ip dscp default
description LAN_Conectada_GVT
bandwidth 20480
ip address 10.2.1.2 255.255.255.252
service-policy output GVT-shape-hierarquical
description LAN_Barigui_Pe_Agostinho
ip address 10.25.1.253 255.255.254.0
ip route 0.0.0.0 0.0.0.0 10.2.1.1

Script de Configuração
http://10.200.1.36/engenharia/scripts/cpe/config_vox-ng.php
Cuidado:

access-list 50 deny any log
frame-relay traffic-shaping (em internet)
username gvt secret Gvt#E$R%TineT

Cianet
Softwares
CiaView
CiaVlan (java)
Java
Configuração
Configurar o IP do notebook no mesmo range do Cianet e inicializar o CiaView2500:
IP Default do Cianet: 192.168.0.132

Configurar no Notebook: 192.168.0.131
Cianet
Configuração
Para configurar o Cianet entre no menu “Exibir / Variáveis”.

Cianet
Configuração
Alterar o campo IP para o de gerência (IP com final impar para o ARD e par para o
Cliente)
Cianet
Configuração
Após a alteração a conexão será perdida com o Cianet. Altere o IP do Notebook para um no
mesmo range (neste caso 10.141.231.1) e acesse o Cianet pelo IP que acabou de configurar:
Cianet
Configuração
Após restabelecer a conexão habilitar na aba “VLAN” a VLAN de gerência e alterar

VLANId para 703 (após este procedimento, será perdida a conexão com o Cianet)
Cianet
Configuração
Para acessar novamente o Cianet utilizar o “CiaVlan” e o “CiaView”.

Alterar o “VLan ID” para 703 e inicializar o serviço
Após a inicialização do CiaVlan, acessar o Cianet normalmente pelo CiaView.

Cianet
Negociação
Para alterar as negociações de portas abra a aba “Portas” e altere a opção “Tipo de Mídia”
Obs.: Por padrão deixar em “Auto_Config” somente alterar se houver problemas na negociação.
Cianet
Problemas de acesso
3 – Clicar na aba “Avançado” e em

1 – Entrar em “Propriedades de Conexão” propriedades procurar uma opção que
2 – Clicar em “Configurar” tenha “802.1” e no campo “Valor” mudar
para “Enable”.
DMSW Datacom
Configuração Padrão
clock timezone Brasilia -3 sntp client
logging history ram 7 sntp poll 20
sntp server 10.200.13.1
logging history flash 0
logging trap 7 authentication login radius local
logging host 10.200.1.34 accounting tacacs
logging host 10.200.1.45 tacacs-server host 10.200.1.45
radius-server host 1 address 10.200.1.31
radius-server host 1 auth-port 1812
ip default-gateway 10.200.13.1
radius-server host 1 key gvtDcoM98765
radius-server host 2 address 10.200.1.216
ip telnet server radius-server host 2 auth-port 1812
ip http server radius-server host 2 key gvtDcoM98765
ip http secure-server hostname D2CTACLI01
no ip ssh server
interface vlan 706
ip snmp-server name MGMT_CPE_706
ip snmp-server contact Suporte ip address 10.200.13.18/24
ip snmp-server community public ro set-member tagged ethernet 1/1
ip snmp-server community metrogvt rw set-member tagged port-channel 3
no ip snmp-server traps critical-event-detected
interface vlan 2152
no ip snmp-server traps critical-event-recovered
name CLI_IPSERV_CTA-30R4DDBI
no ip snmp-server traps link-flap-detected set-member tagged ethernet 1/25
no ip snmp-server traps link-flap-no-more-detected set-member tagged port-channel 3
no ip snmp-server traps loopback-no-more-detected
no ip snmp-server traps unidir-link-detected
...
no ip snmp-server traps unidir-link-recovered
ip snmp-server host 10.200.1.178 version 1 metrogvt
DMSW Datacom
...
 Portas Trunks e Access

interface ethernet 1/1
description SW-MGMT-CTA01_1/13
switchport qinq internal
Portas em Trunk ou Tagged
switchport storm-control broadcast pps 3000
interface vlan XXX
switchport storm-control multicast pps 3000 set-member tagged ethernet 1/1
switchport storm-control unicast pps 3000
no shutdown switchport qinq internal

Se a porta for Giga não precisa configurar qinq
description CONN_TO_RDISTCTA04_GI3/3
switchport storm-control broadcast pps 3000
switchport storm-control multicast pps 3000 Portas em Access ou Untagged
switchport storm-control unicast pps 3000
interface vlan XXX
no shutdown
set-member untagged ethernet 1/1
interface port-channel 3 interface ethernet 1/1

switchport native vlan XXX
set-member ethernet range 1/27 1/28
description CONN_TO_D2CTAIPS02
no shutdown
DMSW Datacom
Visualização
Veirficar MAC Address Verificar Status de uma porta
show interfaces status ethernet 1/2

show mac-address-table vlan 703
Information of Eth 1/2
Basic information:
Total MAC Addresses for this criterion: 7 Port type: 100TX
MAC address: 00:04:DF:11:E9:CA
Configuration:
Unit Block Interface MAC Address VLAN Type Name: CLIENTE:CASSOL
---- ----- --------- ----------------- ---- ------- Port admin: Up
Speed-duplex: Auto
1 Eth 1/ 6 02-00-0a-8d-4d-4c 703 Learned Capabilities: 100M full
1 Eth 1/ 6 02-00-0a-8d-4d-4d 703 Learned Flow-control: Disabled
MDIX: Auto
1 Eth 1/10 02-00-0a-8d-4d-50 703 Learned
Slow Protocols MAC: Standard
1 Eth 1/10 02-00-0a-8d-4d-51 703 Learned LACP: Disabled
OAM: Disabled
1 Eth 1/11 02-00-0a-8d-4d-5c 703 Learned
Loopback Detection: Enabled - Unblock
1 Eth 1/11 02-00-0a-8d-4d-5d 703 Learned hysteresis: 30 sec
1 Eth 1/24 00-04-dc-47-1b-38 703 Learned Link-Flap Detection: Enabled - Unblock
hysteresis: 30 sec
Current status:
Link status: Up
Operation speed-duplex: 100M full
Flow control: Disabled
MDIX: Crossover
...
DMSW Datacom
...
Verificar Erros de uma porta
show interfaces counters ethernet 1/2
Eth 1/2
Octets input : 2522398157638
Octets output : 3669989357810
Unicast input : 16056818359
Unicast output : 26795494480
Discard input : 4137
Discard output : 0
Error input : 0
Error output : 0
Unknown protos input : 0
QLen : 0
Conversor ECI
Acesso ao conversor via cabo serial utilizando HyperTerminal/Tera Term (usar VT100)
Password default: eci
1/1/1 1/2/1-1/2/4 1/3/1

Porta óptica G Portas Elétricas Elétrica/Óptica G
Conversor ECI
Configuração VLANs, Portas e Gerencia
hostname CLIENTE_CTA-XXXXXXX
password senha_do_serviço senha_do_serviço
ip address 10.141.250.1 255.255.255.0
vlan
create mgmt 703
config mgmt
add ports 1/1/1 tagged
exit
exit
vlan
management 703
exit
vlan
create service1 XXXX
config service1
add ports 1/1/1,1/2/1 tagged (1/1/1-1/3/1)
exit
exit
Vlan
create service2 YYYY
config service2
add ports 1/1/1,1/2/2 tagged
exit
Exit
ip route 0.0.0.0/0 10.141.250.254
config default
remove ports 1/1/1-1/3/1
Conversor ECI
Configuração de SNMP
snmp-server enable snmp-server notify pingTestCompleted STMStag
snmp-server view STMSAll 1.3 included snmp-server notify pingTestFailed STMStag
snmp-server view STMSNone 1.3 excluded snmp-server notify portErrorsExceeded STMStag
snmp-server group STMSRead v1 read STMSAll write STMSNone notify STMSAll snmp-server notify portRedundantLinkChange STMStag
snmp-server group STMSRead v2c read STMSAll write STMSNone notify STMSAll snmp-server notify portSecurityViolation STMStag
snmp-server group STMSWrite v1 read STMSAll write STMSAll notify STMSAll snmp-server notify portsBroadcastExceeded STMStag
snmp-server group STMSWrite v2c read STMSAll write STMSAll notify STMSAll snmp-server notify prvtCESAvailable STMStag
snmp-server user public group STMSRead v1 snmp-server notify prvtCESUnAvailableDueExtract STMStag
snmp-server user public group STMSRead v2c snmp-server notify prvtCESUnAvailableDueReload STMStag
snmp-server user private group STMSWrite v1 snmp-server notify prvtConfigChangeAlarm STMStag
snmp-server user private group STMSWrite v2c snmp-server notify prvtCustCreated STMStag
snmp-server target-param 10.200.6.94param public v1 snmp-server notify prvtCustDeleted STMStag
snmp-server target-addr 10.200.6.94server 10.200.6.94 1620 10.200.6.94param STMStag snmp-server notify prvtDuplicatedMACAddressAlarm STMStag
snmp-server notify authenticationFailure STMStag snmp-server notify prvtPortSECViolation STMStag
snmp-server notify cliConfigurationChange STMStag snmp-server notify prvtPwVcTDMAlarm STMStag
snmp-server notify coldStart STMStag snmp-server notify prvtPwVcTDMStatusChange STMStag
snmp-server notify configurationLoadFailed STMStag snmp-server notify prvtSapCreated STMStag
snmp-server notify cpuTemperatureExceeded STMStag snmp-server notify prvtSapDeleted STMStag
snmp-server notify cpuUtilizationExceeded STMStag snmp-server notify prvtSapStatusChanged STMStag
snmp-server notify dot1agCfmFaultAlarm STMStag snmp-server notify prvtSdpCreated STMStag
snmp-server notify fallingAlarm STMStag snmp-server notify prvtSdpDeleted STMStag
snmp-server notify imageCrcCheckFailed STMStag snmp-server notify prvtSdpStatusChanged STMStag
snmp-server notify lagMemberAdd STMStag snmp-server notify prvtSvcCreated STMStag
snmp-server notify lagMemberLinkDown STMStag snmp-server notify prvtSvcDeleted STMStag
snmp-server notify lagMemberLinkUp STMStag snmp-server notify prvtSvcStatusChanged STMStag
snmp-server notify lagMemberRemove STMStag snmp-server notify ramFreeSpaceExceeded STMStag
snmp-server notify laserRxPowerThresholdCrossed STMStag snmp-server notify resilientLinkStatusChange STMStag
snmp-server notify laserTempThresholdCrossed STMStag snmp-server notify risingAlarm STMStag
snmp-server notify laserTxPowerThresholdCrossed STMStag snmp-server notify snmpSetExecuted STMStag
snmp-server notify linkDown STMStag snmp-server notify taskSuspended STMStag
snmp-server notify linkUp STMStag snmp-server notify topologyChange STMStag
snmp-server notify mstpNewRoot STMStag snmp-server notify unauthorizedAccessViaCLI STMStag
snmp-server notify mstpTopologyChange STMStag snmp-server notify warmStart STMStag
snmp-server notify newRoot STMStag snmp-server system-name DESIGNADOR
snmp-server notify pingProbeFailed STMStag snmp-server location DESIGNADOR
snmp-server authentication-failure-trap
write memory – Salvar as configurações

Conversor ECI
Comandos
Comandos semelhantes ao CISCO
show running-config
VLANs X Portas
DM9225-Lab2#show vlan
====================================================================
Name |VTag| Tagged ports | Untagged ports
--------------------+----+---------------------+--------------------
default |1 | |
mgmt_703 |703 |1/1/1 |
service_data_2560 |2560|1/1/1,1/2/1 |
service_voip_2561 |2561|1/1/1,1/2/2 |
Number of entries: 4
Conversor ECI
Status das interfaces
DM9225-Lab2#show interface
============================================================================
===
|Port |Name |Type |State |Link|DuplSpeed |Flow |Backpres|Default
Vlan
+-----+--------+--------+-------+----+----------+-------+--------
+-------------
1/1/1 10-1000T enable up full-1000 disable disable 0001
1/2/1 100TX enable down unknown disable disable 0001
1/2/2 100TX enable up half-100 disable disable 0001
1/3/1 DUAL enable down unknown disable disable 0001
Alterar Negociação
NHO-30WUD8XB(config)#interface 1/2/3
NHO-30WUD8XB(config-if 1/2/3)#duplex full
NHO-30WUD8XB(config-if 1/2/3)#speed 100
Conversor ECI
Estatísticas da interface
DM9225-Lab2#show interface 1/1/1 statistics

Octets 2568231 In/OutPkts 64 12160
Collisions 0 In/OutPkts 65-127 37632
Broadcast 9418 In/OutPkts 128-255 41
Multicast 87 In/OutPkts 256-511 425
CRCAlignErrors 0 In/OutPkts 512-1023 0
Undersize 0 In/OutPkts 1024-MaxFrameSize 0
Oversize 0 TotalInPkts 28212
Fragments 0 TotalIn/OutPkts 50258
Jabbers 0 Down Count 0
DropEvents 0
Last5secInPkts 16 Last5secInBps 267
Last1minInPkts 184 Last1minInBps 271
Last5minInPkts 750 Last5minInBps 268
Last5secOutPkts 11 Last5secOutBps 205
Last1minOutPkts 136 Last1minOutBps 227
Last5minOutPkts 562 Last5minOutBps 228
E-LINE (VPN L2)
Topologia
SVLAN (2601)
SVLAN (2601)
Vlan
Vlan Serviço
Serviço 2000
2000 Vlan Serviço 2000
Tráfego do
Tráfego do
Cliente
Cliente
Tagged X SVLAN
SVLAN 2601
2601 SVLAN
SVLAN 2608
2608
ou Untagged ARD VLAN 2000
VLAN 2000 VLAN 2050
VLAN 2050
EDD DSLAM
Porta 13 HE
SDH / Metro ETH

Tráfego Switch Cisco
Tráfego do
do PONTA 1
Cliente
Cliente
HE
DIST PE
DSLAM
DSLAM =
= RIN
RIN
SVLAN 2601
SVLAN 2601
MPLS
Layer 2 VPN
HE
Cisco
ARD Switch
Tagged Y DSLAM
ou Untagged
EDD
CIR 50% HE
Porta 15 SDH / Metro ETH PE

DIST
Tráfego SVLAN
SVLAN 2608
Tráfego do
do PONTA 2 2608
VLAN 2050
2050
Cliente VLAN
Cliente
DSLAM
DSLAM =
= RIN
RIN SVLAN (2608)
SVLAN (2608)
Vlan
Vlan Serviço
Serviço 2050
2050 SVLAN
SVLAN 2608
2608
Vlan Serviço 2050
Tráfego do
Cliente Tráfego do
Cliente
E-LINE (VPN L2)
Topologia
SVLAN (2601)
SVLAN (2601)
Vlan
Vlan Serviço
Serviço 2000
2000
Vlan
Vlan do
do Cliente
Cliente Vlan Serviço 2000
Ponta
Ponta A
A 2000
2000 Tráfego do
Tráfego do
Cliente Insere
Insere Cliente
Vlan
Vlan 2601
2601
Tagged X SVLAN
SVLAN 2601
2601 SVLAN
SVLAN 2608
2608
ou Untagged ARD VLAN 2000
VLAN 2000 VLAN 2050
VLAN 2050
EDD DSLAM
Porta 13 HE
SDH / Metro ETH

Tráfego Switch Cisco
Tráfego do
do PONTA A
Cliente
Cliente
HE
Insere
Insere DIST PE
DSLAM
DSLAM =
= RIN
RIN
Vlan
Vlan 2000
2000 SVLAN 2601
SVLAN 2601
MPLS
Layer 2 VPN
HE
Remove
Remove
Remove
Remove
Cisco
Vlan 2608
Vlan 2608 ARD Switch
Vlan
Vlan 2050
2050
Tagged Y DSLAM
ou Untagged
EDD
CIR 50% HE
Porta 15 SDH / Metro ETH PE

DIST
Tráfego SVLAN
SVLAN 2608
Tráfego do
do PONTA B 2608
VLAN 2050
2050
Cliente VLAN
Cliente
DSLAM
DSLAM =
= RIN
RIN SVLAN (2608)
SVLAN (2608)
Vlan
Vlan Serviço
Serviço 2050
2050 SVLAN
Vlan
Vlan do
do Cliente
Cliente SVLAN 2608
2608
Vlan Serviço 2050
Ponta B
Ponta B 2050
2050 Tráfego do
Cliente Tráfego do
Cliente
E-LINE (VPN L2)
EPL x EVPL x Contingência
E-LINE (VPN L2)
Cisco ME3400
Gi0/1 Gi0/3 Gi0/4

LAN
Cliente
FO FO
principal contingencia
DSLAM-A DSLAM-B
Rede
GVT
E-LINE (VPN L2)
Configuração
service unsupported-transceiver
no errdisable detect cause gbic-invalid
sdm prefer layer-2
username admin privilege 15 password Gvt!#QE@enilE
clock timezone GMT -3

clock summer-time GMT recurring
system mtu routing 1998

no ip domain-lookup
E-LINE (VPN L2)
Configuração Interfaces
interface GigabitEthernet0/1 interface GigabitEthernet0/3

description LAN_CLIENTE description WAN_GVT_PRINC
switchport access vlan 2001 (*) port-type nni
switchport mode dot1q-tunnel (*) switchport trunk allowed vlan 708,2001
load-interval 30 switchport mode trunk
speed 1000 (**) load-interval 30
duplex full (**) no shutdown
media-type rj45 (**)
storm-control broadcast level 0.50
l2protocol-tunnel cdp (*** só para EPL) interface GigabitEthernet0/4
l2protocol-tunnel stp (*** só para EPL) description WAN_GVT_CONTING
l2protocol-tunnel vtp (*** só para EPL) port-type nni
no shutdown switchport trunk allowed vlan 710,2001
switchport mode trunk
interface GigabitEthernet0/2 load-interval 30
description LAN_INATIVA no shutdown
shutdown
interface FastEthernet0
description SEM_USO
no ip address G0/3
no ip route-cache Cliente GVT
shutdown G0/1
G0/4
E-LINE (VPN L2)
VLANs e Gerencia
interface Vlan708
vlan 708
description MGMT_EDD
name MGMT_EDD
ip address 10.141.3.129 255.255.255.0
no ip route-cache
vlan 710
name MGMT_EDDBACKUP
interface Vlan710
description MGMT_EDDBACKUP
vlan 2001
ip address 10.141.2.65 255.255.255.0
name EVC1
no ip route-cache
class-map match-all MGMT_EDDBACKUP
interface Vlan2001
match vlan 710
description VLAN_SERVICO
class-map match-all MGMT_EDD
ip address 25.25.25.1 255.255.255.0 (Remoto)
match vlan 708
ip address 25.25.25.2 255.255.255.0 (Principal)
no ip route-cache
ip default-gateway 10.141.3.254
E-LINE (VPN L2)
Gerencia X Contingência
ip default-gateway 10.141.3.254 (se Interf G0/3 UP) muda via EVENTO

ip default-gateway 10.141.2.254 (se Interf G0/3 DOWN) muda via EVENTO
event manager applet MGMT_via_g0/3

event syslog pattern "Interface GigabitEthernet0/3, changed state to up"
action 1.0 cli command "enable"
action 1.1 cli command "conf t"
action 1.2 cli command "ip default-gateway 10.141.3.254"
action 1.3 cli command "clear arp-cache"
action 1.4 cli command "wr"
event manager applet MGMT_via_g0/4
event syslog pattern "Interface GigabitEthernet0/3, changed state to down"
action 1.0 cli command "enable"
action 1.1 cli command "conf t"
action 1.2 cli command "ip default-gateway 10.141.2.254"
action 1.3 cli command "clear arp-cache"
action 1.4 cli command "wr"
principal
G0/3 VLAN 708

GVT
contingência
G0/4
VLAN 710
E-LINE (VPN L2)
Spanning-tree
spanning-tree mode rapid-pvst

spanning-tree extend system-id
spanning-tree vlan 2001 root primary
(somente na ponta concentradora)
CONCENTRADOR (root):
Interface Role Sts Cost Prio.Nbr Type

------------------- ---- --- --------- -------- ----------------
Gi0/3 Desg FWD 4 128.3 P2p
G0/3 G0/3 REM
REM
CONC
CONC Gi0/4 Desg FWD 4 128.4 P2p
G0/4 G0/4
REMOTO:
Bloqueada
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- -----------------
Gi0/3 Root FWD 4 128.3 P2p
Gi0/4 Alt BLK 4 128.4 P2p
E-LINE (VPN L2)
Monitoramento
- Principal e Remoto
ip sla responder
snmp-server community gvt25gvt RW

snmp-server community T3lsinCRW RW
snmp-server community T3lsinCRO RO
- Remoto
ip sla 2525
udp-jitter 25.25.25.2 2525 num-packets 50 interval 3000
timeout 1000
frequency 240
ip sla schedule 2525 life forever start-time now
ip sla enable reaction-alerts
logging trap debugging

cpu traffic qos cos 5
snmp-server community gvt25gvt RW
snmp-server community T3lsinCRW RW
snmp-server community T3lsinCRO RO
E-LINE (VPN L2)
QoS e Shape
Classificação Tráfego Input
class-map match-any DIAMOND policy-map INPUT-CLIENT
match cos 5 class EVC1
class-map match-any GOLD service-policy INPUT-QOS
match cos 3
class-map match-any SILVER class-map match-any EVC1
match cos 2 match vlan 2001
class-map match-any BE
match cos 1 policy-map INPUT-QOS Com QoS
class DIAMOND
police cir 5000000
Tráfego Output exceed-action drop
violate-action drop
policy-map OUTPUT-CLIENT class GOLD
class class-default police cir 12500000
shape average 50000000 conform-action transmit
service-policy OUTPUT-AGG
exceed-action set-cos-transmit 1
violate-action set-cos-transmit 1
class SILVER
policy-map OUTPUT-AGG Com QoS police cir 12500000
class DIAMOND conform-action transmit
priority exceed-action set-cos-transmit 1
police cir 5000000 violate-action set-cos-transmit 1
conform-action transmit class class-default
exceed-action drop police cir 20000000
violate-action drop conform-action transmit
class GOLD exceed-action set-cos-transmit 1
shape average 12500000 violate-action set-cos-transmit 1
class SILVER
policy-map INPUT-QOS Sem QoS
class class-default
set cos 1
E-LINE (VPN L2)
QoS
Aplicação nas Interfaces
interface GigabitEthernet0/1
description LAN_CLIENTE
service-policy input INPUT-CLIENT
description WAN_GVT_PRINC
service-policy output OUTPUT-CLIENT
description WAN_GVT_CONTING
service-policy output OUTPUT-CLIENT
PACOTES QoS (VAS): por circuito fim a fim

•Fila Diamond SEMPRE limitada 5 Mbps por EVC
(para todas as opções de pacotes de QoS)

Dados - Treinamento

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Dados - Treinamento

Enviado por

Direitos autorais:

Formatos disponíveis

Configuração de Circuito de

Rafael Colli Gonçalves

Routers , Switches e Conversores de Mídia

Barra de espaço (entrar no setup)

Barra de espaço (entrar no setup)

(vai reiniciar e pedir uma nova senha)

Alterar a senha e salvar as configurações

NÃO PASSAR PARA O CLIENTE

SET SYSTEM USER0 PASS XXXXXXXX

WAN (Wide Area Network)

- Conexão entre GVT e Router no cliente (normalmente /30)

LAN (Local Area Network)

- Conexão com a rede do cliente

enable secret XXXXXX

no ip redirects Indica melhor rota na mesma rede

show running-config (mostra toda configuração do router)

interface serial0/0/0.16 point-to-point

ip route 0.0.0.0 0.0.0.0 189.58.139.45

CONFIG PURGE ALL

SET SYSTEM HOSTNAME NOME_DO_CLIENTE_DESIG

SET LAN LAN0 PURGE

SET ROUTES PURGE

SET SYSTEM USER0 PASS SENHA_PADRÃO

Trunk / Tagged – Pode passar várias VLANs

Sempre configurar a porta WAN do router como Trunk / Tagged

- Pode usar mais de um serviço na mesma porta

ip route 0.0.0.0 0.0.0.0 201.47.1.241

Clear count (apaga os contadores)

SET LAN LAN0 PURGE

SET LAN LAN1 PURGE

SET ROUTES PURGE

SET SYSTEM USER0 PASS SENHA_PADRÃO

- Comando de visualização das interfaces

DUMP LAN ALL (mostra a configuração das interfaces lan)

SET LAN LAN0 MODE 100FD

SET LAN LAN0 PURGE

ip dhcp pool NOME

ip dhcp excluded-address 10.0.0.1 10.0.0.10

snmp-server community public RO

access-list 50 permit 172.18.2.115 0.0.0.0

Obs: O cliente pode definir outra community no lugar de public

interface Serial0/0/0.16 point-to-point

ip nat inside source list 7 interface Serial0/0/0.16 overload

DLCI 16 (Dados) VRF ipinet

class-map match-any EF ...

class-map match-any Diamond

interface Serial0/0/0.16 point-to-point

- Data: Não tem padrão

VPN MPLS Prime

- Data: Não tem de priorização

- Classificação por protocolo: IP, TCP, UDP, ICMP e etc.

Classe de serviço DSCP Queue Type Prioridade PVC Passport

VPN MPLS Layer 3 Cisco a fila Gold deve usar AF21

Max 50% Max 50% Max 50% Max 50%

25% para Diamond Silver Diamond 100% BE Diamont Diamont Max

Diamont Gold Silver Bronze Best-Effort

Limitado Limitado Limitado Limitado Limitado Limitado

100% em Diamond Best-Effort Diamond Utilização Diamont Diamont

Diamont Gold Silver Bronze Best-Effort

class-map match-any AF31

ip access-list extended acl-AF31

- Mapeamento por interface física

- Mapeamento por protocolo (endereço IP, porta TCP, etc.)