文档建议反馈控制台
首页
学习
活动
专区
工具
TVP
最新优惠活动
文章/答案/技术大牛
发布
精选内容/技术社群/优惠产品,尽在小程序
立即前往

网络答疑:拨号服务器是如何配置的?脚本实例

文章来源:企鹅号 - 雁过无声song

聚焦网络实战经验,专注网络实用技术,"雁过无声song"来啦!

一代经典华为5200G配置实例,可以通过运营商级别的配置来了解拨号服务器的“故事”,增加对pppoe的理解。

#设置服务器的名称

sysname XJMY_5200G

#超级密码

super password level 3 cipher SS2>`1=+(WS=+34

#日志服务器

info-center loghost source LoopBack0

info-center loghost 10.215.14.12

info-center loghost 10.215.14.61

info-center loghost 10.215.14.101

#

undo icmp-reply fast

#

memory warning 50 holding 45 limit 40 safety 55

#管理地址

router id 14.15.100.3

#

user-group web

#VPN配置

ip vpn-instance jnwater

description XXX-MPLS-vpn

route-distinguisher 4837:189

vpn-target 4837:189 export-extcommunity

vpn-target 4837:189 import-extcommunity

#

ip vpn-instance cpicsd

description XXXXX-XJ

route-distinguisher 4837:156

vpn-target 4837:156 export-extcommunity

vpn-target 4837:156 import-extcommunity

……省略N多……

#认证服务器设置

radius-server source interface LoopBack0

radius-server group radius

radius-server authentication 10.21.47.162 1645 weight 0

radius-server authentication 10.12.193.16 1645 weight 0

radius-server accounting 10.21.47.162 1646 weight 0

radius-server accounting 10.29.19.2 1646 weight 0

radius-server shared-key 88----89

radius-server class-as-car

radius-server attribute translate

undo radius-server user-name domain-included

#

radius-server group vprn

radius-server authentication 10.21.47.162 1645 weight 0

radius-server authentication 10.12.193.16 1645 weight 0

radius-server accounting 10.21.47.162 1646 weight 0

radius-server accounting 10.29.19.2 1646 weight 0

radius-server shared-key 88----89

radius-server class-as-car

radius-server attribute translate

#

radius-server group xjxjk

#VPN地址池

ip pool vpn11 local

vpn-instance vpn11

gateway 10.10.13.1 255.255.255.0

section 0 10.10.13.2 10.10.13.254

dns-server 114.114.115.115

dns-server 114.114.114.114 secondary

#

ip pool vpn26 local

vpn-instance vpn26

gateway 10.10.14.1 255.255.255.0

section 0 10.10.14.2 10.10.14.254

#

ip pool vpn29 local

vpn-instance vpn29

gateway 10.10.200.1 255.255.252.0

section 0 10.10.200.2 10.10.203.254

conflict-ip-address 10.10.200.10

conflict-ip-address 10.10.200.11

conflict-ip-address 10.10.200.12

conflict-ip-address 10.10.200.13

conflict-ip-address 10.10.200.14

conflict-ip-address 10.10.200.15

conflict-ip-address 10.10.200.16

conflict-ip-address 10.10.200.17

conflict-ip-address 10.10.200.18

conflict-ip-address 10.10.200.62

conflict-ip-address 10.10.200.99

conflict-ip-address 10.10.200.100

#

ip pool xjgzj local

vpn-instance xjgzj

gateway 192.168.101.1 255.255.255.0

section 0 192.168.101.2 192.168.101.254

#配置MPLS

mpls lsr-id 211.13.191.22

mpls

mpls l2vpn

#

vsi XJliu static

pwsignal ldp

vsi-id 10

peer 211.13.199.44

#

vsi likoosss static

pwsignal ldp

vsi-id 20

peer 211.13.199.4

peer 211.13.199.5

#

mpls ldp

#

mpls ldp remote-peer xj222bas

remote-ip 211.13.199.6

undo remote-ip pwe3

#

mpls ldp remote-peer likbas

remote-ip 211.13.199.7

undo remote-ip pwe3

#配置控制ACL

acl number 2999

rule 0 permit source 11.16.25.13 0.0.0.7

rule 1 permit source 10.13.44.0 0.0.0.15

rule 2 permit source 21.17.98.0 0.0.0.15

rule 3 permit source 21.57.16.0 0.0.0.31

rule 4 permit source 22.22.16.55 0

#

acl number 3001

rule 5 permit tcp destination-port eq www

rule 10 permit tcp destination-port eq 8080

#

acl number 6001

rule 5 deny tcp destination user-group web destination-port eq www

rule 10 deny tcp destination user-group web destination-port eq 8080

#

traffic classifier y-web operator or

if-match acl 3002

traffic classifier n-web operator or

if-match acl 3001

traffic classifier no-web operator or

if-match acl 6001

#

traffic behavior permit

traffic behavior deny

deny

#

traffic policy _remote-defined-policy

traffic policy web-user

classifier no-web behavior deny

traffic policy web-net

classifier y-web behavior permit

classifier n-web behavior deny

traffic-policy web-user outbound

#

diffserv domain default

#

interface Aux0/0/1

#

interface Ethernet0/0/0

shutdown

#

interface Virtual-Template1

ppp authentication-mode pap

#

interface GigabitEthernet1/0/0

description TO-S1-9312

eth-trunk 1

#

interface GigabitEthernet1/0/1

description TO-S2-9306

eth-trunk 1

#

interface GigabitEthernet2/0/0

ip address 10.10.10.1 255.255.255.252

traffic-policy web-net inbound

mpls

mpls ldp

negotiation auto

#

interface GigabitEthernet2/0/1

description XJ2900-ZZJ

ip address 10.10.100.5 255.255.255.252

traffic-policy web-net inbound

mpls

mpls ldp

negotiation auto

#配置Q-in-Q VLAN

interface GigabitEthernet7/0/1.2

pppoe-server bind Virtual-Template 1

user-vlan 3000 3799 qinq-vlan 3020

user-vlan 3000 3799 qinq-vlan 3021

user-vlan 3000 3799 qinq-vlan 3022

user-vlan 3000 3799 qinq-vlan 3023

user-vlan 3000 3799 qinq-vlan 3024

user-vlan 3000 3799 qinq-vlan 3025

user-vlan 3000 3799 qinq-vlan 3026

user-vlan 3000 3799 qinq-vlan 3027

user-vlan 3000 3799 qinq-vlan 3028

user-vlan 3000 3799 qinq-vlan 3029

user-vlan 3000 3799 qinq-vlan 3030

user-vlan 3000 3799 qinq-vlan 3031

user-vlan 3000 3799 qinq-vlan 3032

user-vlan 3000 3799 qinq-vlan 3033

user-vlan 3000 3799 qinq-vlan 3034

user-vlan 3000 3799 qinq-vlan 3035

user-vlan 3000 3799 qinq-vlan 3306

user-vlan 3000 3799 qinq-vlan 3307

user-vlan 3000 3799 qinq-vlan 3308

user-vlan 3000 3799 qinq-vlan 3309

bas

access-type layer2-subscriber default-domain authentication e

#

interface GigabitEthernet7/0/1.300

vlan-type dot1q 300

ip address 10.10.100.13 255.255.255.252

#

interface NULL0

#配置Loopback管理IP

interface LoopBack0

ip address 10.10.10.10 255.255.255.255

#

bgp 65031

group likoo internal

peer likoo connect-interface LoopBack0

peer 10.100.10.100 as-number 65031

peer 10.100.10.100 group likoo

peer 10.100.10.100 as-number 65031

peer 10.100.10.100 group likoo

#

ipv4-family unicast

undo synchronization

undo peer likoo enable

undo peer 10.100.10.100 enable

undo peer 10.100.10.100 enable

#

scheduler-profile 100m

car cir 102400 pir 102400 cbs 256000 pbs 256000 upstream

car cir 102400 pir 102400 cbs 256000 pbs 256000 downstream

#

scheduler-profile 2mup

car cir 2048 pir 2048 cbs 256000 pbs 256000 upstream

car cir 2048 pir 2048 cbs 256000 pbs 256000 downstream

#

qos-profile 100m

scheduler-profile 100m

#

qos-profile 2mup

scheduler-profile 2mup

#

qos-profile default

#

dot1x-template 1

#

aaa

authentication-scheme adsl

authentication-scheme huawei

authentication-mode local

accounting-scheme adsl

accounting-scheme huawei

accounting-mode none

domain default0

flow-statistic up

flow-statistic down

user-priority upstream 0

user-priority downstream 0

domain default1

flow-statistic up

flow-statistic down

user-priority upstream 0

user-priority downstream 0

domain default_admin

flow-statistic up

flow-statistic down

user-priority upstream 0

user-priority downstream 0

domain lyzy

authentication-scheme default0

accounting-scheme default0

flow-statistic up

flow-statistic down

user-priority upstream 0

user-priority downstream 0

l2tp-group 16

domain ncljn

authentication-scheme default0

accounting-scheme default0

flow-statistic up

flow-statistic down

user-priority upstream 0

user-priority downstream 0

l2tp-group ncljn

#

access-type layer2-subscriber default-domain authentication e

#

interface Eth-Trunk3.30

#

interface Eth-Trunk3.400

vlan-type dot1q 400

ip address 18.57.17.17 255.255.255.252

#

interface Eth-Trunk3.1634

vlan-type dot1q 1634

description Xxxxxxxxxxxxxxxxx

ip binding vpn-instance lytcjt

ip address 192.168.1.1 255.255.255.0

#

interface Eth-Trunk3.1666

vlan-type dot1q 1666

description Xxxxx

ip binding vpn-instance Xxxxx

ip address 192.168.5.1 255.255.255.0

#

interface Eth-Trunk6

#

interface Eth-Trunk6.1

pppoe-server bind Virtual-Template 1

user-vlan 3000 3799 qinq-vlan 3100

user-vlan 3000 3799 qinq-vlan 3101

user-vlan 3000 3799 qinq-vlan 3102

user-vlan 3000 3799 qinq-vlan 3103

user-vlan 3000 3799 qinq-vlan 3104

user-vlan 3000 3799 qinq-vlan 3105

user-vlan 3000 3799 qinq-vlan 3106

user-vlan 3000 3799 qinq-vlan 3107

user-vlan 3000 3799 qinq-vlan 3108

user-vlan 3000 3799 qinq-vlan 3109

user-vlan 3000 3799 qinq-vlan 3110

user-vlan 3000 3799 qinq-vlan 3111

user-vlan 3000 3799 qinq-vlan 3112

user-vlan 3000 3799 qinq-vlan 3113

user-vlan 3000 3799 qinq-vlan 3114

user-vlan 3000 3799 qinq-vlan 3115

user-vlan 3000 3799 qinq-vlan 3116

user-vlan 3000 3799 qinq-vlan 3117

user-vlan 3000 3799 qinq-vlan 3118

#

interface Eth-Trunk6.1724

vlan-type dot1q 1724

description XXXXXXX-vprn

ip binding vpn-instance vpn35

ip address 10.10.10.1 255.255.255.0

#

ospf 1

import-route direct

import-route unr

silent-interface LoopBack0

area 0.0.0.0

network 172.10.10.10 0.0.0.0

network 172.1.10.1 0.0.0.3

network 175.10.10.1 0.0.0.3

#

snmp-agent

snmp-agent local-engineid 800007DB000FE2317788995434

snmp-agent community read pubilc

snmp-agent community read public

snmp-agent community write public

snmp-agent sys-info location BeiJing China

snmp-agent sys-info version all

snmp-agent trap enable ospf 1

snmp-agent trap enable bgp

snmp-agent trap enable lsp

snmp-agent trap enable configuration

snmp-agent trap enable system

snmp-agent trap enable standard

snmp-agent trap source LoopBack0

#

command-privilege level 1 view system display current-configuration

command-privilege level 1 view system display

#

user-interface con 0

user-interface aux 0

user-interface vty 0 4

acl 2000 inbound

user privilege level 1

set authentication password cipher HD8P=@KH09'Q= HD8P=@^Q`MAF4

#

ancp

neighbor-profile default-neighbor

#

return

  • 发表于:
  • 原文链接https://kuaibao.qq.com/s/20181210A1BGZY00?refer=cp_1026
  • 腾讯「腾讯云开发者社区」是腾讯内容开放平台帐号(企鹅号)传播渠道之一,根据《腾讯内容开放平台服务协议》转载发布内容。
  • 如有侵权,请联系 cloudcommunity@tencent.com 删除。

相关快讯

扫码

添加站长 进交流群

领取专属 10元无门槛券

私享最新 技术干货

扫码加入开发者社群

腾讯云开发者

扫码关注腾讯云开发者

扫码关注腾讯云开发者

领取腾讯云代金券

热门产品

热门推荐

更多推荐

Copyright © 2013 - 2024 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有

深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 深公网安备号 44030502008569

腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号 | 京公网安备号11010802020287

领券