Datos Generales

Nombre: Plantilla ruteadores nuevos sitio “NAME”

Versión: 2.2 (Se modifico version IOS-XE de ASR903)
Descripción: Plantilla de configuración para ruteadores IPBH Cisco ASR920 nuevos en R9.
Fecha: 03-Junio-2017
Autores Plantilla General: Sergio Kleiman, Paulo Ramsis, Rubén Nava, Getronics.
Modificacion plantilla especifica:Getronics

Código de Colores
CODIGO Llenado con informacion del documento “IPBH DF-Datafill” Corrspondiente
Pass_BGP_AS Backhaul + <Local_BGP_AS>, ej. Backhaul64542

Imagenes de SO homologadas
ASR903: asr900rsp2-universalk9_npe.03.18.03.SP.156-2.SP3-ext.bin
https://software.cisco.com/download/release.html?mdfid=284790128&softwareid=282046477&release=3.16.5S&relind=AVAILABLE&rellifecycle=MD&reltype=latest

ASR920: asr920-universalk9_npe.03.18.02.SP.156-2.SP2-ext.bin
https://software.cisco.com/download/release.html?mdfid=286288701&flowid=75443&softwareid=282046477&release=3.16.6S&relind=AVAILABLE&rellifecycle=ED&reltype=latest

Configuración estándar
!
! Servicios Generales
!
no service pad
no service dhcp
service nagle
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service linenumber
service sequence-numbers
!
archive
log config
logging enable
path bootflash:config_$h$t

!
! Servicios IP
!
no ip bootp server
no ip source-route
no ip http server
no ip http secure-server
ip classless
ip subnet-zero
ip cef distributed
ip spd mode aggressive
!
ip domain-lookup
ip domain-name datos.temm
ip name-server 10.15.19.113
ip name-server 10.15.30.113
!
ip tftp source-interface Loopback0
!
mpls label protocol ldp
no mpls ip propagate-ttl forwarded
mpls ldp password required
mpls ldp igp sync holddown 60000
mpls ldp discovery targeted-hello accept!
!
! Logging
!
no logging console
no logging monitor
logging trap notifications
logging snmp-authfail
logging buffered 32768 debugging
logging rate-limit all 1000
logging history size 30
logging 10.223.21.4
logging 10.223.21.7
logging 10.223.21.33
logging 10.223.21.34
!
! Hora
!
clock timezone CST -6 0
clock summer-time CDT recurring 1 Sunday April 2:00 last Sunday October 2:00
ntp logging
!
! SNMP
!
access-list 95 remark LISTA DE ACCESO PARA COMUNIDAD CndsR0
access-list 95 permit 10.15.16.102 ! CNC Server
access-list 95 permit 10.223.21.13 ! CPPM
!
access-list 96 remark LISTA DE ACCESO PARA COMUNIDAD TeMIP_PRO
access-list 96 permit 10.15.19.113 ! DNS1
access-list 96 permit 10.15.30.113 ! DNS2
access-list 96 permit 10.223.21.11 ! DNSX
!
access-list 98 remark LISTA DE ACCESO PARA COMUNIDAD OSS_CISCO_PRIME
access-list 98 permit 10.223.21.0 0.0.0.255
access-list 98 permit 10.223.224.0 0.0.0.255
!
snmp-server community Cndsr0 RO 95
snmp-server community TeMIP_PRO RO 96
snmp-server community OSS_CISCO_PRIME RW 98
snmp-server ifindex persist
snmp-server trap-source Loopback0
snmp-server enable traps
snmp-server host 10.223.21.4 OSS_CISCO_PRIME !CPN Unit
snmp-server host 10.223.21.7 OSS_CISCO_PRIME !CPLMS
snmp-server host 10.223.21.33 OSS_CISCO_PRIME !CPPM
snmp-server host 10.223.21.34 OSS_CISCO_PRIME !CPPM
!
process cpu threshold type total rising 80 interval 5
!
! Acceso al equipo
!
username soporte privilege 15 secret cisco
username operacion privilege 15 secret cisco
enable secret cisco
!
! SSH
!
ip ssh rsa keypair-name SSH-ACCESS
crypto key generate rsa usage-keys label SSH-ACCESS modulus 1024
ip ssh version 2
!
aaa new-model
!
tacacs server tacacs1
address 10.15.10.28
key 0 t4c4cs.R7r
tacacs server tacacs2
address 10.15.30.28
key 0 t4c4cs.R7r
!
no tacacs-server directed-request
!
access-list 94 remark LISTA DE ACCESO PARA TELNET A VTYS
access-list 94 permit 10.15.16.100 ! SP Guru
access-list 94 permit 10.15.16.102 ! CNC
access-list 94 permit 10.15.10.99 ! SS Presa
access-list 94 permit 10.15.10.100 ! SS Presa
access-list 94 permit 10.15.10.101 ! SS Presa
access-list 94 permit 192.168.228.18 ! SS Torre
access-list 94 permit 192.168.228.19 ! SS Torre
access-list 94 permit 192.168.228.20 ! SS Torre
access-list 94 permit 10.225.173.212 ! SS Proveedores
access-list 94 permit 10.225.173.213 ! SS Proveedores
access-list 94 permit 10.225.173.214 ! SS Proveedores
access-list 94 permit 10.15.30.70 ! Boveda GDL
access-list 94 permit 10.225.173.198 ! Boveda Torre
access-list 94 permit 10.225.173.200 ! Control Seguridad
access-list 94 permit 10.225.173.235 ! Control Seguridad
access-list 94 permit 10.223.21.0 0.0.0.255 !Subred de gestión MTY
access-list 94 permit 10.223.224.0 0.0.0.255 !Subred de gestión MIX

!
line con 0
logging synchronous
login local
transport output ssh telnet
stopbits 1
!
line aux 0
no exec-timeout 0 1
transport input none
transport output none
no password
!
line vty 0 4
login local
transport pref ssh
transport input ssh
transport output ssh telnet
!
line vty 5 10
transport pref ssh
transport input ssh
transport output ssh telnet
!
!
Configuración variable
======================
!
! Hostname
!
hostname XXXX
!
! Interfaces Lógicas
!
interface Loopback0
description INTERFAZ DE GESTION
ip address LOOPBACK0LOCAL 255.255.255.255
no shutdown
!
interface Loopback 152
description INTERFAZ DE RUTEO
ip address LOOPBACK152LOCAL 255.255.255.255
no shutdown
!
! MPLS
!
mpls ldp password fallback BackhaulAS
mpls ldp router-id Loopback152 force
!
! SNMP
!
logging source-interface Loopback0
snmp-server chassis-id !NUMERO_DE_SERIE|NUMERO_DE_PLACA (dejar en blanco si no hay placa)
snmp-server location COORDENADAS
ip tacacs source-interface Loopback0
!
! NTP
!
ntp logging
ntp source Loopback152
ntp update-calendar
ntp server LOOPBACK152GWD1 version 3
ntp server LOOPBACK152GWD2 version 3
!
! Route Maps de Red
!
ip community-list standard Local_Communities permit AS:COMMUNITY_DEL_ANILLO
ip community-list standard Local_Communities permit AS:COMMUNITY_DEL_ANILLO
ip community-list standard Local_Communities permit AS:COMMUNITY_DEL_ANILLO
ip community-list standard Local_Communities permit AS:1994
ip community-list standard Local_Communities permit AS:1993

ip community-list standard LTE permit 7438:1990

ip community-list standard LTE permit 7438:1991
ip community-list standard LTE permit 7438:1992
!
route-map Inbound_Filter permit 10
match community Local_Communities
!
route-map Inbound_Filter permit 20
match community LTE
!
route-map Inbound_Filter deny 50
!
route-map GWT_Community permit 10
set community 7438:1989 AS:COMMUNITY_CLUSTER
!
route-map GWT_Community_OAM permit 10
 set community AS:1993
!
! IS-IS Routing
!
key chain ISIS
key 1
key-string BackhaulAS
!
router isis
net 39.484f.0000.0001.0000.0001.0000.0102.1001.6136.00
is-type level-1
ispf level-1
metric-style wide
fast-flood
set-overload-bit on-startup wait-for-bgp
max-lsp-lifetime 65535
lsp-refresh-interval 65000
spf-interval 5 50 200
prc-interval 5 50 200
lsp-gen-interval 5 5 200
no hello padding
log-adjacency-changes
passive-interface Loopback152
bfd all-interfaces
!
! BGP Routing
!
key chain mhop-key
key 0
key-string BackhaulAS
!
bfd map ipv4 LOOPBACK152GWD1/32 LOOPBACK152LOCAL/32 MBFD1
bfd map ipv4 LOOPBACK152GWD2/32 LOOPBACK152LOCAL/32 MBFD1
!
bfd-template multi-hop MBFD1
interval min-tx 250 min-rx 250 multiplier 3
authentication sha-1 keychain mhop-key
!
bfd-template multi-hop MBFD2
interval min-tx 250 min-rx 250 multiplier 5
authentication sha-1 keychain mhop-key
!
router bgp AS
bgp router-id LOOPBACK152LOCAL
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor GWD peer-group
neighbor GWD remote-as AS
neighbor GWD password BackhaulAS
neighbor GWD update-source Loopback152
neighbor LOOPBACK152GWD1 peer-group GWD
neighbor LOOPBACK152GWD1 fall-over bfd
neighbor LOOPBACK152GWD2 peer-group GWD
neighbor LOOPBACK152GWD2 fall-over bfd
!
address-family ipv4
bgp additional-paths install
bgp nexthop trigger delay 1
network LOOPBACK0LOCAL mask 255.255.255.255 route-map GWT_Community_OAM
network LOOPBACK152LOCAL mask 255.255.255.255 route-map GWT_Community
neighbor GWD send-community
neighbor GWD next-hop-self
neighbor GWD route-map Inbound_Filter in
 neighbor GWD send-label
neighbor LOOPBACK152GWD1 activate
neighbor LOOPBACK152GWD2 activate
exit-address-family
!
address-family vpnv4
bgp additional-paths install
bgp nexthop trigger delay 1
neighbor GWD send-community extended
neighbor GWD next-hop-self
neighbor LOOPBACK152GWD1 activate
neighbor LOOPBACK152GWD2 activate
exit-address-family
!
address-family rtfilter unicast
neighbor GWD send-community extended
neighbor LOOPBACK152GWD1 activate
neighbor LOOPBACK152GWD2 activate
exit-address-family
!
ip bgp-community new-format
!
!
!
! Interfaces Fisicas
!
! Interfaces WAN Opticas
!
interface GigabitEthernet0/0/0
description TEMM|IPBH|CLUSTER|NEIGBORN|MAN|CODIGO||Por_Definir|
ip address IP 255.255.255.254
isis metric METRICA level-1
mtu 9216
ip router isis
load-interval 30
carrier-delay msec 50
mpls ip
mpls label protocol ldp
bfd interval 250 min_rx 250 multiplier 3
isis circuit-type level-1
isis network point-to-point
isis authentication mode md5
isis authentication key-chain ISIS
isis bfd
negotiation auto
cdp enable
no ip redirects
no shutdown
!
interface GigabitEthernet0/0/1
description TEMM|IPBH|CLUSTER|NEIGBORN|MAN|CODIGO||Por_Definir|
ip address IP 255.255.255.254
isis metric METRICA level-1
mtu 9216
ip router isis
load-interval 30
carrier-delay msec 50
mpls ip
mpls label protocol ldp
bfd interval 250 min_rx 250 multiplier 3
isis circuit-type level-1
isis network point-to-point
isis authentication mode md5
 isis authentication key-chain ISIS
isis bfd
negotiation auto
cdp enable
no ip redirects
no shutdown
!
! Interfaces WAN MW
!
interface GigabitEthernet0/0/10
description TEMM|IPBH|CLUSTER|NEIGBORN|MAN|CODIGO||Por_Definir|
ip address IP 255.255.255.254
isis metric METRICA level-1
mtu 9216
ip router isis
load-interval 30
carrier-delay msec 50
mpls ip
mpls label protocol ldp
bfd interval 250 min_rx 250 multiplier 5
isis circuit-type level-1
isis network point-to-point
isis authentication mode md5
isis authentication key-chain ISIS
isis bfd
negotiation auto
cdp enable
no ip redirects
no shutdown
!
interface GigabitEthernet0/0/11
description TEMM|IPBH|CLUSTER|NEIGBORN|MAN|CODIGO||Por_Definir|
ip address IP 255.255.255.254
isis metric METRICA level-1
mtu 9216
ip router isis
load-interval 30
carrier-delay msec 50
mpls ip
mpls label protocol ldp
bfd interval 250 min_rx 250 multiplier 5
isis circuit-type level-1
isis network point-to-point
isis authentication mode md5
isis authentication key-chain ISIS
isis bfd
negotiation auto
cdp enable
no ip redirects
no shutdown
!
! SERVICIOS
!
route-map Add_LTE_EPC_Cmnty permit 10
set extcommunity rt 7438:1638 7438:1996 additive
!
route-map UMTS permit 10
set extcommunity rt 7438:2000701 additive
!
route-map Iub_RBS_RNC permit 10
set extcommunity rt 7438:200601 additive
!
vrf definition VPNLTE
rd 7438:1638
!
address-family ipv4
export map Add_LTE_EPC_Cmnty
route-target export 64515:1986
route-target export 64515:1987
route-target import 64515:1986
route-target import 7438:1997
route-target import 64515:1987
exit-address-family
!
vrf definition VPNUMTS
rd 7438:2000701
!
address-family ipv4
export map UMTS
route-target export 7438:1980
route-target export 64515:1979
route-target import 64515:1979
route-target import 7438:1979
exit-address-family
!
vrf definition VPN_Iub_RBS_RNC
rd 7438:200601
!
address-family ipv4
export map Iub_RBS_RNC
route-target export 7438:1978
route-target export 64515:1977
route-target import 64515:1977
route-target import 7438:1977
exit-address-family
!
router bgp AS
!
address-family ipv4 vrf VPNLTE
redistribute connected
redistribute static
exit-address-family
!
address-family ipv4 vrf VPNUMTS
redistribute connected
redistribute static
exit-address-family
!
address-family ipv4 vrf VPN_Iub_RBS_RNC
redistribute connected
redistribute static
exit-address-family
!