Scribd
Upload
41 views8 pages

Template Nip Vpnl3 Multivrf Atn905 Scl2100er Colorado 29 - 180124

This document contains configuration settings for a Huawei A905 Street Cell MVRF device. It configures various device settings including interfaces, routing protocols, VPN instances, authentication, and more. Key settings include configuring loopback interfaces, BGP, SNMP, VPN instances for different Telcel services, and associating the VPN instances to ports.

Uploaded by

Cesar Lopez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
41 views8 pages

Template Nip Vpnl3 Multivrf Atn905 Scl2100er Colorado 29 - 180124

This document contains configuration settings for a Huawei A905 Street Cell MVRF device. It configures various device settings including interfaces, routing protocols, VPN instances, authentication, and more. Key settings include configuring loopback interfaces, BGP, SNMP, VPN instances for different Telcel services, and associating the VPN instances to ports.

Uploaded by

Cesar Lopez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 8

#HUAWEI A905 STREET CELL MVRF

#R9 SCL2100ER COLORADO 29

! hostname

system-view
sysname R09-415273R-905A-01

! Configure Loopbacks

interface Loopback 0
description for IPSYSTEM
ip address 10.75.148.177 255.255.255.255

! configuration FTP

ftp server enable


ftp client-source -i Loopback0

! configure info-center

info-center source SHELL channel 4 log level informational


info-center loghost source LoopBack0
info-center loghost 10.209.41.58
info-center loghost 10.119.164.208

! configure time

clock timezone MEX minus 06:00:00


clock daylight-saving-time MEX repeating 02:00 first Sun Apr 02:00 last Sun Oct
01:00 2015 2037

! enable bfd

bfd

! configure aaa database

aaa
local-user root password cipher Ma2!sD8#
Changeme_123
local-user root service-type ssh ftp
local-user root level 15
local-user root ftp-directory cfcard:
local-user telcel password cipher Telcel@123
local-user telcel service-type ssh ftp
local-user telcel level 15
local-user telcel ftp-directory cfcard:

! configure Wireless_In diffserv

diffserv domain Wireless_In


ip-dscp-inbound 0 phb be green
ip-dscp-inbound 8 phb af1 green
ip-dscp-inbound 18 phb af2 green
ip-dscp-inbound 26 phb ef green
ip-dscp-inbound 34 phb af3 green
ip-dscp-inbound 46 phb ef green
ip-dscp-inbound 56 phb af4 green

! configure Wireless_Out diffserv

diffserv domain Wireless_Out


8021p-outbound be green map 0
8021p-outbound af1 green map 4
8021p-outbound af2 green map 2
8021p-outbound af3 green map 3
8021p-outbound af4 green map 6
8021p-outbound ef green map 5

flow-queue Telcel_FlowQueue-L3_300
queue be wfq weight 23
queue af1 wfq weight 23
queue af2 wfq weight 23
queue af3 wfq weight 5
queue af4 wfq weight 5
queue af3 pq shaping 30000
queue ef pq shaping 60000

qos-profile Telcel_FlowQueue-L3_300
user-queue cir 300000 pir 300000 flow-queue Telcel_FlowQueue-L3_300

! configure NTP

quit
undo ntp-service server disable
ntp-service unicast-server 10.33.19.70
ntp-service unicast-server 10.40.56.70 preference

! configure BGP

bgp 65000
router-id 10.75.148.177
graceful-restart

! configure SNMP

snmp-agent
snmp-agent community write cipher Huawei_oam_IPRAN
snmp-agent sys-info version all
snmp-agent group v3 IPRAN privacy
snmp-agent target-host trap address udp-domain 10.119.155.13 source LoopBack0 vpn-
instance Telcel_IP_OAM params securityname cipher Huawei_oam_IPRAN
snmp-agent target-host trap address udp-domain 10.191.155.10 source LoopBack0
params securityname cipher Huawei_oam_IPRAN
snmp-agent target-host trap address udp-domain 10.191.155.12 source LoopBack0
params securityname cipher Huawei_oam_IPRAN
snmp-agent target-host trap address udp-domain 10.191.155.13 source LoopBack0
params securityname cipher Huawei_oam_IPRAN
snmp-agent trap enable
y
snmp-agent trap source LoopBack0
snmp-agent trap enable feature-name lldp
snmp-agent extend error-code enable
snmp-agent usm-user v3 IPRAN
snmp-agent usm-user v3 IPRAN group IPRAN
snmp-agent usm-user v3 IPRAN authentication-mode sha
TiPran!21
TiPran!21
snmp-agent usm-user v3 IPRAN privacy-mode aes128
TiPran!21
TiPran!21
snmp-agent trap source LoopBack0
snmp-agent extend error-code enable
snmp-agent trap enable
y

! configure SSH

undo ssh server compatible-ssh1x enable


stelnet server enable
ssh authentication-type default password
ssh client first-time enable

! configure user-interfaces

user-interface vty 0 4
authentication-mode aaa
user privilege level 15
protocol inbound ssh

user-interface vty 16 20
authentication-mode aaa
user privilege level 15
protocol inbound ssh

hwtacacs-server template telcel


hwtacacs-server authentication 10.119.248.18
hwtacacs-server authentication 10.211.6.237 secondary
hwtacacs-server authorization 10.119.248.18
hwtacacs-server authorization 10.211.6.237 secondary
hwtacacs-server accounting 10.119.248.18
hwtacacs-server accounting 10.211.6.237 secondary
hwtacacs-server shared-key cipher secret123
hwtacacs-server source-ip 10.171.71.93
undo hwtacacs-server user-name domain-included

aaa
authentication-scheme telcel
authentication-mode hwtacacs local

authorization-scheme telcel
authorization-mode hwtacacs local
authorization-cmd 15 hwtacacs local
accounting-scheme telcel
accounting-mode hwtacacs
accounting send-update
accounting start-fail online

!Configuración VPN FRR

system
route-policy VPN_FRR permit node 10
apply backup-nexthop auto

!Configuración de VPNs de servicios

ip vpn-instance Telcel_2G
ipv4-family
route-distinguisher 65000:11
vpn frr route-policy VPN_FRR
apply-label per-instance

ip vpn-instance Telcel_3G
ipv4-family
route-distinguisher 65000:1100
vpn frr route-policy VPN_FRR
apply-label per-instance

ip vpn-instance Telcel_CFE
ipv4-family
route-distinguisher 65000:800
vpn frr route-policy VPN_FRR
apply-label per-instance

ip vpn-instance Telcel_LTE
ipv4-family
route-distinguisher 65000:5
vpn frr route-policy VPN_FRR
apply-label per-instance

ip vpn-instance Telcel_IP_OAM
ipv4-family
route-distinguisher 65000:6
vpn frr route-policy VPN_FRR
apply-label per-instance

!Configuración de políticas de servicios

route-policy advertise_OAM permit node 10


description advertise_OAM_service_ip_to_transmission
apply community 8151:285 64800:1 8151:377 additive

route-policy advertise_2G permit node 10


description advertise_2G_service_ip_to_transmission
apply community 8151:285 8151:342 8151:379 64800:1 additive

route-policy advertise_3G permit node 10


description advertise_3G_service_ip_to_transmission
apply community 8151:285 8151:376 64800:1 additive

route-policy advertise_LTE permit node 10


description advertise_LTE_service_ip_to_transmission
apply community 8151:285 8151:375 64800:1 additive

route-policy advertise_CFE permit node 10


description advertise_CFE_service_ip_to_transmission
apply community 8151:285 8151:391 64800:1 additive

route-policy advertise_CAC permit node 10


description advertise_CAC_service_ip_to_transmission
apply community 8151:285 64800:1 8151:377 additive

route-policy advertise_WIFI permit node 10


description advertise_WIFI_service_ip_to_transmission
apply community 8151:285 64800:1 8151:378 additive

route-policy advertise_SPIDERCLOUD permit node 10


description advertise_SPIDERCLOUD_service_ip_to_transmission
apply community 8151:285 64800:1 8151:391 additive

ip ip-prefix default-route index 10 permit 0.0.0.0 0

route-policy receive_default_route permit node 100


description only_ receive_default_route_from_transmission
if-match ip-prefix default-route
apply local-preference 200

!Asociar VPN de servicios a puertos

interface GigabitEthernet0/2/1
description To_UNINET_UG0-1804-0044
undo shutdown
mtu 1530
mode user-termination
dcn

interface GigabitEthernet0/2/1.100
description To_UNINET_C30-2003-0673_Telcel_3G
control-vid 10 qinq-termination
qinq termination pe-vid 417 ce-vid 100
ip binding vpn-instance Telcel_3G
ip address 10.206.57.243 255.255.255.254
arp broadcast enable
qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 100
trust upstream Wireless_Out
trust 8021p

interface GigabitEthernet0/2/1.101
description To_UNINET_C30-2003-0673_Telcel_LTE
control-vid 11 qinq-termination
qinq termination pe-vid 417 ce-vid 101
ip binding vpn-instance Telcel_LTE
ip address 10.206.60.243 255.255.255.254
arp broadcast enable
qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 101
trust upstream Wireless_Out
trust 8021p

interface GigabitEthernet0/2/1.103
description To_UNINET_C30-2003-0673_Telcel_2G
control-vid 13 qinq-termination
qinq termination pe-vid 417 ce-vid 103
ip binding vpn-instance Telcel_2G
ip address 10.206.59.243 255.255.255.254
arp broadcast enable
qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 103
trust upstream Wireless_Out
trust 8021p

interface GigabitEthernet0/2/1.104
description To_UNINET_C30-2003-0673_Telcel_CFE
control-vid 14 qinq-termination
qinq termination pe-vid 417 ce-vid 104
ip binding vpn-instance Telcel_CFE
ip address 10.206.56.243 255.255.255.254
arp broadcast enable
qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 104
trust upstream Wireless_Out
trust 8021p

interface GigabitEthernet0/2/1.106
description To_UNINET_C30-2003-0673_Telcel_IP_OAM
control-vid 16 qinq-termination
qinq termination pe-vid 417 ce-vid 106
ip binding vpn-instance Telcel_IP_OAM
ip address 10.206.58.243 255.255.255.254
arp broadcast enable
qos-profile Telcel_FlowQueue-L3_300 outbound pe-vid 417 ce-vid 106
trust upstream Wireless_Out
trust 8021p

interface LoopBack 0
description for IPSYSTEM
ip binding vpn-instance Telcel_IP_OAM
ip address 10.75.148.177 255.255.255.255

!Levantar peer bgp hacia cada VPN de servicios

bgp 65000

ipv4-family vpn-instance Telcel_2G


import-route direct route-policy advertise_2G
peer 10.206.59.242 as-number 8151
peer 10.206.59.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
4
peer 10.206.59.242 bfd enable
peer 10.206.59.242 route-policy receive_default_route import
peer 10.206.59.242 advertise-community

ipv4-family vpn-instance Telcel_3G


import-route direct route-policy advertise_3G
peer 10.206.57.242 as-number 8151
peer 10.206.57.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
4
peer 10.206.57.242 bfd enable
peer 10.206.57.242 route-policy receive_default_route import
peer 10.206.57.242 advertise-community
ipv4-family vpn-instance Telcel_CFE
import-route direct route-policy advertise_CFE
peer 10.206.56.242 as-number 8151
peer 10.206.56.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
4
peer 10.206.56.242 bfd enable
peer 10.206.56.242 route-policy receive_default_route import
peer 10.206.56.242 advertise-community

ipv4-family vpn-instance Telcel_LTE


import-route direct route-policy advertise_LTE
peer 10.206.60.242 as-number 8151
peer 10.206.60.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
4
peer 10.206.60.242 bfd enable
peer 10.206.60.242 route-policy receive_default_route import
peer 10.206.60.242 advertise-community

ipv4-family vpn-instance Telcel_IP_OAM


import-route direct route-policy advertise_OAM
peer 10.206.58.242 as-number 8151
peer 10.206.58.242 bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier
4
peer 10.206.58.242 bfd enable
peer 10.206.58.242 route-policy receive_default_route import
peer 10.206.58.242 advertise-community

!Asignación de servcios sin QINQ

interface GigabitEthernet0/2/3
description To_SCL2100ER COLORADO 29
undo shutdown

interface GigabitEthernet0/2/3.40
vlan-type dot1q 40
description To_SCL2100ER COLORADO 29/LTE_S1U-S1MME-SYNC
ip bi vpn Telcel_LTE
ip address 10.111.21.169 255.255.255.248
statistic enable
trust upstream Wireless_In

interface GigabitEthernet0/2/3.43
vlan-type dot1q 43
description To_SCL2100ER COLORADO 29/LTE-OAM
ip bi vpn Telcel_IP_OAM
ip address 10.111.141.169 255.255.255.248
statistic enable
trust upstream Wireless_In

set net-manager vpn-instance Telcel_IP_OAM

commit

return
save
y
************ejecutar después de conectar la línea************
system-view
undo dcn
y
undo interface loopback0
return
save
y

You might also like