DT4H - Valgfag - MPLS VPN, ESXi

From Teknologisk videncenter
Revision as of 09:00, 3 September 2010 by Erasure (talk | contribs) (R2 - MPLS Core/BGP Route Reflector)
Jump to: navigation, search

Valgfagsopgave DT4H

Beskrivelse

Config af netværksudstyr

R1 - MPLS Distribution Router

R2 - MPLS Core/BGP Route Reflector

Current configuration : 2660 bytes
!
! Last configuration change at 11:25:52 UTC Thu Sep 2 2010
! NVRAM config last updated at 11:25:55 UTC Thu Sep 2 2010
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$LRU5$0kkpPs9LoTyrNTUHVjU5L1
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.0.2.1 255.255.255.252
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.1 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 mpls label protocol both
 mpls ip
!
interface FastEthernet0/1
 ip address 10.0.0.5 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 mpls label protocol both
 mpls ip
!
interface FastEthernet0/3/0
 switchport access vlan 40
!
interface FastEthernet0/3/1
!
interface FastEthernet0/3/2
!
interface FastEthernet0/3/3
 switchport access vlan 30
!
interface Serial0/2/0
 no ip address
 shutdown
 no fair-queue
 clock rate 2000000
!
interface Vlan1
 no ip address
!
interface Vlan30
 ip address 10.0.0.9 255.255.255.252
 ip router isis
 mpls label protocol both
 mpls ip
!
interface Vlan40
 ip address 10.0.0.13 255.255.255.252
 ip router isis
 mpls label protocol both
 mpls ip
!
router isis
 net 49.0001.0100.0000.2001.00
 is-type level-2-only
!
router bgp 100
 bgp log-neighbor-changes
 neighbor 10.0.1.1 remote-as 100
 neighbor 10.0.1.1 update-source Loopback0
 neighbor 10.0.3.1 remote-as 100
 neighbor 10.0.3.1 update-source Loopback0
 neighbor 10.0.4.1 remote-as 100
 neighbor 10.0.4.1 update-source Loopback0
 neighbor 10.0.5.1 remote-as 100
 neighbor 10.0.5.1 update-source Loopback0
 !
 address-family ipv4
 neighbor 10.0.1.1 activate
 neighbor 10.0.3.1 activate
 neighbor 10.0.4.1 activate
 neighbor 10.0.5.1 activate
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family vpnv4
 neighbor 10.0.1.1 activate
 neighbor 10.0.1.1 send-community extended
 neighbor 10.0.1.1 route-reflector-client
 neighbor 10.0.3.1 activate
 neighbor 10.0.3.1 send-community extended
 neighbor 10.0.3.1 route-reflector-client
 neighbor 10.0.4.1 activate
 neighbor 10.0.4.1 send-community extended
 neighbor 10.0.4.1 route-reflector-client
 neighbor 10.0.5.1 activate
 neighbor 10.0.5.1 send-community extended
 neighbor 10.0.5.1 route-reflector-client
 exit-address-family
!
!
!
ip http server
no ip http secure-server
!
!
!
!
mpls ldp router-id Loopback0 force
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
scheduler allocate 20000 1000
end

R3 - MPLS Distribution Router

Current configuration : 2263 bytes
!
! Last configuration change at 12:34:09 UTC Thu Sep 2 2010
! NVRAM config last updated at 12:34:09 UTC Thu Sep 2 2010
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$VCOF$SoSJO1g5dUHduhZ3qLQtZ1
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
ip vrf office
 rd 100:20
 route-target export 100:20
 route-target import 100:20
!
ip vrf production
 rd 100:10
 route-target export 100:10
 route-target import 100:10
!
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.0.3.1 255.255.255.252
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.6 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 mpls ip
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1.10
 encapsulation dot1Q 10
 ip vrf forwarding production
 ip address 172.16.2.1 255.255.255.0
 ip helper-address 172.30.1.2
 ip helper-address 172.30.1.3
!
interface FastEthernet0/1.20
 encapsulation dot1Q 20
 ip vrf forwarding office
 ip address 172.17.2.1 255.255.255.0
 ip helper-address 172.30.1.2
 ip helper-address 172.30.1.3
!
interface Serial0/1/0
 no ip address
 shutdown
 clock rate 125000
!
interface Serial0/1/1
 no ip address
 shutdown
 clock rate 125000
!
interface Serial0/3/0
 no ip address
 shutdown
 clock rate 2000000
!
router isis
 net 49.0001.0100.0000.3001.00
 is-type level-2-only
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.2.1 remote-as 100
 neighbor 10.0.2.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 10.0.2.1 activate
 neighbor 10.0.2.1 send-community both
 exit-address-family
 !
 address-family ipv4 vrf production
 redistribute connected
 redistribute static
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf office
 redistribute connected
 redistribute static
 no synchronization
 exit-address-family
!
!
!
ip http server
no ip http secure-server
!
!
!
!
mpls ldp router-id Loopback0 force
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
scheduler allocate 20000 1000
end

R4 - MPLS Distribution Router/Server Router

Current configuration : 1794 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$tMv4$/qNEMbkDuH90GdXj.V2Kc/
!
memory-size iomem 10
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip vrf server
 rd 100:30
 route-target export 100:30
 route-target export 100:10
 route-target export 100:20
 route-target import 100:30
 route-target import 100:10
 route-target import 100:20
!
ip audit po max-events 100
tag-switching tdp router-id Loopback0 force
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.0.4.1 255.255.255.252
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.10 255.255.255.252
 ip router isis
 duplex auto
 speed auto
 tag-switching ip
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/1.30
 encapsulation dot1Q 30
 ip vrf forwarding server
 ip address 172.30.1.1 255.255.255.0
 no snmp trap link-status
!
interface Serial0/1
 no ip address
 shutdown
!
router isis
 net 49.0001.0100.0000.4001.00
 is-type level-2-only
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.2.1 remote-as 100
 neighbor 10.0.2.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 10.0.2.1 activate
 neighbor 10.0.2.1 send-community both
 exit-address-family
 !
 address-family ipv4 vrf server
 redistribute connected
 redistribute static
 no auto-summary
 no synchronization
 exit-address-family
!
ip classless
!
ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
!
end

R5 - MPLS Edge Router/Internet Router (VRF internet)

Current configuration : 2203 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$ZDel$DkGMj693div2QL9M7xIUk1
!
memory-size iomem 10
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip vrf internet
 rd 100:40
 route-target export 100:40
 route-target export 100:10
 route-target export 100:20
 route-target export 100:30
 route-target import 100:40
 route-target import 100:10
 route-target import 100:20
 route-target import 100:30
!
ip audit po max-events 100
tag-switching tdp router-id Loopback0 force
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.0.5.1 255.255.255.255
 ip router isis
!
interface FastEthernet0/0
 ip address 10.0.0.14 255.255.255.252
 ip nat inside
 ip router isis
 duplex auto
 speed auto
 tag-switching ip
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet0/1
 ip vrf forwarding internet
 ip address dhcp
 ip nat outside
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
!
router isis
 net 49.0001.0100.0000.0005.00
 is-type level-2-only
 default-information originate
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.2.1 remote-as 100
 neighbor 10.0.2.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 10.0.2.1 activate
 neighbor 10.0.2.1 send-community both
 exit-address-family
 !
 address-family ipv4 vrf internet
 redistribute connected
 redistribute static
 no auto-summary
 no synchronization
 network 0.0.0.0
 exit-address-family
!
ip nat inside source list 100 interface FastEthernet0/1 vrf internet overload
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
ip route vrf internet 0.0.0.0 0.0.0.0 192.168.139.1
!
no ip http server
no ip http secure-server
!
access-list 100 permit ip 172.16.0.0 0.0.255.255 any
access-list 100 permit ip 172.17.0.0 0.0.255.255 any
access-list 100 permit ip 172.30.0.0 0.0.255.255 any
access-list 100 permit ip 10.0.0.0 0.0.255.255 any
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
!
end

SW1 - End-user Access Switch (VRF office/production)

Current configuration : 2601 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SW1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$BQq8$0/6FBbzY4eOyLJOHEf4gl1
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/2
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/4
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/7
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/8
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/9
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/10
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/11
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/12
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/13
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/14
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/15
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/16
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/17
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/18
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/19
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/20
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address 172.16.1.2 255.255.255.0
!
interface Vlan20
 ip address 172.17.1.2 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 login
!
end

SW2 - End-user Access Switch (VRF office/production)

Current configuration : 2601 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SW2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$C64C$Bm2YkIFSRpTgC/BVV1oXc0
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/2
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/3
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/4
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/7
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/8
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/9
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/10
 switchport access vlan 10
 switchport mode access
!
interface FastEthernet0/11
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/12
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/13
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/14
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/15
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/16
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/17
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/18
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/19
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/20
 switchport access vlan 20
 switchport mode access
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address 172.16.2.2 255.255.255.0
!
interface Vlan20
 ip address 172.17.2.2 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 login
!
end

ServerSW - Server Access Switch (VRF server)

Current configuration : 3274 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname ServerSW
!
enable secret 5 $1$B30/$JKJWthWIIR1hyLISuAO490
!
ip subnet-zero
!
spanning-tree extend system-id
!
!
interface FastEthernet0/1
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/2
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/3
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport access vlan 30
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport mode trunk
 no ip address
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan30
 ip address 172.30.1.200 255.255.255.0
 no ip route-cache
!
ip http server
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 login
!
end
Retrieved from "http://mars.merhot.dk/w/index.php?title=DT4H_-_Valgfag_-_MPLS_VPN,_ESXi&oldid=13585"