No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

ME60 V800R010C10SPC500 Configuration Guide - Virtual Access 01

This is ME60 V800R010C10SPC500 Configuration Guide - Virtual Access
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Virtual Access Multicast AP Replication and IGMP Dual-Device Hot Backup

Example for Configuring Virtual Access Multicast AP Replication and IGMP Dual-Device Hot Backup

This section provides an example for deploying Layer 3 multicast services in a virtual access scenario and enabling multicast AP replication and IGMP dual-device hot backup.

Networking Requirements

On the network shown in Figure 2-28, an AP is dual-homed to Master1 (primary master) and Master2 (secondary master). In normal cases, the control plane of the virtual access system is on the primary master. Multicast services are carried by the primary master, and IGMP packets for user hosts to join a multicast group are sent to the primary master. To prevent multicast traffic replication on a master from repeatedly consuming bandwidth resources, enable multicast AP replication. If the primary master fails, configure virtual access IGMP dual-device hot backup to rapidly protect multicast services.

After multicast AP replication is enabled, virtual access P2MP (vaP2MP) tunnels are established between masters and APs. Multicast traffic is replicated based only on tunnel paths in the vaP2MP tunnels. After reaching the APs, multicast traffic is locally replicated for receivers. After the vaP2MP tunnels are established, the system automatically creates BFD for vaP2MP sessions. After IGMP dual-device hot backup is configured, when the primary master receives IGMP packets, it maintains host join information, establishes multicast forwarding entries, and transmits multicast traffic from an upstream device. The primary master also backs up IGMP packets to the secondary master. The secondary master maintains host join information based on IGMP packets, establishes multicast forwarding entries, and transmits multicast traffic from an upstream device. After receiving multicast data, the primary and secondary masters send the data to an AP through vaP2MP tunnels. The AP chooses to receive the multicast data from the primary master. If the primary master fails, the AP uses a BFD for vaP2MP session to rapidly detect that the primary vaP2MP tunnel failed. The AP immediately chooses to receive multicast data from the secondary master, implementing 1+1 rapid multicast service protection.

Figure 2-28 Configuring virtual access AP replication and IGMP dual-device hot backup
Table 2-6 Interfaces and IP addresses

Device

Interface

IP Address

Master1

Loopback1

1.1.1.1/32

GigabitEthernet 1/0/1

10.1.1.1/24

Master2

Loopback1

2.2.2.2/32

GigabitEthernet 1/0/1

10.2.1.1/24

PE

Loopback1

3.3.3.3/32

GigabitEthernet 1/0/1

10.1.1.2/24

GigabitEthernet 1/0/2

10.2.1.2/24

Configuration Roadmap

The configuration roadmap is as follows:

  1. Establish a virtual access system, and configure a primary and secondary master for an AP.

  2. Deploy Layer 3 multicast. Configure basic PIM functions on the primary and secondary masters and PE, and configure basic IGMP functions on the primary and secondary masters.

  3. Enable multicast AP replication on the primary and secondary masters.

  4. Establish a virtual access dual-device backup platform, and enable remote backup for IGMP services.

Data Preparation

To complete the configuration, you need the following data:

  • IP addresses of directly connected interfaces and loopback interface addresses on each node (for details, see Table 2-6);

  • Management IP address of Master 1: 1.1.1.9; management IP address of Master 2: 2.2.2.9; management IP address of the AP: 3.3.3.9

  • Internal communication interfaces on Master 1, Master2, and the AP: GigabitEthernet 1/1/0/2

  • AP ID: 1025; AP ESN: 2102355250P0G4000001; AP's external communication interfaces: GigabitEthernet 1/0/1

  • Virtual access interfaces on Master1 and Master2: GigabitEthernet 1025/1/0/1; multicast IP addresses configured on their sub-interfaces: 10.110.1.1/24

  • User name required for a master to log in to the AP: root1234; password: Root@123; SFTP directory: cfcard:/; name of a user created for the AP on a master: root1234; password: Root@123

  • Master 1's management priority for the AP: 10; Master 2's management priority for the AP: 20

  • RBS names on the primary and secondary masters: rbs1; IP address used by the TCP connection for the RBS between the primary and secondary masters: Loopback1 IP address; TCP connection port number: 6006

  • RBP names on the primary and secondary masters: rbp1; user backup ID: 10

Procedure

  1. Assign an IP address to each interface on each node, and configure loopback interface addresses.

    For configuration details, see Configuration Files in this section.

  2. Configure OSPF so that the masters interwork with the PE.

    For configuration details, see Configuration Files in this section.

  3. Configure basic master functions.

    # Configure Master1.

    <Master1> system-view
    [~Master1] virtual-access
    [*Master1-virtual-access] role master
    [*Master1-virtual-access] admin 1.1.1.9
    [*Master1-virtual-access] isis authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
    [*Master1-virtual-access] commit
    [~Master1-virtual-access] quit
    [~Master1] interface GigabitEthernet1/1/0/2
    [~Master1-GigabitEthernet1/1/0/2] virtual-access enable
    [*Master1-GigabitEthernet1/1/0/2] commit
    [~Master1-GigabitEthernet1/1/0/2] quit

    # Configure Master2.

    <Master2> system-view
    [~Master2] virtual-access
    [*Master2-virtual-access] role master
    [*Master2-virtual-access] admin 2.2.2.9
    [*Master2-virtual-access] isis authentication-mode hmac-sha256 key-id 1 cipher Huawei-123
    [*Master2-virtual-access] commit
    [~Master2-virtual-access] quit
    [~Master2] interface GigabitEthernet1/1/0/2
    [~Master2-GigabitEthernet1/1/0/2] virtual-access enable
    [*Master2-GigabitEthernet1/1/0/2] commit
    [~Master2-GigabitEthernet1/1/0/2] quit

  4. Configure basic AP functions on the masters.

    # Configure Master1.

    [~Master1] ap-id 1025
    [*Master1-ap1025] esn 2102355250P0G4000001
    [*Master1-ap1025] remote-interface GigabitEthernet1/0/1
    [*Master1-ap1025] commit
    [~Master1-ap1025] admin 3.3.3.9
    [~Master1-ap1025] quit

    The configuration of Master2 is similar to the configuration of Master1. For configuration details, see Configuration Files in this section.

  5. Configure an authentication scheme for virtual access.

    # Configure Master1.

    [~Master1] ap-id 1025
    [~Master1-ap1025] login-user root1234 login-password Root@123
    [*Master1-ap1025] login-user root1234 sftp-directory cfcard:/
    [*Master1-ap1025] authentication-mode local
    [*Master1-ap1025] ap-user
    [*Master1-ap1025-ap-user] local-user root1234 password cipher Root@123
    [*Master1-ap1025-ap-user] commit
    [~Master1-ap1025-ap-user] quit
    [~Master1-ap1025] quit

    The configuration of Master2 is similar to the configuration of Master1. For configuration details, see Configuration Files in this section.

  6. Configure primary and secondary masters.

    # Configure Master1.

    [~Master1] ap-id 1025
    [~Master1-ap1025] management priority 10
    [*Master1-ap1025] commit
    [~Master1-ap1025] quit

    # Configure Master2.

    [~Master2] ap-id 1025
    [~Master2-ap1025] management priority 20
    [*Master2-ap1025] commit
    [~Master2-ap1025] quit

  7. Enable PIM-SM on the PE and primary and secondary masters.

    # Configure the PE.

    <PE> system-view
    [~PE] multicast routing-enable
    [*PE] interface GigabitEthernet1/0/1
    [*PE-GigabitEthernet1/0/1] pim sm
    [*PE-GigabitEthernet1/0/1] quit
    [*PE] interface GigabitEthernet1/0/2
    [*PE-GigabitEthernet1/0/2] pim sm
    [*PE-GigabitEthernet1/0/2] quit
    [*PE] commit

    # Configure Master1.

    [~Master1] multicast routing-enable
    [*Master1] interface GigabitEthernet1/1/0/1
    [*Master1-GigabitEthernet1/1/0/1] pim sm
    [*Master1-GigabitEthernet1/1/0/1] quit
    [*Master1] interface GigabitEthernet1025/1/0/1.1
    [*Master1-GigabitEthernet1025/1/0/1.1] ip address 10.110.1.1 24
    [*Master1-GigabitEthernet1025/1/0/1.1] pim sm
    [*Master1-GigabitEthernet1025/1/0/1.1] commit
    [~Master1-GigabitEthernet1025/1/0/1.1] quit

    The configuration of Master2 is similar to the configuration of Master1. For configuration details, see Configuration Files in this section.

  8. Configure a rendezvous point (RP).

    # Configure a bootstrap router (BSR) RP on the PE.

    [~PE] pim
    [*PE-pim] c-bsr LoopBack1
    [*PE-pim] c-rp LoopBack1
    [*PE-pim] commit
    [~PE-pim] quit

  9. Enable IGMP on the virtual access interfaces of the primary and secondary masters.

    # Configure Master1.

    [~Master1] interface GigabitEthernet1025/1/0/1.1
    [~Master1-GigabitEthernet1025/1/0/1.1] igmp enable
    [*Master1-GigabitEthernet1025/1/0/1.1] commit
    [~Master1-GigabitEthernet1025/1/0/1.1] quit

    # Configure Master2.

    [~Master2] interface GigabitEthernet1025/1/0/1.1
    [~Master2-GigabitEthernet1025/1/0/1.1] igmp enable
    [*Master2-GigabitEthernet1025/1/0/1.1] commit
    [~Master2-GigabitEthernet1025/1/0/1.1] quit

  10. Enable multicast AP replication on the primary and secondary masters.

    # Configure Master1.

    [~Master1] multicast off-load p2mp
    [*Master1] commit

    # Configure Master2.

    [~Master2] multicast off-load p2mp
    [*Master2] commit

  11. Configure an RBS on the primary and secondary masters.

    # Configure Master1.

    [~Master1] remote-backup-service rbs1
    [*Master1-rm-backup-srv-rbs1] peer 2.2.2.2 source 1.1.1.1 port 6006
    [*Master1-rm-backup-srv-rbs1] commit
    [~Master1-rm-backup-srv-rbs1] quit

    # Configure Master2.

    [~Master2] remote-backup-service rbs1
    [*Master2-rm-backup-srv-rbs1] peer 1.1.1.1 source 2.2.2.2 port 6006
    [*Master2-rm-backup-srv-rbs1] commit
    [~Master2-rm-backup-srv-rbs1] quit

  12. Configure an RBP on the primary and secondary masters, and enable remote backup for IGMP services.

    # Configure Master1.

    [~Master1] remote-backup-profile rbp1
    [*Master1-rm-backup-prf-rbp1] peer-backup hot
    [*Master1-rm-backup-prf-rbp1] binding virtual-access
    [*Master1-rm-backup-prf-rbp1] backup-id 10 remote-backup-service rbs1
    [*Master1-rm-backup-prf-rbp1] service-type igmp
    [*Master1-rm-backup-prf-rbp1] commit
    [~Master1-rm-backup-prf-rbp1] quit
    [~Master1] interface GigabitEthernet1025/1/0/1.1
    [~Master1-GigabitEthernet1025/1/0/1.1] remote-backup-profile rbp1
    [~Master1-GigabitEthernet1025/1/0/1.1] commit

    # Configure Master2.

    [~Master2] remote-backup-profile rbp1
    [*Master2-rm-backup-prf-rbp1] peer-backup hot
    [*Master2-rm-backup-prf-rbp1] binding virtual-access
    [*Master2-rm-backup-prf-rbp1] backup-id 10 remote-backup-service rbs1
    [*Master2-rm-backup-prf-rbp1] service-type igmp
    [*Master2-rm-backup-prf-rbp1] commit
    [~Master2-rm-backup-prf-rbp1] quit
    [~Master2] interface GigabitEthernet1025/1/0/1.1
    [~Master2-GigabitEthernet1025/1/0/1.1] remote-backup-profile rbp1
    [~Master2-GigabitEthernet1025/1/0/1.1] commit

  13. Verify the configuration.

    Run the display multicast va-tunnel p2mp verbose command on Master1 to check detailed information about all vaP2MP tunnels in the public network instance.

    [~Master1] display multicast va-tunnel p2mp verbose
    Vap2mp information for VPN-Instance: _public_
    P2mp-ip: 1.1.1.9
    Tunnel-id: 16000
    Leaf:
      1025: 3.3.3.9.

    Run the display multicast va-tunnel p2mp verbose command on Master2 to check detailed information about all vaP2MP tunnels in the public network instance.

    [~Master1] display multicast va-tunnel p2mp verbose
    Vap2mp information for VPN-Instance: _public_
    P2mp-ip: 2.2.2.9
    Tunnel-id: 16004
    Leaf:
      1025: 3.3.3.9.

    Run the display igmp interface GigabitEthernet 1025/1/0/1.1 verbose command on Master1 to check that Remote-backup state is master, indicating that the IGMP remote backup state of the virtual access interface on the primary master is master.

    [~Master1] display igmp interface GigabitEthernet 1025/1/0/1.1 verbose
    2016-08-15 18:41:33.496 
    Interface information of VPN-Instance: public net
     GigabitEthernet1025/1/0/1.1(10.110.1.1):
       IGMP is enabled
       Current IGMP version is 2
       IGMP state: up
       IGMP group policy: none
       IGMP limit: -
       Value of query interval for IGMP (negotiated): -
       Value of query interval for IGMP (configured): 60 s
       Value of other querier timeout for IGMP: 0 s
       Value of maximum query response time for IGMP: 10 s
       Value of last member query time: 2 s
       Value of last member query interval: 1 s
       Value of startup query interval: 15 s
       Value of startup query count: 2
       General query timer expiry (hours:minutes:seconds): 00:00:55
       Querier for IGMP: 10.110.1.1 (this router)
       IGMP activity: 0 joins, 0 leaves
       Robustness (negotiated): -
       Robustness (configured): 2
       Require-router-alert: disabled
       Send-router-alert: enabled
       Ip-source-policy: disabled
       Query Ip-source-policy: disabled
       Prompt-leave: disabled
       SSM-Mapping: disabled
       Startup-query-timer-expiry: off
       Other-querier-present-timer-expiry: off
       IGMP ipsec: disabled
       Remote-backup state: master

    Run the display igmp interface GigabitEthernet 1025/1/0/1.1 verbose command on Master2 to check that Remote-backup state is backup, indicating that the IGMP remote backup state of the virtual access interface on the secondary master is backup.

    [~Master2] display igmp interface GigabitEthernet 1025/1/0/1.1 verbose
    2016-08-15 18:42:32.443 
    Interface information of VPN-Instance: public net
     GigabitEthernet1025/1/0/1.1(10.110.1.1):
       IGMP is enabled
       Current IGMP version is 2
       IGMP state: up
       IGMP group policy: none
       IGMP limit: -
       Value of query interval for IGMP (negotiated): -
       Value of query interval for IGMP (configured): 60 s
       Value of other querier timeout for IGMP: 0 s
       Value of maximum query response time for IGMP: 10 s
       Value of last member query time: 2 s
       Value of last member query interval: 1 s
       Value of startup query interval: 15 s
       Value of startup query count: 2
       General query timer expiry (hours:minutes:seconds): --:--:--
       Querier for IGMP: 10.110.1.1 (this router)
       IGMP activity: 0 joins, 0 leaves
       Robustness (negotiated): -
       Robustness (configured): 2
       Require-router-alert: disabled
       Send-router-alert: enabled
       Ip-source-policy: disabled
       Query Ip-source-policy: disabled
       Prompt-leave: disabled
       SSM-Mapping: disabled
       Startup-query-timer-expiry: off
       Other-querier-present-timer-expiry: off
       IGMP ipsec: disabled
       Remote-backup state: backup

Configuration Files

  • AP configuration file

    #
    sysname AP
    #
    virtual-access
     role ap
     admin 3.3.3.9
     master admin-ip primary 1.1.1.9 secondary 2.2.2.9
     isis authentication-mode hmac-sha256 key-id 1 cipher %^%#M44,@ucNcT,!cuNI_0<$z(>;KfZo203~B>Xm1*6/%^%#
    #
    rsa peer-public-key 1.1.1.9
     public-key-code begin
     3082010A
      02820101
        009AFD3D FF8774EB A9F8511C 46C4E85F 1795F2A8 7D4C7287 045CE446 0C348E67
        B691BD0A 9964C445 196C0086 9A563E2F 5FF2B748 79C0D7E8 246CB828 FFFC1556
        B1FEC86F 570B909D F016B5FF 8272622F B6FA5E0F 48B9588C 4395AAB4 93AE912A
        F1364F0F 51BB9C9D E6F9F7B6 FE9F7A96 036BC64A 39AADF00 FD1C60F6 C4D22010
        E1CE3A5D 98FEBF5E A050E764 DA57ACDC 08EB67DE 6122AEC9 96C80E51 4068572F
        CA26F8B4 108E0DE3 974D3C71 017AE58F CD1AF291 1B1828DD 90262F83 427585A3
        4C100926 EBB5C5B7 EBB27BDE 348D4B9C 6F5DC9D2 ED549DA5 3C0C6A57 74A576A8
        4C029BCE 503248F4 842BEFCD 0B118EB0 C36782CE 75107F25 59C0EBA6 7867AD33
        33
      0203
        010001
     public-key-code end
     peer-public-key end
    #
    ip dcn vpn-instance __dcn_vpn__
     ipv4-family
    #
    bfd
    #
    aaa
     local-user root123 password irreversible-cipher $1c$]h7$Jb!+o6$()`k3Ht@`0Pho{W{M%]'.lYN7(V"DY~GLcQ$
     local-user root password irreversible-cipher +Hv$!xKCa#UY6\$GWJ!N4[QH.O/'HIa@AoURN`>;R"Z8PtIa\3AZAy6Sa60(C6GCN
     local-user root service-type ssh
     local-user root level 15
     local-user root expire 2017-01-01
    #               
    isis 65534      
     description auto-generated for virtual-cluster-access
     is-level level-2
     cost-style wide
     virtual-access enable
     network-entity 00.38ba.50aa.f701.00
    #               
    interface GigabitEthernet1/0/1
     undo shutdown  
     undo dcn
    #
    interface GigabitEthernet1/0/2
     undo shutdown  
     isis enable 65534
     isis circuit-type p2p
     dcn            
     virtual-access enable 
    #
    interface GigabitEthernet1/0/3
     undo shutdown  
     isis enable 65534
     isis circuit-type p2p
     dcn            
     virtual-access enable 
    #
    interface LoopBack2147483646
     description virtual-access loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 3.3.3.9 255.255.255.255
    #               
    interface LoopBack2147483647
     description DCN loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 128.254.255.253 255.255.0.0
    #               
    interface NULL0 
    #               
    ospf 65534 vpn-instance __dcn_vpn__
     description DCN ospf create by default
     opaque-capability enable
     hostname       
     vpn-instance-capability simple
     area 0.0.0.0   
      network 0.0.0.0 255.255.255.255
    #               
    !The DCN function implements the capability of plug-and-play for this device.
    !A NE IP address based on the unique NE ID is automatically generated in VPN
    !of DCN. It is recommended that the NE IP address be changed to the planned 
    !one by running the ne-ip X.X.X.X <mask> command after the device being online.
    dcn             
    #
    stelnet server enable
    ssh user root   
    ssh user root authentication-type password
    ssh user root service-type stelnet
    ssh user root1234
    ssh user root1234 authentication-type password
    ssh user root1234 service-type all
    ssh user root1234 sftp-directory cfcard:/
    ssh authorization-type default aaa
    #               
    ssh client first-time enable
    ssh client 1.1.1.9 assign rsa-key 1.1.1.9
    #
    user-interface vty 0 4
     authentication-mode aaa
     protocol inbound ssh
    #
    return 
  • Master1 configuration file

    #
    sysname Master1
    #               
    virtual-access  
     role master    
     admin 1.1.1.9  
     isis authentication-mode hmac-sha256 key-id 1 cipher %#%#;Z4)W1+&+F\Rax>JvX~7958dF@U%YGfREMUAQA{:%#%#
    
    #               
    ap-id 1025      
     esn 2102355250P0G4000001
     admin 3.3.3.9  
     management priority 10
     remote-interface GigabitEthernet1/0/1
     login-user root123 login-password %^%#ub#@Q/l`F'0jcxS'3[J=T`8:O3[\l"j};w&%^%#
     login-user root1234 sftp-directory cfcard:/
     authentication-mode local
     #
     ap-user
      local-user root1234 password cipher %^%#2"\-F..bsI0b=qFM.RW)nt{"A|"Pl2s>_zCh_`jO%^%#
    #
    rsa peer-public-key 3.3.3.9
     public-key-code begin
     3082010A
      02820101
        00F507CE 0E8C48D2 FF4745F0 23C0E553 817F76BD C1C4C945 3DC11CD5 3B197644
        EDC8706D 356FAC9B 336E9315 CAA2E45C E28F77D6 4DDC34F0 24264279 2BB6C65A
        EC5CBD4D FF5D9A44 1A598ABE CB3C2D57 BF2E80C4 D15CA8BA CDB6082C 829286F0
        FE0654B6 286652C3 5259CC43 46B12425 17CBF8CC 048D1C98 B25D9BF9 58F9930C
        4687A750 168DAECD C8A012EC D3E674B5 691243AD B98233E0 62979739 5900BCCF
        3665478A 87567299 28D2C044 EF3F00D2 D23F224F 90A5CE20 9BC26A82 6D36DBC2
        2FAD29F7 8F0C34E7 A4F515A3 30E2FA31 8B4DA836 E117EEF9 5682648D 5F5ABC4D
        E64A39F5 806117FF 5085D78A 8F44EB81 2BDDC1DE E563DC5A 7C48965C D0E9BB80
        E1
      0203
        010001
     public-key-code end
     peer-public-key end
    #
    rsa peer-public-key 128.254.255.253
     public-key-code begin
     3082010A
      02820101
        00F507CE 0E8C48D2 FF4745F0 23C0E553 817F76BD C1C4C945 3DC11CD5 3B197644
        EDC8706D 356FAC9B 336E9315 CAA2E45C E28F77D6 4DDC34F0 24264279 2BB6C65A
        EC5CBD4D FF5D9A44 1A598ABE CB3C2D57 BF2E80C4 D15CA8BA CDB6082C 829286F0
        FE0654B6 286652C3 5259CC43 46B12425 17CBF8CC 048D1C98 B25D9BF9 58F9930C
        4687A750 168DAECD C8A012EC D3E674B5 691243AD B98233E0 62979739 5900BCCF
        3665478A 87567299 28D2C044 EF3F00D2 D23F224F 90A5CE20 9BC26A82 6D36DBC2
        2FAD29F7 8F0C34E7 A4F515A3 30E2FA31 8B4DA836 E117EEF9 5682648D 5F5ABC4D
        E64A39F5 806117FF 5085D78A 8F44EB81 2BDDC1DE E563DC5A 7C48965C D0E9BB80
        E1
      0203
        010001
     public-key-code end
     peer-public-key end
    #
    ip dcn vpn-instance __dcn_vpn__
     ipv4-family    
    #               
    bfd             
    #               
    remote-backup-service rbs1
     peer 2.2.2.2 source 1.1.1.1 port 6006
    #
    remote-backup-profile rbp1
     service-type igmp
     backup-id 10 remote-backup-service rbs1
     peer-backup hot
     binding virtual-access
    #
    multicast routing-enable
    #
    multicast off-load p2mp
    #
    isis 65534      
     description auto-generated for virtual-cluster-access
     is-level level-2
     cost-style wide
     virtual-access enable
     network-entity 00.38ba.2b87.fe03.00
    #               
    interface GigabitEthernet1/1/0/1
     undo shutdown  
     ip address 10.1.1.1 255.255.255.0
     pim sm
    #
    interface GigabitEthernet1/1/0/2
     undo shutdown
     isis enable 65534
     isis circuit-type p2p
     dcn
     virtual-access enable
    #
    interface GigabitEthernet1025/1/0/1
     undo shutdown
    #
    interface GigabitEthernet1025/1/0/1.1
     ip address 10.110.1.1 255.255.255.0
     pim sm
     igmp enable
     remote-backup-profile rbp1
    #
    interface LoopBack1
     ip address 1.1.1.1 255.255.255.255
    #
    interface LoopBack2147483646
     description virtual-access loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 1.1.1.9 255.255.255.255
    #               
    interface LoopBack2147483647
     description DCN loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 128.254.255.251 255.255.0.0
    #               
    ospf 1 router-id 1.1.1.1
     area 0.0.0.0   
      network 1.1.1.1 0.0.0.0
      network 10.1.1.0 0.0.0.255
    #               
    ospf 65534 vpn-instance __dcn_vpn__
     description DCN ospf create by default
     opaque-capability enable
     hostname       
     vpn-instance-capability simple
     area 0.0.0.0   
      network 0.0.0.0 255.255.255.255
    #               
    !The DCN function implements the capability of plug-and-play for this device.
    !A NE IP address based on the unique NE ID is automatically generated in VPN
    !of DCN. It is recommended that the NE IP address be changed to the planned 
    !one by running the ne-ip X.X.X.X <mask> command after the device being online.
    dcn             
      ne-ip 128.1.0.1 255.255.255.0
    #               
    snmp-agent trap type base-trap
    #               
    ssh client first-time enable
    ssh client 3.3.3.9 assign rsa-key 3.3.3.9
    ssh client 128.254.255.253 assign rsa-key 128.254.255.253
    #
    return 
    
  • Master2 configuration file

    #
    sysname Master2
    #               
    virtual-access  
     role master    
     admin 2.2.2.9  
     isis authentication-mode hmac-sha256 key-id 1 cipher %#%#e^1}%%w;/C[M)OQc7"j+,2)}JvX~7958dF@UY4)W%#%#
    #               
    ap-id 1025      
     esn 2102355250P0G4000001
     admin 3.3.3.9  
     management priority 20
     remote-interface GigabitEthernet1/0/1
     login-user root1234 login-password %^%#_LAB9"kqpQ)U%rBWT!bSVN+p/Kt/l/"hXpFm(]FW%^%#
     login-user root1234 sftp-directory cfcard:/
     authentication-mode local
     #
     ap-user
      local-user root1234 password cipher %^%#=GDy1dDG4Ko0nY8Xp%hA1JNA,$bbW$z<3U(W2iEF%^%#
    #
    rsa peer-public-key 3.3.3.9
     public-key-code begin
     3082010A
      02820101
        009D0859 236378F5 11BE0338 BD1C27BA 1B6DCFDA 78283532 C3CE5DFF 2BA19DF6
        D456D3FC 093DE062 7B66386A DCCE8660 3F8D44ED 414DB8B0 C4911497 B1D688D9
        C960C1DB B31BB8D9 2D80B47E 93D7C101 54371722 49120A6F FC5E3504 48AA3CB7
        BE9F094F C29074BA 2304010E 1287FF4D 1B59E4B4 EF1005A4 5E43A8EB A534F46C
        06DA7EE2 A8C4BBF5 4DE3EAC8 F6880579 9C4D1B75 5F0D8401 9A64BE6E 2446C448
        C9BF67F0 6801C928 234B1851 1AD496C0 E3AF2401 E6C3910B BB55A0C1 ED52E2BB
        AD96615D 2437C255 4823276E 841EEF25 352B3A69 65B085CA A0676C01 9F08ED3A
        53C404B5 5353A044 802199FC FCE1AF9D CBDA44B3 7543257E BF349FBD FCE7BB78
        91
      0203
        010001
     public-key-code end
     peer-public-key end
    #
    rsa peer-public-key 128.254.255.253
     public-key-code begin
     3082010A
      02820101
        00F507CE 0E8C48D2 FF4745F0 23C0E553 817F76BD C1C4C945 3DC11CD5 3B197644
        EDC8706D 356FAC9B 336E9315 CAA2E45C E28F77D6 4DDC34F0 24264279 2BB6C65A
        EC5CBD4D FF5D9A44 1A598ABE CB3C2D57 BF2E80C4 D15CA8BA CDB6082C 829286F0
        FE0654B6 286652C3 5259CC43 46B12425 17CBF8CC 048D1C98 B25D9BF9 58F9930C
        4687A750 168DAECD C8A012EC D3E674B5 691243AD B98233E0 62979739 5900BCCF
        3665478A 87567299 28D2C044 EF3F00D2 D23F224F 90A5CE20 9BC26A82 6D36DBC2
        2FAD29F7 8F0C34E7 A4F515A3 30E2FA31 8B4DA836 E117EEF9 5682648D 5F5ABC4D
        E64A39F5 806117FF 5085D78A 8F44EB81 2BDDC1DE E563DC5A 7C48965C D0E9BB80
        E1
      0203
        010001
     public-key-code end
     peer-public-key end
    #
    ip dcn vpn-instance __dcn_vpn__
     ipv4-family    
    #               
    bfd             
    #               
    remote-backup-service rbs1
     peer 1.1.1.1 source 2.2.2.2 port 6006
    #
    remote-backup-profile rbp1
     service-type igmp
     backup-id 10 remote-backup-service rbs1
     peer-backup hot
     binding virtual-access
    #
    multicast routing-enable
    #
    multicast off-load p2mp
    #
    isis 65534      
     description auto-generated for virtual-cluster-access
     is-level level-2
     cost-style wide
     virtual-access enable
     network-entity 00.38ba.264b.4b04.00
    #               
    interface GigabitEthernet1/1/0/1
     undo shutdown  
     ip address 10.2.1.1 255.255.255.0
     pim sm
     #
    interface GigabitEthernet1/1/0/2
     undo shutdown
     isis enable 65534
     isis circuit-type p2p
     dcn
     virtual-access enable
    #
    interface GigabitEthernet1025/1/0/1
     undo shutdown
    #
    interface GigabitEthernet1025/1/0/1.1
     ip address 10.110.1.1 255.255.255.0
     pim sm
     igmp enable
     remote-backup-profile rbp1
    #
    interface LoopBack1
     ip address 2.2.2.2 255.255.255.255
    #
    interface LoopBack2147483646
     description virtual-access loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 2.2.2.9 255.255.255.255
    #               
    interface LoopBack2147483647
     description DCN loopback interface
     ip binding vpn-instance __dcn_vpn__
     ip address 128.254.255.250 255.255.0.0
    #               
    ospf 1 router-id 2.2.2.2
     area 0.0.0.0   
      network 2.2.2.2 0.0.0.0
      network 10.2.1.0 0.0.0.255
    #               
    ospf 65534 vpn-instance __dcn_vpn__
     description DCN ospf create by default
     opaque-capability enable
     hostname       
     vpn-instance-capability simple
     area 0.0.0.0   
      network 0.0.0.0 255.255.255.255
    #               
    !The DCN function implements the capability of plug-and-play for this device.
    !A NE IP address based on the unique NE ID is automatically generated in VPN
    !of DCN. It is recommended that the NE IP address be changed to the planned 
    !one by running the ne-ip X.X.X.X <mask> command after the device being online.
    dcn             
     ne-ip 128.1.0.3 255.255.255.0
    #               
    snmp-agent trap type base-trap
    #               
    ssh client first-time enable
    ssh client 3.3.3.9 assign rsa-key 3.3.3.9
    ssh client 128.254.255.253 assign rsa-key 128.254.255.253
    #
    return 
    
  • PE configuration file
    #
    sysname PE
    #
    multicast routing-enable
    #
    interface GigabitEthernet1/0/1
     undo shutdown  
     ip address 10.1.1.2 255.255.255.0
     pim sm
    #
    interface GigabitEthernet1/0/2
     undo shutdown  
     ip address 10.2.1.2 255.255.255.0
     pim sm
    #
    interface LoopBack1
     ip address 3.3.3.3 255.255.255.255
                   
    ospf 1          
     area 0.0.0.0   
      network 3.3.3.3 0.0.0.0
      network 10.1.1.0 0.0.0.255
      network 10.2.1.0 0.0.0.255
    pim
     c-bsr Loopback1
     c-rp Loopback1
    #
    return 
Translation
Download
Updated: 2019-01-04

Document ID: EDOC1100059451

Views: 3780

Downloads: 18

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next