Alcatel 7750 设备配置指南
Alcatel-Lucent 7750 SR 高级配置指南说明书
PrefaceAbout This GuideThis guide provides advanced configuration solutions for Alcatel-Lucent’s 7750 SR and 7450 ESSrouter and is meant to be supplemental to the basic user configuration guides listed below.The guide is organized alphabetically and provides feature and configuration explanations, CLIdescriptions and overall solutions.AudienceThis manual is intended for network administrators who are responsible for configuring therouters. It is assumed that the network administrators have a detailed understanding of networkingprinciples and configurations.List of Technical PublicationsThe 7750 SR documentation set is composed of the following guides:•Basic System Configuration GuideThis guide describes basic system configurations and operations.•System Management GuideThis guide describes system security and access configurations as well as event loggingand accounting logs.•Interface Configuration GuideThis guide describes card, Media Dependent Adapter (MDA) and port provisioning.•Router Configuration GuideThis guide describes logical IP routing interfaces and associated attributes such as an IPaddress, as well as IP and MAC-based filtering, and VRRP and Cflowd.•Routing Protocols GuidePrefaceThis guide provides an overview of routing concepts and provides configuration examplesfor RIP, OSPF, IS-IS, BGP, and route policies.•MPLS Configuration GuideThis guide describes how to configure Multiprotocol Label Switching (MPLS) and LabelDistribution Protocol (LDP).•Services Overview GuideThis guide describes how to configure service parameters such as service distributionpoints (SDPs), customer information, and user services.•Layer 2 Services and EVPN GuideThis guide describes Virtual Leased Lines (VLL), Virtual Private LAN Service (VPLS),Provider Backbone Bridging (PBB), and Ethernet VPN (EVPN).•Layer 3 Services GuideThis guide describes Internet Enhanced Services (IES) and Virtual Private RoutedNetwork (VPRN) services.•Versatile Service Module GuideThis guide describes how to configure service parameters for the Versatile Service Module(VSM).•OAM and Diagnostics GuideThis guide describes how to configure features such as service mirroring and Operations,Administration and Management (OAM) tools.•Triple Play GuideThis guide describes Triple Play services and support provided by the routers and presentsexamples to configure and implement various protocols and services.•Quality of Service GuideThis guide describes how to configure Quality of Service (QoS) policy management.•RADIUS Attributes GuideThis guide describes all supported RADIUS Authentication, Authorization andAccounting attributes.•Multi-Service Integrated Service Adapter GuideThis guide describes services provided by integrated service adapters such as ApplicationAssurance, IPSec, ad insertion (ADI) and Network Address Translation (NAT).•Gx A VPs Reference GuideThis guide describes Gx Attribute Value Pairs (A VP).PrefaceTechnical SupportIf you purchased a service agreement for your router and related products from a distributor orauthorized reseller, contact the technical support staff for that distributor or reseller for assistance.If you purchased an Alcatel-Lucent service agreement, contact your welcome center:/wps/portal/supportReport documentation errors, omissions and comments to:**************************************Include document name, version, part number and page(s) affected.Preface。
7750&7710产品介绍-v2
对承载网的可运营可管理要求
快速提供业务
智能故障、设备管理 智能业务统计流量分析 全面的安全管理
对承载网QoS的要求
端到端带宽保证 承载网时延≤40ms;最低要求≤100ms 承载网时延抖动≤10ms;最低要求≤20ms 丢包率≤0.1% ;最低要求≤1%
PE Router
Switch Fabric / CPU 模块架构
SF/CPM A
Switch Fabric A
FRMR
CPM complex A T Chip Q Chip
Alcatel 7750 SR: 模块化接口
模块化设计 混合-和-匹配式接口类型, 优化插槽利用率的 速率和传输范围 贯穿7750SR产品线的MDA/SFP的便利性最大限 度的保护了投资 热插拔MDA和光器件 丰富的连接性选项
领先的端口密度
丰富的 ATM, SONET/SDH 和 Ethernet MDA 连 接性的选择 任何 业务/任意接口
,Belgium
比利时安特卫普 Russia俄罗斯圣彼得堡 Canada加拿大渥太华
St Petersborg
Ottawa
Marcoussis,France
法国Marcoussis US美国普莱诺
Stuttgart,Germany
德国斯图加特
Plano
Shanghai,China 中国上海
Search/ Control Memory
Search/ Control Memory
Programmable Packet Processor
Programmable Packet Processor
CAM
P
Alcatel-Lucent 7750 SERVICE ROUTER 接口配置指南说明书
Alcatel-Lucent 7750SERVICE ROUTER | RELEASE 13.0.R4 INTERFACE CONFIGURATION GUIDEAlcatel-Lucent – Proprietary & ConfidentialContains proprietary/trade secret information which is the property of Alcatel-Lucent. Not to be made available to, or copied or used by anyone who is not an employee of Alcatel-Lucent except when there is a valid non-disclosure agreement in place which covers such information and contains appropriate non-disclosure and limited use obligations.Copyright 2015 © Alcatel-Lucent. All rights reserved.All specifications, procedures, and information in this document are subject to change and revision at any time without notice. The information contained herein is believed to be accurate as of the date of publication. Alcatel-Lucent provides no warranty, express or implied, regarding its contents. Users are fully responsible for application or use of the documentation.Alcatel, Lucent, Alcatel-Lucent and the Alcatel-Lucent logo are trademarks of Alcatel-Lucent. All other trademarks are the property of their respective owners.Copyright 2015 Alcatel-Lucent.All rights reserved.DisclaimersAlcatel-Lucent products are intended for commercial uses. Without the appropriate network design engineering, they must not be sold, licensed or otherwise distributed for use in any hazardous environments requiring fail-safe performance, such as in the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, direct life-support machines, or weapons systems, in which the failure of products could lead directly to death, personal injury, or severe physical or environmental damage. The customer hereby agrees that the use, sale, license or other distribution of the products for any such application without the prior written consent ofAlcatel-Lucent, shall be at the customer's sole risk. The customer hereby agrees to defend and hold Alcatel-Lucent harmless from any claims for loss, cost, damage, expense or liability that may arise out of or in connection with the use, sale, license or other distribution of the products in such applications.This document may contain information regarding the use and installation of non-Alcatel-Lucent products. Please note that this information is provided as a courtesy to assist you. While Alcatel-Lucent tries to ensure that this information accurately reflects information provided by the supplier, please refer to the materials provided with any non-Alcatel-Lucent product and contact the supplier for confirmation. Alcatel-Lucent assumes no responsibility or liability for incorrect or incomplete information provided about non-Alcatel-Lucent products.However, this does not constitute a representation or warranty. The warranties provided for Alcatel-Lucent products, if any, are set forth in contractual documentation entered into by Alcatel-Lucent and its customers.This document was originally written in English. If there is any conflict or inconsistency between the English version and any other version of a document, the English version shall prevail.。
7750硬件介绍
200809
SR系列
7750 SR-12
宽带 (全双工, 冗余) I/O 插槽 介质相关适配器 (MDAs) 400G 10 20 AC Power (1 + 1) DC Power (1 + 1) Cooling Fans (2 + 1) 交换矩阵/控制处理器模块 (SF/CPM) (1 + 1) 24.5”H x 17.5”W x 25.25”D
200809
Alcatel SR IOM – 流量管理器
Memory Memory
流量管理器(TM)
CAM
NP
NP
输入 输出
Ingress TM
Memory
Egress TM
NP
Memory CAM
Memory
F A
• • • • •
负责缓冲,管理,整形,和其他QoS功能 同一芯片集可用于输入和输出 8K输入和输出队列 每个队列计算器都用于计费政策 输入和输出上200 ms缓冲的排队率
200809
IOM架构 &数据包流
SF/CPM A MAC
MAC
M D A M D A
CAM MEM
NP
2 1
NP
MEM
4
Switch Fabric A
TM TM
SE
Fabric Access
5
3
CAM MEM CAM
NP NP NP
MEM
SE
Framer
CPU
CONTROL PLANE
SF/CPM
CPU FFPC CPU
• 10 Gb/s物理接口终 端 • 以太网, SONET/SDH, 信道化的 SONET/SDH • 可插拔接口模块和可 插拔光接口
阿尔卡特7750配置文档
上海贝尔阿尔卡特7750SR配置标准模板目录一、硬件配置 (5)1.1配置IOM卡 (5)1.1.1 查看已经插入的IOM卡的类型 (5)1.1.2正确配置IOM卡的类型 (5)1.2配置MDA卡 (5)1.2.1查看已经插入的MDA卡的类型 (5)1.2.2正确配置MDA卡的类型 (5)1.3配置MDA端口 (6)1.3.1 POS端口配置 (6)1.3.2 以太口配置 (6)1.3.3 查看port信息 (6)二、设备管理配置 (7)2.1配置路由器名称、LOCATION、CONTACT (7)2.2配置系统时间 (7)2.3配置SNTP (7)2.3.1 打开SNTP(简单网络时间协议) (7)2.3.2 配置SNTP地址 (7)2.4配置SR为TELNET服务器 (7)2.5配置TELNET登陆限制 (8)2.5.1 配置默认动作为允许,因为是所有上主控板的流量。
(8)2.5.2 配置允许IP段的ACL,配置源IP,协议,目的端口 (8)2.5.3 配置一条拒绝的ACL,拒绝其他IP段。
(8)2.6配置用户 (8)2.6.1 配置用户名 (8)2.6.2 配置用户密码 (8)2.6.3 配置用户登陆方式 (9)2.6.4 配置用户所属的组 (9)2.7配置LOG (9)2.7.1 配置log-id (9)2.7.2 配置log信息类型 (9)2.7.3 配置记录log的方式 (9)2.7.4 配置记录log方式的具体配置 (9)2.8配置SNMP (10)2.9配置主备板同步 (10)2.9.1 配置自动同步 (10)2.9.2 手工同步命令 (10)2.10配置空闲时间 (10)2.11配置ANTI-SPOOF (10)三、路由配置 (11)3.1配置路由器系统地址 (11)3.2配置网络接口 (11)3.2.2 配置IP地址 (11)3.2.3 配置关联端口 (11)3.2.4 查看配置的路由器接口 (11)3.3配置静态及OSPF路由协议 (12)3.3.1 配置静态路由 (12)3.3.2 配置OSPF区域 (12)3.3.3 配置ospf接口cost值 (12)3.3.4 配置一个stub区域 (12)3.3.5 配置NSSA区域 (12)3.3.6 配置虚链路 (13)3.3.7 配置认证 (13)3.3.8配置路由聚合 (13)3.3.9 配置静态路由注入到OSPF路由协议 (13)3.3.10 查看运行在ospf协议下的接口 (14)3.3.11 查看ospf邻居建立关系 (14)3.3.12 查看ospf路由表 (14)3.4配置IS-IS (14)3.4.1 配置区域ID (14)3.4.2 配置路由器等级能力 (15)3.4.3 配置IS-IS接口 (15)3.4.4 查看ISIS下的接口 (15)3.4.5 添加已经配置到ISIS的每个网络接口 (15)3.4.6 查看ISIS邻接关系 (15)3.4.7 查看ISIS路由表 (15)3.5BGP配置 (16)3.5.1 创建AS (16)3.5.2 配置路由器 ID5 (16)3.5.3 配置 BGP (16)3.6配置POLICY (16)3.6.1 配置policy名称 (16)3.6.2 配置从静态路由分布到ospf路由协议中的policy (17)3.6.3 配置commit使之生效 (17)3.6.4 应用policy (17)3.7IP F ILTER配置 (17)3.7.1创建ip filter (17)3.7.2 指定默认动作 (17)3. 7.3 创建条目,指定动作、源、目的IP (17)3.7.4 应用ip filter (18)四、 MPLS 配置以及业务配置 (19)4.1MPLS配置 (19)4.1.1 MPLS接口配置 (19)4.1.3 配置 MPLS LSP和主路径 (19)4.1.4 查看命令 (20)4.1.5 改变每个网络接口的最大传输单元(MTU)尺寸 (20)4.2 E P IPE 配置 (20)4.2.1 创建客户并将其与提供的业务相关联 (20)4.2.2 指向客户的接口(在我们的网络中由膝上电脑表示)称为“toCustomer”,必须配置为接入接口。
SR7750典型配置案例(第二季度)
Alcatel 7750SR典型配置案例2011-4-1——2011-6-221.SR上FTTH业务的配置 (2)G配置 (5)3.epipe上的VC-Switch配置 (6)4.Filter log实现简单抓包 (7)5.cron配置 (8)6.端口或者vlan流量监控 (9)7.CPU高占用率快速故障定位 (11)■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■1.SR上FTTH业务的配置FTTH通过DHCP方式从省公司统一获取IP地址;对应的VPN(VPRN)通过CN2连接到DHCP server;各区域RT、RD、router-policy可以根据实际情况修改;,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,业务配置:*A:SR-XXX -SR7750-1>config>service>vprn# info----------------------------------------------description "CTVPN4005-E8C_IAD_DHCP"vrf-import "CTVPN4005_E8C_IAD_DHCP_import"vrf-export "CTVPN4005_E8C_IAD_DHCP_export"ecmp 4autonomous-system 65185route-distinguisher 4809:400500auto-bind ldp!连接到CN2接口interface "2_GE0/3" createaddress 172.27.128.2/30sap 2/2/7:102 createexitexit!连接到E8C接口subscriber-interface "E8C_172.27.248.0/21" createaddress 189.52.0.1/24group-interface "XianYe_E8-C_Voice-DHCP-1" createarp-populatedhcpserver 172.20.0.9 172.20.0.10trustedlease-populate 300gi-address 189.52.0.1no shutdownexitsap 2/2/9:2201.45 createexitsap 2/2/9:122.2020 createexitexitexit!与CN2的路由部署bgpexport "mpbgp_export_to_ce-ebgp"group "65185-4809"multihop 2peer-as 4809neighbor 172.27.128.1exitexitexitno shutdown路由策略配置:*A:SR-XXX-SR7750-1# show router policy CTVPN4005_E8C_IAD_DHCP_import entry 10fromprotocol bgp-vpncommunity "VPN_CTVPN4005_E8C_IAD_DHCP"exitaction acceptexitexitentry 20action rejectexit*A:SR-XXX-SR7750-1# show router policy CTVPN4005_E8C_IAD_DHCP_export entry 10fromprotocol directexittoprotocol bgp-vpnexitaction acceptcommunity add "VPN_CTVPN4005_E8C_IAD_DHCP"exitexitentry 15fromprotocol staticexittoprotocol bgp-vpnexitaction acceptcommunity add "VPN_CTVPN4005_E8C_IAD_DHCP"exitexitentry 20fromprotocol bgpexittoprotocol bgp-vpnexitaction acceptcommunity add "VPN_CTVPN4005_E8C_IAD_DHCP"exitexit*A:SR-XXX-SR7750-1# show router policy community VPN_CTVPN4005_E8C_IAD_DHCPcommunity "VPN_CTVPN4005_E8C_IAD_DHCP" members "target:4809:400500"*A:SR-XXX-SR7750-1# show router policy mpbgp_export_to_ce-ebgp entry 10fromprotocol bgp-vpnexittoprotocol bgpexitaction acceptexitexitentry 15fromprotocol ospfexittoprotocol bgpexitaction acceptexitexitentry 20fromprotocol staticexittoprotocol bgpexitaction acceptexitexitentry 25fromprotocol directexittoprotocol bgpexitaction acceptexitexit■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■G配置LAG组内的物理端口,关闭协商、1000M/duplex;LACP链路聚合控制协议(802.3ad),最好两边都支持,如果都支持就采用lacp active;在做LAG备份的时候,最好为跨IOM或者MDA;,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,port 1/1/2description "TO LAG1"ethernet no autono shutdownexitport 2/1/2description "TO LAG1"ethernet no autono shutdownexitconfig lag 1description "lag from A to B"mode accessencap-type dot1qlacp activeport 1/1/2port 2/1/2no shutdownexit查看lag状态show lag 1 detail================================================================= LAG Details================================================================= ==============Description : to-AG-22JU-T40G-------------------------------------------------------------------------------Details-------------------------------------------------------------------------------Lag-id : 1 Mode : access Adm : up Opr : up Thres. Exceeded Cnt : 8 Port Threshold : 0Thres. Last Cleared : 11/30/2010 10:41:21 Threshold Action : down Dynamic Cost : false Encap Type : dot1q Configured Address : 00:16:4d:1b:2e:f9 Lag-IfIndex : 1342177281 Hardware Address : 00:16:4d:1b:2e:f9 Adapt Qos : distribute Hold-time Down : 0.0 secLACP : enabled Mode : active LACP Transmit Intvl : fast LACP xmit stdby : enabled Selection Criteria : highest-count Slave-to-partner : disabled Number of sub-groups: 1 Forced : -System Id : 00:16:4d:1b:2d:b8 System Priority : 32768Admin Key : 32768 Oper Key : 32768Prtr System Id : 00:1e:73:97:25:60 Prtr System Priority : 32768Prtr Oper Key : 259-------------------------------------------------------------------------------Port-id Adm Act/Stdby Opr Primary Sub-group Forced Prio-------------------------------------------------------------------------------2/2/1 up active up yes 1 - 32768 2/2/2 up active up 1 - 32768 -------------------------------------------------------------------------------Port-id Role Exp Def Dist Col Syn Aggr Timeout Activity -------------------------------------------------------------------------------2/2/1 actor No No Yes Yes Yes Yes Yes Yes2/2/1 partner No No Yes Yes Yes Yes Yes Yes2/2/2 actor No No Yes Yes Yes Yes Yes Yes2/2/2 partner No No Yes Yes Yes Yes Yes Yes■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■3.epipe上的VC-Switch配置epipe即VLL,是在两点间建立虚拟专线,从协议上分析,是从一个业务接入点到另外一个业务接入点进行信令交互;对于复杂的层次网络结构,存在epipe的两个点都是SDP隧道的情况,此时的epipe只从当vc-swtiching;,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,config service epipe 100010 vc-swtiching customer 1 createspoke-sdp 101:100010 createexitspoke-sdp 103:100010 createexitexit■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■4.Filter log实现简单抓包由于抓包通常需要到现场,同时需要有电口连接抓包的电脑,通过mirror进行数据包的获取;在处理问题的时候,可以利用filter log的功能实现简单匹配数据包的日志,实现简单抓包对网络问题进行问题;完成抓包后,必须在sap点上取消filter配置;,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,config filterip-filter 10 createdefault-action forward缺省转发entry 20 creatematch 匹配所有ip包exitlog 101 匹配的记录保持在filter log中action forward 匹配的数据转发exitexit/config service vpls 1001sap 1/1/3:100.1001 createingressfilter ip 10exitegressfilter ip 10exitexit查看匹配结果show filter log 1012010/12/03 17:11:50 Mac Filter: 20:10 Desc:SAP: 1/1/3:11.0 Direction: Ingress Action: DropSrc MAC: 00-14-0d-fd-13-1d Dst MAC: ff-ff-ff-ff-ff-ff EtherType: 0806 ARP: Sender MAC: 00-14-0d-fd-13-1d Target MAC: 00-00-00-00-00-00 Sender IP: 10.156.3.55 Target IP: 10.156.1.255 OpCode: Request2010/12/03 17:11:51 Mac Filter: 20:10 Desc:SAP: 1/1/3:11.0 Direction: Ingress Action: DropSrc MAC: 00-14-0d-fd-13-1d Dst MAC: ff-ff-ff-ff-ff-ff EtherType: 0806 ARP: Sender MAC: 00-14-0d-fd-13-1d Target MAC: 00-00-00-00-00-00 Sender IP: 10.156.3.55 Target IP: 10.156.1.255 OpCode: Request2010/12/03 17:11:51 Mac Filter: 20:10 Desc:SAP: 1/1/3:11.0 Direction: Ingress Action: DropSrc MAC: 00-14-0d-fd-13-1d Dst MAC: ff-ff-ff-ff-ff-ff EtherType: 0806 ARP: Sender MAC: 00-14-0d-fd-13-1d Target MAC: 00-00-00-00-00-00 Sender IP: 10.156.3.55 Target IP: 10.156.1.255 OpCode: Request2010/12/03 17:11:51 Mac Filter: 20:10 Desc:SAP: 1/1/3:11.0 Direction: Ingress Action: DropSrc MAC: 00-14-0d-fd-13-1d Dst MAC: ff-ff-ff-ff-ff-ff EtherType: 0806 ARP: Sender MAC: 00-14-0d-fd-13-1d Target MAC: 00-00-00-00-00-00 Sender IP: 10.156.3.55 Target IP: 10.156.1.255 OpCode: Request■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■5.cron配置cron作为设备周期性指令调度,可以提供自动化脚本;比如每天24:00断开部分用户,每天07:00恢复用户网络;调度方式可以按照日历,比如每周1-5,也可以周期性,比如每2小时重复执行;,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,A:XXX>config>cron# info----------------------------------------------script "service-open"location "cf3:\service-open.cfg"no shutdownexitaction "service-open"results "cf3:\cron.log"script "service-open"no shutdownexitschedule "service-open"action "service-open"day-of-month allhour 8minute 0month allweekday allno shutdownexit6.端口或者vlan流量监控收集端口或者sap点的流量,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,监控物理端口/monitor port 1/1/3 rate======================================================================== Monitor statistics for Port 1/1/3========================================================================Input Output--------------------------------------------------------------------------------------------------------------------------------------------------------------At time t = 0 sec (Base Statistics)-------------------------------------------------------------------------------Octets 1156900175180050 1503817061589626 Packets 1486380537325 1623749192754 Errors 18 0-------------------------------------------------------------------------------At time t = 10 sec (Mode: Rate)-------------------------------------------------------------------------------Octets 28329529 38503716 Packets 37806 42468 Errors 0 0 Utilization (% of port capacity) 22.66 30.80-------------------------------------------------------------------------------At time t = 20 sec (Mode: Rate)-------------------------------------------------------------------------------Octets 28573319 38488267 Packets 37843 42555 Errors 0 0 Utilization (% of port capacity) 22.85 30.791/1/3端口流量=1000M*22.85%=228.5M(input)1/1/3端口流量=1000M*30.79%=307.9M(output)监控SAP接入点/monitor service id 501 sap 3/2/1:3501.0 rate-------------------------------------------------------------------------------At time t = 11 sec (Mode: Rate)--------------------------------------------------------------------------------------------------------------------------------------------------------------Sap Statistics-------------------------------------------------------------------------------Last Cleared Time : N/APackets Octets % PortUtil. Forwarding Engine StatsDropped : 0 0 0.00 Off. HiPrio : 0 0 0.00 Off. LowPrio : 1366 389242 0.31 Off. Uncolor : 0 0 0.00Queueing Stats(Ingress QoS Policy 1)Dro. HiPrio : 0 0 0.00 Dro. LowPrio : 0 0 0.00 For. InProf : 0 0 0.00 For. OutProf : 1366 389242 0.31Queueing Stats(Egress QoS Policy 1)Dro. InProf : 0 0 0.00 Dro. OutProf : 0 0 0.00 For. InProf : 864 147786 0.11 For. OutProf : 1 68 ~0.00 -------------------------------------------------------------------------------Sap per Queue Stats-------------------------------------------------------------------------------Packets Octets % PortUtil.Ingress Queue 1 (Unicast) (Priority)Off. HiPrio : 0 0 0.00 Off. LoPrio : 1366 389242 0.31 Dro. HiPrio : 0 0 0.00 Dro. LoPrio : 0 0 0.00 For. InProf : 0 0 0.00 For. OutProf : 1366 389242 0.31Egress Queue 1For. InProf : 857 146456 0.11 For. OutProf : 1 67 ~0.00 Dro. InProf : 0 0 0.00 Dro. OutProf : 0 0 0.00典型配置案例Confidential 800 820 5182 第 11 页 共 11 页 Alcatel-Lucent Sap 流量=1000M*0.31%=3.1M (input )Sap 流量=1000M*0.11%=1.1M (output )7. CPU 高占用率快速故障定位当CPU 占用率很高时,一定会有大量Packet 上送主控制板CPM 处理才会导致一些进程(比如IP Stack )的占用率高,但上送的Packet 有正常的协议报文、攻击流量,如何对攻击流量进行分辩、快速定位就是关键。
【VIP专享】阿尔卡特7750路由器-健康检查手册
检查日志信息及日志 行:
设置
检查调试信息开关 行:
检查设备系统名是否
ห้องสมุดไป่ตู้
符合中国移动命名规 看命令行提示符。
范
检查端口描述是否规 执行: 范
检查方法
在路由器各节点上分别执 行:
show version
在路由器各节点上分别执
show log log-id 99
show log log-id 100
在路由器各节点上分别执 正常运行时应该全部关闭。
show debug
在路由器各节点上分别查
检查标准
为 IOS 软件版本
核对 TiMOS,正常情况为为 9.0.R17。如有不同要引 起注意,TiMOS 异常有可能会造成设备重启后无法 正常启动。
正常情况下,不应该有大量重复信息。比如端口频 繁 up/down,以及错误信息等。
如果发现存在启用 Debug,则可以在用户视图使用
阿尔卡特 7750SR 路由器 健康检查手册
上海贝尔股份有限公司 2015 年 1 月 14 日
6.培养学生观察、思考、对比及分析综合的能力。过程与方法1.通过观察蚯蚓教的学实难验点,线培形养动观物察和能环力节和动实物验的能主力要;特2征.通。过教对学观方察法到与的教现学象手分段析观与察讨法论、,实对验线法形、动分物组和讨环论节法动教特学征准的备概多括媒,体继课续件培、养活分蚯析蚓、、归硬纳纸、板综、合平的面思玻维璃能、力镊。子情、感烧态杯度、价水值教观1和.通过学理解的蛔1虫.过观适1、察于程3观阅 六蛔寄.内列察读 、虫生出蚯材 让标容生3根常蚓料 学本教活.了 据见身: 生,师的2、解 问的体巩鸟 总看活形作 用蛔 题线的固类 结雌动态业 手虫 自形练与 本雄学、三: 摸对 学动状习人 节蛔生结4、、收 一人 后物和同类 课虫活构请一蚯集 摸体 回并颜步关 重的动、学、蚓鸟 蚯的 答归色学系 点形教生生让在类 蚓危 问纳。习从 并状学理列学平的害 题线蚯四线人 归、意特出四生面体以形蚓、形类 纳大图点常、五观玻存 表及动的鸟请动文 本小引以见引、察璃现 ,预物身类 3学物明 节有言及的、导巩蚯上状 是防的体之生和历 课什根蚯环怎学固蚓和, 干感主是所列环史 学么据蚓节二样生练引牛鸟 燥染要否以举节揭 到不上适动、区回习导皮类 还的特分分蚯动晓 的同节于物让分答。学纸减 是方征节布蚓物起 一,课穴并学蚯课生上少 湿法。?广的教, 些体所居归在生蚓前回运的 润;4泛益学鸟色生纳.靠物完的问答动原 的4蛔,处目类 习和活环.近在成前题蚯的因 ?了虫以。标就 生体的节身其实端并蚓快及 触解寄上知同 物表内特动体结验和总利的慢我 摸蚯生适识人 学有容点物前构并后结用生一国 蚯蚓在于与类 的什,的端中思端线问活样的 蚓人飞技有 基么引进主的的考?形题环吗十 体生行能着 本特出要几变以动,境?大 节活的1密 方征本“特节化下物.让并为珍 近习会形理切 法。课生征有以问的小学引什稀 腹性态解的 。2课物。什游题主.结生出么鸟 面和起结蛔关观题体么戏:要利明蚯?类 处适哪构虫系察:的特的特用确蚓等 ,于些特适。蛔章形殊形征板,这资 是穴疾点于可虫我态结式。书生种料 光居病是寄的们结构,五小物典, 滑生?重生鸟内学构,学、结的型以 还活5要生类部习与.其习巩鸟结的爱 是如原活生结了功颜消固类构线鸟 粗形何因的存构腔能色化练适特形护 糙态预之结的,肠相是系习于点动鸟 ?、防一构现你动适否统。飞都物为结蛔。和状认物应与的行是。主构虫课生却为和”其结的与题、病本理不蛔扁的他构特环以生?8特乐虫形观部特8征境小理三页点观的动位点梳相组等、这;,哪物教相,理适为方引些2鸟,育同师.知应单面导鸟掌类结了;?生识的位学你握日构解2互.。办特生认线益特了通动手征观识形减点它过,抄;察吗动少是们理生报5蛔?物,与的解.参一了虫它和有寄主蛔与份解结们环些生要虫其。蚯构都节已生特对中爱蚓。会动经活征人培鸟与飞物灭相。类养护人吗的绝适这造兴鸟类?主或应节成趣的为要濒的课情关什特临?就危感系么征灭来害教;?;绝学,育,习使。我比学们它生可们理以更解做高养些等成什的良么两好。类卫动生物习。惯根的据重学要生意回义答;的3.情通况过,了给解出蚯课蚓课与题人。类回的答关:系线,形进动行物生和命环科节学动价环值节观动的物教一育、。根教据学蛔重虫点病1.引蛔出虫蛔适虫于这寄种生典生型活的线结形构动和物生。理二特、点设;置2.问蚯题蚓让的学生生活思习考性预和习适。于穴居生活的形态、结构、生理等方面的特征;3.线形动物和环节动物的主要特征。
Alcatel7750 确认单板指导
Alcatel 7750 扩板操作指导三.设备相关操作(1).联机串口配置(需使用厂家的串口线,其它串口线均不能用)配置终端好后,因SR7750为双主控板SF/CPM,我们要插到主用主控板上的console口,才能登入设备。
辨别主用主控板还是备用主控板时,我们需要看主控板上的CTL灯,显示为绿色常亮为主用主控板,显示是绿色闪烁的为备用主控板。
主控板CPM的其它灯的显示说明,请参照另一个文档设备的有没有插及插了多少块IOM板及MDA板,通过主控板上的灯是看不出来的,本身它就不具备此功能。
(2)在扩容之前,为安全起见我们需做设备配置的保存: admin save保存好后,需采集目前设备配置:admin display-config 多按几下回车键,才能采完(3)插板顺序,先插IOM板,再插MDA板(4)在插IOM板时一定要注意,主控板和IOM板上有保护胶套要先卸下才能插入槽位,否则板卡是插不位的, 无法加电。
如图:大卡为IOM卡,小卡为MDA卡(5)按设计的槽位插入IOM板卡,插入设备后,需用命令确认能否工作正常A:7750SR12# show card state/查看刚插好的IOM单板具体型号及槽位号,其中的槽位号是从设备面板上看出来的,也可以用此命令看。
我们刚插上的IOM板的型号及槽位号,在此命令下是有显示的,只是该板的admin state和oper state的状态没有达到UP。
确认IOM板命令如下:A:7750SR12#configure card X card-type XXX/具体板卡情况依实际情况定义第一个X代表设备是槽位号,XXX代表IOM的具体型号.这里就是要用到show card state显示的结果了。
确认IOM板卡后,稍等片刻,可以查看其是否工作正常了,命令如下:A:7750SR12#show card state/查看新插入IOM单板的运行状态,待新插入的IOM单板的admin state和oper state为UP状态后进入下一步操作。
7750SR 设备介绍
Presentation Title — 15
All rights reserved © 2011
FP3: 业务性能极大扩展
FP1 Scale
FP2 Scale
New!
FP3 Scale
IP Route Table
L3 Interfaces
VPRN Instances VPLS Instances
Alcatel-Lucent 7750 业务路由器
输入/输出 模块 (IOM-FP1)
每块IOM支持两 个可热插拔的 MDA
灵活的,完全可编程的转发体
以线速(10 Gb/s)进行处理
IOM2-20G
Ctrl. RAM
Ctrl. RAM
到交换矩阵的冗余连 接 (SR-7/12 )
M D
NPU ‘P’ Chip
Presentation Title — 6
All rights reserved © 2011
5Tbps 系统背板
•10 个20/50/100 G IOM •20个MDA
Alcatel-Lucent 7750 路由器 SR-7系统组成
灵活快速路径转发 阵列
10 MDA
5个输入/输出 模块(IOM))
All rights reserved © 2011
100G IMM 平台
100G IMM结构图
• 充分利用FP2 100G能力 • 在输入输出2个方向分别采用
P2/Q2 芯片组 • 采用2个T2 连接
…
12p 10GE IMM 1p 100GE IMM
.
XB200G Layout)
RLDRAM-II RLDRAM-II RLDRAM-II RLDRAM-II
7750 SR高级配置指南.pdf_1701706365.4593518说明书
ESM IPv4: Multicast in a Wholesale/RetailScenarioIn This ChapterThis section describes ESM IPv4 multicast configurations in a wholesale/retail scenario.Topics in this section include:•Applicability on page 2126•Overview on page 2127•Configuration on page 2129•Conclusion on page 21407750 SR Advanced Configuration Guide Page 2125ApplicabilityApplicabilityThis configuration example is applicable to the 7750 SR-7/12/12e with IOM3-XP and IMMs, the7450 ESS -7/12 chassis in mixed mode with IOM3-XP and IMMs, and also to the 7750 SR-c4/12platforms, and requires chassis mode C as a minimum. Note that the 7450 will only operate as anL2TP Access Concentrator (LAC) for L2TP services.The configuration was tested on release 11.0.R1 and covers both IPoE and PPPoE subscribers. Page 21267750 SR Advanced Configuration GuideESM IPv4: Multicast in a Wholesale/Retail Scenario OverviewAlcatel-Lucent’s Triple Play Service Delivery Architecture (TPSDA) allows operators to integrateHigh Speed Internet (HSI), voice and video services within a single network infrastructure. Thegoal of this configuration example is to provide a walk through of a wholesale/retail multicastsetup.There are two wholesale/retail models in TPSDA. In the first model, the retail service is co-locatedwith the wholesale service whereas in the second model, for PPP services only, the retail service ison a separate BNG. The network topology shown in Figure334 is the first model. It consists oftwo 7750s; BNG-1 is a wholesaler Broadband Network Gateway (BNG) with the retail service co-located and the second is a retailer router. Figure335 shows the second model where the retailservice is a separate router and the connection between the wholesale and retail utilizes L2TP. The7450 in both cases is used as an aggregation switch to aggregate all subscribers.Figure 334: Wholesale/Retail Model 1Figure 335: Wholesale/Retail Model 27750 SR Advanced Configuration Guide Page 2127OverviewThe second 7750 is connected directly to the multicast source. On the access side, the BNG isconnected to an aggregation switch aggregating both PPPoE and IPoE subscribers.There are two basic requirements for a subscriber to receive multicast streams. First, the groupinterface for the subscribers must have IGMP enabled. Second, the Enhanced SubscriberManagement (ESM) subscriber must be allowed to receive multicast streams by having IGMPenabled. When both requirements are met, the BNG will process the subscribers’ IGMP messages,otherwise, IGMP messages are dropped. All customer premise device (CPE) originated IGMPmessages are aggregated via the 7450 and passed onto the wholesale BNG. It is always the retailVPRN that processes the IGMP messages. The wholesale VPRN SAPs performs the forwardingof the actual multicast streams.Page 21287750 SR Advanced Configuration GuideESM IPv4: Multicast in a Wholesale/Retail Scenario ConfigurationNote that a basic knowledge of multicast and ESM is assumed.ESM Wholesale-Retail MulticastThere are various ways to provide wholesale and retail multicast function.•For the IPoE and PPPoE Layer 3 wholesale/retail model, the wholesale and the retailservices reside on separate VPRNs.•For the PPPoE Layer 2 wholesale/retail model, L2TP is used.ESM Layer 3 Wholesale-Retail MulticastFigure336 depicts a Layer 3 wholesale/retail scenario for both IPoE and PPPoE. The first BNGcontains both the wholesale and retail configuration. There are two options for the retail BNG todeliver the multicast streams to the wholesale BNG:1.MVPN between the BNGsor2.If using a routed interface between the BNGs, multicast routing is required.This example will use the second option for delivery of the multicast streams in order to keep theconfiguration simple.Figure 336: Layer 3 Wholesale/Retail7750 SR Advanced Configuration Guide Page 2129ESM Layer 3 Wholesale-Retail MulticastStep 1.Below is a configuration extract from the wholesale service on BNG-1 with the group interface added to IGMP. This configuration applies to both IPoE and PPPoE.*A:BNG-1> config>service>vprn>sub-if# info----------------------------------------------unnumbered “system”group-interface "wholesale-sub-int-1" createdhcpclient-applications dhcp pppno shutdownexitauthentication-policy "auth-policy-1"sap 1/1/5:1 createsub-sla-mgmtdef-sub-id use-sap-iddef-sub-profile "multicast-profile-1"def-sla-profile "sla-profile-1"sub-ident-policy "sub-ident-policy-1"multi-sub-sap 10no shutdownexitexitpppoesession-limit 10sap-session-limit 10no shutdownexitexitigmpgroup-interface "wholesale-group-int-1"no shutdownexitno shutdownexitStep 2.Also on BNG-1, a separate VPRN is configured for the retailer. The retail configuration is a little different from the wholesale configuration. Below is a configuration extract fromthe retail VPRN with IGMP enabled. This configuration is applicable to both IPoE andPPPoE. The multicast streams received in the retail VPRN are forwarded to the wholesaleVPRN. Other retail VPRNs can offer multicast streams as well, and the same multicastaddresses can be re-used as long as the address is assigned to a different retail VPRN.*A:BNG-1> config>service>vprn# info----------------------------------------------route-distinguisher 65536:2subscriber-interface "retail-sub-int-1" fwd-service 1fwd-subscriber-interface "wholesale-sub-int-1" createaddress 10.255.255.254/8dhcpserver 192.168.0.1client-applications dhcp pppgi-address 10.255.255.254lease-populate 10no shutdownPage 21307750 SR Advanced Configuration GuideESM IPv4: Multicast in a Wholesale/Retail Scenario exitexitigmpgroup-interface fwd-service 1 "wholesale-group-int-1no shutdownexitexitospf 192.168.2.2area 0.0.0.0interface "system"no shutdownexitinterface "retail-sub-int-1"no shutdownexitinterface "int-BNG-1-BNG-2"no shutdownexitexitexitpiminterface "int-BNG-1-BNG-2"exitexitStep 3.Per host replication is mandatory in a wholesale/retail scenario. A single wholesale SAP might be shared among different retailers. A wholesale host that has requested a multicastgroup will always have the multicast delivered directly. Other hosts on the SAPs mightbelong to a different retailer and therefore 1) retailers might not have the same multicastgroup and sources and 2) their bandwidth should not be impacted by other hosts’multicast. Per-host replication is configured in the igmp-policy igmp-policy-1. This ismandatory for both IPoE and PPPoE subscribers.*A:BNG 1> config>subscr-mgmt>igmp-policy# info----------------------------------------------per-host-replicationStep 4.The interfaces are added to OSPF and to PIM on the retail BNG that is connected to the multicast source.*A:BNG-2> config>service>vprn# info----------------------------------------------ospfarea 0.0.0.0interface "system"no shutdownexitinterface "int-BNG-2-BNG-1"no shutdownexitinterface “int-multicast-source”no shutdownexitexitexit7750 SR Advanced Configuration Guide Page 2131ESM Layer 3 Wholesale-Retail Multicastpiminterface "int-BNG-2-BNG-1"exitinterface "int-multicast-source"exitrpstaticaddress 192.168.4.1group-prefix 224.0.0.0/4exitexitexitexitWith the above the configuration, the wholesale/retail setup is ready to process IGMP messages.Now send an IGMPv3 request to the wholesale SAP. The (S,G) is (192.168.4.2, 239.255.1.1) andthe subscriber IP address is 10.0.0.2. The output below shows that the (S,G) is not registered in thewholesale VPRN but is in the retail VPRN.*A:BNG-1> show router 1 igmp group===============================================================================IGMP Interface Groups==============================================================================================================================================================IGMP Host Groups==============================================================================================================================================================IGMP SAP Groups===============================================================================No Matching Entries===============================================================================*A:BNG-1> show router 2 igmp group===============================================================================IGMP Interface Groups==============================================================================================================================================================IGMP Host Groups===============================================================================(192.168.4.2,239.255.1.1)Fwd List : 10.0.0.2 Up Time : 0d 00:13:01===============================================================================IGMP SAP Groups===============================================================================-------------------------------------------------------------------------------(*,G)/(S,G) Entries : 1===============================================================================Page 21327750 SR Advanced Configuration GuideESM IPv4: Multicast in a Wholesale/Retail ScenarioTo view all subscribers’ (S,G) pairs, use the following command.*A:BNG-1> show service active-subscribers igmp detail===============================================================================Active Subscribers Detail===============================================================================Subscriber IGMP-PolicyHostAddr GrpItf NumGroupsGrpAddr Type Up-Time ModeSrcAddr Type Blk/Fwd-------------------------------------------------------------------------------video_user_01 igmp-policy-110.0.0.2 whole-sale 1239.255.1.1 Dynamic 0d 01:37:55 Include192.168.4.2 Dynamic Fwd-------------------------------------------------------------------------------Number of Subscribers : 1===============================================================================Only the retail VPRN is responsible for processing the IGMP messages. Therefore to troubleshoota wholesale/retail setup, debug is only relevant on the retail router instance.debugrouter "2"igmpgroup-interface fwd-service "1" "whole-sale"host "10.0.0.2"packet mode egr-ingr-and-droppedexitexit7648 2013/05/24 16:59:41.02 EST MINOR: DEBUG #2001 vprn2 IGMP[14]"IGMP[14]: RX-PKT[013 07:56:53.680] IGMP host 10.0.0.2 V3 PDU: 10.0.0.2 -> 224.0.0.22 pduLen20Type: V3 REPORT maxrespCode 0x0 checkSum 0xddf6Num Group Records: 1Group Record 0Type: ALW_NEW_SRCS, AuxDataLen 0, Num Sources 1Mcast Addr: 239.255.1.1Source Address List192.168.4.2"7649 2013/05/24 16:59:41.02 EST MINOR: DEBUG #2001 vprn2 IGMP[vprn2 inst 14]"IGMP[vprn2 inst 14]: igmpIfGroupAddAdding 239.255.1.1 to IGMP host 10.0.0.2 database"7650 2013/05/24 16:59:41.02 EST MINOR: DEBUG #2001 vprn2 IGMP[vprn2 inst 14]"IGMP[vprn2 inst 14]: igmpProcessGroupRecProcess group rec ALW_NEW_SRCS received on host 10.0.0.2 for group 239.255.1.1 in mode INCLUDE. Num srcs 1"7750 SR Advanced Configuration Guide Page 2133ESM Layer 3 Wholesale-Retail Multicast7651 2013/05/24 16:59:41.02 EST MINOR: DEBUG #2001 vprn2 IGMP[vprn2 inst 14]"IGMP[vprn2 inst 14]: igmpIfSrcAddAdding i/f source entry for host 10.0.0.2 (192.168.4.2,239.255.1.1) to IGMP fwdListDatabase, redir if N/A"The same debug command can be used for troubleshooting IGMP leave messages as shownbelow.7652 2013/05/24 16:59:43.90 EST MINOR: DEBUG #2001 vprn2 IGMP[14]"IGMP[14]: RX-PKT[013 07:56:56.560] IGMP host 10.0.0.2 V3 PDU: 10.0.0.2 -> 224.0.0.22 pduLen20Type: V3 REPORT maxrespCode 0x0 checkSum 0xdcf6Num Group Records: 1Group Record 0Type: BLK_OLD_SRCS, AuxDataLen 0, Num Sources 1Mcast Addr: 239.255.1.1Source Address List192.168.4.2"7653 2013/05/24 16:59:43.90 EST MINOR: DEBUG #2001 vprn2 IGMP[vprn2 inst 14]"IGMP[vprn2 inst 14]: igmpProcessGroupRecProcess group rec BLK_OLD_SRCS received on host 10.0.0.2 for group 239.255.1.1 in mode INCLUDE. Num srcs 1"7654 2013/05/24 16:59:43.90 EST MINOR: DEBUG #2001 vprn2 IGMP[vprn2 inst 14]"IGMP[vprn2 inst 14]: igmpProcessIfSrcTimerExpSource Timer expired for IGMP host 10.0.0.2 (192.168.4.2,239.255.1.1)"7655 2013/05/24 16:59:43.90 EST MINOR: DEBUG #2001 vprn2 IGMP[vprn2 inst 14]"IGMP[vprn2 inst 14]: igmpIfSrcDelDeleting i/f source entry for host 10.0.0.2 (192.168.4.2,239.255.1.1) from IGMP Database. DeleteFromAvl: 1 !Redir 0"7656 2013/05/24 16:59:43.90 EST MINOR: DEBUG #2001 vprn2 IGMP[vprn2 inst 14]"IGMP[vprn2 inst 14]: igmpIfGroupDelDeleting 239.255.1.1 from IGMP host 10.0.0.2 database"Page 21347750 SR Advanced Configuration GuideESM IPv4: Multicast in a Wholesale/Retail ScenarioESM L2TP Wholesale/Retail MulticastAs previously mentioned, the other option for PPPoE wholesale/retail is to use an L2TPconnection as shown in Figure337. LAC-1 contains the wholesale configuration while LNS-1contains the retail configuration.Figure 337: L2TP Wholesale-Retail MulticastBelow is a configuration extract for the wholesale L2TP Access Concentrator (LAC) in thewholesale service. It is using the local database, under the pppoe user-db configuration, toauthenticate the subscriber. The wholesale LAC does not process any IGMP messages so it passesall messages to the retailer LNS.*A:LAC-1> config>service>vprn>sub-if# info----------------------------------------------description "L2TP"unnumbered “system”group-interface "LAC-sub-int-1" createsap 1/1/11:222 createsub-sla-mgmtdef-sub-id use-sap-iddef-sub-profile "multicast-profile-1def-sla-profile "sla-profile-1"sub-ident-policy "sub-ident-policy-1"multi-sub-sap 10no shutdownexitexitpppoesession-limit 10sap-session-limit 10user-db "ppp-db-1"no shutdownexitexitl2tpgroup "l2tp-group-1" create7750 SR Advanced Configuration Guide Page 2135ESM L2TP Wholesale/Retail Multicasttunnel "tunnel-1" createauto-establishlocal-name "LAC"peer 192.0.2.3no shutdownexitno shutdownexitno shutdownThe retailer BNG serves as the L2TP Network Server (LNS). Below is a configuration extract forthe LNS. IGMP must be enabled on the ESM group-interface in the retail service.*A:LNS-1> config>service>vprn>sub-if# info----------------------------------------------address 10.255.255.254/8group-interface "LNS-group-int-1" lns createsap-parameterssub-sla-mgmtdef-sub-id use-sap-iddef-sub-profile "multicast-profile-1def-sla-profile "sla-profile-1"sub-ident-policy "sub-ident-policy-1"multi-sub-sap 10no shutdownexitexitdhcpserver 192.168.0.1client-applications pppgi-address 10.255.255.254lease-populate 10no shutdownexitexitl2tpgroup "l2tp-group-1" createtunnel "tunnel-1" createlns-group 1pppauthentication-policy "auth-policy-1"default-group-interface "LNS-group-int-1" service-id 1mtu 1500proxy-authentication alwaysproxy-lcp alwaysexitremote-name "LAC"no shutdownexitno shutdownexitno shutdownigmpgroup-interface "LNS-group-int-1"no shutdownexitno shutdownPage 21367750 SR Advanced Configuration GuideESM IPv4: Multicast in a Wholesale/Retail Scenario With the above configuration applied, the wholesale/retail multicast setup can be verified. Firstly,send an IGMP message from the subscriber, the example below uses IGMPv3. The (S,G) sent is(192.168.4.2, 239.255.1.1) from the subscriber with IP address 10.0.0.2. The show commandsbelow can be used to verify the multicast group being sent to the subscriber.*A:LNS-1> show service active-subscribers igmp detail===============================================================================Active Subscribers Detail===============================================================================Subscriber IGMP-PolicyHostAddr GrpItf NumGroupsGrpAddr Type Up-Time ModeSrcAddr Type Blk/Fwd-------------------------------------------------------------------------------LNS1-pppoe-sub-01 igmp-policy-110.0.0.2 LNS 1239.255.1.1 Dynamic 0d 00:04:41 Include192.168.4.2 Dynamic Fwd-------------------------------------------------------------------------------Number of Subscribers : 1===============================================================================The IGMP group is not seen in the wholesale router instance (as shown by the first output belowon LAC-1), however, it is seen in the retail router instance (as shown by the second output belowon LNS-1).*A:LAC-1> show router 1 igmp group===============================================================================IGMP Interface Groups==============================================================================================================================================================IGMP Host Groups==============================================================================================================================================================IGMP SAP Groups===============================================================================No Matching Entries===============================================================================*A:LNS-1> show router 1 igmp group===============================================================================IGMP Interface Groups==============================================================================================================================================================IGMP Host Groups===============================================================================(192.168.4.2,239.255.1.1)Fwd List : 10.0.0.2 Up Time : 0d 00:08:27===============================================================================IGMP SAP Groups===============================================================================-------------------------------------------------------------------------------7750 SR Advanced Configuration Guide Page 2137ESM L2TP Wholesale/Retail Multicast(*,G)/(S,G) Entries : 1===============================================================================Only the retail BNG (LNS-1) is responsible for processing the IGMP messages. Therefore totroubleshoot ESM multicast for an L2TP service, the following debug commands are used on theLNS.debugrouter "1"igmpgroup-interface "LNS-01"host "10.0.0.2"packet mode egr-ingr-and-droppedexitexit7604 2013/05/24 16:55:49.46 EST MINOR: DEBUG #2001 vprn1 IGMP[8]"IGMP[8]: RX-PKT[013 07:53:02.120] IGMP host 10.0.0.2 V3 PDU: 10.0.0.2 -> 224.0.0.22pduLen 20Type: V3 REPORT maxrespCode 0x0 checkSum 0xddf6Num Group Records: 1Group Record 0Type: ALW_NEW_SRCS, AuxDataLen 0, Num Sources 1Mcast Addr: 239.255.1.1Source Address List192.168.4.2"7605 2013/05/24 16:55:49.46 EST MINOR: DEBUG #2001 vprn1 IGMP[vprn1 inst 8]"IGMP[vprn1 inst 8]: igmpIfGroupAddAdding 239.255.1.1 to IGMP host 10.0.0.2 database"7606 2013/05/24 16:55:49.46 EST MINOR: DEBUG #2001 vprn1 IGMP[vprn1 inst 8]"IGMP[vprn1 inst 8]: igmpProcessGroupRecProcess group rec ALW_NEW_SRCS received on host 10.0.0.2 for group 239.255.1.1 in modeINCLUDE. Num srcs 1"7607 2013/05/24 16:55:49.46 EST MINOR: DEBUG #2001 vprn1 IGMP[vprn1 inst 8]"IGMP[vprn1 inst 8]: igmpIfSrcAddAdding i/f source entry for host 10.0.0.2 (192.168.4.2,239.255.1.1) to IGMP fwdList Database, redir if N/A"The IGMP leave messages can also be seen in the debug, as shown below.7615 2013/05/24 16:58:06.38 EST MINOR: DEBUG #2001 vprn1 IGMP[8]"IGMP[8]: RX-PKT[013 07:55:19.040] IGMP host 10.0.0.2 V3 PDU: 10.0.0.2 -> 224.0.0.22pduLen 20Page 21387750 SR Advanced Configuration GuideESM IPv4: Multicast in a Wholesale/Retail Scenario Type: V3 REPORT maxrespCode 0x0 checkSum 0xdcf6Num Group Records: 1Group Record 0Type: BLK_OLD_SRCS, AuxDataLen 0, Num Sources 1Mcast Addr: 239.255.1.1Source Address List192.168.4.2"7616 2013/05/24 16:58:06.38 EST MINOR: DEBUG #2001 vprn1 IGMP[vprn1 inst 8]"IGMP[vprn1 inst 8]: igmpProcessGroupRecProcess group rec BLK_OLD_SRCS received on host 10.0.0.2 for group 239.255.1.1 in modeINCLUDE. Num srcs 1"7617 2013/05/24 16:58:06.38 EST MINOR: DEBUG #2001 vprn1 IGMP[vprn1 inst 8]"IGMP[vprn1 inst 8]: igmpProcessIfSrcTimerExpSource Timer expired for IGMP host 10.0.0.2 (192.168.4.2,239.255.1.1)"7618 2013/05/24 16:58:06.38 EST MINOR: DEBUG #2001 vprn1 IGMP[vprn1 inst 8]"IGMP[vprn1 inst 8]: igmpIfSrcDelDeleting i/f source entry for host 10.0.0.2 (192.168.4.2,239.255.1.1) from IGMPDatabase. DeleteFromAvl: 1 !Redir 0"7619 2013/05/24 16:58:06.38 EST MINOR: DEBUG #2001 vprn1 IGMP[vprn1 inst 8]"IGMP[vprn1 inst 8]: igmpIfGroupDelDeleting 239.255.1.1 from IGMP host 10.0.0.2 database"7750 SR Advanced Configuration Guide Page 2139ConclusionConclusionMulticast is an essential part of Triple Play Services. The SR/ESS TPSDA solution offering ismuch more than a baseline multicast delivery, it includes individual subscriber awareness andprovides each retailer a separate routing context to manage their own multicast content. Subscriberawareness allows for the fine tuning of each subscriber multicast experience and also fortroubleshooting on a per subscriber basis. This example provides a complete configuration walkthrough for multicast delivery for both IPoE and PPPoE in a wholesale/retail model.Page 21407750 SR Advanced Configuration Guide。
7750 SR OS 基本系统配置指南说明书
Boot Option FilesConfiguring Boot File Options with CLIThis section provides information to configure BOF parameters with CLI.Topics in this section include:•Configuring Boot File Options with CLI on page 173•BOF Configuration Overview on page 174•Basic BOF Configuration on page 175•Common Configuration Tasks on page 176•Configuring BOF Parameters on page 181•Service Management Tasks on page 182→Viewing the Current Configuration on page 182→Modifying and Saving a Configuration on page 184→Saving a Configuration to a Different Filename on page 186→Rebooting on page 186BOF Configuration OverviewAlcatel-Lucent 7750 SR-Series routers do not contain a boot EEPROM. The boot loader code isloaded from the boot.ldr file. The BOF file performs the following tasks:1.Sets up the CPM/ Ethernet port (speed, duplex, auto).2.Assigns the IP address for the CPM/Ethernet port.3.Creates static routes for the CPM/ Ethernet port.4.Sets the console port speed.5.Configures the Domain Name System (DNS) name and DNS servers.6.Configures the primary, secondary, tertiary configuration source.7.Configures the primary, secondary, and tertiary image source.8.Configures operational parameters.Boot Option FilesBasic BOF ConfigurationThe parameters which specify location of the image filename that the router will try to boot fromand the configuration file are in the BOF.The most basic BOF configuration should have the following:•Primary addressPrimary image location•Primary configuration locationFollowing is a sample of a basic BOF configuration.A:SR-45# show bof===============================================================================BOF (Memory)===============================================================================primary-image cf3:/4.0.R20primary-config cf3:/ospf_default.cfgaddres 138.120.189.53/24 activestatic-route 138.120.0.0/16 next-hop 138.120.189.1static-route 172.0.0.0/8 next-hop 138.120.189.1autonegotiateduplex fullspeed100wait3persist onconsole-speed 115200===============================================================================A:SR-45#Common Configuration TasksThe following sections are basic system tasks that must be performed.•Searching for the BOF on page 177→Accessing the CLI on page 179−Console Connection on page 179•Configuring BOF Parameters on page 181For details about hardware installation and initial router connections, refer to the specific 7750 SR-Series hardware installation guide.Boot Option FilesSearching for the BOFThe BOF should be on the same drive as the boot loader file. If the system cannot load or cannotfind the BOF then the system checks whether the boot sequence was manually interrupted. Thesystem prompts for a different image and configuration location.The following example displays an example of the output when the boot sequence is interrupted.. . .Hit a key within 3 seconds to change boot parms...You must supply some required Boot Options. At any prompt, you can type:"restart" - restart the query mode."reboot" - reboot."exit" - boot with with existing values.Press ENTER to begin, or 'flash' to enter firmware update...Software Location-----------------You must enter the URL of the TiMOS software.The location can be on a Compact Flash device,or on the network.Here are some examplescf3:/timos1.0R1ftp://user:**************.xx.xxx/./timos1.0R1tftp://192.168.xx.xxx/./timos1.0R1TheexistingImageURLis'ftp://vxworks:***************.xx.xxx/./rel/0.0/xx'Press ENTER to keep it.Software Image URL:Using:'ftp://vxworks:***************.xx.xxx/./rel/0.0/xx'Configuration File Location---------------------------You must enter the location of configurationfile to be used by TiMOS. The file can be ona Compact Flash device, or on the network.Here are some examplescf1:/config.cfgftp://user:**************.xx.xxx/./config.cfgtftp://192.168.xx.xxx/./config.cfgThe existing Config URL is 'cf3:/config.cfg'Press ENTER to keep it, or the word 'none' forno Config URL.Config File URL:Using: 'cf3:/config.cfg'Network Configuration---------------------You specified a network location for either thesoftware or the configuration file. You need toassign an IP address for this system.The IP address should be entered in standard dotted decimal form with a network length. example: 192.168.xx.xxx/24Displays on no n-Redun-dant Models l The existing IP address is 192.168.xx.xxx/20. Press ENTER to keep it. Enter IP Address:Using: 192.168.xx.xxx/20Display on Redundant models The existing Active IP address is 192.168.xx.xxx/20. Press ENTER to keep it. Enter Active IP Address:Using: 192.168.xx.xxx/20The existing Standby IP address is 192.168.xx.xxx/20. Press ENTER to keep it. Enter Standby IP Address (Type 0 ifno ne desired):Using: 192.168.xx.xxx/20Would you like to add a static route? (yes/no) yStatic Routes-------------You specified network locations which requirestatic routes to reach. You will be asked toenter static routes until all the locations becomereachable.Static routes should be entered in the following format:prefix/mask next-hop ip-addressexample: 192.168.xx.xxx/16 next-hop 192.168.xx.xxxEnter route: 1.x.x.0/24 next-hop 192.168.xx.xxxOKWould you like to add another static route? (yes/no) nNew Settings------------primary-imageftp://vxworks:***************.xx.xx/./rel/0.0/xxprimary-config cf3:/config.cfgaddress 192.168.xx.xx/20 activeprimary-dns 192.168.xx.xxdns-domain static-route 1.x.x.0/24 next-hop 192.168.xx.xxxautonegotiateduplex fullspeed 100wait 3persist offDo you want to overwrite cf3:/bof.cfg with the new settings? (yes/no): y Successfully saved the new settings in cf3:/bof.cfgBoot Option FilesAccessing the CLITo access the CLI to configure the software for the first time, follow these steps:•When the SF/CPM is installed and power to the chassis is turned on, the 7750 SR OS7750 SR OS MG software automatically begins the boot sequence.•When the boot loader and BOF image and configuration files are successfully located, establish a router connection (console session).Console ConnectionTo establish a console connection, you will need the following:•An ASCII terminal or a PC running terminal emulation software set to the parameters shown in the table below.• A standard serial cable with a male DB9.Table 19: Console Configuration Parameter ValuesData Bits8Parity NoneStop Bits1Flow Control NoneFigure 10 displays an example of the Console port on a 7750 SR-1 front panel.Console PortSR10001AFigure 10: 7750 SR-1 Front Panel Console PortTo establish a console connection:Step 1Connect the terminal to the Console port on the front panel using the serial cable. Step 2Power on the terminal.Step 3Establish the connection by pressing the <Enter> key a few times on your terminal keyboard.Step 4At the router prompt, enter the login and password.The default login is admin.The default password is admin.Boot Option FilesConfiguring BOF ParametersThe following output displays a BOF configuration:A:ALA-1>bof# show bof==================================================================Memory BOF==================================================================no autonegotiateduplex fullspeed 100address 10.10.xx.xx/20 activewait 3primary-image cf3:\both.timprimary-config cf3:\test123.cfgprimary-dns 192.168.xx.xxpersist ondns-domain ==================================================================A:ALA-1>bof#Service Management TasksThis section discusses the following service management tasks:•System Administration Commands on page 182→Viewing the Current Configuration on page 182→Modifying and Saving a Configuration on page 184→Deleting BOF Parameters on page 185→Saving a Configuration to a Different Filename on page 186System Administration CommandsUse the following administrative commands to perform management tasks.CLI Syntax:A:ALA-1# admindisplay-configreboot [active|standby] [now]save [file-url] [detail] [index]Viewing the Current ConfigurationUse one of the following CLI commands to display the current configuration. The detail optiondisplays all default values. The index option displays only the persistent indices. The infocommand displays context-level information.CLI Syntax:admin# display-config [detail|index]info detailThe following displays an example of a configuration file:A:7750-3>admin# display-config# TiMOS B-1.0.Ixxx - Copyright (c) 2000-2007 Alcatel, Inc.# Built on Tues Jan 21 21:39:07 2007 by builder in /rel1.0/xx/panos/main# Generated WED Jan 31 06:15:29 2007 UTCexit allconfigure#--------------------------------------------------echo "System Configuration"#--------------------------------------------------systemname "7750-3"contact "Fred Information Technology"Boot Option Files location "Bldg.1-floor 2-Room 201"clli-code "abcdefg1234"coordinates "N 45 58 23, W 34 56 12"ccm 1exitsnmpexitlogin-controlidle-timeout 1440motd text "7750-3"exittimesntpshutdownexitzone UTCexitthresholdsrmonexitexitexit......#--------------------------------------------------echo "Redundancy Configuration"#--------------------------------------------------redundancysynchronize boot-envexit...exit all# Finished FRI Nov 21 15:06:16 2008 UTCA:7750#Modifying and Saving a ConfigurationIf you modify a configuration file, the changes remain in effect only during the current powercycle unless a save command is executed. Changes are lost if the system is powered down or therouter is rebooted without saving.•Specify the file URL location to save the running configuration. If a destination is not specified, the files are saved to the location where the files were found for that bootsequence. The same configuration can be saved with different file names to the samelocation or to different locations.•The detail option adds the default parameters to the saved configuration.•The index option forces a save of the index file.•Changing the active and standby addresses without reboot standby CPM may cause aboot-env sync to fail.The following command saves a configuration:CLI Syntax:bof# save [cflash-id]Example:A:ALA-1# bofA:ALA-1>bof# save cf3:A:ALA-1>bof#The following command saves the system configuration:CLI Syntax:admin# save[file-url] [detail][index]Example:A:ALA-1# admin save cf3:\test123.cfgSaving config.# Saved to cf3:\test123.cfg... completeA:ALA-1#NOTE: If the persist option is enabled and the admin save file-url command is executedwith an FTP path used as the file-url parameter, two FTP sessions simultaneously open to theFTP server. The FTP server must be configured to allow multiple sessions from the same login,otherwise, the configuration and index files will not be saved correctly.Boot Option FilesDeleting BOF ParametersYou can delete specific BOF parameters. The no form of these commands removes the parameterfrom configuration. The changes remain in effect only during the current power cycle unless asave command is executed. Changes are lost if the system is powered down or the router isrebooted without saving.Deleting a BOF address entry is not allowed from a Telnet session.Use the following CLI syntax to save and remove BOF configuration parameters:CLI Syntax:bof# save [cflash-id]Example:A:ALA-1# bofA:ALA-1>bof# save cf3:A:ALA-1>bof#CLI Syntax:bof#no address ip-address/mask [active | standby]no autonegotiateno console-speedno dns-domainno li-local-saveno li-separateno primary-configno primary-dnsno primary-imageno secondary-configno secondary-dnsno secondary-imageno static-route ip-address/mask next-hop ip-addressno tertiary-configno tertiary-dnsno tertiary-imageSaving a Configuration to a Different FilenameSave the current configuration with a unique filename to have additional backup copies and to editparameters with a text editor. You can save your current configuration to an ASCII file.Use either of the following CLI syntax to save a configuration to a different location:CLI Syntax:bof# save [cflash-id]Example:A:ALA-1# bofA:ALA-1>bof# save cf3:A:ALA-1>bof#orCLI Syntax:admin# save [file-url] [detail][index]Example:A:ALA-1>admin# save cf3:\testABC.cfgSaving config.# Saved to cf3:\testABC.cfg... completeA:ALA-1#RebootingWhen an admin>reboot command is issued, routers with redundant CPM are rebooted as well asthe IOMs. Changes are lost unless the configuration is saved. Use the admin>save file-url com-mand to save the current configuration. If no command line options are specified, the user isprompted to confirm the reboot operation.Use the following CLI syntax to reboot:CLI Syntax:admin# reboot [active|standby] [now]Example:A:ALA-1>admin# rebootA:DutA>admin# rebootAre you sure you want to reboot (y/n)? yResetting...OKAlcatel 7xxx Boot ROM. Copyright 2000-2007 Alcatel-Lucent.All rights reserved. All use is subject to applicablelicense agreements.....。
阿尔卡特7750路由器-健康检查手册
阿尔卡特7750SR路由器健康检查手册上海贝尔股份有限公司2015年1月14日一、健康检查标准使用说明1.1 使用说明1.本手册适用产品:阿尔卡特7750SR,适用于CE、AR、DCN、CMNET等应用场景。
1.2 适用的设备软、硬件列表1.设备型号:ALCA TEL 7750SR2.软件版本:TiMOS 9.0.R17二、健康检查项目编号检查内容检查方法检查标准1 检查软件版本在路由器各节点上分别执行:show version为IOS软件版本核对TiMOS,正常情况为为9.0.R17。
如有不同要引起注意,TiMOS异常有可能会造成设备重启后无法正常启动。
2 检查日志信息及日志设置在路由器各节点上分别执行:show log log-id 99show log log-id 100正常情况下,不应该有大量重复信息。
比如端口频繁up/down,以及错误信息等。
3 检查调试信息开关在路由器各节点上分别执行:show debug正常运行时应该全部关闭。
如果发现存在启用Debug,则可以在用户视图使用no debug命令关闭所有Debug。
4 检查设备系统名是否符合中国移动命名规范在路由器各节点上分别查看命令行提示符。
符合中国移动命名规范。
5 检查端口描述是否规范在交路由器各节点上分别执行:show port description所有激活的重要接口都要按照中国移动规范进行描述,按照下列规则对重要端口进行描述:本端设备名-本端端口号->对端设备名-端口号。
6 检查系统时间是否与当地时间和时区一致在路由器各节点上分别执行:show time系统时间和当地时间、时区一致。
●如果没有配置网络时间同步,则时间设置应与当地时间和时区一致,从而便于日后定位故障时间和跟踪信息。
●如果系统时间不精确,则需要在用户视图配置时区和时间,命令如下:A:7750SR#configure system time zone PRC 8●A:7750SR#admin set-time 2011/10/0108:00:007 检查配置文件参数在路由器各节点上分别执行:admin display-config说明建议将最终配置文件另行备份保存到机器外。
7750&7710配置基础
All Rights Reserved © Alcatel-Lucent 2007, #####
配置三层接口
配置三层接口:
三层接口名称 配置IP address 分配物理端口 配置接口其它选项
SR1>config>router# interface To_Router_2 ↵ SR1>config>router>if$ address 10.10.10.100/24 ↵ SR1>config>router>if# port 1/1/1 ↵ SR1>config>router>if# exit ↵ SR1# show router interface ↵
3
7750/7710常用维护命令
14 | Presentation Title | Month 2006
All Rights Reserved © Alcatel-Lucent 2007, #####
常用维护命令
show system cpu /查看cpu占用率/ show system connections /系统连接数/ show system information /系统信息/ show redundancy synchronization /主控板冗余信息/ show users /登陆用户在线数/ show router interface /查看三层接口状态/ show router route-table [summary] /查看路由表/ show router fib x x.x.x.x/x /查看转发表/ show router x fib x x.x.x.x/x /查看vpn的转发表/ show port 1/1/1 [detail] /查看物理端口信息/ monitor port 1/1/1 rate interval 3 repeat 3 /查看端口实时流量/ Monitor service id x sap x/x/x rate interval 11 repeat 4 /查看用户实时流量/ clear port 1/1/1 statistics /清查端口统计/ show chasiss /查看机框状态/ show card state /查看板卡状态/ show card detail /查看iom详细信息/ show mda detail /查看mda详细信息/
阿尔卡特7750培训资料1:路由配置
− L1, L 1-2,和L2 − 从其他协议分发进来的IPv4 的路由汇总 − 汇总路由所通告的量度比其他具体的IPv4 路由的量度要小。。
• 可基于每个消息类型和每个level,支持抑制IS-IS认证。提高与非 7750 IS-IS 部署的互操作性。
• 不间断路由
7750SR 路由和路由策略
Alcatel Proprietary, all rights reserved © 2005, Alcatel
• 出站路由过滤 (ORF) –BGP的一个特征:一个BGP 发送者请求他的
邻居不发送给它特定的路由。在 7750VPRN上支持。 • TTL 安全– 能够指定一个进入的BGP 信息包的最小TTL 值 。
− 多数eBGP对等体关系在邻近的路由器间建立。 − 假如一个信息包的TTL值不在指定的范围内,便丢弃这个信息包并产生一
7750 SR 业务实现R3.0
Alcatel University
代理-ARP
子网 20
主机 A IP add.=IP_A MAC add.= MAC_A
子网 10
主机C IP add.=IP_C MAC add.= MAC_C
接口 X
Alcatel 7750技术资料
目标
@@SECTIONTITLE · @@MODULETITLE
IES--Alcatel-Lucent的专用Internet访问 (Dedicated Internet Access DIA),可以 根据用户要求很容易地提供Internet访问的业务.
使用IES, 运营商通过他自己的路由域为用户提供被路由的(而非基于隧道的) Internet接入。IES提供:
系统可扩展性和高端口密度 大量有效的可配置入口和出口访问控制列表(ACL) 支持数百万的IP地址转发表 支持几个关键的网络路由协议 (BGP4, IS-IS, OSPF) 支持IPv4和IPv6 支持几个用户路由协议(BGP4, IS-IS, OSPF, RIP, 因特网组管理协议[IGMP],
关键不同之处
All Rights Reserved © Alcatel-Lucent 2007
可靠性: 7750 SR 的充分的冗余的平台提供了高可靠性的特性,例如:业务在线软件升级 (In-Service Software Upgrade ISSU),不间断的转发和路由,快速收敛和多种 保护机制 (APS, BFD, LAG).
• Qos的提升
@@SECTION · @@MODULE · 8
9
Internet
Subscriber Network
@@PRODUCT @@COURSENAME
All Rights Reserved © Alcatel-Lucent 2007
Alcatel7750SR常用命令集
Alcatel7750SR常用命令集1. 简介本文档是关于Alcatel7750SR常用命令集的指南。
Alcatel7750SR是一款多功能的路由器和交换机,广泛应用于电信运营商和企业网络中。
本文档将介绍一些常用的命令,以帮助用户更好地了解和使用Alcatel7750SR。
2. 登录与退出2.1 登录要登录到Alcatel7750SR设备,可以使用以下命令:login <用户名> <密码>其中,<用户名>和<密码>分别是您的登录名和密码。
2.2 退出要退出登录,可以使用以下命令:logout3. 基本配置3.1 设置主机名可以使用以下命令设置设备的主机名:configure systemset hostname <主机名>end其中,<主机名>是您要设置的主机名。
3.2 设置IP地址要设置设备的IP地址,可以使用以下命令:configure systemset address <接口> ip-address <IP地址>/<子网掩码>end其中,<接口>是设备的接口名,如ethernet 1/1/1,<IP 地址>是您要设置的IP地址,<子网掩码>是IP地址的子网掩码。
4. 路由配置4.1 静态路由要配置静态路由,可以使用以下命令:configure router static-routeadd <目标网络> next-hop <下一跳地址>end其中,<目标网络>是要配置的目标网络,如10.0.0.0/24,<下一跳地址>是下一跳的IP地址。
4.2 动态路由要配置动态路由,可以使用以下命令:configure router dynamic-routeospfarea <区域号>network <网络地址> mask <子网掩码>exitexit其中,<区域号>是OSPF的区域号,<网络地址>是要配置的网络地址,<子网掩码>是网络地址的子网掩码。
7750SR配置方法
实用文案7750SR路由器配置规范V2.1上海贝尔阿尔卡特股份有限公司互联网事业部二零零六年十一月目录1.概述 (5)2.系统基本配置 (7)2.1.层次化命令结构 (7)2.2.在CLI中获得帮助 (8)2.3.硬件板卡配置 (9)2.4.设备名称配置 (11)2.5.系统时间配置 (11)2.6.NTP配置 (11)2.7.主备卡切换配置 (12)2.8.AAA配置(登录用户) (14)3.端口配置 (16)3.1.Loopback端口配置 (16)3.2.GE端口配置 (16)3.3.POS端口配置 (17)3.4.端口镜像配置 (18)4.安全配置 (23)4.1.ACL配置 (23)4.2.防攻击配置 (24)5.网管配置 (31)5.1.网管地址配置 (31)5.2.TELNET配置 (32)5.3.FTP配置 (33)5.4.SNMP (33)5.5.SYSLOG (35)5.6.配置备份 (36)5.7.SSH配置 (36)Flow备份 (37)6.路由配置 (39)6.1.黑洞路由配置 (39)6.2.静态路由配置 (39)6.3.OSPF配置 (39)6.4.ISIS配置 (44)6.5.BGP配置 (47)7.业务配置 (54)7.1.专线业务配置(IES配置) (54)7.2.MPLS VPN业务配置 (56)7.2.1P路由器配置 (56)7.2.2PE路由器配置(VPRN) (60)7.2.3PE路由器配置(VPLS) (63)8.7750SR常用维护命令 (67)1.概述阿尔卡特7750SR路由器是业内第一个专为高级互联网和虚拟专用网络(VPN)业务而设计和优化的IP/MPLS业务路由器。
阿尔卡特7750SR有三种尺寸可供选择:单槽、7槽和12槽,可提供具有卓越性能和高密度的各种接口。
作为目前业内最具扩展性的路由器平台,阿尔卡特7750SR具有为高效传送基于服务等级协议(SLA)的业务而设计的软件和硬件架构,因此阿尔卡特7750SR不仅仅是强大的互联网路由器,更是一个灵活、强大的业务供应平台。
阿尔卡特7750配置文档
上海贝尔阿尔卡特7750SR配置标准模板目录一、硬件配置 (5)1.1配置IOM卡 (5)1.1.1 查看已经插入的IOM卡的类型 (5)1.1.2 正确配置IOM卡的类型 (5)1.2配置MDA卡 (5)1.2.1 查看已经插入的MDA卡的类型 (5)1.2.2 正确配置MDA卡的类型 (5)1.3配置MDA端口 (6)1.3.1 POS端口配置 (6)1.3.2 以太口配置 (6)1.3.3 查看port信息 (6)二、设备管理配置 (8)2.1配置路由器名称、LOCA TION、CONTACT (8)2.2配置系统时间 (8)2.3配置SNTP (8)2.3.1 打开SNTP (8)2.3.2 配置SNTP地址 (8)2.4配置SR为TELNET服务器 (8)2.5.1 配置默认动作为允许,因为是所有上主控板的流量。
(9)2.5.2 配置允许IP段的ACL,配置源IP,协议,目的端口 (9)2.5.3 配置一条拒绝的ACL,拒绝其他IP段。
(9)2.6配置用户 (9)2.6.1 配置用户名 (9)2.6.2 配置用户密码 (9)2.6.3 配置用户登陆方式 (10)2.6.4 配置用户所属的组 (10)2.7配置LOG (10)2.7.1 配置log-id (10)2.7.2 配置log信息类型 (10)2.7.3 配置记录log的方式 (10)2.7.4 配置记录log方式的具体配置 (10)2.8配置SNMP (11)2.9配置主备板同步 (11)2.9.1 配置自动同步 (11)2.9.2 手工同步命令 (11)2.10配置空闲时间 (11)2.11配置ANTI-SPOOF (11)三、路由配置 (13)3.1配置路由器系统地址 (13)3.2配置网络接口 (13)3.2.1 配置interface名字及描述 (13)3.2.2 配置IP地址 (13)3.2.3 配置关联端口 (13)3.2.4 查看配置的路由器接口 (13)3.3配置静态及OSPF路由协议 (14)3.3.1 配置静态路由 (14)3.3.2 配置OSPF区域 (14)3.3.3 配置ospf接口cost值 (14)3.3.4 配置一个stub区域 (14)3.3.5 配置NSSA区域 (14)3.3.6 配置虚链路 (15)3.3.7 配置认证 (15)3.3.8 配置路由聚合 (15)3.3.9 配置静态路由注入到OSPF路由协议 (15)3.3.10 查看运行在ospf协议下的接口 (16)3.3.11 查看ospf邻居建立关系 (16)3.3.12 查看ospf路由表 (16)3.4配置IS-IS (16)3.4.1 配置区域ID (16)3.4.2 配置路由器等级能力 (17)3.4.4 查看ISIS下的接口 (17)3.4.5 添加已经配置到ISIS的每个网络接口 (17)3.4.6 查看ISIS邻接关系 (17)3.4.7 查看ISIS路由表 (17)3.5BGP配置 (18)3.5.1 创建AS (18)3.5.2 配置路由器 ID5 (18)3.5.3 配置 BGP (18)3.6配置POLICY (18)3.6.1 配置policy名称 (18)3.6.2 配置从静态路由分布到ospf路由协议中的policy (19)3.6.3 配置commit使之生效 (19)3.6.4 应用policy (19)3.7IP F ILTER配置 (19)3.7.1 创建ip filter (19)3.7.2 指定默认动作 (19)3. 7.3创建条目,指定动作、源、目的IP (19)3.7.4 应用ip filter (20)四、 MPLS 配置以及业务配置 (21)4.1MPLS配置 (21)4.1.1 MPLS接口配置 (21)4.1.2 创建已命名的MPLS路径 (21)4.1.3 配置 MPLS LSP和主路径 (21)4.1.4 查看命令 (22)4.1.5 改变每个网络接口的最大传输单元(MTU)尺寸 (22)4.2 E P IPE 配置 (22)4.2.1 创建客户并将其与提供的业务相关联 (22)4.2.2 指向客户的接口(在我们的网络中由膝上电脑表示)称为“toCustomer”,必须配置为接入接口。
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Alcatel 7750 SR 设备配置指南1.设备配置命令说明 (2)3.1 S YSTEM基本配置 (2)3.2 L OG配置 (3)3.3 P ORT配置 (3)3.4 ISIS协议配置 (5)3.5 M PLS、LDP协议配置 (6)3.6 S ECURITY 配置 (7)3.7 VPN-BGP配置 (9)3.8 P OLICY配置 (10)3.9 S ERVICE配置 (11)3.10 IES业务配置 (11)3.11 VPLS 业务配置 (13)3.12 VPRN业务配置 (15)2.故障排除方法说明 (17)2.1 光路正常但PORT端口DOWN (17)2.2 PING 不通对端地址 (17)2.3 ISIS邻接关系无法建立 (18)2.4 BGP邻居无法正常建立 (18)2.5 BGP表中有路由,但路由没有被放进VPN路由表中 (18)2.6 VPN中用户CE设备无法访问远端 (18)3.业务运行状态检查命令 (19)3.1 查看S ERVICE业务运行状态 (19)3.2 检查路由器接口运行状态 (19)3.3 查看设备P ORT端口运行状态 (20)3.4 查看设备MAC地址表信息 (21)4.删除SERVICE配置步骤 (22)1.设备配置命令说明3.1 System基本配置1.chassis-mode 要配置为C,以支持新的feature。
2.telnet 的session限制为设置为最大数7。
3.时区自定义为BEIJ 08。
配置示例:systemname "YZ-SYL-R-AC7750-01"chassis-mode csnmppacket-size 9216exitlogin-controltelnetinbound-max-sessions 7outbound-max-sessions 7exitno login-bannerexittimesntpshutdownexitzone BEIJ 08exitthresholdsrmonexitexitexit检查命令:show chassis 查看chassis mode是否为C。
Show time 查看系统时间。
3.2 Log配置1.配置本地log用于保存7750SR的日常设备信息,log-id 为11,file-id 为11。
配置示例:logfile-id 11location cf3:exitsnmp-trap-group 98trap-destination 61.177.191.180 "snmpv2c" notify-community "alcateltrap"trap-destination 61.177.191.188 "snmpv2c" notify-community "yzsnmprw123"exitlog-id 11from security changeto file 11exitlog-id 98from main securityto snmp 1024exitexit检查命令:Show log log-id 10查看本地LOG3.3 Port配置PORT配置根据下联交换机的端口类型和协商方式灵活配置。
1.采用7750物理端口与下联设备直联就不需要封装dot1Q,如果有VLAN则需要封装dot1Q。
2.端口下配置的用户数据,如需配置IES、VLL、VPLS、VPRN等数据就需要设置mode为access。
3.与下联设备不需要协商需要配置no autonegotiate。
配置示例:port 1/1/1ethernetexitno shutdownexitport 1/1/2Ethernetmode accessencap-type dot1qno autonegotiateexitno shutdownexit检查命令:Show port查看端口状态是否UP。
1.设备的唯一标识地址系统默认名字为system,配置IP地址。
2.配置系统自治号为64665。
3.打开多链路负载均衡ECMP设置为8。
4.配置设备router-id 为system地址。
配置示例:routerinterface "system"address 58.220.170.3/32exitinterface "to_DBL12416-1_1"address 58.220.165.34/30port 2/1/1exitinterface "to_DBL12416-1_2"address 58.220.165.38/30port 1/1/2exitinterface "to_SYL12416-1_1"address 58.220.165.42/30port 1/1/1exitinterface "to_SYL12416-1_2"address 58.220.165.46/30port 2/1/2exitautonomous-system 64665ecmp 8 - equal cost multi-path router-id 58.220.170.3检查命令:show router interface查看interface是否UP。
show router ecmp查看ecmp是否打开。
3.4 ISIS协议配置1.配置ISIS为leverl-12.配置area-id 为86.4665.05143.将system、与GSR互联的接口、与下联设备互联接口加入到ISIS进程。
配置示例:isislevel-capability level-1area-id 86.4665.0514traffic-engineeringlevel 1wide-metrics-onlyexitinterface "system"level-capability level-1exitinterface "to_SYL12416-1_1"level-capability level-1level 1metric 200exitexitinterface "to_SYL12416-1_2"level-capability level-1level 1metric 200exitexitinterface "to_DBL12416-1_1"level-capability level-1level 1metric 200exitexitinterface "to_DBL12416-1_2"level-capability level-1level 1metric 200exitexitexit检查命令:show router isis adjacency查看ISIS邻接是否建立。
3.5 Mpls、LDP协议配置1.将system、与GSR互联的接口、与下联设备互联接口加入到MPLS和LDP进程。
配置示例:mplsinterface "system"exitinterface "to_SYL12416-1_1"exitinterface "to_SYL12416-1_2"exitinterface "to_DBL12416-1_1"exitinterface "to_DBL12416-1_2"exitno shutdownexitldpimport "block_0_fec"interface-parametersinterface "to_SYL12416-1_1"exitinterface "to_SYL12416-1_2"exitinterface "to_DBL12416-1_1"exitinterface "to_DBL12416-1_2"exitexittargeted-sessionexitexitexit检查命令:show router mpls interfaceshow router ldp session查看LDP邻接是否建立成功。
3.6 Security 配置1.开启telnet、snmp服务。
并对访问IP进行限制。
2.全网7750SR设备关闭SSH服务。
3.配置IPV6-filter。
对每台7750SR的普通上网用户和每个VPRN用户都要进行IPV6包的过滤。
配置示例:systemsecuritytelnet-serverftp-servermanagement-access-filterdefault-action permitentry 10description "fortelnet"action permitsrc-ip 61.177.176.0/22exitentry 20action permitsrc-ip 61.177.191.0/27exitentry 30action permitsrc-ip 222.189.226.0/23exitentry 40action permitsrc-ip 58.220.165.0/24exitentry 50action permitsrc-ip 58.220.166.0/23exitentry 60action permitsrc-ip 58.220.168.0/23exitentry 70action permitsrc-ip 61.177.191.180/32exitentry 80action permitsrc-ip 58.220.170.0/24exitentry 90action permitsrc-ip 10.108.0.5/32exitentry 100action denyprotocol 6dst-port 23 65535exitentry 190action denyprotocol 17dst-port 161 65535exitexitpasswordauthentication-order tacplus localexittacplusaccountingauthorizationtimeout 10single-connectionserver 1 address 221.231.148.6 secret "z05szr1ZBJCPeLCQOtckOk" hash2server 2 address 61.177.64.146 secret "WZBK9MwJl5GOacy0i5JXTE" hash2exituser "admin"password "VeuGBy9agmYtpDhhW0yi359H.JvK5.8c" hash2access console ftp snmpconsolemember "administrative"exitexitsnmpcommunity "yzsnmpro123" r version bothcommunity "yzsnmprw123" rwa version bothexitper-peer-queuingcpm-filterip-filtershutdownexitipv6-filterentry 10 createlog 110matchrouter Baseexitexitentry 20 creatematchrouter ***(VPRN Service ID)exitexitno shutdownexitexit检查命令:Show system security cpm-filter ipv6-filter查看IPV6包的数量。