Phu Luc Quyet Dinh Thiet Ke Truyen Tai Di Dong Qua L2S- MANE-VN2

7/21/2019 Phu Luc Quyet Dinh Thiet Ke Truyen Tai Di Dong Qua L2S- MANE-VN2

1/19

Ph lc: Thit k truyn ti di ng qua mng L2Switch, !"# $ %"2&(Km theo Quyt nh s /Q-VNPT-VT ngy / /2011)

'& (uy h)ch %L!"*+P

-c %"PT t.nh*th/nh:

- Di S-VLAN quy hoch cho 2 cng ty di ng: 3G Vinaphone: 2!" - 2#!$ 2G Vinaphone: 2%!" - 2%#!$ 3G V&S: 2#"- 2%!!$ 2G V&S: 2%#" - 2'!!$

- ()*n " +,: .i /0i 1i 1ng di ng cng ty VN,4 V&S54 quy hoch !2 S-VLAN)i*ng 6i7t: " S-VLAN cho 1ng 3G SVLAN-3G54 " S-VLAN d8ng cho 2G SVLAN-2G5$

- 9c Node;? @c quy hoch !2>u6net: Su6net " cho dBch /C u;54 Eng gEi 6Fng cp VLAN 9"-VLAN-3G4 S-

VLAN-3G$ (.i a Hhng qu "I Node;


2/19

- P t) cc cng ty di ng thYc hi7n quy hoch ,4 cUu hMnh Ht n.i cho t)@_ng hpHt n.i Ji*n tZnh$

- ;o co (Rp on cc thit H ,4 Bnh tuyn4 V``, cho 1i Ht n.i Ji*n tZnh c=ahai Xn /B VN,


3/19

- +, thYc hi7n c %!2$"p / >ao chrp /o cc J0p t@Xng mng s,

- 9Uu hMnh t)uyQn ti L2 Sitch4 +,4 ,-AGG$- 1 6o cc H*nh t)uyQn ti @c p dCng ng cUu hMnh OoS @c quy Bnh ti

Ouyt Bnh >. "3"

3


4/19

Trung t@m A) ki9m B Can %iDn th0ng:

- 9E ph@Xng n4 H hoch Hif1 t)a /i7c thYc hi7n cUu hMnh t)uyQn ti4 chUt J@ng t)uyQnti qua 1ng &AN


5/19

Ph lc: @u l>nh c7u h8nh mEu tham kh)

'& ng !"# iFc)a& TrGHng hIJ L2SK $ );il1 r)ut1r kt n6i ti card #S24

!

!

!Deny some layer 2 traffic

!

mac access-list extended L2ACL

deny any host 0100.0ccc.cccd

deny any host 0100.0ccd.cdce

deny any host 0900.2b01.0001

deny any host 0180.c200.0001



deny any host 0100.0ccc.cccc

deny any host 0100.0ccd.cdd0

deny any host 0100.0cdd.dddd

deny any host 0100.e00.0000


deny any host 0100.0c00.0000



deny any host 0100.0ccd.cdcd



deny any host 0180.c200.000"

deny any host 0180.c200.000#



deny any host 0180.c200.000a

deny any host 0180.c200.000b

deny any host 0180.c200.000c

#


6/19

deny any host 0180.c200.000d

deny any host 0180.c200.000e

deny any host 0180.c200.000f



$ermit any any

!

mls %os

mls %os mar&in' i'nore $ort-tr(st

!

()*n +-,:

!l2 )fi 3*+trans$ortation man(al

)$n id ,)c id

nei'hbor ,/-A**1 loo$bac& address enca$s(lation m$ls no s$lit-horion

nei'hbor ,/-A**2 loo$bac& address enca$s(lation m$ls no s$lit-horion

!

interface *ixy

no i$ address

mt( 9000

s$eed none'otiate

mls %os tr(st cos

storm-control broadcast le)el 10.00

!

!

ser)ice instance ,id /thernet

mac access-'ro($ L2ACL in

enca$s(lation dot1% ,LA4 5D

brid'e-domain ,LA4 5D s$lit-horion

!

!ser)ice instance d6n' 7 match cc ':i tin L2 loo$ ); dro$ tr


7/19

!

service instance ethernet

encapsulation default

!

interface )lan ,LA4 5D

mt( 9000

no i$ address

no sh(t

xconnect )fi 3*+trans$ortation

!

!

!r


8/19

no i$ address

mt( 9000

s$eed none'otiate

mls %os tr(st cos


!

!ser)ice instance 7:n l


9/19



10/19

!

!

ser)ice instance ,id /thernet

mac access-'ro($ L2ACL in

enca$s(lation dot1% ,LA4 5D

brid'e-domain ,LA4 5D

!

!ser)ice instance d6n' 7 match cc ':i tin L2 loo$ ); dro$ tr


11/19

enca$s(lation dot1% ,CLA4 5D

reOrite in'ress ta' $(sh dot1% ,LA4 5D symmetric

brid'e-domain ,LA4 5D

!

!!

()*n ,-AGG":

!

interface *ixy

no i$ address

mt( 9000

s$eed none'otiate


!



12/19

!

interface *ixy

no i$ address

mt( 9000

s$eed none'otiate


!



13/19

!class-ma$ match-any 5D/ match m$ls ex$erimental to$most match i$ $recedence

!class-ma$ match-any CW55CAL-DAA1 match m$ls ex$erimental to$most 3match i$ $recedence 3

!class-ma$ match-any CW55CAL-DAA2

match m$ls ex$erimental to$most 2match i$ $recedence 2!class-ma$ match-any @54/-5 match m$ls ex$erimental to$most 1 match i$ $recedence 1!$olicy-ma$ 10*/+/20+@!! Weal-time traffic is $rioritied b(t only alloOs ($ to 10Yb$s! class W/AL-5Y/ $olice cir 10000000 conform-action transmit exceed-action dro$

$riority %(e(e-limit 20"2 $ac&ets!! Control traffic is '(aranteed minim(m bandOidth 1 of interface bandOidth!class C4WL

bandOidth $ercent 1!! ideo traffic is '(aranteed minim(m bandOidth 30 of interface bandOidth! class 5D/ bandOidth $ercent 30 %(e(e-limit 2#8 $ac&ets

!! Critical-Data1 is '(aranteed minim(m bandOidth 30 of interface bandOidth! @sin' W/D for con'estion a)oidance!! class CW55CAL-DAA1 bandOidth $ercent 1 random-detect a''re'ate random-detect $recedence )al(es 2 minim(m-thresh 93# maxim(m-thresh 2812mar&-$rob 1 random-detect $recedence )al(es 3 minim(m-thresh 1000 maxim(m-thresh000 mar&-$rob 1!

! Critical-Data2 is '(aranteed minim(m bandOidth 10 of interface bandOidth! @sin' W/D for con'estion a)oidance! class CW55CAL-DAA2 bandOidth $ercent 10 random-detect a''re'ate random-detect $recedence )al(es 2 minim(m-thresh 93# maxim(m-thresh 2812mar&-$rob 1 random-detect $recedence )al(es 3 minim(m-thresh 1000 maxim(m-thresh000 mar&-$rob 1!! (siness 5 is '(aranteed minim(m bandOidth 1 of interface bandOidth! @sin' W/D for con'estion a)oidance

! class @54/-5 bandOidth $ercent 1

"3


14/19

random-detect a''re'ate random-detect $recedence )al(es 0 minim(m-thresh 8"1 maxim(m-thresh 183mar&-$rob 1 random-detect $recedence )al(es 1 minim(m-thresh "9 maxim(m-thresh 20833mar&-$rob 1!! Any traffic that does not match # classes abo)e is classified to class-defa(lt.! Class-defa(lt (ses air-%(e(e and W/D and not is '(aranteed bandOidth.!class class-defa(lt

random-detect a''re'ate random-detect $recedence )al(es 0 minim(m-thresh 8"1 maxim(m-thresh 183mar&-$rob 1 random-detect $recedence )al(es 1 minim(m-thresh "9 maxim(m-thresh 20833mar&-$rob 1!! A$$ly olicy-ma$ onto each en*i'abit 5nterface toOards @-/ or /-A'' ro(ter!interface en*i'abit/thernet xyser)ice-$olicy o(t$(t 10*/+/20+@

!Core QoS on ES20-1GE ports

!mls %osmls %os mar&in' i'nore $ort-tr(st!! *lobal Fo Confi'(ration!! Classify # classes of traffic based on 5 recendence or /`!class-ma$ match-any C4WL match m$ls ex$erimental to$most "match i$ $recedence "

!class-ma$ match-any W/AL-5Y/ match m$ls ex$erimental to$most match i$ $recedence

!class-ma$ match-any 5D/ match m$ls ex$erimental to$most match i$ $recedence



!class-ma$ match-any @54/-5 match m$ls ex$erimental to$most 1 match i$ $recedence 1!$olicy-ma$ 1*/+/20+@!! Weal-time traffic is $rioritied b(t only alloOs ($ to 10Yb$s! class W/AL-5Y/ $olice cir 10000000 conform-action transmit exceed-action dro$ $riority %(e(e-limit 20"2 $ac&ets!

"I


15/19

! Control traffic is '(aranteed minim(m bandOidth 1 of interface bandOidth! class C4WL bandOidth $ercent 1!! ideo traffic is '(aranteed minim(m bandOidth 30 of interface bandOidth! class 5D/ bandOidth $ercent 30 %(e(e-limit 2#8 $ac&ets

!! Critical-Data1 is '(aranteed minim(m bandOidth 30 of interface bandOidth! @sin' W/D for con'estion a)oidance! class CW55CAL-DAA1 bandOidth $ercent 1 random-detect a''re'ate random-detect $recedence )al(es 2 minim(m-thresh 93# maxim(m-thresh 2812mar&-$rob 1 random-detect $recedence )al(es 3 minim(m-thresh 100 maxim(m-thresh 00mar&-$rob 1!! Critical-Data2 is '(aranteed minim(m bandOidth 10 of interface bandOidth

! @sin' W/D for con'estion a)oidance! class CW55CAL-DAA2 bandOidth $ercent 10 random-detect a''re'ate random-detect $recedence )al(es 2 minim(m-thresh 93# maxim(m-thresh 2812mar&-$rob 1 random-detect $recedence )al(es 3 minim(m-thresh 100 maxim(m-thresh 00mar&-$rob 1!! (siness 5 is '(aranteed minim(m bandOidth 1 of interface bandOidth! @sin' W/D for con'estion a)oidance! class @54/-5 bandOidth $ercent 1 random-detect a''re'ate random-detect $recedence )al(es 0 minim(m-thresh 8" maxim(m-thresh 18mar&-$rob 1 random-detect $recedence )al(es 1 minim(m-thresh "9 maxim(m-thresh 2083mar&-$rob 1!! Any traffic that does not match # classes abo)e is classified to class-defa(lt.! Class-defa(lt (ses air-%(e(e and W/D and not is '(aranteed bandOidth!

class class-defa(lt random-detect a''re'ate random-detect $recedence )al(es 0 minim(m-thresh 8" maxim(m-thresh 18mar&-$rob 1 random-detect $recedence )al(es 1 minim(m-thresh "9 maxim(m-thresh 2083mar&-$rob 1!! A$$ly olicy-ma$ onto each *i'abit 5nterface toOards @-/ or /-A'' ro(terinterface *i'abit/thernet xyser)ice-$olicy o(t$(t 1*/+/20+@!

"#


16/19

5& ng !"# Ouaw1i

a$ +,#

vsi HW3G_SRAN_VNP_2701 static

description ##HW 3G VNP SRAN ##

pwsigna dp

vsi!id 222701

"ac!witdraw ena$e

peer 123%2&%1'%1 tn!poic( to_agg1 )pe

peer 123%2&%1'%2 tn!poic( to_agg2 )pe

tra*c!statistics ena$e

#

inter+ace G,-1-'%2701

description ##Node. HW VNP van 2720 testing##

contro!vid 2701 /in/!ter"ination

van!gro)p 1

statistic ena$e

)ser!/)e)e cir 0000 pir 0000 in$o)nd

)ser!/)e)e cir 0000 pir 0000 o)t$o)nd

/in/ ter"ination pe!vid 2701 ce!vid 201 to 202 van!gro)p 1

2 $inding vsi HW3G_SRAN_VNP_2701

tr)st )pstrea" oS_VNP

arp $roadcast ena$e

6$ AGG"

inter+ace Giga$it4ternet0-0-1%2701

description ##Node. van 2701 ##

van!gro)p 1

statistic ena$e



#

/in/ stac5ing vid 201 to 202 van!gro)p 1

"ps 2vc 123%2&%1'%11 222701 t)nne!poic( to_)pe


arp $roadcast ena$e

"W


17/19

c$ AGG2

inter+ace Giga$it4ternet0-0-1%2701

description ##Node. van 2701 ##

van!gro)p 1

statistic ena$e



#

/in/ stac5ing vid 201 to 202 van!gro)p 1

"ps 2vc 123%2&%1'%11 222701 t)nne!poic( to_)pe


arp $roadcast ena$e

"


18/19

"%


19/19

"'

Documents

Phu Luc Quyet Dinh Thiet Ke Truyen Tai Di Dong Qua L2S- MANE-VN2