H3C WX6000系列AC交换板QinQ典型配置案例
一、 组网需求:
WX6000系列AC、FIT AP、便携机(安装有无线网卡)、支持QinQ的交换机、BAS等网络设备。
二、 组网图:
上图配置举例中的AC使用的是WX6108E无线控制器,WX6108E 交换板与S3610交换机之间启用QinQ。
三、 业务需求:
1、WX610E AC与AP使用管理VLAN200进行通信,使用业务VLAN201进行无线接入;
2、WX6108E 交换板和S3610交换机作为运营商PE设备提供VLAN3000使AC和AP之间实现互通;
3、需要在WX6108E交换板和S3610交换机上启用QinQ来透传VLAN 200;
四、 设备配置:
(1) WX6108E AC配置
_ ver H3C Comware Platform Software
Comware Software, Version 5.20, Release 2308P07
Comware Platform Software Version COMWAREV500R002B96D319SP01
EWPX2WCMD0 Software Version V200R003B96D019SP01
Copyright (c) 2004-2012 Hangzhou H3C Tech. Co., Ltd. All rights reserved.
Compiled May 18 2012 17:11:10, RELEASE SOFTWARE
EWPX2WCMD0 uptime is 0 week, 0 day, 11 hours, 15 minutes
display current-configuration #
version 5.20, Release 2308P07
#
sysname AC
#
domain default enable system
#
telnet server enable
#
port-security enable
#
vlan 1
#
vlan 200 to 201
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
dhcp server ip-pool vlan200
network 192.168.200.0 mask 255.255.255.0
gateway-list 192.168.200.1
expired day 0 hour 2
#
dhcp server ip-pool vlan201
network 192.168.201.0 mask 255.255.255.0
gateway-list 192.168.201.1
expired day 0 hour 2
#
user-group system
group-attribute allow-guest
#
local-user admin
password simple admin
authorization-attribute level 3
service-type telnet
#
wlan rrm
dot11a mandatory-rate 6 12 24
dot11a supported-rate 9 18 36 48 54
dot11b mandatory-rate 1 2
dot11b supported-rate 5.5 11
dot11g mandatory-rate 1 2 5.5 11
dot11g supported-rate 6 9 12 18 24 36 48 54
#
wlan service-template 1 clear
ssid H3C
bind WLAN-ESS 1
service-template enable
#
interface Bridge-Aggregation1
port link-type trunk
port trunk permit vlan 1 200
description To_WX6108E_SW
#
interface NULL0
#
interface Vlan-interface1
ip address 192.168.0.100 255.255.255.0
#
interface Vlan-interface200
ip address 192.168.200.1 255.255.255.0
#
interface Vlan-interface201
ip address 192.168.201.1 255.255.255.0
#
interface M-GigabitEthernet1/0/0
#
interface Ten-GigabitEthernet1/0/1
port link-type trunk
port trunk permit vlan 1 200
port link-aggregation group 1
#
interface Ten-GigabitEthernet1/0/2
port link-type trunk
port trunk permit vlan 1 200
port link-aggregation group 1
#
interface WLAN-ESS1
port access vlan 201
#
wlan ap ap1 model WA2620 id 1
trap enable
serial-id 219801A0D1C123023703
radio 1
radio 2
service-template 1
radio enable
#
undo info-center logfile enable
#
dhcp server forbidden-ip 192.168.200.1
dhcp server forbidden-ip 192.168.201.1
#
dhcp enable
#
arp-snooping enable
#
load xml-configuration
#
user-interface con 0
user-interface aux 0
authentication-mode none
user privilege level 3
user-interface vty 0 4
authentication-mode scheme
user privilege level 3
#
Return
(2) WX6108E SW配置
_ ver H3C Comware Platform Software
Comware Software, Version 5.20, Release 6701
Comware Platform Software Version COMWAREV500R002B105D005SP02
H3C WX6108E Software Version V600R006B04D105SP10
Copyright (c) 2004-2012 Hangzhou H3C Tech. Co., Ltd. All rights reserved.
Compiled Apr 16 2012 17:00:19, RELEASE SOFTWARE
H3C WX6108E uptime is 0 week, 0 day, 11 hours, 17 minutes
display current-configuration #
version 5.20, Release 6701
#
sysname WX6108E
#
irf priority 0
#
domain default enable system
#
switch-mode standard
switch-mode normal slot 2
switch-mode normal slot 4
switch-mode normal slot 5
switch-mode normal slot 6
#
#
vlan 1
#
vlan 200
#
vlan 3000
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
traffic classifier A200 operator and
if-match customer-vlan-id 200
#
traffic behavior P3000
nest top-most vlan-id 3000
#
qos policy qinq
classifier A200 behavior P3000
#
user-group system
group-attribute allow-guest
#
interface Bridge-Aggregation1
port link-type hybrid
port hybrid vlan 1 3000 untagged
qinq enable
description To_WX6108E_AC
#
interface NULL0
#
interface Vlan-interface1
#
interface GigabitEthernet2/0/1
port link-mode bridge
#
interface GigabitEthernet2/0/2
port link-mode bridge
#
interface GigabitEthernet2/0/3
port link-mode bridge
#
interface GigabitEthernet2/0/4
port link-mode bridge
#
interface GigabitEthernet2/0/5
port link-mode bridge
#
interface GigabitEthernet2/0/6
port link-mode bridge
#
interface GigabitEthernet2/0/7
port link-mode bridge
#
interface GigabitEthernet2/0/8
port link-mode bridge
#
interface GigabitEthernet2/0/9
port link-mode bridge
#
interface GigabitEthernet2/0/10
port link-mode bridge
#
interface GigabitEthernet2/0/11
port link-mode bridge
#
interface GigabitEthernet2/0/12
port link-mode bridge
#
interface GigabitEthernet2/0/13
port link-mode bridge
#
interface GigabitEthernet2/0/14
port link-mode bridge
#
interface GigabitEthernet2/0/15
port link-mode bridge
#
interface GigabitEthernet2/0/16
port link-mode bridge
#
interface GigabitEthernet2/0/17
port link-mode bridge
shutdown
#
interface GigabitEthernet2/0/18
port link-mode bridge
#
interface GigabitEthernet2/0/19
port link-mode bridge
#
interface GigabitEthernet2/0/20
port link-mode bridge
#
interface GigabitEthernet2/0/21
port link-mode bridge
#
interface GigabitEthernet2/0/22
port link-mode bridge
#
interface GigabitEthernet2/0/23
port link-mode bridge
#
interface GigabitEthernet2/0/24
port link-mode bridge
#
interface GigabitEthernet2/0/25
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 3000
description To_S3610
#
interface GigabitEthernet2/0/26
port link-mode bridge
shutdown
#
interface GigabitEthernet2/0/27
port link-mode bridge
shutdown
#
interface GigabitEthernet2/0/28
port link-mode bridge
shutdown
#
interface GigabitEthernet2/0/29
port link-mode bridge
shutdown
#
interface GigabitEthernet2/0/30
port link-mode bridge
shutdown
#
interface GigabitEthernet2/0/31
port link-mode bridge
shutdown
#
interface GigabitEthernet2/0/32
port link-mode bridge
shutdown
#
interface M-Ethernet0/0/0
#
interface Ten-GigabitEthernet4/0/1
port link-mode bridge
port link-type hybrid
port hybrid vlan 1 3000 untagged
qinq enable
qos apply policy qinq inbound
port link-aggregation group 1
#
interface Ten-GigabitEthernet4/0/2
port link-mode bridge
port link-type hybrid
port hybrid vlan 1 3000 untagged
qinq enable
qos apply policy qinq inbound
port link-aggregation group 1
#
interface Ten-GigabitEthernet5/0/1
port link-mode bridge
#
interface Ten-GigabitEthernet5/0/2
port link-mode bridge
#
interface Ten-GigabitEthernet6/0/1
port link-mode bridge
#
interface Ten-GigabitEthernet6/0/2
port link-mode bridge
#
load xml-configuration
#
load tr069-configuration
#
user-interface aux 0
user-interface vty 0 15
#
return
(3) S3610配置
_ ver H3C Comware Platform Software
Comware Software, Version 5.20, Release 5309
Comware Platform Software Version COMWAREV500R002B52D008SP01
H3C S3610-28TP Software Version V500R003B05D025
Copyright (c) 2004-2009 Hangzhou H3C Tech. Co., Ltd. All rights reserved.
Compiled Apr 3 2009 00:30:24, RELEASE SOFTWARE
H3C S3610-28TP uptime is 0 week, 0 day, 11 hours, 50 minutes
display current-configuration #
version 5.20, Release 5309
#
sysname S3610
#
domain default enable system
#
telnet server enable
#
vlan 1
#
vlan 200
#
vlan 3000
#
domain system
access-limit disable
state active
idle-cut disable
self-service-url disable
#
user-group system
#
interface NULL0
#
interface Ethernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 3000
description To_WX6108E_SW
#
interface Ethernet1/0/2
port link-mode bridge
port link-type hybrid
port hybrid vlan 200 tagged
port hybrid vlan 1 3000 untagged
description To_WX3024_SW
qinq enable
qinq vid 3000
raw-vlan-id inbound 200
#
interface Ethernet1/0/3
port link-mode bridge
#
interface Ethernet1/0/4
port link-mode bridge
#
interface Ethernet1/0/5
port link-mode bridge
#
interface Ethernet1/0/6
port link-mode bridge
#
interface Ethernet1/0/7
port link-mode bridge
#
interface Ethernet1/0/8
port link-mode bridge
#
interface Ethernet1/0/9
port link-mode bridge
#
interface Ethernet1/0/10
port link-mode bridge
#
interface Ethernet1/0/11
port link-mode bridge
#
interface Ethernet1/0/12
port link-mode bridge
#
interface Ethernet1/0/13
port link-mode bridge
#
interface Ethernet1/0/14
port link-mode bridge
#
interface Ethernet1/0/15
port link-mode bridge
#
interface Ethernet1/0/16
port link-mode bridge
#
interface Ethernet1/0/17
port link-mode bridge
#
interface Ethernet1/0/18
port link-mode bridge
#
interface Ethernet1/0/19
port link-mode bridge
#
interface Ethernet1/0/20
port link-mode bridge
#
interface Ethernet1/0/21
port link-mode bridge
#
interface Ethernet1/0/22
port link-mode bridge
#
interface Ethernet1/0/23
port link-mode bridge
#
interface Ethernet1/0/24
port link-mode bridge
#
interface GigabitEthernet1/1/1
port link-mode bridge
#
interface GigabitEthernet1/1/2
port link-mode bridge
#
interface GigabitEthernet1/1/3
port link-mode bridge
#
interface GigabitEthernet1/1/4
port link-mode bridge
#
user-interface aux 0
user-interface vty 0 4
#
Return
(4) WX3024 SW配置
_ ver H3C Comware Platform Software
Comware Software, Version 3.10, Release 3111P10
Comware Platform Software Version COMWAREV300R002B17D002
H3C WX3024-LSW Software Version V300R001B71D022
H3C WX3024-LSW Product Version CMW520-R3111P10
Copyright (c) 2004-2011 Hangzhou H3C Technologies Co., Ltd. All rights reserved.
Compiled Jun 16 2011 15:59:37, RELEASE SOFTWARE
H3C WX3024-LSW uptime is 0 week, 1 day, 9 hours, 16 minutes
display current-configuration #
sysname SW
#
oap management-ip 192.168.0.100 slot 0
#
radius scheme system
#
domain system
#
local-user admin
password simple admin
service-type telnet
level 3
#
vlan 1
#
vlan 200
#
interface Vlan-interface1
ip address 192.168.0.254 255.255.255.0
#
interface Aux1/0/0
#
interface GigabitEthernet1/0/1
port link-type hybrid
port hybrid vlan 200 tagged
port hybrid vlan 1 untagged
description To_S3610
#
interface GigabitEthernet1/0/2
poe enable
port access vlan 200
description To_AP
#
interface GigabitEthernet1/0/3
#
interface GigabitEthernet1/0/4
#
interface GigabitEthernet1/0/5
#
interface GigabitEthernet1/0/6
#
interface GigabitEthernet1/0/7
#
interface GigabitEthernet1/0/8
#
interface GigabitEthernet1/0/9
#
interface GigabitEthernet1/0/10
#
interface GigabitEthernet1/0/11
#
interface GigabitEthernet1/0/12
#
interface GigabitEthernet1/0/13
#
interface GigabitEthernet1/0/14
#
interface GigabitEthernet1/0/15
#
interface GigabitEthernet1/0/16
#
interface GigabitEthernet1/0/17
#
interface GigabitEthernet1/0/18
#
interface GigabitEthernet1/0/19
#
interface GigabitEthernet1/0/20
#
interface GigabitEthernet1/0/21
#
interface GigabitEthernet1/0/22
#
interface GigabitEthernet1/0/23
#
interface GigabitEthernet1/0/24
#
interface GigabitEthernet1/0/25
shutdown
#
interface GigabitEthernet1/0/26
shutdown
#
interface GigabitEthernet1/0/27
shutdown
#
interface GigabitEthernet1/0/28
shutdown
#
interface GigabitEthernet1/0/29
stp disable
port access vlan 100
#
interface NULL0
#
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
user privilege level 3
#
return
五、 配置关键点:
(1) 配置WX6108E AC
? 配置聚合端口Bridge-Aggregation 1
# 配置端口为Trunk 端口,且允许VLAN 200 的报文通过。
[AC] interface Bridge-Aggregation 1
[AC-Bridge-Aggregation1] port link-type trunk
[AC-Bridge-Aggregation1] port trunk permit vlan 200
[AC-Bridge-Aggregation1] quit
(2) 配置WX6108E SW
? 配置聚合端口Bridge-Aggregation 1
# 配置端口为Hybrid 端口,且允许VLAN 3000 的报文不带Tag 通过。
system-view [WX6108E] interface Bridge-Aggregation 1
[WX6108E-Bridge-Aggregation1] port link-type hybrid
[WX6108E-Bridge-Aggregation1] port hybrid vlan 3000 untagged
[WX6108E-Bridge-Aggregation1] quit
# 创建流分类规则,将来自WX6108E AC板的VLAN200 的报文定义为“A200”类。
[WX6108E] traffic classifier A200
[WX6108E-classifier-A200] if-match customer-vlan-id 200
[WX6108E-classifier-A200] quit
# 定义流行为,为报文封装VLAN3000 的外层VLAN Tag,流行为命名为“P3000”。
[WX6108E] traffic behavior P3000
[WX6108E-behavior-P3000] nest top-most vlan-id 3000
[WX6108E-behavior-P3000] quit
# 创建QoS 策略,将流分类“A200”和流行为“P3000”进行关联,策略命名为“qinq”。
[WX6108E] qos policy qinq
[WX6108E-qospolicy-qinq] classifier A200 behavior P3000
[WX6108E-qospolicy-qinq] quit
# 使能端口的基本QinQ 功能。
[WX6108E] interface Bridge-Aggregation 1
[WX6108E-Bridge-Aggregation1] qinq enable
[WX6108E-Bridge-Aggregation1] quit
# 在Bridge-Aggregation 1 聚合端口下两个子端口的接收方向分别应用“qinq”规则。
[WX6108E] interface Ten-GigabitEthernet 4/0/1
[WX6108E-Ten-GigabitEthernet4/0/1] qos apply policy qinq inbound
[WX6108E-Ten-GigabitEthernet4/0/1]quit
[WX6108E] interface Ten-GigabitEthernet 4/0/2
[WX6108E-Ten-GigabitEthernet4/0/2] qos apply policy qinq inbound
[WX6108E-Ten-GigabitEthernet4/0/2]quit
? 配置端口GigabitEthernet2/0/25
# 配置端口为Trunk 端口,且允许VLAN 3000 的报文通过。
[WX6108E] interface gigabitethernet 2/0/25
[WX6108E-GigabitEthernet2/0/25] port link-type trunk
[WX6108E-GigabitEthernet2/0/25] port trunk permit vlan 3000
[WX6108E-GigabitEthernet2/0/25] quit
(3) 配置S3610
? 配置端口Ethernet1/0/1
# 配置端口为Trunk 端口,且允许VLAN 3000 的报文通过。
[S3610] interface Ethernet1/0/1
[S3610-Ethernet1/0/1] port link-type trunk
[S3610-Ethernet1/0/1] port trunk permit vlan 3000
[S3610-Ethernet1/0/1] quit
? 配置端口Ethernet1/0/2
# 配置端口为Hybrid 端口,且允许VLAN 200 的报文带Tag 通过, VLAN 3000 的报文不带Tag 通过。
system-view [S3610] interface ethernet 1/0/2
[S3610-Ethernet1/0/2] port link-type hybrid
[S3610-Ethernet1/0/2] port hybrid vlan 200 tagged
[S3610-Ethernet1/0/2] port hybrid vlan 3000 untagged
# 配置该端口的基本QinQ 功能。
[S3610-Ethernet1/0/2] qinq enable
# 配置该端口的灵活QinQ 功能,对从AP接收的VLAN200 的报文封装对应外层VLAN3000的Tag标签。
[S3610-Ethernet1/0/2] qinq vid 3000
[S3610-Ethernet1/0/2-vid-3000] raw-vlan-id inbound 200
[S3610-Ethernet1/0/2-vid-3000] quit
[S3610-Ethernet1/0/2] quit
(4) 配置WX3024 SW
? 配置端口GigabitEthernet1/0/1
# 配置端口为Hybrid 端口,且允许VLAN 200 的报文带Tag 通过。
[SW] interface GigabitEthernet1/0/1
[SW-GigabitEthernet1/0/1] port link-type trunk
[SW-GigabitEthernet1/0/1] port hybrid vlan 200 tagged
[SW-GigabitEthernet1/0/1] quit
? 配置端口GigabitEthernet1/0/2
# 配置端口为Access 端口,且允许VLAN 200 的报文通过。
system-view [SW] interface GigabitEthernet1/0/2
[SW-GigabitEthernet1/0/2] port access vlan 200
[SW- GigabitEthernet1/0/2] quit
六、 结果验证:
(1)在AC上查看AP在线状态及获取的IP地址。
display wlan ap all Total Number of APs configured : 1
Total Number of configured APs connected : 1
Total Number of auto APs connected : 0
AP Profiles
State : I = Idle, J = Join, JA = JoinAck, IL = ImageLoad
C = Config, R = Run, KU = KeyUpdate, KC = KeyCfm
---------------------------------------------------------------------
AP Name State Model Serial-ID
---------------------------------------------------------------------
ap1 R/M WA2620 219801A0D1C123023703
---------------------------------------------------------------------
display wlan ap all address Total Number of APs configured : 1
Total Number of configured APs connected : 1
Total Number of auto APs connected : 0
AP Address
---------------------------------------------------------------------
AP Name IP Address MAC Address
---------------------------------------------------------------------
ap1 192.168.200.3 5866-ba5e-c6e0
(2)在AC上查看STA关联状态及获取的IP地址。
display wlan client Total Number of Clients : 1
Client Information
SSID: H3C
---------------------------------------------------------------------
MAC Address User Name APID/RID IP Address VLAN
---------------------------------------------------------------------
5cac-4c91-8140 -NA- 1/2 192.168.201.2 201
display wlan client verbose Total Number of Clients : 1
Client Information
---------------------------------------------------------------------
MAC Address : 5cac-4c91-8140
User Name : -NA-
AID : 1
AP Name : ap1
Radio Id : 2
SSID : H3C
BSSID : 5866-ba5e-c6f0
Port : WLAN-DBSS1:1
VLAN : 201
State : Running
Power Save Mode : Sleep
Wireless Mode : 11gn
Channel Band-width : 20MHz
SM Power Save Enable : Disabled
Short GI for 20MHz : Not Supported
Short GI for 40MHz : Not Supported
Support MCS Set : 0,1,2,3,4,5,6,7
BLOCK ACK-TID 0 : BOTH
BLOCK ACK-TID 1 : OUT
QoS Mode : WMM
Listen Interval (Beacon Interval) : 1
RSSI : 71
Rx/Tx Rate : 52/39
Client Type : PRE-RSNA
Authentication Method : Open System
AKM Method : None
4-Way Handshake State : -NA-
Group Key State : -NA-
Encryption Cipher : Clear
Roam Status : Normal
Roam Count : 0
Up Time (hh:mm:ss) : 00:01:02
---------------------------------------------------------------------
注:H3C不同型号交换机设备及第三方厂家实现QinQ机制存在差异,在配置时请以具体设备型号配置为准。
该案例暂时没有网友评论
编辑评论
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作