msr36-20
- 0关注
- 1收藏,1296浏览
问题描述:
路由配置如下:
CQBS-QUANDB.R1]dis cu
#
version 7.1.059, Release 0306P11
#
sysname CQBS-QUANDB.R1
#
ip vpn-instance vpn-nrt
route-distinguisher 25520:2
vpn-target 25520:2220 30000:802 20000:200 import-extcommunity
vpn-target 25520:2220 25588:200 export-extcommunity
#
ip vpn-instance vpn-rt
route-distinguisher 25520:1
vpn-target 25520:1220 30000:801 20000:100 import-extcommunity
vpn-target 25520:1220 25588:100 export-extcommunity
#
router id 55.2.69.6
#
ospf 1
area 0.0.0.1
network 55.2.69.6 0.0.0.0
network 55.3.184.20 0.0.0.3
network 55.3.188.20 0.0.0.3
#
mpls lsr-id 55.2.69.6
mpls ttl propagate vpn
#
password-recovery enable
#
vlan 1
#
traffic classifier c_vpn-nrt-in operator and
if-match acl 2001
#
traffic classifier c_vpn-nrt-out operator and
if-match mpls-exp 3
#
traffic classifier c_vpn-rt-in operator and
if-match acl 2001
#
traffic classifier c_vpn-rt-out operator and
if-match mpls-exp 4
#
traffic behavior b_vpn-nrt-in
remark dscp af31
#
traffic behavior b_vpn-nrt-out
queue af bandwidth pct 30
#
traffic behavior b_vpn-rt-in
remark dscp af41
#
traffic behavior b_vpn-rt-out
queue af bandwidth pct 70
#
qos policy p_vpn-nrt-in
classifier c_vpn-nrt-in behavior b_vpn-nrt-in
#
qos policy p_vpn-out
classifier c_vpn-rt-out behavior b_vpn-rt-out
classifier c_vpn-nrt-out behavior b_vpn-nrt-out
#
qos policy p_vpn-rt-in
classifier c_vpn-rt-in behavior b_vpn-rt-in
#
mpls ldp
#
controller Cellular0/0
#
interface Async3/0
shutdown
#
interface Async3/1
shutdown
#
interface Async3/2
shutdown
#
interface Async3/3
shutdown
#
interface Async3/4
shutdown
#
interface Async3/5
shutdown
#
interface Async3/6
shutdown
#
interface Async3/7
shutdown
#
interface Serial1/0
description DD2-QUANDB1-2M
fe1 unframed
ppp mp MP-group1
#
interface Serial1/1
description DD2-QUANDB1-2M
fe1 unframed
ppp mp MP-group1
#
interface Serial2/0
description BD1-QUANDB1-2M
fe1 unframed
ppp mp MP-group2
#
interface Serial2/1
description BD1-QUANDB1-2M
fe1 unframed
ppp mp MP-group2
#
interface MP-group1
ip address 55.3.184.22 255.255.255.252
ospf authentication-mode md5 1 cipher $c$3$y4+uW8YK1FhspjYjnQypfyBtyk2GXpDpdQ==
mpls enable
mpls ldp enable
mpls ldp transport-address interface
#
interface MP-group2
ip address 55.3.188.22 255.255.255.252
ospf authentication-mode md5 1 cipher $c$3$a461ficvJKvPajqgB+my8nsGLfF40f/izQ==
mpls enable
mpls ldp enable
mpls ldp transport-address interface
#
interface NULL0
#
interface LoopBack0
ip address 55.2.69.6 255.255.255.255
#
interface GigabitEthernet0/0
port link-mode route
combo enable copper
shutdown
#
interface GigabitEthernet0/1
port link-mode route
combo enable copper
shutdown
#
interface GigabitEthernet0/2
port link-mode route
combo enable copper
shutdown
#
interface GigabitEthernet0/3
port link-mode route
combo enable copper
shutdown
#
interface GigabitEthernet0/4
port link-mode route
shutdown
#
interface GigabitEthernet0/5
port link-mode route
shutdown
#
interface GigabitEthernet5/0
port link-mode route
description R1-S2
ip binding vpn-instance vpn-nrt
ip address 55.132.3.126 255.255.255.128
qos apply policy p_vpn-nrt-in inbound
#
interface GigabitEthernet6/0
port link-mode route
description R1-S1
ip binding vpn-instance vpn-rt
ip address 55.131.3.126 255.255.255.128
qos apply policy p_vpn-rt-in inbound
#
interface GigabitEthernet5/1
port link-mode bridge
shutdown
#
interface GigabitEthernet5/2
port link-mode bridge
shutdown
#
interface GigabitEthernet5/3
port link-mode bridge
shutdown
#
interface GigabitEthernet5/4
port link-mode bridge
shutdown
#
interface GigabitEthernet5/5
port link-mode bridge
shutdown
#
interface GigabitEthernet5/6
port link-mode bridge
combo enable copper
shutdown
#
interface GigabitEthernet5/7
port link-mode bridge
combo enable copper
shutdown
#
interface GigabitEthernet6/1
port link-mode bridge
shutdown
#
interface GigabitEthernet6/2
port link-mode bridge
shutdown
#
interface GigabitEthernet6/3
port link-mode bridge
shutdown
#
interface GigabitEthernet6/4
port link-mode bridge
shutdown
#
interface GigabitEthernet6/5
port link-mode bridge
shutdown
#
interface GigabitEthernet6/6
port link-mode bridge
combo enable copper
shutdown
#
interface GigabitEthernet6/7
port link-mode bridge
combo enable copper
shutdown
#
bgp 25520
group ibgp-peer internal
peer ibgp-peer connect-interface LoopBack0
peer 55.2.68.2 group ibgp-peer
peer 55.2.68.5 group ibgp-peer
#
address-family ipv4 unicast
peer ibgp-peer enable
#
address-family vpnv4
peer ibgp-peer enable
#
ip vpn-instance vpn-nrt
#
address-family ipv4 unicast
import-route direct
#
ip vpn-instance vpn-rt
#
address-family ipv4 unicast
import-route direct
#
scheduler logfile size 16
#
line class console
authentication-mode scheme
user-role level-15
user-role network-admin
idle-timeout 5 0
#
line class tty
user-role network-operator
#
line class vty
user-role network-operator
#
line con 0
user-role network-admin
#
line tty 49 56
user-role network-operator
#
line vty 0 4
authentication-mode scheme
user-role level-15
user-role network-admin
protocol inbound ssh
idle-timeout 5 0
#
line vty 5 63
user-role network-operator
#
info-center loghost 5.254.55.1
info-center loghost 5.254.55.129
info-center loghost 55.254.20.1
#
snmp-agent
snmp-agent local-engineid 800063A280600B031D198000000001
snmp-agent community read CQEP-READ
snmp-agent community write CQEP-WRITE
snmp-agent sys-info version v3
snmp-agent group v3 CQEP privacy read-view CQEP-READ write-view CQEP-WRITE notify-view CQEP-READ
snmp-agent target-host trap address udp-domain 5.254.55.1 params securityname CQEP-READ
snmp-agent target-host trap address udp-domain 5.254.55.129 params securityname CQEP-READ
snmp-agent target-host trap address udp-domain 55.254.20.1 params securityname CQEP-READ
snmp-agent mib-view included CQEP-READ iso
snmp-agent mib-view included CQEP-WRITE iso
snmp-agent usm-user v3 cqdl CQEP cipher authentication-mode sha $c$3$+cWFUUnB6LHvuX5AmN0gY8rkJ8HgbV20mYR3Zv+poVkEWKwEApc= privacy-mode des56 $c$3$Ux34l61gwHX60u6nrp3zUKr/VcTdbwriBKH6sNP9jlLqpA==
snmp-agent trap source LoopBack0
#
ssh server enable
ssh user cqdl-ssh service-type stelnet authentication-type password
ssh server acl 2002
#
ntp-service unicast-server 55.2.68.2
ntp-service unicast-server 55.2.68.5
#
acl basic 2002
rule 0 permit source 5.254.55.0 0.0.0.255
rule 5 permit source 55.254.0.0 0.0.255.255
rule 10 permit source 55.3.0.0 0.0.255.255
rule 15 deny
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user cqdl-con class manage
password hash $h$6$lUu9DnItfewvVrYh$ThKO3KrcdPLZiMKJteO4mguaEwyM7R2mH2Ddh02SkFzIuVcqy2mZDUDcLjLtxexJR6nKcF+YalSAov1Qxyi5IQ==
service-type terminal
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
#
local-user cqdl-ssh class manage
password hash $h$6$QLFOsRrdxmA4rgRx$jsSJQUtFAV6+OXNbmzA7hx/ej6q08FEII0cWYh781IxlHjksBR75hqdY53ZFz6+Rav1kGt3ql+e07xzjDD/VNQ==
service-type ssh
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
#
return
问题:
1、在出方向和入方向应用QOS策略,如下配置是否正确?
#
interface MP-group1
ip address 55.3.184.22 255.255.255.252
ospf authentication-mode md5 1 cipher $c$3$y4+uW8YK1FhspjYjnQypfyBtyk2GXpDpdQ==
mpls enable
mpls ldp enable
mpls ldp transport-address interface
qos apply policy p_vpn-out outbound
#
interface MP-group2
ip address 55.3.188.22 255.255.255.252
ospf authentication-mode md5 1 cipher $c$3$a461ficvJKvPajqgB+my8nsGLfF40f/izQ==
mpls enable
mpls ldp enable
mpls ldp transport-address interface
qos apply policy p_vpn-out outbound
#
#
interface GigabitEthernet5/0
port link-mode route
description R1-S2
ip binding vpn-instance vpn-nrt
ip address 55.132.3.126 255.255.255.128
qos apply policy p_vpn-nrt-in inbound
#
interface GigabitEthernet6/0
port link-mode route
description R1-S1
ip binding vpn-instance vpn-rt
ip address 55.131.3.126 255.255.255.128
qos apply policy p_vpn-rt-in inbound
#
2、已经配置了对时服务器,也确定对时服务器是正常工作的,但发现路由未对时成功,请问是否有手动对时的相关命令进行对时?
- 2018-11-21提问
- 举报
-
(0)
最佳答案
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明
暂无评论