このページの目次
例:シームレスな MPLS ネットワーク設計内のサービスノードとしてのブロードバンドエッジの設定
この例では、家庭向けの加入者管理導入向けに、ヘッドエンド終端を備えたブロードバンドエッジシームレスMPLSを設定するために必要な手順を詳しく説明します。構成例では、デバイスごとに手順が示されています。
ここでは、次の情報について説明します。
要件
表 1 に、設定例のトポロジーにおける各デバイスの役割と、各デバイスに使用されるハードウェアを示します。この例のすべてのMXシリーズデバイスは、必要最小限のソフトウェアリビジョンと考えられるジュニパーネットワークスのJunos OSリリース13.3R3でテストされています。
デバイス |
ハードウェア |
---|---|
R0(プライマリBNG)は、DHCPおよびPPPoE用、またL2TPアクセスコンセントレータ(LAC)用のプライマリMPLS疑似配線終端ヘッドエンドプロバイダエッジおよび加入者管理プラットフォームとして機能します。 |
シャーシ:MX960 |
ルーティング エンジン (RE) 0 - RE1: RE-S-1800x4 |
|
フレキシブルPICコンセントレータ0(FPC0)-FPC7:モジュラーポートコンセントレータ(MPC)タイプ2 3D EQ |
|
現在のプライマリBNG(R0)に障害が発生した場合、R3(バックアップBNG)がプライマリBNGになります。 |
シャーシ:MX960 |
RE0-RE1: RE-S-1800x4 |
|
FPC0-FPC7: MPC タイプ 2 3D EQ |
|
R1 および R2(アクセス ルーターおよびアグリゲーション ルーター)は、MPLS 疑似配線トンネルベースのバックホール エントリ ポイントのアクセス ノード(AN)およびメトロの事前アグリゲーション プロバイダ エッジ プラットフォームとして機能します。 |
シャーシ:MX80/MX104 |
TFEB 0: パケット転送エンジン プロセッサ |
|
FPC 0-FPC 1: MPC ビルトイン |
|
R4はコアルーターとして機能します。 |
シャーシ: T640 |
RE0-RE1: RE-A-2000 |
|
FPC 0: E-FPC タイプ 3 |
|
FPC 1: E-FPC タイプ 1 |
|
FPC 2: E-FPC Type 2 |
|
SIB 0-SIB 4: SIB-I8-F16 |
|
R5(L2TPネットワークサーバー[LNS])は、ブロードバンドホールセールサービスのL2TPトンネルおよびセッション終端ポイントとして機能します。 |
シャーシ:MX480 |
RE0: RE-S-2000 |
|
FR1: RE-S-2000 |
|
FPC 0-FPC 1: MPC Type 2 3D EQ |
|
RADIUSサーバーは、加入者の認証とアカウンティングを提供します。 |
Intel/Linux サーバー上の FreeRADIUS バージョン 2.1.5 |
概要
この例では、次のような特徴を持つ特定のトラフィックモデルが使用されています。
疑似回線トンネルは、アクセス PE から BNG への LDP シグナリング MPLS L2 回線です。
BNG コア側では、転送は、OSPF と OSPFv3 を内部ゲートウェイ プロトコルとして使用する、単一の自律システム内の MPLS トランスポートに基づいています。あるいは、ISISを使用することもできます。
加入者トラフィックは、MPLS擬似配線を介して、疑似回線ヘッドエンド終端用に設定されたMXシリーズBNGにバックホールされます。
各ホームには、4 つの加入者(IP セッション)と 1 つの VLAN セッションの合計 5 つの加入者セッションがあります。
128,000のCIR(コミット情報速度)によるVoIPサービス向けDHCPv4(ストリクトプライオリティ)
2,000万CIR(中優先度)のVODサービス向けDHCPv6プレフィックス委任(PD)
インターネットサービス向けPPPoEv4(低優先度)
ゲーム サービスの PPPoEv6 近隣探索ルーター アドバタイズメント(NDRA)(低優先度)
ホームごとに 4 つの優先キューがあります。
GREトンネルは、加入者の安全ポリシーによるトラフィック転送に使用されます。
アップストリームとダウンストリームのトラフィックレートは、それぞれ家庭あたり50 Mbpsです。
専用カスタマー VLAN(C-VLAN)モデルが適用されます(各ホームに固有の VLAN があります)。VLAN は、加入者の着信トラフィックに基づいて動的にプロビジョニングされます。
この設定例には、以下のスケーリングパラメータが適用されます。
合計 50,000 世帯が構成されています。そのうちの10%(5000人)がL2TPセッションを持っています。
BNGには2048の疑似サービス(PS)インターフェイス(擬似回線トンネルアンカーインターフェイス)があります。
各疑似回線トンネルには 25 軒の家が割り当てられています。
MPC あたり 256 の疑似回線があります(パケット転送エンジン (PFE) あたり 128)。
フル実装のMX960シャーシの8つのMPCに対して、MPCあたり256の疑似配線があり、これはシャーシあたり2048のレイヤー2(L2)回線に相当します(5万世帯をサポート)。
L2 回線ごとに 1 つの BFD セッションがあります。
1%の家庭(500世帯)には、ミラーリングされた加入者トラフィックをGREトンネルに転送する加入者セキュアポリシーがあります。
疑似配線ヘッドエンド終端を使用したシームレスなMPLSのユースケースは、企業と家庭の両方の加入者にとって価値があります。このテストの例では、一般家庭の加入者のみが含まれています。
この構成例のネットワーク耐障害性は次のとおりです。
ルーティング エンジン フェイルオーバーのための GRES(グレースフル ルーティング エンジン スイッチオーバー)
ティッカー
パス保護(ノードダウン、シャーシ間フェイルオーバー)
ローカル保護(リンクダウン、イントラチェストフェイルオーバー)
FPC(フレキシブルPICコンセントレータ)の障害
ルーティングダウン
L2 回線がダウン
MPLSの高速再ルートとBFD(双方向フォワーディング検出)リカバリ方法が使用されます。
トポロジ
図 1 に、MPLS とデュアル スタックのスコープを含めた、この設定例のトポロジーを示します。
この例では、アクセスおよびアグリゲーションプロバイダエッジ(アクセスPE)システム(R1およびR2)は、アクティブおよびバックアップBNGシステムに直接接続され、マルチホーム化されています。この例の PE デバイスの目的は、アクティブおよびバックアップ BNG システムに向けて、1,000 本のアクティブ MPLS 疑似配線と 1,000 本のバックアップ MPLS 疑似ワイヤの別のグループをエミュレートすることです。
BNGデバイスは、MPLSサービスノードとして機能し、MPLS疑似配線を終端し、加入者管理機能を実行します。PPPトラフィックの場合、BNGデバイスはL2TPトンネルを介したLNSへのLAC機能転送をサポートします。DHCP(IPoE)トラフィックの場合、BNGデバイスは直接セッションを終了します。
コアルーター(R4)は、2つのBNGシステム(R0およびR3)を集約します。この例のコアルーターの設定は基本的なものであり、BNG MPLS擬似回線のヘッドエンド終端を提供し、ブロードバンド加入者終端をサポートすることのみを目的としています。
RADIUS サーバは、ポイントツーポイント(PPP)加入者の認証、許可、およびアカウンティング(AAA)を実行し、フィルタやサービス クラス(CoS)パラメータなどのサービス プロファイル設定パラメータのアクティブ化をトリガーします。
LNSシステム(R5)は、コアルーティングシステムに直接接続されています。L2TPトンネルを終端して、小売業者とISPの顧客に高速インターフェイスのホールセールサービスを提供します。ここで使用される設定は、L2TPトンネルを使用してLNSシステムにPPPトラフィックをリレーするBNGシステムの機能を示す基本的な例です。
構成
次のセクションでは、この例に含まれるデバイスの構成情報をトポロジ図の左から右に示します。各セクションには、CLIクイック設定(コピー&ペースト用)、ステップバイステップの説明、設定 show
を確認するコマンド出力が含まれています。
- アクセス/アグリゲーション ルーター、R1 の設定
- アクセス/アグリゲーションルーター、R2の設定
- BNG ルーター、R0 の設定
- BNG ルーター、R3 の設定
- コアルーター、R4の設定
- LNS ルーター、R5 の設定
- RADIUS サーバーのユーザー プロファイルを構成する
アクセス/アグリゲーション ルーター、R1 の設定
CLIクイック構成
図 2 は、参照例のトポロジーのコンテキストでアクセス/アグリゲーション ルーター(R1 および R2)を示しています。
この例のようにR1を素早く設定するには、以下のコマンドをコピーしてテキストファイルに貼り付け、改行を削除し、ネットワーク構成に合わせて必要な内容を変更した後、階層レベルのCLI [edit]
にコマンドをコピー&ペーストしてください。
set interfaces lo0 unit 0 family inet address 101.0.0.1/32 primary set interfaces lo0 unit 0 family inet address 101.0.0.1/32 preferred set interfaces lo0 unit 0 family mpls set interfaces ge-1/0/6 description "To R0 - BNG1" set interfaces ge-1/0/6 unit 0 family inet address 21.21.11.2/24 set interfaces ge-1/0/6 unit 0 family mpls set interfaces ge-1/1/6 description "To R0 - BNG1" set interfaces ge-1/1/6 unit 0 family inet address 21.21.10.2/24 set interfaces ge-1/1/6 unit 0 family mpls set interfaces ge-1/1/4 description "To R3 - BNG2" set interfaces ge-1/1/4 unit 0 family inet address 21.21.20.1/24 set interfaces ge-1/1/4 unit 0 family mpls set interfaces ge-1/1/5 description "To R3 - BNG2" set interfaces ge-1/1/5 unit 0 family inet address 21.21.21.1/24 set interfaces ge-1/1/5 unit 0 family mpls set interfaces ge-1/0/2 flexible-vlan-tagging set interfaces ge-1/0/2 encapsulation flexible-ethernet-services set interfaces ge-1/0/2 gigether-options loopback set interfaces ge-1/0/2 unit 1 encapsulation vlan-ccc set interfaces ge-1/0/2 unit 1 vlan-id-range 1-2 set interfaces ge-1/0/2 unit 2 encapsulation vlan-ccc set interfaces ge-1/0/2 unit 2 vlan-id-range 3-4 set interfaces ge-1/0/2 unit 3 encapsulation vlan-ccc set interfaces ge-1/0/2 unit 3 vlan-id-range 5-6 set interfaces ge-1/0/3 flexible-vlan-tagging set interfaces ge-1/0/3 encapsulation flexible-ethernet-services set interfaces ge-1/0/3 gigether-options loopback set interfaces ge-1/0/3 unit 1 encapsulation vlan-ccc set interfaces ge-1/0/3 unit 1 vlan-id-range 1-2 set interfaces ge-1/0/3 unit 2 encapsulation vlan-ccc set interfaces ge-1/0/3 unit 2 vlan-id-range 3-4 set interfaces ge-1/0/3 unit 3 encapsulation vlan-ccc set interfaces ge-1/0/3 unit 3 vlan-id-range 5-6 set interfaces ge-1/0/4 flexible-vlan-tagging set interfaces ge-1/0/4 encapsulation flexible-ethernet-services set interfaces ge-1/0/4 gigether-options loopback set interfaces ge-1/0/4 unit 1 encapsulation vlan-ccc set interfaces ge-1/0/4 unit 1 vlan-id-range 1-2 set interfaces ge-1/0/4 unit 2 encapsulation vlan-ccc set interfaces ge-1/0/4 unit 2 vlan-id-range 3-4 set interfaces ge-1/0/4 unit 3 encapsulation vlan-ccc set interfaces ge-1/0/4 unit 3 vlan-id-range 5-6 set interfaces ge-1/1/2 flexible-vlan-tagging set interfaces ge-1/1/2 encapsulation flexible-ethernet-services set interfaces ge-1/1/2 gigether-options loopback set interfaces ge-1/1/2 unit 1 encapsulation vlan-ccc set interfaces ge-1/1/2 unit 1 vlan-id-range 1-2 set interfaces ge-1/1/2 unit 2 encapsulation vlan-ccc set interfaces ge-1/1/2 unit 2 vlan-id-range 3-4 set interfaces ge-1/1/2 unit 3 encapsulation vlan-ccc set interfaces ge-1/1/2 unit 3 vlan-id-range 5-6 set interfaces ge-1/1/3 flexible-vlan-tagging set interfaces ge-1/1/3 encapsulation flexible-ethernet-services set interfaces ge-1/1/3 gigether-options loopback set interfaces ge-1/1/3 unit 1 encapsulation vlan-ccc set interfaces ge-1/1/3 unit 1 vlan-id-range 1-2 set interfaces ge-1/1/3 unit 2 encapsulation vlan-ccc set interfaces ge-1/1/3 unit 2 vlan-id-range 3-4 set interfaces ge-1/1/3 unit 3 encapsulation vlan-ccc set interfaces ge-1/1/3 unit 3 vlan-id-range 5-6 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 virtual-circuit-id 1 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 encapsulation-type ethernet set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 ignore-mtu-mismatch set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 backup-neighbor 103.0.0.1 virtual-circuit-id 1 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection minimum-interval 1000 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection multiplier 4 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection detection-time threshold 5000 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 virtual-circuit-id 2 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 encapsulation-type ethernet set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 ignore-mtu-mismatch set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 backup-neighbor 103.0.0.1 virtual-circuit-id 2 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection minimum-interval 1000 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection multiplier 4 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection detection-time threshold 5000 set routing-options router-id 101.0.0.1 set protocols mpls interface lo0.0 set protocols mpls interface ge-1/0/6.0 set protocols mpls interface ge-1/1/6.0 set protocols mpls interface ge-1/1/4.0 set protocols mpls interface ge-1/1/5.0 set protocols ospf area 0.0.0.0 interface lo0.0 set protocols ospf area 0.0.0.0 interface ge-1/0/6.0 set protocols ospf area 0.0.0.0 interface ge-1/1/6.0 set protocols ospf area 0.0.0.0 interface ge-1/1/4.0 set protocols ospf area 0.0.0.0 interface ge-1/1/5.0 set protocols ldp interface lo0.0 set protocols ldp interface ge-1/0/6.0 set protocols ldp interface ge-1/1/4.0 set protocols ldp interface ge-1/1/5.0 set protocols ldp interface ge-1/1/6.0
手順
次の例では、設定階層のいくつかのレベルに移動する必要があります。CLI のナビゲーションについては、『Junos OS CLIユーザーガイド』の「 コンフィギュレーション・モードで CLI エディタを使用する」を参照してください。
R1を設定するには:
インターフェイスを設定します。
ループバックおよびBNGに接続するインターフェイスには、OSPFおよびLDPを有効にするためのinet(IPv4)ファミリーアドレスがあります。
ループバックインターフェイスを設定します。
PE システムのプライマリ アドレスは、ループバック インターフェイスの下で設定されます。
[edit interfaces] user@host-R1# set lo0 unit 0 family inet address 101.0.0.1/32 primary user@host-R1# set lo0 unit 0 family inet address 101.0.0.1/32 preferred user@host-R1# set lo0 unit 0 family mpls
プライマリとバックアップBNGデバイスの両方に対して、BNGに接続するインターフェイスを設定します。
2つのポートがプライマリBNG(BNG1)に接続され、2つのポートがバックアップBNG(BNG2)に接続されています。構成には、IP/MPLS ネットワーク接続をサポートするための IPv4(inet)および MPLS ファミリー アドレスが含まれています。
[edit interfaces] user@host-R1# set ge-1/0/6 description "To R0 - BNG1" user@host-R1# set ge-1/0/6 unit 0 family inet address 21.21.11.2/24 user@host-R1# set ge-1/0/6 unit 0 family mpls user@host-R1# set ge-1/1/6 description "To R0 - BNG1" user@host-R1# set ge-1/1/6 unit 0 family inet address 21.21.10.2/24 user@host-R1# set ge-1/1/6 unit 0 family mpls user@host-R1# set ge-1/1/4 description "To R3 - BNG2" user@host-R1# set ge-1/1/4 unit 0 family inet address 21.21.20.1/24 user@host-R1# set ge-1/1/4 unit 0 family mpls user@host-R1# set ge-1/1/5 description "To R3 - BNG2" user@host-R1# set ge-1/1/5 unit 0 family inet address 21.21.21.1/24 user@host-R1# set ge-1/1/5 unit 0 family mpls
MPLS 疑似回線のアクセス ポートを設定します。
この例では、1 つの PE デバイスに、MPLS 擬似回線インターフェースに使用されるアクセス ノード接続をエミュレートする5つのアクセス ポートがあります。複数のVLAN値を設定するには、
vlan-id-range
コマンドを使用します。各 VLAN インターフェイスは、1 対 1 のマッピング方式で MPLS 擬似配線に関連付けられます。[edit interfaces] user@host-R1# set ge-1/0/2 flexible-vlan-tagging user@host-R1# set ge-1/0/2 encapsulation flexible-ethernet-services user@host-R1# set ge-1/0/2 gigether-options loopback user@host-R1# set ge-1/0/2 unit 1 encapsulation vlan-ccc user@host-R1# set ge-1/0/2 unit 1 vlan-id-range 1-2 user@host-R1# set ge-1/0/2 unit 2 encapsulation vlan-ccc user@host-R1# set ge-1/0/2 unit 2 vlan-id-range 3-4 user@host-R1# set ge-1/0/2 unit 3 encapsulation vlan-ccc user@host-R1# set ge-1/0/2 unit 3 vlan-id-range 5-6 user@host-R1# set ge-1/0/3 flexible-vlan-tagging user@host-R1# set ge-1/0/3 encapsulation flexible-ethernet-services user@host-R1# set ge-1/0/3 gigether-options loopback user@host-R1# set ge-1/0/3 unit 1 encapsulation vlan-ccc user@host-R1# set ge-1/0/3 unit 1 vlan-id-range 1-2 user@host-R1# set ge-1/0/3 unit 2 encapsulation vlan-ccc user@host-R1# set ge-1/0/3 unit 2 vlan-id-range 3-4 user@host-R1# set ge-1/0/3 unit 3 encapsulation vlan-ccc user@host-R1# set ge-1/0/3 unit 3 vlan-id-range 5-6 user@host-R1# set ge-1/0/4 flexible-vlan-tagging user@host-R1# set ge-1/0/4 encapsulation flexible-ethernet-services user@host-R1# set ge-1/0/4 gigether-options loopback user@host-R1# set ge-1/0/4 unit 1 encapsulation vlan-ccc user@host-R1# set ge-1/0/4 unit 1 vlan-id-range 1-2 user@host-R1# set ge-1/0/4 unit 2 encapsulation vlan-ccc user@host-R1# set ge-1/0/4 unit 2 vlan-id-range 3-4 user@host-R1# set ge-1/0/4 unit 3 encapsulation vlan-ccc user@host-R1# set ge-1/0/4 unit 3 vlan-id-range 5-6 user@host-R1# set ge-1/1/2 flexible-vlan-tagging user@host-R1# set ge-1/1/2 encapsulation flexible-ethernet-services user@host-R1# set ge-1/1/2 gigether-options loopback user@host-R1# set ge-1/1/2 unit 1 encapsulation vlan-ccc user@host-R1# set ge-1/1/2 unit 1 vlan-id-range 1-2 user@host-R1# set ge-1/1/2 unit 2 encapsulation vlan-ccc user@host-R1# set ge-1/1/2 unit 2 vlan-id-range 3-4 user@host-R1# set ge-1/1/2 unit 3 encapsulation vlan-ccc user@host-R1# set ge-1/1/2 unit 3 vlan-id-range 5-6 user@host-R1# set ge-1/1/3 flexible-vlan-tagging user@host-R1# set ge-1/1/3 encapsulation flexible-ethernet-services user@host-R1# set ge-1/1/3 gigether-options loopback user@host-R1# set ge-1/1/3 unit 1 encapsulation vlan-ccc user@host-R1# set ge-1/1/3 unit 1 vlan-id-range 1-2 user@host-R1# set ge-1/1/3 unit 2 encapsulation vlan-ccc user@host-R1# set ge-1/1/3 unit 2 vlan-id-range 3-4 user@host-R1# set ge-1/1/3 unit 3 encapsulation vlan-ccc user@host-R1# set ge-1/1/3 unit 3 vlan-id-range 5-6
以下を含むMPLS擬似配線のL2回線接続を設定します。
イーサネット カプセル化タイプと MTU 不一致を無視するオプション。MPLS擬似配線サービス(PS)インターフェイスがBNGヘッドエンドでMPLS疑似回線タイプ5モード(イーサネットカプセル化)をサポートしているため、これらの要件が必要となります。
バックアップMPLS擬似配線:MPLS擬似回線の障害検知時に、バックアップBNGシステムにフェイルオーバーするためのバックアップネイバーおよび仮想回線IDです。
MPLS疑似配線の到達性のためのBFD。MPLS疑似配線データプレーンの障害検出では、BFDプロトコルを使用します。
ここでは、2つのポートの設定を示します。アクセスするすべてのポートに対して、この手順を繰り返します。
[edit protocols] user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 virtual-circuit-id 1 user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 encapsulation-type ethernet user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 ignore-mtu-mismatch user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 backup-neighbor 103.0.0.1 virtual-circuit-id 1 user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection minimum-interval 1000 user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection multiplier 4 user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection detection-time threshold 5000 user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 virtual-circuit-id 2 user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 encapsulation-type ethernet user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 ignore-mtu-mismatch user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 backup-neighbor 103.0.0.1 virtual-circuit-id 2 user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection minimum-interval 1000 user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection multiplier 4 user@host-R1# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection detection-time threshold 5000
ルーティングプロトコルを設定します。
OSPF は IPv4 ルーティングに対して有効です。MPLS ラベル交換で LDP が有効です。
ルーターIDを設定します。
[edit] user@host-R1# set routing-options router-id 101.0.0.1
MPLS を有効にします。
BNGに接続するポートに接続するすべてのインターフェイスに対してMPLSを設定します。
[edit protocols] user@host-R1# set mpls interface lo0.0 user@host-R1# set mpls interface ge-1/0/6.0 user@host-R1# set mpls interface ge-1/1/6.0 user@host-R1# set mpls interface ge-1/1/4.0 user@host-R1# set mpls interface ge-1/1/5.0
IPv4 ルーティングをサポートするように OSPF を設定します。
OSPFエリアの設定を簡略化するために、多くの場合、 オプションを使用できます
interface all
。ただし、この例では、特定のインターフェイス名を使用することで、関連するインターフェイスのみが OSPF に含まれるようになります。[edit protocols] user@host-R1# set ospf area 0.0.0.0 interface lo0.0 user@host-R1# set ospf area 0.0.0.0 interface ge-1/0/6.0 user@host-R1# set ospf area 0.0.0.0 interface ge-1/1/6.0 user@host-R1# set ospf area 0.0.0.0 interface ge-1/1/4.0 user@host-R1# set ospf area 0.0.0.0 interface ge-1/1/5.0
MPLS ラベル交換のために LDP を有効にします。
ターゲットとなる LDP をサポートするには、BNG に接続するポートとループバック インターフェイスに LDP を設定します。
[edit protocols] user@host-R1# set ldp interface lo0.0 user@host-R1# set ldp interface ge-1/0/6.0 user@host-R1# set ldp interface ge-1/1/4.0 user@host-R1# set ldp interface ge-1/1/5.0 user@host-R1# set ldp interface ge-1/1/6.0
結果
コンフィギュレーション・モードから、以下の show
コマンドを入力してコンフィギュレーションを確認します。
ループバックインターフェイスの設定を確認します。
user@host-R1# show interfaces lo0 unit 0 { family inet { address 101.0.0.1/32 { primary; preferred; } } family mpls; }
BNG向けのインターフェイス設定を確認します。
user@host-R1# show interfaces ge-1/0/6 description "To R0 - BNG1"; vlan-tagging; unit 0 { vlan-id 1; family inet { address 21.21.11.2/24; } family mpls; }
user@host-R1# show interfaces ge-1/1/6 description "To R0 - BNG1"; vlan-tagging; unit 0 { vlan-id 1; family inet { address 21.21.10.2/24; } family mpls; }
user@host-R1# show interfaces ge-1/1/4 description "To R3 - BNG2"; vlan-tagging; unit 0 { vlan-id 1; family inet { address 21.21.20.1/24; } family mpls; }
user@host-R1# show interfaces ge-1/1/5 description "To R3 - BNG2"; vlan-tagging; unit 0 { vlan-id 1; family inet { address 21.21.21.1/24; } family mpls; }
MPLS擬似回線のアクセスポート設定を確認します。
user@host-R1# show interfaces ge-1/0/2 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
user@host-R1# show interfaces ge-1/0/3 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
user@host-R1# show interfaces ge-1/0/4 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
user@host-R1# show interfaces ge-1/1/2 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
user@host-R1# show interfaces ge-1/1/3 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
バックアップMPLS擬似配線の設定を確認します。
user@host-R1# show protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 virtual-circuit-id 1; encapsulation-type ethernet; ignore-mtu-mismatch; backup-neighbor 103.0.0.1 { virtual-circuit-id 1; } oam { bfd-liveness-detection { minimum-interval 1000; multiplier 4; detection-time { threshold 5000; } } }
user@host-R1# show protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 virtual-circuit-id 2; encapsulation-type ethernet; ignore-mtu-mismatch; backup-neighbor 103.0.0.1 { virtual-circuit-id 2; } oam { bfd-liveness-detection { minimum-interval 1000; multiplier 4; detection-time { threshold 5000; } } }
インターフェイスで MPLS が有効になっていることを確認します。
user@host-R1# show protocols mpls interface lo0.0; interface ge-1/0/6.0; interface ge-1/1/6.0; interface ge-1/1/4.0; interface ge-1/1/5.0;
OSPF の設定を確認します。
user@host-R1# show protocols ospf area 0.0.0.0 { interface lo0.0; interface ge-1/0/6.0; interface ge-1/1/6.0; interface ge-1/1/4.0; interface ge-1/1/5.0; }
LDP の設定を確認します。
user@host-R1# show protocols ldp interface lo0.0; interface ge-1/0/6.0; interface ge-1/1/4.0; interface ge-1/1/5.0; interface ge-1/1/6.0;
アクセス/アグリゲーションルーター、R2の設定
CLIクイック構成
この例をすばやく設定するには、次のコマンドをコピーしてテキストファイルに貼り付け、改行を削除して、ネットワーク構成に合わせて必要な詳細を変更し、 階層レベルのCLI [edit]
にコマンドをコピーして貼り付けます。
set interfaces lo0 unit 0 family inet address 102.0.0.1/32 primary set interfaces lo0 unit 0 family inet address 102.0.0.1/32 preferred set interfaces lo0 unit 0 family mpls set interfaces ge-1/0/6 description "To R0 - BNG1" set interfaces ge-1/0/6 unit 0 family inet address 21.21.13.2/24 set interfaces ge-1/0/6 unit 0 family mpls set interfaces ge-1/1/6 description "To R0 - BNG1" set interfaces ge-1/1/6 unit 0 family inet address 21.21.12.2/24 set interfaces ge-1/1/6 unit 0 family mpls set interfaces ge-1/1/4 description "To R3 - BNG2" set interfaces ge-1/1/4 unit 0 family inet address 21.21.30.1/24 set interfaces ge-1/1/4 unit 0 family mpls set interfaces ge-1/1/5 description "To R3 - BNG2" set interfaces ge-1/1/5 unit 0 family inet address 21.21.31.1/24 set interfaces ge-1/1/5 unit 0 family mpls set interfaces ge-1/0/2 flexible-vlan-tagging set interfaces ge-1/0/2 encapsulation flexible-ethernet-services set interfaces ge-1/0/2 gigether-options loopback set interfaces ge-1/0/2 unit 1 encapsulation vlan-ccc set interfaces ge-1/0/2 unit 1 vlan-id-range 1-2 set interfaces ge-1/0/2 unit 2 encapsulation vlan-ccc set interfaces ge-1/0/2 unit 2 vlan-id-range 3-4 set interfaces ge-1/0/2 unit 3 encapsulation vlan-ccc set interfaces ge-1/0/2 unit 3 vlan-id-range 5-6 set interfaces ge-1/0/3 flexible-vlan-tagging set interfaces ge-1/0/3 encapsulation flexible-ethernet-services set interfaces ge-1/0/3 gigether-options loopback set interfaces ge-1/0/3 unit 1 encapsulation vlan-ccc set interfaces ge-1/0/3 unit 1 vlan-id-range 1-2 set interfaces ge-1/0/3 unit 2 encapsulation vlan-ccc set interfaces ge-1/0/3 unit 2 vlan-id-range 3-4 set interfaces ge-1/0/3 unit 3 encapsulation vlan-ccc set interfaces ge-1/0/3 unit 3 vlan-id-range 5-6 set interfaces ge-1/0/4 flexible-vlan-tagging set interfaces ge-1/0/4 encapsulation flexible-ethernet-services set interfaces ge-1/0/4 gigether-options loopback set interfaces ge-1/0/4 unit 1 encapsulation vlan-ccc set interfaces ge-1/0/4 unit 1 vlan-id-range 1-2 set interfaces ge-1/0/4 unit 2 encapsulation vlan-ccc set interfaces ge-1/0/4 unit 2 vlan-id-range 3-4 set interfaces ge-1/0/4 unit 3 encapsulation vlan-ccc set interfaces ge-1/0/4 unit 3 vlan-id-range 5-6 set interfaces ge-1/1/2 flexible-vlan-tagging set interfaces ge-1/1/2 encapsulation flexible-ethernet-services set interfaces ge-1/1/2 gigether-options loopback set interfaces ge-1/1/2 unit 1 encapsulation vlan-ccc set interfaces ge-1/1/2 unit 1 vlan-id-range 1-2 set interfaces ge-1/1/2 unit 2 encapsulation vlan-ccc set interfaces ge-1/1/2 unit 2 vlan-id-range 3-4 set interfaces ge-1/1/2 unit 3 encapsulation vlan-ccc set interfaces ge-1/1/2 unit 3 vlan-id-range 5-6 set interfaces ge-1/1/3 flexible-vlan-tagging set interfaces ge-1/1/3 encapsulation flexible-ethernet-services set interfaces ge-1/1/3 gigether-options loopback set interfaces ge-1/1/3 unit 1 encapsulation vlan-ccc set interfaces ge-1/1/3 unit 1 vlan-id-range 1-2 set interfaces ge-1/1/3 unit 2 encapsulation vlan-ccc set interfaces ge-1/1/3 unit 2 vlan-id-range 3-4 set interfaces ge-1/1/3 unit 3 encapsulation vlan-ccc set interfaces ge-1/1/3 unit 3 vlan-id-range 5-6 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 virtual-circuit-id 1001 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 encapsulation-type ethernet set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 ignore-mtu-mismatch set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 backup-neighbor 103.0.0.1 virtual-circuit-id 1001 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection minimum-interval 1000 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection multiplier 4 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection detection-time threshold 5000 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 virtual-circuit-id 1002 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 encapsulation-type ethernet set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 ignore-mtu-mismatch set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 backup-neighbor 103.0.0.1 virtual-circuit-id 1002 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection minimum-interval 1000 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection multiplier 4 set protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection detection-time threshold 5000 set routing-options router-id 102.0.0.1 set protocols mpls interface ge-1/0/6.0 set protocols mpls interface ge-1/1/6.0 set protocols mpls interface ge-1/1/4.0 set protocols mpls interface ge-1/1/5.0 set protocols ospf area 0.0.0.0 interface lo0.0 set protocols ospf area 0.0.0.0 interface ge-1/0/6.0 set protocols ospf area 0.0.0.0 interface ge-1/1/6.0 set protocols ospf area 0.0.0.0 interface ge-1/1/4.0 set protocols ospf area 0.0.0.0 interface ge-1/1/5.0 set protocols ldp interface lo0.0 set protocols ldp interface ge-1/0/6.0 set protocols ldp interface ge-1/1/4.0 set protocols ldp interface ge-1/1/5.0 set protocols ldp interface ge-1/1/6.0
手順
次の例では、設定階層のいくつかのレベルに移動する必要があります。CLI のナビゲーションについては、『Junos OS 用 CLI ユーザー・ガイド』の「 コンフィギュレーション・モードで CLI エディタを使用する」を参照してください。
R2を設定するには:
インターフェイスを設定します。
ループバックおよびBNGに接続するインターフェイスには、OSPFおよびLDPを有効にするためのinet(IPv4)ファミリーアドレスがあります。
ループバックインターフェイスを設定します。
PE システムのプライマリ アドレスは、ループバック インターフェイスの下で設定されます。
[edit interfaces] user@host-R2# set lo0 unit 0 family inet address 102.0.0.1/32 primary user@host-R2# set lo0 unit 0 family inet address 102.0.0.1/32 preferred user@host-R2# set lo0 unit 0 family mpls
プライマリとバックアップBNGデバイスの両方に対して、BNGに接続するインターフェイスを設定します。
2つのポートがプライマリBNG(BNG1)に接続され、2つのポートがバックアップBNG(BNG2)に接続されています。構成には、IP/MPLS ネットワーク接続をサポートするための IPv4(inet)および MPLS ファミリー アドレスが含まれています。
[edit interfaces] user@host-R2# set ge-1/0/6 description "To R0 - BNG1" user@host-R2# set ge-1/0/6 unit 0 family inet address 21.21.13.2/24 user@host-R2# set ge-1/0/6 unit 0 family mpls user@host-R2# set ge-1/1/6 description "To R0 - BNG1" user@host-R2# set ge-1/1/6 unit 0 family inet address 21.21.12.2/24 user@host-R2# set ge-1/1/6 unit 0 family mpls user@host-R2# set ge-1/1/4 description "To R3 - BNG2" user@host-R2# set ge-1/1/4 unit 0 family inet address 21.21.30.1/24 user@host-R2# set ge-1/1/4 unit 0 family mpls user@host-R2# set ge-1/1/5 description "To R3 - BNG2" user@host-R2# set ge-1/1/5 unit 0 family inet address 21.21.31.1/24 user@host-R2# set ge-1/1/5 unit 0 family mpls
MPLS 疑似回線のアクセス ポートを設定します。
この例では、1 つの PE デバイスに、MPLS 擬似回線インターフェースに使用されるアクセス ノード接続をエミュレートする5つのアクセス ポートがあります。複数のVLAN値を設定するには、
vlan-id-range
コマンドを使用します。各 VLAN インターフェイスは、1 対 1 のマッピング方式で MPLS 擬似配線に関連付けられます。[edit interfaces] user@host-R2# set ge-1/0/2 flexible-vlan-tagging user@host-R2# set ge-1/0/2 encapsulation flexible-ethernet-services user@host-R2# set ge-1/0/2 gigether-options loopback user@host-R2# set ge-1/0/2 unit 1 encapsulation vlan-ccc user@host-R2# set ge-1/0/2 unit 1 vlan-id-range 1-2 user@host-R2# set ge-1/0/2 unit 2 encapsulation vlan-ccc user@host-R2# set ge-1/0/2 unit 2 vlan-id-range 3-4 user@host-R2# set ge-1/0/2 unit 3 encapsulation vlan-ccc user@host-R2# set ge-1/0/2 unit 3 vlan-id-range 5-6 user@host-R2# set ge-1/0/3 flexible-vlan-tagging user@host-R2# set ge-1/0/3 encapsulation flexible-ethernet-services user@host-R2# set ge-1/0/3 gigether-options loopback user@host-R2# set ge-1/0/3 unit 1 encapsulation vlan-ccc user@host-R2# set ge-1/0/3 unit 1 vlan-id-range 1-2 user@host-R2# set ge-1/0/3 unit 2 encapsulation vlan-ccc user@host-R2# set ge-1/0/3 unit 2 vlan-id-range 3-4 user@host-R2# set ge-1/0/3 unit 3 encapsulation vlan-ccc user@host-R2# set ge-1/0/3 unit 3 vlan-id-range 5-6 user@host-R2# set ge-1/0/4 flexible-vlan-tagging user@host-R2# set ge-1/0/4 encapsulation flexible-ethernet-services user@host-R2# set ge-1/0/4 gigether-options loopback user@host-R2# set ge-1/0/4 unit 1 encapsulation vlan-ccc user@host-R2# set ge-1/0/4 unit 1 vlan-id-range 1-2 user@host-R2# set ge-1/0/4 unit 2 encapsulation vlan-ccc user@host-R2# set ge-1/0/4 unit 2 vlan-id-range 3-4 user@host-R2# set ge-1/0/4 unit 3 encapsulation vlan-ccc user@host-R2# set ge-1/0/4 unit 3 vlan-id-range 5-6 user@host-R2# set ge-1/1/2 flexible-vlan-tagging user@host-R2# set ge-1/1/2 encapsulation flexible-ethernet-services user@host-R2# set ge-1/1/2 gigether-options loopback user@host-R2# set ge-1/1/2 unit 1 encapsulation vlan-ccc user@host-R2# set ge-1/1/2 unit 1 vlan-id-range 1-2 user@host-R2# set ge-1/1/2 unit 2 encapsulation vlan-ccc user@host-R2# set ge-1/1/2 unit 2 vlan-id-range 3-4 user@host-R2# set ge-1/1/2 unit 3 encapsulation vlan-ccc user@host-R2# set ge-1/1/2 unit 3 vlan-id-range 5-6 user@host-R2# set ge-1/1/3 flexible-vlan-tagging user@host-R2# set ge-1/1/3 encapsulation flexible-ethernet-services user@host-R2# set ge-1/1/3 gigether-options loopback user@host-R2# set ge-1/1/3 unit 1 encapsulation vlan-ccc user@host-R2# set ge-1/1/3 unit 1 vlan-id-range 1-2 user@host-R2# set ge-1/1/3 unit 2 encapsulation vlan-ccc user@host-R2# set ge-1/1/3 unit 2 vlan-id-range 3-4 user@host-R2# set ge-1/1/3 unit 3 encapsulation vlan-ccc user@host-R2# set ge-1/1/3 unit 3 vlan-id-range 5-6
以下を含むMPLS擬似配線のL2回線接続を設定します。
イーサネット カプセル化タイプと MTU 不一致を無視するオプション。MPLS擬似配線サービス(PS)インターフェイスがBNGヘッドエンドでMPLS疑似回線タイプ5モード(イーサネットカプセル化)をサポートしているため、これらの要件が必要となります。
バックアップMPLS擬似配線:MPLS擬似回線の障害検知時に、バックアップBNGシステムにフェイルオーバーするためのバックアップネイバーおよび仮想回線IDです。
MPLS疑似配線の到達性のためのBFD。MPLS疑似配線データプレーンの障害検出では、BFDプロトコルを使用します。
ここでは、2つのポートの設定を示します。アクセスするすべてのポートに対して、この手順を繰り返します。
[edit protocols] user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 virtual-circuit-id 1001 user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 encapsulation-type ethernet user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 ignore-mtu-mismatch user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 backup-neighbor 103.0.0.1 virtual-circuit-id 1001 user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection minimum-interval 1000 user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection multiplier 4 user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 oam bfd-liveness-detection detection-time threshold 5000 user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 virtual-circuit-id 1002 user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 encapsulation-type ethernet user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 ignore-mtu-mismatch user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 backup-neighbor 103.0.0.1 virtual-circuit-id 1002 user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection minimum-interval 1000 user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection multiplier 4 user@host-R2# set l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 oam bfd-liveness-detection detection-time threshold 5000
ルーティングプロトコルを設定します。
OSPF は IPv4 ルーティングに対して有効です。MPLS ラベル交換で LDP が有効です。
ルーターIDを設定します。
[edit] user@host-R2# set routing-options router-id 102.0.0.1
MPLS を有効にします。
BNGに接続するポートに接続するすべてのインターフェイスに対してMPLSを設定します。
[edit protocols] user@host-R2# set mpls interface ge-1/0/6.0 user@host-R2# set mpls interface ge-1/1/6.0 user@host-R2# set mpls interface ge-1/1/4.0 user@host-R2# set mpls interface ge-1/1/5.0
IPv4 ルーティングをサポートするように OSPF を設定します。
OSPFエリアの設定を簡略化するために、多くの場合、 オプションを使用できます
interface all
。ただし、この例では、特定のインターフェイス名を使用することで、関連するインターフェイスのみが OSPF に含まれるようになります。[edit protocols] user@host-R2# set ospf area 0.0.0.0 interface lo0.0 user@host-R2# set ospf area 0.0.0.0 interface ge-1/0/6.0 user@host-R2# set ospf area 0.0.0.0 interface ge-1/1/6.0 user@host-R2# set ospf area 0.0.0.0 interface ge-1/1/4.0 user@host-R2# set ospf area 0.0.0.0 interface ge-1/1/5.0
MPLS ラベル交換のために LDP を有効にします。
ターゲットとなる LDP をサポートするには、BNG に接続するポートとループバック インターフェイスに LDP を設定します。
[edit protocols] user@host-R2# set ldp interface lo0.0 user@host-R2# set ldp interface ge-1/0/6.0 user@host-R2# set ldp interface ge-1/1/4.0 user@host-R2# set ldp interface ge-1/1/5.0 user@host-R2# set ldp interface ge-1/1/6.0
結果
コンフィギュレーション・モードから、以下の show
コマンドを入力してコンフィギュレーションを確認します。
ループバックインターフェイスの設定を確認します。
user@host-R2# show interfaces lo0 unit 0 { family inet { address 102.0.0.1/32 { primary; preferred; } } family mpls; }
BNG向けのインターフェイス設定を確認します。
user@host-R2# show interfaces ge-1/0/6 description "To R0 - BNG1"; unit 0 { family inet { address 21.21.13.2/24 { } family mpls; }
user@host-R2# show interfaces ge-1/1/6 description "To R0 - BNG1"; unit 0 { family inet { address 21.21.12.2/24; } family mpls; }
user@host-R2# show interfaces ge-1/1/4 description "To R3 - BNG2"; unit 0 { family inet { address 21.21.230.1/24; } family mpls; }
user@host-R2# show interfaces ge-1/1/5 description "To R3 - BNG2"; unit 0 { family inet { address 21.21.31.1/24; } family mpls; }
MPLS擬似回線のアクセスポート設定を確認します。
user@host-R2# show interfaces ge-1/0/2 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
user@host-R2# show interfaces ge-1/0/3 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
user@host-R2# show interfaces ge-1/0/4 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
user@host-R2# show interfaces ge-1/1/2 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
user@host-R2# show interfaces ge-1/1/3 flexible-vlan-tagging; encapsulation flexible-ethernet-services; gigether-options { loopback; } unit 1 { encapsulation vlan-ccc; vlan-id-range 1-2; } unit 2 { encapsulation vlan-ccc; vlan-id-range 3-4; } unit 3 { encapsulation vlan-ccc; vlan-id-range 5-6; }
MPLS擬似配線のL2回線接続設定を確認します。
user@host-R2# show protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.1 virtual-circuit-id 1001; encapsulation-type ethernet; ignore-mtu-mismatch; backup-neighbor 103.0.0.1 { virtual-circuit-id 1001; } oam { bfd-liveness-detection { minimum-interval 1000; multiplier 4; detection-time { threshold 5000; } } }
user@host-R2# show protocols l2circuit neighbor 100.0.0.1 interface ge-1/0/2.2 virtual-circuit-id 1002; encapsulation-type ethernet; ignore-mtu-mismatch; backup-neighbor 103.0.0.1 { virtual-circuit-id 1002; } oam { bfd-liveness-detection { minimum-interval 1000; multiplier 4; detection-time { threshold 5000; } } }
MPLS の設定を確認します。
user@host-R2# show protocols mpls interface ge-1/0/6.0; interface ge-1/1/6.0; interface ge-1/1/4.0; interface ge-1/1/5.0;
OSPF の設定を確認します。
user@host-R2# show protocols ospf area 0.0.0.0 { interface lo0.0; interface ge-1/0/6.0; interface ge-1/1/6.0; interface ge-1/1/4.0; interface ge-1/1/5.0; }
LDP の設定を確認します。
user@host-R2# show protocols ldp interface lo0.0; interface ge-1/0/6.0; interface ge-1/1/4.0; interface ge-1/1/5.0; interface ge-1/1/6.0;
BNG ルーター、R0 の設定
CLIクイック構成
図3 は、参考例のトポロジーのコンテキストでBNGルーター(R0とR3)を示しています。
この例をすばやく設定するには、次のコマンドをコピーしてテキストファイルに貼り付け、改行を削除して、ネットワーク構成に合わせて必要な詳細を変更し、 階層レベルのCLI [edit]
にコマンドをコピーして貼り付けます。
set system dynamic-profile-options versioning set dynamic-profiles client-profile interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet unnumbered-address lo0.0 set dynamic-profiles client-profile interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 unnumbered-address lo0.0 set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" no-traps set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" ppp-options chap set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" ppp-options pap set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" pppoe-options underlying-interface "$junos-underlying-interface" set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" pppoe-options server set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" keepalives interval 30 set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" family inet unnumbered-address lo0.0 set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" family inet6 unnumbered-address lo0.0 set class-of-service forwarding-classes queue 0 FC0 set class-of-service forwarding-classes queue 1 FC1 set class-of-service forwarding-classes queue 2 FC2 set class-of-service forwarding-classes queue 3 FC3 set class-of-service forwarding-classes queue 4 FC4 set class-of-service forwarding-classes queue 5 FC5 set class-of-service forwarding-classes queue 6 FC6 set class-of-service forwarding-classes queue 7 FC7 set dynamic-profiles vlan-prof-0 predefined-variable-defaults cos-scheduler-map SMAP_PS set dynamic-profiles vlan-prof-0 predefined-variable-defaults cos-shaping-rate 60m set dynamic-profiles vlan-prof-0 predefined-variable-defaults cos-guaranteed-rate 50m set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" no-traps set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags outer "$junos-stacked-vlan-id" set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags inner "$junos-vlan-id" set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet rpf-check fail-filter RPF-PASS-DHCP-V4 set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet unnumbered-address lo0.0 set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 rpf-check fail-filter RPF-PASS-DHCP-V6 set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 unnumbered-address lo0.0 set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family pppoe dynamic-profile pppoe-client-profile set dynamic-profiles vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” max-advertisement-interval 1800 set dynamic-profiles vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” min-advertisement-interval 1350 set dynamic-profiles vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” managed-configuration set dynamic-profiles vlan-prof-0 class-of-service traffic-control-profiles TCP_PS scheduler-map "$junos-cos-scheduler-map" set dynamic-profiles vlan-prof-0 class-of-service traffic-control-profiles TCP_PS shaping-rate "$junos-cos-shaping-rate" set dynamic-profiles vlan-prof-0 class-of-service traffic-control-profiles TCP_PS guaranteed-rate "$junos-cos-guaranteed-rate" set dynamic-profiles vlan-prof-0 class-of-service interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" output-traffic-control-profile TCP_PS set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC3 scheduler FC3_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC4 scheduler FC4_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC5 scheduler FC5_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC6 scheduler FC6_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC7 scheduler FC7_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0 forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC1 forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC2 forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1 forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1 forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC1_FC2 forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC1_FC2 forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC2 forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC2 forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC3 scheduler FC3_SCH set dynamic-profiles vlan-prof-0 class-of-service schedulers FC0_SCH transmit-rate 128k set dynamic-profiles vlan-prof-0 class-of-service schedulers FC0_SCH priority strict-high set dynamic-profiles vlan-prof-0 class-of-service schedulers FC1_SCH transmit-rate 20m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC1_SCH priority medium-high set dynamic-profiles vlan-prof-0 class-of-service schedulers FC2_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC3_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC4_SCH transmit-rate 2m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC4_SCH buffer-size percent 2 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC4_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC4_SCH drop-profile-map loss-priority low protocol any drop-profile DP_04 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC5_SCH transmit-rate 2m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC5_SCH buffer-size percent 2 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC5_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC5_SCH drop-profile-map loss-priority low protocol any drop-profile DP_05 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC6_SCH transmit-rate 2m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC6_SCH buffer-size percent 2 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC6_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC6_SCH drop-profile-map loss-priority low protocol any drop-profile DP_06 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC7_SCH transmit-rate 2m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC7_SCH buffer-size percent 2 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC7_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC7_SCH drop-profile-map loss-priority low protocol any drop-profile DP_07 set dynamic-profiles DHCP-SERVICE-PROFILE variables I_V4_FILTER set dynamic-profiles DHCP-SERVICE-PROFILE variables O_V4_FILTER set dynamic-profiles DHCP-SERVICE-PROFILE variables I_V6_FILTER set dynamic-profiles DHCP-SERVICE-PROFILE variables O_V6_FILTER set dynamic-profiles DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet filter input "$I_V4_FILTER" set dynamic-profiles DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet filter output "$O_V4_FILTER" set dynamic-profiles DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 filter input "$I_V6_FILTER" set dynamic-profiles DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 filter output "$O_V6_FILTER" set dynamic-profiles PPPOE-SERVICE-PROFILE variables I_V4_FILTER set dynamic-profiles PPPOE-SERVICE-PROFILE variables O_V4_FILTER set dynamic-profiles PPPOE-SERVICE-PROFILE variables I_V6_FILTER set dynamic-profiles PPPOE-SERVICE-PROFILE variables O_V6_FILTER set dynamic-profiles PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet filter input "$I_V4_FILTER" set dynamic-profiles PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet filter output "$O_V4_FILTER" set dynamic-profiles PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet6 filter input "$I_V6_FILTER" set dynamic-profiles PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet6 filter output "$O_V6_FILTER" set system services dhcp-local-server dhcpv6 group v6-ppp-client-0 interface pp0.0 set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 authentication password <password> set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 authentication username-include user-prefix SST_USER_DHCP_V4_DEFAULT set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 dynamic-profile client-profile set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 interface ps0.0 set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 interface ps1.0 set system services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 authentication password <password> set system services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 authentication username-include user-prefix SST_USER_DHCP_V6_DEFAULT set system services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 dynamic-profile client-profile set system services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 interface ps0.0 set system services dhcp-local-server dhcpv6 group v6-dhcp-client-1-ACCESS-0-ps1 interface ps1.0 set system redundancy graceful-switchover set chassis pseudowire-service device-count 2048 set system services subscriber-management gres-route-flush-delay set system services resource-monitor high-threshold 80 set system commit synchronize set chassis fpc 0 pic 0 tunnel-services bandwidth 1g set chassis fpc 0 pic 0 traffic-manager egress-shaping-overhead 0 set chassis fpc 0 pic 1 tunnel-services bandwidth 1g set chassis fpc 0 pic 1 traffic-manager egress-shaping-overhead 0 set chassis fpc 0 pic 2 tunnel-services bandwidth 1g set chassis fpc 0 pic 2 traffic-manager egress-shaping-overhead 0 set chassis fpc 0 pic 3 tunnel-services bandwidth 1g set chassis fpc 0 pic 3 traffic-manager egress-shaping-overhead 0 set access-profile Access-Profile-0 set interfaces lo0 unit 0 family inet address 100.0.0.1/32 primary set interfaces lo0 unit 0 family inet address 100.0.0.1/32 preferred set interfaces lo0 unit 0 family inet6 address 1000:0::1/128 primary set interfaces lo0 unit 0 family inet6 address 1000:0::1/128 preferred set interfaces lo0 unit 0 family mpls set interfaces ge-4/0/0 description "To R4 - Core" set interfaces ge-4/0/0 unit 0 family inet address 21.21.14.1/24 set interfaces ge-4/0/0 unit 0 family inet6 set interfaces ge-4/0/0 unit 0 family mpls set interfaces ge-5/0/0 description "To R4 - Core" set interfaces ge-5/0/0 unit 0 family inet address 21.21.15.1/24 set interfaces ge-5/0/0 unit 0 family inet6 set interfaces ge-5/0/0 unit 0 family mpls set interfaces ge-0/0/0 description "To R1 - APE1" set interfaces ge-0/0/0 unit 0 family inet address 21.21.11.1/24 set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-1/0/0 description "To R1 - APE1" set interfaces ge-1/0/0 unit 0 family inet address 21.21.10.1/24 set interfaces ge-1/0/0 unit 0 family mpls set interfaces ge-2/0/0 description "To R2 - APE2" set interfaces ge-2/0/0 unit 0 family inet address 21.21.13.1/24 set interfaces ge-2/0/0 unit 0 family mpls set interfaces ge-3/0/0 description "To R2 - APE2" set interfaces ge-3/0/0 unit 0 family inet address 21.21.12.1/24 set interfaces ge-3/0/0 unit 0 family mpls set interfaces lt-0/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-0/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-0/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-0/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-1/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-1/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-1/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-1/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-2/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-2/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-2/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-2/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-3/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-3/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-3/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-3/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces ps0 anchor-point lt-0/0/10 set interfaces ps0 flexible-vlan-tagging set interfaces ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept inet set interfaces ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept inet6 set interfaces ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept pppoe set interfaces ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 ranges 1-256,1-4094 set interfaces ps0 auto-configure stacked-vlan-ranges authentication password <password> set interfaces ps0 auto-configure stacked-vlan-ranges authentication username-include user-prefix SST_USER_VLAN_DEFAULT set interfaces ps0 auto-configure remove-when-no-subscribers set interfaces ps0 no-gratuitous-arp-request set interfaces ps0 unit 0 encapsulation ethernet-ccc set routing-options ppm redistribution-timer 1 set routing-options nonstop-routing set routing-options nsr-phantom-holdtime 1 set routing-options router-id 100.0.0.1 set routing-options forwarding-table remnant-holdtime 100 set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 virtual-circuit-id 1 set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 ignore-mtu-mismatch set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection minimum-interval 1000 set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection multiplier 4 set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection detection-time threshold 5000 set protocols mpls ipv6-tunneling set protocols mpls interface lo0.0 set protocols mpls interface ge-0/0/0.0 set protocols mpls interface ge-1/0/0.0 set protocols mpls interface ge-2/0/0.0 set protocols mpls interface ge-3/0/0.0 set protocols mpls interface ge-4/0/0.0 set protocols mpls interface ge-5/0/0.0 set protocols ospf export EXPORT_BNG_ACCESS_INTERNAL set protocols ospf area 0.0.0.0 interface lo0.0 set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 set protocols ospf area 0.0.0.0 interface ge-1/0/0.0 set protocols ospf area 0.0.0.0 interface ge-2/0/0.0 set protocols ospf area 0.0.0.0 interface ge-3/0/0.0 set protocols ospf area 0.0.0.0 interface ge-4/0/0.0 set protocols ospf area 0.0.0.0 interface ge-5/0/0.0 set protocols ospf3 export EXPORT_BNG_ACCESS_INTERNAL set protocols ospf3 area 0.0.0.0 interface lo0.0 set protocols ospf3 area 0.0.0.0 interface ge-4/0/0.0 set protocols ospf3 area 0.0.0.0 interface ge-5/0/0.0 set protocols ldp interface lo0.0 set protocols ldp interface ge-0/0/0.0 set protocols ldp interface ge-1/0/0.0 set protocols ldp interface ge-2/0/0.0 set protocols ldp interface ge-3/0/0.0 set protocols ldp interface ge-4/0/0.0 set protocols ldp interface ge-5/0/0.0 set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from family inet set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from route-filter 100.0.0.0/8 orlonger set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 then accept set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from family inet6 set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from route-filter 1000:0000:0000:0000:0000:0000:0000:0000/64 orlonger set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 then accept set firewall family inet filter INPUT-V4-FILTER-01 interface-specific set firewall family inet filter INPUT-V4-FILTER-01 term TERM1 from packet-length-except 64 set firewall family inet filter INPUT-V4-FILTER-01 term TERM1 then count COUNTER11 set firewall family inet filter INPUT-V4-FILTER-01 term TERM1 then next term set firewall family inet filter INPUT-V4-FILTER-01 term TERM2 then service-accounting set firewall family inet filter INPUT-V4-FILTER-01 term TERM2 then accept set firewall family inet filter OUTPUT-V4-FILTER-01 interface-specific set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM1 from packet-length-except 64 set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM1 then count COUNTER12 set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM1 then next term set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM2 then service-accounting set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM2 then accept set firewall family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP from destination-address 255.255.255.255/32 set firewall family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP from destination-port dhcp set firewall family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP then count RPF-DHCP-V4-TRAFFIC set firewall family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP then accept set firewall family inet filter RPF-PASS-DHCP-V4 term DEFAULT then discard set firewall family inet6 filter INPUT-V6-FILTER-01 interface-specific set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM1 from packet-length-except 64 set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM1 then count COUNTER21 set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM1 then next term set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM2 then service-accounting set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM2 then accept set firewall family inet6 filter OUTPUT-V6-FILTER-01 interface-specific set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 from packet-length-except 64 set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 then count COUNTER22 set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 then next term set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM2 then service-accounting set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM2 then accept set firewall family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP from destination-port dhcp set firewall family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP then count RPF-DHCP-V6-TRAFFIC set firewall family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP then accept set firewall family inet6 filter RPF-PASS-DHCP-V6 term DEFAULT then discard set access radius-server 9.0.0.9 secret "$ABC123"; ## SECRET-DATA set access radius-server 9.0.0.9 timeout 20 set access radius-server 9.0.0.9 retry 5 set access radius-server 9.0.0.9 max-outstanding-requests 1000 set access radius-server 9.0.0.9 source-address 100.0.0.1 set access domain-name-server-inet 9.0.0.100 set access domain-name-server-inet 9.0.0.101 set access domain-name-server-inet6 2000:abcd::9.0.0.100 set access domain-name-server-inet6 2000:abcd::9.0.0.101 set access profile Access-Profile-0 authentication-order radius set access profile Access-Profile-0 radius authentication-server 9.0.0.9 set access profile Access-Profile-0 radius accounting-server 9.0.0.9 set access profile Access-Profile-0 radius options nas-identifier R0-BNG1 set access profile Access-Profile-0 accounting order radius set access profile Access-Profile-0 accounting accounting-stop-on-failure set access profile Access-Profile-0 accounting accounting-stop-on-access-deny set access profile Access-Profile-0 accounting update-interval 10 set access profile Access-Profile-0 accounting statistics volume-time set access address-assignment pool v4-pool-0 family inet network 100.0.0.0/8 set access address-assignment pool v4-pool-0 family inet range v4-range-0 low 100.16.0.1 set access address-assignment pool v4-pool-0 family inet range v4-range-0 high 100.31.255.255 set access address-assignment pool v4-pool-0 family inet dhcp-attributes maximum-lease-time 25200 set access address-assignment pool v6-pd-pool-0 family inet6 prefix 1000:0000:0000:0000:0000:0000:0000:0000/64 set access address-assignment pool v6-na-pool-0 family inet6 range v6-range-0 prefilx-length 56 set access address-assignment pool v6-na-pool-0 family inet6 dhcp-attributes maximum-lease-time 25200 set access address-protection set access tunnel-profile Tunnel-1 tunnel 1 preference 1 set access tunnel-profile Tunnel-1 tunnel 1 remote-gateway address 105.0.0.1 set access tunnel-profile Tunnel-1 tunnel 1 source-gateway address 100.0.0.1 set access tunnel-profile Tunnel-1 tunnel 1 secret "$ABC123"; ## SECRET-DATA set access tunnel-profile Tunnel-1 tunnel 1 medium ipv4 set access tunnel-profile Tunnel-1 tunnel 1 tunnel-type l2tp set access tunnel-profile Tunnel-1 tunnel 1 identification Tunnel-ID-1 set access domain map ABC1.COM tunnel-profile Tunnel-1
手順
次の例では、設定階層のいくつかのレベルに移動する必要があります。CLI のナビゲーションについては、『Junos OS 用 CLI ユーザー・ガイド』の「 コンフィギュレーション・モードで CLI エディタを使用する」を参照してください。
R0 BNGルーターを設定するには:
動的プロファイルで複数のバージョンを使用できるようにします。
サブスクライバーによって現在使用されている動的プロファイルの新しいバージョンを作成できます。動的プロファイルの変更後にログインするサブスクライバーは、最新バージョンの動的プロファイルを使用します。すでにアクティブなサブスクライバーは、ログアウトするかセッションが終了するまで、古いバージョンの動的プロファイルを使用し続けます。
メモ:ルーターで動的プロファイルを作成または使用する前に、動的プロファイルバージョン作成を有効または無効にする必要があります。動的プロファイルの構成後に動的プロファイル バージョンの作成を有効または無効にすることはサポートされていません。
[edit system] user@host-R0# set dynamic-profile-options versioning
クライアントプロファイルインターフェイスを作成します。
[edit dynamic-profiles] user@host-R0# set client-profile interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet unnumbered-address lo0.0 user@host-R0#set client-profile interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 unnumbered-address lo0.0
動的 PPPoE クライアント プロファイルを設定します。
ルータが PPPoE の基礎となるインターフェイス上に動的 PPPoE 加入者インターフェイスを作成できるようにするには、動的プロファイルで PPPoE 論理インターフェイスの属性を定義し、動的プロファイルを使用するように基礎となるインターフェイスを設定します。
[edit dynamic-profiles] user@host-R0# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" no-traps user@host-R0# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" ppp-options chap user@host-R0# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" ppp-options pap user@host-R0# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" pppoe-options underlying-interface "$junos-underlying-interface" user@host-R0# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" pppoe-options server user@host-R0# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" keepalives interval 30 user@host-R0# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" family inet unnumbered-address lo0.0 user@host-R0# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" family inet6 unnumbered-address lo0.0
CoS 転送クラスを設定し、キューにマッピングします。
[edit class-of-service] user@host-R0# set forwarding-classes queue 0 FC0 user@host-R0# set forwarding-classes queue 1 FC1 user@host-R0# set forwarding-classes queue 2 FC2 user@host-R0# set forwarding-classes queue 3 FC3 user@host-R0# set forwarding-classes queue 4 FC4 user@host-R0# set forwarding-classes queue 5 FC5 user@host-R0# set forwarding-classes queue 6 FC6 user@host-R0# set forwarding-classes queue 7 FC7
動的 VLAN プロファイルを設定します。
定義済み変数、動的物理インターフェイス、CoSパラメータのデフォルトを含む、動的VLANプロファイルを作成します。
定義済み変数のデフォルトを設定します。
[edit dynamic-profiles] user@host-R0# set vlan-prof-0 predefined-variable-defaults cos-scheduler-map SMAP_PS user@host-R0# set vlan-prof-0 predefined-variable-defaults cos-shaping-rate 60m user@host-R0# set vlan-prof-0 predefined-variable-defaults cos-guaranteed-rate 50m
動的物理インターフェイスを設定します。
[edit dynamic-profiles] user@host-R0# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" no-traps user@host-R0# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags outer "$junos-stacked-vlan-id" user@host-R0# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags inner "$junos-vlan-id" user@host-R0# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet rpf-check fail-filter RPF-PASS-DHCP-V4 user@host-R0# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet unnumbered-address lo0.0 user@host-R0# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 rpf-check fail-filter RPF-PASS-DHCP-V6 user@host-R0# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 unnumbered-address lo0.0 user@host-R0# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family pppoe dynamic-profile pppoe-client-profile
ルーターアドバタイズメントを設定します。
[edit dynamic-profiles] user@host-R0# set vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” max-advertisement-interval 1800 user@host-R0# set vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” min-advertisement-interval 1350 user@host-R0# set vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” managed-configuration
CoS トラフィック制御プロファイルを設定します。
[edit dynamic-profiles] user@host-R0# set vlan-prof-0 class-of-service traffic-control-profiles TCP_PS scheduler-map "$junos-cos-scheduler-map" user@host-R0# set vlan-prof-0 class-of-service traffic-control-profiles TCP_PS shaping-rate "$junos-cos-shaping-rate" user@host-R0# set vlan-prof-0 class-of-service traffic-control-profiles TCP_PS guaranteed-rate "$junos-cos-guaranteed-rate" user@host-R0# set vlan-prof-0 class-of-service interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" output-traffic-control-profile TCP_PS
CoSスケジューラマップを設定します。
[edit dynamic-profiles] user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC0 scheduler FC0_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC1 scheduler FC1_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC2 scheduler FC2_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC3 scheduler FC3_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC4 scheduler FC4_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC5 scheduler FC5_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC6 scheduler FC6_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC7 scheduler FC7_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0 forwarding-class FC0 scheduler FC0_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC1 forwarding-class FC1 scheduler FC1_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC2 forwarding-class FC2 scheduler FC2_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1 forwarding-class FC0 scheduler FC0_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1 forwarding-class FC1 scheduler FC1_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC1_FC2 forwarding-class FC1 scheduler FC1_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC1_FC2 forwarding-class FC2 scheduler FC2_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC2 forwarding-class FC0 scheduler FC0_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC2 forwarding-class FC2 scheduler FC2_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC0 scheduler FC0_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC1 scheduler FC1_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC2 scheduler FC2_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC0 scheduler FC0_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC1 scheduler FC1_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC2 scheduler FC2_SCH user@host-R0# set vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC3 scheduler FC3_SCH
CoSスケジューラを設定します。
[edit dynamic-profiles] user@host-R0# set vlan-prof-0 class-of-service schedulers FC0_SCH transmit-rate 128k user@host-R0# set vlan-prof-0 class-of-service schedulers FC0_SCH priority strict-high user@host-R0# set vlan-prof-0 class-of-service schedulers FC1_SCH transmit-rate 20m user@host-R0# set vlan-prof-0 class-of-service schedulers FC1_SCH priority medium-high user@host-R0# set vlan-prof-0 class-of-service schedulers FC2_SCH priority low user@host-R0# set vlan-prof-0 class-of-service schedulers FC3_SCH priority low user@host-R0# set vlan-prof-0 class-of-service schedulers FC4_SCH transmit-rate 2m user@host-R0# set vlan-prof-0 class-of-service schedulers FC4_SCH buffer-size percent 2 user@host-R0# set vlan-prof-0 class-of-service schedulers FC4_SCH priority low user@host-R0# set vlan-prof-0 class-of-service schedulers FC4_SCH drop-profile-map loss-priority low protocol any drop-profile DP_04 user@host-R0# set vlan-prof-0 class-of-service schedulers FC5_SCH transmit-rate 2m user@host-R0# set vlan-prof-0 class-of-service schedulers FC5_SCH buffer-size percent 2 user@host-R0# set vlan-prof-0 class-of-service schedulers FC5_SCH priority low user@host-R0# set vlan-prof-0 class-of-service schedulers FC5_SCH drop-profile-map loss-priority low protocol any drop-profile DP_05 user@host-R0# set vlan-prof-0 class-of-service schedulers FC6_SCH transmit-rate 2m user@host-R0# set vlan-prof-0 class-of-service schedulers FC6_SCH buffer-size percent 2 user@host-R0# set vlan-prof-0 class-of-service schedulers FC6_SCH priority low user@host-R0# set vlan-prof-0 class-of-service schedulers FC6_SCH drop-profile-map loss-priority low protocol any drop-profile DP_06 user@host-R0# set vlan-prof-0 class-of-service schedulers FC7_SCH transmit-rate 2m user@host-R0# set vlan-prof-0 class-of-service schedulers FC7_SCH buffer-size percent 2 user@host-R0# set vlan-prof-0 class-of-service schedulers FC7_SCH priority low user@host-R0# set vlan-prof-0 class-of-service schedulers FC7_SCH drop-profile-map loss-priority low protocol any drop-profile DP_07
DHCP サービス プロファイルを作成します。
サービス プロファイル変数を設定します。
[edit dynamic-profiles] user@host-R0# set DHCP-SERVICE-PROFILE variables I_V4_FILTER user@host-R0# set DHCP-SERVICE-PROFILE variables O_V4_FILTER user@host-R0# set DHCP-SERVICE-PROFILE variables I_V6_FILTER user@host-R0# set DHCP-SERVICE-PROFILE variables O_V6_FILTER
DHCP サービス プロファイルの動的インターフェイスを作成し、フィルタを関連付けます。
[edit dynamic-profiles] user@host-R0# set DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet filter input "$I_V4_FILTER" user@host-R0# set DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet filter output "$O_V4_FILTER" user@host-R0# set DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 filter input "$I_V6_FILTER" user@host-R0# set DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 filter output "$O_V6_FILTER"
PPPoE サービス プロファイルを作成します。
PPPoE サービス プロファイル変数を設定します。
[edit dynamic-profiles] user@host-R0# set PPPOE-SERVICE-PROFILE variables I_V4_FILTER user@host-R0# set PPPOE-SERVICE-PROFILE variables O_V4_FILTER user@host-R0# set PPPOE-SERVICE-PROFILE variables I_V6_FILTER user@host-R0# set PPPOE-SERVICE-PROFILE variables O_V6_FILTER
PPPoE サービス プロファイルの動的インターフェイスを作成し、フィルタを関連付けます。
[edit dynamic-profiles] user@host-R0# set PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet filter input "$I_V4_FILTER" user@host-R0# set PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet filter output "$O_V4_FILTER" user@host-R0# set PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet6 filter input "$I_V6_FILTER" user@host-R0# set PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet6 filter output "$O_V6_FILTER"
DHCP を設定します。
ギガビットイーサネットや集合型イーサネットなどの物理インターフェイスに関連付けられた従来のブロードバンドサービス構成とは異なり、このソリューション構成は、ブロードバンド加入者の終端に疑似回線インターフェイスと仮想イーサネットポートに依存します。
このソリューション構成で疑似回線インターフェイスを介して動的に作成されたすべての VLAN は、MPLS 擬似回線加入者トンネルを経由して着信し、擬似回線アンカー インターフェイスに到着する DHCP メッセージを処理できます。
デュアル スタック PPPoE セッション:PPPoE セッションに対して DHCPv6 を有効にします。
[edit system] user@host-R0#set services dhcp-local-server dhcpv6 group v6-ppp-client-0 interface pp0.0
DHCPv4 セッション - 疑似回線インターフェイスの IPv4 ローカル サーバー グループを設定します。
グループにパスワード、ユーザー名プレフィックス、動的プロファイルを割り当てます。疑似回線インターフェイスをグループに関連づけます。ここでは、2本の疑似配線を示しています。すべての疑似回線インターフェイスに対して、この手順を繰り返します。
[edit system] user@host-R0# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 authentication password <password> user@host-R0# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 authentication username-include user-prefix SST_USER_DHCP_V4_DEFAULT user@host-R0# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 dynamic-profile client-profile user@host-R0# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 interface ps0.0 user@host-R0# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 interface ps1.0
DHCPv6セッション:疑似回線インターフェイスのIPv6ローカルサーバーグループを設定します。
グループにパスワード、ユーザー名プレフィックス、動的プロファイルを割り当てます。疑似回線インターフェイスをグループに関連づけます。これにより、擬似回線加入者インターフェイスを介した VLAN を使用した DHCPv6 加入者認証が有効になります。ここでは、2本の疑似配線を示しています。すべての疑似回線インターフェイスに対して、この手順を繰り返します。
[edit system] user@host-R0# set services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 authentication password <password> user@host-R0# set services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 authentication username-include user-prefix SST_USER_DHCP_V6_DEFAULT user@host-R0# set services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 dynamic-profile client-profile user@host-R0# set services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 interface ps0.0 user@host-R0# set services dhcp-local-server dhcpv6 group v6-dhcp-client-1-ACCESS-0-ps1 interface ps1.0
グレースフルスイッチオーバーとデバイス数を設定します。
プライマリルーティングエンジンが、パケット転送を中断することなくバックアップルーティングエンジンに正常にスイッチオーバーするように設定します。
[edit chassis] user@host-R0# set redundancy graceful-switchover
ルーターで使用可能な疑似回線論理デバイスの数を設定します。
[edit chassis] user@host-R0# set pseudowire-service device-count 2048
グレースフル ルーティング エンジンの切り替え後、アクセス ルートとアクセス内部ルートの削除を遅らせ、リソース監視の閾値を高く設定します。
[edit system] user@host-R0# set services subscriber-management gres-route-flush-delay user@host-R0# set services resource-monitor high-threshold 80
ルーティング エンジン間の設定同期を有効にします。
[edit system] user@host-R0# set commit synchronize
シャーシレベルで疑似回線トンネル サービスを設定します。
トンネル サービスの帯域幅を設定し、フレキシブル PIC コンセントレータ 0 〜 4(4 は使用しない)で CoS キューイング、スケジューリング、シェーピングを有効にします。
1台のフレキシブルPICコンセントレータが示されています。残りのすべてのフレキシブルPICコンセントレータに対して、この手順を繰り返します。
[edit chassis] user@host-R0# set fpc 0 pic 0 tunnel-services bandwidth 1g user@host-R0# set fpc 0 pic 0 traffic-manager egress-shaping-overhead 0 user@host-R0# set fpc 0 pic 1 tunnel-services bandwidth 1g user@host-R0# set fpc 0 pic 1 traffic-manager egress-shaping-overhead 0 user@host-R0# set fpc 0 pic 2 tunnel-services bandwidth 1g user@host-R0# set fpc 0 pic 2 traffic-manager egress-shaping-overhead 0 user@host-R0# set fpc 0 pic 3 tunnel-services bandwidth 1g user@host-R0# set fpc 0 pic 3 traffic-manager egress-shaping-overhead 0
すべての DHCP および PPPoE サブスクライバにアクセス プロファイルをアタッチします。
DHCP または PPPoE 加入者がログインすると、指定されたアクセスプロファイルがインスタンス化され、プロファイルで定義されたサービスが加入者に適用されます。
[edit] user@host-R0# set access-profile Access-Profile-0
ループバックインターフェイス、トランジットリンク、および論理トンネルインターフェイスを設定します。
このソリューション構成のコンテキストでは、トランジットリンクとは、BNGデバイスをアクセス/アグリゲーションデバイスに接続するイーサネットポートのことです。これらはアクセスインターフェイスです。加入者セッション(VLAN、PPPoE、DHCP)は終了せず、固定されません。論理トンネル(LT)インターフェイスは、論理サブスクライバ セッションの終端およびアンカー インターフェイスとして機能します。LTインターフェイスは、 図4に示すように、疑似回線加入者インターフェイス構成の基礎となるインターフェイスです。
図4:疑似回線加入者インターフェイスプロトコルスタックloopack インターフェイスを設定します。
[edit interfaces] user@host-R0# set lo0 unit 0 family inet address 100.0.0.1/32 primary user@host-R0# set lo0 unit 0 family inet address 100.0.0.1/32 preferred user@host-R0# set lo0 unit 0 family inet6 address 1000:0::1/128 primary user@host-R0# set lo0 unit 0 family inet6 address 1000:0::1/128 preferred user@host-R0# set lo0 unit 0 family mpls
トランジットリンクを設定します。
[edit interfaces] user@host-R0# set ge-4/0/0 description "To R4 - Core" user@host-R0# set ge-4/0/0 unit 0 family inet address 21.21.14.1/24 user@host-R0# set ge-4/0/0 unit 0 family inet6 user@host-R0# set ge-4/0/0 unit 0 family mpls user@host-R0# set ge-5/0/0 description "To R4 - Core" user@host-R0# set ge-5/0/0 unit 0 family inet address 21.21.15.1/24 user@host-R0# set ge-5/0/0 unit 0 family inet6 user@host-R0# set ge-5/0/0 unit 0 family mpls user@host-R0# set ge-0/0/0 description "To R1 - APE1" user@host-R0# set ge-0/0/0 unit 0 family inet address 21.21.11.1/24 user@host-R0# set ge-0/0/0 unit 0 family mpls user@host-R0# set ge-1/0/0 description "To R1 - APE1" user@host-R0# set ge-1/0/0 unit 0 family inet address 21.21.10.1/24 user@host-R0# set ge-1/0/0 unit 0 family mpls user@host-R0# set ge-2/0/0 description "To R2 - APE2" user@host-R0# set ge-2/0/0 unit 0 family inet address 21.21.13.1/24 user@host-R0# set ge-2/0/0 unit 0 family mpls user@host-R0# set ge-3/0/0 description "To R2 - APE2" user@host-R0# set ge-3/0/0 unit 0 family inet address 21.21.12.1/24 user@host-R0# set ge-3/0/0 unit 0 family mpls
トランジットリンクに対応するLTインターフェイスを設定します。
[edit interfaces] user@host-R0# set lt-0/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-0/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-0/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-0/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-1/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-1/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-1/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-1/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-2/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-2/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-2/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-2/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-3/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-3/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-3/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R0# set lt-3/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy
疑似サービスインターフェイスと自動認識型ダイナミックVLANを設定します。
加入者管理では、ポイントツーポイント MPLS 疑似配線を介した加入者インターフェイスの作成がサポートされます。疑似回線加入者インターフェイス機能により、サービスプロバイダは、アクセスアグリゲーションネットワークからサービスエッジまでMPLSドメインを拡張し、そこで加入者管理を行うことができます。サービスプロバイダは、フェイルオーバー、再ルーティング、統一MPLSラベルプロビジョニングなどのMPLS機能を活用しながら、単一の疑似ワイヤを使用してサービスネットワーク内の多数のDHCPおよびPPPoE加入者にサービスを提供できます。
疑似回線は、MPLS ベースの L2 VPN または L2 回線のいずれかであるトンネルです。疑似回線トンネルは、イーサネットカプセル化トラフィックをアクセスノード(DSLAMやその他のアグリゲーションデバイスなど)から、加入者管理サービスをホストするMXシリーズルーターに転送します。MX シリーズ ルーター上の疑似回線トンネルの終端は、物理イーサネット終端に似ており、加入者管理機能が実行されるポイントです。サービス プロバイダーは、DSLAM 単位で複数の疑似配線を設定し、特定の疑似配線で多数の加入者に対するサポートをプロビジョニングできます。
疑似配線のアクセス ノード側では、加入者トラフィックをさまざまな方法で疑似配線にグルーミングできますが、それは疑似配線にスタックできるインターフェイスの数と種類によってのみ制限されます。アクセスノードで疑似回線トンネルを終端する論理トンネルインターフェイスを識別するアンカーポイントを指定します。
PSインターフェイスとVLAN認証を設定します。
1 本の疑似ワイヤが表示されています。残りのすべての疑似配線に対してこの手順を繰り返します。
[edit interfaces] user@host-R0# set ps0 anchor-point lt-0/0/10 user@host-R0# set ps0 flexible-vlan-tagging user@host-R0# set ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept inet user@host-R0# set ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept inet6 user@host-R0# set ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept pppoe user@host-R0# set ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 ranges 1-256,1-4094 user@host-R0# set ps0 auto-configure stacked-vlan-ranges authentication password <password> user@host-R0# set ps0 auto-configure stacked-vlan-ranges authentication username-include user-prefix SST_USER_VLAN_DEFAULT user@host-R0# set ps0 auto-configure remove-when-no-subscribers user@host-R0# set ps0 no-gratuitous-arp-request user@host-R0# set ps0 unit 0 encapsulation ethernet-ccc
ルーティング オプションを設定します。
[edit routing-options] user@host-R0# set ppm redistribution-timer 1 user@host-R0# set nonstop-routing user@host-R0# set nsr-phantom-holdtime 1 user@host-R0# set router-id 100.0.0.1 user@host-R0# set forwarding-table remnant-holdtime 100
L2 回線接続を設定します。
1つの疑似サービスインタフェース(ps0.0)の設定が表示されています。ps1.0 から ps2047.0 までこの手順を繰り返します。
[edit protocols] user@host-R0# set l2circuit neighbor 101.0.0.1 interface ps0.0 virtual-circuit-id 1 user@host-R0# set l2circuit neighbor 101.0.0.1 interface ps0.0 ignore-mtu-mismatch user@host-R0# set l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection minimum-interval 1000 user@host-R0# set l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection multiplier 4 user@host-R0# set l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection detection-time threshold 5000
ルーティングプロトコルを設定します。
この設定例では、BNG ルーター上の MPLS、OSPF、OSPFv3、および LDP を使用します。
MPLS を設定します。
[edit protocols] user@host-R0# set mpls ipv6-tunneling user@host-R0# set mpls interface lo0.0 user@host-R0# set mpls interface ge-0/0/0.0 user@host-R0# set mpls interface ge-1/0/0.0 user@host-R0# set mpls interface ge-2/0/0.0 user@host-R0# set mpls interface ge-3/0/0.0 user@host-R0# set mpls interface ge-4/0/0.0 user@host-R0# set mpls interface ge-5/0/0.0
OSPF と OSPFv3 を設定します。
[edit protocols] user@host-R0# set ospf export EXPORT_BNG_ACCESS_INTERNAL user@host-R0# set ospf area 0.0.0.0 interface lo0.0 user@host-R0# set ospf area 0.0.0.0 interface ge-0/0/0.0 user@host-R0# set ospf area 0.0.0.0 interface ge-1/0/0.0 user@host-R0# set ospf area 0.0.0.0 interface ge-2/0/0.0 user@host-R0# set ospf area 0.0.0.0 interface ge-3/0/0.0 user@host-R0# set ospf area 0.0.0.0 interface ge-4/0/0.0 user@host-R0# set ospf area 0.0.0.0 interface ge-5/0/0.0 user@host-R0# set ospf3 export EXPORT_BNG_ACCESS_INTERNAL user@host-R0# set ospf3 area 0.0.0.0 interface lo0.0 user@host-R0# set ospf3 area 0.0.0.0 interface ge-4/0/0.0 user@host-R0# set ospf3 area 0.0.0.0 interface ge-5/0/0.0
LDP を設定します。
[edit protocols] user@host-R0# set ldp interface lo0.0 user@host-R0# set ldp interface ge-0/0/0.0 user@host-R0# set ldp interface ge-1/0/0.0 user@host-R0# set ldp interface ge-2/0/0.0 user@host-R0# set ldp interface ge-3/0/0.0 user@host-R0# set ldp interface ge-4/0/0.0 user@host-R0# set ldp interface ge-5/0/0.0
ルーティングポリシーを設定します。
[edit policy-options] user@host-R0# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from family inet user@host-R0# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from route-filter 100.0.0.0/8 orlonger user@host-R0# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 then accept user@host-R0# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from family inet6 user@host-R0# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from route-filter 1000:0000:0000:0000:0000:0000:0000:0000/64 orlonger user@host-R0# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 then accept
ファイアウォールフィルターを設定します。
IPv4 の入力、出力、および RPF DHCP フィルターを設定します。
[edit firewall] user@host-R0# set family inet filter INPUT-V4-FILTER-01 interface-specific user@host-R0# set family inet filter INPUT-V4-FILTER-01 term TERM1 from packet-length-except 64 user@host-R0# set family inet filter INPUT-V4-FILTER-01 term TERM1 then count COUNTER11 user@host-R0# set family inet filter INPUT-V4-FILTER-01 term TERM1 then next term user@host-R0# set family inet filter INPUT-V4-FILTER-01 term TERM2 then service-accounting user@host-R0# set family inet filter INPUT-V4-FILTER-01 term TERM2 then accept user@host-R0# set family inet filter OUTPUT-V4-FILTER-01 interface-specific user@host-R0# set family inet filter OUTPUT-V4-FILTER-01 term TERM1 from packet-length-except 64 user@host-R0# set family inet filter OUTPUT-V4-FILTER-01 term TERM1 then count COUNTER12 user@host-R0# set family inet filter OUTPUT-V4-FILTER-01 term TERM1 then next term user@host-R0# set family inet filter OUTPUT-V4-FILTER-01 term TERM2 then service-accounting user@host-R0# set family inet filter OUTPUT-V4-FILTER-01 term TERM2 then accept user@host-R0# set family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP from destination-address 255.255.255.255/32 user@host-R0# set family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP from destination-port dhcp user@host-R0# set family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP then count RPF-DHCP-V4-TRAFFIC user@host-R0# set family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP then accept user@host-R0# set family inet filter RPF-PASS-DHCP-V4 term DEFAULT then discard
IPv6 の入力、出力、および RPF DHCP フィルターを設定します。
[edit firewall] user@host-R0# set family inet6 filter INPUT-V6-FILTER-01 interface-specific user@host-R0# set family inet6 filter INPUT-V6-FILTER-01 term TERM1 from packet-length-except 64 user@host-R0# set family inet6 filter INPUT-V6-FILTER-01 term TERM1 then count COUNTER21 user@host-R0# set family inet6 filter INPUT-V6-FILTER-01 term TERM1 then next term user@host-R0# set family inet6 filter INPUT-V6-FILTER-01 term TERM2 then service-accounting user@host-R0# set family inet6 filter INPUT-V6-FILTER-01 term TERM2 then accept user@host-R0# set family inet6 filter OUTPUT-V6-FILTER-01 interface-specific user@host-R0# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 from packet-length-except 64 user@host-R0# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 then count COUNTER22 user@host-R0# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 then next term user@host-R0# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM2 then service-accounting user@host-R0# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM2 then accept user@host-R0# set family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP from destination-port dhcp user@host-R0# set family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP then count RPF-DHCP-V6-TRAFFIC user@host-R0# set family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP then accept user@host-R0# set family inet6 filter RPF-PASS-DHCP-V6 term DEFAULT then discard
RADIUS サーバーと DNS へのアクセスを構成します。
[edit access] user@host-R0# set radius-server 9.0.0.9 secret "$ABC123"; ## SECRET-DATA user@host-R0# set radius-server 9.0.0.9 timeout 20 user@host-R0# set radius-server 9.0.0.9 retry 5 user@host-R0# set radius-server 9.0.0.9 max-outstanding-requests 1000 user@host-R0# set radius-server 9.0.0.9 source-address 100.0.0.1 user@host-R0# set domain-name-server-inet 9.0.0.100 user@host-R0# set domain-name-server-inet 9.0.0.101 user@host-R0# set domain-name-server-inet6 2000:abcd::9.0.0.100 user@host-R0# set domain-name-server-inet6 2000:abcd::9.0.0.101
RADIUS認証とアカウンティングのアクセスプロファイルを設定します。
[edit access] user@host-R0# set profile Access-Profile-0 authentication-order radius user@host-R0# set profile Access-Profile-0 radius authentication-server 9.0.0.9 user@host-R0# set profile Access-Profile-0 radius accounting-server 9.0.0.9 user@host-R0# set profile Access-Profile-0 radius options nas-identifier R0-BNG1 user@host-R0# set profile Access-Profile-0 accounting order radius user@host-R0# set profile Access-Profile-0 accounting accounting-stop-on-failure user@host-R0# set profile Access-Profile-0 accounting accounting-stop-on-access-deny user@host-R0# set profile Access-Profile-0 accounting update-interval 10 user@host-R0# set profile Access-Profile-0 accounting statistics volume-time
IPv4およびIPv6アドレス割り当てプールを設定します。
IPv4 アドレス プールを構成します。
[edit access] user@host-R0# set address-assignment pool v4-pool-0 family inet network 100.0.0.0/8 user@host-R0# set address-assignment pool v4-pool-0 family inet range v4-range-0 low 100.16.0.1 user@host-R0# set address-assignment pool v4-pool-0 family inet range v4-range-0 high 100.31.255.255 user@host-R0# set address-assignment pool v4-pool-0 family inet dhcp-attributes maximum-lease-time 25200
IPv6 アドレス プールを構成します。
[edit access] user@host-R0# set address-assignment pool v6-pd-pool-0 family inet6 prefix 1000:0000:0000:0000:0000:0000:0000:0000/64 user@host-R0# set address-assignment pool v6-na-pool-0 family inet6 range v6-range-0 prefilx-length 56 user@host-R0# set address-assignment pool v6-na-pool-0 family inet6 dhcp-attributes maximum-lease-time 25200
アドレス保護を構成します。
[edit access] user@host-R0# set address-protection
トンネルプロファイルを設定します。
トンネル プロファイルの属性を設定します。
[edit access] user@host-R0# set tunnel-profile Tunnel-1 tunnel 1 preference 1 user@host-R0# set tunnel-profile Tunnel-1 tunnel 1 remote-gateway address 105.0.0.1 user@host-R0# set tunnel-profile Tunnel-1 tunnel 1 source-gateway address 100.0.0.1 user@host-R0# set tunnel-profile Tunnel-1 tunnel 1 secret "$ABC123"; ## SECRET-DATA user@host-R0# set tunnel-profile Tunnel-1 tunnel 1 medium ipv4 user@host-R0# set tunnel-profile Tunnel-1 tunnel 1 tunnel-type l2tp user@host-R0# set tunnel-profile Tunnel-1 tunnel 1 identification Tunnel-ID-1
トンネル プロファイルのドメイン マップを設定します。
BNG LACコンポーネントは、ドメインマップを使用して、RADIUSとの対話なしでL2TPセッションを開始します。オプションで、RADIUS を PPP 認証に使用したり、トンネル宛先などの L2TP トンネル属性を動的に提供することができます。
[edit access] user@host-R0# set domain map ABC1.COM tunnel-profile Tunnel-1
結果
コンフィギュレーション・モードから、以下の show
コマンドを入力してコンフィギュレーションを確認します。
プロファイルの動的バージョン作成の構成を確認します。
user@host-R0# show system dynamic-profile-options versioning;
クライアントプロファイルのインターフェイス設定を確認します。
user@host-R0# show dynamic-profiles client-profile interfaces { "$junos-interface-ifd-name" { unit "$junos-underlying-interface-unit" { family inet { unnumbered-address lo0.0; } family inet6 { unnumbered-address lo0.0; } } } }
動的 PPPoE クライアント プロファイルの設定を確認します。
user@host-R0# show dynamic-profiles pppoe-client-profile interfaces { pp0 { unit "$junos-interface-unit" { no-traps; ppp-options { chap; pap; } pppoe-options { underlying-interface "$junos-underlying-interface"; server; } keepalives interval 30; family inet { unnumbered-address lo0.0; } family inet6 { unnumbered-address lo0.0; } } } }
CoS 転送クラスのキュー設定を確認します。
user@host-R0# show class-of-service forwarding-classes queue 0 FC0; queue 1 FC1; queue 2 FC2; queue 3 FC3; queue 4 FC4; queue 5 FC5; queue 6 FC6; queue 7 FC7;
動的 VLAN プロファイルの設定を確認します。
user@host-R0# show dynamic-profiles vlan-prof-0 predefined-variable-defaults { cos-scheduler-map SMAP_PS; cos-shaping-rate 60m; cos-guaranteed-rate 50m; } interfaces { "$junos-interface-ifd-name" { unit "$junos-interface-unit" { no-traps; vlan-tags outer "$junos-stacked-vlan-id" inner "$junos-vlan-id"; family inet { rpf-check fail-filter RPF-PASS-DHCP-V4; unnumbered-address lo0.0; } family inet6 { rpf-check fail-filter RPF-PASS-DHCP-V6; unnumbered-address lo0.0; } family pppoe { dynamic-profile pppoe-client-profile; } } } } protocols { router-advertisement { interface "$junos-interface-name" { max-advertisement-interval 1800; min-advertisement-interval 1350; managed-configuration; } } } class-of-service { traffic-control-profiles { TCP_PS { scheduler-map "$junos-cos-scheduler-map"; shaping-rate "$junos-cos-shaping-rate"; guaranteed-rate "$junos-cos-guaranteed-rate"; } } interfaces { "$junos-interface-ifd-name" { unit "$junos-interface-unit" { output-traffic-control-profile TCP_PS; } } } scheduler-maps { SMAP_ALL { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC1 scheduler FC1_SCH; forwarding-class FC2 scheduler FC2_SCH; forwarding-class FC3 scheduler FC3_SCH; forwarding-class FC4 scheduler FC4_SCH; forwarding-class FC5 scheduler FC5_SCH; forwarding-class FC6 scheduler FC6_SCH; forwarding-class FC7 scheduler FC7_SCH; } SMAP_FC0 { forwarding-class FC0 scheduler FC0_SCH; } SMAP_FC1 { forwarding-class FC1 scheduler FC1_SCH; } SMAP_FC2 { forwarding-class FC2 scheduler FC2_SCH; } SMAP_FC0_FC1 { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC1 scheduler FC1_SCH; } SMAP_FC1_FC2 { forwarding-class FC1 scheduler FC1_SCH; forwarding-class FC2 scheduler FC2_SCH; } SMAP_FC0_FC2 { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC2 scheduler FC2_SCH; } SMAP_FC0_FC1_FC2 { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC1 scheduler FC1_SCH; forwarding-class FC2 scheduler FC2_SCH; } SMAP_PS { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC1 scheduler FC1_SCH; forwarding-class FC2 scheduler FC2_SCH; forwarding-class FC3 scheduler FC3_SCH; } } schedulers { FC0_SCH { transmit-rate 128k; priority strict-high; } FC1_SCH { transmit-rate 20m; priority medium-high; } FC2_SCH { priority low; } FC3_SCH { priority low; } FC4_SCH { transmit-rate 2m; buffer-size percent 2; priority low; drop-profile-map loss-priority low protocol any drop-profile DP_04; } FC5_SCH { transmit-rate 2m; buffer-size percent 2; priority low; drop-profile-map loss-priority low protocol any drop-profile DP_05; } FC6_SCH { transmit-rate 2m; buffer-size percent 2; priority low; drop-profile-map loss-priority low protocol any drop-profile DP_06; } FC7_SCH { transmit-rate 2m; buffer-size percent 2; priority low; drop-profile-map loss-priority low protocol any drop-profile DP_07; } } }
DHCP サービス プロファイルの設定を確認します。
user@host-R0# show dynamic-profiles DHCP-SERVICE-PROFILE variables { I_V4_FILTER; O_V4_FILTER; I_V6_FILTER; O_V6_FILTER; } interfaces { "$junos-interface-ifd-name" { unit "$junos-underlying-interface-unit" { family inet { filter { input "$I_V4_FILTER"; output "$O_V4_FILTER"; } } family inet6 { filter { input "$I_V6_FILTER"; output "$O_V6_FILTER"; } } } } }
PPPoE サービス プロファイルの設定を確認します。
user@host-R0# show dynamic-profiles PPPOE-SERVICE-PROFILE variables { I_V4_FILTER; O_V4_FILTER; I_V6_FILTER; O_V6_FILTER; } interfaces { pp0 { unit "$junos-interface-unit" { family inet { filter { input "$I_V4_FILTER"; output "$O_V4_FILTER"; } } family inet6 { filter { input "$I_V6_FILTER"; output "$O_V6_FILTER"; } } } } }
DHCP ローカル サーバーの設定を確認します。
user@host-R0# show system services dhcp-local-server dhcpv6 { group v6-ppp-client-0 { interface pp0.0; } group v4-rtClient-0-ACCESS-0-ps0 { authentication { password <password>; username-include { user-prefix SST_USER_DHCP_V4_DEFAULT; } } dynamic-profile client-profile; interface ps0.0; interface ps1.0; } group v6-dhcp-client-0-ACCESS-0-ps0 { authentication { password <password>; username-include { user-prefix SST_USER_DHCP_V6_DEFAULT; } } dynamic-profile client-profile; interface ps0.0; interface ps1.0; } }
グレースフルスイッチオーバーとデバイス数の設定を確認します。
user@host-R0# show chassis redundancy graceful-switchover; user@host-R0# show chassis pseudowire-service device-count 2048;
疑似回線トンネル サービスの設定を確認します。
user@host-R0# show chassis fpc 0 pic 0 { tunnel-services { bandwidth 1g; } traffic-manager { egress-shaping-overhead 0; } } pic 1 { tunnel-services { bandwidth 1g; } traffic-manager { egress-shaping-overhead 0; } } pic 2 { tunnel-services { bandwidth 1g; } traffic-manager { egress-shaping-overhead 0; } } pic 3 { tunnel-services { bandwidth 1g; } traffic-manager { egress-shaping-overhead 0; } }
ループバックインターフェイス、トランジットリンク、および論理トンネルインターフェイスの設定を確認します。
user@host-R0# show interfaces lo0 { unit 0 { family inet { address 100.0.0.1/32 { primary; preferred; } } family inet6 { address 1000:0::1/128 { primary; preferred; } } family mpls; } } ge-4/0/0 { description "To R4 - Core"; unit 0 { family inet { address 21.21.14.1/24; } family inet6; family mpls; } } ge-5/0/0 { description "To R4 - Core"; unit 0 { family inet { address 21.21.15.1/24; } family inet6; family mpls; } } ge-0/0/0 { description "To R1 - APE1"; unit 0 { family inet { address 21.21.11.1/24; } family mpls; } } ge-1/0/0 { description "To R1 - APE1"; unit 0 { family inet { address 21.21.10.1/24; } family mpls; } } ge-2/0/0 { description "To R2 - APE2"; unit 0 { family inet { address 21.21.13.1/24; } family mpls; } } ge-3/0/0 { description "To R2 - APE2"; unit 0 { family inet { address 21.21.12.1/24; } family mpls; } } lt-0/0/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-0/1/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-0/2/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-0/3/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-1/0/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-1/1/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-1/2/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-1/3/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-2/0/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-2/1/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-2/2/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-2/3/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-3/0/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-3/1/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-3/2/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-3/3/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; }
PSインターフェイスとVLAN認証の設定を確認します。
user@host-R0# show interfaces ps0 anchor-point { lt-0/0/10; } flexible-vlan-tagging; auto-configure { stacked-vlan-ranges { dynamic-profile vlan-prof-0 { accept [ inet inet6 pppoe ]; ranges { 1-256,1-4094; } } authentication { password <password>; username-include { user-prefix SST_USER_VLAN_DEFAULT; } } } remove-when-no-subscribers; } no-gratuitous-arp-request; unit 0 { encapsulation ethernet-ccc; } } user@host-R0# show routing-options ppm { redistribution-timer 1; } nonstop-routing; nsr-phantom-holdtime 1; router-id 100.0.0.1; forwarding-table { remnant-holdtime 100; }
L2 回線の接続を確認します。
user@host-R0# show protocols l2circuit neighbor 101.0.0.1 interface ps0.0 virtual-circuit-id 1; ignore-mtu-mismatch; oam { bfd-liveness-detection { minimum-interval 1000; multiplier 4; detection-time { threshold 5000; } } }
ルーティングプロトコルの設定を確認します。
user@host-R0# show protocols mpls { ipv6-tunneling; interface lo0.0; interface ge-0/0/0.0; interface ge-1/0/0.0; interface ge-2/0/0.0; interface ge-3/0/0.0; interface ge-4/0/0.0; interface ge-5/0/0.0; } ospf { export EXPORT_BNG_ACCESS_INTERNAL; area 0.0.0.0 { interface lo0.0; interface ge-0/0/0.0; interface ge-1/0/0.0; interface ge-2/0/0.0; interface ge-3/0/0.0; interface ge-4/0/0.0; interface ge-5/0/0.0; } } ospf3 { export EXPORT_BNG_ACCESS_INTERNAL; area 0.0.0.0 { interface lo0.0; interface ge-4/0/0.0; interface ge-5/0/0.0; } } ldp { interface lo0.0; interface ge-0/0/0.0; interface ge-1/0/0.0; interface ge-2/0/0.0; interface ge-3/0/0.0; interface ge-4/0/0.0; interface ge-5/0/0.0; }
ポリシーステートメントの設定を確認します。
user@host-R0# show policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL { term 1 { from { family inet; route-filter 100.0.0.0/8 orlonger; } then accept; } term 2 { from { family inet6; route-filter 1000:0000:0000:0000:0000:0000:0000:0000/64 orlonger; } then accept; } }
ファイアウォール設定の構成を確認します。
user@host-R0# show firewall family inet { filter INPUT-V4-FILTER-01 { interface-specific; term TERM1 { from { packet-length-except 64; } then { count COUNTER11; next term; } } term TERM2 { then { service-accounting; accept; } } } filter OUTPUT-V4-FILTER-01 { interface-specific; term TERM1 { from { packet-length-except 64; } then { count COUNTER12; next term; } } term TERM2 { then { service-accounting; accept; } } } filter RPF-PASS-DHCP-V4 { term ALLOW-DHCP { from { destination-address { 255.255.255.255/32; } destination-port dhcp; } then { count RPF-DHCP-V4-TRAFFIC; accept; } } term DEFAULT { then { discard; } } } } family inet6 { filter INPUT-V6-FILTER-01 { interface-specific; term TERM1 { from { packet-length-except 64; } then { count COUNTER21; next term; } } term TERM2 { then { service-accounting; accept; } } } filter OUTPUT-V6-FILTER-01 { interface-specific; term TERM1 { from { packet-length-except 64; } then { count COUNTER22; next term; } } term TERM2 { then { service-accounting; accept; } } } filter RPF-PASS-DHCP-V6 { term ALLOW-DHCP { from { destination-port dhcp; } then { count RPF-DHCP-V6-TRAFFIC; accept; } } term DEFAULT { then discard; } } }
RADIUS サーバーと DNS アクセスの構成を確認します。
user@host-R0# show access radius-server 9.0.0.9 { secret "$ABC123"; ## SECRET-DATA timeout 20; retry 5; max-outstanding-requests 1000; source-address 100.0.0.1; } user@host-R0# show access domain-name-server-inet 9.0.0.100; 9.0.0.101; user@host-R0# show access domain-name-server-inet6 2000:abcd::9.0.0.100; 2000:abcd::9.0.0.101;
アクセスプロファイルの設定を確認します。
user@host-R0# show access profile Access-Profile-0 authentication-order radius; radius { authentication-server 9.0.0.9; accounting-server 9.0.0.9; options { nas-identifier R0-BNG1; } } accounting { order radius; accounting-stop-on-failure; accounting-stop-on-access-deny; update-interval 10; statistics volume-time; }
アドレス割り当てプールの設定を確認します。
user@host-R0# show access address-assignment pool v4-pool-0 { family inet { network 100.0.0.0/8; range v4-range-0 { low 100.16.0.1; high 100.31.255.255; } dhcp-attributes { maximum-lease-time 25200; } } } pool v6-pd-pool-0 { family inet6 { prefix 1000:0000:0000:0000:0000:0000:0000:0000/64; range v6-range-0 prefix-length 56; dhcp-attributes { maximum-lease-time 25200; } } } user@host-R0# show access address-protection address-protection;
トンネル プロファイルの設定を確認します。
user@host-R0# show access tunnel-profile Tunnel-1 tunnel 1 { preference 1; remote-gateway { address 105.0.0.1; } source-gateway { address 100.0.0.1; } secret "$ABC123"; ## SECRET-DATA medium ipv4; tunnel-type l2tp; identification Tunnel-ID-1; } user@host-R0# show access domain map ABC1.COM { tunnel-profile Tunnel-1; }
BNG ルーター、R3 の設定
CLIクイック構成
この例をすばやく設定するには、次のコマンドをコピーしてテキストファイルに貼り付け、改行を削除して、ネットワーク構成に合わせて必要な詳細を変更し、 階層レベルのCLI [edit]
にコマンドをコピーして貼り付けます。
set system dynamic-profile-options versioning set dynamic-profiles client-profile interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet unnumbered-address lo0.0 set dynamic-profiles client-profile interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 unnumbered-address lo0.0 set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" no-traps set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" ppp-options chap set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" ppp-options pap set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" pppoe-options underlying-interface "$junos-underlying-interface" set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" pppoe-options server set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" keepalives interval 30 set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" family inet unnumbered-address lo0.0 set dynamic-profiles pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" family inet6 unnumbered-address lo0.0 set class-of-service forwarding-classes queue 0 FC0 set class-of-service forwarding-classes queue 1 FC1 set class-of-service forwarding-classes queue 2 FC2 set class-of-service forwarding-classes queue 3 FC3 set class-of-service forwarding-classes queue 4 FC4 set class-of-service forwarding-classes queue 5 FC5 set class-of-service forwarding-classes queue 6 FC6 set class-of-service forwarding-classes queue 7 FC7 set dynamic-profiles vlan-prof-0 predefined-variable-defaults cos-scheduler-map SMAP_PS set dynamic-profiles vlan-prof-0 predefined-variable-defaults cos-shaping-rate 60m set dynamic-profiles vlan-prof-0 predefined-variable-defaults cos-guaranteed-rate 50m set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" no-traps set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags outer "$junos-stacked-vlan-id" set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags inner "$junos-vlan-id" set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet rpf-check fail-filter RPF-PASS-DHCP-V4 set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet unnumbered-address lo0.0 set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 rpf-check fail-filter RPF-PASS-DHCP-V6 set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 unnumbered-address lo0.0 set dynamic-profiles vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family pppoe dynamic-profile pppoe-client-profile set dynamic-profiles vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” max-advertisement-interval 1800 set dynamic-profiles vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” min-advertisement-interval 1350 set dynamic-profiles vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” managed-configuration set dynamic-profiles vlan-prof-0 class-of-service traffic-control-profiles TCP_PS scheduler-map "$junos-cos-scheduler-map" set dynamic-profiles vlan-prof-0 class-of-service traffic-control-profiles TCP_PS shaping-rate "$junos-cos-shaping-rate" set dynamic-profiles vlan-prof-0 class-of-service traffic-control-profiles TCP_PS guaranteed-rate "$junos-cos-guaranteed-rate" set dynamic-profiles vlan-prof-0 class-of-service interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" output-traffic-control-profile TCP_PS set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC3 scheduler FC3_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC4 scheduler FC4_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC5 scheduler FC5_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC6 scheduler FC6_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC7 scheduler FC7_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0 forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC1 forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC2 forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1 forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1 forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC1_FC2 forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC1_FC2 forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC2 forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC2 forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC0 scheduler FC0_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC1 scheduler FC1_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC2 scheduler FC2_SCH set dynamic-profiles vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC3 scheduler FC3_SCH set dynamic-profiles vlan-prof-0 class-of-service schedulers FC0_SCH transmit-rate 128k set dynamic-profiles vlan-prof-0 class-of-service schedulers FC0_SCH priority strict-high set dynamic-profiles vlan-prof-0 class-of-service schedulers FC1_SCH transmit-rate 20m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC1_SCH priority medium-high set dynamic-profiles vlan-prof-0 class-of-service schedulers FC2_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC3_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC4_SCH transmit-rate 2m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC4_SCH buffer-size percent 2 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC4_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC4_SCH drop-profile-map loss-priority low protocol any drop-profile DP_04 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC5_SCH transmit-rate 2m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC5_SCH buffer-size percent 2 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC5_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC5_SCH drop-profile-map loss-priority low protocol any drop-profile DP_05 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC6_SCH transmit-rate 2m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC6_SCH buffer-size percent 2 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC6_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC6_SCH drop-profile-map loss-priority low protocol any drop-profile DP_06 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC7_SCH transmit-rate 2m set dynamic-profiles vlan-prof-0 class-of-service schedulers FC7_SCH buffer-size percent 2 set dynamic-profiles vlan-prof-0 class-of-service schedulers FC7_SCH priority low set dynamic-profiles vlan-prof-0 class-of-service schedulers FC7_SCH drop-profile-map loss-priority low protocol any drop-profile DP_07 set dynamic-profiles DHCP-SERVICE-PROFILE variables I_V4_FILTER set dynamic-profiles DHCP-SERVICE-PROFILE variables O_V4_FILTER set dynamic-profiles DHCP-SERVICE-PROFILE variables I_V6_FILTER set dynamic-profiles DHCP-SERVICE-PROFILE variables O_V6_FILTER set dynamic-profiles DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet filter input "$I_V4_FILTER" set dynamic-profiles DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet filter output "$O_V4_FILTER" set dynamic-profiles DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 filter input "$I_V6_FILTER" set dynamic-profiles DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 filter output "$O_V6_FILTER" set dynamic-profiles PPPOE-SERVICE-PROFILE variables I_V4_FILTER set dynamic-profiles PPPOE-SERVICE-PROFILE variables O_V4_FILTER set dynamic-profiles PPPOE-SERVICE-PROFILE variables I_V6_FILTER set dynamic-profiles PPPOE-SERVICE-PROFILE variables O_V6_FILTER set dynamic-profiles PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet filter input "$I_V4_FILTER" set dynamic-profiles PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet filter output "$O_V4_FILTER" set dynamic-profiles PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet6 filter input "$I_V6_FILTER" set dynamic-profiles PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet6 filter output "$O_V6_FILTER" set system ports console log-out-on-disconnect set system services dhcp-local-server dhcpv6 group v6-ppp-client-0 interface pp0.0 set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 authentication password <password> set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 authentication username-include user-prefix SST_USER_DHCP_V4_DEFAULT set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 dynamic-profile client-profile set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 interface ps0.0 set system services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 interface ps1.0 set system services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 authentication password <password> set system services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 authentication username-include user-prefix SST_USER_DHCP_V6_DEFAULT set system services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 dynamic-profile client-profile set system services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 interface ps0.0 set system services dhcp-local-server dhcpv6 group v6-dhcp-client-1-ACCESS-0-ps1 interface ps1.0 set chassis redundancy graceful-switchover set chassis pseudowire-service device-count 2048 set system services subscriber-management gres-route-flush-delay set system services resource-monitor high-threshold 80 set system commit synchronize set chassis fpc 0 pic 0 tunnel-services bandwidth 1g set chassis fpc 0 pic 1 tunnel-services bandwidth 1g set chassis fpc 0 pic 2 tunnel-services bandwidth 1g set chassis fpc 0 pic 3 tunnel-services bandwidth 1g set access-profile Access-Profile-0 set interfaces lo0 unit 0 family inet address 103.0.0.1/32 primary set interfaces lo0 unit 0 family inet address 103.0.0.1/32 preferred set interfaces lo0 unit 0 family inet6 address 1003:0::1/128 primary set interfaces lo0 unit 0 family inet6 address 1003:0::1/128 preferred set interfaces lo0 unit 0 family mpls set interfaces ge-4/0/0 description "To R2 - Core" set interfaces ge-4/0/0 unit 0 family inet address 21.21.40.1/24 set interfaces ge-4/0/0 unit 0 family inet6 set interfaces ge-4/0/0 unit 0 family mpls set interfaces ge-0/0/0 description "To R1 - APE1" set interfaces ge-0/0/0 unit 0 family inet address 21.21.20.2/24 set interfaces ge-0/0/0 unit 0 family mpls set interfaces ge-1/0/0 description "To R1 - APE1" set interfaces ge-1/0/0 unit 0 family inet address 21.21.21.2/24 set interfaces ge-1/0/0 unit 0 family mpls set interfaces ge-2/0/0 description "To R2 - APE2" set interfaces ge-2/0/0 unit 0 family inet address 21.21.30.2/24 set interfaces ge-2/0/0 unit 0 family mpls set interfaces ge-3/0/0 description "To R2 - APE2" set interfaces ge-3/0/0 unit 0 family inet address 21.21.31.2/24 set interfaces ge-3/0/0 unit 0 family mpls set interfaces lt-0/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-0/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-0/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-0/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-1/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-1/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-1/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-1/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-2/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-2/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-2/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-2/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-3/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-3/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-3/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces lt-3/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy set interfaces ps0 anchor-point lt-0/0/10 set interfaces ps0 flexible-vlan-tagging set interfaces ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept inet set interfaces ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept inet6 set interfaces ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept pppoe set interfaces ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 ranges 1-256,1-4094 set interfaces ps0 auto-configure stacked-vlan-ranges authentication password <password> set interfaces ps0 auto-configure stacked-vlan-ranges authentication username-include user-prefix SST_USER_VLAN_DEFAULT set interfaces ps0 auto-configure remove-when-no-subscribers set interfaces ps0 no-gratuitous-arp-request set interfaces ps0 unit 0 encapsulation ethernet-ccc set routing-options ppm redistribution-timer 1 set routing-options nonstop-routing set routing-options nsr-phantom-holdtime 1 set routing-options router-id 103.0.0.1 set routing-options forwarding-table remnant-holdtime 100 set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 virtual-circuit-id 1 set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 ignore-mtu-mismatch set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection minimum-interval 1000 set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection multiplier 4 set protocols l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection detection-time threshold 5000 set protocols mpls ipv6-tunneling set protocols mpls interface lo0.0 set protocols mpls interface ge-0/0/0.0 set protocols mpls interface ge-1/0/0.0 set protocols mpls interface ge-2/0/0.0 set protocols mpls interface ge-3/0/0.0 set protocols mpls interface ge-4/0/0.0 set protocols ospf export EXPORT_BNG_ACCESS_INTERNAL set protocols ospf area 0.0.0.0 interface lo0.0 set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 set protocols ospf area 0.0.0.0 interface ge-1/0/0.0 set protocols ospf area 0.0.0.0 interface ge-2/0/0.0 set protocols ospf area 0.0.0.0 interface ge-3/0/0.0 set protocols ospf area 0.0.0.0 interface ge-4/0/0.0 set protocols ospf3 export EXPORT_BNG_ACCESS_INTERNAL set protocols ospf3 area 0.0.0.0 interface lo0.0 set protocols ospf3 area 0.0.0.0 interface ge-4/0/0.0 set protocols ldp interface lo0.0 set protocols ldp interface ge-0/0/0.0 set protocols ldp interface ge-1/0/0.0 set protocols ldp interface ge-2/0/0.0 set protocols ldp interface ge-3/0/0.0 set protocols ldp interface ge-4/0/0.0 set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from family inet set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from route-filter 100.0.0.0/8 orlonger set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from route-filter 103.0.0.0/8 orlonger set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 then accept set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from family inet6 set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from route-filter 1000:0000:0000:0000:0000:0000:0000:0000/64 orlonger set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from route-filter 1003:0000:0000:0000:0000:0000:0000:0000/64 orlonger set policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 then accept set firewall family inet filter INPUT-V4-FILTER-01 interface-specific set firewall family inet filter INPUT-V4-FILTER-01 term TERM1 from packet-length-except 64 set firewall family inet filter INPUT-V4-FILTER-01 term TERM1 then count COUNTER11 set firewall family inet filter INPUT-V4-FILTER-01 term TERM1 then next term set firewall family inet filter INPUT-V4-FILTER-01 term TERM2 then service-accounting set firewall family inet filter INPUT-V4-FILTER-01 term TERM2 then accept set firewall family inet filter OUTPUT-V4-FILTER-01 interface-specific set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM1 from packet-length-except 64 set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM1 then count COUNTER12 set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM1 then next term set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM2 then service-accounting set firewall family inet filter OUTPUT-V4-FILTER-01 term TERM2 then accept set firewall family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP from destination-address 255.255.255.255/32 set firewall family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP from destination-port dhcp set firewall family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP then count RPF-DHCP-V4-TRAFFIC set firewall family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP then accept set firewall family inet filter RPF-PASS-DHCP-V4 term DEFAULT then discard set firewall family inet6 filter INPUT-V6-FILTER-01 interface-specific set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM1 from packet-length-except 64 set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM1 then count COUNTER21 set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM1 then next term set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM2 then service-accounting set firewall family inet6 filter INPUT-V6-FILTER-01 term TERM2 then accept set firewall family inet6 filter OUTPUT-V6-FILTER-01 interface-specific set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 from packet-length-except 64 set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 then count COUNTER22 set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 then next term set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM2 then service-accounting set firewall family inet6 filter OUTPUT-V6-FILTER-01 term TERM2 then accept set firewall family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP from destination-port dhcp set firewall family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP then count RPF-DHCP-V6-TRAFFIC set firewall family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP then accept set firewall family inet6 filter RPF-PASS-DHCP-V6 term DEFAULT then discard set access radius-server 9.0.0.9 secret "$ABC123"; ## SECRET-DATA set access radius-server 9.0.0.9 timeout 20 set access radius-server 9.0.0.9 retry 5 set access radius-server 9.0.0.9 max-outstanding-requests 1000 set access radius-server 9.0.0.9 source-address 103.0.0.1 set access domain-name-server-inet 9.0.0.100 set access domain-name-server-inet 9.0.0.101 set access domain-name-server-inet6 2000:abcd::9.0.0.100 set access domain-name-server-inet6 2000:abcd::9.0.0.101 set access profile Access-Profile-0 authentication-order radius set access profile Access-Profile-0 radius authentication-server 9.0.0.9 set access profile Access-Profile-0 radius accounting-server 9.0.0.9 set access profile Access-Profile-0 radius options nas-identifier R3-BNG1 set access profile Access-Profile-0 accounting order radius set access profile Access-Profile-0 accounting accounting-stop-on-failure set access profile Access-Profile-0 accounting accounting-stop-on-access-deny set access profile Access-Profile-0 accounting update-interval 10 set access profile Access-Profile-0 accounting statistics volume-time set access address-assignment pool v4-pool-0 family inet network 103.0.0.0/8 set access address-assignment pool v4-pool-0 family inet range v4-range-0 low 103.16.0.1 set access address-assignment pool v4-pool-0 family inet range v4-range-0 high 103.31.255.255 set access address-assignment pool v4-pool-0 family inet dhcp-attributes maximum-lease-time 99999 set access address-assignment pool v6-na-pool-0 family inet6 prefix 1003:0000:0000:0000:0000:0000:0000:0000/64 set access address-assignment pool v6-na-pool-0 family inet6 range v6-range-0 low 1003::2/128 set access address-assignment pool v6-na-pool-0 family inet6 range v6-range-0 low 1003::ffff:ffff/128 set access address-protection
手順
次の例では、設定階層のいくつかのレベルに移動する必要があります。CLI のナビゲーションについては、『Junos OS 用 CLI ユーザー・ガイド』の「 コンフィギュレーション・モードで CLI エディタを使用する」を参照してください。
R3 BNGルーターを設定するには、次の手順に従います。
動的プロファイルで複数のバージョンを使用できるようにします。
サブスクライバーによって現在使用されている動的プロファイルの新しいバージョンを作成できます。動的プロファイルの変更後にログインするサブスクライバーは、最新バージョンの動的プロファイルを使用します。すでにアクティブなサブスクライバーは、ログアウトするかセッションが終了するまで、古いバージョンの動的プロファイルを使用し続けます。
メモ:ルーターで動的プロファイルを作成または使用する前に、動的プロファイルバージョン作成を有効または無効にする必要があります。動的プロファイルの構成後に動的プロファイル バージョンの作成を有効または無効にすることはサポートされていません。
[edit system] user@host-R3# set dynamic-profile-options versioning
クライアントプロファイルインターフェイスを作成します。
[edit dynamic-profiles] user@host-R3# set client-profile interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet unnumbered-address lo0.0 user@host-R3#set client-profile interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 unnumbered-address lo0.0
動的 PPPoE クライアント プロファイルを設定します。
ルータが PPPoE の基礎となるインターフェイス上に動的 PPPoE 加入者インターフェイスを作成できるようにするには、動的プロファイルで PPPoE 論理インターフェイスの属性を定義し、動的プロファイルを使用するように基礎となるインターフェイスを設定します。
[edit dynamic-profiles] user@host-R3# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" no-traps user@host-R3# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" ppp-options chap user@host-R3# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" ppp-options pap user@host-R3# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" pppoe-options underlying-interface "$junos-underlying-interface" user@host-R3# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" pppoe-options server user@host-R3# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" keepalives interval 30 user@host-R3# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" family inet unnumbered-address lo0.0 user@host-R3# set pppoe-client-profile interfaces pp0 unit "$junos-interface-unit" family inet6 unnumbered-address lo0.0
CoS 転送クラスを設定し、キューにマッピングします。
[edit class-of-service] user@host-R3# set forwarding-classes queue 0 FC0 user@host-R3# set forwarding-classes queue 1 FC1 user@host-R3# set forwarding-classes queue 2 FC2 user@host-R3# set forwarding-classes queue 3 FC3 user@host-R3# set forwarding-classes queue 4 FC4 user@host-R3# set forwarding-classes queue 5 FC5 user@host-R3# set forwarding-classes queue 6 FC6 user@host-R3# set forwarding-classes queue 7 FC7
動的 VLAN プロファイルを設定します。
定義済み変数、動的物理インターフェイス、CoSパラメータのデフォルトを含む、動的VLANプロファイルを作成します。
定義済み変数のデフォルトを設定します。
[edit dynamic-profiles] user@host-R3# set vlan-prof-0 predefined-variable-defaults cos-scheduler-map SMAP_PS user@host-R3# set vlan-prof-0 predefined-variable-defaults cos-shaping-rate 60m user@host-R3# set vlan-prof-0 predefined-variable-defaults cos-guaranteed-rate 50m
動的物理インターフェイスを設定します。
[edit dynamic-profiles] user@host-R3# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" no-traps user@host-R3# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags outer "$junos-stacked-vlan-id" user@host-R3# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" vlan-tags inner "$junos-vlan-id" user@host-R3# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet rpf-check fail-filter RPF-PASS-DHCP-V4 user@host-R3# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet unnumbered-address lo0.0 user@host-R3# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 rpf-check fail-filter RPF-PASS-DHCP-V6 user@host-R3# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 unnumbered-address lo0.0 user@host-R3# set vlan-prof-0 interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family pppoe dynamic-profile pppoe-client-profile
ルーターアドバタイズメントを設定します。
[edit dynamic-profiles] user@host-R3# set vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” max-advertisement-interval 1800 user@host-R3# set vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” min-advertisement-interval 1350 user@host-R3# set vlan-prof-0 protocols router-advertisement interface “$junos-interface-name” managed-configuration
CoS トラフィック制御プロファイルを設定します。
[edit dynamic-profiles] user@host-R3# set vlan-prof-0 class-of-service traffic-control-profiles TCP_PS scheduler-map "$junos-cos-scheduler-map" user@host-R3# set vlan-prof-0 class-of-service traffic-control-profiles TCP_PS shaping-rate "$junos-cos-shaping-rate" user@host-R3# set vlan-prof-0 class-of-service traffic-control-profiles TCP_PS guaranteed-rate "$junos-cos-guaranteed-rate" user@host-R3# set vlan-prof-0 class-of-service interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" output-traffic-control-profile TCP_PS
CoSスケジューラマップを設定します。
[edit dynamic-profiles] user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC0 scheduler FC0_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC1 scheduler FC1_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC2 scheduler FC2_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC3 scheduler FC3_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC4 scheduler FC4_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC5 scheduler FC5_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC6 scheduler FC6_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_ALL forwarding-class FC7 scheduler FC7_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0 forwarding-class FC0 scheduler FC0_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC1 forwarding-class FC1 scheduler FC1_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC2 forwarding-class FC2 scheduler FC2_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1 forwarding-class FC0 scheduler FC0_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1 forwarding-class FC1 scheduler FC1_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC1_FC2 forwarding-class FC1 scheduler FC1_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC1_FC2 forwarding-class FC2 scheduler FC2_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC2 forwarding-class FC0 scheduler FC0_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC2 forwarding-class FC2 scheduler FC2_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC0 scheduler FC0_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC1 scheduler FC1_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_FC0_FC1_FC2 forwarding-class FC2 scheduler FC2_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC0 scheduler FC0_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC1 scheduler FC1_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC2 scheduler FC2_SCH user@host-R3# set vlan-prof-0 class-of-service scheduler-maps SMAP_PS forwarding-class FC3 scheduler FC3_SCH
CoSスケジューラを設定します。
[edit dynamic-profiles] user@host-R3# set vlan-prof-0 class-of-service schedulers FC0_SCH transmit-rate 128k user@host-R3# set vlan-prof-0 class-of-service schedulers FC0_SCH priority strict-high user@host-R3# set vlan-prof-0 class-of-service schedulers FC1_SCH transmit-rate 20m user@host-R3# set vlan-prof-0 class-of-service schedulers FC1_SCH priority medium-high user@host-R3# set vlan-prof-0 class-of-service schedulers FC2_SCH priority low user@host-R3# set vlan-prof-0 class-of-service schedulers FC3_SCH priority low user@host-R3# set vlan-prof-0 class-of-service schedulers FC4_SCH transmit-rate 2m user@host-R3# set vlan-prof-0 class-of-service schedulers FC4_SCH buffer-size percent 2 user@host-R3# set vlan-prof-0 class-of-service schedulers FC4_SCH priority low user@host-R3# set vlan-prof-0 class-of-service schedulers FC4_SCH drop-profile-map loss-priority low protocol any drop-profile DP_04 user@host-R3# set vlan-prof-0 class-of-service schedulers FC5_SCH transmit-rate 2m user@host-R3# set vlan-prof-0 class-of-service schedulers FC5_SCH buffer-size percent 2 user@host-R3# set vlan-prof-0 class-of-service schedulers FC5_SCH priority low user@host-R3# set vlan-prof-0 class-of-service schedulers FC5_SCH drop-profile-map loss-priority low protocol any drop-profile DP_05 user@host-R3# set vlan-prof-0 class-of-service schedulers FC6_SCH transmit-rate 2m user@host-R3# set vlan-prof-0 class-of-service schedulers FC6_SCH buffer-size percent 2 user@host-R3# set vlan-prof-0 class-of-service schedulers FC6_SCH priority low user@host-R3# set vlan-prof-0 class-of-service schedulers FC6_SCH drop-profile-map loss-priority low protocol any drop-profile DP_06 user@host-R3# set vlan-prof-0 class-of-service schedulers FC7_SCH transmit-rate 2m user@host-R3# set vlan-prof-0 class-of-service schedulers FC7_SCH buffer-size percent 2 user@host-R3# set vlan-prof-0 class-of-service schedulers FC7_SCH priority low user@host-R3# set vlan-prof-0 class-of-service schedulers FC7_SCH drop-profile-map loss-priority low protocol any drop-profile DP_07
DHCP サービス プロファイルを作成します。
サービス プロファイル変数を設定します。
[edit dynamic-profiles] user@host-R3# set DHCP-SERVICE-PROFILE variables I_V4_FILTER user@host-R3# set DHCP-SERVICE-PROFILE variables O_V4_FILTER user@host-R3# set DHCP-SERVICE-PROFILE variables I_V6_FILTER user@host-R3# set DHCP-SERVICE-PROFILE variables O_V6_FILTER
DHCP サービス プロファイルの動的インターフェイスを作成し、フィルタを関連付けます。
[edit dynamic-profiles] user@host-R3# set DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet filter input "$I_V4_FILTER" user@host-R3# set DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet filter output "$O_V4_FILTER" user@host-R3# set DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 filter input "$I_V6_FILTER" user@host-R3# set DHCP-SERVICE-PROFILE interfaces "$junos-interface-ifd-name" unit "$junos-underlying-interface-unit" family inet6 filter output "$O_V6_FILTER"
PPPoE サービス プロファイルを作成します。
PPPoE サービス プロファイル変数を設定します。
[edit dynamic-profiles] user@host-R3# set PPPOE-SERVICE-PROFILE variables I_V4_FILTER user@host-R3# set PPPOE-SERVICE-PROFILE variables O_V4_FILTER user@host-R3# set PPPOE-SERVICE-PROFILE variables I_V6_FILTER user@host-R3# set PPPOE-SERVICE-PROFILE variables O_V6_FILTER
PPPoE サービス プロファイルの動的インターフェイスを作成し、フィルタを関連付けます。
[edit dynamic-profiles] user@host-R3# set PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet filter input "$I_V4_FILTER" user@host-R3# set PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet filter output "$O_V4_FILTER" user@host-R3# set PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet6 filter input "$I_V6_FILTER" user@host-R3# set PPPOE-SERVICE-PROFILE interfaces pp0 unit "$junos-interface-unit" family inet6 filter output "$O_V6_FILTER"
DHCP を設定します。
ギガビットイーサネットや集合型イーサネットなどの物理インターフェイスに関連付けられた従来のブロードバンドサービス構成とは異なり、このソリューション構成は、ブロードバンド加入者の終端に疑似回線インターフェイスと仮想イーサネットポートに依存します。
このソリューション構成で疑似回線インターフェイスを介して動的に作成されたすべての VLAN は、MPLS 擬似回線加入者トンネルを経由して着信し、擬似回線アンカー インターフェイスに到着する DHCP メッセージを処理できます。
デュアル スタック PPPoE セッション:PPPoE セッションに対して DHCPv6 を有効にします。
[edit system] user@host-R3#set services dhcp-local-server dhcpv6 group v6-ppp-client-0 interface pp0.0
DHCPv4 セッション - 疑似回線インターフェイスの IPv4 ローカル サーバー グループを設定します。
グループにパスワード、ユーザー名プレフィックス、動的プロファイルを割り当てます。疑似回線インターフェイスをグループに関連づけます。ここでは、2本の疑似配線を示しています。すべての疑似回線インターフェイスに対して、この手順を繰り返します。
[edit system] user@host-R3# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 authentication password <password> user@host-R3# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 authentication username-include user-prefix SST_USER_DHCP_V4_DEFAULT user@host-R3# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 dynamic-profile client-profile user@host-R3# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 interface ps0.0 user@host-R3# set services dhcp-local-server group v4-rtClient-0-ACCESS-0-ps0 interface ps1.0
DHCPv6セッション:疑似回線インターフェイスのIPv6ローカルサーバーグループを設定します。
グループにパスワード、ユーザー名プレフィックス、動的プロファイルを割り当てます。疑似回線インターフェイスをグループに関連づけます。これにより、擬似回線加入者インターフェイスを介した VLAN を使用した DHCPv6 加入者認証が有効になります。ここでは、2本の疑似配線を示しています。すべての疑似回線インターフェイスに対して、この手順を繰り返します。
[edit system] user@host-R3# set services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 authentication password <password> user@host-R3# set services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 authentication username-include user-prefix SST_USER_DHCP_V6_DEFAULT user@host-R3# set services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 dynamic-profile client-profile user@host-R3# set services dhcp-local-server dhcpv6 group v6-dhcp-client-0-ACCESS-0-ps0 interface ps0.0 user@host-R3# set services dhcp-local-server dhcpv6 group v6-dhcp-client-1-ACCESS-0-ps1 interface ps1.0
グレースフルスイッチオーバーとデバイス数を設定します。
プライマリルーティングエンジンが、パケット転送を中断することなくバックアップルーティングエンジンに正常にスイッチオーバーするように設定します。
[edit chassis] user@host-R3# set redundancy graceful-switchover
ルーターで使用可能な疑似回線論理デバイスの数を設定します。
[edit chassis] user@host-R3# set pseudowire-service device-count 2048
グレースフル ルーティング エンジンの切り替え後、アクセス ルートとアクセス内部ルートの削除を遅らせ、リソース監視の閾値を高く設定します。
[edit system] user@host-R3# set services subscriber-management gres-route-flush-delay user@host-R3# set services resource-monitor high-threshold 80
ルーティング エンジン間の設定同期を有効にします。
[edit system] user@host-R3# set commit synchronize
シャーシレベルで疑似回線トンネル サービスを設定します。
フレキシブルPICコンセントレータ0〜3のトンネルサービスの帯域幅を設定します。
1台のフレキシブルPICコンセントレータが示されています。残りのすべてのフレキシブルPICコンセントレータに対して、この手順を繰り返します。
[edit chassis] user@host-R3# set fpc 0 pic 0 tunnel-services bandwidth 1g user@host-R3# set fpc 0 pic 1 tunnel-services bandwidth 1g user@host-R3# set fpc 0 pic 2 tunnel-services bandwidth 1g user@host-R3# set fpc 0 pic 3 tunnel-services bandwidth 1g
すべての DHCP サブスクライバにアクセス プロファイルをアタッチします。
DHCP加入者がログインすると、指定されたアクセスプロファイルがインスタンス化され、プロファイルで定義されたサービスが加入者に適用されます。
[edit] user@host-R3# set access-profile Access-Profile-0
トランジットリンクと論理トンネルインターフェイスを設定します。
loopack インターフェイスを設定します。
[edit interfaces] user@host-R3# set lo0 unit 0 family inet address 103.0.0.1/32 primary user@host-R3# set lo0 unit 0 family inet address 103.0.0.1/32 preferred user@host-R3# set lo0 unit 0 family inet6 address 1003:0::1/128 primary user@host-R3# set lo0 unit 0 family inet6 address 1003:0::1/128 preferred user@host-R3# set lo0 unit 0 family mpls
トランジットリンクを設定します。
[edit interfaces] user@host-R3# set ge-4/0/0 description "To R2 - Core" user@host-R3# set ge-4/0/0 unit 0 family inet address 21.21.40.1/24 user@host-R3# set ge-4/0/0 unit 0 family inet6 user@host-R3# set ge-4/0/0 unit 0 family mpls user@host-R3# set ge-0/0/0 description "To R1 - APE1" user@host-R3# set ge-0/0/0 unit 0 family inet address 21.21.20.2/24 user@host-R3# set ge-0/0/0 unit 0 family mpls user@host-R3# set ge-1/0/0 description "To R1 - APE1" user@host-R3# set ge-1/0/0 unit 0 family inet address 21.21.21.2/24 user@host-R3# set ge-1/0/0 unit 0 family mpls user@host-R3# set ge-2/0/0 description "To R2 - APE2" user@host-R3# set ge-2/0/0 unit 0 family inet address 21.21.30.2/24 user@host-R3# set ge-2/0/0 unit 0 family mpls user@host-R3# set ge-3/0/0 description "To R2 - APE2" user@host-R3# set ge-3/0/0 unit 0 family inet address 21.21.31.2/24 user@host-R3# set ge-3/0/0 unit 0 family mpls
トランジットリンクに対応するLTインターフェイスを設定します。
[edit interfaces] user@host-R3# set lt-0/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-0/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-0/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-0/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-1/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-1/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-1/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-1/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-2/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-2/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-2/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-2/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-3/0/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-3/1/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-3/2/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy user@host-R3# set lt-3/3/10 hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy
PSインターフェイスとVLAN認証を設定します。
加入者管理では、ポイントツーポイント MPLS 疑似配線を介した加入者インターフェイスの作成がサポートされます。疑似回線加入者インターフェイス機能により、サービスプロバイダは、アクセスアグリゲーションネットワークからサービスエッジまでMPLSドメインを拡張し、そこで加入者管理を行うことができます。サービスプロバイダは、フェイルオーバー、再ルーティング、統一MPLSラベルプロビジョニングなどのMPLS機能を活用しながら、単一の疑似ワイヤを使用してサービスネットワーク内の多数のDHCPおよびPPPoE加入者にサービスを提供できます。
疑似回線は、MPLS ベースの L2 VPN または L2 回線のいずれかであるトンネルです。疑似回線トンネルは、イーサネットカプセル化トラフィックをアクセスノード(DSLAMやその他のアグリゲーションデバイスなど)から、加入者管理サービスをホストするMXシリーズルーターに転送します。MX シリーズ ルーター上の疑似回線トンネルの終端は、物理イーサネット終端に似ており、加入者管理機能が実行されるポイントです。サービス プロバイダーは、DSLAM 単位で複数の疑似配線を設定し、特定の疑似配線で多数の加入者に対するサポートをプロビジョニングできます。
疑似配線のアクセス ノード側では、加入者トラフィックをさまざまな方法で疑似配線にグルーミングできますが、それは疑似配線にスタックできるインターフェイスの数と種類によってのみ制限されます。アクセスノードで疑似回線トンネルを終端する論理トンネルインターフェイスを識別するアンカーポイントを指定します。
PSインターフェイスとVLAN認証を設定します。
1 本の疑似ワイヤが表示されています。残りのすべての疑似配線に対してこの手順を繰り返します。
[edit interfaces] user@host-R3# set ps0 anchor-point lt-0/0/10 user@host-R3# set ps0 flexible-vlan-tagging user@host-R3# set ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept inet user@host-R3# set ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept inet6 user@host-R3# set ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 accept pppoe user@host-R3# set ps0 auto-configure stacked-vlan-ranges dynamic-profile vlan-prof-0 ranges 1-256,1-4094 user@host-R3# set ps0 auto-configure stacked-vlan-ranges authentication password <password> user@host-R3# set ps0 auto-configure stacked-vlan-ranges authentication username-include user-prefix SST_USER_VLAN_DEFAULT user@host-R3# set ps0 auto-configure remove-when-no-subscribers user@host-R3# set ps0 no-gratuitous-arp-request user@host-R3# set ps0 unit 0 encapsulation ethernet-ccc
ルーティング オプションを設定します。
[edit routing-options] user@host-R3# set ppm redistribution-timer 1 user@host-R3# set nonstop-routing user@host-R3# set nsr-phantom-holdtime 1 user@host-R3# set router-id 103.0.0.1 user@host-R3# set forwarding-table remnant-holdtime 100
L2 回線接続を設定します。
1つの疑似サービスインタフェース(ps0.0)の設定が表示されています。ps1.0 から ps2047.0 までこの手順を繰り返します。
[edit protocols] user@host-R3# set l2circuit neighbor 101.0.0.1 interface ps0.0 virtual-circuit-id 1 user@host-R3# set l2circuit neighbor 101.0.0.1 interface ps0.0 ignore-mtu-mismatch user@host-R3# set l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection minimum-interval 1000 user@host-R3# set l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection multiplier 4 user@host-R3# set l2circuit neighbor 101.0.0.1 interface ps0.0 oam bfd-liveness-detection detection-time threshold 5000
ルーティングプロトコルを設定します。
この設定例では、BNG ルーター上の MPLS、OSPF、OSPFv3、および LDP を使用します。
MPLS を設定します。
[edit protocols] user@host-R3# set mpls ipv6-tunneling user@host-R3# set mpls interface lo0.0 user@host-R3# set mpls interface ge-0/0/0.0 user@host-R3# set mpls interface ge-1/0/0.0 user@host-R3# set mpls interface ge-2/0/0.0 user@host-R3# set mpls interface ge-3/0/0.0 user@host-R3# set mpls interface ge-4/0/0.0
OSPF と OSPFv3 を設定します。
[edit protocols] user@host-R3# set ospf export EXPORT_BNG_ACCESS_INTERNAL user@host-R3# set ospf area 0.0.0.0 interface lo0.0 user@host-R3# set ospf area 0.0.0.0 interface ge-0/0/0.0 user@host-R3# set ospf area 0.0.0.0 interface ge-1/0/0.0 user@host-R3# set ospf area 0.0.0.0 interface ge-2/0/0.0 user@host-R3# set ospf area 0.0.0.0 interface ge-3/0/0.0 user@host-R3# set ospf area 0.0.0.0 interface ge-4/0/0.0 user@host-R3# set ospf3 export EXPORT_BNG_ACCESS_INTERNAL user@host-R3# set ospf3 area 0.0.0.0 interface lo0.0 user@host-R3# set ospf3 area 0.0.0.0 interface ge-4/0/0.0
LDP を設定します。
[edit protocols] user@host-R3# set ldp interface lo0.0 user@host-R3# set ldp interface ge-0/0/0.0 user@host-R3# set ldp interface ge-1/0/0.0 user@host-R3# set ldp interface ge-2/0/0.0 user@host-R3# set ldp interface ge-3/0/0.0 user@host-R3# set ldp interface ge-4/0/0.0
ルーティングポリシーを設定します。
[edit policy-options] user@host-R3# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from family inet user@host-R3# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from route-filter 100.0.0.0/8 orlonger user@host-R3# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 from route-filter 103.0.0.0/8 orlonger user@host-R3# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 1 then accept user@host-R3# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from family inet6 user@host-R3# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from route-filter 1000:0000:0000:0000:0000:0000:0000:0000/64 orlonger user@host-R3# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 from route-filter 1003:0000:0000:0000:0000:0000:0000:0000/64 orlonger user@host-R3# set policy-statement EXPORT_BNG_ACCESS_INTERNAL term 2 then accept
ファイアウォールフィルターを設定します。
IPv4 の入力、出力、および RPF DHCP フィルターを設定します。
[edit firewall] user@host-R3# set family inet filter INPUT-V4-FILTER-01 interface-specific user@host-R3# set family inet filter INPUT-V4-FILTER-01 term TERM1 from packet-length-except 64 user@host-R3# set family inet filter INPUT-V4-FILTER-01 term TERM1 then count COUNTER11 user@host-R3# set family inet filter INPUT-V4-FILTER-01 term TERM1 then next term user@host-R3# set family inet filter INPUT-V4-FILTER-01 term TERM2 then service-accounting user@host-R3# set family inet filter INPUT-V4-FILTER-01 term TERM2 then accept user@host-R3# set family inet filter OUTPUT-V4-FILTER-01 interface-specific user@host-R3# set family inet filter OUTPUT-V4-FILTER-01 term TERM1 from packet-length-except 64 user@host-R3# set family inet filter OUTPUT-V4-FILTER-01 term TERM1 then count COUNTER12 user@host-R3# set family inet filter OUTPUT-V4-FILTER-01 term TERM1 then next term user@host-R3# set family inet filter OUTPUT-V4-FILTER-01 term TERM2 then service-accounting user@host-R3# set family inet filter OUTPUT-V4-FILTER-01 term TERM2 then accept user@host-R3# set family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP from destination-address 255.255.255.255/32 user@host-R3# set family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP from destination-port dhcp user@host-R3# set family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP then count RPF-DHCP-V4-TRAFFIC user@host-R3# set family inet filter RPF-PASS-DHCP-V4 term ALLOW-DHCP then accept user@host-R3# set family inet filter RPF-PASS-DHCP-V4 term DEFAULT then discard
IPv6 の入力、出力、および RPF DHCP フィルターを設定します。
[edit firewall] user@host-R3# set family inet6 filter INPUT-V6-FILTER-01 interface-specific user@host-R3# set family inet6 filter INPUT-V6-FILTER-01 term TERM1 from packet-length-except 64 user@host-R3# set family inet6 filter INPUT-V6-FILTER-01 term TERM1 then count COUNTER21 user@host-R3# set family inet6 filter INPUT-V6-FILTER-01 term TERM1 then next term user@host-R3# set family inet6 filter INPUT-V6-FILTER-01 term TERM2 then service-accounting user@host-R3# set family inet6 filter INPUT-V6-FILTER-01 term TERM2 then accept user@host-R3# set family inet6 filter OUTPUT-V6-FILTER-01 interface-specific user@host-R3# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 from packet-length-except 64 user@host-R3# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 then count COUNTER22 user@host-R3# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM1 then next term user@host-R3# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM2 then service-accounting user@host-R3# set family inet6 filter OUTPUT-V6-FILTER-01 term TERM2 then accept user@host-R3# set family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP from destination-port dhcp user@host-R3# set family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP then count RPF-DHCP-V6-TRAFFIC user@host-R3# set family inet6 filter RPF-PASS-DHCP-V6 term ALLOW-DHCP then accept user@host-R3# set family inet6 filter RPF-PASS-DHCP-V6 term DEFAULT then discard
RADIUS サーバーと DNS アクセスを構成します。
[edit access] user@host-R3# set radius-server 9.0.0.9 secret "$ABC123"; ## SECRET-DATA user@host-R3# set radius-server 9.0.0.9 timeout 20 user@host-R3# set radius-server 9.0.0.9 retry 5 user@host-R3# set radius-server 9.0.0.9 max-outstanding-requests 1000 user@host-R3# set radius-server 9.0.0.9 source-address 103.0.0.1 user@host-R3# set domain-name-server-inet 9.0.0.100 user@host-R3# set domain-name-server-inet 9.0.0.101 user@host-R3# set domain-name-server-inet6 2000:abcd::9.0.0.100 user@host-R3# set domain-name-server-inet6 2000:abcd::9.0.0.101
RADIUS認証とアカウンティングのアクセスプロファイルを設定します。
[edit access] user@host-R3# set profile Access-Profile-0 authentication-order radius user@host-R3# set profile Access-Profile-0 radius authentication-server 9.0.0.9 user@host-R3# set profile Access-Profile-0 radius accounting-server 9.0.0.9 user@host-R3# set profile Access-Profile-0 radius options nas-identifier R3-BNG1 user@host-R3# set profile Access-Profile-0 accounting order radius user@host-R3# set profile Access-Profile-0 accounting accounting-stop-on-failure user@host-R3# set profile Access-Profile-0 accounting accounting-stop-on-access-deny user@host-R3# set profile Access-Profile-0 accounting update-interval 10 user@host-R3# set profile Access-Profile-0 accounting statistics volume-time
IPv4およびIPv6アドレス割り当てプールを設定します。
IPv4 アドレス プールを構成します。
[edit access] user@host-R3# set address-assignment pool v4-pool-0 family inet network 103.0.0.0/8 user@host-R3# set address-assignment pool v4-pool-0 family inet range v4-range-0 low 103.16.0.1 user@host-R3# set address-assignment pool v4-pool-0 family inet range v4-range-0 high 103.31.255.255 user@host-R3# set address-assignment pool v4-pool-0 family inet dhcp-attributes maximum-lease-time 99999
IPv6 アドレス プールを構成します。
[edit access] user@host-R3# set address-assignment pool v6-na-pool-0 family inet6 prefix 1003:0000:0000:0000:0000:0000:0000:0000/64 user@host-R3# set address-assignment pool v6-na-pool-0 family inet6 range v6-range-0 low 1003::2/128 user@host-R3# set address-assignment pool v6-na-pool-0 family inet6 range v6-range-0 low 1003::ffff:ffff/128
アドレス保護を構成します。
[edit access] user@host-R3# set address-protection
結果
コンフィギュレーション・モードから、以下の show
コマンドを入力してコンフィギュレーションを確認します。
プロファイルの動的バージョン作成の構成を確認します。
user@host-R3# show system dynamic-profile-options versioning;
クライアントプロファイルのインターフェイス設定を確認します。
user@host-R3# show dynamic-profiles client-profile interfaces { "$junos-interface-ifd-name" { unit "$junos-underlying-interface-unit" { family inet { unnumbered-address lo0.0; } family inet6 { unnumbered-address lo0.0; } } } }
動的 PPPoE クライアント プロファイルの設定を確認します。
user@host-R3# show dynamic-profiles pppoe-client-profile interfaces { pp0 { unit "$junos-interface-unit" { no-traps; ppp-options { chap; pap; } pppoe-options { underlying-interface "$junos-underlying-interface"; server; } keepalives interval 30; family inet { unnumbered-address lo0.0; } family inet6 { unnumbered-address lo0.0; } } } }
CoS 転送クラスのキュー設定を確認します。
user@host-R3# show class-of-service forwarding-classes queue 0 FC0; queue 1 FC1; queue 2 FC2; queue 3 FC3; queue 4 FC4; queue 5 FC5; queue 6 FC6; queue 7 FC7;
動的 VLAN プロファイルの設定を確認します。
user@host-R3# show dynamic-profiles vlan-prof-0 predefined-variable-defaults { cos-scheduler-map SMAP_PS; cos-shaping-rate 60m; cos-guaranteed-rate 50m; } interfaces { "$junos-interface-ifd-name" { unit "$junos-interface-unit" { no-traps; vlan-tags outer "$junos-stacked-vlan-id" inner "$junos-vlan-id"; family inet { rpf-check fail-filter RPF-PASS-DHCP-V4; unnumbered-address lo0.0; } family inet6 { rpf-check fail-filter RPF-PASS-DHCP-V6; unnumbered-address lo0.0; } family pppoe { dynamic-profile pppoe-client-profile; } } } } protocols { router-advertisement { interface "$junos-interface-name" { max-advertisement-interval 1800; min-advertisement-interval 1350; managed-configuration; } } } class-of-service { traffic-control-profiles { TCP_PS { scheduler-map "$junos-cos-scheduler-map"; shaping-rate "$junos-cos-shaping-rate"; guaranteed-rate "$junos-cos-guaranteed-rate"; } } interfaces { "$junos-interface-ifd-name" { unit "$junos-interface-unit" { output-traffic-control-profile TCP_PS; } } } scheduler-maps { SMAP_ALL { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC1 scheduler FC1_SCH; forwarding-class FC2 scheduler FC2_SCH; forwarding-class FC3 scheduler FC3_SCH; forwarding-class FC4 scheduler FC4_SCH; forwarding-class FC5 scheduler FC5_SCH; forwarding-class FC6 scheduler FC6_SCH; forwarding-class FC7 scheduler FC7_SCH; } SMAP_FC0 { forwarding-class FC0 scheduler FC0_SCH; } SMAP_FC1 { forwarding-class FC1 scheduler FC1_SCH; } SMAP_FC2 { forwarding-class FC2 scheduler FC2_SCH; } SMAP_FC0_FC1 { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC1 scheduler FC1_SCH; } SMAP_FC1_FC2 { forwarding-class FC1 scheduler FC1_SCH; forwarding-class FC2 scheduler FC2_SCH; } SMAP_FC0_FC2 { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC2 scheduler FC2_SCH; } SMAP_FC0_FC1_FC2 { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC1 scheduler FC1_SCH; forwarding-class FC2 scheduler FC2_SCH; } SMAP_PS { forwarding-class FC0 scheduler FC0_SCH; forwarding-class FC1 scheduler FC1_SCH; forwarding-class FC2 scheduler FC2_SCH; forwarding-class FC3 scheduler FC3_SCH; } } schedulers { FC0_SCH { transmit-rate 128k; priority strict-high; } FC1_SCH { transmit-rate 20m; priority medium-high; } FC2_SCH { priority low; } FC3_SCH { priority low; } FC4_SCH { transmit-rate 2m; buffer-size percent 2; priority low; drop-profile-map loss-priority low protocol any drop-profile DP_04; } FC5_SCH { transmit-rate 2m; buffer-size percent 2; priority low; drop-profile-map loss-priority low protocol any drop-profile DP_05; } FC6_SCH { transmit-rate 2m; buffer-size percent 2; priority low; drop-profile-map loss-priority low protocol any drop-profile DP_06; } FC7_SCH { transmit-rate 2m; buffer-size percent 2; priority low; drop-profile-map loss-priority low protocol any drop-profile DP_07; } } }
DHCP サービス プロファイルの設定を確認します。
user@host-R3# show dynamic-profiles DHCP-SERVICE-PROFILE variables { I_V4_FILTER; O_V4_FILTER; I_V6_FILTER; O_V6_FILTER; } interfaces { "$junos-interface-ifd-name" { unit "$junos-underlying-interface-unit" { family inet { filter { input "$I_V4_FILTER"; output "$O_V4_FILTER"; } } family inet6 { filter { input "$I_V6_FILTER"; output "$O_V6_FILTER"; } } } } }
PPPoE サービス プロファイルの設定を確認します。
user@host-R3# show dynamic-profiles PPPOE-SERVICE-PROFILE variables { I_V4_FILTER; O_V4_FILTER; I_V6_FILTER; O_V6_FILTER; } interfaces { pp0 { unit "$junos-interface-unit" { family inet { filter { input "$I_V4_FILTER"; output "$O_V4_FILTER"; } } family inet6 { filter { input "$I_V6_FILTER"; output "$O_V6_FILTER"; } } } } }
DHCP ローカル サーバーの設定を確認します。
user@host-R3# show system services dhcp-local-server dhcpv6 { group v6-ppp-client-0 { interface pp0.0; } group v4-rtClient-0-ACCESS-0-ps0 { authentication { password <password>; username-include { user-prefix SST_USER_DHCP_V4_DEFAULT; } } dynamic-profile client-profile; interface ps0.0; interface ps1.0; } group v6-dhcp-client-0-ACCESS-0-ps0 { authentication { password <password>; username-include { user-prefix SST_USER_DHCP_V6_DEFAULT; } } dynamic-profile client-profile; interface ps0.0; interface ps1.0; } }
グレースフルスイッチオーバーとデバイス数の設定を確認します。
user@host-R3# show chassis redundancy graceful-switchover; user@host-R3# show chassis pseudowire-service device-count 2048 {
疑似回線トンネル サービスの設定を確認します。
user@host-R3# show chassis fpc 0 pic 0 { tunnel-services { bandwidth 1g; } } pic 1 { tunnel-services { bandwidth 1g; } } pic 2 { tunnel-services { bandwidth 1g; } } pic 3 { tunnel-services { bandwidth 1g; } }
トランジット リンクと論理トンネル インターフェイスの設定を確認します。
user@host-R3# show interfaces lo0 { unit 0 { family inet { address 103.0.0.1/32 { primary; preferred; } } family inet6 { address 1003:0::1/128 { primary; preferred; } } family mpls; } } ge-4/0/0 { description "To R2 - Core"; unit 0 { family inet { address 21.21.40.1/24; } family inet6; family mpls; } } ge-0/0/0 { description "To R1 - APE1"; unit 0 { family inet { address 21.21.20.2/24; } family mpls; } } ge-1/0/0 { description "To R1 - APE1"; unit 0 { family inet { address 21.21.21.2/24; } family mpls; } } ge-2/0/0 { description "To R2 - APE2"; unit 0 { family inet { address 21.21.30.2/24; } family mpls; } } ge-3/0/0 { description "To R2 - APE2"; unit 0 { family inet { address 21.21.31.2/24; } family mpls; } } lt-0/0/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-0/1/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-0/2/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-0/3/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-1/0/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-1/1/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-1/2/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-1/3/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-2/0/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-2/1/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-2/2/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-2/3/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-3/0/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-3/1/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-3/2/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; } lt-3/3/10 { hierarchical-scheduler maximum-hierarchy-levels 2 implicit-hierarchy; }
PSインターフェイスとVLAN認証の設定を確認します。
user@host-R3# show interfaces ps0 anchor-point { lt-0/0/10; } flexible-vlan-tagging; auto-configure { stacked-vlan-ranges { dynamic-profile vlan-prof-0 { accept [ inet inet6 pppoe ]; ranges { 1-256,1-4094; } } authentication { password <password>; username-include { user-prefix SST_USER_VLAN_DEFAULT; } } } remove-when-no-subscribers; } no-gratuitous-arp-request; unit 0 { encapsulation ethernet-ccc; } user@host-R3# show routing-options ppm { redistribution-timer 1; } nonstop-routing; nsr-phantom-holdtime 1; router-id 103.0.0.1; forwarding-table { remnant-holdtime 100; }
L2 回線の接続を確認します。
user@host-R3# show protocols l2circuit neighbor 101.0.0.1 interface ps0.0 virtual-circuit-id 1; ignore-mtu-mismatch; oam { bfd-liveness-detection { minimum-interval 1000; multiplier 4; detection-time { threshold 5000; } } }
ルーティングプロトコルの設定を確認します。
user@host-R3# show protocols mpls { ipv6-tunneling; interface lo0.0; interface ge-0/0/0.0; interface ge-1/0/0.0; interface ge-2/0/0.0; interface ge-3/0/0.0; interface ge-4/0/0.0; } ospf { export EXPORT_BNG_ACCESS_INTERNAL; area 0.0.0.0 { interface lo0.0; interface ge-0/0/0.0; interface ge-1/0/0.0; interface ge-2/0/0.0; interface ge-3/0/0.0; interface ge-4/0/0.0; } } ospf3 { export EXPORT_BNG_ACCESS_INTERNAL; area 0.0.0.0 { interface lo0.0; interface ge-4/0/0.0; } } ldp { interface lo0.0; interface ge-0/0/0.0; interface ge-1/0/0.0; interface ge-2/0/0.0; interface ge-3/0/0.0; interface ge-4/0/0.0; }
ポリシーステートメントの設定を確認します。
user@host-R3# show policy-options policy-statement EXPORT_BNG_ACCESS_INTERNAL { term 1 { from { family inet; route-filter 100.0.0.0/8 orlonger; route-filter 103.0.0.0/8 orlonger; } then accept; } term 2 { from { family inet6; route-filter 1000:0000:0000:0000:0000:0000:0000:0000/64 orlonger; route-filter 1003:0000:0000:0000:0000:0000:0000:0000/64 orlonger; } then accept; } }
ファイアウォール設定の構成を確認します。
user@host-R3# show firewall family inet { filter INPUT-V4-FILTER-01 { interface-specific; term TERM1 { from { packet-length-except 64; } then { count COUNTER11; next term; } } term TERM2 { then { service-accounting; accept; } } } filter OUTPUT-V4-FILTER-01 { interface-specific; term TERM1 { from { packet-length-except 64; } then { count COUNTER12; next term; } } term TERM2 { then { service-accounting; accept; } } } filter RPF-PASS-DHCP-V4 { term ALLOW-DHCP { from { destination-address { 255.255.255.255/32; } destination-port dhcp; } then { count RPF-DHCP-V4-TRAFFIC; accept; } } term DEFAULT { then { discard; } } } } family inet6 { filter INPUT-V6-FILTER-01 { interface-specific; term TERM1 { from { packet-length-except 64; } then { count COUNTER21; next term; } } term TERM2 { then { service-accounting; accept; } } } filter OUTPUT-V6-FILTER-01 { interface-specific; term TERM1 { from { packet-length-except 64; } then { count COUNTER22; next term; } } term TERM2 { then { service-accounting; accept; } } } filter RPF-PASS-DHCP-V6 { term ALLOW-DHCP { from { destination-port dhcp; } then { count RPF-DHCP-V6-TRAFFIC; accept; } } term DEFAULT { then discard; } } }
RADIUS サーバーと DNS アクセスの構成を確認します。
user@host-R3# show access radius-server 9.0.0.9 { secret "$ABC123"; ## SECRET-DATA timeout 20; retry 5; max-outstanding-requests 1000; source-address 103.0.0.1; } user@host-R3# show access domain-name-server-inet 9.0.0.100; 9.0.0.101; user@host-R3# show access domain-name-server-inet6 2000:abcd::9.0.0.100; 2000:abcd::9.0.0.101;
アクセスプロファイルの設定を確認します。
user@host-R3# show access profile Access-Profile-0 authentication-order radius; radius { authentication-server 9.0.0.9; accounting-server 9.0.0.9; options { nas-identifier R3-BNG1; } } accounting { order radius; accounting-stop-on-failure; accounting-stop-on-access-deny; update-interval 10; statistics volume-time; }
アドレス割り当てプールの設定を確認します。
user@host-R3# show access address-assignment pool v4-pool-0 { family inet { network 103.0.0.0/8; range v4-range-0 { low 103.16.0.1; high 103.31.255.255; } dhcp-attributes { maximum-lease-time 99999; } } } pool v6-na-pool-0 { family inet6 { prefix 1003:0000:0000:0000:0000:0000:0000:0000/64; range v6-range-0 { low 1003::2/128; high 1003::ffff:ffff/128; } } } user@host-R3# show access address-protection address-protection;
コアルーター、R4の設定
CLIクイック構成
図 5 は、参考例のトポロジーのコンテキストでコア ルーター(R4)を示しています。
この例をすばやく設定するには、次のコマンドをコピーしてテキストファイルに貼り付け、改行を削除して、ネットワーク構成に合わせて必要な詳細を変更し、 階層レベルのCLI [edit]
にコマンドをコピーして貼り付けます。
set interfaces lo0 unit 0 family inet address 104.0.0.1/32 primary set interfaces lo0 unit 0 family inet address 104.0.0.1/32 preferred set interfaces lo0 unit 0 family inet6 address 1004:0::1/128 primary set interfaces lo0 unit 0 family inet6 address 1004:0::1/128 preferred set interfaces ge-0/0/2 unit 0 family inet address 21.21.14.2/24 set interfaces ge-0/0/2 unit 0 family inet6 set interfaces ge-0/0/2 unit 0 family mpls set interfaces ge-0/0/3 unit 0 family inet address 21.21.15.2/24 set interfaces ge-0/0/3 unit 0 family inet6 set interfaces ge-0/0/3 unit 0 family mpls set interfaces ge-0/0/4 unit 0 family inet address 21.21.40.2/24 set interfaces ge-0/0/4 unit 0 family inet6 set interfaces ge-0/0/4 unit 0 family mpls set interfaces ge-0/1/3 unit 0 family inet address 21.21.50.1/24 set interfaces ge-0/1/3 unit 0 family inet6 set interfaces ge-0/1/3 unit 0 family mpls set interfaces ge-0/1/4 unit 0 family inet address 21.21.51.1/24 set interfaces ge-0/1/4 unit 0 family inet6 set interfaces ge-0/1/4 unit 0 family mpls set interfaces ge-0/1/7 unit 0 family inet address 9.0.0.1/24 set interfaces ge-0/1/7 unit 0 family inet6 set interfaces ge-0/1/7 unit 0 family mpls set routing-options router-id 104.0.0.1 set protocols ospf area 0.0.0.0 interface lo0.0 set protocols ospf area 0.0.0.0 interface ge-0/0/2.0 set protocols ospf area 0.0.0.0 interface ge-0/0/3.0 set protocols ospf area 0.0.0.0 interface ge-0/0/4.0 set protocols ospf area 0.0.0.0 interface ge-0/1/3.0 set protocols ospf area 0.0.0.0 interface ge-0/1/4.0 set protocols ospf area 0.0.0.0 interface ge-0/1/7.0 passive set protocols ospf3 area 0.0.0.0 interface lo0.0 set protocols ospf3 area 0.0.0.0 interface ge-0/0/2.0 set protocols ospf3 area 0.0.0.0 interface ge-0/0/3.0 set protocols ospf3 area 0.0.0.0 interface ge-0/0/4.0 set protocols ospf3 area 0.0.0.0 interface ge-0/1/3.0 set protocols ospf3 area 0.0.0.0 interface ge-0/1/4.0 set protocols mpls ipv6-tunneling set protocols mpls interface lo0.0 set protocols mpls interface ge-0/0/2.0 set protocols mpls interface ge-0/0/3.0 set protocols mpls interface ge-0/0/4.0 set protocols mpls interface ge-0/1/3.0 set protocols mpls interface ge-0/1/4.0 set protocols ldp interface lo0.0 set protocols ldp interface ge-0/0/2.0 set protocols ldp interface ge-0/0/3.0 set protocols ldp interface ge-0/0/4.0 set protocols ldp interface ge-0/1/3.0 set protocols ldp interface ge-0/1/4.0
手順
次の例では、設定階層のいくつかのレベルに移動する必要があります。CLI のナビゲーションについては、『Junos OS 用 CLI ユーザー・ガイド』の「 コンフィギュレーション・モードで CLI エディタを使用する」を参照してください。
デバイス R4 を設定するには:
インターフェイスを設定します。
ループバックおよびBNGに接続するインターフェイスは、デュアルスタックルーティング環境向けに、IPv4(inet)とIPv6(inet6)の両方のアドレスファミリーをサポートしています。IPv6 トラフィックは、IPv4 の送信元と宛先のみを持つ L2TP トンネル上にオーバーレイされるため、LNS に接続するインターフェイスには IPv6 ファミリー アドレス指定は含まれません。
ループバックインターフェイスを設定します。
[edit interfaces] user@host-R4# set lo0 unit 0 family inet address 104.0.0.1/32 primary user@host-R4# set lo0 unit 0 family inet address 104.0.0.1/32 preferred user@host-R4# set lo0 unit 0 family inet6 address 1004:0::1/128 primary user@host-R4# set lo0 unit 0 family inet6 address 1004:0::1/128 preferred
アクティブBNGデバイスとバックアップBNGデバイスの両方に対して、BNG向けのインターフェイスを設定します。
各BNG機器に設定されたポートは、コアネットワークとアクティブBNG機器の間でトラフィックを渡します。
[edit interfaces] user@host-R4# set ge-0/0/2 unit 0 family inet address 21.21.14.2/24 user@host-R4# set ge-0/0/2 unit 0 family inet6 user@host-R4# set ge-0/0/2 unit 0 family mpls user@host-R4# set ge-0/0/3 unit 0 family inet address 21.21.15.2/24 user@host-R4# set ge-0/0/3 unit 0 family inet6 user@host-R4# set ge-0/0/3 unit 0 family mpls user@host-R4# set ge-0/0/4 unit 0 family inet address 21.21.40.2/24 user@host-R4# set ge-0/0/4 unit 0 family inet6 user@host-R4# set ge-0/0/4 unit 0 family mpls user@host-R4# set ge-0/1/3 unit 0 family inet address 21.21.50.1/24 user@host-R4# set ge-0/1/3 unit 0 family inet6 user@host-R4# set ge-0/1/3 unit 0 family mpls user@host-R4# set ge-0/1/4 unit 0 family inet address 21.21.51.1/24 user@host-R4# set ge-0/1/4 unit 0 family inet6 user@host-R4# set ge-0/1/4 unit 0 family mpls user@host-R4# set ge-0/1/7 unit 0 family inet address 9.0.0.1/24 user@host-R4# set ge-0/1/7 unit 0 family inet6 user@host-R4# set ge-0/1/7 unit 0 family mpls
ルーティングプロトコルを設定します。
OSPF は IPv4 ルーティングをサポートできます。OSPFv3 は IPv6 ルーティングをサポートするように有効になっています。
ルーターIDを設定します。
[edit] user@host-R4# set routing-options router-id 104.0.0.1
IPv4 ルーティング用に OSPF を設定します。
[edit protocols] user@host-R4# set ospf area 0.0.0.0 interface lo0.0 user@host-R4# set ospf area 0.0.0.0 interface ge-0/0/2.0 user@host-R4# set ospf area 0.0.0.0 interface ge-0/0/3.0 user@host-R4# set ospf area 0.0.0.0 interface ge-0/0/4.0 user@host-R4# set ospf area 0.0.0.0 interface ge-0/1/3.0 user@host-R4# set ospf area 0.0.0.0 interface ge-0/1/4.0 user@host-R4# set ospf area 0.0.0.0 interface ge-0/1/7.0 passive
IPv6 ルーティング用に OSPFv6 を設定します。
[edit protocols] user@host-R4# set ospf3 area 0.0.0.0 interface lo0.0 user@host-R4# set ospf3 area 0.0.0.0 interface ge-0/0/2.0 user@host-R4# set ospf3 area 0.0.0.0 interface ge-0/0/3.0 user@host-R4# set ospf3 area 0.0.0.0 interface ge-0/0/4.0 user@host-R4# set ospf3 area 0.0.0.0 interface ge-0/1/3.0 user@host-R4# set ospf3 area 0.0.0.0 interface ge-0/1/4.0
BNGに接続するポートおよびLNSに接続するすべてのインターフェイスのMPLSを設定します。
IPv6 MPLSトンネリングでは、inet.3ルーティングテーブルに格納されているLDPルートとRSVPルートをIPv4にマッピングされたIPv6アドレスに変換し、inet6.3ルーティングテーブルにコピーすることで、MPLSネットワーク上でIPv6ルートを解決することができます。inet6.3ルーティングテーブルを使用して、inet6とinet6-vpnルートの両方のネクストホップを解決できます。
[edit protocols] user@host-R4# set mpls ipv6-tunneling user@host-R4# set mpls interface lo0.0 user@host-R4# set mpls interface ge-0/0/2.0 user@host-R4# set mpls interface ge-0/0/3.0 user@host-R4# set mpls interface ge-0/0/4.0 user@host-R4# set mpls interface ge-0/1/3.0 user@host-R4# set mpls interface ge-0/1/4.0
MPLS LDP シグナリングを有効にします。
BNGに接続するLDPを設定し、PEに接続するポートにアクセスします。エンドツーエンドの MPLS L2 回線サービスには、ループバック インターフェイスで LDP を有効にする必要があります。
[edit protocols] user@host-R4# set ldp interface lo0.0 user@host-R4# set ldp interface ge-0/0/2.0 user@host-R4# set ldp interface ge-0/0/3.0 user@host-R4# set ldp interface ge-0/0/4.0 user@host-R4# set ldp interface ge-0/1/3.0 user@host-R4# set ldp interface ge-0/1/4.0
結果
コンフィギュレーション・モードから、以下の show
コマンドを入力してコンフィギュレーションを確認します。
インターフェイス設定を確認します。
user@host-R4# show interfaces lo0 unit 0 { family inet { address 104.0.0.1/32 { primary; preferred; } } family inet6 { address 1004:0::1/128 { primary; preferred; } } }
user@host-R4# show interfaces ge-0/0/2 unit 0 { family inet { address 21.21.14.2/24; } family inet6; family mpls; }
user@host-R4# show interfaces ge-0/0/3 unit 0 { family inet { address 21.21.15.2/24; } family inet6; family mpls; }
user@host-R4# show interfaces ge-0/0/4 unit 0 { family inet { address 21.21.40.2/24; } family inet6; family mpls; }
user@host-R4# show interfaces ge-0/1/3 unit 0 { family inet { address 21.21.50.1/24; } family inet6; family mpls; }
user@host-R4# show interfaces ge-0/1/4 unit 0 { family inet { address 21.21.51.1/24; } family inet6; family mpls; }
user@host-R4# show interfaces ge-0/1/7 unit 0 { family inet { address 9.0.0.1/24; } family inet6; family mpls; }
ルーティングプロトコルの設定を確認します。
user@host-R4# show protocols ospf area 0.0.0.0 { interface ge-0/0/2.0; interface lo0.0; interface ge-0/0/3.0; interface ge-0/0/4.0; interface ge-0/1/3.0; interface ge-0/1/4.0; interface ge-0/1/7.0 { passive; } }
user@host-R4# show protocols ospf3 area 0.0.0.0 { interface ge-0/0/2.0; interface lo0.0; interface ge-0/0/3.0; interface ge-0/0/4.0; interface ge-0/1/3.0; interface ge-0/1/4.0; }
user@host-R4# show protocols mpls interface ge-0/0/2.0; interface lo0.0; interface ge-0/0/3.0; interface ge-0/0/4.0; interface ge-0/1/3.0; interface ge-0/1/4.0;
user@host-R4# show protocols ldp interface ge-0/0/2.0; interface ge-0/0/3.0; interface ge-0/0/4.0; interface ge-0/1/3.0; interface ge-0/1/4.0; interface lo0.0;
LNS ルーター、R5 の設定
CLIクイック構成
図6 は、参考例トポロジのコンテキストでLNSデバイス(R5)を示しています。
この例をすばやく設定するには、次のコマンドをコピーしてテキストファイルに貼り付け、改行を削除して、ネットワーク構成に合わせて必要な詳細を変更し、 階層レベルのCLI [edit]
にコマンドをコピーして貼り付けます。
set interfaces lo0 unit 0 family inet address 105.0.0.1/32 primary preferred set interfaces lo0 unit 0 family inet6 address 1005:0::1/128 primary preferred set interfaces ge-0/0/3 description "To R4 - Core" set interfaces ge-0/0/3 unit 0 family inet address 21.21.50.2/24 set interfaces ge-0/0/3 unit 0 family inet6 set interfaces ge-0/0/3 unit 0 family mpls set interfaces ge-0/0/5 description "To R4 - Core" set interfaces ge-0/0/5 unit 0 family inet address 21.21.51.2/24 set interfaces ge-0/0/5 unit 0 family inet6 set interfaces ge-0/0/5 unit 0 family mpls set interfaces ge-0/1/4 description “Retailer/ISP facing link1” set interfaces ge-0/1/4 unit 0 family inet address 200.0.0.1/24 set interfaces ge-0/1/4 unit 0 family inet6 address 3000:db8:ffff:4::1/64 set interfaces ge-1/0/4 description “Retailer/ISP facing link2” set interfaces ge-1/0/4 unit 0 family inet address 199.99.9.1/24 set interfaces ge-1/0/4 unit 0 family inet6 address 3000:db8:ffff:5::1/64 set routing-options router-id 105.0.0.1 set protocols ospf area 0.0.0.0 interface lo0.0 set protocols ospf area 0.0.0.0 interface ge-0/0/3.0 set protocols ospf area 0.0.0.0 interface ge-0/0/5.0 set protocols ospf area 0.0.0.0 interface ge-0/1/4.0 set protocols ospf area 0.0.0.0 interface ge-1/0/4.0 set protocols ospf3 area 0.0.0.0 interface lo0.0 set protocols ospf3 area 0.0.0.0 interface ge-0/0/3.0 set protocols ospf3 area 0.0.0.0 interface ge-0/0/5.0 set protocols ospf3 area 0.0.0.0 interface ge-0/1/4.0 set protocols ospf3 area 0.0.0.0 interface ge-1/0/4.0 set protocols mpls interface ge-0/0/3.0 set protocols mpls interface ge-0/0/5.0 set protocols ldp interface lo0.0 set protocols ldp interface ge-0/0/3.0 set protocols ldp interface ge-0/0/5.0 set chassis fpc 1 pic 0 inline-services bandwidth 1g set dynamic-profiles lns-profile routing-instances "$junos-routing-instance" interface "$junos-interface-name" set dynamic-profiles dynamic-profiles lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" dial-options l2tp-interface-id dedicated set dynamic-profiles dynamic-profiles lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" no-keepalives set dynamic-profiles dynamic-profiles lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet unnumbered-address "$junos-loopback-interface" set dynamic-profiles dynamic-profiles lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 unnumbered-address "$junos-loopback-interface" set access group-profile lns-group-profile ppp ppp-options pap set access group-profile lns-group-profile ppp ppp-options chap set access group-profile lns-group-profile ppp keepalive 0 set access profile lns-profile client default l2tp lcp-renegotiation set access profile lns-profile client default l2tp shared-secret "$ABC123"; ## SECRET-DATA set access profile lns-profile client default user-group-profile lns-group-profile set access radius-server 9.0.0.9 secret "$ABC123"; ## SECRET-DATA set access radius-server 9.0.0.9 source-address 105.0.0.1 set access profile AccProf-LNS authentication-order none set services l2tp tunnel-group lns-tunnel-group l2tp-access-profile lns-profile set services l2tp tunnel-group lns-tunnel-group local-gateway address 105.0.0.1 set services l2tp tunnel-group lns-tunnel-group local-gateway gateway-name R5 set services l2tp tunnel-group lns-tunnel-group service-device-pool lns_service_device_pool set services l2tp tunnel-group lns-tunnel-group dynamic-profile lns-profile set services service-device-pools pool lns_service_device_pool interface si-1/0/0 set access address-assignment pool v4-l2tp-pool-0 family inet network 100.0.0.0/8 set access address-assignment pool v4-l2tp-pool-0 family inet range l2tpv4 low 100.48.0.1 set access address-assignment pool v4-l2tp-pool-0 family inet range l2tpv4 high 100.63.255.255 set access address-assignment pool v6-l2tp-pool-0 family inet6 prefix 1000:0000::/32 set access address-assignment pool v6-l2tp-pool-0 family inet6 range v6-range low 1000:0000:0000:0001::/64 set access address-assignment pool v6-l2tp-pool-0 family inet6 range v6-range high 1000:0000:0000:ffff::/64 set access address-assignment pool v6-ndra-pool-0 family inet6 prefix 3000:0000:0000:0000:0000:0000:0000:0000/32 set access address-assignment pool v6-ndra-pool-0 family inet6 range v6-range-0 prefix-length 64 set access system services dhcp-local-server dhcpv6 overrides delegated-pool v6-l2tp-pool-0 set access system services dhcp-local-server dhcpv6 group v6-ppp-client-0 interface si-1/0/0.0 set chassis fpc 1 pic 1 tunnel-services bandwidth 10g set access vt-1/1/0 unit 0 family inet set access vt-1/1/0 unit 0 family inet6 set access services radius-flow-tap source-ipv4-address 199.99.9.1 set access services radius-flow-tap interfaces vt-1/1/0.0
手順
次の例では、設定階層のいくつかのレベルに移動する必要があります。CLI のナビゲーションについては、「 」の「 コンフィギュレーション・モードでの CLI エディタの使用 」を参照してください 。/../../../../../。
デバイス R5 を設定するには:
インターフェイスを設定します。
ループバック、小売業者、ISP向けのインターフェイスは、デュアルスタックルーティング環境向けに、IPv4(inet)とIPv6(inet6)の両方のアドレスファミリーをサポートします。IPv6 トラフィックは、IPv4 の送信元と宛先のみを持つ L2TP トンネル上にオーバーレイされるため、コアに接続するインターフェイスには IPv6 ファミリー アドレス指定は含まれません。
ループバックインターフェイスの下でLNSシステムのプライマリアドレスを設定します。
[edit interfaces] user@host-R5# set lo0 unit 0 family inet address 105.0.0.1/32 primary preferred user@host-R5# set lo0 unit 0 family inet6 address 1005:0::1/128 primary preferred
コアに面したインターフェイスを設定します。
設定された2つのポートは、LNSデバイスとコアネットワーク間のトラフィックを渡します。
[edit interfaces] user@host-R5# set ge-0/0/3 description "To R4 - Core" user@host-R5# set ge-0/0/3 unit 0 family inet address 21.21.50.2/24 user@host-R5# set ge-0/0/3 unit 0 family inet6 user@host-R5# set ge-0/0/3 unit 0 family mpls user@host-R5# set ge-0/0/5 description "To R4 - Core" user@host-R5# set ge-0/0/5 unit 0 family inet address 21.21.51.2/24 user@host-R5# set ge-0/0/5 unit 0 family inet6 user@host-R5# set ge-0/0/5 unit 0 family mpls
小売業者とISP向けのインターフェイスを設定します。
設定された2つのポートは、LNSと小売業者およびISPネットワークの間でトラフィックを渡します。
[edit interfaces] user@host-R5# set ge-0/1/4 description “Retailer/ISP facing link1” user@host-R5# set ge-0/1/4 unit 0 family inet address 200.0.0.1/24 user@host-R5# set ge-0/1/4 unit 0 family inet6 address 3000:db8:ffff:4::1/64 user@host-R5# set ge-1/0/4 description “Retailer/ISP facing link2” user@host-R5# set ge-1/0/4 unit 0 family inet address 199.99.9.1/24 user@host-R5# set ge-1/0/4 unit 0 family inet6 address 3000:db8:ffff:5::1/64
ルーティングプロトコルを設定します。
OSPF は IPv4 ルーティングをサポートできます。OSPFv3 は IPv6 ルーティングをサポートするように有効になっています。
ルーターIDを設定します。
[edit] user@host-R5# set routing-options router-id 105.0.0.1
IPv4 ルーティング用に OSPF を設定します。
[edit protocols] user@host-R5# set ospf area 0.0.0.0 interface lo0.0 user@host-R5# set ospf area 0.0.0.0 interface ge-0/0/3.0 user@host-R5# set ospf area 0.0.0.0 interface ge-0/0/5.0 user@host-R5# set ospf area 0.0.0.0 interface ge-0/1/4.0 user@host-R5# set ospf area 0.0.0.0 interface ge-1/0/4.0
IPv6 ルーティング用に OSPFv3 を設定します。
[edit protocols] user@host-R5# set ospf3 area 0.0.0.0 interface lo0.0 user@host-R5# set ospf3 area 0.0.0.0 interface ge-0/0/3.0 user@host-R5# set ospf3 area 0.0.0.0 interface ge-0/0/5.0 user@host-R5# set ospf3 area 0.0.0.0 interface ge-0/1/4.0 user@host-R5# set ospf3 area 0.0.0.0 interface ge-1/0/4.0
MPLS を有効にします。
すべてのコアに面するインターフェイスに MPLS を設定します。
[edit protocols] user@host-R5# set mpls interface ge-0/0/3.0 user@host-R5# set mpls interface ge-0/0/5.0
LDP を有効にします。
[edit protocols] user@host-R5# set ldp interface lo0.0 user@host-R5# set ldp interface ge-0/0/3.0 user@host-R5# set ldp interface ge-0/0/5.0
LNS コンポーネントを設定します。
L2TPトラフィックは、専用のサービスモジュールではなく、一般的なネットワークインターフェイスモジュールのインラインサービス機能を使用して処理されます。したがって、ラインモジュールは、L2TPトラフィックと非L2TPトラフィックの両方を処理します。
インライン サービスを有効にします。
モジュールのインライン サービスに割り当てる帯域幅を設定します。
[edit chassis] user@host-R5# set fpc 1 pic 0 inline-services bandwidth 1g
動的プロファイルを設定します。
L2TPセッションインターフェイス特性の動的設定に必要な動的プロファイルを設定します。
[edit dynamic-profiles] user@host-R5# set lns-profile routing-instances "$junos-routing-instance" interface "$junos-interface-name" user@host-R5# set dynamic-profiles lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" dial-options l2tp-interface-id dedicated user@host-R5# set dynamic-profiles lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" no-keepalives user@host-R5# set dynamic-profiles lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet unnumbered-address "$junos-loopback-interface" user@host-R5# set dynamic-profiles lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 unnumbered-address "$junos-loopback-interface"
アクセスグループプロファイルを設定します。
L2TPトンネル上で動作するPPPプロトコルの特性を設定します。
[edit access] user@host-R5# set group-profile lns-group-profile ppp ppp-options pap user@host-R5# set group-profile lns-group-profile ppp ppp-options chap user@host-R5# set group-profile lns-group-profile ppp keepalive 0
L2TP クライアント プロファイルを構成します。
PPP リンク層特性の設定に使用される L2TP クライアント(LAC)特性を設定します。
[edit access] user@host-R5# set profile lns-profile client default l2tp lcp-renegotiation user@host-R5# set profile lns-profile client default l2tp shared-secret "$ABC123"; ## SECRET-DATA user@host-R5# set profile lns-profile client default user-group-profile lns-group-profile
RADIUS サーバー アクセスを構成します。
[edit access] user@host-R5# set radius-server 9.0.0.9 secret "$ABC123"; ## SECRET-DATA user@host-R5# set radius-server 9.0.0.9 source-address 105.0.0.1
許可、認証、およびアカウンティング(AAA)プロファイルを設定します。
着信 L2TP AAA コールのアクセス プロファイルを設定します。
[edit access] user@host-R5# set profile AccProf-LNS authentication-order none
グローバルL2TPサービスを設定します。
L2TPゲートウェイのローカルアドレス設定を含み、L2およびL3ネットワーク特性について以前に設定された他のプロファイルを参照するL2TPトンネルグループプロファイルを設定します。
[edit services] user@host-R5# set l2tp tunnel-group lns-tunnel-group l2tp-access-profile lns-profile user@host-R5# set l2tp tunnel-group lns-tunnel-group local-gateway address 105.0.0.1 user@host-R5# set l2tp tunnel-group lns-tunnel-group local-gateway gateway-name R5 user@host-R5# set l2tp tunnel-group lns-tunnel-group service-device-pool lns_service_device_pool user@host-R5# set l2tp tunnel-group lns-tunnel-group dynamic-profile lns-profile user@host-R5# set service-device-pools pool lns_service_device_pool interface si-1/0/0
アドレスプールを設定します。
ローカル inet アドレスプールは、加入者エンドデバイス(CPE、デスクトップなど)が PPP IPCP ネゴシエーションを使用して IPv4 アドレスを取得するために使用されます。ローカル inet6 アドレス プールは、加入者エンド デバイスが DHCPv6 を使用して IPv6 プレフィックスを取得するために使用されます。
[edit access] user@host-R5# set address-assignment pool v4-l2tp-pool-0 family inet network 100.0.0.0/8 user@host-R5# set address-assignment pool v4-l2tp-pool-0 family inet range l2tpv4 low 100.48.0.1 user@host-R5# set address-assignment pool v4-l2tp-pool-0 family inet range l2tpv4 high 100.63.255.255 user@host-R5# set address-assignment pool v6-l2tp-pool-0 family inet6 prefix 1000:0000::/32 user@host-R5# set address-assignment pool v6-l2tp-pool-0 family inet6 range v6-range low 1000:0000:0000:0001::/64 user@host-R5# set address-assignment pool v6-l2tp-pool-0 family inet6 range v6-range high 1000:0000:0000:ffff::/64 user@host-R5# set address-assignment pool v6-ndra-pool-0 family inet6 prefix 3000:0000:0000:0000:0000:0000:0000:0000/32 user@host-R5# set address-assignment pool v6-ndra-pool-0 family inet6 range v6-range-0 prefix-length 64
DHCPv6 を設定します。
L2TP セッション インターフェイス(si-0/0/0 インターフェイス)で DHCPv6 メッセージ処理を有効にします。PPPは、IPv6サポートのためのインターフェイスID(リンクローカルアドレス)交換を提供しますが、グローバルにルーティング可能なIPv6プレフィックスは提供しません。IPv6 のプレフィックス割り当てには、DHCPv6 プロトコルが使用されます。
[edit access] user@host-R5# set system services dhcp-local-server dhcpv6 overrides delegated-pool v6-l2tp-pool-0 user@host-R5# set system services dhcp-local-server dhcpv6 group v6-ppp-client-0 interface si-1/0/0.0
トラフィックミラーリングのポリシーを保護します。
RADIUSプロトコルベースの加入者ごとのトラフィックミラーを設定して、外部の機関が特定の加入者セッションでトラフィックミラーリングを有効にできるようにします。
インライントンネルサービスを有効にします。
[edit chassis] user@host-R5# set fpc 1 pic 1 tunnel-services bandwidth 10g
inet (IPv4) および inet6 (IPv6) アドレスファミリーを有効にします。
[edit access] user@host-R5# set vt-1/1/0 unit 0 family inet user@host-R5# set vt-1/1/0 unit 0 family inet6
RADIUS フロータップ サービスを有効にします。
フロータップの詳細については、「 フロータップのアーキテクチャ」を参照してください。
[edit access] user@host-R5# set services radius-flow-tap source-ipv4-address 199.99.9.1 user@host-R5# set services radius-flow-tap interfaces vt-1/1/0.0
結果
インターフェイス設定を確認します。
user@host-R5# show interfaces lo0 unit 0 { family inet { address 105.0.0.1/32 { primary; preferred; } } family inet6 { address 1005:0::1/128 { primary; preferred; } } }
user@host-R5# show interfaces ge-0/0/3 description "To R4 - Core"; unit 0 { family inet { address 21.21.50.2/24; } family inet6 { } family mpls { } } user@host-R5# show interfaces ge-0/0/5 description "To R4 - Core"; unit 0 { family inet { address 21.21.51.2/24; } } family inet6 { } family mpls { } }
user@host-R5# show interfaces ge-0/1/4 description "Retailer/ISP facing link1“; unit 0 { family inet { address 200.0.0.1/24; } family inet6 { address 3000:db8:ffff:4::1/64; } } user@host-R5# show interfaces ge-1/0/4 description "Retailer/ISP facing link2“; unit 0 { family inet { address 199.99.9.1/24; } family inet6 { address 3000:db8:ffff:5::1/64; } }
ルーティングプロトコルの設定を確認します。
user@host-R5# show protocols ospf area 0.0.0.0 { interface lo0.0; interface ge-0/0/3.0; interface ge-0/0/5.0; interface ge-0/1/4.0; interface ge-1/0/4.0; }
user@host-R5# show protocols ospf3 area 0.0.0.0 { interface lo0.0; interface ge-0/0/3.0; interface ge-0/0/5.0; interface ge-0/1/4.0; interface ge-1/0/4.0; }
user@host-R5# show protocols mpls interface ge-0/0/3.0; interface ge-0/0/5.0;
user@host-R5# show protocols ldp interface lo0.0; interface ge-0/0/3.0; interface ge-0/0/5.0;
インライン サービスの設定を確認します。
user@host-R5# show chassis fpc1 pic 0 { inline-services { bandwidth 1g; } }
動的プロファイルの設定を確認します。
user@host-R5# show dynamic-profiles lns-profile routing-instances { "$junos-routing-instance" { interface "$junos-interface-name"; } } interfaces { "$junos-interface-ifd-name" { unit "$junos-interface-unit" { dial-options { l2tp-interface-id dedicated; } no-keepalives; family inet { unnumbered-address "$junos-loopback-interface"; } family inet6 { unnumbered-address "$junos-loopback-interface"; } } } }
アクセスグループのプロファイル設定を確認します。
user@host-R5# show access group-profile lns-group-profile ppp { ppp-options { pap; chap; } keepalive 0; }
L2TP クライアント プロファイルの構成を確認します。
user@host-R5# show access profile lns-profile client default { l2tp { shared-secret "$ABC123"; ## SECRET-DATA } user-group-profile lns-group-profile; }
RADIUS サーバーの設定を確認します。
user@host-R5# show access radius-server 9.0.0.9 secret "$ABC123"; ## SECRET-DATA; source-address 105.0.0.1;
AAA プロファイルの設定を確認します。
user@host-R5# show access profile AccProf-LNS authentication-order none;
グローバル L2TP サービス構成を確認します。
user@host-R5# show services l2tp { tunnel-group lns-tunnel-group { l2tp-access-profile lns-profile; local-gateway { address 105.0.0.1; gateway-name R5; } } service-device-pool lns_service_device_pool; dynamic-profile lns-profile; } } service-device-pools { pool lns_service_device_pool { interface si-0/0/0; } }
IPv4 および IPv6 アドレス プールの設定を確認します。
user@host-R5# show access address-assignment pool v4-l2tp-pool-0 family inet { network 100.0.0.0/8; range l2tpv4 { low 100.48.0.1; high 100.63.255.255; } } user@host-R5# show access address-assignment pool v6-l2tp-pool-0 family inet6 { prefix 1000:0000::/32; range v6-range-0 { low 1000:0000:0000:0001::/64; high 1000:0000:0000:ffff::/64; } } user@host-R5# show access address-assignment pool v6-ndra-pool-0 family inet6 { prefix 3000:0000:0000:0000:0000:0000:0000:0000:/32; range v6-range-0 { prefix-length 64; } }
DHCPv6 の設定を確認します。
user@host-R5# show system services dhcp-local-server dhcpv6 { overrides { delegated-pool v6-l2tp-pool-0; } group v6-ppp-client-0 { interface si-0/0/0.0; } }
トラフィックミラーリングのインライントンネルサービスの設定を確認します。
user@host-R5# show chassis fpc 1 pic 1 { tunnel-services { bandwidth 10g; } }
inetおよびinet6アドレスファミリーが有効になっていることを確認します。
user@host-R5# show interfaces vt-1/1/0 unit 0 { family inet; family inet6; }
RADIUS フロータップ サービスが有効になっていることを確認します。
user@host-R5# show services radius-flow-tap source-ipv4-address 199.99.9.1; interfaces { vt-1/1/0.0; }
RADIUS サーバーのユーザー プロファイルを構成する
手順
図 7 は、参考例のトポロジーのコンテキストで RADIUS サーバーを示しています。
RADIUS サーバーのユーザー プロファイルを構成するには、次の手順に従います。
ユーザープロファイル設定に、以下のサービスアクティベーションRADIUS属性を含めます。
SST_USER_DHCP_V4_DEFAULT Auth-Type := Accept, User-Password := "<password>" ERX-Service-Activate:1 += "DHCP-SERVICE-PROFILE(INPUT-V4-FILTER-01, OUTPUT-V4-FILTER-01, INPUT-V6-FILTER-01, OUTPUT-V6-FILTER-01)", SST_USER_DHCP_V6_DEFAULT Auth-Type := Accept, User-Password := "<password>" ERX-Service-Activate:1 += "DHCP-SERVICE-PROFILE(INPUT-V4-FILTER-01, OUTPUT-V4-FILTER-01, INPUT-V6-FILTER-01, OUTPUT-V6-FILTER-01)", SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM Auth-Type := Accept, User-Password := "<password>" ERX-Service-Activate:1 += "PPPOE-SERVICE-PROFILE(INPUT-V4-FILTER-01, OUTPUT-V4-FILTER-01, INPUT-V6-FILTER-01, OUTPUT-V6-FILTER-01)", SST_USER_PPPOE_LT_DEFAULT Auth-Type := Accept, User-Password := "<password>" ERX-Service-Activate:1 += "PPPOE-SERVICE-PROFILE(INPUT-V4-FILTER-01, OUTPUT-V4-FILTER-01, INPUT-V6-FILTER-01, OUTPUT-V6-FILTER-01)", SST_USER_VLAN_DEFAULT Auth-Type := Accept, User-Password := "<password>"
検証
以下のセクションでは、設定が正しく機能していることを確認する方法について説明します。各グループ内で、デバイスの検証手順がトポロジー例の左から右にリストされています。
- ルート概要情報の確認
- ループバックポートと物理ポートの確認
- OSPF および OSPF3 の機能を検証する
- LDP 機能の検証
- MPLS インターフェース確認
- R1、R2、R0 の CCC(回線クロスコネクト)インターフェイスと L2 回線の検証
- R0およびR3の論理トンネル(LT)インターフェイスの確認
- R0およびR3で疑似サービス(PS)インターフェイスを確認する
- R0 でのダイナミック VLAN インターフェイス上での DHCPv4 の検証
- R0 の動的 VLAN インターフェイス上で DHCPv6-PD を検証する
- R0 の動的 VLAN インターフェイス上での PPPoE の検証
- R0 の動的 VLAN インターフェイスを介した PPPoE 経由の DHCP-PD の検証
- R0 の動的インターフェイス上で LAC PPP を検証する
- R0 の AAA アクセスおよび RADIUS サーバの設定と統計情報の確認
- R3で、L2回線が稼働しておらず、BFDセッションが実行されていないことを確認します。
- R5 の L2TP 機能の検証
- RADIUSサーバーでの動的VLAN認証とアカウンティングの確認
ルート概要情報の確認
目的
宛先とルートが機能していることを確認します。
R1で、ルーターID 101.0.0.1でinet、MPLS、およびL2回線の宛先とルートを確認します。
R2で、ルーターID 102.0.0.1でinet、inet6、MPLS、およびL2回線の宛先とルートを確認します。
R0で、ルーターID 100.0.0.1でinet、inet6、MPLS、およびL2回線の宛先とルートを確認します。
R4 で、ルーター ID 104.0.0.1 で inet、inet6、MPLS の宛先とルートを確認します。
R5 で、ルーター ID 105.0.0.1 で inet、inet6、MPLS の宛先とルートを確認します。
アクション
各デバイスで、動作モードから コマンドを実行します show route summary
。
user@host-R1>show route summary Router ID: 101.0.0.1 inet.0: 31 destinations, 32 routes (31 active, 0 holddown, 0 hidden) Direct: 6 routes, 6 active Local: 5 routes, 5 active OSPF: 19 routes, 18 active Static: 2 routes, 2 active inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) LDP: 5 routes, 5 active mpls.0: 2013 destinations, 2013 routes (2013 active, 0 holddown, 0 hidden) MPLS: 6 routes, 6 active LDP: 7 routes, 7 active L2CKT: 2000 routes, 2000 active __mpls-oam__.mpls.0: 1000 destinations, 1000 routes (1000 active, 0 holddown, 0 hidden) L2CKT: 1000 routes, 1000 active l2circuit.0: 3000 destinations, 3000 routes (3000 active, 0 holddown, 0 hidden) LDP: 2000 routes, 2000 active L2CKT: 1000 routes, 1000 active
user@host-R2>show route summary Router ID: 102.0.0.1 inet.0: 31 destinations, 32 routes (31 active, 0 holddown, 0 hidden) Direct: 6 routes, 6 active Local: 5 routes, 5 active OSPF: 19 routes, 18 active Static: 2 routes, 2 active inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) LDP: 5 routes, 5 active mpls.0: 2106 destinations, 2106 routes (2106 active, 0 holddown, 0 hidden) MPLS: 3 routes, 3 active LDP: 7 routes, 7 active L2CKT: 2096 routes, 2096 active inet6.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden) Direct: 2 routes, 2 active Local: 2 routes, 2 active l2circuit.0: 3144 destinations, 3144 routes (3144 active, 0 holddown, 0 hidden) LDP: 2096 routes, 2096 active L2CKT: 1048 routes, 1048 active
user@host-R0>show route summary Router ID: 100.0.0.1 inet.0: 33 destinations, 34 routes (33 active, 0 holddown, 0 hidden) Direct: 8 routes, 8 active Local: 7 routes, 7 active OSPF: 17 routes, 16 active Static: 2 routes, 2 active inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) LDP: 5 routes, 5 active mpls.0: 4110 destinations, 4110 routes (4110 active, 0 holddown, 0 hidden) MPLS: 6 routes, 6 active LDP: 8 routes, 8 active L2CKT: 4096 routes, 4096 active __mpls-oam__.mpls.0: 2048 destinations, 2048 routes (2048 active, 0 holddown, 0 hidden) L2CKT: 2048 routes, 2048 active inet6.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden) Direct: 4 routes, 3 active Local: 3 routes, 3 active OSPF3: 6 routes, 6 active inet6.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) LDP: 5 routes, 5 active l2circuit.0: 4096 destinations, 4096 routes (4096 active, 0 holddown, 0 hidden) LDP: 2048 routes, 2048 active L2CKT: 2048 routes, 2048 active
user@host-R3>show route summary Router ID: 103.0.0.1 inet.0: 32 destinations, 33 routes (32 active, 0 holddown, 0 hidden) Direct: 7 routes, 7 active Local: 6 routes, 6 active OSPF: 18 routes, 17 active Static: 2 routes, 2 active inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) LDP: 5 routes, 5 active mpls.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden) MPLS: 6 routes, 6 active LDP: 8 routes, 8 active inet6.0: 10 destinations, 10 routes (10 active, 0 holddown, 0 hidden) Direct: 3 routes, 3 active Local: 1 routes, 1 active OSPF3: 6 routes, 6 active inet6.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) LDP: 5 routes, 5 active l2circuit.0: 2048 destinations, 2048 routes (2048 active, 0 holddown, 0 hidden) L2CKT: 2048 routes, 2048 active
user@host-R4>show route summary Router ID: 104.0.0.1 inet.0: 30 destinations, 30 routes (30 active, 0 holddown, 0 hidden) Direct: 7 routes, 7 active Local: 6 routes, 6 active OSPF: 17 routes, 17 active inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) LDP: 5 routes, 5 active mpls.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden) MPLS: 4 routes, 4 active LDP: 8 routes, 8 active inet6.0: 14 destinations, 18 routes (14 active, 0 holddown, 0 hidden) Direct: 7 routes, 3 active Local: 5 routes, 5 active OSPF3: 6 routes, 6 active inet6.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) LDP: 5 routes, 5 active
user@host-R5>show route summary Router ID: 105.0.0.1 inet.0: 34 destinations, 34 routes (34 active, 0 holddown, 0 hidden) Direct: 6 routes, 6 active Local: 5 routes, 5 active OSPF: 18 routes, 18 active Static: 5 routes, 5 active inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) LDP: 5 routes, 5 active mpls.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden) MPLS: 6 routes, 6 active LDP: 6 routes, 6 active inet6.0: 16 destinations, 20 routes (16 active, 0 holddown, 0 hidden) Direct: 9 routes, 5 active Local: 7 routes, 7 active OSPF3: 4 routes, 4 active
意味
宛先とルートは機能しています。
ループバックポートと物理ポートの確認
目的
各デバイスで、ループバックポートと物理ポートへの接続をテストします。
アクション
各デバイスで、 show interfaces
各ポートの運用モードから コマンドを実行し、インターフェイスが稼働していることを確認します。次に、 ping
コマンドを実行して、各インターフェイスとの通信を確認します。
user@host-R1>show interfaces lo0 terse Interface Admin Link Proto Local Remote lo0 up up lo0.0 up up inet 101.0.0.1 --> 0/0 mpls lo0.16384 up up inet 127.0.0.1 --> 0/0 lo0.16385 up up inet
user@host-R1>ping 101.0.0.1 rapid PING 101.0.0.1 (101.0.0.1): 56 data bytes !!!!! --- 101.0.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.074/0.176/0.288/0.092 ms user@host-R1>show interfaces ge-1/0/6 terse Interface Admin Link Proto Local Remote ge-1/0/6 up up ge-1/0/6.0 up up inet 21.21.11.2/24 mpls multiservice user@host-R1>ping 21.21.11.2 rapid PING 21.21.11.2 (21.21.11.2): 56 data bytes !!!!! --- 21.21.11.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.067/0.090/0.169/0.040 ms user@host-R1>show interfaces ge-1/1/6 terse Interface Admin Link Proto Local Remote ge-1/1/6 up up ge-1/1/6.0 up up inet 21.21.10.2/24 mpls multiservice user@host-R1>ping 21.21.10.2 rapid PING 21.21.10.2 (21.21.10.2): 56 data bytes !!!!! --- 21.21.10.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.068/0.091/0.169/0.039 ms user@host-R1>show interfaces ge-1/1/4 terse Interface Admin Link Proto Local Remote ge-1/1/4 up up ge-1/1/4.0 up up inet 21.21.20.1/24 mpls multiservice user@host-R1>ping 21.21.20.1 rapid PING 21.21.20.1 (21.21.20.1): 56 data bytes !!!!! --- 21.21.20.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.070/0.114/0.282/0.084 ms user@host-R1>show interfaces ge-1/1/5 terse Interface Admin Link Proto Local Remote ge-1/1/5 up up ge-1/1/5.0 up up inet 21.21.21.1/24 mpls multiservice user@host-R1>ping 21.21.21.1 rapid PING 21.21.21.1 (21.21.21.1): 56 data bytes !!!!! --- 21.21.21.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.070/0.200/0.420/0.157 ms
user@host-R2>show interfaces lo0 terse Interface Admin Link Proto Local Remote lo0 up up lo0.0 up up inet 102.0.0.1 --> 0/0 mpls lo0.16384 up up inet 127.0.0.1 --> 0/0 lo0.16385 up up inet
user@host-R2>ping 102.0.0.1 rapid PING 102.0.0.1 (102.0.0.1): 56 data bytes !!!!! --- 102.0.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.070/0.086/0.138/0.026 ms user@host-R2>show interfaces ge-1/0/6 terse Interface Admin Link Proto Local Remote ge-1/0/6 up up ge-1/0/6.0 up up inet 21.21.13.2/24 multiservice user@host-R2>ping 21.21.13.2 rapid PING 21.21.13.2 (21.21.13.2): 56 data bytes !!!!! --- 21.21.13.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.142/0.168/0.256/0.044 ms user@host-R2>show interfaces ge-1/1/6 terse Interface Admin Link Proto Local Remote ge-1/1/6 up up ge-1/1/6.0 up up inet 21.21.12.2/24 mpls multiservice user@host-R2>ping 21.21.12.2 rapid PING 21.21.12.2 (21.21.12.2): 56 data bytes !!!!! --- 21.21.12.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.072/0.103/0.219/0.058 ms user@host-R2>show interfaces ge-1/1/4 terse Interface Admin Link Proto Local Remote ge-1/1/4 up up ge-1/1/4.0 up up inet 21.21.30.1/24 mpls multiservice user@host-R2>ping 21.21.30.1 rapid PING 21.21.30.1 (21.21.30.1): 56 data bytes !!!!! --- 21.21.30.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.069/0.097/0.138/0.032 ms user@host-R2>show interfaces ge-1/1/5 terse Interface Admin Link Proto Local Remote ge-1/1/5 up up ge-1/1/5.0 up up inet 21.21.31.1/24 mpls multiservice user@host-R2>ping 21.21.31.1 rapid PING 21.21.31.1 (21.21.31.1): 56 data bytes !!!!! --- 21.21.31.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.070/0.084/0.131/0.023 ms
user@host-R0>show interfaces lo0 terse Interface Admin Link Proto Local Remote lo0 up up lo0.0 up up inet 100.0.0.1 --> 0/0 inet6 1000::1 fe80::2a0:a50f:fc76:14de mpls lo0.16384 up up inet 127.0.0.1 --> 0/0 lo0.16385 up up inet
user@host-R0>ping 100.0.0.1 rapid PING 100.0.0.1 (100.0.0.1): 56 data bytes !!!!! --- 100.0.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.052/0.080/0.115/0.021 ms user@host-R0>ping 1000::1 rapid PING6(56=40+8+8 bytes) 1000::1 --> 1000::1 !!!!! --- 1000::1 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.155/0.345/0.957/0.311 ms user@host-R0>show interfaces ge-0/0/0 terse Interface Admin Link Proto Local Remote ge-0/0/0 up up ge-0/0/0.0 up up inet 21.21.11.1/24 mpls multiservice user@host-R0>ping 21.21.11.1 rapid PING 21.21.11.1 (21.21.11.1): 56 data bytes !!!!! --- 21.21.11.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.050/0.112/0.248/0.072 ms user@host-R0>show interfaces ge-1/0/0 terse Interface Admin Link Proto Local Remote ge-1/0/0 up up ge-1/0/0.0 up up inet 21.21.10.1/24 mpls multiservice user@host-R0>ping 21.21.10.1 rapid PING 21.21.10.1 (21.21.10.1): 56 data bytes !!!!! --- 21.21.10.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.051/0.087/0.129/0.031 ms user@host-R0>show interfaces ge-2/0/0 terse Interface Admin Link Proto Local Remote ge-2/0/0 up up ge-2/0/0.0 up up inet 21.21.13.1/24 mpls multiservice user@host-R0>ping 21.21.13.1 rapid PING 21.21.13.1 (21.21.13.1): 56 data bytes !!!!! --- 21.21.13.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.050/0.083/0.114/0.027 ms user@host-R0>show interfaces ge-3/0/0 terse Interface Admin Link Proto Local Remote ge-3/0/0 up up ge-3/0/0.0 up up inet 21.21.12.1/24 mpls multiservice user@host-R0>ping 21.21.12.1 rapid PING 21.21.12.1 (21.21.12.1): 56 data bytes !!!!! --- 21.21.12.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.050/0.084/0.115/0.027 ms user@host-R0>show interfaces ge-4/0/0 terse Interface Admin Link Proto Local Remote ge-4/0/0 up up ge-4/0/0.0 up up inet 21.21.14.1/24 inet6 fe80::ae4b:c8ff:fe45:6800/64 mpls multiservice user@host-R0>ping 21.21.14.1 rapid PING 21.21.14.1 (21.21.14.1): 56 data bytes !!!!! --- 21.21.14.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.051/0.104/0.201/0.055 ms user@host-R0>ping fe80::ae4b:c8ff:fe45:6800 rapid PING6(56=40+8+8 bytes) fe80::ae4b:c8ff:fe45:6800 --> fe80::ae4b:c8ff:fe45:6800 !!!!! --- fe80::ae4b:c8ff:fe45:6800 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.084/0.106/0.121/0.013 ms user@host-R0>show interfaces ge-5/0/0 terse Interface Admin Link Proto Local Remote ge-5/0/0 up up ge-5/0/0.0 up up inet 21.21.15.1/24 inet6 fe80::ae4b:c8ff:fe45:6be0/64 mpls multiservice user@host-R0>ping 21.21.15.1 rapid PING 21.21.15.1 (21.21.15.1): 56 data bytes !!!!! --- 21.21.15.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.052/0.082/0.113/0.021 ms user@host-R0>ping fe80::ae4b:c8ff:fe45:6be0 rapid PING6(56=40+8+8 bytes) fe80::ae4b:c8ff:fe45:6be0 --> fe80::ae4b:c8ff:fe45:6be0 !!!!! --- fe80::ae4b:c8ff:fe45:6be0 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.062/0.131/0.206/0.047 ms
user@host-R3>show interfaces lo0 terse Interface Admin Link Proto Local Remote lo0 up up lo0.0 up up inet 103.0.0.1 --> 0/0 inet6 1003::1 fe80::2a0:a50f:fc76:14d2 mpls lo0.16384 up up inet 127.0.0.1 --> 0/0 lo0.16385 up up inet
user@host-R3>ping 103.0.0.1 rapid PING 103.0.0.1 (103.0.0.1): 56 data bytes !!!!! --- 103.0.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.053/0.081/0.114/0.025 ms user@host-R3>ping 1003::1 rapid PING6(56=40+8+8 bytes) 1003::1 --> 1003::1 !!!!! --- 1003::1 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.062/0.092/0.170/0.040 ms user@host-R3>show interfaces ge-0/0/0 terse Interface Admin Link Proto Local Remote ge-0/0/0 up up ge-0/0/0.0 up up inet 21.21.20.2/24 mpls multiservice user@host-R3>ping 21.21.20.2 rapid PING 21.21.20.2 (21.21.20.2): 56 data bytes !!!!! --- 21.21.20.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.055/0.096/0.137/0.034 ms user@host-R3>show interfaces ge-1/0/0 terse Interface Admin Link Proto Local Remote ge-1/0/0 up up ge-1/0/0.0 up up inet 21.21.21.2/24 mpls multiservice user@host-R3>ping 21.21.21.2 rapid PING 21.21.21.2 (21.21.21.2): 56 data bytes !!!!! --- 21.21.21.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.057/0.083/0.113/0.018 ms user@host-R3>show interfaces ge-2/0/0 terse Interface Admin Link Proto Local Remote ge-2/0/0 up up ge-2/0/0.0 up up inet 21.21.30.2/24 mpls multiservice user@host-R3>ping 21.21.30.2 rapid PING 21.21.30.2 (21.21.30.2): 56 data bytes !!!!! --- 21.21.30.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.053/0.087/0.119/0.027 ms user@host-R3>show interfaces ge-3/0/0 terse Interface Admin Link Proto Local Remote ge-3/0/0 up up ge-3/0/0.0 up up inet 21.21.31.2/24 mpls multiservice user@host-R3>ping 21.21.31.2 rapid PING 21.21.31.2 (21.21.31.2): 56 data bytes !!!!! --- 21.21.31.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.054/0.082/0.116/0.025 ms user@host-R3>show interfaces ge-4/0/0 terse Interface Admin Link Proto Local Remote ge-4/0/0 up up ge-4/0/0.0 up up inet 21.21.40.1/24 inet6 fe80::ae4b:c8ff:fe45:f000/64 mpls multiservice user@host-R3>ping 21.21.40.1 rapid PING 21.21.40.1 (21.21.40.1): 56 data bytes !!!!! --- 21.21.40.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.053/0.083/0.118/0.027 ms user@host-R3>ping fe80::ae4b:c8ff:fe45:f000 rapid PING6(56=40+8+8 bytes) fe80::ae4b:c8ff:fe45:f000 --> fe80::ae4b:c8ff:fe45:f000 !!!!! --- fe80::ae4b:c8ff:fe45:f000 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.061/0.078/0.112/0.019 ms
user@host-R4>show interfaces lo0.1 terse Interface Admin Link Proto Local Remote lo0.0 up up inet 104.0.0.1 --> 0/0 inet6 1004::1 fe80::aad0:e50f:fc50:b2ff
user@host-R4>ping 104.0.0.1 rapid PING 104.0.0.1 (104.0.0.1): 56 data bytes !!!!! --- 104.0.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.092/0.116/0.205/0.044 ms user@host-R4>ping 1004::1 rapid PING6(56=40+8+8 bytes) 1004::1 --> 1004::1 !!!!! --- 1004::1 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.196/0.230/0.344/0.057 ms user@host-R4>show interfaces ge-0/0/2 terse Interface Admin Link Proto Local Remote ge-0/0/2 ge-0/0/2.0 up up inet 21.21.14.2/24 inet6 fe80::aad0:e5ff:fe50:b200/64 mpls multiservice user@host-R4>ping 21.21.14.2 rapid PING 21.21.14.2 (21.21.14.2): 56 data bytes !!!!! --- 21.21.14.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.094/0.116/0.195/0.040 ms user@host-R4>ping fe80::aad0:e5ff:fe50:b200 rapid PING6(56=40+8+8 bytes) fe80::aad0:e5ff:fe50:b200 --> fe80::aad0:e5ff:fe50:b200 !!!!! --- fe80::aad0:e5ff:fe50:b200 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.231/0.476/1.114/0.324 ms user@host-R4>show interfaces ge-0/0/3 terse Interface Admin Link Proto Local Remote ge-0/0/3 ge-0/0/3.0 up up inet 21.21.15.2/24 inet6 fe80::aad0:e5ff:fe50:b262/64 mpls multiservice user@host-R4>ping 21.21.15.2 rapid PING 21.21.15.2 (21.21.15.2): 56 data bytes !!!!! --- 21.21.15.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.096/0.171/0.344/0.093 ms user@host-R4>ping fe80::aad0:e5ff:fe50:b262 rapid PING6(56=40+8+8 bytes) fe80::aad0:e5ff:fe50:b262 --> fe80::aad0:e5ff:fe50:b262 !!!!! --- fe80::aad0:e5ff:fe50:b262 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.231/0.476/1.114/0.324 ms user@host-R4>show interfaces ge-0/0/4 terse Interface Admin Link Proto Local Remote ge-0/0/4 ge-0/0/4.0 up up inet 21.21.40.2/24 inet6 fe80::aad0:e5ff:fe50:b201/64 mpls multiservice user@host-R4>ping 21.21.40.2 rapid PING 21.21.40.2 (21.21.40.2): 56 data bytes !!!!! --- 21.21.40.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.093/0.116/0.194/0.039 ms user@host-R4>ping fe80::aad0:e5ff:fe50:b201 rapid PING6(56=40+8+8 bytes) fe80::aad0:e5ff:fe50:b201 --> fe80::aad0:e5ff:fe50:b201 !!!!! --- fe80::aad0:e5ff:fe50:b201 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.231/0.476/1.114/0.324 ms user@host-R4>show interfaces ge-0/1/3 terse Interface Admin Link Proto Local Remote ge-0/1/3 ge-0/1/3.0 up up inet 21.21.50.1/24 inet6 fe80::aad0:e5ff:fe50:b268/64 mpls multiservice user@host-R4>ping 21.21.50.1 rapid PING 21.21.50.1 (21.21.50.1): 56 data bytes !!!!! --- 21.21.50.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.097/0.203/0.330/0.095 ms user@host-R4>ping fe80::aad0:e5ff:fe50:b268 rapid PING6(56=40+8+8 bytes) fe80::aad0:e5ff:fe50:b268 --> fe80::aad0:e5ff:fe50:b268 !!!!! --- fe80::aad0:e5ff:fe50:b268 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.231/0.476/1.114/0.324 ms user@host-R4>show interfaces ge-0/1/4 terse Interface Admin Link Proto Local Remote ge-0/1/4 ge-0/1/4.0 up up inet 21.21.51.1/24 inet6 fe80::aad0:e5ff:fe50:b269/64 mpls multiservice user@host-R4>ping 21.21.51.1 rapid PING 21.21.51.1 (21.21.51.1): 56 data bytes !!!!! --- 21.21.51.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.094/0.143/0.331/0.094 ms user@host-R4>ping fe80::aad0:e5ff:fe50:b268 rapid PING6(56=40+8+8 bytes) fe80::aad0:e5ff:fe50:b269 --> fe80::aad0:e5ff:fe50:b269 !!!!! --- fe80::aad0:e5ff:fe50:b269 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.231/0.476/1.114/0.324 ms user@host-R4>show interfaces ge-0/1/7 terse Interface Admin Link Proto Local Remote ge-0/1/7 ge-0/1/7.0 up up inet 9.0.0.1/24 multiservice user@host-R4>ping 9.0.0.1 rapid PING 9.0.0.1 (9.0.0.1): 56 data bytes !!!!! --- 9.0.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.194/0.262/0.322/0.049 ms
user@host-R5>show interfaces lo0 terse Interface Admin Link Proto Local Remote lo0 up up lo0.0 up up inet 105.0.0.1 --> 0/0 inet6 1005::1 fe80::aad0:e50f:fc50:b2ff lo0.16384 up up inet 127.0.0.1 --> 0/0 lo0.16385 up up inet
user@host-R5>ping 105.0.0.1 rapid PING 105.0.0.1 (105.0.0.1): 56 data bytes !!!!! --- 105.0.0.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.092/0.137/0.209/0.053 ms user@host-R5>ping 1005::1 rapid PING6(56=40+8+8 bytes) 1005::1 --> 1005::1 !!!!! --- 1005::1 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.196/0.307/0.682/0.188 ms user@host-R5>show interfaces ge-0/0/3 terse Interface Admin Link Proto Local Remote ge-0/0/3 up up ge-0/0/3.0 up up inet 21.21.50.2/24 inet6 fe80::aad0:e5ff:fe50:b280/64 mpls multiservice user@host-R5>ping 21.21.50.2 rapid PING 21.21.50.2 (21.21.50.2): 56 data bytes !!!!! --- 21.21.50.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.093/0.145/0.226/0.055 ms user@host-R5>ping fe80::aad0:e5ff:fe50:b280 rapid PING6(56=40+8+8 bytes) fe80::aad0:e5ff:fe50:b280 --> fe80::aad0:e5ff:fe50:b280 !!!!! --- fe80::aad0:e5ff:fe50:b280 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.198/0.230/0.349/0.059 ms user@host-R5>show interfaces ge-0/0/5 terse Interface Admin Link Proto Local Remote ge-0/0/5 up up ge-0/0/5.0 up up inet 21.21.51.2/24 inet6 fe80::aad0:e5ff:fe50:b281/64 mpls multiservice user@host-R5>ping 21.21.51.2 rapid PING 21.21.51.2 (21.21.51.2): 56 data bytes !!!!! --- 21.21.51.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.243/0.395/0.495/0.083 ms user@host-R5>ping fe80::aad0:e5ff:fe50:b281 rapid PING6(56=40+8+8 bytes) fe80::aad0:e5ff:fe50:b281 --> fe80::aad0:e5ff:fe50:b281 !!!!! --- fe80::aad0:e5ff:fe50:b281 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.124/0.204/0.381/0.101 ms user@host-R5>show interfaces ge-0/1/4 terse Interface Admin Link Proto Local Remote ge-0/1/4 up up ge-0/1/4.0 up up inet 10.9.46.229/24 200.0.0.1/24 inet6 3000:db8:ffff:4::1/64 fe80::aad0:e5ff:fe50:b260/64 multiservice user@host-R5>ping 10.9.46.229 rapid PING 10.9.46.229 (10.9.46.229): 56 data bytes !!!!! --- 10.9.46.229 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.093/0.137/0.244/0.059 ms user@host-R5>ping 3000:db8:ffff:4::1 rapid PING6(56=40+8+8 bytes) 3000:db8:ffff:4::1 --> 3000:db8:ffff:4::1 !!!!! --- 3000:db8:ffff:4::1 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.123/0.147/0.237/0.045 ms user@host-R5>show interfaces ge-1/0/4 terse Interface Admin Link Proto Local Remote ge-1/0/4 up up ge-1/0/4.0 up up inet 199.99.9.1/24 inet6 3000:db8:ffff:5::1/64 fe80::aad0:e5ff:fe50:b267/64 multiservice user@host-R5>ping 199.99.9.1 rapid PING 199.99.9.1 (199.99.9.1): 56 data bytes !!!!! --- 199.99.9.1 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.094/0.129/0.195/0.042 ms user@host-R5>ping 3000:db8:ffff:5::1 rapid PING6(56=40+8+8 bytes) 3000:db8:ffff:5::1 --> 3000:db8:ffff:5::1 !!!!! --- 3000:db8:ffff:5::1 ping6 statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.231/0.476/1.114/0.324 ms
意味
ループバックおよび物理ポートのインターフェイスは機能しており、通信が可能です。
OSPF および OSPF3 の機能を検証する
目的
各デバイスで、OSPF および OSPF3(該当する場合)のインターフェイス、ネイバー、ルート情報を表示し、すべてのエンティティが正しく機能していることを確認します。
アクション
各デバイスで、運用モードから 、 show ospf interface
show ospf neighbor
、および コマンドを実行しますshow route protocol ospf | match /32
。
OSPF3を設定する各デバイスで、 、 、 show ospf3 neighbor
のshow route table inet6.0 | match /128
コマンドも実行しますshow ospf3 interface
。
user@host-R1>show ospf interface Interface State Area DR ID BDR ID Nbrs ge-1/0/6.0 DR 0.0.0.0 101.0.0.1 100.0.0.1 1 ge-1/1/6.0 DR 0.0.0.0 101.0.0.1 100.0.0.1 1 ge-1/1/4.0 DR 0.0.0.0 101.0.0.1 103.0.0.1 1 ge-1/1/5.0 DR 0.0.0.0 101.0.0.1 103.0.0.1 1 lo0.0 DR 0.0.0.0 101.0.0.1 0.0.0.0 0 user@host-R1>show ospf neighbor Address Interface State ID Pri Dead 21.21.11.1 ge-1/0/6.0 Full 100.0.0.1 128 36 21.21.10.1 ge-1/1/6.0 Full 100.0.0.1 128 38 21.21.20.2 ge-1/1/4.0 Full 103.0.0.1 128 39 21.21.21.2 ge-1/1/5.0 Full 103.0.0.1 128 35 user@host-R1>show route protocol ospf | match /32 100.0.0.1/32 *[OSPF/10] 1d 23:37:08, metric 1 102.0.0.1/32 *[OSPF/10] 00:04:36, metric 2 103.0.0.1/32 *[OSPF/10] 2d 08:49:59, metric 1 104.0.0.1/32 *[OSPF/10] 1d 23:37:08, metric 2 105.0.0.1/32 *[OSPF/10] 1d 23:37:08, metric 3 224.0.0.5/32 *[OSPF/10] 3d 03:02:09, metric 1
user@host-R2>show ospf interface Interface State Area DR ID BDR ID Nbrs ge-1/0/6.0 DR 0.0.0.0 102.0.0.1 100.0.0.1 1 ge-1/1/6.0 DR 0.0.0.0 102.0.0.1 100.0.0.1 1 ge-1/1/4.0 BDR 0.0.0.0 103.0.0.1 102.0.0.1 1 ge-1/1/5.0 BDR 0.0.0.0 103.0.0.1 102.0.0.1 1 lo0.0 DR 0.0.0.0 102.0.0.1 0.0.0.0 0 user@host-R2>show ospf neighbor Address Interface State ID Pri Dead 21.21.13.1 ge-1/0/6.0 Full 100.0.0.1 128 37 21.21.12.1 ge-1/1/6.0 Full 100.0.0.1 128 31 21.21.30.2 ge-1/1/4.0 Full 103.0.0.1 128 36 21.21.31.2 ge-1/1/5.0 Full 103.0.0.1 128 39 user@host-R2>show route protocol ospf | match /32 100.0.0.1/32 *[OSPF/10] 00:05:09, metric 1 101.0.0.1/32 *[OSPF/10] 00:04:58, metric 2 103.0.0.1/32 *[OSPF/10] 00:04:58, metric 1 104.0.0.1/32 *[OSPF/10] 00:04:58, metric 2 105.0.0.1/32 *[OSPF/10] 00:04:58, metric 3 224.0.0.5/32 *[OSPF/10] 00:07:22, metric 1
user@host-R0>show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/0/0.0 BDR 0.0.0.0 101.0.0.1 100.0.0.1 1 ge-2/0/0.0 BDR 0.0.0.0 102.0.0.1 100.0.0.1 1 ge-1/0/0.0 BDR 0.0.0.0 101.0.0.1 100.0.0.1 1 ge-3/0/0.0 BDR 0.0.0.0 102.0.0.1 100.0.0.1 1 ge-5/0/0.0 BDR 0.0.0.0 104.0.0.1 100.0.0.1 1 lo0.0 DR 0.0.0.0 100.0.0.1 0.0.0.0 0 ge-4/0/0.0 BDR 0.0.0.0 104.0.0.1 100.0.0.1 1 user@host-R0>show ospf neighbor Address Interface State ID Pri Dead 21.21.11.2 ge-0/0/0.0 Full 101.0.0.1 128 34 21.21.13.2 ge-2/0/0.0 Full 102.0.0.1 128 38 21.21.10.2 ge-1/0/0.0 Full 101.0.0.1 128 35 21.21.12.2 ge-3/0/0.0 Full 102.0.0.1 128 32 21.21.15.2 ge-5/0/0.0 Full 104.0.0.1 128 36 21.21.14.2 ge-4/0/0.0 Full 104.0.0.1 128 36 user@host-R0>show route protocol ospf | match /32 101.0.0.1/32 *[OSPF/10] 1d 23:42:43, metric 1 102.0.0.1/32 *[OSPF/10] 00:10:17, metric 1 103.0.0.1/32 *[OSPF/10] 00:10:16, metric 2 104.0.0.1/32 *[OSPF/10] 1d 23:20:42, metric 1 105.0.0.1/32 *[OSPF/10] 1d 23:20:42, metric 2 224.0.0.5/32 *[OSPF/10] 1d 23:47:44, metric 1 user@host-R0>show ospf3 interface Interface State Area DR ID BDR ID Nbrs ge-5/0/0.0 BDR 0.0.0.0 104.0.0.1 100.0.0.1 1 lo0.0 DR 0.0.0.0 100.0.0.1 0.0.0.0 0 ge-4/0/0.0 BDR 0.0.0.0 104.0.0.1 100.0.0.1 1 user@host-R0>show ospf3 neighbor ID Interface State Pri Dead 104.0.0.1 ge-5/0/0.0 Full 128 36 Neighbor-address fe80::aad0:e5ff:fe50:b262 104.0.0.1 ge-4/0/0.0 Full 128 37 Neighbor-address fe80::aad0:e5ff:fe50:b200 user@host-R0>show route table inet6.0 | match /128 1000::1/128 *[Direct/0] 1d 23:49:15 1003::1/128 *[OSPF3/10] 1d 07:13:56, metric 2 1004::1/128 *[OSPF3/10] 1d 23:22:04, metric 1 1005::1/128 *[OSPF3/10] 1d 07:13:37, metric 2 fe80::2a0:a500:176:14de/128 fe80::2a0:a50f:fc76:14de/128 fe80::ae4b:c8ff:fe45:6800/128 fe80::ae4b:c8ff:fe45:6be0/128 ff02::5/128 *[OSPF3/10] 1d 23:49:17, metric 1
user@host-R3>show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/0/0.0 BDR 0.0.0.0 101.0.0.1 103.0.0.1 1 ge-2/0/0.0 DR 0.0.0.0 103.0.0.1 102.0.0.1 1 ge-1/0/0.0 BDR 0.0.0.0 101.0.0.1 103.0.0.1 1 ge-3/0/0.0 DR 0.0.0.0 103.0.0.1 102.0.0.1 1 lo0.0 DR 0.0.0.0 103.0.0.1 0.0.0.0 0 ge-4/0/0.0 BDR 0.0.0.0 104.0.0.1 103.0.0.1 1 user@host-R3>show ospf neighbor Address Interface State ID Pri Dead 21.21.20.1 ge-0/0/0.0 Full 101.0.0.1 128 36 21.21.30.1 ge-2/0/0.0 Full 102.0.0.1 128 32 21.21.21.1 ge-1/0/0.0 Full 101.0.0.1 128 39 21.21.31.1 ge-3/0/0.0 Full 102.0.0.1 128 36 21.21.40.2 ge-4/0/0.0 Full 104.0.0.1 128 31 user@host-R3>show route protocol ospf | match /32 100.0.0.1/32 *[OSPF/10] 01:46:52, metric 2 101.0.0.1/32 *[OSPF/10] 2d 10:32:20, metric 1 102.0.0.1/32 *[OSPF/10] 01:46:52, metric 1 104.0.0.1/32 *[OSPF/10] 2d 05:56:03, metric 1 105.0.0.1/32 *[OSPF/10] 2d 05:55:46, metric 2 224.0.0.5/32 *[OSPF/10] 2w1d 01:41:29, metric 1 user@host-R3>show ospf3 interface Interface State Area DR ID BDR ID Nbrs lo0.0 DR 0.0.0.0 103.0.0.1 0.0.0.0 0 ge-4/0/0.0 BDR 0.0.0.0 104.0.0.1 103.0.0.1 1 user@host-R3>show ospf3 neighbor ID Interface State Pri Dead 104.0.0.1 ge-4/0/0.0 Full 128 34 Neighbor-address fe80::aad0:e5ff:fe50:b201 user@host-R3>show route table protocol ospf | match /128 1000::1/128 *[OSPF3/10] 1d 08:49:40, metric 2 1004::1/128 *[OSPF3/10] 2d 05:56:19, metric 1 1005::1/128 *[OSPF3/10] 1d 08:49:22, metric 2 ff02::5/128 *[OSPF3/10] 3d 06:40:09, metric 1
user@host-R4>show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/0/3.0 DR 0.0.0.0 104.0.0.1 100.0.0.1 1 ge-0/1/3.0 BDR 0.0.0.0 105.0.0.1 104.0.0.1 1 ge-0/1/4.0 DR 0.0.0.0 104.0.0.1 105.0.0.1 1 ge-0/1/7.0 DRother 0.0.0.0 0.0.0.0 0.0.0.0 0 lo0.0 DR 0.0.0.0 104.0.0.1 0.0.0.0 0 ge-0/0/2.0 DR 0.0.0.0 104.0.0.1 100.0.0.1 1 ge-0/0/4.0 DR 0.0.0.0 104.0.0.1 103.0.0.1 1 user@host-R4>show ospf neighbor Address Interface State ID Pri Dead 21.21.15.1 ge-0/0/3.0 Full 100.0.0.1 128 34 21.21.50.2 ge-0/1/3.0 Full 105.0.0.1 128 34 21.21.51.2 ge-0/1/4.0 Full 105.0.0.1 128 35 21.21.14.1 ge-0/0/2.0 Full 100.0.0.1 128 35 21.21.40.1 ge-0/0/4.0 Full 103.0.0.1 128 33 user@host-R4>show route protocol ospf | match /32 100.0.0.1/32 *[OSPF/10] 2d 00:42:12, metric 1 101.0.0.1/32 *[OSPF/10] 2d 00:42:12, metric 2 102.0.0.1/32 *[OSPF/10] 01:31:41, metric 2 103.0.0.1/32 *[OSPF/10] 2d 05:40:47, metric 1 105.0.0.1/32 *[OSPF/10] 2d 00:45:41, metric 1 224.0.0.5/32 *[OSPF/10] 2d 05:43:18, metric 1 user@host-R4>show ospf3 interface Interface State Area DR ID BDR ID Nbrs ge-0/0/3.0 DR 0.0.0.0 104.0.0.1 100.0.0.1 1 ge-0/1/3.0 BDR 0.0.0.0 105.0.0.1 104.0.0.1 1 ge-0/1/4.0 BDR 0.0.0.0 105.0.0.1 104.0.0.1 1 lo0.0 DR 0.0.0.0 104.0.0.1 0.0.0.0 0 ge-0/0/2.0 DR 0.0.0.0 104.0.0.1 100.0.0.1 1 ge-0/0/4.0 DR 0.0.0.0 104.0.0.1 103.0.0.1 1 user@host-R4>show ospf3 neighbor ID Interface State Pri Dead 100.0.0.1 ge-0/0/3.0 Full 128 32 Neighbor-address fe80::ae4b:c8ff:fe45:6be0 105.0.0.1 ge-0/1/3.0 Full 128 34 Neighbor-address fe80::aad0:e5ff:fe50:b280 105.0.0.1 ge-0/1/4.0 Full 128 32 Neighbor-address fe80::aad0:e5ff:fe50:b281 100.0.0.1 ge-0/0/2.0 Full 128 38 Neighbor-address fe80::ae4b:c8ff:fe45:6800 103.0.0.1 ge-0/0/4.0 Full 128 38 Neighbor-address fe80::ae4b:c8ff:fe45:f000 user@host-R4>show route table inet6.0 | match /128 1000::1/128 *[OSPF3/10] 2d 00:42:17, metric 1 1003::1/128 *[OSPF3/10] 2d 05:40:47, metric 1 1004::1/128 *[Direct/0] 2d 05:43:18 1005::1/128 *[OSPF3/10] 1d 08:33:49, metric 1 fe80::aad0:e50f:fc50:b2ff/128 fe80::aad0:e5ff:fe50:b200/128 fe80::aad0:e5ff:fe50:b201/128 fe80::aad0:e5ff:fe50:b262/128 fe80::aad0:e5ff:fe50:b268/128 fe80::aad0:e5ff:fe50:b269/128 ff02::5/128 *[OSPF3/10] 2d 05:43:34, metric 1
user@host-R5>show ospf interface Interface State Area DR ID BDR ID Nbrs ge-0/1/4.0 DR 0.0.0.0 105.0.0.1 0.0.0.0 0 ge-0/1/4.0 DR 0.0.0.0 105.0.0.1 0.0.0.0 0 ge-1/0/4.0 DR 0.0.0.0 105.0.0.1 0.0.0.0 0 ge-0/0/3.0 DR 0.0.0.0 105.0.0.1 104.0.0.1 1 ge-0/0/5.0 BDR 0.0.0.0 104.0.0.1 105.0.0.1 1 lo0.0 DR 0.0.0.0 105.0.0.1 0.0.0.0 user@host-R5>show ospf neighbor Address Interface State ID Pri Dead 21.21.50.1 ge-0/0/3.0 Full 104.0.0.1 128 35 21.21.51.1 ge-0/0/5.0 Full 104.0.0.1 128 34 user@host-R5>show route protocol ospf | match /32 100.0.0.1/32 *[OSPF/10] 2d 00:29:58, metric 2 101.0.0.1/32 *[OSPF/10] 2d 00:29:58, metric 3 102.0.0.1/32 *[OSPF/10] 01:15:59, metric 3 103.0.0.1/32 *[OSPF/10] 2d 00:29:58, metric 2 104.0.0.1/32 *[OSPF/10] 2d 00:29:58, metric 1 224.0.0.5/32 *[OSPF/10] 2d 05:27:36, metric 1 user@host-R5>show ospf3 interface Interface State Area DR ID BDR ID Nbrs ge-0/1/4.0 DR 0.0.0.0 105.0.0.1 0.0.0.0 0 ge-1/0/4.0 DR 0.0.0.0 105.0.0.1 0.0.0.0 0 ge-0/0/3.0 DR 0.0.0.0 105.0.0.1 104.0.0.1 1 ge-0/0/5.0 DR 0.0.0.0 105.0.0.1 104.0.0.1 1 lo0.0 DR 0.0.0.0 105.0.0.1 0.0.0.0 0 user@host-R5>show ospf3 neighbor ID Interface State Pri Dead 104.0.0.1 ge-0/0/3.0 Full 128 32 Neighbor-address fe80::aad0:e5ff:fe50:b268 104.0.0.1 ge-0/0/5.0 Full 128 35 Neighbor-address fe80::aad0:e5ff:fe50:b269 user@host-R5>show route table inet6.0 | match /128 1000::1/128 *[OSPF3/10] 1d 08:18:18, metric 2 1003::1/128 *[OSPF3/10] 1d 08:18:18, metric 2 1004::1/128 *[OSPF3/10] 1d 08:18:18, metric 1 1005::1/128 *[Direct/0] 2d 05:27:59 3000:db8:ffff:4::1/128 3000:db8:ffff:5::1/128 fe80::aad0:e50f:fc50:b2ff/128 fe80::aad0:e510:50:b2ff/128 fe80::aad0:e5ff:fe50:b260/128 fe80::aad0:e5ff:fe50:b267/128 fe80::aad0:e5ff:fe50:b280/128 fe80::aad0:e5ff:fe50:b281/128 ff02::5/128 *[OSPF3/10] 2d 05:28:04, metric 1
意味
OSPF および OSPF3 インターフェイス、ネイバー、ルートは正常に機能しています。
LDP 機能の検証
目的
各デバイスで、LDP インターフェイスとネイバー情報を表示し、エンティティが正しく機能していることを確認します。
アクション
各デバイスで、 show ldp interface
運用モードから と show ldp neighbor
コマンドを実行します。
user@host-R1>show ldp interface Interface Label space ID Nbr count Next hello lo0.0 101.0.0.1:0 2 0 ge-1/0/6.0 101.0.0.1:0 1 2 ge-1/1/6.0 101.0.0.1:0 1 0 ge-1/1/5.0 101.0.0.1:0 1 2 user@host-R1>show ldp neighbor Address Interface Label space ID Hold time 100.0.0.1 lo0.0 100.0.0.1:0 34 103.0.0.1 lo0.0 103.0.0.1:0 32 21.21.11.1 ge-1/0/6.0 100.0.0.1:0 12 21.21.10.1 ge-1/1/6.0 100.0.0.1:0 11 21.21.21.2 ge-1/1/5.0 103.0.0.1:0 12
user@host-R2>show ldp interface Interface Label space ID Nbr count Next hello lo0.0 102.0.0.1:0 2 0 ge-1/1/6.0 102.0.0.1:0 1 2 ge-1/1/5.0 102.0.0.1:0 1 1 user@host-R2>show ldp neighbor Address Interface Label space ID Hold time 100.0.0.1 lo0.0 100.0.0.1:0 42 103.0.0.1 lo0.0 103.0.0.1:0 36 21.21.12.1 ge-1/1/6.0 100.0.0.1:0 11 21.21.31.2 ge-1/1/5.0 103.0.0.1:0 11
user@host-R0>show ldp interface Interface Label space ID Nbr count Next hello lo0.0 100.0.0.1:0 2 0 ge-4/0/0.0 100.0.0.1:0 1 0 ge-0/0/0.0 100.0.0.1:0 1 0 ge-2/0/0.0 100.0.0.1:0 0 3 ge-1/0/0.0 100.0.0.1:0 1 2 ge-3/0/0.0 100.0.0.1:0 1 3 ge-5/0/0.0 100.0.0.1:0 1 1 user@host-R0>show ldp neighbor Address Interface Label space ID Hold time 101.0.0.1 lo0.0 101.0.0.1:0 43 102.0.0.1 lo0.0 102.0.0.1:0 41 21.21.14.2 ge-4/0/0.0 104.0.0.1:0 14 21.21.11.2 ge-0/0/0.0 101.0.0.1:0 14 21.21.10.2 ge-1/0/0.0 101.0.0.1:0 13 21.21.12.2 ge-3/0/0.0 102.0.0.1:0 10 21.21.15.2 ge-5/0/0.0 104.0.0.1:0 11
user@host-R3>show ldp interface Interface Label space ID Nbr count Next hello lo0.0 103.0.0.1:0 2 0 ge-0/0/0.0 103.0.0.1:0 0 3 ge-2/0/0.0 103.0.0.1:0 0 2 ge-1/0/0.0 103.0.0.1:0 1 3 ge-3/0/0.0 103.0.0.1:0 1 1 ge-4/0/0.0 103.0.0.1:0 1 3 user@host-R3>show ldp neighbor Address Interface Label space ID Hold time 101.0.0.1 lo0.0 101.0.0.1:0 33 102.0.0.1 lo0.0 102.0.0.1:0 36 21.21.21.1 ge-1/0/0.0 101.0.0.1:0 11 21.21.31.1 ge-3/0/0.0 102.0.0.1:0 10 21.21.40.2 ge-4/0/0.0 104.0.0.1:0 13
user@host-R4>show ldp interface Interface Label space ID Nbr count Next hello lo0.1 104.0.0.1:0 0 0 ge-0/0/2.0 104.0.0.1:0 1 0 ge-0/0/4.0 104.0.0.1:0 1 4 ge-0/0/3.0 104.0.0.1:0 1 3 ge-0/1/3.0 104.0.0.1:0 1 1 ge-0/1/4.0 104.0.0.1:0 1 2 user@host-R4>show ldp neighbor Address Interface Label space ID Hold time 21.21.14.1 ge-0/0/2.0 100.0.0.1:0 13 21.21.40.1 ge-0/0/4.0 103.0.0.1:0 11 21.21.15.1 ge-0/0/3.0 100.0.0.1:0 14 21.21.50.2 ge-0/1/3.0 105.0.0.1:0 14 21.21.51.2 ge-0/1/4.0 105.0.0.1:0 14
user@host-R5>show ldp interface Interface Label space ID Nbr count Next hello lo0.0 105.0.0.1:0 0 0 ge-0/0/3.0 105.0.0.1:0 1 0 ge-0/0/5.0 105.0.0.1:0 1 2 user@host-R5>show ldp neighbor Address Interface Label space ID Hold time 21.21.50.1 ge-0/0/3.0 104.0.0.1:0 14 21.21.51.1 ge-0/0/5.0 104.0.0.1:0 10
意味
LDP インターフェイスとネイバーは動作しています。
MPLS インターフェース確認
目的
各デバイスで、MPLSインターフェイス情報を表示し、インターフェイスが稼働していることを確認します。
アクション
各デバイスで、動作モードから コマンドを実行します show mpls interface
。
user@host-R1>show mpls interface Interface State Administrative groups (x: extended) ge-1/0/6.0 Up none ge-1/1/6.0 Up none ge-1/1/4.0 Up none ge-1/1/5.0 Up none
user@host-R2>show mpls interface Interface State Administrative groups (x: extended) ge-1/1/6.0 Up none ge-1/1/4.0 Up none ge-1/1/5.0 Up none
user@host-R0>show mpls interface Interface State Administrative groups (x: extended) ge-4/0/0.0 Up none ge-0/0/0.0 Up none ge-2/0/0.0 Up none ge-1/0/0.0 Up none ge-3/0/0.0 Up none ge-5/0/0.0 Up none
user@host-R3>show mpls interface Interface State Administrative groups (x: extended) ge-0/0/0.0 Up none ge-2/0/0.0 Up none ge-1/0/0.0 Up none ge-3/0/0.0 Up none ge-4/0/0.0 Up none
user@host-R4>show mpls interface Interface State Administrative groups (x: extended) ge-0/0/2.0 Up none ge-0/0/4.0 Up none ge-0/0/3.0 Up none ge-0/1/3.0 Up none ge-0/1/4.0 Up none
user@host-R5>show mpls interface Interface State Administrative groups (x: extended) ge-0/0/3.0 Up none ge-0/0/5.0 Up none
意味
MPLSインターフェイスは動作可能です。
R1、R2、R0 の CCC(回線クロスコネクト)インターフェイスと L2 回線の検証
目的
L2 回線と BFD セッション情報を表示して、インターフェイスとセッションが正常に機能していることを確認します。
アクション
R1、R2、R0 で、 、 、show bfd session summary
show l2circuit connections summary
show l2circuit connections interface ge-1/0/2.1
および show bfd session detail
のコマンドを運用モードから実行します。show interfaces terse | match ccc | count
この例では、show bfd session detail
コマンドの出力は切り捨てられています。
user@host-R1>show interfaces terse | match ccc | count Count: 1000 lines user@host-R1>show l2circuit connections summary Layer-2 Circuit Connections Summary: Neighbor: 100.0.0.1 Total VCs up: 1000, Total VCs down: 0 Neighbor: 103.0.0.1 Total VCs up: 0, Total VCs down: 1000 user@host-R1>show l2circuit connections interface ge-1/0/2.1 Layer-2 Circuit Connections: Legend for connection status (St) EI -- encapsulation invalid NP -- interface h/w not present MM -- mtu mismatch Dn -- down EM -- encapsulation mismatch VC-Dn -- Virtual circuit Down CM -- control-word mismatch Up -- operational VM -- vlan id mismatch CF -- Call admission control failure OL -- no outgoing label IB -- TDM incompatible bitrate NC -- intf encaps not CCC/TCC TM -- TDM misconfiguration BK -- Backup Connection ST -- Standby Connection CB -- rcvd cell-bundle size bad SP -- Static Pseudowire LD -- local site signaled down RS -- remote site standby RD -- remote site signaled down HS -- Hot-standby Connection XX -- unknown Legend for interface status Up -- operational Dn -- down Neighbor: 100.0.0.1 Interface Type St Time last up # Up trans ge-1/0/2.1(vc 1) rmt Up Feb 13 23:12:57 2015 1 Remote PE: 100.0.0.1, Negotiated control-word: Yes (Null) Incoming label: 667712, Outgoing label: 299776 Negotiated PW status TLV: No Local interface: ge-1/0/2.1, Status: Up, Encapsulation: ETHERNET Flow Label Transmit: No, Flow Label Receive: No Neighbor: 103.0.0.1 ge-1/0/2.1(vc 1) rmt BK user@host-R1>show bfd session summary 1000 sessions, 1000 clients Cumulative transmit rate 999.8 pps, cumulative receive rate 999.8 pps user@host-R1>show bfd session detail Detect Transmit Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-1/1/6.0 4.000 1.000 4 Client L2CKT-OAM, TX interval 1.000, RX interval 1.000 Session up time 00:06:09 Local diagnostic None, remote diagnostic None Remote state Up, version 1 Session type: VCCV BFD Detect Transmit Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-1/0/6.0 4.000 1.000 4 Client L2CKT-OAM, TX interval 1.000, RX interval 1.000 Session up time 00:15:06 Local diagnostic None, remote diagnostic None Remote state Up, version 1 Session type: VCCV BFD Detect Transmit Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-1/1/6.0 4.000 1.000 4 Client L2CKT-OAM, TX interval 1.000, RX interval 1.000 Session up time 00:33:14 Local diagnostic None, remote diagnostic None Remote state Up, version 1 Session type: VCCV BFD ...
user@host-R2>show interfaces terse | match ccc | count Count: 1048 lines user@host-R2>show l2circuit connections summary Layer-2 Circuit Connections Summary: Neighbor: 100.0.0.1 Total VCs up: 1048, Total VCs down: 0 Neighbor: 103.0.0.1 Total VCs up: 0, Total VCs down: 1048 user@host-R2>show l2circuit connections interface ge-1/0/2.1 Layer-2 Circuit Connections: Legend for connection status (St) EI -- encapsulation invalid NP -- interface h/w not present MM -- mtu mismatch Dn -- down EM -- encapsulation mismatch VC-Dn -- Virtual circuit Down CM -- control-word mismatch Up -- operational VM -- vlan id mismatch CF -- Call admission control failure OL -- no outgoing label IB -- TDM incompatible bitrate NC -- intf encaps not CCC/TCC TM -- TDM misconfiguration BK -- Backup Connection ST -- Standby Connection CB -- rcvd cell-bundle size bad SP -- Static Pseudowire LD -- local site signaled down RS -- remote site standby RD -- remote site signaled down XX -- unknown Legend for interface status Up -- operational Dn -- down Neighbor: 100.0.0.1 Interface Type St Time last up # Up trans ge-1/0/2.1(vc 1001) rmt Up Feb 15 22:42:21 2015 1 Remote PE: 100.0.0.1, Negotiated control-word: Yes (Null) Incoming label: 299776, Outgoing label: 315776 Negotiated PW status TLV: No Local interface: ge-1/0/2.1, Status: Up, Encapsulation: ETHERNET Neighbor: 103.0.0.1 ge-1/0/2.1(vc 1001) rmt BK user@host-R2>show bfd session summary 1048 sessions, 1048 clients Cumulative transmit rate 1047.8 pps, cumulative receive rate 1047.8 pps user@host-R2>show bfd session detail Detect Transmit Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-1/1/6.0 4.000 1.000 4 Client L2CKT-OAM, TX interval 1.000, RX interval 1.000 Session up time 00:02:30 Local diagnostic None, remote diagnostic None Remote state Up, version 1 Detect Transmit Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-1/1/6.0 4.000 1.000 4 Client L2CKT-OAM, TX interval 1.000, RX interval 1.000 Session up time 00:02:36 Local diagnostic None, remote diagnostic None Remote state Up, version 1 Detect Transmit Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-1/1/6.0 4.000 1.000 4 Client L2CKT-OAM, TX interval 1.000, RX interval 1.000 Session up time 00:02:00 Local diagnostic None, remote diagnostic None Remote state Up, version 1 ...
user@host-R0>show interfaces terse | match ccc | count Count: 2048 lines user@host-R0>show l2circuit connections summary Layer-2 Circuit Connections Summary: Neighbor: 101.0.0.1 Total VCs up: 1000, Total VCs down: 0 Neighbor: 102.0.0.1 Total VCs up: 1048, Total VCs down: 0 user@host-R0>show l2circuit connections interface ps0.0 Layer-2 Circuit Connections: Legend for connection status (St) EI -- encapsulation invalid NP -- interface h/w not present MM -- mtu mismatch Dn -- down EM -- encapsulation mismatch VC-Dn -- Virtual circuit Down CM -- control-word mismatch Up -- operational VM -- vlan id mismatch CF -- Call admission control failure OL -- no outgoing label IB -- TDM incompatible bitrate NC -- intf encaps not CCC/TCC TM -- TDM misconfiguration BK -- Backup Connection ST -- Standby Connection CB -- rcvd cell-bundle size bad SP -- Static Pseudowire LD -- local site signaled down RS -- remote site standby RD -- remote site signaled down HS -- Hot-standby Connection XX -- unknown Legend for interface status Up -- operational Dn -- down Neighbor: 101.0.0.1 Interface Type St Time last up # Up trans ps0.0(vc 1) rmt Up Feb 13 22:13:18 2015 1 Remote PE: 101.0.0.1, Negotiated control-word: Yes (Null) Incoming label: 299776, Outgoing label: 667712 Negotiated PW status TLV: No Local interface: ps0.0, Status: Up, Encapsulation: ETHERNET user@host-R0>show bfd session summary 2048 sessions, 2048 clients Cumulative transmit rate 2047.5 pps, cumulative receive rate 2047.5 pps user@host-R0>show bfd session detail Detect Transmit Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-0/0/0.0 4.000 1.000 4 Client L2CKT-OAM, TX interval 1.000, RX interval 1.000 Session up time 00:00:39 Local diagnostic None, remote diagnostic None Remote state Up, version 1 Replicated Session type: VCCV BFD Detect Transmit Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-3/0/0.0 4.000 1.000 4 Client L2CKT-OAM, TX interval 1.000, RX interval 1.000 Session up time 00:13:29 Local diagnostic None, remote diagnostic None Remote state Up, version 1 Replicated Session type: VCCV BFD Detect Transmit Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-3/0/0.0 4.000 1.000 4 Client L2CKT-OAM, TX interval 1.000, RX interval 1.000 Session up time 00:13:07 Local diagnostic None, remote diagnostic None Remote state Up, version 1 Replicated Session type: VCCV BFD ...
意味
CCC および L2 回線インターフェイスは動作可能です。
R0およびR3の論理トンネル(LT)インターフェイスの確認
目的
論理トンネル インターフェイスを表示して、それらが稼働していることを確認します。
アクション
R0 および R3 で(運用モードから)、 show interfaces terse | match lt
コマンドを実行して、LT インターフェイスが稼働していることを確認します。次に、個々のインターフェイスに対してコマンドを実行して、 show interfaces terse
より詳細な情報を表示します。ここでは、デバイスごとに 1 つのインターフェイスを示します。必要に応じて、追加のインターフェイスについても繰り返します。
user@host-R0>show interfaces terse | match lt lt-0/0/10 up up lt-0/1/10 up up lt-0/2/10 up up lt-0/3/10 up up lt-1/0/10 up up lt-1/1/10 up up lt-1/2/10 up up lt-1/3/10 up up multiservice multiservice lt-2/0/10 up up lt-2/1/10 up up lt-2/2/10 up up lt-2/3/10 up up multiservice multiservice multiservice lt-3/0/10 up up lt-3/1/10 up up lt-3/2/10 up up lt-3/3/10 up up user@host-R0>show interfaces lt-0/0/10 terse Interface Admin Link Proto Local Remote lt-0/0/10 up up
user@host-R3>show interfaces terse | match lt multiservice lt-0/0/10 up up lt-0/1/10 up up lt-0/2/10 up up lt-0/3/10 up up lt-1/0/10 up up lt-1/1/10 up up lt-1/2/10 up up lt-1/3/10 up up multiservice multiservice lt-2/0/10 up up lt-2/1/10 up up lt-2/2/10 up up lt-2/3/10 up up multiservice multiservice lt-3/0/10 up up lt-3/1/10 up up lt-3/2/10 up up lt-3/3/10 up up user@host-R3>show interfaces lt-0/0/10 terse Interface Admin Link Proto Local Remote lt-0/0/10 up up
意味
LT インターフェイスはすべて稼働していることが確認されています。
R0およびR3で疑似サービス(PS)インターフェイスを確認する
目的
疑似サービスインターフェイスを表示して、それらが稼働していることを確認します。
アクション
R0およびR3で、動作モードからコマンドを実行して、 show interfaces ps0 terse
PSインターフェイスが稼働していることを確認します。
user@host-R0>show interfaces ps0 terse Interface Admin Link Proto Local Remote ps0 up up ps0.0 up up ccc ps0.32767 up up ps0.1073741863 up up inet 100.0.0.1 --> 0/0 inet6 fe80::2a0:a500:176:14de pppoe user@host-R0>show interfaces terse | match ps | match ccc | match up | count Count: 2048 lines
user@host-R3>show interfaces ps0 terse Interface Admin Link Proto Local Remote ps0 up up ps0.0 up up ccc ps0.32767 up up user@host-R3>show interfaces terse | match ps | match ccc | match up | count Count: 2048 lines
意味
PS インターフェイスは稼働しています。
R0 でのダイナミック VLAN インターフェイス上での DHCPv4 の検証
目的
DHCPv4 加入者およびその他の DHCPv4 を動的 VLAN 情報で表示し、インターフェイスが機能していることを確認します。
アクション
運用モードから、 、 、 、 、 、 show subscribers
show subscribers detail
show firewall
、show class-of-service traffic-control-profile
show dhcp server binding
show route protocol access-internal
show class-of-service scheduler-hierarchy interface ps0.1073741855
および コマンドを実行します。
user@host-R0>show subscribers Interface IP Address/VLAN ID User Name LS:RI ps0.1073741855 0x8100.1 0x8100.100 SST_USER_VLAN_DEFAULT default:default ps0.1073741855 100.16.0.3 SST_USER_DHCP_V4_DEFAULT default:default user@host-R0>show dhcp server binding IP address Session Id Hardware address Expires State Interface 100.16.0.3 55 00:22:68:14:84:d5 25191 BOUND ps0.1073741855 user@host-R0>show subscribers detail Type: VLAN User Name: SST_USER_VLAN_DEFAULT Logical System: default Routing Instance: default Interface: ps0.1073741855 Interface type: Dynamic Underlying Interface: ps0 Dynamic Profile Name: vlan-prof-0 Dynamic Profile Version: 2 State: Active Radius Accounting ID: 54 Session ID: 54 Stacked VLAN Id: 0x8100.1 VLAN Id: 0x8100.100 Login Time: 2015-02-15 21:47:47 PST Type: DHCP User Name: SST_USER_DHCP_V4_DEFAULT IP Address: 100.16.0.3 IP Netmask: 255.0.0.0 Logical System: default Routing Instance: default Interface: ps0.1073741855 Interface type: Static Underlying Interface: ps0.1073741855 Dynamic Profile Name: client-profile Dynamic Profile Version: 1 MAC Address: 00:22:68:14:84:d5 State: Active Radius Accounting ID: 55 Session ID: 55 Stacked VLAN Id: 1 VLAN Id: 100 Login Time: 2015-02-15 21:47:51 PST Service Sessions: 1 DHCP Options: len 48 35 01 01 32 04 64 10 00 03 0c 16 66 69 72 65 62 61 63 6b 2d 54 68 69 6e 6b 50 61 64 2d 54 34 30 30 37 0d 01 1c 02 03 0f 06 77 0c 2c 2f 1a 79 2a user@host-R0>show route protocol access-internal inet.0: 34 destinations, 35 routes (34 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 100.16.0.3/32 *[Access-internal/12] 00:04:41 > to #0 0.22.68.14.84.d5 via ps0.1073741855 inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) mpls.0: 4110 destinations, 4110 routes (4110 active, 0 holddown, 0 hidden) __mpls-oam__.mpls.0: 2048 destinations, 2048 routes (2048 active, 0 holddown, 0 hidden) inet6.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden) inet6.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) l2circuit.0: 4096 destinations, 4096 routes (4096 active, 0 holddown, 0 hidden) user@host-R0>show firewall Filter: RPF-PASS-DHCP-V4 Counters: Name Bytes Packets RPF-DHCP-V4-TRAFFIC 1968 6 Filter: RPF-PASS-DHCP-V6 Counters: Name Bytes Packets RPF-DHCP-V6-TRAFFIC 0 0 Filter: __default_bpdu_filter__ Filter: INPUT-V4-FILTER-01-ps0.1073741855-in Counters: Name Bytes Packets COUNTER11-ps0.1073741855-in 0 0 __junos-dyn-service-counter 0 0 Filter: OUTPUT-V4-FILTER-01-ps0.1073741855-out Counters: Name Bytes Packets COUNTER12-ps0.1073741855-out 0 0 __junos-dyn-service-counter 0 0 user@host-R0>show class-of-service traffic-control-profile Traffic control profile: TCP_PS.o.ps0.1073741855, Index: 1337886568 Shaping rate: 60000000 Scheduler map: ps0.1073741855.SMAP_PS Guaranteed rate: 50000000 user@host-R0>show class-of-service scheduler-hierarchy interface ps0.1073741855 Interface/ Shaping Guarnteed Guaranteed/ Queue Excess Resource name rate rate Excess weight weight kbits kbits priority high/low lt-0/0/10 1000000 lt-0/0/10 RTP 1000000 0 1 1 FC0 1000000 0 Low Low 950 FC3 1000000 0 Low Low 50 ps0.1073741855 60000 50000 500 500 FC0 60000 Disabled High High 2 FC1 60000 20000 Medium Low 400 FC2 60000 14950 Low Low 299 FC3 60000 14950 Low Low 299
意味
動的VLANインターフェイスを介したDHCPv4が動作しています。
R0 の動的 VLAN インターフェイス上で DHCPv6-PD を検証する
目的
DHCPv6-PDサブスクライバおよびその他のDHCPv6-PDを動的VLAN情報で表示し、インターフェイスが機能していることを確認します。
アクション
運用モードから、 、 、 、 、 、 show subscribers
show subscribers detail
show firewall
、show class-of-service traffic-control-profile
show dhcpv6 server binding
show route table inet6.0 protocol access
show class-of-service scheduler-hierarchy interface ps0.1073741856
および コマンドを実行します。
user@host-R0>show subscribers Interface IP Address/VLAN ID User Name LS:RI ps0.1073741856 0x8100.1 0x8100.100 SST_USER_VLAN_DEFAULT default:default ps0.1073741856 1000::/56 SST_USER_DHCP_V6_DEFAULT default:default user@host-R0>show dhcpv6 server binding Prefix Session Id Expires State Interface Client DUID 1000::/56 58 25178 BOUND ps0.1073741856 LL_TIME0x1-0x1c0fbbe9-00:22:68:14:84:d5 user@host-R0>show subscribers detail Type: VLAN User Name: SST_USER_VLAN_DEFAULT Logical System: default Routing Instance: default Interface: ps0.1073741856 Interface type: Dynamic Underlying Interface: ps0 Dynamic Profile Name: vlan-prof-0 Dynamic Profile Version: 2 State: Active Radius Accounting ID: 57 Session ID: 57 Stacked VLAN Id: 0x8100.1 VLAN Id: 0x8100.100 Login Time: 2015-02-15 21:54:47 PST Type: DHCP User Name: SST_USER_DHCP_V6_DEFAULT IPv6 Prefix: 1000::/56 Logical System: default Routing Instance: default Interface: ps0.1073741856 Interface type: Static Underlying Interface: ps0.1073741856 Dynamic Profile Name: client-profile Dynamic Profile Version: 1 MAC Address: 00:22:68:14:84:d5 State: Active Radius Accounting ID: 58 Session ID: 58 Stacked VLAN Id: 1 VLAN Id: 100 Login Time: 2015-02-15 21:54:48 PST Service Sessions: 1 DHCP Options: len 48 00 01 00 0e 00 01 00 01 1c 0f bb e9 00 22 68 14 84 d5 00 08 00 02 00 64 00 06 00 04 00 17 00 18 00 19 00 0c 00 00 00 01 00 00 00 00 00 00 00 00 user@host-R0>show route table inet6.0 protocol access inet6.0: 13 destinations, 14 routes (13 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1000::/56 *[Access/13] 00:00:35 > to fe80::222:68ff:fe14:84d5 via ps0.1073741856 user@host-R0>show firewall Filter: RPF-PASS-DHCP-V4 Counters: Name Bytes Packets RPF-DHCP-V4-TRAFFIC 1968 6 Filter: RPF-PASS-DHCP-V6 Counters: Name Bytes Packets RPF-DHCP-V6-TRAFFIC 0 0 Filter: __default_bpdu_filter__ Filter: INPUT-V6-FILTER-01-ps0.1073741856-in Counters: Name Bytes Packets COUNTER21-ps0.1073741856-in 72 1 __junos-dyn-service-counter 72 1 Filter: OUTPUT-V6-FILTER-01-ps0.1073741856-out Counters: Name Bytes Packets COUNTER22-ps0.1073741856-out 0 0 __junos-dyn-service-counter user@host-R0>show class-of-service traffic-control-profile Traffic control profile: TCP_PS.o.ps0.1073741856, Index: 1337886571 Shaping rate: 60000000 Scheduler map: ps0.1073741856.SMAP_PS Guaranteed rate: 50000000 user@host-R0>show class-of-service scheduler-hierarchy interface ps0.1073741856 Interface/ Shaping Guarnteed Guaranteed/ Queue Excess Resource name rate rate Excess weight weight kbits kbits priority high/low lt-0/0/10 1000000 lt-0/0/10 RTP 1000000 0 1 1 FC0 1000000 0 Low Low 950 FC3 1000000 0 Low Low 50 ps0.1073741856 60000 50000 500 500 FC0 60000 Disabled High High 2 FC1 60000 20000 Medium Low 400 FC2 60000 14950 Low Low 299 FC3 60000 14950 Low Low 299
意味
動的VLANインターフェイスを介したDHCPv6-PDが動作しています。
R0 の動的 VLAN インターフェイス上での PPPoE の検証
目的
PPPoE 加入者およびその他の PPPoE を動的 VLAN 情報で表示し、インターフェイスが機能していることを確認します。
アクション
運用モードから、 、 、 、 、 、 show subscribers
show subscriber summary
show subscribers detail
、 show route protocol access-internal
show class-of-service traffic-control-profile
show pppoe interfaces
show firewall
、 コマンドを実行します。show class-of-service scheduler-hierarchy interface ps0.1073741859
user@host-R0>show subscribers Interface IP Address/VLAN ID User Name LS:RI ps0.1073741859 0x8100.1 0x8100.100 SST_USER_VLAN_DEFAULT default:default pp0.1073741860 100.16.0.7 SST_USER_PPPOE_LT_DEFAULT default:default user@host-R0>show subscribers summary Subscribers by State Active: 2 Total: 2 Subscribers by Client Type VLAN: 1 PPPoE: 1 Total: 2 user@host-R0>show subscribers detail Type: VLAN User Name: SST_USER_VLAN_DEFAULT Logical System: default Routing Instance: default Interface: ps0.1073741859 Interface type: Dynamic Underlying Interface: ps0 Dynamic Profile Name: vlan-prof-0 Dynamic Profile Version: 2 State: Active Radius Accounting ID: 63 Session ID: 63 Stacked VLAN Id: 0x8100.1 VLAN Id: 0x8100.100 Login Time: 2015-02-15 22:09:55 PST Type: PPPoE User Name: SST_USER_PPPOE_LT_DEFAULT IP Address: 100.16.0.7 IP Netmask: 255.0.0.0 Primary DNS Address: 9.0.0.100 Secondary DNS Address: 9.0.0.101 Logical System: default Routing Instance: default Interface: pp0.1073741860 Interface type: Dynamic Underlying Interface: ps0.1073741859 Dynamic Profile Name: pppoe-client-profile Dynamic Profile Version: 1 MAC Address: 00:22:68:14:84:d5 State: Active Radius Accounting ID: 64 Session ID: 64 Stacked VLAN Id: 1 VLAN Id: 100 Login Time: 2015-02-15 22:10:00 PST Service Sessions: 1 user@host-R0>show pppoe interfaces pp0.1073741860 Index 586 State: Session Up, Session ID: 1, Type: Dynamic, Service name: (empty), Remote MAC address: 00:22:68:14:84:D5, Session AC name: petrel, Session uptime: 00:03:23 ago, Dynamic Profile: pppoe-client-profile, Underlying interface: ps0.1073741859 Index 585 user@host-R0>show route protocol access-internal inet.0: 34 destinations, 35 routes (34 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 100.16.0.7/32 *[Access-internal/12] 00:03:31 > via pp0.1073741860 inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) mpls.0: 4110 destinations, 4110 routes (4110 active, 0 holddown, 0 hidden) __mpls-oam__.mpls.0: 2048 destinations, 2048 routes (2048 active, 0 holddown, 0 hidden) inet6.0: 12 destinations, 13 routes (12 active, 0 holddown, 0 hidden) inet6.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) l2circuit.0: 4096 destinations, 4096 routes (4096 active, 0 holddown, 0 hidden) user@host-R0>show firewall Filter: RPF-PASS-DHCP-V4 Counters: Name Bytes Packets RPF-DHCP-V4-TRAFFIC 1968 6 Filter: RPF-PASS-DHCP-V6 Counters: Name Bytes Packets RPF-DHCP-V6-TRAFFIC 0 0 Filter: __default_bpdu_filter__ Filter: INPUT-V4-FILTER-01-pp0.1073741860-in Counters: Name Bytes Packets COUNTER11-pp0.1073741860-in 40698 238 __junos-dyn-service-counter 40698 238 Filter: OUTPUT-V4-FILTER-01-pp0.1073741860-out Counters: Name Bytes Packets COUNTER12-pp0.1073741860-out 0 0 __junos-dyn-service-counter 0 0 Filter: INPUT-V6-FILTER-01-pp0.1073741860-in Counters: Name Bytes Packets COUNTER21-pp0.1073741860-in 152 2 __junos-dyn-service-counter 152 2 Filter: OUTPUT-V6-FILTER-01-pp0.1073741860-out Counters: Name Bytes Packets COUNTER22-pp0.1073741860-out 0 0 __junos-dyn-service-counter 0 0 user@host-R0>show class-of-service traffic-control-profile Traffic control profile: TCP_PS.o.ps0.1073741859, Index: 1337886564 Shaping rate: 60000000 Scheduler map: ps0.1073741859.SMAP_PS Guaranteed rate: 50000000 user@host-R0>show class-of-service scheduler-hierarchy interface ps0.1073741859 Interface/ Shaping Guarnteed Guaranteed/ Queue Excess Resource name rate rate Excess weight weight kbits kbits priority high/low lt-0/0/10 1000000 lt-0/0/10 RTP 1000000 0 1 1 FC0 1000000 0 Low Low 950 FC3 1000000 0 Low Low 50 ps0.1073741859 60000 50000 500 500 FC0 60000 Disabled High High 2 FC1 60000 20000 Medium Low 400 FC2 60000 14950 Low Low 299 FC3 60000 14950 Low Low 299
意味
動的VLANインターフェイスを介したPPPoEが動作しています。
R0 の動的 VLAN インターフェイスを介した PPPoE 経由の DHCP-PD の検証
目的
PPPoE加入者、DHCPv6サーバーバインディング、inet6ルートテーブルの情報を表示して、インターフェイスが機能していることを確認します。
アクション
運用モードから、 、 、 、 show subscriber summary
、および コマンドを実行しますshow route table inet6.0 protocol access
show subscribers
。 show subscribers detail
show dhcpv6 server binding
user@host-R0>show subscribers Interface IP Address/VLAN ID User Name LS:RI ps0.1073741859 0x8100.1 0x8100.100 SST_USER_VLAN_DEFAULT default:default pp0.1073741860 100.16.0.7 SST_USER_PPPOE_LT_DEFAULT default:default * 1000::/56 pp0.1073741860 1000::/56 default:default user@host-R0>show subscribers summary Subscribers by State Active: 3 Total: 3 Subscribers by Client Type DHCP: 1 VLAN: 1 PPPoE: 1 Total: 3 user@host-R0>show subscribers detail Type: VLAN User Name: SST_USER_VLAN_DEFAULT Logical System: default Routing Instance: default Interface: ps0.1073741859 Interface type: Dynamic Underlying Interface: ps0 Dynamic Profile Name: vlan-prof-0 Dynamic Profile Version: 2 State: Active Radius Accounting ID: 63 Session ID: 63 Stacked VLAN Id: 0x8100.1 VLAN Id: 0x8100.100 Login Time: 2015-02-15 22:09:55 PST Type: PPPoE User Name: SST_USER_PPPOE_LT_DEFAULT IP Address: 100.16.0.7 IP Netmask: 255.0.0.0 Primary DNS Address: 9.0.0.100 Secondary DNS Address: 9.0.0.101 Logical System: default Routing Instance: default Interface: pp0.1073741860 Interface type: Dynamic Underlying Interface: ps0.1073741859 Dynamic Profile Name: pppoe-client-profile Dynamic Profile Version: 1 MAC Address: 00:22:68:14:84:d5 State: Active Radius Accounting ID: 64 Session ID: 64 Stacked VLAN Id: 1 VLAN Id: 100 Login Time: 2015-02-15 22:10:00 PST Service Sessions: 1 user@host-R0>show dhcpv6 server binding Prefix Session Id Expires State Interface Client DUID 1000::/56 66 25102 BOUND pp0.1073741860 LL_TIME0x1-0x1c0fbbe9-00:22:68:14:84:d5 user@host-R0>show subscribers detail Type: VLAN User Name: SST_USER_VLAN_DEFAULT Logical System: default Routing Instance: default Interface: ps0.1073741859 Interface type: Dynamic Underlying Interface: ps0 Dynamic Profile Name: vlan-prof-0 Dynamic Profile Version: 2 State: Active Radius Accounting ID: 63 Session ID: 63 Stacked VLAN Id: 0x8100.1 VLAN Id: 0x8100.100 Login Time: 2015-02-15 22:09:55 PST Type: PPPoE User Name: SST_USER_PPPOE_LT_DEFAULT IP Address: 100.16.0.7 IP Netmask: 255.0.0.0 Primary DNS Address: 9.0.0.100 Secondary DNS Address: 9.0.0.101 IPv6 Prefix: 1000::/56 Logical System: default Routing Instance: default Interface: pp0.1073741860 Interface type: Dynamic Underlying Interface: ps0.1073741859 Dynamic Profile Name: pppoe-client-profile Dynamic Profile Version: 1 MAC Address: 00:22:68:14:84:d5 State: Active Radius Accounting ID: 64 Session ID: 64 Stacked VLAN Id: 1 VLAN Id: 100 Login Time: 2015-02-15 22:10:00 PST Service Sessions: 1 Type: DHCP IPv6 Prefix: 1000::/56 Logical System: default Routing Instance: default Interface: pp0.1073741860 Interface type: Static Underlying Interface: ps0.1073741859 MAC Address: 00:22:68:14:84:d5 State: Active Radius Accounting ID: 66 Session ID: 66 Underlying Session ID: 64 Login Time: 2015-02-15 22:15:20 PST DHCP Options: len 48 00 01 00 0e 00 01 00 01 1c 0f bb e9 00 22 68 14 84 d5 00 08 00 02 00 00 00 06 00 04 00 17 00 18 00 19 00 0c 00 00 00 01 00 00 00 00 00 00 00 00 user@host-R0>show route table inet6.0 protocol access inet6.0: 13 destinations, 14 routes (13 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1000::/56 *[Access/13] 00:02:02 > via pp0.1073741860
意味
動的VLANインターフェイスを介したPPPoE上のDHCPv6-PDが動作しています。
R0 の動的インターフェイス上で LAC PPP を検証する
目的
加入者、ネットワークアクセス、AAA、L2TPサービスの情報を表示して、インターフェイスが機能していることを確認します。
アクション
動作モードから、 show subscribers
、 、 、 、 show subscribers detail
show network-access aaa subscribers
show network-access aaa subscribers session-id 68
show network-access aaa subscribers session-id 68 detail
show network-access aaa subscribers session-id 67 detail
show services l2tp summary
show services l2tp destination
show network-access aaa subscribers session-id 67
show subscriber summary
show services l2tp session
show services l2tp destination extensive
show services l2tp tunnel
show services l2tp tunnel extensive
コマンドを実行します。show services l2tp session extensive
user@host-R0>show subscribers Interface IP Address/VLAN ID User Name LS:RI ps0.1073741861 0x8100.1 0x8100.100 SST_USER_VLAN_DEFAULT default:default pp0.1073741862 Tunneled SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM default:default user@host-R0>show subscribers summary Subscribers by State Active: 2 Total: 2 Subscribers by Client Type VLAN: 1 PPPoE: 1 Total: 2 user@host-R0>show subscribers detail Type: VLAN User Name: SST_USER_VLAN_DEFAULT Logical System: default Routing Instance: default Interface: ps0.1073741861 Interface type: Dynamic Underlying Interface: ps0 Dynamic Profile Name: vlan-prof-0 Dynamic Profile Version: 2 State: Active Radius Accounting ID: 67 Session ID: 67 Stacked VLAN Id: 0x8100.1 VLAN Id: 0x8100.100 Login Time: 2015-02-15 22:19:54 PST Type: PPPoE User Name: SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM Logical System: default Routing Instance: default Interface: pp0.1073741862 Interface type: Dynamic Underlying Interface: ps0.1073741861 Dynamic Profile Name: pppoe-client-profile Dynamic Profile Version: 1 MAC Address: 00:22:68:14:84:d5 State: Active PPP State: Tunneled Local IP Address: 100.0.0.1 Remote IP Address: 105.0.0.1 Radius Accounting ID: 68 Session ID: 68 Stacked VLAN Id: 1 VLAN Id: 100 Login Time: 2015-02-15 22:19:59 PST user@host-R0>show network-access aaa subscribers Username Logical system/Routing instance Client type Session-ID SST_USER_VLAN_DEFAULT default:default vlan 67 SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM default:default pppoe 68 user@host-R0>show network-access aaa subscribers session-id 67 Logical system/Routing instance Client type Session-ID Session uptime Accounting default:default vlan 67 00:09:43 on/volume+time user@host-R0>show network-access aaa subscribers session-id 67 detail Type: vlan Stripped username: SST_USER_VLAN_DEFAULT AAA Logical system/Routing instance: default:default Target Logical system/Routing instance: default:default Access-profile: Access-Profile-0 Session ID: 67 Accounting Session ID: 67 Multi Accounting Session ID: 0 Authentication State: AuthStateActive Accounting State: Acc-Interim-Sent Provisioning Type: None user@host-R0>show network-access aaa subscribers session-id 68 Logical system/Routing instance Client type Session-ID Session uptime Accounting default:default pppoe 68 00:09:48 on/volume+time user@host-R0>show network-access aaa subscribers session-id 68 detail Type: pppoe Username: SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM Stripped username: SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM AAA Logical system/Routing instance: default:default Target Logical system/Routing instance: default:default Access-profile: Access-Profile-0 Session ID: 68 Accounting Session ID: 68 Multi Accounting Session ID: 0 Authentication State: AuthStateActive Accounting State: Acc-Interim-Sent Provisioning Type: None user@host-R0>show services l2tp summary Failover within a preference level is Disabled Weighted load balancing is Disabled Tunnel authentication challenge is Enabled Calling number avp is Enabled Failover Protocol is Enabled Tx Connect speed method is static Rx speed avp when equal is Disabled Tunnel assignment id format is assignment-id Tunnel Tx Address Change is Accept Max Retransmissions for Established Tunnel is 7 Max Retransmissions for Not Established Tunnel is 5 Tunnel Idle Timeout is 60 seconds Destruct Timeout is 300 seconds Destination Lockout Timeout is 300 seconds Destinations: 1, Tunnels: 1, Sessions: 1, Switched sessions: 0 user@host-R0>show services l2tp destination Local Name Remote IP Tunnels Sessions State 3 105.0.0.1 1 1 Enabled user@host-R0>show services l2tp tunnel Local ID Remote ID Remote IP Sessions State 26595 30823 105.0.0.1:1701 1 Established user@host-R0>show services l2tp session Tunnel local ID: 26595 Local Remote State Interface Interface ID ID unit Name 8956 1214 Established 1073741862 pp0 user@host-R0>show services l2tp destination extensive Waiting for statistics... Local name: 3 Remote IP: 105.0.0.1 Tunnels: 1, Sessions: 1 State: Enabled Local IP: 100.0.0.1 Transport: ipUdp, Logical System: default, Router Instance: default Lockout State: not locked Connections Totals Active Failed Tunnels 1 1 0 Sessions 1 1 0 Packets Bytes Control Tx 16 591 Control Rx 16 438 Data Tx 584 122.2k Data Rx 441 23.8k Errors Tx 0 Errors Rx 0 user@host-R0>show services l2tp tunnel extensive Waiting for statistics... Tunnel local ID: 26595, Tunnel remote ID: 30823 Remote IP: 105.0.0.1:1701 Sessions: 1, State: Established Tunnel Name: 3/Tunnel-ID-1 Local IP: 100.0.0.1:1701 Local name: petrel, Remote name: R5 Effective Peer Resync Mechanism: failover protocol Nas Port Method: none Tunnel Logical System: default, Tunnel Routing Instance: default Max sessions: 128100, Window size: 4, Hello interval: 60 Create time: Sun Feb 15 22:20:00 2015, Up time: 00:13:52 Idle time: 00:00:00 Statistics since: Sun Feb 15 22:20:00 2015 Packets Bytes Control Tx 16 591 Control Rx 16 438 Data Tx 584 122.2k Data Rx 441 23.8k Errors Tx 0 Errors Rx 0 user@host-R0>show services l2tp session extensive Tunnel local ID: 26595 Session local ID: 8956, Session remote ID: 1214 Interface unit: 1073741862 State: Established Interface: pp0 Mode: Dedicated Local IP: 100.0.0.1:1701, Remote IP: 105.0.0.1:1701 Local name: petrel, Remote name: R5 Bearer type: 1, Framing type: 1 LCP renegotiation: N/A, Authentication: None, Interface ID: N/A Call serial number: 7 Tx speed: 0, Rx speed: 0 Create time: Sun Feb 15 22:20:00 2015, Up time: 00:13:57 Idle time: N/A Statistics since: Sun Feb 15 22:20:00 2015 Packets Bytes Data Tx 589 122.5k Data Rx 446 24.1k
意味
動的VLANインターフェイスを介したLAC PPPは動作可能です。
R0 の AAA アクセスおよび RADIUS サーバの設定と統計情報の確認
目的
RADIUS サーバー、ドメイン マップ、AAA の情報を表示して、AAA と RADIUS が期待どおりに機能していることを確認します。
アクション
運用モードから、 show network-access aaa accounting
、 、 、 、 show network-access domain-map statistics
show network-access aaa statistics authentication detail
show network-access aaa statistics accounting
show network-access aaa statistics authentication
show network-access aaa radius-servers detail
show network-access requests statistics
show network-access requests pending
show network-access aaa statistics accounting detail
show network-access aaa statistics pending-accounting-stops detail
コマンドを実行します。show network-access aaa statistics radius
user@host-R0>show network-access aaa accounting Profile Logical System Routing Instance Acct-On-Response Access-Profile-0 default default ACK user@host-R0>show network-access aaa radius-servers detail Profile: Access-Profile-0 Server address: 9.0.0.9 Authentication port: 1812 Accounting port: 1813 Status: UP RADIUS Servers 9.0.0.9 Round Trip Time: 0 Authentication requests: 51 Authentication rollover requests: 0 Authentication retransmissions: 0 Accepts: 51 Rejects: 0 Challenges: 0 Authentication malformed responses: 0 Authentication bad authenticators: 0 Authentication requests pending: 0 Authentication request timeouts: 0 Authentication unknown responses: 0 Authentication packets dropped: 0 Accounting start requests: 59 Accounting interim requests: 389 Accounting stop requests: 59 Accounting rollover requests: 0 Accounting retransmissions: 10 Accounting start responses: 59 Accounting interim responses: 389 Accounting stop responses: 59 Accounting malformed responses: 0 Accounting bad authenticators: 0 Accounting requests pending: 0 Accounting request timeouts: 11 Accounting unknown responses: 0 Accounting packets dropped: 0 user@host-R0>show network-access domain-map statistics General domain mapping statistics Matched domains: 8 Unmatched domains: 43 Missing domain names: 43 Stripped usernames: 0 Domain statistics for domain-name: default Default used: 0 user@host-R0>show network-access aaa statistics authentication Authentication module statistics Requests received: 51 Accepts: 51 Rejects: 0 Challenges: 0 Timed out requests: 0 user@host-R0>show network-access aaa statistics authentication detail Authentication module statistics Requests received: 51 Accepts: 51 Rejects: 0 RADIUS authentication failures: 0 Queue request deleted: 0 Malformed reply: 0 No server configured: 0 Access Profile configuration not found: 0 Unable to create client record: 0 Unable to create client request: 0 Unable to build authentication request: 0 No available server: 0 Unable to create handle: 0 Unable to queue request: 0 Invalid credentials: 0 Malformed request: 0 License unavailable: 0 Redirect requested: 0 Internal failure: 0 Local authentication failures: 0 LDAP lookup failures: 0 Challenges: 0 Timed out requests: 0 user@host-R0>show network-access aaa statistics accounting Accounting module statistics Requests received: 511 Accounting response failures: 0 Accounting response success: 508 Timed out requests: 1 user@host-R0>show network-access aaa statistics accounting detail Accounting module statistics Requests received: 511 Account on requests: 4 Accounting start requests: 59 Accounting interim requests: 389 Accounting stop requests: 59 Accounting response failures: 0 Accounting response success: 508 Account on responses: 1 Accounting start responses: 59 Accounting interim responses: 389 Accounting stop responses: 59 Timed out requests: 1 Accounting rollover requests: 0 Accounting unknown responses: 0 Accounting pending account requests: 0 Accounting malformed responses: 0 Accounting retransmissions: 10 Accounting bad authenticators: 0 Accounting packets dropped: 0 user@host-R0>show network-access requests statistics General authentication statistics Total requests received: 240 Total responses sent: 284 Radius authentication statistics Total requests received: 51 Success responses: 51 Failure responses: 0 Local authentication statistics Total requests received: 0 Success responses: 0 Failure responses: 0 LDAP authentication statistics Total requests received: 0 Success responses: 0 Failure responses: 0 Securid authentication statistics Total requests received: 0 Success responses: 0 Failure responses: 0 Gx-plus general counters: Counter Value engine created 1 initial config: inactive 1 recovery: cold-boot 1 diameter-app initial config: success 1 Gx-plus sync-event counters: Sync-Event Counter Value cold-boot activated 1 Gx-plus general counters: Counter Value engine created 1 initial config: inactive 1 recovery: cold-boot 1 diameter-app initial config: success 1 Gx-plus sync-event counters: Sync-Event Counter Value cold-boot activated 1 user@host-R0>show network-access requests pending Information about pending authentication entries Total pending authentication requests: 0 user@host-R0>show network-access aaa statistics pending-accounting-stops detail Pending accounting stops: 0 user@host-R0>show network-access aaa statistics radius Outstanding Requests RADIUS Server Profile Configured Current Peak Exceeded 9.0.0.9 Access-Profile-0 1000 1 3 0
意味
AAAおよびRADIUSサーバー機能が正しい。
R3で、L2回線が稼働しておらず、BFDセッションが実行されていないことを確認します。
目的
L2 回線と BFD セッション情報を表示して、バックアップ BNG(R3)で何も実行されていないことを確認します。
アクション
運用モードから、 、 、 、 show l2circuit connections summary
、および コマンドを実行しますshow bfd session detail
show interfaces terse | match ccc | count
。 show bfd session summary
show l2circuit connections interface ps0.0
user@host-R3>show interfaces terse | match ccc | count Count: 2048 lines user@host-R3>show l2circuit connections summary Layer-2 Circuit Connections Summary: Neighbor: 101.0.0.1 Total VCs up: 0, Total VCs down: 1000 Neighbor: 102.0.0.1 Total VCs up: 0, Total VCs down: 1048 user@host-R3>show l2circuit connections interface ps0.0 Layer-2 Circuit Connections: Legend for connection status (St) EI -- encapsulation invalid NP -- interface h/w not present MM -- mtu mismatch Dn -- down EM -- encapsulation mismatch VC-Dn -- Virtual circuit Down CM -- control-word mismatch Up -- operational VM -- vlan id mismatch CF -- Call admission control failure OL -- no outgoing label IB -- TDM incompatible bitrate NC -- intf encaps not CCC/TCC TM -- TDM misconfiguration BK -- Backup Connection ST -- Standby Connection CB -- rcvd cell-bundle size bad SP -- Static Pseudowire LD -- local site signaled down RS -- remote site standby RD -- remote site signaled down HS -- Hot-standby Connection XX -- unknown Legend for interface status Up -- operational Dn -- down Neighbor: 101.0.0.1 Interface Type St Time last up # Up trans ps0.0(vc 1) rmt OL user@host-R3>show bfd session summary 0 sessions, 0 clients Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps user@host-R3>show bfd session detail 0 sessions, 0 clients Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
意味
バックアップBNGでL2回線またはBFDセッションが実行されていません。
R5 の L2TP 機能の検証
目的
加入者、ネットワークアクセス、AAA、L2TPサービスの情報を表示して、インターフェイスが機能していることを確認します。
アクション
動作モードから、 show subscribers
、 、 、 、 show subscribers detail
show network-access aaa subscribers
show route protocol access internal
show firewall
show network-access aaa subscribers session-id 9 detail
show services l2tp summary
show services l2tp destination
show network-access aaa subscribers session-id 9
show subscriber summary
show services l2tp session
show services l2tp destination extensive
show services l2tp tunnel
show services l2tp tunnel extensive
コマンドを実行します。show services l2tp session extensive
user@host-R5>show subscribers Interface IP Address/VLAN ID User Name LS:RI si-1/0/0.1073741832 100.48.0.9 SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM default:default user@host-R5>show subscribers summary Subscribers by State Active: 1 Total: 1 Subscribers by Client Type L2TP: 1 Total: 1 user@host-R5>show subscribers detail Type: L2TP User Name: SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM IP Address: 100.48.0.9 IP Netmask: 255.0.0.0 Logical System: default Routing Instance: default Interface: si-1/0/0.1073741832 Interface type: Dynamic Underlying Interface: si-1/0/0.1073741832 Dynamic Profile Name: lns-profile State: Active Radius Accounting ID: 9 Session ID: 9 Login Time: 2015-02-15 23:44:31 PST user@host-R5>show network-access aaa subscribers Username Logical system/Routing instance Client type Session-ID SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM default:default l2tp 9 user@host-R5>show network-access aaa subscribers session-id 9 Logical system/Routing instance Client type Session-ID Session uptime Accounting default:default l2tp 9 00:11:39 off user@host-R5>show network-access aaa subscribers session-id 9 detail Type: l2tp Stripped username: SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM AAA Logical system/Routing instance: default:default Target Logical system/Routing instance: default:default Access-profile: AccProf-LNS Session ID: 9 Accounting Session ID: 9 Multi Accounting Session ID: 0 IP Address: 100.48.0.9 Authentication State: AuthStateActive Accounting State: Acc-Init Converted to time accounting: no Provisioning Type: None user@host-R5>show route protocol access-internal inet.0: 35 destinations, 35 routes (35 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 100.48.0.9/32 *[Access-internal/12] 00:11:50 > via si-1/0/0.1073741832 inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) mpls.0: 12 destinations, 12 routes (12 active, 0 holddown, 0 hidden) inet6.0: 17 destinations, 22 routes (17 active, 0 holddown, 0 hidden) user@host-R5>show firewall Filter: __default_bpdu_filter__ user@host-R5>show services l2tp summary Failover within a preference level is Disabled Weighted load balancing is Disabled Tunnel authentication challenge is Enabled Calling number avp is Enabled Failover Protocol is Enabled Tx Connect speed method is static Rx speed avp when equal is Disabled Tunnel assignment id format is assignment-id Tunnel Tx Address Change is Accept Min Retransmission Timeout for control packets is 1 seconds Max Retransmissions for Established Tunnel is 7 Max Retransmissions for Not Established Tunnel is 5 Tunnel Idle Timeout is 60 seconds Destruct Timeout is 300 seconds Destination Lockout Timeout is 300 seconds Max Packets processed per iteration is 64 Access Line Information is Disabled, Speed Updates is Disabled Destinations: 1, Tunnels: 1, Sessions: 1, Switched sessions: 0 user@host-R5>show services l2tp destination Local Name Remote IP Tunnels Sessions State 6 100.0.0.1 1 1 Enabled user@host-R5>show services l2tp tunnel Local ID Remote ID Remote IP Sessions State 30823 26595 100.0.0.1:1701 1 Established user@host-R5>show services l2tp session Tunnel local ID: 30823 Local Remote State Interface Interface ID ID unit Name 1214 8956 Established 1073741832 si-1/0/0 user@host-R5>show services l2tp destination extensive Waiting for statistics... Local name: 6 Remote IP: 100.0.0.1 Tunnels: 1, Sessions: 1 State: Enabled Local IP: 105.0.0.1 Transport: ipUdp, Logical System: default, Router Instance: default Lockout State: not locked Access Line Information: disabled, Speed Updates: disabled Connections Totals Active Failed Tunnels 1 1 0 Sessions 1 1 0 Packets Bytes Control Tx 15 418 Control Rx 15 579 Data Tx 722 40.4k Data Rx 244 14.4k Errors Tx 0 Errors Rx 0 user@host-R5>show services l2tp tunnel extensive Waiting for statistics... Tunnel local ID: 30823, Tunnel remote ID: 26595 Remote IP: 100.0.0.1:1701 Sessions: 1, State: Established Tunnel Name: 6/15 Local IP: 105.0.0.1:1701 Local name: R5, Remote name: petrel Effective Peer Resync Mechanism: failover protocol Nas Port Method: none Tunnel Logical System: default, Tunnel Routing Instance: default Max sessions: 128100, Window size: 4, Hello interval: 60 Create time: Sun Feb 15 23:44:31 2015, Up time: 00:12:29 Idle time: 00:00:00, ToS Reflect: Disabled Tunnel Group Name: lns-tunnel-group Statistics since: Sun Feb 15 23:44:31 2015 Packets Bytes Control Tx 15 418 Control Rx 15 579 Data Tx 734 41.1k Data Rx 244 14.4k Errors Tx 0 Errors Rx 0 user@host-R5>show services l2tp session extensive Tunnel local ID: 30823 Session local ID: 1214, Session remote ID: 8956 Interface unit: 1073741832 State: Established Interface: si-1/0/0 Mode: Dedicated Local IP: 105.0.0.1:1701, Remote IP: 100.0.0.1:1701 Local name: R5, Remote name: petrel Bearer type: 1, Framing type: 1 LCP renegotiation: On, Authentication: None Call serial number: 7 Tx speed: 0, Rx speed: 0 Create time: Sun Feb 15 23:44:31 2015, Up time: 00:12:16 Idle time: N/A, ToS Reflect: Disabled Statistics since: Sun Feb 15 23:44:31 2015 Packets Bytes Data Tx 718 40.2k Data Rx 244 14.4k
意味
動的VLANインターフェイスを介したL2TP LAC PPPが動作しています。
RADIUSサーバーでの動的VLAN認証とアカウンティングの確認
目的
BNGから送信されたRADIUSメッセージがRADIUSサーバーに到着し、受け入れられるかどうかを決定します。
アクション
RADIUS サーバーのデバッグ ログ メッセージを確認して、RADIUS メッセージが到着して処理されているかどうかを確認します。加入者のユーザ名とパスワードがRADIUSサーバのユーザプロファイルと一致する場合、RADIUSサーバはaccess-acceptメッセージ応答をBNGシステムに返す必要があります。RADIUS サーバーがアクセス拒否メッセージを返す場合は、RADIUS サーバーと BNG DHCP ローカル サーバーの両方のユーザー名とパスワードの構成、および PPPoE クライアントのユーザー名とパスワードを確認します。
次のデバッグ ログ メッセージは、ストレート ダイナミック VLAN 認証およびアカウンティング要求に関連しています。
rad_recv: Access-Request packet from host 100.0.0.1 port 53274, id=29, length=134 User-Name = "SST_USER_VLAN_DEFAULT" User-Password = "<password>" Service-Type = Framed-User Chargeable-User-Identity = "" Acct-Session-Id = "54" ERX-Dhcp-Mac-Addr = "0000.0000.0000" NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 Sending Access-Accept of id 29 to 100.0.0.1 port 53274 Service-Type = Framed-User rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=30, length=165 User-Name = "SST_USER_VLAN_DEFAULT" Acct-Status-Type = Start Acct-Session-Id = "54" Service-Type = Framed-User ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Mac-Addr = "0000.0000.0000" Event-Timestamp = "Feb 16 2015 00:47:48 EST" NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=34, length=309 User-Name = "SST_USER_VLAN_DEFAULT" Acct-Status-Type = Stop Acct-Session-Id = "54" Acct-Input-Octets = 0 Acct-Output-Octets = 0 Acct-Session-Time = 345 Acct-Input-Packets = 0 Acct-Output-Packets = 0 Acct-Terminate-Cause = Admin-Reset Service-Type = Framed-User ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Mac-Addr = "0000.0000.0000" Event-Timestamp = "Feb 16 2015 00:53:33 EST" ERX-Input-Gigapkts = 0 Acct-Input-Gigawords = 0 NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0:1-100" NAS-Port-Type = Ethernet ERX-Output-Gigapkts = 0 Acct-Output-Gigawords = 0 ERX-IPv6-Acct-Input-Octets = 0 ERX-IPv6-Acct-Output-Octets = 0 ERX-IPv6-Acct-Input-Packets = 0 ERX-IPv6-Acct-Output-Packets = 0 ERX-IPv6-Acct-Input-Gigawords = 0 ERX-IPv6-Acct-Output-Gigawords = 0 NAS-IP-Address = 100.0.0.1
次のデバッグ ログ メッセージは、動的 VLAN 認証およびアカウンティング要求を介した DHCPv4 に関連しています。
rad_recv: Access-Request packet from host 100.0.0.1 port 53274, id=31, length=210 User-Name = "SST_USER_DHCP_V4_DEFAULT" User-Password = "<password>" Service-Type = Framed-User Chargeable-User-Identity = "" Acct-Session-Id = "55" ERX-Dhcp-Options = "5\001\0012\004d\020\000\003\014\026fireback-ThinkPad-T4007\r\001\034\002\003\017\006w\014,/\032y*" ERX-Dhcp-Mac-Addr = "0022.6814.84d5" Framed-IP-Address = 100.16.0.3 NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741855:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 Sending Access-Accept of id 31 to 100.0.0.1 port 53274 Service-Type = Framed-User ERX-Service-Activate:1 += "DHCP-SERVICE-PROFILE(INPUT-V4-FILTER-01, OUTPUT-V4-FILTER-01, INPUT-V6-FILTER-01, OUTPUT-V6-FILTER-01)" rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=32, length=247 User-Name = "SST_USER_DHCP_V4_DEFAULT" Acct-Status-Type = Start Acct-Session-Id = "55" Service-Type = Framed-User ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Options = "5\001\0012\004d\020\000\003\014\026fireback-ThinkPad-T4007\r\001\034\002\003\017\006w\014,/\032y*" ERX-Dhcp-Mac-Addr = "0022.6814.84d5" Event-Timestamp = "Feb 16 2015 00:47:51 EST" Framed-IP-Address = 100.16.0.3 Framed-IP-Netmask = 255.0.0.0 NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741855:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=33, length=391 User-Name = "SST_USER_DHCP_V4_DEFAULT" Acct-Status-Type = Stop Acct-Session-Id = "55" Acct-Input-Octets = 0 Acct-Output-Octets = 0 Acct-Session-Time = 342 Acct-Input-Packets = 0 Acct-Output-Packets = 0 Acct-Terminate-Cause = NAS-Request Service-Type = Framed-User ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Options = "5\001\0012\004d\020\000\003\014\026fireback-ThinkPad-T4007\r\001\034\002\003\017\006w\014,/\032y*" ERX-Dhcp-Mac-Addr = "0022.6814.84d5" Event-Timestamp = "Feb 16 2015 00:53:33 EST" Framed-IP-Address = 100.16.0.3 Framed-IP-Netmask = 255.0.0.0 ERX-Input-Gigapkts = 0 Acct-Input-Gigawords = 0 NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741855:1-100" NAS-Port-Type = Ethernet ERX-Output-Gigapkts = 0 Acct-Output-Gigawords = 0 ERX-IPv6-Acct-Input-Octets = 0 ERX-IPv6-Acct-Output-Octets = 0 ERX-IPv6-Acct-Input-Packets = 0 ERX-IPv6-Acct-Output-Packets = 0 ERX-IPv6-Acct-Input-Gigawords = 0 ERX-IPv6-Acct-Output-Gigawords = 0 NAS-IP-Address = 100.0.0.1
次のデバッグ ログ メッセージは、動的 VLAN 認証およびアカウンティング要求を介した DHCPv6 に関連しています。
rad_recv: Access-Request packet from host 100.0.0.1 port 53274, id=37, length=204 User-Name = "SST_USER_DHCP_V6_DEFAULT" User-Password = "<password>" Service-Type = Framed-User Chargeable-User-Identity = "" Acct-Session-Id = "58" ERX-Dhcp-Options = "\000\001\000\016\000\001\000\001\034\017\273\351\000\"h\ 024\204\325\000\010\000\002\000d\000\006\000\004\000\027\000\030\000\031\000\014\000\ 000\000\001\000\000\000\000\000\000\000" ERX-Dhcp-Mac-Addr = "0022.6814.84d5" NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741856:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 Sending Access-Accept of id 37 to 100.0.0.1 port 53274 Service-Type = Framed-User ERX-Service-Activate:1 += "DHCP-SERVICE-PROFILE(INPUT-V4-FILTER-01, OUTPUT-V4-FILTER-01, INPUT-V6-FILTER-01, OUTPUT-V6-FILTER-01)" rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=38, length=254 User-Name = "SST_USER_DHCP_V6_DEFAULT" Acct-Status-Type = Start Acct-Session-Id = "58" Service-Type = Framed-User ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Delegated-IPv6-Prefix = 1000::/56 Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Options = "\000\001\000\016\000\001\000\001\034\017\273\351\000\"h\024\ 204\325\000\010\000\002\000d\000\006\000\004\000\027\000\030\000\031\000\014\000\000\000\ 001\000\000\000\000\000\000\000" ERX-Dhcp-Mac-Addr = "0022.6814.84d5" Event-Timestamp = "Feb 16 2015 00:54:49 EST" NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741856:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=40, length=309 User-Name = "SST_USER_VLAN_DEFAULT" Acct-Status-Type = Stop Acct-Session-Id = "57" Acct-Input-Octets = 0 Acct-Output-Octets = 0 Acct-Session-Time = 265 Acct-Input-Packets = 0 Acct-Output-Packets = 0 Acct-Terminate-Cause = Admin-Reset Service-Type = Framed-User ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Mac-Addr = "0000.0000.0000" Event-Timestamp = "Feb 16 2015 00:59:12 EST" ERX-Input-Gigapkts = 0 Acct-Input-Gigawords = 0 NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0:1-100" NAS-Port-Type = Ethernet ERX-Output-Gigapkts = 0 Acct-Output-Gigawords = 0 ERX-IPv6-Acct-Input-Octets = 0 ERX-IPv6-Acct-Output-Octets = 0 ERX-IPv6-Acct-Input-Packets = 0 ERX-IPv6-Acct-Output-Packets = 0 ERX-IPv6-Acct-Input-Gigawords = 0 ERX-IPv6-Acct-Output-Gigawords = 0 NAS-IP-Address = 100.0.0.1
次のデバッグ ログ メッセージは、ダイナミック VLAN 認証およびアカウンティング要求を介した PPPoE に関連しています。
rad_recv: Access-Request packet from host 100.0.0.1 port 53274, id=49, length=189 User-Name = "SST_USER_PPPOE_LT_DEFAULT" Service-Type = Framed-User Framed-Protocol = PPP CHAP-Password = 0x341c1103d16b6d5a56a3eacef911e227ca CHAP-Challenge = 0x9c35da48d9c6351050ccf15141901947968a4a56ebf0690ab64291240c6f3b Chargeable-User-Identity = "" Acct-Session-Id = "64" ERX-Dhcp-Mac-Addr = "0022.6814.84d5" NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741859:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 Sending Access-Accept of id 49 to 100.0.0.1 port 53274 Service-Type = Framed-User ERX-Service-Activate:1 += "PPPOE-SERVICE-PROFILE(INPUT-V4-FILTER-01, OUTPUT-V4-FILTER-01, INPUT-V6-FILTER-01, OUTPUT-V6-FILTER-01)" rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=50, length=208 User-Name = "SST_USER_PPPOE_LT_DEFAULT" Acct-Status-Type = Start Acct-Session-Id = "64" Service-Type = Framed-User Framed-Protocol = PPP ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Framed-Interface-Id = 2473:3f40:86ef:c3b3 Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Mac-Addr = "0022.6814.84d5" Event-Timestamp = "Feb 16 2015 01:10:01 EST" Framed-IP-Address = 100.16.0.7 Framed-IP-Netmask = 255.0.0.0 NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741859:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=52, length=309 User-Name = "SST_USER_VLAN_DEFAULT" Acct-Status-Type = Stop Acct-Session-Id = "63" Acct-Input-Octets = 86662 Acct-Output-Octets = 256 Acct-Session-Time = 495 Acct-Input-Packets = 557 Acct-Output-Packets = 32 Acct-Terminate-Cause = Admin-Reset Service-Type = Framed-User ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Mac-Addr = "0000.0000.0000" Event-Timestamp = "Feb 16 2015 01:18:11 EST" ERX-Input-Gigapkts = 0 Acct-Input-Gigawords = 0 NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0:1-100" NAS-Port-Type = Ethernet ERX-Output-Gigapkts = 0 Acct-Output-Gigawords = 0 ERX-IPv6-Acct-Input-Octets = 93 ERX-IPv6-Acct-Output-Octets = 0 ERX-IPv6-Acct-Input-Packets = 1 ERX-IPv6-Acct-Output-Packets = 0 ERX-IPv6-Acct-Input-Gigawords = 0 ERX-IPv6-Acct-Output-Gigawords = 0 NAS-IP-Address = 100.0.0.1 rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=51, length=352 User-Name = "SST_USER_PPPOE_LT_DEFAULT" Acct-Status-Type = Stop Acct-Session-Id = "64" Acct-Input-Octets = 14356 Acct-Output-Octets = 0 Acct-Session-Time = 490 Acct-Input-Packets = 239 Acct-Output-Packets = 0 Acct-Terminate-Cause = User-Request Service-Type = Framed-User Framed-Protocol = PPP ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Framed-Interface-Id = 2473:3f40:86ef:c3b3 Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Mac-Addr = "0022.6814.84d5" Event-Timestamp = "Feb 16 2015 01:18:11 EST" Framed-IP-Address = 100.16.0.7 Framed-IP-Netmask = 255.0.0.0 ERX-Input-Gigapkts = 0 Acct-Input-Gigawords = 0 NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741859:1-100" NAS-Port-Type = Ethernet ERX-Output-Gigapkts = 0 Acct-Output-Gigawords = 0 ERX-IPv6-Acct-Input-Octets = 0 ERX-IPv6-Acct-Output-Octets = 0 ERX-IPv6-Acct-Input-Packets = 0 ERX-IPv6-Acct-Output-Packets = 0 ERX-IPv6-Acct-Input-Gigawords = 0 ERX-IPv6-Acct-Output-Gigawords = 0 NAS-IP-Address = 100.0.0.1
次のデバッグ ログ メッセージは、ダイナミック VLAN インターフェイス要求を介した LAC PPP に関連しています。
rad_recv: Access-Request packet from host 100.0.0.1 port 53274, id=55, length=195 User-Name = "SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM" Service-Type = Framed-User Framed-Protocol = PPP CHAP-Password = 0x3b1b159a8dd20e71fc05178bde237a3f18 CHAP-Challenge = 0xce86862897f89c3e6d20ef40c3f0295e669d1649c7a8180c828a Chargeable-User-Identity = "" Acct-Session-Id = "68" ERX-Dhcp-Mac-Addr = "0022.6814.84d5" NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741861:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 Sending Access-Accept of id 55 to 100.0.0.1 port 53274 Service-Type = Framed-User rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=56, length=256 User-Name = "SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM" Acct-Status-Type = Start Acct-Session-Id = "68" Service-Type = Framed-User Framed-Protocol = PPP ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Tunnel-Type:0 = L2TP Tunnel-Medium-Type:0 = IPv4 Tunnel-Client-Endpoint:0 = "100.0.0.1" Tunnel-Server-Endpoint:0 = "105.0.0.1" Tunnel-Assignment-Id:0 = "Tunnel-ID-1" Acct-Tunnel-Connection = "0000000007" Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Mac-Addr = "0022.6814.84d5" Event-Timestamp = "Feb 16 2015 01:20:00 EST" NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741861:1-100" NAS-Port-Type = Ethernet NAS-IP-Address = 100.0.0.1 rad_recv: Accounting-Request packet from host 100.0.0.1 port 53274, id=59, length=400 User-Name = "SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM" Acct-Status-Type = Stop Acct-Session-Id = "68" Acct-Input-Octets = 128977 Acct-Output-Octets = 24940 Acct-Session-Time = 874 Acct-Input-Packets = 589 Acct-Output-Packets = 446 Acct-Terminate-Cause = NAS-Request Service-Type = Framed-User Framed-Protocol = PPP ERX-Attr-177 = 0x506f72742053706565643a20313030303030306b Tunnel-Type:0 = L2TP Tunnel-Medium-Type:0 = IPv4 Tunnel-Client-Endpoint:0 = "100.0.0.1" Tunnel-Server-Endpoint:0 = "105.0.0.1" Tunnel-Assignment-Id:0 = "Tunnel-ID-1" Acct-Tunnel-Connection = "0000000007" Acct-Authentic = RADIUS Acct-Delay-Time = 0 ERX-Dhcp-Mac-Addr = "0022.6814.84d5" Event-Timestamp = "Feb 16 2015 01:34:34 EST" ERX-Input-Gigapkts = 0 Acct-Input-Gigawords = 0 NAS-Identifier = "R0-BNG1" NAS-Port = 100 NAS-Port-Id = "ps0.1073741861:1-100" NAS-Port-Type = Ethernet ERX-Output-Gigapkts = 0 Acct-Output-Gigawords = 0 ERX-IPv6-Acct-Input-Octets = 460 ERX-IPv6-Acct-Output-Octets = 0 ERX-IPv6-Acct-Input-Packets = 6 ERX-IPv6-Acct-Output-Packets = 0 ERX-IPv6-Acct-Input-Gigawords = 0 ERX-IPv6-Acct-Output-Gigawords = 0 NAS-IP-Address = 100.0.0.1
意味
動的VLAN認証とアカウンティング機能が確認されています。
トラブルシューティング
このトラブルシューティングセクションでは、BNGプラットフォームでの疑似配線ヘッドエンド終端と加入者管理に焦点を当てます。これらの機能のトラブルシューティングを行うには、次のセクションを参照してください。
traceoptionsの使用方法については、 Junos OSのトレースとロギング操作を参照してください。
MPLS L2 回線擬似配線
問題
MPLS L2 回線擬似配線が確立されていません。
ソリューション
BNGデバイスで、各ネットワーク層の運用ステータスとエラー数を調査します。まず、レイヤー1(L1)とL2の両方で運用ステータスがUpであり、エラー数が増加していないことを確認します。
user@host-BNG>show interfaces ge-2/0/0 extensive Physical interface: ge-2/0/0, Enabled, Physical link is Up Interface index: 2359, SNMP ifIndex: 579, Generation: 2362 Description: To R1 - APE1 Link-level type: Ethernet, MTU: 1514, MRU: 1522, Speed: 1000mbps, BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disabled, Source filtering: Disabled, Flow control: Enabled, Auto-negotiation: Enabled, Remote fault: Online Pad to minimum frame size: Disabled Device flags : Present Running Interface flags: SNMP-Traps Internal: 0x4000 Link flags : None CoS queues : 8 supported, 8 maximum usable queues Schedulers : 0 Hold-times : Up 0 ms, Down 0 ms Current address: ac:4b:c8:45:6a:94, Hardware address: ac:4b:c8:45:6a:94 Last flapped : 2015-03-24 16:34:13 PDT (22:13:47 ago) Statistics last cleared: Never Traffic statistics: Input bytes : 37913131 234088 bps Output bytes : 27109253 150976 bps Input packets: 750139 595 pps Output packets: 736385 588 pps IPv6 transit statistics: Input bytes : 0 Output bytes : 0 Input packets: 0 Output packets: 0 Label-switched interface (LSI) traffic statistics: Input bytes : 0 0 bps Input packets: 0 0 pps Dropped traffic statistics due to STP State: Input bytes : 0 Output bytes : 0 Input packets: 0 Output packets: 0 Input errors: Errors: 0, Drops: 0, Framing errors: 0, Runts: 0, Policed discards: 0, L3 incompletes: 0, L2 channel errors: 0, L2 mismatch timeouts: 0, FIFO errors: 0, Resource errors: 0 Output errors: Carrier transitions: 1, Errors: 0, Drops: 0, Collisions: 0, Aged packets: 0, FIFO errors: 0, HS link CRC errors: 0, MTU errors: 0, Resource errors: 0 Egress queues: 8 supported, 8 in use Queue counters: Queued packets Transmitted packets Dropped packets 0 2082 2082 0 1 0 0 0 2 0 0 0 3 735288 735288 0 4 0 0 0 5 0 0 0 6 0 0 0 7 0 0 0 Queue number: Mapped forwarding classes 0 FC0 1 FC1 2 FC2 3 FC3 4 FC4 5 FC5 6 FC6 7 FC7 Active alarms : None Active defects : None MAC statistics: Receive Transmit Total octets 51466725 49001759 Total packets 750906 737115 Unicast packets 731162 699812 Broadcast packets 35 38 Multicast packets 19709 37265 CRC/Align errors 0 0 FIFO errors 0 0 MAC control frames 0 0 MAC pause frames 0 0 Oversized frames 0 Jabber frames 0 Fragment frames 0 VLAN tagged frames 0 Code violations 0 Total errors 0 0 Filter statistics: Input packet count 750316 Input packet rejects 0 Input DA rejects 0 Input SA rejects 0 Output packet count 736542 Output packet pad count 0 Output packet error count 0 CAM destination filters: 0, CAM source filters: 0 Autonegotiation information: Negotiation status: Complete Link partner: Link mode: Full-duplex, Flow control: Symmetric/Asymmetric, Remote fault: OK Local resolution: Flow control: Symmetric, Remote fault: Link OK Packet Forwarding Engine configuration: Destination slot: 0 (0x00) CoS information: Direction : Output CoS transmit queue Bandwidth Buffer Priority Limit % bps % usec 0 FC0 95 950000000 95 0 low none 3 FC3 5 50000000 5 0 low none Interface transmit statistics: Disabled Logical interface ge-2/0/0.0 (Index 4447) (SNMP ifIndex 14264) (Generation 4256) Flags: Up SNMP-Traps 0x4004000 Encapsulation: ENET2 Traffic statistics: Input bytes : 41421857 Output bytes : 27287563 Input packets: 786945 Output packets: 736385 Local statistics: Input bytes : 8105510 Output bytes : 5342123 Input packets: 102278 Output packets: 50590 Transit statistics: Input bytes : 33316347 230800 bps Output bytes : 21945440 150624 bps Input packets: 684667 591 pps Output packets: 685795 588 pps Protocol inet, MTU: 1500, Generation: 2247, Route table: 0 Flags: Sendbcast-pkt-to-re Addresses, Flags: Is-Preferred Is-Primary Destination: 21.21.11/24, Local: 21.21.11.1, Broadcast: 21.21.11.255, Generation: 155 Protocol mpls, MTU: 1488, Maximum labels: 3, Generation: 2248, Route table: 0 Protocol multiservice, MTU: Unlimited, Generation: 2249, Route table: 0 Policer: Input: __default_arp_policer__
インターフェイスが PS インターフェイスの場合は、アンカー インターフェイスのステータスも確認します。
user@host-BNG>show configuration interfaces ps0 | display inheritance no-comments anchor-point { lt-0/0/10; } flexible-vlan-tagging; auto-configure { stacked-vlan-ranges { dynamic-profile vlan-prof-0 { accept [ inet inet6 pppoe ]; ranges { 1-256,1-4094; } } authentication { password <password>; username-include { user-prefix SST_USER_VLAN_DEFAULT; } } } remove-when-no-subscribers; } no-gratuitous-arp-request; unit 0 { encapsulation ethernet-ccc; } user@host-BNG>show interfaces lt-0/0/10 media Physical interface: lt-0/0/10, Enabled, Physical link is Up Interface index: 159, SNMP ifIndex: 12719 Type: Logical-tunnel, Link-level type: Logical-tunnel, MTU: Unlimited, Speed: 1000mbps Device flags : Present Running Interface flags: Point-To-Point SNMP-Traps Internal: 0x4000 Physical info : 13 Current address: ac:4b:c8:45:68:00, Hardware address: ac:4b:c8:45:68:00 Last flapped : 2015-03-24 16:33:23 PDT (22:55:56 ago) Input rate : 0 bps (0 pps) Output rate : 0 bps (0 pps) user@host-BNG>show interfaces ps0 media Physical interface: ps0, Enabled, Physical link is Up Interface index: 160, SNMP ifIndex: 12720 Type: Software-Pseudo, Link-level type: 90, MTU: 1522, Clocking: 1, Speed: 1000mbps Device flags : Present Running Interface flags: Point-To-Point Internal: 0x4000 Current address: ac:4b:c8:45:68:00, Hardware address: ac:4b:c8:45:68:00 Last flapped : Never Input rate : 0 bps (0 pps) Output rate : 0 bps (0 pps) user@host-BNG>show interfaces ps0.0 Logical interface ps0.0 (Index 332) (SNMP ifIndex 18023) Flags: Up Point-To-Point 0x4000 Encapsulation: Ethernet-CCC Input packets : 272 Output packets: 459 Protocol ccc, MTU: 1514 Flags: Is-Primary user@host-BNG>show interfaces ps0.0 extensive Logical interface ps0.0 (Index 332) (SNMP ifIndex 18023) (Generation 141) Flags: Up Point-To-Point 0x4000 Encapsulation: Ethernet-CCC Traffic statistics: Input bytes : 17251 Output bytes : 37799 Input packets: 272 Output packets: 459 Local statistics: Input bytes : 0 Output bytes : 0 Input packets: 0 Output packets: 0 Transit statistics: Input bytes : 17251 0 bps Output bytes : 37799 0 bps Input packets: 272 0 pps Output packets: 459 0 pps Protocol ccc, MTU: 1514, Generation: 169, Route table: 0 Flags: Is-Primary
次に、直接接続されているインターフェイスのIP接続を確認します。
user@host-BNG>show interfaces ge-2/0/0 terse Interface Admin Link Proto Local Remote ge-2/0/0 up up ge-2/0/0.0 up up inet 21.21.11.1/24 mpls multiservice user@host-BNG>ping 21.21.11.2 rapid count 1000 PING 21.21.11.2 (21.21.11.2): 56 data bytes !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! --- 21.21.11.2 ping statistics --- 1000 packets transmitted, 1000 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.460/0.748/16.578/0.820 ms
IGPがルートフラッピングなしで安定しているかどうかを確認します。OSPF ネイバーの状態は Full である必要があり、OSPF データベースとルート テーブルの経過時間は、ゼロにリセットされることなく、一貫して増加するはずです。ネイバー ルーターのループバック インターフェイスへの IP 接続が損なわれていない必要があります。
user@host-BNG>show ospf neighbor Address Interface State ID Pri Dead 21.21.11.2 ge-2/0/0.0 Full 101.0.0.1 128 35 21.21.13.2 ge-2/0/1.0 Full 102.0.0.1 128 30 21.21.10.2 ge-3/0/0.0 Full 101.0.0.1 128 36 21.21.12.2 ge-3/0/1.0 Full 102.0.0.1 128 36 21.21.15.2 ge-3/0/2.0 Full 104.0.0.1 128 37 21.21.14.2 xe-0/0/0.0 Full 104.0.0.1 128 34 user@host-BNG>show ospf database router OSPF database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router *100.0.0.1 100.0.0.1 0x8000000b 1721 0x22 0xac4b 108 Router 101.0.0.1 101.0.0.1 0x80000005 1699 0x22 0x6180 84 Router 102.0.0.1 102.0.0.1 0x80000006 1712 0x22 0x7736 84 Router 103.0.0.1 103.0.0.1 0x8001452e 1727 0x22 0x134c 96 Router 104.0.0.1 104.0.0.1 0x80000010 768 0x22 0x135e 108 Router 105.0.0.1 105.0.0.1 0x80000033 1096 0x22 0xbdf6 96 user@host-BNG>show route protocol ospf | match /32 101.0.0.1/32 *[OSPF/10] 00:28:53, metric 1 102.0.0.1/32 *[OSPF/10] 00:29:01, metric 1 103.0.0.1/32 *[OSPF/10] 00:28:53, metric 2 104.0.0.1/32 *[OSPF/10] 00:35:33, metric 1 105.0.0.1/32 *[OSPF/10] 00:35:33, metric 2 224.0.0.5/32 *[OSPF/10] 22:21:18, metric 1 user@host-BNG>ping 101.0.0.1 rapid count 1000 PING 101.0.0.1 (101.0.0.1): 56 data bytes !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! --- 101.0.0.1 ping statistics --- 1000 packets transmitted, 1000 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.480/0.830/11.262/0.771 ms user@host-BNG>show ldp route 101.0.0.1 Destination Next-hop intf/lsp/table Next-hop address 101.0.0.1/32 ge-2/0/0.0 21.21.11.2 ge-3/0/0.0 21.21.10.2 user@host-BNG>show route 101.0.0.1 inet.0: 33 destinations, 34 routes (33 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 101.0.0.1/32 *[OSPF/10] 00:30:48, metric 1 to 21.21.11.2 via ge-2/0/0.0 > to 21.21.10.2 via ge-3/0/0.0 inet.3: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 101.0.0.1/32 *[LDP/9] 00:30:48, metric 1 > to 21.21.11.2 via ge-2/0/0.0 to 21.21.10.2 via ge-3/0/0.0
次に、MPLS L2 回線疑似配線の BFD セッション ステータスを確認します。
user@host-BNG>show bfd session Address State Interface Time Interval Multiplier 127.0.0.1 Up ge-2/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-3/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-3/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-2/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-3/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-2/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-2/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-3/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-3/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-2/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-3/0/0.0 4.000 1.000 4 127.0.0.1 Up ge-2/0/0.0 4.000 1.000 4
MPLS擬似配線のデータパスを調べます。
user@host-BNG>ping mpls l2circuit interface ps0.0 !!!!! --- lsping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss user@host-BNG>ping mpls l2circuit virtual-circuit 1 count 10 destination 127.0.0.1 neighbor 101.0.0.1 !!!!!!!!!! --- lsping statistics --- 10 packets transmitted, 10 packets received, 0% packet loss user@host-PE1>ping mpls l2circuit interface ge-1/1/9.1 !!!!! --- lsping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss user@host-PE1>ping mpls l2circuit interface ge-1/1/9.1 !!!!! --- lsping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss user@host-PE1>ping mpls l2circuit interface ge-1/1/9.1 detail Request for seq 1, to interface 329, label 360336, packet size 88 Reply for seq 1, return code: Egress-ok, time: -4752393.948 ms Local transmit time: 2015-03-25 17:21:25 PDT 394.073 ms Remote receive time: 2015-03-25 16:02:13 PDT 0.125 ms Request for seq 2, to interface 329, label 360336, packet size 88 Reply for seq 2, return code: Egress-ok, time: -4752393.851 ms Local transmit time: 2015-03-25 17:21:26 PDT 393.976 ms Remote receive time: 2015-03-25 16:02:14 PDT 0.125 ms Request for seq 3, to interface 329, label 360336, packet size 88 Reply for seq 3, return code: Egress-ok, time: -4752393.839 ms Local transmit time: 2015-03-25 17:21:27 PDT 393.964 ms Remote receive time: 2015-03-25 16:02:15 PDT 0.125 ms Request for seq 4, to interface 329, label 360336, packet size 88 Reply for seq 4, return code: Egress-ok, time: -4752393.831 ms Local transmit time: 2015-03-25 17:21:28 PDT 393.956 ms Remote receive time: 2015-03-25 16:02:16 PDT 0.125 ms Request for seq 5, to interface 329, label 360336, packet size 88 Reply for seq 5, return code: Egress-ok, time: -4752393.823 ms Local transmit time: 2015-03-25 17:21:29 PDT 393.948 ms Remote receive time: 2015-03-25 16:02:17 PDT 0.125 ms --- lsping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss
最後に、MPLS L2 回線のステータスが Up であることを確認します。そうでない場合は、コマンド出力に記載されている
show
接続状態コードの凡例で理由を確認してください。user@host-BNG>show l2circuit connections interface ps0.0 extensive Layer-2 Circuit Connections: Legend for connection status (St) EI -- encapsulation invalid NP -- interface h/w not present MM -- mtu mismatch Dn -- down EM -- encapsulation mismatch VC-Dn -- Virtual circuit Down CM -- control-word mismatch Up -- operational VM -- vlan id mismatch CF -- Call admission control failure OL -- no outgoing label IB -- TDM incompatible bitrate NC -- intf encaps not CCC/TCC TM -- TDM misconfiguration BK -- Backup Connection ST -- Standby Connection CB -- rcvd cell-bundle size bad SP -- Static Pseudowire LD -- local site signaled down RS -- remote site standby RD -- remote site signaled down HS -- Hot-standby Connection XX -- unknown Legend for interface status Up -- operational Dn -- down Neighbor: 101.0.0.1 Interface Type St Time last up # Up trans ps0.0(vc 1) rmt Up Mar 25 14:26:50 2015 1 Remote PE: 101.0.0.1, Negotiated control-word: Yes (Null) Incoming label: 360336, Outgoing label: 338624 Negotiated PW status TLV: No Local interface: ps0.0, Status: Up, Encapsulation: ETHERNET Connection History: Mar 25 14:26:50 2015 status update timer Mar 25 14:26:50 2015 PE route changed Mar 25 14:26:50 2015 Out lbl Update 338624 Mar 25 14:26:50 2015 In lbl Update 360336 Mar 25 14:26:50 2015 loc intf up ps0.0 user@host-PE1>show l2circuit connections interface ge-1/1/9.1 extensive Layer-2 Circuit Connections: Legend for connection status (St) EI -- encapsulation invalid NP -- interface h/w not present MM -- mtu mismatch Dn -- down EM -- encapsulation mismatch VC-Dn -- Virtual circuit Down CM -- control-word mismatch Up -- operational VM -- vlan id mismatch CF -- Call admission control failure OL -- no outgoing label IB -- TDM incompatible bitrate NC -- intf encaps not CCC/TCC TM -- TDM misconfiguration BK -- Backup Connection ST -- Standby Connection CB -- rcvd cell-bundle size bad SP -- Static Pseudowire LD -- local site signaled down RS -- remote site standby RD -- remote site signaled down HS -- Hot-standby Connection XX -- unknown Legend for interface status Up -- operational Dn -- down Neighbor: 100.0.0.1 Interface Type St Time last up # Up trans ge-1/1/9.1(vc 1) rmt Up Mar 25 15:46:05 2015 1 Remote PE: 100.0.0.1, Negotiated control-word: Yes (Null) Incoming label: 338624, Outgoing label: 360336 Negotiated PW status TLV: No Local interface: ge-1/1/9.1, Status: Up, Encapsulation: ETHERNET Flow Label Transmit: No, Flow Label Receive: No Connection History: Mar 25 15:46:05 2015 status update timer Mar 25 15:46:01 2015 PE route changed Mar 25 15:46:01 2015 Out lbl Update 360336 Mar 25 15:46:01 2015 In lbl Update 338624 Mar 25 15:46:01 2015 loc intf up ge-1/1/9.1 Neighbor: 103.0.0.1 ge-1/1/9.1(vc 1) rmt BK
加入者セッション
問題
サブスクライバ セッションが確立されていません。
ソリューション
まず、AAA ステータスを確認します。まず、 コマンドを使用して、
test aaa
認証とアドレス割り当ての動作ステータスを確認します。user@host-BNG>test aaa ppp user SST_USER_VLAN_DEFAULT password <password> Authentication Grant ************User Attributes*********** User Name - SST_USER_VLAN_DEFAULT Client IP Address - 100.16.0.2 Client IP Netmask - 255.0.0.0 Virtual Router Name - default Reply Message - NULL Primary DNS IP Address - 0.0.0.0 Secondary DNS IP Address - 0.0.0.0 Primary WINS IP Address - 0.0.0.0 Secondary WINS IP Address - 0.0.0.0 Primary DNS IPv6 Address - :: Secondary DNS IPv6 Address - :: Framed Pool - v4-pool-0 Class Attribute - not set Service Type - 0 Client Ipv6 Address - :: Client Ipv6 Mask - null Framed Ipv6 Prefix - ::/0 Framed Ipv6 Pool - not-set NDRA Ipv6 Prefix - not-set Login Ipv6 Host - :: Framed Interface Id: - 0:0:0:0 Delegated Ipv6 Prefix - ::/0 Delegated Ipv6 Pool - not-set User Password - <password> CHAP Password - NULL Mac Address - AB:CD:00:00:00:01 Filter Id - not set Framed MTU - (null) Framed Route - not set Ingress Policy Name - not set Egress Policy Name - not set IGMP - disabled Redirect VR Name - default Service Bundle - Null Framed Ip Route Tag - not set Ignore DF Bit - disabled IGMP Access Group Name - not set IGMP Access Source Group Name - not set MLD Access Group Name - not set MLD Access Source Group Name - not set IGMP Version - not set MLD Version - not set IGMP Immediate Leave - disabled MLD Immediate Leave - disabled IPv6 Ingress Policy Name - not set IPv6 Egress Policy Name - not set Acct Session ID- 10 Acct Interim Interval - 600 Acct Type - 2 Ingress Statistics disabled Egress Statistics disabled Chargeable user identity - 0 NAS Port Id - not set NAS Port - 4095 NAS Port Type - 15 Framed Protocol - 0 ****Pausing 10 seconds before disconnecting the test user********* Logging out subscriber Terminate Id - not set Test complete. Exiting user@host-BNG>test aaa ppp user SST_USER_PPPOE_LT_DEFAULT password <password> Authentication Grant ************User Attributes*********** User Name - SST_USER_PPPOE_LT_DEFAULT Client IP Address - 100.16.0.9 Client IP Netmask - 255.0.0.0 Virtual Router Name - default Reply Message - NULL Primary DNS IP Address - 0.0.0.0 Secondary DNS IP Address - 0.0.0.0 Primary WINS IP Address - 0.0.0.0 Secondary WINS IP Address - 0.0.0.0 Primary DNS IPv6 Address - :: Secondary DNS IPv6 Address - :: Framed Pool - v4-pool-0 Class Attribute - not set Service Type - 0 Client Ipv6 Address - :: Client Ipv6 Mask - null Framed Ipv6 Prefix - ::/0 Framed Ipv6 Pool - not-set NDRA Ipv6 Prefix - not-set Login Ipv6 Host - :: Framed Interface Id: - 0:0:0:0 Delegated Ipv6 Prefix - ::/0 Delegated Ipv6 Pool - not-set User Password - <password> CHAP Password - NULL Mac Address - AB:CD:00:00:00:01 Service tag - 1 Service Name - PPPOE-SERVICE-PROFILE(INPUT-V4-FILTER-01, OUTPUT-V4-FILTER-01, INPUT-V6-FILTER-01, OUTPUT-V6-FILTER-01) Filter Id - not set Framed MTU - (null) Framed Route - not set Ingress Policy Name - not set Egress Policy Name - not set IGMP - disabled Redirect VR Name - default Service Bundle - Null Framed Ip Route Tag - not set Ignore DF Bit - disabled IGMP Access Group Name - not set IGMP Access Source Group Name - not set MLD Access Group Name - not set MLD Access Source Group Name - not set IGMP Version - not set MLD Version - not set IGMP Immediate Leave - disabled MLD Immediate Leave - disabled IPv6 Ingress Policy Name - not set IPv6 Egress Policy Name - not set Acct Session ID- 28 Acct Interim Interval - 600 Acct Type - 2 Ingress Statistics disabled Egress Statistics disabled Chargeable user identity - 0 NAS Port Id - not set NAS Port - 4095 NAS Port Type - 15 Framed Protocol - 0 ****Pausing 10 seconds before disconnecting the test user********* Logging out subscriber Terminate Id - not set Test complete. Exiting user@host-BNG>test aaa ppp user SST_USER_PPPOE_L2TP_DEFAULT@ABC1.COM password <password> Authentication Grant with Tunnel Attributes ************Tunnel Attributes*********** ****Tunnel Definiton - 1 Tunnel Medium - 1 Tunnel Type - 3 Tunnel Max Sessions - 0 Tunnel Server Endpoint - 105.0.0.1 Tunnel Client Endpoint - 100.0.0.1 Tunnel Server AuthId - Tunnel Client AuthId - Tunnel Password - juniper Tunnel Assignment Id - Tunnel-ID-1 Tunnel Logical System - Tunnel Routing Instance - ****Pausing 10 seconds before disconnecting the test user********* Logging out subscriber Terminate Id - not set Test complete. Exiting
RADIUSサーバーの運用ステータスと統計情報を確認します。
user@host-BNG>show network-access aaa radius-servers detail Profile: Access-Profile-0 Server address: 9.0.0.9 Authentication port: 1812 Accounting port: 1813 Status: UP RADIUS Servers 9.0.0.9 Round Trip Time: 1 Authentication requests: 9 Authentication rollover requests: 0 Authentication retransmissions: 25 Accepts: 4 Rejects: 0 Challenges: 0 Authentication malformed responses: 0 Authentication bad authenticators: 0 Authentication requests pending: 0 Authentication request timeouts: 30 Authentication unknown responses: 0 Authentication packets dropped: 0 Accounting start requests: 4 Accounting interim requests: 1 Accounting stop requests: 8 Accounting rollover requests: 0 Accounting retransmissions: 30 Accounting start responses: 4 Accounting interim responses: 1 Accounting stop responses: 3 Accounting malformed responses: 0 Accounting bad authenticators: 0 Accounting requests pending: 0 Accounting request timeouts: 36 Accounting unknown responses: 0 Accounting packets dropped: 0
PSインターフェイス経由で着信および発信加入者プロトコル制御トラフィックを監視します。まず、加入者アクセス プロトコルのネゴシエーション ステータスを確認します。
user@host-BNG>monitor traffic interface ps0 no-resolve verbose output suppressed, use (detail) or (extensive) for full protocol decode Address resolution is OFF. Listening on ps0, capture size 96 bytes 15:10:51.505345 In PPPoE PADI [Service-Name] [Host-Uniq UTF8] 15:10:56.507188 In PPPoE PADI [Service-Name] [Host-Uniq UTF8] 15:10:56.507566 Out PPPoE PADO [AC-Name "R0"] [Host-Uniq UTF8] [Service-Name] [AC-Cookie UTF8] 15:10:56.508055 In PPPoE PADR [Service-Name] [Host-Uniq UTF8] [AC-Cookie UTF8] 15:10:56.592436 In PPPoE [ses 1]LCP, Conf-Request (0x01), id 1, length 16 15:10:56.592437 In PPPoE [ses 1]LCP, Conf-Request (0x01), id 1, length 16 15:10:56.592511 Out PPPoE [ses 1]LCP, Conf-Request (0x01), id 141, length 21 15:10:56.592511 Out PPPoE [ses 1]LCP, Conf-Request (0x01), id 141, length 21 15:10:56.592560 Out PPPoE [ses 1]LCP, Conf-Ack (0x02), id 1, length 16 15:10:56.592560 Out PPPoE [ses 1]LCP, Conf-Ack (0x02), id 1, length 16 15:10:56.593707 In PPPoE [ses 1]LCP, Conf-Ack (0x02), id 141, length 21 15:10:56.593708 In PPPoE [ses 1]LCP, Conf-Ack (0x02), id 141, length 21 15:10:56.593899 Out PPPoE [ses 1]CHAP, Challenge (0x01), id 32, Value 13bf1f6f74448948130f8648c8c14a49b46125, Name JUNOS 15:10:56.593899 Out PPPoE [ses 1]CHAP, Challenge (0x01), id 32, Value 13bf1f6f74448948130f8648c8c14a49b46125, Name JUNOS 15:10:56.594771 In PPPoE [ses 1]CHAP, Response (0x02), id 32, Value 117cf30ec090ee60ba642403955fa37d, Name SST_USER_PPPOE_LT[|chap] 15:10:56.594772 In PPPoE [ses 1]CHAP, Response (0x02), id 32, Value 117cf30ec090ee60ba642403955fa37d, Name SST_USER_PPPOE_LT[|chap] 15:10:56.800192 Out PPPoE [ses 1]CHAP, Success (0x03), id 32, Msg 15:10:56.800193 Out PPPoE [ses 1]CHAP, Success (0x03), id 32, Msg 15:10:56.800866 In PPPoE [ses 1]IPCP, Conf-Request (0x01), id 1, length 24 15:10:56.800867 In PPPoE [ses 1]IPCP, Conf-Request (0x01), id 1, length 24 15:10:56.800870 In PPPoE [ses 1]IP6CP, Conf-Request (0x01), id 1, length 16 15:10:56.800871 In PPPoE [ses 1]IP6CP, Conf-Request (0x01), id 1, length 16 15:10:56.801043 Out PPPoE [ses 1]IPCP, Conf-Nack (0x03), id 1, length 24 15:10:56.801044 Out PPPoE [ses 1]IPCP, Conf-Nack (0x03), id 1, length 24 15:10:56.801234 Out PPPoE [ses 1]IP6CP, Conf-Ack (0x02), id 1, length 16 15:10:56.801235 Out PPPoE [ses 1]IP6CP, Conf-Ack (0x02), id 1, length 16 15:10:56.801533 In PPPoE [ses 1]IPCP, Conf-Request (0x01), id 2, length 24 15:10:56.801534 In PPPoE [ses 1]IPCP, Conf-Request (0x01), id 2, length 24 15:10:56.801580 Out PPPoE [ses 1]IPCP, Conf-Ack (0x02), id 2, length 24 15:10:56.801581 Out PPPoE [ses 1]IPCP, Conf-Ack (0x02), id 2, length 24 15:10:56.872600 Out PPPoE [ses 1]IPCP, Conf-Request (0x01), id 126, length 12 15:10:56.872601 Out PPPoE [ses 1]IPCP, Conf-Request (0x01), id 126, length 12 15:10:56.872683 Out PPPoE [ses 1]IP6CP, Conf-Request (0x01), id 146, length 16 15:10:56.872683 Out PPPoE [ses 1]IP6CP, Conf-Request (0x01), id 146, length 16 15:10:56.873141 In PPPoE [ses 1]IPCP, Conf-Ack (0x02), id 126, length 12 15:10:56.873141 In PPPoE [ses 1]IPCP, Conf-Ack (0x02), id 126, length 12 15:10:56.878193 In PPPoE [ses 1]IP6CP, Conf-Ack (0x02), id 146, length 16 15:10:56.878194 In PPPoE [ses 1]IP6CP, Conf-Ack (0x02), id 146, length 16 15:11:03.085120 Out PPPoE [ses 1][|ip6] 15:11:03.085121 Out PPPoE [ses 1][|ip6] 15:11:03.469052 Out PPPoE [ses 1][|ip6] 15:11:03.469053 Out PPPoE [ses 1][|ip6] 51 packets received by filter 0 packets dropped by kernel
L2ヘッダー情報を監視するには、 コマ ンドを オプション付き
layer2
で使用しますmonitor traffic
。user@host-BNG>monitor traffic interface ps0 layer2-headers no-resolve verbose output suppressed, use (detail) or (extensive) for full protocol decode Address resolution is OFF. Listening on ps0, capture size 96 bytes 15:11:51.631290 In 00:22:68:14:84:d5 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 40: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq UTF8] 15:11:56.634347 In 00:22:68:14:84:d5 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 40: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE D, PPPoE PADI [Service-Name] [Host-Uniq UTF8] 15:11:56.634596 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 66: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE D, PPPoE PADO [AC-Name "R0"] [Host-Uniq UTF8] [Service-Name] [AC-Cookie UTF8] 15:11:56.635054 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 60: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE D, PPPoE PADR [Service-Name] [Host-Uniq UTF8] [AC-Cookie UTF8] 15:11:56.663820 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 44: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]LCP (0xc021), length 16: LCP, Conf-Request (0x01), id 1, length 16 15:11:56.663821 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 44: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]LCP (0xc021), length 16: LCP, Conf-Request (0x01), id 1, length 16 15:11:56.663924 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 49: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]LCP (0xc021), length 21: LCP, Conf-Request (0x01), id 8, length 21 15:11:56.663925 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 49: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]LCP (0xc021), length 21: LCP, Conf-Request (0x01), id 8, length 21 15:11:56.663973 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 44: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]LCP (0xc021), length 16: LCP, Conf-Ack (0x02), id 1, length 16 15:11:56.663974 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 44: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]LCP (0xc021), length 16: LCP, Conf-Ack (0x02), id 1, length 16 15:11:56.664432 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 49: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]LCP (0xc021), length 21: LCP, Conf-Ack (0x02), id 8, length 21 15:11:56.664433 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 49: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]LCP (0xc021), length 21: LCP, Conf-Ack (0x02), id 8, length 21 15:11:56.664614 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 66: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]CHAP (0xc223), length 38: CHAP, Challenge (0x01), id 103, Value 29df1053315de91c31adc72e60f6aa1fa892ba1fc737082abd9d, Name JUNOS 15:11:56.664615 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 66: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]CHAP (0xc223), length 38: CHAP, Challenge (0x01), id 103, Value 29df1053315de91c31adc72e60f6aa1fa892ba1fc737082abd9d, Name JUNOS 15:11:56.666088 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 68: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]CHAP (0xc223), length 48: CHAP, Response (0x02), id 103, Value a28ce2e6abc62d6fb129888792f0914c, Name SST_USER_PPPOE_LT[|chap] 15:11:56.666089 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 68: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]CHAP (0xc223), length 48: CHAP, Response (0x02), id 103, Value a28ce2e6abc62d6fb129888792f0914c, Name SST_USER_PPPOE_LT[|chap] 15:11:56.870223 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 34: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]CHAP (0xc223), length 6: CHAP, Success (0x03), id 103, Msg 15:11:56.870224 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 34: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]CHAP (0xc223), length 6: CHAP, Success (0x03), id 103, Msg 15:11:56.870893 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 52: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 24: IPCP, Conf-Request (0x01), id 1, length 24 15:11:56.870893 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 52: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 24: IPCP, Conf-Request (0x01), id 1, length 24 15:11:56.870897 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 44: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IP6CP (0x8057), length 16: IP6CP, Conf-Request (0x01), id 1, length 16 15:11:56.870897 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 44: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IP6CP (0x8057), length 16: IP6CP, Conf-Request (0x01), id 1, length 16 15:11:56.871071 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 52: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 24: IPCP, Conf-Nack (0x03), id 1, length 24 15:11:56.871071 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 52: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 24: IPCP, Conf-Nack (0x03), id 1, length 24 15:11:56.871247 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 44: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IP6CP (0x8057), length 16: IP6CP, Conf-Ack (0x02), id 1, length 16 15:11:56.871247 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 44: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IP6CP (0x8057), length 16: IP6CP, Conf-Ack (0x02), id 1, length 16 15:11:56.871616 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 52: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 24: IPCP, Conf-Request (0x01), id 2, length 24 15:11:56.871617 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 52: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 24: IPCP, Conf-Request (0x01), id 2, length 24 15:11:56.871662 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 52: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 24: IPCP, Conf-Ack (0x02), id 2, length 24 15:11:56.871663 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 52: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 24: IPCP, Conf-Ack (0x02), id 2, length 24 15:11:56.959681 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 40: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 12: IPCP, Conf-Request (0x01), id 244, length 12 15:11:56.959681 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 40: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 12: IPCP, Conf-Request (0x01), id 244, length 12 15:11:56.959763 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 44: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IP6CP (0x8057), length 16: IP6CP, Conf-Request (0x01), id 242, length 16 15:11:56.959764 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 44: vlan 1, p 6, ethertype 802.1Q, vlan 100, p 6, ethertype PPPoE S, PPPoE [ses 1]IP6CP (0x8057), length 16: IP6CP, Conf-Request (0x01), id 242, length 16 15:11:56.960192 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 40: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 12: IPCP, Conf-Ack (0x02), id 244, length 12 15:11:56.960193 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 40: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IPCP (0x8021), length 12: IPCP, Conf-Ack (0x02), id 244, length 12 15:11:56.963905 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 44: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IP6CP (0x8057), length 16: IP6CP, Conf-Ack (0x02), id 242, length 16 15:11:56.963906 In 00:22:68:14:84:d5 > ac:4b:c8:45:68:00, ethertype 802.1Q (0x8100), length 44: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IP6CP (0x8057), length 16: IP6CP, Conf-Ack (0x02), id 242, length 16 15:11:58.634264 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 68: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IP6 (0x0057), length 74: [|ip6] 15:11:58.634265 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 68: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IP6 (0x0057), length 74: [|ip6] 15:12:00.323994 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 68: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IP6 (0x0057), length 74: [|ip6] 15:12:00.323995 Out ac:4b:c8:45:68:00 > 00:22:68:14:84:d5, ethertype 802.1Q (0x8100), length 68: vlan 1, p 0, ethertype 802.1Q, vlan 100, p 0, ethertype PPPoE S, PPPoE [ses 1]IP6 (0x0057), length 74: [|ip6] ^C 54 packets received by filter 0 packets dropped by kernel