网络生活

用网络记录生活!

« 几种宽带认证技术JUNIPER (ERX)宽带接入服务器日常维护 »

E1400配置

junper_ERX_1400做宽带接入的配置数据

Configuration being generated on SUN NOV 09 2003 09:27:17 CHN
! Juniper Edge Routing Switch ERX-1400
! Version: 3.4.1 patch-9.0 (October 6, 2003 10:20)
! Copyright (c) 1999-2003 Juniper Networks, Inc. All rights reserved.
boot config running-configuration
boot system erx_3-4-1p9-0.rel
!
exclude-subsystem ct3
exclude-subsystem ct1
exclude-subsystem ut3a
exclude-subsystem ut3f
exclude-subsystem dpfe
exclude-subsystem "ct3-12"
exclude-subsystem oc3
exclude-subsystem ut3f12
exclude-subsystem oc12p
exclude-subsystem "oc3-4p"
exclude-subsystem coc12
exclude-subsystem oc12s
!
boot backup erx_3-4-1p7-0.rel zc0310.cnf
no boot subsystem
no boot backup subsystem
no boot force-backup
no boot slot
!

virtual-router default
默认的VRF
virtual-router LEASED_LINE
专线的VRF
virtual-router VPDN_LAC
本地VPDN用户的VRF
!
license b-ras 1r1Knae9k7
!
aaa domain-map "163.gd"
virtual-router default
!
aaa domain-map default
virtual-router "VPDN_LAC"
!
aaa domain-map none
virtual-router default
!
hostname "ERX--01"
service password-encryption
enable secret level 5 5 P=?TCV-*[BR>enable secret level 10 5 p/$E+QF8rBj?)3*dQ}<@[BR>!
clock timezone CHN 8 0
!
controller sonet 3/0
clock source internal module
!
controller sonet 3/1
clock source internal module
!
controller sonet 3/2
clock source internal module
!
controller sonet 3/3
clock source internal module
!
!
line console 0
password XXXXX
exec-timeout 5 0
login
!
line vty 0 4
password XXXXX
exec-timeout 5 0
access-class DenyTel in
!
log engineering
log verbosity low
no log severity *
no log engineering
log fields timestamp instance no-calling-task
!
disable-switch-on-error
========================================================================
用户的速率限制PROFILE


rate-limit-profile pro512K
committed-rate 512000
committed-burst 51200
peak-burst 16384
conformed-action drop
!
rate-limit-profile pro1M
committed-rate 1024000
committed-burst 102400
peak-burst 16384
conformed-action drop
!
rate-limit-profile pro2M
committed-rate 2048000
committed-burst 204800
peak-burst 16384
conformed-action drop
!
rate-limit-profile pro3M
committed-rate 3072000
committed-burst 307200
peak-burst 16384
conformed-action drop
!
rate-limit-profile pro4M
committed-rate 4096000
committed-burst 409600
peak-burst 16384
conformed-action drop
!
rate-limit-profile pro5M
committed-rate 5120000
committed-burst 512000
peak-burst 16384
conformed-action drop
!
rate-limit-profile pro6M
committed-rate 6144000
committed-burst 614400
peak-burst 16384
conformed-action drop
!
rate-limit-profile pro7M
committed-rate 7168000
committed-burst 716800
peak-burst 16384
conformed-action drop
!
rate-limit-profile pro8M
committed-rate 8192000
committed-burst 819200
peak-burst 16384
conformed-action drop
!
rate-limit-profile pro10M
committed-rate 10240000
committed-burst 1024000
peak-burst 16384
conformed-action drop
!
bandwidth oversubion
=========================================================================
profile default
profile pppoe
ip unnumbered loopback 0
ip sa-validate
ip policy input pro512K
ip policy output pro512K
pppoe url "http://www.stdx.com/temp/notice/adslzf_new/index.php"
!
profile "pppoe-1"
ip unnumbered loopback 0
ip sa-validate
ip policy input pro512K
ip policy output pro2M
ppp authentication pap
pppoe sessions 1
!
virtual-router default
aaa dns primary 61.xx.xx.xxx
aaa dns secondary 61.xx.xx.xxx
aaa duplicate-address-check disable
aaa authentication ppp default radius
aaa accounting ppp default radius

ip address-pool local
interface null 0
interface loopback 0
ip address 218.xx.xx.x 255.255.255.255
!
interface loopback 2
!==============================================================================
ATM模块配置全局初始数据(这部分必不可少,否则ATM交换机查不到连接)

!interface atm 3/0
atm clock internal module
atm vc-per-vp 4096
atm oam flush
no atm cac 0 ubr 0
!
interface atm 3/1
atm clock internal module
atm vc-per-vp 4096
atm oam flush
no atm cac 0 ubr 0
============================================================================
ATM上行的PPPOE用户做终结
VPi 50 VCI 32
的用户

interface atm 3/1.10500032 point-to-point
profile any "pppoe-1"
auto-configure pppoe
atm pvc 10500032 50 32 aal5snap 0 0 0
!

=============================================================================

interface gigabitEthernet 0/0
mtu 1522
duplex full
speed 1000
encapsulation vlan
!
interface gigabitEthernet 0/0.191
vlan id 191
ip address 61.141.x.x 255.255.255.252
ip proxy-arp
no ip redirects
!
interface gigabitEthernet 0/0.507
vlan id 507
pppoe
!
pppoe subinterface gigabitEthernet 0/0.507.1
encapsulation ppp
ppp authentication pap
profile any pppoe
!
pppoe subinterface gigabitEthernet 0/0.507.2
encapsulation ppp
ppp authentication pap
profile any pppoe
!

interface gigabitEthernet 0/0.190
!
ip route 0.0.0.0 0.0.0.0 61.141.19.66
ip route 10.1.0.0 255.255.0.0 10.1.4.1
ip route 61.xx.xx.xxx 255.255.255.0 null0
ip route 61.xx.xx.xxx255.255.255.0 null0
ip ttl 60
!
access-list DenyTel permit ip 61.xx.xx.xxx 0.0.0.31 any

!
!
ip local pool "xx-pool-01"
ip local pool "xx-pool-01" 218.1xx.2xx.2 218.1xx.243.254
ip local pool "xx-pool-02"
ip local pool "xx-pool-02" 218.1xx.2xx.1 218.1xx.244.254
!
policy-list pro512K
rate-limit-profile pro512K
!
policy-list pro2M
rate-limit-profile pro2M
!
policy-list pro1M
rate-limit-profile pro1M
!
policy-list pro3M
rate-limit-profile pro3M
!
policy-list pro4M
rate-limit-profile pro4M
!
policy-list pro5M
rate-limit-profile pro5M
!
policy-list pro6M
rate-limit-profile pro6M
!
policy-list pro7M
rate-limit-profile pro7M

policy-list pro8M
rate-limit-profile pro8M
!
policy-list pro10M
rate-limit-profile pro10M
!
radius authentication server 61.xx.xx.xxx
udp-port 1645
retransmit 2
timeout 5
deadtime 10
key xxxx
!
radius authentication server 61.xx.xx.xxx
udp-port 1645
retransmit 2
timeout 5
deadtime 10
key xxxx
!
radius accounting server 61.xx.xx.xxx
udp-port 1646
retransmit 2
timeout 5
deadtime 10
key xxx
!
radius accounting server 61.xx.xx.xxx
udp-port 1646
retransmit 2
timeout 5
deadtime 10
key xxxx
!
radius update-source-addr 61.xx.xx.xxx
!

! ==============================================================================
!
virtual-router LEASED_LINE
aaa authentication ppp default radius
aaa accounting ppp default radius
!
ip address-pool local
interface null 0
interface loopback 1
ip route 0.0.0.0 0.0.0.0 61.141.xx.xx
ip bgp-community new-format
no ip source-route
ip ttl 30
!
telnet listen port 23
!
! ==============================================================================
virtual-router VPDN_LAC
aaa authentication ppp default radius
aaa accounting ppp default radius
!
ip address-pool local
interface null 0
.
!
interface gigabitEthernet 0/0.192
vlan id 192
ip address 61.141.xx.xx 255.255.255.252
ip proxy-arp
!
ip route 0.0.0.0 0.0.0.0 61.141.xx.xx
no ip source-route
radius authentication server 61.xx.xx.xx
udp-port 1645
key xx
!
radius accounting server 61.xx.xx.xxx
udp-port 1646
key xxx
!
radius update-source-addr 61.xx.xx.xxx
!
snmp-server
 

  • 相关文章:

发表评论:

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

日历

最新评论及回复

最近发表

Powered By Z-Blog 1.8 Arwen Build 90619 Code detection by Codefense  theme by BokeZhuti

Copyright;2009-2009 blog.hit.edu.cn All Rights Reserved 哈工大网络与信息中心