Beruflich Dokumente
Kultur Dokumente
25/09/2008
Karuna
Manav Joshi
Deepak Warang
Ver.
Rev.
Date
Made By
Checked By
Approved By
NOTICE OF DISCLAIMER
RELIANCE INFOCOMM MAKES NO REPRESENTATION OR WARRANTY, EXPRESSED OR IMPLIED, WITH RESPECT TO THE SUFFICIENCY, ACCURACY, OR UTILITY OF ANY INFORMATION OR OPINION CONTAINED IN THIS DOCUMENT INCLUDING ANY WARRANTIES OF TITLE, NONINFRINGEMENT OF COPYRIGHT OR PATENT RIGHTS OF OTHERS. THE INFORMATION CONTAINED IN THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS. RELIANCE INFOCOMM ADVISES THAT ANY USE OF OR RELYING UPON THE INFORMATION OR OPINION CONTAINED IN THIS DOCUMENT IS AT THE SOLE RISK OF THE USER AND THAT RELIANCE INFOCOMM SHALL NOT BE IN ANY MATTER BE LIABLE FOR ANY DAMAGE OR INJURY DIRECTLY OR INDIRECTLY INCURRED BY ANY PERSON ARISING OUT OF THE SUFFICIENCY, ACCURACY, OR UTILITY OF ANY INFORMATION OR OPINION CONTAINED HEREIN. LOCAL CONDITIONS MAY GIVE RISE TO A NEED FOR ADDITIONAL PROFESSIONAL INVESTIGATIONS, MODIFICATIONS, OR SAFEGUARDS TO MEET SITE, EQUIPMENT, AND ENVIRONMENTAL SAFETY OR COMPANYSPECIFIC REQUIREMENTS. IN NO EVENT IS THIS INFORMATION INTENDED TO REPLACE CENTRAL, STATE, LOCAL, OR OTHER APPLICABLE CODES, LAWS, OR REGULATIONS. SPECIFIC APPLICATIONS OR USE OF THE INFORMATION HEREIN WILL CONTAIN VARIABLES UNKNOWN TO OR BEYOND THE CONTROL OF RELIANCE INFOCOMM. AS A RESULT, RELIANCE INFOCOMM CANNOT WARRANT THAT THE APPLICATION OR USE OF THIS INFORMATION WILL PRODUCE THE TECHNICAL RESULT OR SAFETY ORIGINALLY INTENDED. THIS IS NOT TO BE CONSTRUED AS A SUGGESTION TO ANYONE TO MODIFY OR CHANGE ANY PRODUCT OR SERVICE, NOR DOES THIS DOCUMENT REPRESENT ANY COMMITMENT BY ANYONE, INCLUDING BUT NOT LIMITED TO RELIANCE INFOCOMM TO PURCHASE, MANUFACTURE, OR SELL ANY PRODUCT WITH THE DESCRIBED CHARACTERISTICS. READERS ARE SPECIFICALLY ADVISED THAT ANY ENTITY MAY HAVE NEEDS, SPECIFICATIONS, OR REQUIREMENTS DIFFERENT FROM THE GENERIC DESCRIPTIONS HEREIN. THEREFORE, ANYONE WISHING TO KNOW ANY ENTITYS NEEDS, SPECIFICATIONS, OR REQUIREMENTS SHOULD COMMUNICATE DIRECTLY WITH THAT ENTITY. NOTHING CONTAINED HEREIN SHALL BE CONSTRUED AS CONFERRING BY IMPLICATION, ESTOPPEL, OR OTHERWISE ANY LICENSE OR RIGHT UNDER ANY PATENT, WHETHER OR NOT THE USE OF ANY INFORMATION HEREIN NECESSARILY EMPLOYS AN INVENTION OF ANY EXISTING OR LATER ISSUED PATENT. RELIANCE INFOCOMM DOES NOT HEREBY RECOMMEND, APPROVE, CERTIFY, WARRANT, GUARANTEE, OR ENDORSE ANY PRODUCTS, PROCESSES, OR SERVICES, AND NOTHING CONTAINED HEREIN IS INTENDED OR SHOULD BE UNDERSTOOD AS ANY SUCH RECOMMENDATION, APPROVAL, CERTIFICATION, WARRANTY, GUARANTY, OR ENDORSEMENT TO ANYONE. THE DOCUMENT TO WHICH THIS NOTICE IS ATTACHED IS PROTECTED BY COPYRIGHT OWNED IN WHOLE OR IN PRINCIPAL PART BY RELIANCE INFOCOMM LIMITED. YOU MAY USE THE DOCUMENT ONLY FOR THE LIMITED PURPOSES SPECIFIED BY RELIANCE INFOCOMM. ANY DISTRIBUTION OF COPIES OF THE DOCUMENT OR ANY ALTERED VERSION THEREOF IS EXPRESSLY PROHIBITED WITHOUT PRIOR WRITTEN CONSENT OF RELIANCE INFOCOMM RELIANCE INFOCOMM RESERVES THE RIGHT TO REVISE THIS DOCUMENT FOR ANY REASON.
Table of Contents
1 INTRODUCTION....................................................................................... 4 2 BROADNET SERVICE ON MEN ............................................................ 4 3 CONNECTIVITY DIAGRAM ................................................................... 5 4 BROADNET SERVICE - Usage Based .................................................... 5 5 BROADNET SERVICE Flat Fee ........................................................... 20
5.1 Indroduction ............................................................................................................ 20 5.2 Broadnet Flat Fee service Architecture ................................................................... 20 5.3 Configuration Guidelines for BROADNET-Flat Fee ............................................. 21 5.4 Sample Configuration Template for MCN device .................................................. 21 5.5 Configuration Template for BAN/ MAN device ................................................... 22 5.6 Configuration Template for BN Device .................................................................. 22 5.8 Config Template Using Huawei Devices : ............................................................. 25
1 INTRODUCTION
Reliance BROADNET-BIA Internet service provides best class, shared Internet bandwidth through on demand usage based connection to the global Internet for customers over the Reliance Pan India IP Backbone. This product will provide a reliable solution to small, medium business and residential Internet bandwidth users. No SLA will be committed. This service can be provided with access type of Ethernet, DLC and LMDS. Customers get assigned a Dynamic IP allocated by DHCP server. All IP addresses remain property of Reliance and are non-transferable. MEN will do rate limiting at BRAS based on the customer bandwidth requirement. BROADNET Usage Based Service allows customers to access internet with authentication. These customers are charged based on the usage monthly. No SLA is provided for throughput and service will be provided on best effort. By default this service allows subscriber to get one Public IP address dynamically and it has no option to provide additional IP address. This service is provided on different last mile like Ethernet, WiMax, ADSL and IP DSLAM. This document explains Architecture of USAGE BASED INTERNET ACCESS service and gives configuration guidelines for both using Cisco and Huawei NEs deployed in Metro Ethernet Network and further based on the last mile parenting to MEN.
3 CONNECTIVITY DIAGRAM
To BRAS
To DHCP Server
MCN2
MCN1
IUBXXXX VRF
MAN 2
MAN RING 10 GE
MAN 3
MAN 1
BAN 2
BAN RING 1 GE
BN 3 Trunk port vlan 3106,65 Port 23 & 24 of BN Trunk port vlan 3106,65
ADSL Modem
WiMax User
4.4 RT Assignement
City Name
Mumbai
VRF Name
IUBMUMB UBMUMB IUBMUMB-C10K UBMUMB-C10K UBNSHK IUBHYDR UBHYDR UBVWDA UBVSPN IUBCHNN UBCHNN UBMDRI UBTVPM IUDLHI UBDLHI UBLUDH UBCDGR UBJIPR IUBBANG UBBANG UBERNC UBKZKD UBCMBT UBMYSR UBMANG UBSLEM IUBPUNE UBPUNE IUBCALC UBCALC UBKNPR UBLUKH IUBAHDB UBAHDB UBRJKT UBBHPL UBINDR UBSURT IUBVDDR UBVDDR
RT Values
100:102 100:103 - 144 100:170 100:171 100:152 - 159 100:202 100:203 - 227 100:252 - 258 100:261 - 266 100:302 100:303 - 331 100:352 - 360 100:372 - 378 100:402 100:403 - 439 100:452 - 459 100:472 - 483 100:492 - 498 100:502 100:503 - 520 100:532 - 537 100:542 - 546 100:552 - 563 100:572 - 576 100:582 - 586 100:592 - 596 100:602 100:603 - 625 100:702 100:703 - 725 100:730 - 738 100:752 - 760 100:802 100:803 - 825 100:852 - 859 100:873 100:892 - 897 100:917 - 922 100:1002 100:1003 - 1022
Nashik Hyderabad Vijayawada Vizag Cheenai Madurai Trivendrum Delhi Ludhiyana Chandigargh Jaipur Bangalore Ernakulam Kozhikodu Coimbatore
Salem Pune Kolkatta Kanpur Ahmedabad Rajkot Bhopal Indoor Surat Vadodra
ip access-group antivirus in ip verify unicast source reachable-via rx 67 ip helper-address X.X.X.X ip helper-address Y.Y.Y.Y ! interface Vlan102 description <as per NDD> ip vrf forwarding UBXXXX ip dhcp relay information trusted ip unnumbered Loopback102 ip access-group antivirus in ip verify unicast source reachable-via rx 67 ip helper-address X.X.X.X ip helper-address Y.Y.Y.Y no ip unreachables load-interval 30 ! no ip redirects load-interval 30 ! router bgp 65000 ! address-family ipv4 vrf UBXXXX no synchronization redistribute connected redistribute static exit-address-family ! ! ip access-list extended IAD permit ip x.x.x.x 0.0.63.255 any ip access-list extended antivirus deny 53 any any deny 55 any any deny 77 any any deny tcp any any eq ident deny tcp any any eq 135 deny tcp any any eq 445 deny tcp any any eq 1025 deny tcp any any eq 1981 deny tcp any any eq 2745 deny tcp any any eq 3127 deny tcp any any eq 5000 deny tcp any any eq 6129 deny udp any any eq netbios-ns deny udp any eq 1434 any deny udp any any eq 1434 permit ip any any ! route-map IAD permit 10 match ip address IAD set extcommunity rt 100:2 !
4.4.2 Configuration on BN-C3400/3550/ME3750 :! ip arp inspection vlan ip arp inspection vlan 66,65,102 ! spanning-tree mode mst no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! spanning-tree mst configuration name reliance revision 1 instance 1 vlan 1100-1149, 1500-1549 instance 2 vlan 1150-1199, 1550-1599 instance 3 vlan 1200-1249, 1600-1649 instance 4 vlan 1250-1299, 1650-1699 instance 5 vlan 1300-1349, 1700-1749 instance 6 vlan 1350-1399, 1750-1799 instance 7 vlan 1400-1449, 1800-1849 instance 8 vlan 1450-1499, 1850-1899 instance 9 vlan 999 instance 10 vlan 101-102, 127-130, 3100-4000 instance 11 vlan 2-100, 103-126, 131-998, 1000-1005, 1024-1099 ! ! vlan 102 name RESIDENTIAL-ADSL ! vlan 127 name Mnmt_vlan ! vlan 64 name TAL vlan 65 name Wimax ! vlan 101 name Flatfee ! vlan 66 name RESIDENTIAL-MEN vlan 999 name mvr ! class-map match-any Platinum match cos 5 ! class-map match-any Silver match cos 2 3 ! class-map match-any Gold
Reliance MEN - Broadnet Service Guidelines Page 10 of 32 Reliance Confidential Release V1.0
match cos 4 6 7 ! policy-map out-qos class Platinum priority ! class Gold bandwidth remaining percent 33 queue-limit 272 queue-limit cos 6 200 queue-limit cos 7 200 queue-limit cos 4 272 ! class Silver bandwidth remaining percent 53 queue-limit 272 queue-limit cos 2 200 queue-limit cos 3 272 class class-default bandwidth remaining percent 14 access-list 190 remark DENY MS Loop-Holes and P2P Ports access-list 190 deny tcp any any eq 135 access-list 190 deny udp any any eq 135 access-list 190 deny tcp any any eq 137 access-list 190 deny udp any any eq netbios-ns access-list 190 deny tcp any any eq 138 access-list 190 deny udp any any eq netbios-dgm access-list 190 deny tcp any any eq 139 access-list 190 deny udp any any eq netbios-ss access-list 190 deny tcp any any eq 445 access-list 190 deny tcp any any eq 593 access-list 190 deny tcp any any eq 4444 access-list 190 remark DENY MS SQL Scans access-list 190 deny udp any any eq 1434 access-list 190 remark PERMIT everything else access-list 190 permit udp any host 10.248.12.29 eq tftp access-list 190 permit udp any host 10.29.3.31 eq tftp access-list 190 permit ip any any access-list 190 remark END ip access-list extended ALL-IP permit ip any any ip access-list extended PRIVATE_IP permit ip 192.168.0.0 0.0.0.255 any ! vlan access-map Block_PRIVATE_IP 10 action drop match ip address PRIVATE_IP vlan access-map Block_PRIVATE_IP 20 action forward match ip address ALL-IP ! vlan filter Block_PRIVATE_IP vlan-list 102
Reliance MEN - Broadnet Service Guidelines Page 11 of 32 Reliance Confidential Release V1.0
Ip access-list extended BIA Permit ip any any Ip access-list extended VOIP Permit ip 10.0.0.0 0.31.255.255 any Permit ip 10.64.0.0 0.31.255.255 any Permit ip 10.128.0.0 0.31.255.255 any Permit ip 10.192.0.0 0.31.255.255 any Class-map match-all BIA Match access-group name BIA Class-map match-all VOIP Match access-group name VOIP Policy-map RESIDENTIAL class VOIP set cos 5 set ip dscp 46 class class-default set cos 0 set ip dscp 0 ! interface Range FastEthernet0/1 - 16 description RESIDENTIAL switchport access vlan 66 switchport mode access switchport port-security maximum 5 switchport port-security switchport port-security aging time 1 switchport port-security violation restrict switchport port-security aging type inactivity service-policy input RESIDENTIAL ip access-group 190 in storm-control broadcast level 1.00 storm-control multicast level 1.00 storm-control action trap ip dhcp snooping limit rate 100 no snmp trap link-status mvr type receiver mvr immediate ip verify source no shut exit ! ! interface Range FastEthernet0/17 - 19 description To daisy Chain Switch Customers switchport access vlan 66 switchport mode access switchport port-security maximum 20 switchport port-security switchport port-security aging time 1 switchport port-security violation restrict
Reliance MEN - Broadnet Service Guidelines Page 12 of 32 Reliance Confidential Release V1.0
switchport port-security aging type inactivity service-policy input RESIDENTIAL ip access-group 190 in storm-control broadcast level 1.00 storm-control multicast level 1.00 storm-control action trap ip dhcp snooping limit rate 100 no snmp trap link-status mvr type receiver mvr immediate ip verify source no shut exit ! interface Range FastEthernet0/20 - 24 description RESIDENTIAL switchport access vlan 66 switchport mode access switchport port-security maximum 5 switchport port-security switchport port-security aging time 1 switchport port-security violation restrict switchport port-security aging type inactivity service-policy input RESIDENTIAL ip access-group 190 in storm-control broadcast level 1.00 storm-control multicast level 1.00 storm-control action trap ip dhcp snooping limit rate 100 no snmp trap link-status mvr type receiver mvr immediate ip verify source no shut Exit !
interface GigabitEthernet0/1 description < Description as link discription > port-type nni switchport trunk allowed vlan 999,102,127,66 switchport mode trunk load-interval 30 ip dhcp snooping trust service-policy output out-qos flowcontrol receive off mvr type source mvr immediate ip arp inspection trust storm-control broadcast level 1.00 exit ! interface GigabitEthernet0/2 description < Description as link discription>
Reliance Confidential Release V1.0
port-type nni switchport trunk allowed vlan 999,102,127,66 switchport mode trunk load-interval 30 ip dhcp snooping trust service-policy output out-qos flowcontrol receive off mvr type source mvr immediate ip arp inspection trust storm-control broadcast level 1.00 exit !
traffic behavior virus-block deny # traffic behavior default count permit # traffic policy broadnet share-mode classifier virus-block behavior virus-block classifier default behavior default # interface GigabitEthernet2/1/X-3/1/X description ****BN Layer 2 Ring No. X***** undo shutdown set flow-stat interval 10 portswitch port default vlan 4001 port trunk allow-pass vlan 1 64 to 66 102 127 999 stp point-to-point force-true stp no-agreement-check traffic-policy broadnet inbound vlan 64 to 66 traffic-policy broadnet inbound vlan 102 efm enable trust upstream default vlan 1 64 to 66 102 127 999 trust 8021p vlan 64 to 66 102 999 trust upstream default port-queue be wfq weight 33 port-wred nni-trunk-wred outbound port-queue af2 wfq weight 30 port-wred nni-trunk-wred outbound port-queue af4 wfq weight 40 port-wred nni-trunk-wred outbound port-queue ef pq shaping shaping-percentage 10 outbound # vlan 4000 description **** Super VLAN for BAI-Usage based **** aggregate-vlan access-vlan 65 66 102 # route-policy IAD permit node 10 if-match acl 2100 apply extcommunity rt X:X additive # acl number 2100 rule 5 permit ip source I.I.I.I 0.31.255.255 destination any rule 10 permit ip source d.d.d.d. 0.31.255.255 destination any # ip vpn-instance UBXXXX route-distinguisher Loopback0:RT1 export route-policy IAD vpn-target X:Z export-extcommunity vpn-target X:Z import-extcommunity
import-route direct # interface Vlanif4000 description **** Dynamic Usage-Based Broadnet **** ip binding vpn-instance UBXXXX ip address a.a.a.a 24 ip address b.b.b.b 24 sub ip helper-address P.P.P.P ip helper-address P2.P2.P2.P2 dhcp select relay arp-proxy enable arp-proxy inter-sub-vlan-proxy enable arp-proxy inner-sub-vlan-proxy enable # interface Vlanif64 description *** STATIC BRAS ***** ip binding vpn-instance UBXXXX ip address b.b.b.b 24 #
# stp region-configuration region-name reliance revision-level 1 instance 1 vlan 1100 to 1149 1500 to 1549 instance 2 vlan 1150 to 1199 1550 to 1599 instance 3 vlan 1200 to 1249 1600 to 1649 instance 4 vlan 1250 to 1299 1650 to 1699 instance 5 vlan 1300 to 1349 1700 to 1749 instance 6 vlan 1350 to 1399 1750 to 1799 instance 7 vlan 1400 to 1449 1800 to 1849 instance 8 vlan 1450 to 1499 1850 to 1899 instance 9 vlan 999 instance 10 vlan 101 to 102 127 to 130 3100 to 4000 instance 11 vlan 2 to 100 103 to 126 131 to 998 1000 to 1005 1024 to 1099 active region-configuration # acl number 3100 rule 5 deny udp destination-port eq tftp rule 10 deny udp destination-port eq netbios-ns rule 15 deny udp destination-port eq netbios-ssn rule 20 deny udp destination-port eq netbios-dgm rule 25 deny udp destination-port eq 135 rule 30 deny tcp destination-port eq 445 rule 35 deny tcp destination-port eq 135 rule 40 deny tcp destination-port eq 137 rule 45 deny tcp destination-port eq 138 rule 50 deny tcp destination-port eq 139 rule 55 deny tcp destination-port eq 593 rule 60 deny tcp destination-port eq 4444 rule 65 deny udp destination-port eq 1434 # acl number 3200 rule 5 permit ip source 10.0.0.0 0.31.255.255 destination any rule 10 permit ip source 10.64.0.0 0.31.255.255 destination any rule 15 permit ip source 10.128.0.0 0.31.255.255 destination any rule 20 permit ip source 10.192.0.0 0.31.255.255 destination any # acl number 3300 rule 5 permit udp destination 10.248.12.29 0 destination-port eq tftp rule 10 permit udp destination 10.29.3.31 0 destination-port eq tftp # traffic classifier IPTV-TFTP if-match acl 3300 # traffic classifier broadnet-voice if-match acl 3200 # traffic classifier virus-block if-match acl 3100 # traffic classifier default if-match any # traffic classifier smac if-match source-mac <BAN-Gateway-MAC>
Reliance MEN - Broadnet Service Guidelines Page 17 of 32 Reliance Confidential Release V1.0
# traffic behavior virus-block deny # traffic behavior smac deny # traffic behavior IPTV-TFTP remark 8021p 0 permit # traffic behavior default count remark 8021p 0 permit # traffic behavior broadnet-voice count remark 8021p 5 permit # traffic policy broadnet classifier IPTV-TFTP behavior IPTV-TFTP classifier virus-block behavior virus-block classifier smac behavior smac classifier broadnet-voice behavior broadnet-voice classifier default behavior default # interface Ethernet0/0/1 description ****UNI MEN BRAS Customer interface******** port link-type access port default vlan 66 undo ip-subnet-vlan enable broadcast-suppression 1 stp disable traffic-policy broadnet inbound dhcp snooping check arp enable dhcp snooping check ip enable dhcp snooping check dhcp-chaddr enable dhcp snooping check dhcp-request enable undo negotiation auto loopback-detect enable loopback-detect action block mac-table limit 10 port-security enable port-security protect-action restrict undo lldp enable # interface GigabitEthernet0/0/1 description ***** NNI Trunk Interface**** broadcast-suppression 10 port link-type trunk port trunk allow-pass vlan 1 64 to 66 102 127 999 stp point-to-point force-true stp config-digest-snoop stp compliance dot1s
Reliance MEN - Broadnet Service Guidelines Page 18 of 32 Reliance Confidential Release V1.0
stp no-agreement-check trust 8021p qos drr qos drr queue-index 0 weight 30 qos drr queue-index 1 weight 10 qos drr queue-index 2 weight 20 qos drr queue-index 3 weight 10 qos drr queue-index 4 weight 20 qos drr queue-index 5 weight 0 qos drr queue-index 6 weight 0 qos drr queue-index 7 weight 0 qos queue ef cir 100000 pir 100000 negotiation auto jumboframe enable bpdu enable efm enable # interface GigabitEthernet0/0/2 description ***** NNI Trunk Interface**** broadcast-suppression 10 port link-type trunk port trunk allow-pass vlan 1 64 to 66 102 127 999 stp point-to-point force-true stp config-digest-snoop stp compliance dot1s stp no-agreement-check trust 8021p qos drr qos drr queue-index 0 weight 30 qos drr queue-index 1 weight 10 qos drr queue-index 2 weight 20 qos drr queue-index 3 weight 10 qos drr queue-index 4 weight 20 qos drr queue-index 5 weight 0 qos drr queue-index 6 weight 0 qos drr queue-index 7 weight 0 qos queue ef cir 100000 pir 100000 negotiation auto jumboframe enable bpdu enable efm enable
Figure 1:
************** MP-BGP Configuration************************** router bgp 65000 address-family ipv4 vrf IFFMUMB redistribute connected redistribute static default-information originate no auto-summary no synchronization exit-address-family ******************* Routing *********************** ip route vrf IUBMUMB 0.0.0.0 0.0.0.0 220.224.184.237 ip route vrf IFFMUMB 0.0.0.0 0.0.0.0 gateway
! interface FastEthernet0/X description customer name-b/w-BIA NB switchport switchport access vlan 101 switchport mode access switchport protected switchport port-security switchport port-security maximum 5 switchport port-security violation restrict switchport port-security aging time 1 switchport port-security aging type inactivity storm-control broadcast level 1 storm-control multicast level 1 storm-control action trap no cdp enable spanning-tree portfast spanning-tree guard root ip dhcp snooping limit rate 10 service-policy input ingress-vlan101-BIA-NB-<fe0/X> no shutdown
BA Uplink Port Configuration :interface GigabitEthernet0/1 switchport trunk encapsulation dot1q switchport trunk allowed vlan add 101 switchport mode trunk load-interval 30 storm-control broadcast level 1 ip dhcp snooping trust no shutdown end ! interface GigabitEthernet0/2 switchport trunk encapsulation dot1q switchport trunk allowed vlan add 101 switchport mode trunk load-interval 30 storm-control broadcast level 1 ip dhcp snooping trust no shutdown end
description Class of traffic for IP traffic match access-group 100 ! class-map match-all vlan101-BIA-NB-fe0/2 match vlan 101 match class-map IP-traffic ! policy-map ingress-vlan101-BIA-NB-fe0/2 description "customer name-bandwidth-BIA" class vlan101-BIA-NB-fe0/2 police aggregate ingress-vlan101-BIA-NB-fe0/2 set cos 0
Egress Policing on BN
policer aggregate egress-vlan101-BIA-NB-fe0/2 128000 24000 conform-action transmit exceedaction drop ! class-map match-all vlan101-BIA-NB-DSCP0 match ip dscp default ! policy-map Flatfee-Gigport Description "All Flatfee customer -BIA" class vlan101-BIA-NB-DSCP0 set dscp default ! policy-map egress-vlan101-BIA-NB-fe0/2 description "customer name-bandwidth-BIA class vlan101-BIA-NB-DSCP0 police aggregate egress-vlan101-BIA-NB-fe0/2 priority ! interface FastEthernet0/2 description customer name-b/w-BIA NB switchport switchport access vlan 101 switchport mode access switchport protected switchport port-security switchport port-security maximum 16 switchport port-security violation restrict switchport port-security aging time 1 switchport port-security aging type inactivity storm-control broadcast level 1 storm-control multicast level 1 storm-control action trap no cdp enable spanning-tree portfast spanning-tree guard root ip dhcp snooping limit rate 10 service-policy input ingress-vlan101-BIA-NB-fe0/2 service-policy output egress-vlan101-BIA-NB-fe0/2 no shutdown
interface range GigabitEthernet0/1 -2 switchport trunk encapsulation dot1q switchport trunk allowed vlan add 101 switchport mode trunk load-interval 30 storm-control broadcast level 1 service-policy input Flatfee-Gigport
description ****UNI MEN BRAS Customer interface******** port link-type access port default vlan 101 undo ip-subnet-vlan enable broadcast-suppression 1 stp disable traffic-policy FF-Broadnet inbound qos lr cir <customer-cir-speed> cbs <burst-size> undo negotiation auto loopback-detect enable loopback-detect action block mac-table limit 10 port-security enable port-security protect-action restrict undo lldp enable # interface GigabitEthernet0/0/1 description ***** NNI Trunk Interface**** broadcast-suppression 10 port link-type trunk port trunk allow-pass vlan 1 64 to 66 101 102 127 999 stp point-to-point force-true stp config-digest-snoop stp compliance dot1s stp no-agreement-check trust 8021p qos drr qos drr queue-index 0 weight 30 qos drr queue-index 1 weight 10 qos drr queue-index 2 weight 20 qos drr queue-index 3 weight 10 qos drr queue-index 4 weight 20 qos drr queue-index 5 weight 0 qos drr queue-index 6 weight 0 qos drr queue-index 7 weight 0 qos queue ef cir 100000 pir 100000 negotiation auto jumboframe enable bpdu enable efm enable # interface GigabitEthernet0/0/2 description ***** NNI Trunk Interface**** broadcast-suppression 10 port link-type trunk port trunk allow-pass vlan 1 64 to 66 101 102 127 999 stp point-to-point force-true stp config-digest-snoop stp compliance dot1s stp no-agreement-check trust 8021p qos drr qos drr queue-index 0 weight 30 qos drr queue-index 1 weight 10 qos drr queue-index 2 weight 20
Reliance MEN - Broadnet Service Guidelines Page 27 of 32 Reliance Confidential Release V1.0
qos drr queue-index 3 weight 10 qos drr queue-index 4 weight 20 qos drr queue-index 5 weight 0 qos drr queue-index 6 weight 0 qos drr queue-index 7 weight 0 qos queue ef cir 100000 pir 100000 negotiation auto jumboframe enable bpdu enable efm enable
! interface Vlan3101 description < as per NDD > ip vrf forwarding LMDSMNGN ip address x.x.x.x 255.255.255.248 ! interface Vlan3106 description < as per NDD > ip vrf forwarding WIMAXMGNMT ip dhcp relay information trusted ip address y.y.y.y 255.255.252.0 ip helper-address a.a.a.a ip helper-address b.b.b.b load-interval 30
Reliance MEN - Broadnet Service Guidelines Page 28 of 32 Reliance Confidential Release V1.0
! router bgp 65000 ! address-family ipv4 vrf WIMAXMGNMT no synchronization redistribute connected exit-address-family ! address-family ipv4 vrf LMDSMNGN no synchronization redistribute connected exit-address-family
! 6.1.2 Configuration on BN-C3400/3550/ME3750 :! vlan 3106 name WIMAX ! Vlan 3101 name LMDS ! interface GigabitEthernet0/1 description < as per NDD > port-type nni switchport trunk allowed vlan 64-66,101,102,127-130,212,999,1100-1899, 3101, 3106 switchport mode trunk ip arp inspection trust service-policy output out-qos load-interval 30 mvr type source mvr immediate storm-control broadcast level 10.00 ip dhcp snooping trust ! interface GigabitEthernet0/2 description < as per NDD > port-type nni switchport trunk allowed vlan 64-66,101,102,127-130,212,999,1100-1899, 3101, 3106 switchport mode trunk ip arp inspection trust service-policy output out-qos load-interval 30 mvr type source mvr immediate storm-control broadcast level 10.00 ip dhcp snooping trust
6.2 Configuration Template for creating WIMAX and LMDS backhaul on Huawei :
Reliance MEN - Broadnet Service Guidelines Page 29 of 32 Reliance Confidential Release V1.0
# bgp 65000 # ipv4-family vpn-instance WIMAXMGNMT import-route direct # # ipv4-family vpn-instance LMDSMNGN import-route direct # interface Vlanif3101 description **** LMDS Management**** ip binding vpn-instance LMDSMNGN
Reliance MEN - Broadnet Service Guidelines Page 30 of 32 Reliance Confidential Release V1.0
ip address a.a.a.a 24 ip address b.b.b.b 24 sub ip helper-address P.P.P.P ip helper-address P2.P2.P2.P2 dhcp select relay # interface Vlanif3106 description *** Wimax Management ***** ip binding vpn-instance WIMAXMGNMT ip address C.C.C.C 24 ip helper-address P.P.P.P ip helper-address P2.P2.P2.P2 dhcp select relay #
broadcast-suppression 10 port link-type trunk port trunk allow-pass vlan 1 64 to 66 102 127 999 3101 3106 stp point-to-point force-true stp config-digest-snoop stp compliance dot1s stp no-agreement-check trust 8021p qos drr qos drr queue-index 0 weight 30 qos drr queue-index 1 weight 10 qos drr queue-index 2 weight 20 qos drr queue-index 3 weight 10 qos drr queue-index 4 weight 20 qos drr queue-index 5 weight 0 qos drr queue-index 6 weight 0 qos drr queue-index 7 weight 0 qos queue ef cir 100000 pir 100000 negotiation auto jumboframe enable bpdu enable efm enable