[cisco-ttl] ATM

From: A.Murat BAYRAM (mbayram_at_yyu.edu.tr)
Date: Sat Oct 18 2003 - 08:53:13 GMT

  • Next message: Aytan KIZILTAN: "Re: [cisco-ttl] Re: Cisco 2522 Konfigurasyon Sorunu"

    Merhaba,

    Merkezimizden uzak birimlere 7200 router ile ATM
    baglanti mevcut. ayni hat uzerinden ayni zamanda ULAKNET'e bagliyiz. Pix
    Firewall kullaniyoruz. Ancak diger birimleri iceri yonlendirdikten sonra
    disariya cikamiyorlar. Birimlerin routerindan ulaknetin bagli oldugu
    193.140.0.134
    bacagina ping atilabiliyor, ancak bu routerlardan disariya trace
    yapildiginda mesela;
    MUS_SAGLIK_MYO#trace 212.156.4.4

    Type escape sequence to abort.
    Tracing the route to 212.156.4.4

      1 10.200.30.1 64 msec 68 msec 64 msec
      2 * * *
    seklinde devam ediyor. Buradaki kullancilarin disari erisebilmeleri icin
    iceriye proxy server kurmak zorunda kaldik, proxyde sorun cikinca
    baglantilari da kesilmis oluyor.
    İlker Temir Bey dot1q destegi olan bir switch kullaniyorsak,
    fastethernet0/0da iki subinterface tanimlayip bunlardan birini switchte
    firewall internal, digerini de externala koymamizi onermisti. 6006 core
    switch kullaniyoruz. sh ver asagidaki sekilde.. Boylece birimlerden (yani
    Meslek Yuksek Okullarindan -MYO-) gelen trafigi 7200 uzerinde PBR (ip policy
    route-map) kullanarak firewall'in internal ayagina yonlendirirsiniz. Bu
    yontemle MYO'lari bir anlamda internal networkunuzun parcasi haline getirmis
    olursunuz demisti.

    VYY_6506 sh ver
    WS-C6006 Software, Version NmpSW: 5.5(1)
    Copyright (c) 1995-2000 by Cisco Systems
    NMP S/W compiled on Jun 8 2000, 21:09:45

    System Bootstrap Version: 5.3(1)

    Hardware Version: 2.0 Model: WS-C6006 Serial #: TBA04510859

    Mod Port Model Serial # Versions
    --- ---- ------------------- ----------- -------------------------------------
    -
    1 2 WS-X6K-SUP1A-2GE SAD05020DAT Hw : 7.0
                                            Fw : 5.3(1)
                                            Fw1: 5.4(2)
                                            Sw : 5.5(1)
                                            Sw1: 5.5(1)
            L3 Switching Engine SAD05020F26 Hw : 1.1
    3 16 WS-X6416-GBIC SAD043609TJ Hw : 1.2
                                            Fw : 5.4(2)
                                            Sw : 5.5(1)
    4 48 WS-X6348-RJ-45 SAL044111CT Hw : 1.4
                                            Fw : 5.4(2)
                                            Sw : 5.5(1)
    15 1 WS-F6K-MSFC2 SAD05020HPZ Hw : 1.1
                                            Fw : 12.1(2)E,
                                            Sw : 12.1(2)E,

          DRAM FLASH NVRAM
    Module Total Used Free Total Used Free Total Used Free
    ------ ------- ------- ------- ------- ------- ------- ----- ----- -----
    1 65408K 38689K 26719K 16384K 6925K 9459K 512K 230K 282K

    Uptime is 237 days, 21 hours, 7 minutes
    ---------------------------------------------------------

    Peki bunun icin, hem 7200'e hem switche uygulayabilecegimiz bir konfigurasyon
    ornegi yardiminda bulunabilir misiniz?
    7200 routerin sh ver ciktisi ve confu ile bir Yuksek Okulun confu asagidaki
    sekilde...

    > >
    > > VanYYU#sh ver
    > > Cisco Internetwork Operating System Software
    > > IOS (tm) 7200 Software (C7200-IS-M), Version 12.1(9)E3, EARLY DEPLOYMENT
    > > RELEASE SOFTWARE (fc1)
    > > TAC Support: http://www.cisco.com/tac
    > > Copyright (c) 1986-2002 by cisco Systems, Inc.
    > > Compiled Mon 11-Feb-02 20:39 by eaarmas
    > > Image text-base: 0x60008950, data-base: 0x61178000
    > >
    > > ROM: System Bootstrap, Version 12.2(4r)B2, RELEASE SOFTWARE (fc2)
    > > BOOTLDR: 7200 Software (C7200-KBOOT-M), Version 12.1(8a)E, EARLY
    DEPLOYMENT
    > > RELEASE SOFTWARE (fc1)
    > >
    > > VanYYU uptime is 2 weeks, 2 hours, 35 minutes
    > > System returned to ROM by reload
    > > System restarted at 10:43:52 UTC Sun Aug 31 2003
    > > System image file is "disk0:c7200-is-mz.121-9.E3.bin"
    > >
    > > cisco 7206VXR (NPE400) processor (revision A) with 114688K/16384K bytes
    of
    > > memory.
    > > Processor board ID 26807173
    > > R7000 CPU at 350Mhz, Implementation 39, Rev 3.3, 256KB L2, 4096KB L3
    Cache
    > > 6 slot VXR midplane, Version 2.6
    > >
    > > Last reset from power-on
    > > G.703/E1 software, Version 1.0.
    > > G.703/JT2 software, Version 1.0.
    > > Bridging software.
    > > X.25 software, Version 3.0.0.
    > > 2 FastEthernet/IEEE 802.3 interface(s)
    > > 4 Serial network interface(s)
    > > 1 ATM network interface(s)
    > > 125K bytes of non-volatile configuration memory.
    > >
    > > 47040K bytes of ATA PCMCIA card at slot 0 (Sector size 512 bytes).
    > > 8192K bytes of Flash internal SIMM (Sector size 256K).
    > > Configuration register is 0x2102
    > > ------------------------------------------------------
    > > VanYYU# sh run
    > >
    > > Building configuration...
    > >
    > > Current configuration : 2238 bytes
    > > !
    > > ! Last configuration change at 12:37:19 UTC Sun Sep 14 2003
    > > ! NVRAM config last updated at 11:46:27 UTC Sun Sep 14 2003
    > > !
    > > version 12.1
    > > service timestamps debug uptime
    > > service timestamps log uptime
    > > service password-encryption
    > > !
    > > hostname VanYYU
    > > !
    > > enable password 7 *********
    > > !
    > > ip subnet-zero
    > > ip cef
    > > !
    > > !
    > > !
    > > !
    > > !
    > > !
    > >
    > > !
    > > interface FastEthernet0/0
    > > description connected to FIREWALL OUTSIDE
    > > ip address 193.255.143.254 255.255.255.0
    > > duplex auto
    > > speed auto
    > > !
    > > interface FastEthernet0/1
    > > description buradan core switche bir baglanti yaptik
    > > ip address 10.100.0.200 255.255.255.0
    > > duplex auto
    > > speed auto
    > > !
    > > interface Serial2/0
    > > no ip address
    > > encapsulation atm-dxi
    > > no keepalive
    > > serial restart-delay 0
    > > !
    > > interface Serial2/1
    > > no ip address
    > > shutdown
    > > serial restart-delay 0
    > > !
    > > interface Serial2/2
    > > no ip address
    > > shutdown
    > > serial restart-delay 0
    > > !
    > > interface Serial2/3
    > > no ip address
    > > shutdown
    > > serial restart-delay 0
    > > !
    > > interface ATM3/0
    > > bandwidth 8129
    > > ip address 193.140.0.134 255.255.255.252
    > > no atm sonet ilmi-keepalive
    > > no atm ilmi-keepalive
    > > pvc 0/34
    > > protocol ip 193.140.0.133
    > > encapsulation aal5snap
    > > !
    > > !
    > > interface ATM3/0.1 point-to-point
    > > description Bitlis MYO
    > > ip address 10.200.50.1 255.255.255.0
    > > pvc 0/151
    > > protocol ip 10.200.50.2
    > > encapsulation aal5snap
    > > !
    > > !
    > > interface ATM3/0.2 point-to-point
    > > description Mus MYO
    > > ip address 10.200.30.1 255.255.255.0
    > > pvc 0/35
    > > protocol ip 10.200.30.2
    > > broadcast
    > > encapsulation aal5snap
    > > !
    > > !
    > > interface ATM3/0.3 point-to-point
    > > description Hakkari MYO
    > > ip address 10.200.40.1 255.255.255.0
    > > pvc 0/36
    > > protocol ip 10.200.40.2
    > > broadcast
    > > encapsulation aal5snap
    > > !
    > > !
    > > interface Virtual-Template2
    > > no ip address
    > > !
    > > router eigrp 100
    > > network 10.0.0.0
    > > no auto-summary
    > > no eigrp log-neighbor-changes
    > > !
    > > ip classless
    > > ip route 0.0.0.0 0.0.0.0 193.140.0.133
    > > ip route 10.200.0.0 255.255.0.0 10.100.0.254
    > > no ip http server
    > > !
    > > ip access-list logging interval 3
    > > snmp-server community *** RO
    > > snmp-server community *** RW
    > > snmp-server contact webmaster_at_yyu.edu.tr
    > > snmp-server host 10.140.0.5 ****
    > > banner login ^CWelcome Van Yuzuncu Yil Universitesi Router^C
    > > !
    > > line con 0
    > > line aux 0
    > > line vty 0 4
    > > exec-timeout 0 0
    > > password 7 ***********
    > > login
    > > line vty 5 15
    > > password 7 ***********
    > > login
    > > !
    > > end
    > >
    > > ---------------------------------------------------------------------
    > > MUS_SAGLIK_MYO#sh run
    > > Building configuration...
    > >
    > > Current configuration : 1894 bytes
    > > !
    > > version 12.1
    > > service timestamps debug uptime
    > > service timestamps log uptime
    > > no service password-encryption
    > > !
    > > hostname MUS_SAGLIK_MYO
    > > !
    > > enable password ****
    > > !
    > > !
    > > !
    > > !
    > > !
    > > memory-size iomem 25
    > > ip subnet-zero
    > > no ip finger
    > > no ip domain-lookup
    > > !
    > > !
    > > !
    > > interface Serial0
    > > no ip address
    > > encapsulation frame-relay IETF
    > > frame-relay lmi-type ansi
    > > !
    > > interface Serial0.1 point-to-point
    > > ip address 10.200.30.2 255.255.255.0
    > > frame-relay interface-dlci 35
    > > !
    > > interface Serial1
    > > no ip address
    > > no keepalive
    > > shutdown
    > > !
    > > interface FastEthernet0
    > > ip address 10.1.30.254 255.255.255.0
    > > speed auto
    > > !
    > > router eigrp 100
    > > network 10.0.0.0
    > > no auto-summary
    > > no eigrp log-neighbor-changes
    > > !
    > > ip classless
    > > ip route 0.0.0.0 0.0.0.0 10.100.0.5 (bu pix'in ipsi)
    > > no ip http server
    > > !
    > > snmp-server community *** RW
    > > snmp-server community *** RO
    > > banner login ^CMUS SAGLiK^C
    > > !
    > > line con 0
    > > transport input none
    > > line aux 0
    > > line vty 0 4
    > > password ***
    > > login
    > > !
    > > end
    > >

    Tesekkurler...

    ------------------------ Yahoo! Groups Sponsor ---------------------~-->
    Rent DVDs Online - Over 14,500 titles.
    No Late Fees & Free Shipping.
    Try Netflix for FREE!
    http://us.click.yahoo.com/Tq9otC/XP.FAA/3jkFAA/26EolB/TM
    ---------------------------------------------------------------------~->

    Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/



    This archive was generated by hypermail 2.1.5 : Sat Oct 18 2003 - 13:13:11 GMT