系统配置
dis device manuinfo
sysname SHDXYQB4-108-C-04_C-05-ASW-S6900-M1-01U34
#
clock timezone beijing add 08:00:00
#
m-lag system-mac xxxx-0001-0001
m-lag system-number 1
m-lag system-priority 100
m-lag role priority 100
m-lag restore-delay 180
#
interface bridge-aggregation 1024
description For_Peer_Link
link-aggregation mode dynamic
#
interface HundredGigE1/0/53
description pT:xxx
port link-mode bridge
port link-aggregation group 1024
#
interface HundredGigE1/0/54
description pT:xxx
port link-mode bridge
port link-aggregation group 1024
#
interface bridge-aggregation 1024
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 2 to 4094
link-aggregation mode dynamic
port m-lag peer-link 1
#
interface Route-Aggregation 1023
description For_DAD_Keepalive
link-aggregation mode dynamic
ip address 1.1.1.1 255.255.255.0
#
interface Ten-GigabitEthernet1/0/47
description pT:For_DAD_Keepalive
link-mode route
y
port link-aggregation group 1023
#
interface Ten-GigabitEthernet1/0/48
description pT:For_DAD_Keepalive
link-mode route
y
port link-aggregation group 1023
#
m-lag keepalive ip destination 1.1.1.2 source 1.1.1.1
m-lag mad exclude interface Route-Aggregation 1023
#
ip vpn-instance NET-manage
route-distinguisher 1:1
#
local-user openstackadmin class manage
password simple Pr@ject2018
service-type http ssh terminal
authorization-attribute idle-cut 10
authorization-attribute user-role level-15
authorization-attribute user-role network-operator
#
local-user sdnadmin class manage
password simple Pr@ject2018
service-type http ssh terminal
authorization-attribute idle-cut 10
authorization-attribute user-role level-15
authorization-attribute user-role network-operator
#
line vty 0 9
authentication-mode scheme
user-role level-15
user-role network-admin
user-role network-operator
protocol inbound ssh
idle-timeout 10 0
#
ssh server enable
ssh server acl 2001
#
netconf soap http enable
netconf soap http acl 2001
netconf ssh server enable
#
aaa session-limit http 64
aaa session-limit https 64
#
lldp global enable
lldp global tlv-enable basic-tlv management-address-tlv interface M-GigabitEthernet0/0/0
#
burst-mode enable
#
stp port shutdown permanent
#
stp region-configuration
region-name ctyun
revision-level 255
instance 1 vlan 1 to 4094
active region-configuration
#
stp global enable
#
info-center loghost source M-GigabitEthernet0/0/0
info-center loghost vpn-instance NET-manage x.x.x.x port 5000 facility local4
info-center source default loghost level warning
#
snmp-agent
snmp-agent community read yundiao*&COC2016 acl 2000
snmp-agent sys-info version v2c v3
snmp-agent target-host trap address udp-domain x.x.x.x vpn-instance NET-manage params securityname yundiao v2c
snmp-agent trap enable arp
snmp-agent trap enable radius
snmp-agent trap enable stp
snmp-agent trap enable syslog
snmp-agent inform source M-GigabitEthernet0/0/0
#
clock protocol ntp
ntp-service enable
ntp-service source M-GigabitEthernet0/0/0
ntp-service unicast-server 172.16.x.254 vpn-instance NET-manage
#
acl basic 2000
description For_SNMP
rule 20 permit vpn-instance NET-manage source x.x.x.x 0
rule 30 permit vpn-instance NET-manage source x.x.x.x 0
rule 1000 deny vpn-instance NET-manage
#
acl basic 2001
description For_Login
rule 10 permit vpn-instance NET-manage source 192.168.0.0 0.0.7.255
rule 15 permit vpn-instance NET-manage source 192.168.8.0 0.0.7.255
rule 20 permit vpn-instance NET-manage source 192.168.120.0 0.0.0.255
rule 25 permit vpn-instance NET-manage source 10.254.181.0 0.0.0.255
rule 30 permit vpn-instance NET-manage source 10.252.134.0 0.0.1.255
rule 1000 deny vpn-instance NET-manage
#
interface M-GigabitEthernet0/0/0
description For_NetworkManage
ip binding vpn-instance NET-manage
ip address 172.16.30.3 255.255.255.0
#
interface FortyGigE1/0/49
port link-mode bridge
description uT:SHDXYQB4-108-C-04-CSW-RGS6250-01U40:172.16.30.1.100G0/49
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 200 to 209 300 to 309 500 to 3999
port monitor-link group 1 uplink
port link-aggregation group 1
#
interface Bridge-Aggregation1
description uT:SHDXYQB4-108-C-04_C-05-CSW-RGS6250-M1_M2-01U40.AGG59
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 200 to 209 300 to 309 500 to 3999
jumboframe enable 9216
link-aggregation mode dynamic
port m-lag group 1
undo stp enable
stp port bpdu-filter enable
#
interface Ten-GigabitEthernet1/0/2
port link-mode bridge
description dT:SHDXYQB4-108-C-05-SEV-ZXR5300-02U12.slot4-0
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 301
broadcast-suppression 10
port monitor-link group 1 downlink
lacp period short
port link-aggregation group 12
#
interface Bridge-Aggregation12
description dT:SHDXYQB4-108-C-05-SEV-ZXR5300-02U12.bond1
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 301
jumboframe enable 9216
link-aggregation mode dynamic
port m-lag group 12
stp edged-port
stp port bpdu-protection enable
port monitor-link group 1 downlink
#
undo ftp server enable
undo telnet server enable
link-aggregation global load-sharing mode destination-ip source-ip destination-port source-port
#
m-lag system-mac xxxx-0001-0001
m-lag system-number 2
m-lag system-priority 100
m-lag role priority 150
m-lag restore-delay 180
#
interface bridge-aggregation 1024
description For_Peer_Link
link-aggregation mode dynamic
#
interface HundredGigE1/0/53
description pT:xxx
port link-mode bridge
port link-aggregation group 1024
#
interface HundredGigE1/0/54
description pT:xxx
port link-mode bridge
port link-aggregation group 1024
#
interface bridge-aggregation 1024
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 2 to 4094
link-aggregation mode dynamic
port m-lag peer-link 1
#
interface Route-Aggregation 1023
description For_DAD_Keepalive
link-aggregation mode dynamic
ip address 1.1.1.2 255.255.255.0
#
interface Ten-GigabitEthernet1/0/47
description pT:For_DAD_Keepalive
link-mode route
y
port link-aggregation group 1023
#
interface Ten-GigabitEthernet1/0/48
description pT:For_DAD_Keepalive
link-mode route
y
port link-aggregation group 1023
#
m-lag keepalive ip destination 1.1.1.1 source 1.1.1.2
m-lag mad exclude interface Route-Aggregation 1023