Mudanças entre as edições de "PJI11103-2016-2-config"
(→Galpão) |
(→Galpão) |
||
Linha 56: | Linha 56: | ||
== Galpão == | == Galpão == | ||
+ | |||
+ | O Gateway default é fornecido pelo PPP. | ||
<code> | <code> | ||
root@galpaocrioulo:~# cat /etc/network/interfaces | root@galpaocrioulo:~# cat /etc/network/interfaces |
Edição das 15h54min de 22 de setembro de 2016
- Link curto: http://bit.ly/pji320162-config
- Link da matéria: PJI11103-2016-2 (alternativo)
- Página antiga: Telecom20162_pji3_configuracoes
LAN
Operadora
- interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
- Onboard interface
auto eth0
iface eth0 inet manual
bond-master bond0
bond-use-carrier 1
- Offboard interface
auto eth1
iface eth1 inet manual
bond-master bond0
bond-use-carrier 1
- Bonding
auto bond0
iface bond0 inet manual
bond-slaves none
bond-lacp-rate fast
bond-mode 802.3ad
bond-xmit_hash_policy layer2+3
bond-miimon 100
auto bond0.10
iface bond0.10 inet static
address 192.168.10.10
netmask 255.255.255.0
auto bond0.20
iface bond0.20 inet static
address 192.168.20.10
netmask 255.255.255.0
auto bond0.30
iface bond0.30 inet static
address 200.135.37.125
netmask 255.255.255.192
gateway 200.135.37.126
dns-nameservers 8.8.8.8 8.8.4.4
auto bond0.40
iface bond0.40 inet static
address 192.168.40.10
netmask 255.255.255.0
</syntaxhighlight>
Galpão
O Gateway default é fornecido pelo PPP.
root@galpaocrioulo:~# cat /etc/network/interfaces
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual
bond-miimon 100
bond-use-carrier 1
auto eth1
iface eth1 inet manual
bond-miimon 100
bond-use-carrier 1
auto bond0
iface bond0 inet manual
bond-slaves eth0 eth1
bond-lacp-rate fast
bond-mode 802.3ad
bond-xmit_hash_policy layer2+3
post-up ip link set bond0 up
auto bond0.10
iface bond0.10 inet static
address 192.168.10.1
netmask 255.255.255.0
auto bond0.20
iface bond0.20 inet static
address 192.168.20.1
netmask 255.255.255.0
auto bond0.30
iface bond0.30 inet static
address 192.168.30.1
netmask 255.255.255.0
</syntaxhighlight>
ADSL / PPPOE
Operadora
pasteltelecom@concentradoracesso:~$ cat /etc/ppp/pppoe-server-options
require-chap
noauth
login
lcp-echo-interval 10
lcp-echo-failure 2
ms-dns 200.135.37.65
netmask 255.255.255.254
noipdefault
debug
kdebug 4
</syntaxhighlight>
pasteltelecom@concentradoracesso:~$ sudo cat /etc/ppp/chap-secrets
- Secrets for authentication using CHAP
- client server secret IP addresses
usuario1 * senha1
</syntaxhighlight>
pasteltelecom@concentradoracesso:~$ cat /etc/ppp/faixa-ip
200.135.37.123
</syntaxhighlight>
Script de inicialização /etc/rc.local, a qual está configurada para subir alguns serviços na Operadora.
pasteltelecom@concentradoracesso:~$ cat /etc/rc.local
- !/bin/sh -e
- rc.local
- This script is executed at the end of each multiuser runlevel.
- Make sure that the script will "exit 0" on success or any other
- value on error.
- In order to enable or disable this script just change the execution
- bits.
- By default this script does nothing.
- Sobe o processo pppoe no servidor
pppoe-server -C pji -L 200.135.37.122 -p /etc/ppp/faixa-ip -I bond0.40
- Habilita o roteamento no servidor
sysctl -w net.ipv4.conf.all.forwarding=1
- Aplica o NAT para a rede 192.168/16
iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o bond0.30 -j MASQUERADE
exit 0
</syntaxhighlight>
Galpão
/etc/ppp/peers/adsl
pty "/usr/sbin/pppoe -I bond0.30 -T 80 -m 1452 -C pji"
noipdefault
usepeerdns
defaultroute
hide-password
lcp-echo-interval 20
lcp-echo-failure 3
connect /bin/true
noauth
persist
mtu 1492
noaccomp
user usuario1
default-asyncmap
</syntaxhighlight>
/etc/ppp/chap-secrets
usuario1 * senha1
</syntaxhighlight>
VLAN
Switch da Operadora
VLANS no Switch da Operadora
Switch2(config)#do show vlan
VLAN Name Status Ports
-------------------------------- --------- -------------------------------
1 default active Gi1/0/25, Gi1/0/26, Gi1/0/27
Gi1/0/28
10 VLAN10 active Gi1/0/3, Gi1/0/4, Gi1/0/5
Gi1/0/6, Gi1/0/7, Gi1/0/8
Gi1/0/9, Gi1/0/10, Gi1/0/11
Gi1/0/12
20 VLAN20 active Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22
30 Publico active Gi1/0/2
40 DSLAN active Gi1/0/1
</syntaxhighlight>
Resumo das interfaces do Switch da Operadora
Switch2#show running-config interface gigabitEthernet 1/0/1
Building configuration...
Current configuration : 89 bytes
!
interface GigabitEthernet1/0/1
switchport access vlan 40
switchport mode access
end
Switch2#show running-config interface gigabitEthernet 1/0/2
Building configuration...
Current configuration : 89 bytes
!
interface GigabitEthernet1/0/2
switchport access vlan 30
switchport mode access
end
Switch2#show running-config interface gigabitEthernet 1/0/23
Building configuration...
Current configuration : 134 bytes
!
interface GigabitEthernet1/0/23
switchport trunk allowed vlan 10,20,30,40
switchport mode trunk
channel-group 1 mode active
end
Switch2#show running-config interface gigabitEthernet 1/0/24
Building configuration...
Current configuration : 134 bytes
!
interface GigabitEthernet1/0/24
switchport trunk allowed vlan 10,20,30,40
switchport mode trunk
channel-group 1 mode active
end
</syntaxhighlight>
Interfaces de uso geral do Switch da Operadora.
As interfaces de 1/0/3 a 1/0/12 estão na VLAN 10 no modo access.
As interfaces de 1/0/13 a 1/0/22 estão na VLAN 20 no modo access.
interface GigabitEthernet1/0/12
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/13
switchport access vlan 20
switchport mode access
</syntaxhighlight>
Switch do Galpão
VLANS no Switch do Galpão
Switch#show vlan
VLAN Name Status Ports
-------------------------------- --------- -------------------------------
1 default active Gi1/0/1, Gi1/0/2, Gi1/0/3
Gi1/0/10, Gi1/0/11, Gi1/0/12
Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22, Gi1/0/25, Gi1/0/26
Gi1/0/27, Gi1/0/28
10 WI-FI active Gi1/0/8, Gi1/0/9
20 Visitantes active Gi1/0/6, Gi1/0/7
30 intra active Gi1/0/4, Gi1/0/5
</syntaxhighlight>
Interfaces do Switch do Galpão
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/5
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/6
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/7
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/8
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/9
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-protocol lacp
channel-group 1 mode active
!
interface GigabitEthernet1/0/24
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-protocol lacp
channel-group 1 mode active
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
</syntaxhighlight>
Link Agregation - Portas Trunk
Switch da Operadora
Switch2#show running-config interface port-channel 1
Building configuration...
Current configuration : 97 bytes
!
interface Port-channel1
switchport trunk allowed vlan 10,20,30,40
switchport mode trunk
end
</syntaxhighlight>
Switch do Galpão
interface Port-channel1
switchport trunk allowed vlan 10,20,30
switchport mode trunk
</syntaxhighlight>
DHCP
Operadora
root@concentradoracesso:/home/pasteltelecom# cat /etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.10.0 netmask 255.255.255.0 {
#
# Faixa de IPs disponíveis:
range 192.168.10.100 192.168.10.199;
#
# Máscara de rede
option subnet-mask 255.255.255.0;
#
#Endereço de 'broadcast'
option broadcast-address 192.168.10.255;
#
#Endereço do roteador
option routers 192.168.10.10;
#
#DNS
option domain-name-servers 200.135.37.65;
}
subnet 192.168.20.0 netmask 255.255.255.0 {
#
# Faixa de IPs disponíveis:
range 192.168.20.100 192.168.20.199;
#
# Máscara de rede
option subnet-mask 255.255.255.0;
#
#Endereço de 'broadcast'
option broadcast-address 192.168.20.255;
#
#Endereço do roteador
option routers 192.168.20.10;
#
#DNS
option domain-name-servers 200.135.37.65;
}
</syntaxhighlight>
root@concentradoracesso:/home/pasteltelecom# cat /etc/default/isc-dhcp-server
- Defaults for isc-dhcp-server initscript
- sourced by /etc/init.d/isc-dhcp-server
- installed at /etc/default/isc-dhcp-server by the maintainer scripts
- This is a POSIX shell fragment
- Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
- DHCPD_CONF=/etc/dhcp/dhcpd.conf
- Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
- DHCPD_PID=/var/run/dhcpd.pid
- Additional options to start dhcpd with.
- Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
- OPTIONS=""
- On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
- Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACES="bond0.10 bond0.20"
</syntaxhighlight>
Galpão
root@galpaocrioulo:~# cat /etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.1.0 netmask 255.255.255.0{
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name-servers 200.135.37.65;
range 192.168.1.101 192.168.1.106;
}
</syntaxhighlight>
root@galpaocrioulo:~# cat /etc/default/isc-dhcp-server
- Defaults for isc-dhcp-server initscript
- sourced by /etc/init.d/isc-dhcp-server
- installed at /etc/default/isc-dhcp-server by the maintainer scripts
- This is a POSIX shell fragment
- Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
- DHCPD_CONF=/etc/dhcp/dhcpd.conf
- Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
- DHCPD_PID=/var/run/dhcpd.pid
- Additional options to start dhcpd with.
- Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
- OPTIONS=""
- On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
- Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACES="bond0"
</syntaxhighlight>
NTP
Operadora
root@concentradoracesso# cat /etc/ntp.conf
(...)
- Specify one or more NTP servers.
- Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
- on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
- more information.
server pool.ntp.br iburst prefer
server ntp.ufsc.br iburst
server ntp.cais.rnp.br iburst
server gps.ntp.br iburst
(...)
</syntaxhighlight>
Galpão
Verificar
</syntaxhighlight>