Mudanças entre as edições de "PJI11103-2016-2-config"
| Linha 110: | Linha 110: | ||
debug | debug | ||
kdebug 4 | kdebug 4 | ||
| − | + | </syntaxhighlight> | |
| + | <code> | ||
| + | pasteltelecom@concentradoracesso:~$ sudo cat /etc/ppp/chap-secrets | ||
| + | # Secrets for authentication using CHAP | ||
| + | # client server secret IP addresses | ||
| + | usuario1 * senha1 | ||
</syntaxhighlight> | </syntaxhighlight> | ||
<code> | <code> | ||
Edição das 11h48min de 22 de setembro de 2016
- Link curto: http://bit.ly/pji320162config
- Link da matéria: PJI11103-2016-2 (alternativo)
LAN
Operadora
- interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
- Onboard interface
auto eth0
iface eth0 inet manual
bond-master bond0
bond-use-carrier 1
- Offboard interface
auto eth1
iface eth1 inet manual
bond-master bond0
bond-use-carrier 1
- Bonding
auto bond0
iface bond0 inet manual
bond-slaves none
bond-lacp-rate fast
bond-mode 802.3ad
bond-xmit_hash_policy layer2+3
bond-miimon 100
auto bond0.10
iface bond0.10 inet static
address 192.168.10.10
netmask 255.255.255.0
auto bond0.20
iface bond0.20 inet static
address 192.168.20.10
netmask 255.255.255.0
auto bond0.30
iface bond0.30 inet static
address 200.135.37.125
netmask 255.255.255.192
gateway 200.135.37.126
dns-nameservers 8.8.8.8 8.8.4.4
auto bond0.40
iface bond0.40 inet static
address 192.168.40.10
netmask 255.255.255.0
</syntaxhighlight>
Galpão
root@galpaocrioulo:~# cat /etc/network/interfaces
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual
bond-miimon 100
bond-use-carrier 1
auto eth1
iface eth1 inet manual
bond-miimon 100
bond-use-carrier 1
auto bond0
iface bond0 inet manual
bond-slaves eth0 eth1
bond-lacp-rate fast
bond-mode 802.3ad
bond-xmit_hash_policy layer2+3
post-up ip link set bond0 up
auto bond0.10
iface bond0.10 inet static
address 192.168.10.1
netmask 255.255.255.0
auto bond0.20
iface bond0.20 inet static
address 192.168.20.1
netmask 255.255.255.0
auto bond0.30
iface bond0.30 inet static
address 192.168.30.1
netmask 255.255.255.0
gateway 192.168.30.254
</syntaxhighlight>
PPPOE
Operadora
pasteltelecom@concentradoracesso:~$ cat /etc/ppp/pppoe-server-options
require-chap
noauth
login
lcp-echo-interval 10
lcp-echo-failure 2
ms-dns 200.135.37.65
netmask 255.255.255.254
noipdefault
debug
kdebug 4
</syntaxhighlight>
pasteltelecom@concentradoracesso:~$ sudo cat /etc/ppp/chap-secrets
- Secrets for authentication using CHAP
- client server secret IP addresses
usuario1 * senha1
</syntaxhighlight>
pasteltelecom@concentradoracesso:~$ cat /etc/ppp/faixa-ip
200.135.37.123
</syntaxhighlight>
Script de inicialização /etc/rc.local, a qual está configurada para subir alguns serviços na Operadora.
pasteltelecom@concentradoracesso:~$ cat /etc/rc.local
- !/bin/sh -e
- rc.local
- This script is executed at the end of each multiuser runlevel.
- Make sure that the script will "exit 0" on success or any other
- value on error.
- In order to enable or disable this script just change the execution
- bits.
- By default this script does nothing.
- Sobe o processo pppoe no servidor
pppoe-server -C pji -L 200.135.37.122 -p /etc/ppp/faixa-ip -I bond0.40
- Habilita o roteamento no servidor
sysctl -w net.ipv4.conf.all.forwarding=1
- Aplica o NAT para a rede 192.168/16
iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o bond0.30 -j MASQUERADE
exit 0
</syntaxhighlight>
Galpão
Verificar
</syntaxhighlight>
VLAN
Switch da Operadora
VLANS no Switch da Operadora
Switch2#show vlan
VLAN Name Status Ports
-------------------------------- --------- -------------------------------
1 default active Gi1/0/25, Gi1/0/26, Gi1/0/27
Gi1/0/28
10 VLAN0010 active Gi1/0/3, Gi1/0/4, Gi1/0/5
Gi1/0/6, Gi1/0/7, Gi1/0/8
Gi1/0/9, Gi1/0/10, Gi1/0/11
Gi1/0/12
20 VLAN0020 active Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22
30 VLAN0030 active Gi1/0/2
40 VLAN0040 active Gi1/0/1
</syntaxhighlight>
Resumo das interfaces do Switch da Operadora
Switch2#show running-config interface gigabitEthernet 1/0/1
Building configuration...
Current configuration : 89 bytes
!
interface GigabitEthernet1/0/1
switchport access vlan 40
switchport mode access
end
Switch2#show running-config interface gigabitEthernet 1/0/2
Building configuration...
Current configuration : 89 bytes
!
interface GigabitEthernet1/0/2
switchport access vlan 30
switchport mode access
end
Switch2#show running-config interface gigabitEthernet 1/0/23
Building configuration...
Current configuration : 134 bytes
!
interface GigabitEthernet1/0/23
switchport trunk allowed vlan 10,20,30,40
switchport mode trunk
channel-group 1 mode active
end
Switch2#show running-config interface gigabitEthernet 1/0/24
Building configuration...
Current configuration : 134 bytes
!
interface GigabitEthernet1/0/24
switchport trunk allowed vlan 10,20,30,40
switchport mode trunk
channel-group 1 mode active
end
</syntaxhighlight>
Interfaces de uso geral do Switch da Operadora
As interfaces de 1/0/3 a 1/0/12 estão na VLAN 10 no modo access As interfaces de 1/0/13 a 1/0/22 estão na VLAN 20 no modo access
interface GigabitEthernet1/0/12
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/13
switchport access vlan 20
switchport mode access
</syntaxhighlight>
Switch do Galpão
VLANS no Switch do Galpão
Switch#show vlan
VLAN Name Status Ports
-------------------------------- --------- -------------------------------
1 default active Gi1/0/1, Gi1/0/2, Gi1/0/3
Gi1/0/10, Gi1/0/11, Gi1/0/12
Gi1/0/13, Gi1/0/14, Gi1/0/15
Gi1/0/16, Gi1/0/17, Gi1/0/18
Gi1/0/19, Gi1/0/20, Gi1/0/21
Gi1/0/22, Gi1/0/25, Gi1/0/26
Gi1/0/27, Gi1/0/28
10 WI-FI active Gi1/0/8, Gi1/0/9
20 Visitantes active Gi1/0/6, Gi1/0/7
30 intra active Gi1/0/4, Gi1/0/5
</syntaxhighlight>
Interfaces do Switch do Galpão
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/5
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/6
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/7
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/8
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/9
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-protocol lacp
channel-group 1 mode active
!
interface GigabitEthernet1/0/24
switchport trunk allowed vlan 10,20,30
switchport mode trunk
channel-protocol lacp
channel-group 1 mode active
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
</syntaxhighlight>
Link Agregation - Portas Trunk
Switch da Operadora
Switch2#show running-config interface port-channel 1
Building configuration...
Current configuration : 97 bytes
!
interface Port-channel1
switchport trunk allowed vlan 10,20,30,40
switchport mode trunk
end
</syntaxhighlight>
Switch do Galpão
interface Port-channel1
switchport trunk allowed vlan 10,20,30
switchport mode trunk
</syntaxhighlight>
DHCP
Operadora
root@concentradoracesso:/home/pasteltelecom# cat /etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.10.0 netmask 255.255.255.0 {
#
# Faixa de IPs disponíveis:
range 192.168.10.100 192.168.10.199;
#
# Máscara de rede
option subnet-mask 255.255.255.0;
#
#Endereço de 'broadcast'
option broadcast-address 192.168.10.255;
#
#Endereço do roteador
option routers 192.168.10.10;
#
#DNS
option domain-name-servers 200.135.37.65;
}
subnet 192.168.20.0 netmask 255.255.255.0 {
#
# Faixa de IPs disponíveis:
range 192.168.20.100 192.168.20.199;
#
# Máscara de rede
option subnet-mask 255.255.255.0;
#
#Endereço de 'broadcast'
option broadcast-address 192.168.20.255;
#
#Endereço do roteador
option routers 192.168.20.10;
#
#DNS
option domain-name-servers 200.135.37.65;
}
</syntaxhighlight>
root@concentradoracesso:/home/pasteltelecom# cat /etc/default/isc-dhcp-server
- Defaults for isc-dhcp-server initscript
- sourced by /etc/init.d/isc-dhcp-server
- installed at /etc/default/isc-dhcp-server by the maintainer scripts
- This is a POSIX shell fragment
- Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
- DHCPD_CONF=/etc/dhcp/dhcpd.conf
- Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
- DHCPD_PID=/var/run/dhcpd.pid
- Additional options to start dhcpd with.
- Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
- OPTIONS=""
- On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
- Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACES="bond0.10 bond0.20"
</syntaxhighlight>
Galpão
Verificar
</syntaxhighlight>