...
Physical layout
| Gliffy Diagram |
|---|
| name | Physical Layout |
|---|
| pagePin | 3 |
|---|
|
Logical layout
| Gliffy Diagram |
|---|
| name | Logical Layout |
|---|
| pagePin | 4 |
|---|
|
Specific set up of equipment before testing
MX204#1 uses breakout cable on FPC 0 PIC 0 port 3 for testing purpose.
Due to the lack of servers we need to make some additional settings on the HCoS#2 server itself to isolate 2 ports belonging to different logical servers (HCoS#2-D and HCoS#2-B) in order to achieve that the traffic from the first server passes through both MX204 routers and reaches the second server. We need to add some lines in the following files:
| Code Block |
|---|
| title | /etc/network/interfaces |
|---|
|
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto em1
iface em1 inet static
address 10.1.1.22
netmask 255.255.255.0
network 10.1.1.0
broadcast 10.1.1.255
gateway 10.1.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 8.8.8.8
up ip netns add isolated
up ip link set dev p4p2 netns isolated
up ip netns exec isolated ip addr add 192.168.2.1/24 dev p4p2
up ip netns exec isolated ip link set p4p2 up
#auto p4p2
#iface p4p2 inet static
# address 192.168.2.1
# netmask 255.255.255.0
auto p4p1.10
iface p4p1.10 inet static
address 192.168.0.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.20
iface p4p1.20 inet static
address 192.168.1.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.30
iface p4p1.30 inet static
address 192.168.2.2
netmask 255.255.255.0
vlan-raw-device p4p1 |
In this file we need to add seperated name space called isolated in which we put p4p2 interface. In order to have any action with that interface it is necessary to type ip netns exec isolated before any known command in command line.
| Code Block |
|---|
|
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
8021q |
In this file we need to add 8021q in order to support tagging.
IP Addresses used on devices
...
Current active configuration implemented in backend
| Code Block |
|---|
set class-of-service forwarding-classes class CCS-premium queue-num 7
set class-of-service traffic-control-profiles CCS-premium-100 shaping-rate 90g
set class-of-service traffic-control-profiles CCS-premium-40 shaping-rate 35g
set class-of-service traffic-control-profiles CCS-premium-10 shaping-rate 8g
set class-of-service traffic-control-profiles CCS-IF-100 shaping-rate 100g
set class-of-service traffic-control-profiles CCS-IF-40 shaping-rate 40g
set class-of-service traffic-control-profiles CCS-IF-10 shaping-rate 10g
set class-of-service scheduler-maps CCS-map-premium forwarding-class CCS-premium scheduler CCS-premium
set class-of-service schedulers CCS-premium priority high
# Do the following for all interfaces participating on dynamic circuit service... (Use parameters based on physical interface speed like the example bellow)
set class-of-service interfaces interface-set et-0/0/0 output-traffic-control-profile CCS-premium-100
set class-of-service interfaces interface-set xe-0/1/4 output-traffic-control-profile CCS-premium-10
set class-of-service interfaces et-0/0/0 output-traffic-control-profile CCS-IF-100
set class-of-service interfaces xe-0/1/4 output-traffic-control-profile CCS-IF-10
****************************************************************************************************************************************************************
#Result:
class-of-service {
forwarding-classes {
class CCS-premium queue-num 7;
}
traffic-control-profiles {
CCS-IF-100 {
shaping-rate 100g;
}
CCS-IF-40 {
shaping-rate 40g;
}
CCS-IF-10 {
shaping-rate 10g;
}
CCS-premium-100 {
shaping-rate 90g;
}
CCS-premium-40 {
shaping-rate 35g;
}
CCS-premium-10 {
shaping-rate 8g;
}
}
interqfaces {
interface-set et-0/0/0 {
output-traffic-control-profile CCS-premium-100;
}
interface-set xe-0/1/4 {
output-traffic-control-profile CCS-premium-10;
}
et-0/0/0 {
output-traffic-control-profile CCS-IF-100;
}
xe-0/1/4 {
output-traffic-control-profile CCS-IF-10;
}
}
scheduler-maps {
CCS-map-premium {
forwarding-class CCS-premium scheduler CCS-premium;
}
}
schedulers {
CCS-premium {
priority high;
}
}
} |
Physical layout
| Gliffy Diagram |
|---|
| name | Physical Layout |
|---|
| pagePin | 3 |
|---|
|
Logical layout
| Gliffy Diagram |
|---|
| name | Logical Layout |
|---|
| pagePin | 4 |
|---|
|
Specific set up of equipment before testing
MX204#1 uses breakout cable on FPC 0 PIC 0 port 3 for testing purpose.
Due to the lack of servers we need to make some additional settings on the HCoS#2 server itself to isolate 2 ports belonging to different logical servers (HCoS#2-D and HCoS#2-B) in order to achieve that the traffic from the first server passes through both MX204 routers and reaches the second server. We need to add some lines in the following files:
| Code Block |
|---|
| title | /etc/network/interfaces |
|---|
|
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto em1
iface em1 inet static
address 10.1.1.22
netmask 255.255.255.0
network 10.1.1.0
broadcast 10.1.1.255
gateway 10.1.1.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 8.8.8.8
up ip netns add isolated
up ip link set dev p4p2 netns isolated
up ip netns exec isolated ip addr add 192.168.2.1/24 dev p4p2
up ip netns exec isolated ip link set p4p2 up
#auto p4p2
#iface p4p2 inet static
# address 192.168.2.1
# netmask 255.255.255.0
auto p4p1.10
iface p4p1.10 inet static
address 192.168.0.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.20
iface p4p1.20 inet static
address 192.168.1.2
netmask 255.255.255.0
vlan-raw-device p4p1
auto p4p1.30
iface p4p1.30 inet static
address 192.168.2.2
netmask 255.255.255.0
vlan-raw-device p4p1 |
In this file we need to add seperated name space called isolated in which we put p4p2 interface. In order to have any action with that interface it is necessary to type ip netns exec isolated before any known command in command line.
| Code Block |
|---|
|
# /etc/modules: kernel modules to load at boot time.
#
# This file contains the names of kernel modules that should be loaded
# at boot time, one per line. Lines beginning with "#" are ignored.
8021q |
In this file we need to add 8021q in order to support tagging.
IP Addresses used on devices
| Device | IP Address | Interface | Purpose |
|---|
| HCoS#1 | 10.1.1.10 | iDrac | web access for management |
| 10.1.1.21 | em1 | ssh access for configuration |
| 192.168.0.1 | p3p2 | HCoS#1-A iPerf client |
| 192.168.1.1 | p3p1 | HCoS#1-C iPerf client |
| HCoS#2 | 10.1.1.11 | iDrac | web access for management |
| 10.1.1.22 | em1 | ssh access for configuration |
| 192.168.2.1 | p4p2 | HCoS#2-D iPerf client |
| 192.168.0.2 | p4p1.10 | HCoS#2-B iPerf server for point-to-point with HCoS#1-A iPerf client |
| 192.168.1.2 | p4p1.20 | HCoS#2-B iPerf server for point-to-point with HCoS#1-C iPerf client |
| 192.168.2.2 | p4p1.30 | HCoS#2-B iPerf server for point-to-point with HCoS#2-D iPerf client |
| MX204#1 | 10.1.0.67 | fxp0 | ssh access for configuration |
| MX204#2 | 10.1.0.131 | fxp0 | ssh access for configuration |
Configuration on MX204 routers
| Code Block |
|---|
|
system {
host-name Lab-MX204-1;
root-authentication {
encrypted-password "$6$VacgKGnC$4BEpkBv2K/BzzzGT8x7zdssG5WWdnAKwZI730c0NMfMNGWJB75rdQzOKgLheQdCKWk.oh4Mq2iwd.7Ha8.TZX/"; ## SECRET-DATA
}
login {
user admin {
uid 2000;
class super-user;
authentication {
encrypted-password "$6$ANEaOs6/$fEe9dWgcggZKPWrAbsBgfb.bVXmR90f5K8/yCRP0U02jGXyFViuv1JhqdNcfKouKjnIxItqTYOffnZsQ/0OIb1"; ## SECRET-DATA
}
}
}
services {
ssh {
root-login allow;
max-sessions-per-connection 32;
}
telnet;
netconf {
ssh;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
fpc 0 {
pic 0 {
port 0 {
speed 100g;
}
port 1 {
speed 100g;
}
port 2 {
speed 40g;
}
port 3 {
speed 10g;
}
}
pic 1 {
port 0 {
speed 10g;
}
port 1 {
speed 10g;
}
port 2 {
speed 10g;
}
port 3 {
speed 10g;
}
port 4 {
speed 10g;
}
port 5 {
speed 10g;
}
port 6 {
speed 10g;
}
port 7 {
speed 10g;
}
}
}
}
interfaces {
et-0/0/0 {
description to_MX204-2_et-0/0/0;
flexible-vlan-tagging;
mtu 9000;
encapsulation flexible-ethernet-services;
unit 10 {
encapsulation vlan-ccc;
vlan-id 10;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 20 {
encapsulation vlan-ccc;
vlan-id 20;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 30 {
encapsulation vlan-ccc;
vlan-id 30;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
}
xe-0/0/3:0 {
description to_HQoS1_p3p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier;
}
family ccc;
}
}
xe-0/0/3:1 {
description to_HQoS2_p4p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier;
}
family ccc;
}
}
xe-0/1/0 {
description to_alpha-compute0_p2p2;
mtu 9000;
unit 0;
}
xe-0/1/1 {
description to_alpha-compute1_em4_via_lab4-MX80_ge-1/3/8_xe-0/0/2;
mtu 9000;
unit 0;
}
xe-0/1/2 {
description to_alpha-bms2_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/3 {
description to_alpha-bms3_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/4 {
description to_HQoS1_p3p1;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-best-effort;
}
family ccc;
}
}
xe-0/1/5 {
description to_Corsa1_3;
mtu 9000;
unit 0;
}
fxp0 {
unit 0 {
family inet {
address 10.1.0.67/26;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.0.16.31/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop 10.1.0.65;
retain;
no-readvertise;
}
}
autonomous-system 65250;
}
protocols {
mpls {
interface all;
}
connections {
interface-switch ccc_AB {
interface xe-0/0/3:0.0;
interface et-0/0/0.10;
}
interface-switch ccc_CB {
interface xe-0/1/4.0;
interface et-0/0/0.20;
}
interface-switch ccc_DB {
interface xe-0/0/3:1.0;
interface et-0/0/0.30;
}
}
lldp {
interface all;
}
}
class-of-service {
forwarding-classes {
class ccs-best-effort queue-num 0;
class ccs-premium queue-num 7;
}
}
firewall {
family any {
filter ccs-mf-classifier {
term premium-data {
then {
policer ccs-policer;
forwarding-class ccs-premium;
}
}
}
filter ccs-best-effort {
term best-effort-data {
then forwarding-class ccs-best-effort;
}
}
}
policer ccs-policer {
if-exceeding {
bandwidth-limit 1g;
burst-size-limit 625k;
}
then discard;
}
} |
| Code Block |
|---|
|
system {
host-name Lab-MX204-2;
root-authentication {
encrypted-password "$6$b.GZQ1C/$.itickW3seG8eNyAHkQckPjoF1IKdY8A.K0SIrdqTILGSN67/N1WjIsOuVz5vxsYngeXYfyWg23oPwFGCrt1i0"; ## SECRET-DATA
}
login {
user admin {
uid 2000;
class super-user;
authentication {
encrypted-password "$6$uaI7ZXnH$1RLFxMhroFXIWth5t4EOspUOZ1GH1nQEEk/PExPz6tfqjB35I1u572sS0.E9wchCWGjJfWo0m7/OQYIq3FXpA0"; ## SECRET-DATA
}
}
}
services {
ssh {
root-login allow;
max-sessions-per-connection 32;
}
telnet;
netconf {
ssh;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
fpc 0 {
pic 0 {
port 0 {
speed 100g;
}
port 1 {
speed 100g;
}
port 2 {
speed 40g;
}
port 3 {
speed 10g;
}
}
pic 1 {
port 0 {
speed 10g;
}
port 1 {
speed 10g;
}
port 2 {
speed 10g;
}
port 3 {
speed 10g;
}
port 4 {
speed 10g;
}
port 5 {
speed 10g;
}
port 6 {
speed 10g;
}
port 7 {
speed 10g;
}
}
}
}
interfaces {
interface-set set-premium {
interface xe-0/1/4 {
unit 10;
unit 30;
}
}
interface-set set-best-effort {
interface xe-0/1/4 {
unit 20;
}
}
et-0/0/0 {
description to_MX204-1_et-0/0/0;
flexible-vlan-tagging;
mtu 9000;
encapsulation flexible-ethernet-services;
unit 10 {
encapsulation vlan-ccc;
vlan-id 10;
filter {
input ccs-mf-classifier;
}
family ccc;
}
unit 20 {
encapsulation vlan-ccc;
vlan-id 20;
filter {
input ccs-best-effort;
}
family ccc;
}
unit 30 {
encapsulation vlan-ccc;
vlan-id 30;
filter {
input ccs-mf-classifier;
}
family ccc;
}
}
xe-0/1/0 {
description to_beta-compute0_p1p1;
mtu 9000;
unit 0;
}
xe-0/1/1 {
description to_beta-compute1_em4_via_lab4-MX80_ge-1/3/9_xe-0/0/3;
mtu 9000;
unit 0;
}
xe-0/1/2 {
description to_beta-bms2_p2p1;
mtu 9000;
unit 0;
}
xe-0/1/3 {
description to_beta-bms3_p3p1;
mtu 9000;
unit 0;
}
xe-0/1/4 {
description to_HQoS2_p4p1;
hierarchical-scheduler;
flexible-vlan-tagging;
mtu 9000;
encapsulation flexible-ethernet-services;
unit 10 {
encapsulation vlan-ccc;
vlan-id 10;
family ccc;
}
unit 20 {
encapsulation vlan-ccc;
vlan-id 20;
family ccc;
}
unit 30 {
encapsulation vlan-ccc;
vlan-id 30;
family ccc;
}
}
xe-0/1/5 {
description to_Corsa2_3;
mtu 9000;
unit 0;
}
fxp0 {
unit 0 {
family inet {
address 10.1.0.131/26;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.0.16.32/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop 10.1.0.129;
retain;
no-readvertise;
}
}
autonomous-system 65250;
}
protocols {
mpls {
interface all;
}
connections {
interface-switch ccc_AB {
interface xe-0/1/4.10;
interface et-0/0/0.10;
}
interface-switch ccc_CB {
interface xe-0/1/4.20;
interface et-0/0/0.20;
}
interface-switch ccc_DB {
interface xe-0/1/4.30;
interface et-0/0/0.30;
}
}
lldp {
interface all;
}
}
class-of-service {
forwarding-classes {
class ccs-best-effort queue-num 0;
class ccs-premium queue-num 7;
}
traffic-control-profiles {
tcp-IF {
shaping-rate 10g;
}
tcp-premium {
shaping-rate 8g;
}
tcp-best-effort {
shaping-rate 5g;
}
tcp-premium-10 {
scheduler-map sched-map-premium;
shaping-rate 5g;
}
tcp-premium-30 {
scheduler-map sched-map-premium;
shaping-rate 3g;
}
tcp-best-effort-20 {
scheduler-map sched-map-best-effort;
shaping-rate 5g;
}
}
interfaces {
interface-set set-premium {
output-traffic-control-profile tcp-premium;
}
interface-set set-best-effort {
output-traffic-control-profile tcp-best-effort;
}
xe-0/1/4 {
output-traffic-control-profile tcp-IF;
unit 10 {
output-traffic-control-profile tcp-premium-10;
}
unit 20 {
output-traffic-control-profile tcp-best-effort-20;
}
unit 30 {
output-traffic-control-profile tcp-premium-30;
}
}
}
scheduler-maps {
sched-map-premium {
forwarding-class ccs-premium scheduler ccs-premium;
}
sched-map-best-effort {
forwarding-class ccs-best-effort scheduler ccs-best-effort;
}
}
schedulers {
ccs-premium {
priority high;
}
ccs-best-effort {
priority low;
}
}
}
firewall {
family any {
filter ccs-mf-classifier {
term premium-data {
then forwarding-class ccs-premium;
}
}
filter ccs-best-effort {
term best-effort-data {
then forwarding-class ccs-best-effort;
}
}
}
} |
Configuration on MX204 routers without unnecessary lines in configuration above regarding best-effort traffic
Configuration on MX204 routers
| Code Block |
|---|
|
system {
host-name Lab-MX204-1;
root-authentication {
encrypted-password "$6$VacgKGnC$4BEpkBv2K/BzzzGT8x7zdssG5WWdnAKwZI730c0NMfMNGWJB75rdQzOKgLheQdCKWk.oh4Mq2iwd.7Ha8.TZX/.7Ha8.TZX/"; ## SECRET-DATA
}
login {
user admin {
uid 2000;
class super-user;
authentication {
encrypted-password "$6$ANEaOs6/$fEe9dWgcggZKPWrAbsBgfb.bVXmR90f5K8/yCRP0U02jGXyFViuv1JhqdNcfKouKjnIxItqTYOffnZsQ/0OIb1"; ## SECRET-DATA
}
login {}
user adminopennsa {
uid 20002001;
class super-user;
authentication {
encryptedssh-passwordrsa "$6$ANEaOs6/$fEe9dWgcggZKPWrAbsBgfb.bVXmR90f5K8/yCRP0U02jGXyFViuv1JhqdNcfKouKjnIxItqTYOffnZsQ/0OIb1ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYwl5+ABxnx6ncILuomWA6fed4gGlaLqRaPEyIoGWeTs6ThWvKmnlFczO/Vyof14PbG31NRq8JyOY2K8tS7XMWSTzd6P+WltHhz4BwIARUMb1mMbUeWQN3y10ExYHx0E8ZT9sc6a00gJJXit0b6Mqh001jnAUI7emdfoaKsABLrRCt6gqOEaTaKwcF4BInbnr5f5TDJIH26d68TAb1t7eCxmO4LxFQAjWw+C8AVaBj6+ZEyV7+nQIE1FpHAmexCqKDEXdJ9yWJTYwZXKZABTKlNYmGhjAJX+SbVhFcF7KF3YZoDyhP/NenG+wKYhgHmx4k4zdDk55c8B4XQm88Ifzf opennsa@OpenNSA"; ## SECRET-DATA
}
}
}
services {
ssh {
root-login allow;
max-sessions-per-connection 32;
}
telnet;
netconf {
ssh;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
fpc 0 {
pic 0 {
port 0 {
speed 100g;
}
port 1 {
speed 100g;
}
port 2 {
speed 40g;
}
port 3 {
speed 10g;
}
}
pic 1 {
port 0 {
speed 10g;
}
port 1 {
speed 10g;
}
port 2 {
speed 10g;
}
port 3 {
speed 10g;
}
port 4 {
speed 10g;
}
port 5 {
speed 10g;
}
port 6 {
speed 10g;
}
port 7 {
speed 10g;
}
}
}
}
interfaces {
et-0/0/0 {
description to_MX204-2_et-0/0/0;
flexible-vlan-tagging;
mtu 9000;
encapsulation flexible-ethernet-services;
unit 10 {
encapsulation vlan-ccc;
vlan-id 10;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 20 {
encapsulation vlan-ccc;
vlan-id 20;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
unit 30 {
encapsulation vlan-ccc;
vlan-id 30;
input-vlan-map pop;
output-vlan-map push;
family ccc;
}
}
xe-0/0/3:0 {
description to_HQoS1_p3p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier-AB;
}
family ccc;
}
}
xe-0/0/3:1 {
description to_HQoS2_p4p2;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-mf-classifier-DB;
}
family ccc;
}
}
xe-0/1/0 {
description to_alpha-compute0_p2p2;
mtu 9000;
unit 0;
}
xe-0/1/1 {
description to_alpha-compute1_em4_via_lab4-MX80_ge-1/3/8_xe-0/0/2;
mtu 9000;
unit 0;
}
xe-0/1/2 {
description to_alpha-bms2_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/3 {
description to_alpha-bms3_p4p1;
mtu 9000;
unit 0;
}
xe-0/1/4 {
description to_HQoS1_p3p1;
mtu 9000;
encapsulation ethernet-ccc;
unit 0 {
filter {
input ccs-best-effort-ccc;
unit 0 }{
family ccc;
}
}
xe-0/1/5 {
description to_Corsa1_3;
mtu 9000;
unit 0;
}
fxp0 {
unit 0 {
family inet {
address 10.1.0.67/26;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.0.16.31/32;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop 10.1.0.65;
retain;
no-readvertise;
}
}
autonomous-system 65250;
}
protocols {
mpls {
interface all;
}
connections {
interface-switch ccc_AB {
interface xe-0/0/3:0.0;
interface et-0/0/0.10;
}
interface-switch ccc_CB {
interface xe-0/1/4.0;
interface et-0/0/0.20;
}
interface-switch ccc_DB {
interface xe-0/0/3:1.0;
interface et-0/0/0.30;
}
}
lldp {
interface all;
}
}
class-of-service {
forwarding-classes {
class ccs-best-effort queue-num 0;
class ccs-premium queue-num 7;
}
}
firewall {
family any {
filter ccs-mf-classifier-AB {
term premium-data {
then {
policer ccspolicer-policerAB;
forwarding-class ccs-premium;
}
}
}
filter ccs-bestmf-classifier-effortDB {
term best-effort-data {premium-data {
then {
policer policer-DB;
forwarding-class ccs-premium;
then forwarding-class ccs-best-effort;}
}
}
}
policer ccspolicer-policerAB {
if-exceeding {
bandwidth-limit 1g5g;
burst-size-limit 625k3125000;
}
then discard;
}
} |
| Code Block |
|---|
|
system {
policer host-name Lab-MX204-2;
root-authentication policer-DB {
encryptedif-password "$6$b.GZQ1C/$.itickW3seG8eNyAHkQckPjoF1IKdY8A.K0SIrdqTILGSN67/N1WjIsOuVz5vxsYngeXYfyWg23oPwFGCrt1i0"; ## SECRET-DATA
}exceeding {
login {
user admin {bandwidth-limit 3g;
uid 2000burst-size-limit 1875000;
class super-user;}
then discard;
}
} |
| Code Block |
|---|
|
systemauthentication {
host-name Lab-MX204-2;
root-authentication {
encrypted-password "$6$uaI7ZXnH$1RLFxMhroFXIWth5t4EOspUOZ1GH1nQEEk/PExPz6tfqjB35I1u572sS0.E9wchCWGjJfWo0m7/OQYIq3FXpA0$6$b.GZQ1C/$.itickW3seG8eNyAHkQckPjoF1IKdY8A.K0SIrdqTILGSN67/N1WjIsOuVz5vxsYngeXYfyWg23oPwFGCrt1i0"; ## SECRET-DATA
}
login }{
}
services {
sshuser admin {
root-loginuid allow2000;
max-sessions-per-connection 32;
}
class telnetsuper-user;
netconf {
authentication {
ssh;
}
}encrypted-password "$6$uaI7ZXnH$1RLFxMhroFXIWth5t4EOspUOZ1GH1nQEEk/PExPz6tfqjB35I1u572sS0.E9wchCWGjJfWo0m7/OQYIq3FXpA0"; ## SECRET-DATA
syslog {
user * {}
}
any emergency;
user opennsa {
}
file messagesuid {2001;
anyclass noticesuper-user;
authorizationauthentication info;{
}
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYwl5+ABxnx6ncILuomWA6fed4gGlaLqRaPEyIoGWeTs6ThWvKmnlFczO/Vyof14PbG31NRq8JyOY2K8tS7XMWSTzd6P+WltHhz4BwIARUMb1mMbUeWQN3y10ExYHx0E8ZT9sc6a00gJJXit0b6Mqh001jnAUI7emdfoaKsABLrRCt6gqOEaTaKwcF4BInbnr5f5TDJIH26d68TAb1t7eCxmO4LxFQAjWw+C8AVaBj6+ZEyV7+nQIE1FpHAmexCqKDEXdJ9yWJTYwZXKZABTKlNYmGhjAJX+SbVhFcF7KF3YZoDyhP/NenG+wKYhgHmx4k4zdDk55c8B4XQm88Ifzf opennsa@OpenNSA"; file## interactiveSECRET-commands {DATA
interactive-commands any;}
}
}
}
chassis services {
fpc 0ssh {
pic 0 { root-login allow;
port 0 {max-sessions-per-connection 32;
}
speed 100gtelnet;
netconf {
}
ssh;
port 1 {}
}
syslog {
speed 100g;
user * {
any }emergency;
}
port 2 {
file messages {
speedany 40gnotice;
}authorization info;
}
port 3 {
file interactive-commands {
speedinteractive-commands 10gany;
}
}
}
chassis {
fpc 0 }{
pic 10 {
port 0 {
speed 10g100g;
}
port 1 {
speed 10g100g;
}
port 2 {
speed 10g40g;
}
port 3 {
speed 10g;
}
port 4 {}
pic speed 10g;
1 {
}
port 50 {
speed 10g;
}
port 61 {
speed 10g;
}
port 72 {
speed 10g;
}
}
}
}
interfaces {
interface-set set-premium {
interface xe-0/1/4 {
}
port unit3 10;
{
unitspeed 3010g;
}
}
interface-set set-best-effort {
interface xe-0/1/port 4 {
unit 20 speed 10g;
}
}
et-0/0/0port 5 {
description to_MX204-1_et-0/0/0;
speed flexible-vlan-tagging10g;
mtu 9000;}
encapsulation flexible-ethernet-services;
port 6 {
unit 10 {
encapsulationspeed vlan-ccc10g;
vlan-id 10;
}
port filter7 {
input ccs-mf-classifierspeed 10g;
}
}
family ccc;}
}
interfaces {
interface-set }set-premium {
unit 20interface xe-0/1/4 {
encapsulationunit vlan-ccc10;
vlan-idunit 2030;
}
filter {}
et-0/0/0 {
input ccs-best-effortdescription to_MX204-1_et-0/0/0;
}flexible-vlan-tagging;
family cccmtu 9000;
}encapsulation flexible-ethernet-services;
unit 3010 {
encapsulation vlan-ccc;
vlan-id 3010;
filter {
input ccs-mf-classifier;
}
family ccc;
}
}
xe-0/1/0unit 20 {
description to_beta-compute0_p1p1;
mtu 9000encapsulation vlan-ccc;
unit 0;
}
xe-0/1/1 {
vlan-id 20;
description to_beta-compute1_em4_via_lab4-MX80_ge-1/3/9_xe-0/0/3;
mtufamily 9000ccc;
unit}
0;
}
xe-0/1/2unit 30 {
descriptionencapsulation to_beta-bms2_p2p1vlan-ccc;
mtuvlan-id 900030;
unit 0;
filter }{
xe-0/1/3 {
description to_beta-bms3_p3p1input ccs-mf-classifier;
mtu 9000; }
unit 0;
family }ccc;
xe-0/1/4 {
}
description to_HQoS2_p4p1;}
hierarchical-scheduler;xe-0/1/0 {
flexible-vlan-taggingdescription to_beta-compute0_p1p1;
mtu 9000;
encapsulation flexible-ethernet-servicesunit 0;
}
unit 10 xe-0/1/1 {
encapsulation vlan-cccdescription to_beta-compute1_em4_via_lab4-MX80_ge-1/3/9_xe-0/0/3;
vlan-id 10mtu 9000;
unit 0;
family ccc;}
}xe-0/1/2 {
unit 20 {description to_beta-bms2_p2p1;
encapsulation vlan-cccmtu 9000;
unit 0;
vlan-id 20;}
xe-0/1/3 {
family ccc description to_beta-bms3_p3p1;
}mtu 9000;
unit 30 {0;
}
xe-0/1/4 {
encapsulation vlan-ccc;
description to_HQoS2_p4p1;
vlanhierarchical-id 30scheduler;
family cccflexible-vlan-tagging;
}mtu 9000;
}
xe-0/1/5 {
encapsulation flexible-ethernet-services;
unit description to_Corsa2_3;
10 {
mtuencapsulation 9000vlan-ccc;
unit 0;
vlan-id }10;
fxp0 {
unit 0 {family ccc;
}
family inet {
unit 20 {
address 10.1.0.131/26encapsulation vlan-ccc;
}vlan-id 20;
}
family }ccc;
lo0 {}
unit 030 {
family inet {encapsulation vlan-ccc;
address 10.0.16.32/32vlan-id 30;
family }ccc;
}
}
}
routing-options {
staticxe-0/1/5 {
route 0.0.0.0/0 {description to_Corsa2_3;
next-hop 10.1.0.129mtu 9000;
unit retain0;
}
fxp0 {
no-readvertise;
unit 0 }{
}
autonomous-system 65250;
}
protocols {
family mplsinet {
interface all;
}
connections {
address 10.1.0.131/26;
interface-switch ccc_AB {}
}
interface xe-0/1/4.10;
}
lo0 {
interfaceunit et-0/0/0.10;0 {
}
family inet {
interface-switch ccc_CB {
interfaceaddress xe-0/1/4.2010.0.16.32/32;
interface et-0/0/0.20;}
}
}
}
routing-options {
interface-switch ccc_DB static {
interface xe-0/1/4.30;route 0.0.0.0/0 {
interface et-0/0/0.30next-hop 10.1.0.129;
}
}retain;
lldp {
no-readvertise;
interface all;
}
}
class-of-service {
forwarding-classes {}
autonomous-system 65250;
}
protocols {
class ccs-best-effort queue-num 0; mpls {
class ccs-premium queue-num 7interface all;
}
traffic-control-profilesconnections {
tcp-IFinterface-switch ccc_AB {
shaping-rate 10ginterface xe-0/1/4.10;
}
interface et-0/0/0.10;
tcp-premium {
}
shaping-rate 8g;
interface-switch ccc_CB {
}
interface tcp-best-effort {
xe-0/1/4.20;
interface shaping-rate 5get-0/0/0.20;
}
tcp-premium-10interface-switch ccc_DB {
scheduler-mapinterface sched-map-premiumxe-0/1/4.30;
interface shaping-rate 5get-0/0/0.30;
}
tcp-premium-30 {}
lldp {
scheduler-map sched-map-premiuminterface all;
}
}
class-of-service {
forwarding-classes {
shaping-rate 3g;
class ccs-premium queue-num }7;
}
tcptraffic-bestcontrol-effort-20profiles {
scheduler-map sched-map-best-effort;tcp-IF {
shaping-rate 5g10g;
}
}
interfaces {
interface-set set-tcp-premium {
output-traffic-control-profile tcp-premiumshaping-rate 8g;
}
interface-set set-best-efforttcp-premium-10 {
output-traffic-control-profile tcp-best-effortscheduler-map sched-map-premium;
}
shaping-rate 5g;
xe-0/1/4 {
}
outputtcp-trafficpremium-control-profile tcp-IF;30 {
unit 10 {scheduler-map sched-map-premium;
output-traffic-control-profile tcp-premium-10shaping-rate 3g;
}
}
interfaces {
unit 20interface-set set-premium {
output-traffic-control-profile tcp-best-effort-20premium;
}
unit 30xe-0/1/4 {
output-traffic-control-profile tcp-premium-30IF;
}
unit }10 {
}
scheduler-maps {
schedoutput-map-premium {
forwarding-class ccs-premium scheduler ccs-premiumtraffic-control-profile tcp-premium-10;
}
sched-map-best-effort {}
forwarding-class ccs-best-effort scheduler ccs-best-effort;unit 30 {
}
}
schedulers {output-traffic-control-profile tcp-premium-30;
ccs-premium {
}
}
priority high;
}
scheduler-maps }{
ccssched-bestmap-effortpremium {
priority lowforwarding-class ccs-premium scheduler ccs-premium;
}
}
}
firewall {
family anyschedulers {
filter ccs-mf-classifier {
term premium-data {
then forwarding-class ccs-premiumpriority high;
}
}
}
firewall {
family any }{
filter ccs-bestmf-effortclassifier {
term best-effortpremium-data {
then forwarding-class ccs-best-effortpremium;
}
}
}
}
|
iPerf tool for HCoS testing
...
