[go: up one dir, main page]
Scribd
Upload
108 views25 pages

Cisco ASR901 Configuration Guide

This document configures quality of service policies and interfaces for a network device connecting multiple small cells. It defines QoS policies for traffic classification and prioritization. It also configures several gigabit Ethernet interfaces for connections to small cells and applies the QoS policies to the interfaces.

Uploaded by

amriteshsingh645
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
108 views25 pages

Cisco ASR901 Configuration Guide

This document configures quality of service policies and interfaces for a network device connecting multiple small cells. It defines QoS policies for traffic classification and prioritization. It also configures several gigabit Ethernet interfaces for connections to small cells and applies the QoS policies to the interfaces.

Uploaded by

amriteshsingh645
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

!

login block-for 100 attempts 3 within 100

login delay 3

login quiet-mode access-class MGMT-VTY-IPv6

hostname BOAMBOAMESS002

boot-start-marker

boot system flash:[Link]

boot-end-marker

logging buffered 65536

logging host ipv6 [Link]

no logging console

logging buffered informational

enable secret 5 Cisco123!@#

no logging monitor

logging trap informational

logging buffered 16384 informational

no ip icmp redirect

logging source-interface vlan888

no ip http secure-server

archive

log config

logging enable

logging size 200


notify syslog contenttype plaintext

hidekeys

memory reserve critical 1000

memory free low-watermark processor 2000

memory free low-watermark IO 2000

aaa new-model

aaa group server tacacs+ ACSSERVER

server name TACACS1

server name TACACS2

aaa authentication login AAA-CONSOLE-LOCAL local

aaa authentication login AAA-VTY-ACS group ACSSERVER local

aaa authentication enable default group ACSSERVER enable

aaa authorization config-commands

aaa authorization exec AAA-VTY-ACS group ACSSERVER local

aaa authorization commands 1 AAA-VTY-ACS group ACSSERVER local

aaa authorization commands 15 AAA-VTY-ACS group ACSSERVER local

aaa accounting update newinfo

aaa accounting exec default start-stop group ACSSERVER

aaa accounting commands 1 AAA-VTY-ACS start-stop group ACSSERVER

aaa accounting commands 15 AAA-VTY-ACS start-stop group ACSSERVER

aaa accounting connection default start-stop group ACSSERVER

aaa accounting system default start-stop group ACSSERVER

aaa session-id common

aaa password restriction

clock timezone IST 5 30

no ip source-route
ip cef

no ip domain lookup

ip domain name [Link]

no ipv6 source-route

ipv6 unicast-routing

ipv6 cef

multilink bundle-name authenticated

table-map CTRL

map from 7 to 5

map from 6 to 6

map from 5 to 6

map from 4 to 6

map from 3 to 6

map from 2 to 6

map from 1 to 6

map from 0 to 6

default copy

no l3-over-l2 flush buffers

cpu traffic qos prec table CTRL

spanning-tree mode pvst

spanning-tree extend system-id

license boot level AdvancedMetroIPAccess

username rjil privilege 15 secret Rjil123

!
process-max-time 50

ip ftp source-interface vlan888

ip tftp source-interface vlan888

crypto key generate rsa modulus 1024

ip ssh time-out 60

ip ssh version 2

ip ssh dscp 18

ip dhcp bootp ignore

no ip bootp server

asr901-storm-control-bpdu 1000

no ip http server

ip http secure-server

ip http timeout-policy idle 600 life 14400 requests 25

no cdp run

ip options drop

no ip igmp snooping

login block-for 100 attempts 3 within 100

login delay 3

login quiet-mode access-class MGMT-VTY-IPv6

process cpu threshold type total rising 80 interval 30

process cpu statistics limit entry-percentage 80 size 86400

class-map match-any QOS-HOSTED-AV-DSCP

match dscp af32

class-map match-any QOS-OAM-DSCP


match dscp cs2

class-map match-any QOS-INT-PREMIUM-DSCP

match dscp af22

class-map match-any QOS-SIGNALING-QGRP

match qos-group 7

class-map match-any QOS-CONTROL-QGRP

match qos-group 6

class-map match-any QOS-VOICE-QGRP

match qos-group 5

class-map match-any QOS-IPTV-QGRP

match qos-group 4

class-map match-any QOS-HOSTED-AV-QGRP

match qos-group 3

class-map match-any QOS-OAM-QGRP

match qos-group 2

class-map match-any QOS-INT-PREMIUM-QGRP

match qos-group 1

class-map match-any QOS-CONTROL-DSCP

match dscp cs6

class-map match-any QOS-SIGNALING-DSCP

match dscp cs5

class-map match-any QOS-VOICE-DSCP

match dscp ef cs7

class-map match-any QOS-IPTV-DSCP

match dscp af31 af41

policy-map RJIL-QOS-UNI-OUT-PARENT

class QOS-VOICE-QGRP

priority percent 25
class QOS-SIGNALING-QGRP

bandwidth percent 5

class QOS-CONTROL-QGRP

bandwidth percent 1

class QOS-IPTV-QGRP

bandwidth percent 20

class QOS-HOSTED-AV-QGRP

bandwidth percent 10

class QOS-OAM-QGRP

bandwidth percent 5

class QOS-INT-PREMIUM-QGRP

bandwidth percent 16

class class-default

bandwidth percent 18

policy-map RJIL-QOS-UNI-IN-CHILD

class QOS-VOICE-DSCP

set qos-group 5

class QOS-CONTROL-DSCP

set qos-group 6

class QOS-IPTV-DSCP

set qos-group 4

class QOS-HOSTED-AV-DSCP

set qos-group 3

class QOS-OAM-DSCP

set qos-group 2

class QOS-INT-PREMIUM-DSCP

set qos-group 1

class QOS-SIGNALING-DSCP

set qos-group 7
class class-default

policy-map RJIL-QOS-UNI-IN-PARENT

class class-default

police 100000000

service-policy RJIL-QOS-UNI-IN-CHILD

policy-map RJIL-QOS-NTWK-NNI-OUT-PARENT

class QOS-VOICE-QGRP

priority percent 25

class QOS-SIGNALING-QGRP

bandwidth percent 5

class QOS-CONTROL-QGRP

bandwidth percent 1

class QOS-IPTV-QGRP

bandwidth percent 20

class QOS-HOSTED-AV-QGRP

bandwidth percent 10

class QOS-OAM-QGRP

bandwidth percent 5

class QOS-INT-PREMIUM-QGRP

bandwidth percent 16

class class-default

bandwidth percent 18

policy-map RJIL-QOS-NTWK-NNI-IN-PARENT

class QOS-VOICE-DSCP

set qos-group 5

class QOS-CONTROL-DSCP
set qos-group 6

class QOS-IPTV-DSCP

set qos-group 4

class QOS-HOSTED-AV-DSCP

set qos-group 3

class QOS-OAM-DSCP

set qos-group 2

class QOS-INT-PREMIUM-DSCP

set qos-group 1

class QOS-SIGNALING-DSCP

set qos-group 7

class class-default

interface GigabitEthernet0/4

description # Small Cell-1 #

mtu 9216

media-type auto-select

storm-control broadcast level 1.00

storm-control action trap

no lldp transmit

no lldp receive

dampening

no cdp enable

no ip address

load-interval 30

no shutdown

negotiation auto

synchronous mode

service-policy input RJIL-QOS-UNI-IN-PARENT


service-policy output RJIL-QOS-UNI-OUT-PARENT

service instance 601 ethernet

description # To SC - R4G_Bearer #

encapsulation dot1q 601

rewrite ingress tag pop 1 symmetric

bridge-domain 601

service instance 602 ethernet

description # To SC - R4G_Signalling #

encapsulation dot1q 602

rewrite ingress tag pop 1 symmetric

bridge-domain 602

service instance 603 ethernet

description # To SC - R4G_o&m #

encapsulation dot1q 603

rewrite ingress tag pop 1 symmetric

bridge-domain 603

service instance 604 ethernet

description # To SC-Multicast #

encapsulation dot1q 604

rewrite ingress tag pop 1 symmetric

bridge-domain 604

service instance 605 ethernet

description # SC-WiFi Access Point #

encapsulation dot1q 605

rewrite ingress tag pop 1 symmetric


bridge-domain 605

interface GigabitEthernet0/5

description # Small Cell-2 #

mtu 9216

media-type auto-select

storm-control broadcast level 1.00

storm-control action trap

no lldp transmit

no lldp receive

dampening

no cdp enable

no ip address

load-interval 30

no shutdown

negotiation auto

synchronous mode

service-policy input RJIL-QOS-UNI-IN-PARENT

service-policy output RJIL-QOS-UNI-OUT-PARENT

service instance 601 ethernet

description # To SC - R4G_Bearer #

encapsulation dot1q 601

rewrite ingress tag pop 1 symmetric

bridge-domain 601

service instance 602 ethernet

description # To SC - R4G_Signalling #
encapsulation dot1q 602

rewrite ingress tag pop 1 symmetric

bridge-domain 602

service instance 603 ethernet

description # To SC - R4G_o&m #

encapsulation dot1q 603

rewrite ingress tag pop 1 symmetric

bridge-domain 603

service instance 604 ethernet

description # To SC-Multicast #

encapsulation dot1q 604

rewrite ingress tag pop 1 symmetric

bridge-domain 604

service instance 605 ethernet

description # SC-WiFi Access Point #

encapsulation dot1q 605

rewrite ingress tag pop 1 symmetric

bridge-domain 605

interface GigabitEthernet0/6

description # Small Cell-3 #

mtu 9216

media-type auto-select

storm-control broadcast level 1.00

storm-control action trap

no lldp transmit

no lldp receive
dampening

no cdp enable

no ip address

load-interval 30

no shutdown

negotiation auto

synchronous mode

service-policy input RJIL-QOS-UNI-IN-PARENT

service-policy output RJIL-QOS-UNI-OUT-PARENT

service instance 601 ethernet

description # To SC - R4G_Bearer #

encapsulation dot1q 601

rewrite ingress tag pop 1 symmetric

bridge-domain 601

service instance 602 ethernet

description # To SC - R4G_Signalling #

encapsulation dot1q 602

rewrite ingress tag pop 1 symmetric

bridge-domain 602

service instance 603 ethernet

description # To SC - R4G_o&m #

encapsulation dot1q 603

rewrite ingress tag pop 1 symmetric

bridge-domain 603

service instance 604 ethernet


description # To SC-Multicast #

encapsulation dot1q 604

rewrite ingress tag pop 1 symmetric

bridge-domain 604

service instance 605 ethernet

description # SC-WiFi Access Point #

encapsulation dot1q 605

rewrite ingress tag pop 1 symmetric

bridge-domain 605

interface GigabitEthernet0/7

description # Small Cell-4 #

mtu 9216

media-type auto-select

storm-control broadcast level 1.00

storm-control action trap

no lldp transmit

no lldp receive

dampening

no cdp enable

no ip address

load-interval 30

no shutdown

negotiation auto

synchronous mode

service-policy input RJIL-QOS-UNI-IN-PARENT

service-policy output RJIL-QOS-UNI-OUT-PARENT

!
service instance 601 ethernet

description # To SC - R4G_Bearer #

encapsulation dot1q 601

rewrite ingress tag pop 1 symmetric

bridge-domain 601

service instance 602 ethernet

description # To SC - R4G_Signalling #

encapsulation dot1q 602

rewrite ingress tag pop 1 symmetric

bridge-domain 602

service instance 603 ethernet

description # To SC - R4G_o&m #

encapsulation dot1q 603

rewrite ingress tag pop 1 symmetric

bridge-domain 603

service instance 604 ethernet

description # To SC-Multicast #

encapsulation dot1q 604

rewrite ingress tag pop 1 symmetric

bridge-domain 604

service instance 605 ethernet

description # SC-WiFi Access Point #

encapsulation dot1q 605

rewrite ingress tag pop 1 symmetric

bridge-domain 605
!

interface GigabitEthernet0/3

description # TO-BOAMBOAMESR005-GigabitEthernet0/0/3-UBR #

mtu 9216

media-type auto-select

storm-control broadcast level 1.00

storm-control action trap

no lldp transmit

no lldp receive

dampening

no cdp enable

no ip address

load-interval 30

no shutdown

negotiation auto

synchronous mode

service-policy input RJIL-QOS-UNI-IN-PARENT

service-policy output RJIL-QOS-UNI-OUT-PARENT

service instance 888 ethernet

description # Mgmt For 901 L2 Switch #

encapsulation dot1q 888

rewrite ingress tag pop 1 symmetric

bridge-domain 888

service instance 601 ethernet

description # To SC - R4G_Bearer #

encapsulation dot1q 601

rewrite ingress tag pop 1 symmetric


bridge-domain 601

service instance 602 ethernet

description # To SC - R4G_Signalling #

encapsulation dot1q 602

rewrite ingress tag pop 1 symmetric

bridge-domain 602

service instance 603 ethernet

description # To SC - R4G_o&m #

encapsulation dot1q 603

rewrite ingress tag pop 1 symmetric

bridge-domain 603

service instance 604 ethernet

description # To SC-Multicast #

encapsulation dot1q 604

rewrite ingress tag pop 1 symmetric

bridge-domain 604

service instance 605 ethernet

description # SC-WiFi Access Point #

encapsulation dot1q 605

rewrite ingress tag pop 1 symmetric

bridge-domain 605

service instance 951 ethernet

description # SC-Utility #

encapsulation dot1q 951


rewrite ingress tag pop 1 symmetric

bridge-domain 951

service instance 952 ethernet

description # SC-Utility #

encapsulation dot1q 952

rewrite ingress tag pop 1 symmetric

bridge-domain 952

service instance 585 ethernet

description # TO -SAP ID - UBR mgmt #

encapsulation dot1q 585

rewrite ingress tag pop 1 symmetric

bridge-domain 585

interface GigabitEthernet0/1

description # TO-Utility #

mtu 9216

media-type auto-select

storm-control broadcast level 1.00

storm-control action trap

no lldp transmit

no lldp receive

dampening

no cdp enable

no ip address

load-interval 30

no shutdown

negotiation auto

synchronous mode
service-policy input RJIL-QOS-UNI-IN-PARENT

service-policy output RJIL-QOS-UNI-OUT-PARENT

service instance 951 ethernet

description # To SC - Utility #

encapsulation dot1q 951

rewrite ingress tag pop 1 symmetric

bridge-domain 951

service instance 952 ethernet

description # To SC - Utility #

encapsulation dot1q 952

rewrite ingress tag pop 1 symmetric

bridge-domain 952

interface GigabitEthernet0/0

description # TO-Utility-SAS #

mtu 9216

media-type auto-select

storm-control broadcast level 1.00

storm-control action trap

no lldp transmit

no lldp receive

dampening

no cdp enable

no ip address

load-interval 30

no shutdown

negotiation auto
synchronous mode

service-policy input RJIL-QOS-UNI-IN-PARENT

service-policy output RJIL-QOS-UNI-OUT-PARENT

service instance 951 ethernet

description # To SC - Utility-SAS #

encapsulation dot1q 951

rewrite ingress tag pop 1 symmetric

bridge-domain 951

service instance 952 ethernet

description # To SC - Utility-SAS #

encapsulation dot1q 952

rewrite ingress tag pop 1 symmetric

bridge-domain 952

interface GigabitEthernet0/2

media-type auto-select

description # Unused Port #

shutdown

interface Vlan888

description # Mgmt interface for A901 #

mtu 9216

ip verify unicast reverse-path

no ip redirects
no ip unreachables

no ip proxy-arp

load-interval 30

ipv6 address [Link]/120

ipv6 enable

no ipv6 redirects

no ipv6 unreachables

no shutdown

ipv6 route ::/0 [Link]

ip access-list standard MGMT-VTY-IPv4

deny any

ipv6 access-list MGMT-VTY-IPv6

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/60 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/40 any


permit ipv6 [Link]/44 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/112 any

permit ipv6 [Link]/64 any

ipv6 access-list MGMT-SNMP-IPv6

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/44 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/64 any

permit ipv6 [Link]/112 any

permit ipv6 [Link]/64 any

banner login ^

-------------------------------------------------------------------------

UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED


You must have explicit, authorized permission to access or configure this

device.

Unauthorized attempts and actions to access or use this system may result

in civil and/or criminal penalties.

All activities performed on this device are logged and monitored.

NE-ID INBRJMDPMNGONB0004ENBESS001

SAP-ID I-BR-JMDP-ESC-0023

FAC-ID INBRJMDPMNGONB000

HostName JMDPMNGOESS005

-------------------------------------------------------------------------

banner motd ^

-------------------------------------------------------------------------

UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED

You must have explicit, authorized permission to access or configure this

device.

Unauthorized attempts and actions to access or use this system may result

in civil and/or criminal penalties.

All activities performed on this device are logged and monitored.

NE-ID INBRJMDPMNGONB0004ENBESS001

SAP-ID I-BR-JMDP-ESC-0023

FAC-ID INBRJMDPMNGONB000

HostName JMDPMNGOESS005

-------------------------------------------------------------------------

tacacs server TACACS1

address ipv6 [Link]


key Rjio@55836

tacacs server TACACS2

address ipv6 [Link]

key Rjio@55836

snmp-server community OnM4G@Ge0 RO ipv6 MGMT-SNMP-IPv6

snmp-server trap-source Vlan888

snmp-server ip dscp 18

snmp-server source-interface informs Vlan888

snmp-server queue-length 1000

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps transceiver all

snmp-server enable traps tty

snmp-server enable traps config-copy

snmp-server enable traps config

snmp-server enable traps config-ctid

snmp-server enable traps aaa_server

snmp-server enable traps memory bufferpeak

snmp-server enable traps fru-ctrl

snmp-server enable traps entity

snmp-server enable traps cpu threshold

snmp-server enable traps envmon

snmp-server enable traps vlancreate

snmp-server enable traps vlandelete

snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-


change inconsistency

snmp-server enable traps bulkstat collection transfer

snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down

snmp-server host [Link] version 2c OnM4G@Ge0

snmp ifmib ifalias long


snmp ifmib ifindex persist

line con 0

exec-timeout 600 0

privilege level 15

logging synchronous

login authentication AAA-CONSOLE-LOCAL

transport output none

stopbits 1

line vty 0 4

no access-class MGMT-VTY-IPv4 in vrf-also

exec-timeout 600 0

privilege level 15

no 6 access-class MGMT-VTY-IPv6 in

authorization commands 15 AAA-VTY-ACS

accounting commands 15 AAA-VTY-ACS

logging synchronous

login authentication AAA-VTY-ACS

transport preferred none

transport output ssh

transport input ssh

line vty 5 98

no exec

IPv6 access-list NTP-ACL-IPv6

permit ipv6 host [Link] any

ntp authentication-key 1 md5 107C03100A373C1F1C 7

ntp authenticate

ntp trusted-key 1
ntp source Vlan888

ntp server [Link]

ntp access-group ipv6 peer NTP-ACL-IPv6

########################## End of ASR901 SC L2 Switch Spur GCT


###############################

You might also like