CR配置注释文档格式.docx
《CR配置注释文档格式.docx》由会员分享,可在线阅读,更多相关《CR配置注释文档格式.docx(66页珍藏版)》请在冰豆网上搜索。
encrypted-password"
$1$W9IY3/.K$c23Slx1nKtP8eO3DjLEQm."
##SECRET-DATA
tacplus-server{//tacaus服务器配置
202.103.194.99{
port49;
secret"
$9$rEmK8xZGi.mTUjmTzFAtrev"
single-connection;
source-address222.217.182.1;
login{
classsuper-user-local{//配置用户组
idle-timeout20;
//定义登陆超时时间
permissionsall;
//定义权限
classview{
permissions[viewview-configuration];
usergxnaop{//配置本地用户帐号
uid2001;
//系统分配的UID
classview;
//分派本地用户权限
authentication{//本地用户密码
$1$gCMGFYAz$7Zg18iuyL9RZizuj0FLcp."
usergxnocsj{
uid2006;
classsuper-user-local;
authentication{
$1$P/BGOUVs$ttlqAFvSAOepf3H9lqrDw."
usergxwg{
uid2011;
classread-only;
encrypted-passwordgxwg;
userlab{
uid20111;
classsuper-user;
$1$OodMr4zx$CURZ7cicDzkw2nlVgY2do."
services{
telnet{//开启Telnet管理服务
connection-limit16;
//配置最大登陆数
rate-limit5;
//配置每分钟允许尝试登陆数
syslog{//系统日志配置
user*{
anyemergency;
host202.103.194.99{//配置远程日志服务器
anyany;
filemessages{//配置本地日志文件
anyinfo;
//定义记录日志的等级
authorizationinfo;
pfecritical;
archivesize5m;
//定义日志文件大小
explicit-priority;
fileinteractive-commands{//配置本地日志文件interactive-commands
interactive-commandsany;
//记录操作命令
filetroubleshooting{
time-formatyear;
ntp{//配置NTP时间服务器
server202.103.194.43version3;
source-address202.103.194.43;
chassis{
redundancy{
routing-engine0master;
//指定RE0作为主用路由引擎
graceful-switchover;
//开启GRES
aggregated-devices{
ethernet{
device-count15;
//全局开启汇聚接口
fpc0{
pic0{
framingsonet;
//配置sonet接口的封装模式
fpc4{
pic1{
framingsdh;
pic2{
pic3{
alarm{//设备告警配置
management-ethernet{
link-downignore;
//过滤由管理接口(FXP)链路Down而触发的系统告警
interfaces{
so-0/0/0{
descriptionTo_LZ-LCLJ-D-2.163_10GE:
:
so-6/0/0:
64N0002IP;
//端口描述不符合命名规范
mtu9180;
//配置物理接口MTU值
clockingexternal;
encapsulationppp;
//配置封装模式
sonet-options{//配置SONET接口参数
fcs32;
rfc-2615;
unit0{//配置子接口
familyinet{
address218.65.152.6/30;
//配置IP地址及掩码
ge-0/3/1{
descriptionTo_M-BH-HEPU-B-NE80E-01:
GE1/0/10;
mtu3014;
gigether-options{
no-auto-negotiation;
//关闭自动协商
address222.217.182.37/30;
familyiso;
//接口下开启ISIS数据包封装
familympls;
//接口下开启MPLS数据包封装
ge-0/3/6{
descriptionTo_IDC_NE80E_G1/0/2;
802.3adae0;
//配置端口汇聚
}
ge-0/3/7{
descriptionTo_IDC_NE80E_G1/0/3;
ge-2/1/0{
descriptionTo_M-BH-SCLJU-B-E320-01:
GE13/0/0;
vlan-tagging;
unit50{
descriptiondefault;
vlan-id50;
address218.65.152.89/30;
unit51{
descriptionStatic-user;
vlan-id51;
filter{
inputCN2-VIP-FLOW;
address218.65.152.93/30;
unit52{
descriptionMPLS-VR;
vlan-id52;
address218.65.152.157/30;
unit53{
descriptionDJIPTV;
vlan-id53;
address218.65.152.101/30;
unit54{
descriptionIPC;
vlan-id54;
address218.65.152.105/30;
unit55{
descriptionWLAN;
vlan-id55;
address218.65.152.109/30;
unit56{
descriptioncampus;
vlan-id56;
address218.65.152.145/30;
xe-2/2/0{
descriptionTo_M-BH-HP-B-ME60-01:
GE2/0/0;
address222.217.182.125/30;
ae0{//汇聚端口配置
descriptionTo_IDC_NE80E;
aggregated-ether-options{
minimum-links1;
//配置汇聚端口最小链路数
link-speed1g;
rpf-check;
address222.217.182.229/30;
fxp0{//全局管理接口配置,用作带外管理
address10.109.32.25/24;
address10.109.32.250/24;
lo0{//设备逻辑loopback接口配置
inputre_protection_in;
//应用访问控制列表至路由引擎,增加设备自身安全性
address222.217.182.1/32;
familyiso{
address86.4645.0779.2222.1718.2001.00;
//配置ISIS地址
forwarding-options{
hash-key{//协议的HASH算法
layer-3;
layer-4;
familympls{
label-1;
label-2;
payload{
ip;
snmp{
community"
Zyyc%telyk"
{//SNMP字符串
authorizationread-only;
//SNMP读写权限
clients{//SNMP客户端访问地址范围
202.103.194.99/32;
202.103.194.101/32;
communityro-string{
clients{
218.65.202.90/32;
202.103.208.179/32;
202.103.197.142/32;
202.103.214.0/27;
communityrw-string{
communitytest{
116.8.129.241/32;
116.8.129.194/32;
116.11.23.148/32;
trap-groupjni{//SNMP版本及触发配置
versionv2;
categories{
chassis;
link;
routing;
startup;
routing-options{
graceful-restart;
interface-routes{
rib-groupinetCN2_VIP_USER;
//将路由器接口路由导至对应表格中
static{//静态路由配置
route222.217.182.29/32{
next-hop218.65.152.106;
preference1;
route180.137.96.0/19{
discard;
preference180;
route218.65.227.0/24{
next-hop222.217.182.54;
route218.65.226.0/24{
route218.65.228.0/24{
route10.20.0.0/24{
route10.20.4.0/24{
route10.20.5.0/24{
route222.83.248.0/23{
route124.227.64.0/20{
route113.14.112.0/20{
route180.141.96.0/19{
route202.97.32.171/32next-hop[218.65.152.5222.217.182.77];
route116.8.5.0/24{
route180.143.152.0/21{
route218.65.224.0/21{
preference255;
route222.83.188.0/22{
route171.104.168.0/21{
route220.173.216.0/21{
route220.173.220.0/23next-hop222.217.182.54;
route59.43.1.169/32next-hop59.43.71.57;
route202.97.32.170/32next-hop[218.65.152.9222.217.182.73];
route61.139.236.0/22{
route113.15.160.0/19{
route113.17.0.0/19{
route116.10.64.0/20{
route116.10.124.0/25{
route116.10.212.192/26{
route116.11.0.0/19{
route116.11.32.0/23{
route202.103.192.127/32{
route202.103.192.128/30{
route202.103.192.132/32{
route202.103.192.140/30{
route202.103.214.0/23{
route202.103.247.0/24{
route218.65.132.0/24{
route218.65.152.0/24{
route218.65.168.0/24{
route219.159.192.0/20{
route219.159.251.0/24{
route220.173.224.0/21{
route222.83.190.0/23{
route222.83.244.0/22{
route222.216.219.0/24{
route222.217.182.0/24{
route222.218.152.0/21{
route222.218.160.0/20{
route222.218.176.0/21{
route218.65.132.97/32{
route222.83.247.0/24{
route222.217.182.3/32{
route222.217.182.27/32{
next-hop218.65.152.102;
route222.83.192.0/20{
route171.107.32.0/21{
rib-groups{//定义rib-groups
CN2_VIP_USER{
import-rib[i