Розбіжності
Тут показані розбіжності між вибраною ревізією та поточною версією сторінки.
| Порівняння попередніх версій Попередня ревізія Наступна ревізія | Попередня ревізія | ||
| juniper:mx_bras [06/04/2022 21:39] – Method | juniper:mx_bras [18/06/2023 21:52] (поточний) – Method | ||
|---|---|---|---|
| Рядок 1: | Рядок 1: | ||
| - | ====== | + | {{tag>Juniper |
| - | В даному розділі буду описувати свій досвід налаштування Juniper MX в ролі [[https:// | + | |
| - | На моїй практиці були налаштовані Juniper MX80 MX104 MX960, на останній моделі зупинились (провайдер на якого я працюю), | ||
| ===== DHCP server ===== | ===== DHCP server ===== | ||
| Рядок 22: | Рядок 20: | ||
| set system services dhcp-local-server group IPOE_QINQ authentication username-include mac-address | set system services dhcp-local-server group IPOE_QINQ authentication username-include mac-address | ||
| set system services dhcp-local-server group IPOE_QINQ authentication username-include vlan-tags | set system services dhcp-local-server group IPOE_QINQ authentication username-include vlan-tags | ||
| - | set system services dhcp-local-server group IPOE_QINQ liveness-detection failure-action clear-binding | ||
| - | set system services dhcp-local-server group IPOE_QINQ liveness-detection method layer2-liveness-detection transmit-interval 300 | ||
| - | set system services dhcp-local-server group IPOE_QINQ liveness-detection method layer2-liveness-detection max-consecutive-retries 3 | ||
| set system services dhcp-local-server group IPOE_QINQ reconfigure clear-on-abort | set system services dhcp-local-server group IPOE_QINQ reconfigure clear-on-abort | ||
| set system services dhcp-local-server group IPOE_QINQ reconfigure attempts 5 | set system services dhcp-local-server group IPOE_QINQ reconfigure attempts 5 | ||
| Рядок 103: | Рядок 98: | ||
| < | < | ||
| + | set interfaces ae1 description ae1 | ||
| + | set interfaces ae1 flexible-vlan-tagging | ||
| + | set interfaces ae1 auto-configure stacked-vlan-ranges dynamic-profile Auto-VLAN-Stacked-Demux accept dhcp-v4 | ||
| + | ### interfaces ae1 auto-configure stacked-vlan-ranges dynamic-profile Auto-VLAN-Stacked-Demux accept pppoe | ||
| + | set interfaces ae1 auto-configure stacked-vlan-ranges dynamic-profile Auto-VLAN-Stacked-Demux ranges 501-515,any | ||
| + | set interfaces ae1 auto-configure remove-when-no-subscribers | ||
| + | set interfaces ae1 mtu 9216 | ||
| + | set interfaces ae1 encapsulation flexible-ethernet-services | ||
| + | set interfaces ae1 aggregated-ether-options lacp active | ||
| + | set interfaces ae1 aggregated-ether-options lacp periodic fast | ||
| </ | </ | ||
| < | < | ||
| + | set dynamic-profiles Auto-VLAN-Stacked-Demux routing-instances " | ||
| + | set dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| + | set dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| + | set dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| + | set dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| + | set dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| + | set dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| + | set dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| + | ### dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| + | ### dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| + | ### dynamic-profiles Auto-VLAN-Stacked-Demux interfaces demux0 unit " | ||
| </ | </ | ||
| + | ### - не хороша ідея на одному влані тримати і pppoe і dhcp абонів - dual-access на роутерах вам почнуть снитись в страшних снах | ||
| + | |||
| + | |||
| + | ===== DHCP_SVLAN ===== | ||
| + | |||
| + | < | ||
| + | set access profile RADIUS_SVLAN accounting-order radius | ||
| + | set access profile RADIUS_SVLAN authentication-order radius | ||
| + | set access profile RADIUS_SVLAN radius authentication-server 172.20.20.1 | ||
| + | set access profile RADIUS_SVLAN radius accounting-server 172.20.20.1 | ||
| + | set access profile RADIUS_SVLAN radius options calling-station-id-delimiter * | ||
| + | set access profile RADIUS_SVLAN radius options calling-station-id-format mac-address | ||
| + | set access profile RADIUS_SVLAN radius options calling-station-id-format stacked-vlan | ||
| + | set access profile RADIUS_SVLAN radius options calling-station-id-format vlan | ||
| + | set access profile RADIUS_SVLAN radius options accounting-session-id-format decimal | ||
| + | set access profile RADIUS_SVLAN radius options client-authentication-algorithm round-robin | ||
| + | set access profile RADIUS_SVLAN radius options client-accounting-algorithm round-robin | ||
| + | set access profile RADIUS_SVLAN accounting order radius | ||
| + | set access profile RADIUS_SVLAN accounting immediate-update | ||
| + | set access profile RADIUS_SVLAN accounting coa-immediate-update | ||
| + | set access profile RADIUS_SVLAN accounting address-change-immediate-update | ||
| + | set access profile RADIUS_SVLAN accounting update-interval 10 | ||
| + | set access profile RADIUS_SVLAN accounting statistics volume-time | ||
| + | set access profile RADIUS_SVLAN accounting wait-for-acct-on-ack | ||
| + | set access profile RADIUS_SVLAN accounting send-acct-status-on-config-change | ||
| + | </ | ||
| + | |||
| + | < | ||
| + | set dynamic-profiles CLIENTS_SVLAN routing-instances " | ||
| + | set dynamic-profiles CLIENTS_SVLAN interfaces demux0 unit " | ||
| + | set dynamic-profiles CLIENTS_SVLAN interfaces demux0 unit " | ||
| + | set dynamic-profiles CLIENTS_SVLAN interfaces demux0 unit " | ||
| + | set dynamic-profiles CLIENTS_SVLAN interfaces demux0 unit " | ||
| + | ### dynamic-profiles CLIENTS_SVLAN interfaces demux0 unit " | ||
| + | set dynamic-profiles CLIENTS_SVLAN interfaces demux0 unit " | ||
| + | set dynamic-profiles CLIENTS_SVLAN interfaces demux0 unit " | ||
| + | set dynamic-profiles CLIENTS_SVLAN interfaces demux0 unit " | ||
| + | </ | ||
| + | < | ||
| + | set system services dhcp-local-server pool-match-order external-authority | ||
| + | set system services dhcp-local-server pool-match-order ip-address-first | ||
| + | set system services dhcp-local-server group DHCP_SVLAN authentication password IPoE-Pool | ||
| + | set system services dhcp-local-server group DHCP_SVLAN authentication username-include delimiter " | ||
| + | set system services dhcp-local-server group DHCP_SVLAN authentication username-include user-prefix IPOE_SVLAN | ||
| + | set system services dhcp-local-server group DHCP_SVLAN authentication username-include mac-address | ||
| + | set system services dhcp-local-server group DHCP_SVLAN authentication username-include vlan-tags | ||
| + | set system services dhcp-local-server group DHCP_SVLAN reconfigure clear-on-abort | ||
| + | set system services dhcp-local-server group DHCP_SVLAN reconfigure attempts 5 | ||
| + | set system services dhcp-local-server group DHCP_SVLAN reconfigure timeout 5 | ||
| + | set system services dhcp-local-server group DHCP_SVLAN reconfigure token mx104_0 | ||
| + | ### system services dhcp-local-server group DHCP_SVLAN overrides client-discover-match incoming-interface | ||
| + | set system services dhcp-local-server group DHCP_SVLAN dynamic-profile CLIENTS_SVLAN | ||
| + | set system services dhcp-local-server group DHCP_SVLAN access-profile RADIUS_SVLAN | ||
| + | set system services dhcp-local-server group DHCP_SVLAN interface demux0.802 | ||
| + | set system services dhcp-local-server no-stale-timer-refresh | ||
| + | set system services dhcp-local-server stale-timer 30 | ||
| + | </ | ||