Configurazione pronta IPv4+IPv6 con TI/alice residenziale

Configurazioni per connettività ADSL, ISDN e switch per privati e piccole network

Moderatore: Federico.Lagni

Rispondi
kimj
n00b
Messaggi: 17
Iscritto il: gio 13 giu , 2013 9:15 pm

riposto qui, nel caso servisse a qualcuno. Configurazione pronta ed integrale per cisco 887va. Aperta a miglioramenti visto che uso cisco da 3 giorni.
Attenti all'mss, pare* che Telecom Italia tunneli il traffico degli utenti [email protected], quindi l'mss non è lo standard 1452. Non dovrebbe superare il valore di 1412

PPPoA:

Codice: Seleziona tutto

Current configuration : 2462 bytes
!
! Last configuration change at 21:16:23 met Thu Jul 4 2013
! NVRAM config last updated at 21:19:19 met Thu Jul 4 2013
! NVRAM config last updated at 21:19:19 met Thu Jul 4 2013
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
!
hostname 887va
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$censored
enable password censored
!
no aaa new-model
!
memory-size iomem 10
clock timezone met 1 0
crypto pki token default removal timeout 0
!
!
!
!
!
!
!
ip dhcp excluded-address 192.168.1.1
!
ip dhcp pool default
network 192.168.1.0 255.255.255.0
domain-name casa
dns-server 8.8.8.8 
default-router 192.168.1.1 
!
!
ip inspect WAAS flush-timeout 10
ip cef
ipv6 unicast-routing
ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid CISCO887VA-SEC-K9 sn censored
!
!
!
!
!
!
!
controller VDSL 0
!
ip tcp ecn
! 
!
!
!
!
!
!
!
!
interface Ethernet0
no ip address
shutdown
!
interface ATM0
no ip address
atm restart timer 90
no atm ilmi-keepalive
bundle enable
!
!
interface ATM0.1 point-to-point
pvc 8/35 
  oam-pvc 0
  encapsulation aal5snap
  protocol ppp dialer
  dialer pool-member 1
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ipv6 address NODE-PD ::1/64
ipv6 enable
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1400
dialer pool 1
dialer-group 1
ipv6 address FE80::1 link-local
ipv6 address autoconfig
ipv6 enable
ipv6 mtu 1280
ipv6 verify unicast reverse-path
ipv6 dhcp client pd NODE-PD rapid-commit
ipv6 virtual-reassembly
no cdp enable
ppp authentication chap callin
ppp chap hostname [email protected]
ppp chap password 7 143E223D5A242B272D2B3663
ppp ipcp dns request
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 9 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 9 permit 192.168.1.0 0.0.0.255
ipv6 route 2000::/3 Dialer0
ipv6 route ::/0 Dialer0
!
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password censored
login
transport input none
!
end
*opinione personale... 1412 = 1492 - (40 * 2)

EDIT: aggiornato con mtu ipv4 ed ipv6 diversificati, come suggerito da Asso1, no telnet
Ultima modifica di kimj il lun 22 lug , 2013 5:51 pm, modificato 8 volte in totale.
Top
kimj
n00b
Messaggi: 17
Iscritto il: gio 13 giu , 2013 9:15 pm

PPPoE:

Codice: Seleziona tutto

Current configuration : 2462 bytes
!
! Last configuration change at 21:16:23 met Thu Jul 4 2013
! NVRAM config last updated at 21:19:19 met Thu Jul 4 2013
! NVRAM config last updated at 21:19:19 met Thu Jul 4 2013
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
!
hostname 887va
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$censored
enable password censored
!
no aaa new-model
!
memory-size iomem 10
clock timezone met 1 0
crypto pki token default removal timeout 0
!
!
!
!
!
!
!
ip dhcp excluded-address 192.168.1.1
!
ip dhcp pool default
network 192.168.1.0 255.255.255.0
domain-name casa
dns-server 8.8.8.8 
default-router 192.168.1.1 
!
!
ip inspect WAAS flush-timeout 10
ip cef
ipv6 unicast-routing
ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid CISCO887VA-SEC-K9 sn censored
!
!
!
!
!
!
!
controller VDSL 0
!
ip tcp ecn
! 
!
!
!
!
!
!
!
!
interface Ethernet0
no ip address
shutdown
!
interface ATM0
no ip address
atm restart timer 90
no atm ilmi-keepalive
bundle enable
!
!
interface ATM0.1 point-to-point
pvc 8/35 
  oam-pvc 0
  encapsulation aal5snap
  pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ipv6 address NODE-PD ::1/64
ipv6 enable
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1400
dialer pool 1
dialer-group 1
ipv6 address FE80::1 link-local
ipv6 address autoconfig
ipv6 enable
ipv6 mtu 1280
ipv6 verify unicast reverse-path
ipv6 dhcp client pd NODE-PD rapid-commit
ipv6 virtual-reassembly
no cdp enable
ppp authentication chap callin
ppp chap hostname [email protected]
ppp chap password 7 143E223D5A242B272D2B3663
ppp ipcp dns request
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 9 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 9 permit 192.168.1.0 0.0.0.255
ipv6 route 2000::/3 Dialer0
ipv6 route ::/0 Dialer0
!
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password censored
login
transport input none
!
end
EDIT: aggiornato con mtu ipv4 ed ipv6 diversificati, come suggerito da Asso1, no telnet
Ultima modifica di kimj il lun 22 lug , 2013 5:51 pm, modificato 2 volte in totale.
Top
Rizio
Messianic Network master
Messaggi: 1158
Iscritto il: ven 12 ott , 2007 2:48 pm
Contatta:
Contatta Rizio

Ottimo, grazie per la condivisione.

Rizio
Si vis pacem para bellum
Top
Asso1
n00b
Messaggi: 3
Iscritto il: gio 04 lug , 2013 3:00 pm

Salve.io ho provato una di versa mtu per l ipv6 e mi sembra sia la migliore soluzione : ipv6 mtu 1280 sul dialer , da vari test mi sembra la soluzione migliore. Se la prova qualcuno mi faccia sapere come va a lui.
Posto tutto il dialer:

interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1400
dialer pool 1
dialer-group 1
ipv6 address FE80::1 link-local
ipv6 address autoconfig
ipv6 enable
ipv6 mtu 1280
ipv6 verify unicast reverse-path
ipv6 dhcp client pd NODE-PD rapid-commit
ipv6 virtual-reassembly
no cdp enable
ppp authentication chap callin
ppp chap hostname [email protected]
ppp chap password 7 143E223D5A242B272D2B3663
ppp ipcp dns request
Top
kimj
n00b
Messaggi: 17
Iscritto il: gio 13 giu , 2013 9:15 pm

Asso1 ha scritto:Salve.io ho provato una di versa mtu per l ipv6 e mi sembra sia la migliore soluzione : ipv6 mtu 1280 sul dialer , da vari test mi sembra la soluzione migliore. Se la prova qualcuno mi faccia sapere come va a lui.
Posto tutto il dialer:

interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1400
dialer pool 1
dialer-group 1
ipv6 address FE80::1 link-local
ipv6 address autoconfig
ipv6 enable
ipv6 mtu 1280
ipv6 verify unicast reverse-path
ipv6 dhcp client pd NODE-PD rapid-commit
ipv6 virtual-reassembly
no cdp enable
ppp authentication chap callin
ppp chap hostname [email protected]
ppp chap password 7 143E223D5A242B272D2B3663
ppp ipcp dns request
sì, è di sicuro una soluzione migliore. Provo e se va aggiorno il topic

edit: topic aggiornato
Top
Rispondi

Torna a “Configurazioni End User”