o layout de rede que utilizo como fonte de inspiração e aprendizado.
Tenho um roteador cisco 1751v que tem uma
WIC-1ADSL que utilizo para a rede PPPoE - Velox.
segue o show running dele:
rulki# terminal length 0
rulki# sh run
Building configuration...
Current configuration : 4998 bytes
!
! Last config change at 11:29:26 GMT-3 Fri Mar 19 2010 by m4rk
! NVRAM conf last updated at 10:49:21 GMT-3 Fri Mar 19 2010 by m4rk
!
configuration mode exclusive auto
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone
service password-encryption
service linenumber
service compress-config
no service dhcp
!
hostname rulki
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 informational
enable secret 5 $1$??????????????????
!
aaa new-model
aaa local authentication attempts max-fail 2
!
!
aaa authentication login default local
aaa authentication enable default enable
!
aaa session-id common
memory-size iomem 15
clock timezone GMT-3 -3
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no ip source-route
no ip gratuitous-arps
!
!
!
!
ip cef
ip domain name syn.local
ip host zksky 10.25.25.2
ip host g8k0 10.25.25.6
ip host rulki 10.25.25.1
ip host aiki 10.25.25.5
ip name-server 200.149.55.142
ip name-server 200.20.0.18
ip name-server 201.6.0.102
ip name-server 8.8.8.8
ip name-server 8.8.4.4
no ip bootp server
ip inspect name INSIDE_OUT tcp
ip inspect name INSIDE_OUT udp
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh logging events
ip ssh version 2
login block-for 300 attempts 2 within 60
login on-failure log every 10
login on-success log every 15
!
!
!
!
memory reserve critical 283
memory free low-watermark processor 7830
memory free low-watermark IO 5830
username m4rk password 7 ??????????????????
archive
log config
logging enable
!
!
!
!
!
interface Null0
no ip unreachables
!
interface ATM0/0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/0.33 point-to-point
no snmp trap link-status
pvc 0/33
pppoe-client dial-pool-number 1
!
!
interface FastEthernet0/0
description INSIDE_NETWORK
ip address 10.25.25.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting access-violations
ip nat inside
ip inspect INSIDE_OUT in
ip virtual-reassembly max-frag 16 max-reassemblies 64 time 5
ip tcp adjust-mss 1412
speed 100
!
interface Dialer0
description OUTSIDE_NETWORK - PPPoE
ip address negotiated
ip access-group 100 in
ip verify unicast reverse-path
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting access-violations
ip mtu 1452
ip nat outside
ip virtual-reassembly max-frag 16 max-reassemblies 64 time 5
rate-lim inp access-gr 100 16000 8000 8000 conform-act trans exceed-act drop
encapsulation ppp
dialer pool 1
dialer-group 1
ntp disable
no cdp enable
ppp authentication chap pap callin
ppp chap hostname 21??????????@telemar.com.br
ppp chap password 7 ???????????????
ppp pap sent-username 21???????????@telemar.com.br pass 7 ???
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface Dialer0 overload
!
! utorrent access ;)
!
ip nat inside source static tcp 10.25.25.2 49151 int Dialer0 49151
ip nat inside source static udp 10.25.25.2 49152 int Dialer0 49152
!
logging facility local5
access-list 1 permit 10.25.25.0 0.0.0.7
access-list 100 per tcp any gt 1024 any eq 49151
access-list 100 per udp any gt 1024 any eq 49152
access-list 100 per udp any eq domain any
access-list 100 per udp host 200.160.0.8 eq ntp any eq ntp
access-list 100 per udp host 200.189.40.8 eq ntp any eq ntp
access-list 100 per udp host 200.192.232.8 eq ntp any eq ntp
access-list 100 per icmp any any unreachable
access-list 100 per icmp any any time-exceeded
access-list 100 per icmp any any echo-reply
access-list 100 per icmp any any source-quench
access-list 100 per icmp any any parameter-problem
dialer-list 1 protocol ip permit
!
no cdp run
!
!
!
control-plane
!
banner login ^C
+
This system is the property of the 0o Group, Inc.
Unauthorized access to this device is prohibited.
You must have explicit permission to access this
device. All activities performed on this device
are logged and violations of this policy result in
disciplinary, civil, and criminal action.
+
^C
!
line con 0
lockable
logging synchronous
line aux 0
exec-timeout 0 1
no exec
transport output none
line vty 0 4
location Home-RJ
lockable
logging synchronous
no activation-character
transport preferred ssh
transport input ssh
transport output telnet ssh
line vty 5 15
location Home-RJ
lockable
logging synchronous
no activation-character
transport preferred ssh
transport input ssh
transport output telnet ssh
!
exception memory ignore overflow processor
exception memory ignore overflow io
ntp source FastEthernet0/0
ntp server 200.189.40.8
ntp server 200.192.232.8
ntp server 200.160.0.8
end
Quem precisar de uma configuração para um roteador
com link Velox, ai está uma funcional.
Abaixo do 1751v tem um switch simples que agrupa as
outras duas máquinas que eu tenho. Uma estação de
trabalho e um laptop.
A estação tem 3 HDs de 500G, um HD com Windows 7 e o outro
HD com um FreeBSD 8.0. O outro HD ficou para Labs com Raids
e como Backup ;)
E finalmente o Laptop que roda Linux - Gentoo. Nele tenho diversas
VMs onde passo a maior parte do tempo. Como VMs tenho uma lista
extensa, segue a título de curiosidade:
OpenBSD
FreeBSD
Windows XP
Ubuntu Server
CentOS
pfSense
É isso, uma rede bem simples mas que supre minhas
necessidades de estudos e utilização. =)
biOos
No comments:
Post a Comment