Академический Документы
Профессиональный Документы
Культура Документы
2010/2011
Plan
Prsentation de la socit
Prsentation
Etude du besoin
Partie LAN
Partie WAN
Conclusion
3
Prsentation de la socit
4
Prsentation
5
Etude du besoin
Visioconfrence
VLAN
Accs rapide Internet VPN
Transfert des donnes MPLS
Transfert du voix (VoIP )
QOS
UBCI
6
Partie LAN
Solution LAN Propose A
B
Configuration des VLANs
C
Configuration du service DHCP
D
Configuration de VTP
E
Amliorer le protocole STP
F
Configuration des IP phones
7
Architecture LAN existante
8
Solution LAN Propose
9
Ralisation LAN
- Vlan Data
- Vlan voix
Cre les VLANs - Vlan admin
10
Ralisation LAN
Siege (config-
(config) #
telephony)
telephony-service
# ephone-dn 1
Siege (config- telephony)#
telephony) #125
max-dn 5
Siege (config- telephony) # max ephones 5
Configuration des IP phones Siege (config- telephony) # ip source
address 22.142.2.1 port 2000
Siege (config- telephony) # auto assign 4 to 6
Siege (config- telephony) # auto assign 1 to 5
11
Partie WAN
A
Solution WAN propose
B
Configuration des liaisons MPLS
C
Configuration des liaisons VPN
D
L implmentation du protocol HSRP
12
Architecture WAN existante
13
Problmatique
1
Augmentation de la taille des tables de routages
2
Augmentation des temps de traitement et de traverse
14
Problmatique
MPLS
15
Solution WAN propose
Sige_VPN
Sige_MPLS
HSRP
16
Maquette MPLS
10.10.10.4/30
10.10.10.0/30
10.142.249.0
/30 10.142.249.24/30
10.142.2.0/23
10.142.20.0/23
17
Implmentation de MPLS
1
Activation du routage IP classique
o Configuration de VRF
o Assignation de VRF une interfaces
o Configuration de MP-BGP entre les PE
oConfiguration de OSPF par VRF
o Redistribution de MP-BGP en OSPF et OSPF en MP-BGP
18
Implmentation de MPLS
Extrait de configuration :
Activation de la
ip cef commutation CEF
mpls label protocol ldp
mpls ip
Activation de la
distribution de label
ip vrf site
rd 1:1
route-target export 1:1 Configuration dun
route-target import 1:1 VRF
exit
Assignation des
interface Loopback 0 adresse loopback
ip address 4.4.4.4 255.255.255.255
Activation de la
interface s1/0 distribution des labels
ip address 10.10.10.5 255.255.255.252 sur touts les interface P
et PE
mpls ip
19
Implmentation de MPLS
Extrait de configuration :
20
Implmentation de la QOS
QOS Diffserv
DSCP
21
Implmentation de la QOS
Extrait de configuration :
22
Configuration des liaisons VPN
1
Mettre en place les Tunnels entre les deux sites
( dfinition des interfaces virtuelles).
2
Crypter les Tunnels.
3
Mettre en place le routage intersites
23
Dfinition de linterface virtuelle
interface Tunnel1
ip address 172.16.254.2
255.255.255.252
tunnel source Serial1/1
tunnel destination
10.142.245.1
24
Cryptage du tunnel
crypto isakmp policy 2
authentication pre-share
lifetime 3600
crypto isakmp key UBCI address
10.142.245.2
crypto ipsec transform-set transfdes
esp-des
crypto map cryptvpn 2 ipsec-isakmp
set peer 10.142.245.2
set security-association lifetime
kilobytes 102400
set security-association lifetime
seconds 900
set transform-set transfdes
match address cryptolist
25
Routage intersites
router ospf 20
log-adjacency-changes
network 10.142.2.0
0.0.1.255 area 0
network 10.142.245.24
0.0.0.3 area 0
network 172.16.254.0
0.0.0.3 area 0
26
Les accs Listes
ip access-list extended cryptolist
permit gre host 10.142.245.1 host 10.142.245.2
ip access-list extended natlist
deny ip 10.142.2.0 0.0.1.255 10.142.20.0 0.0.1.255
permit ip 10.142.2.0 0.0.1.255 any
ip access-list extended netin
permit tcp any host 10.142.245.1 established
permit udp any eq domain host 10.142.245.1
permit tcp any eq www host 10.142.245.1
permit tcp any eq 443 host 10.142.245.1
permit udp host 10.142.245.2 eq isakmp host 10.142.245.1 eq isakmp
permit esp host 10.142.245.2 host 10.142.245.1
ip access-list extended netout
permit udp host 10.142.245.1 any eq domain
permit tcp host 10.142.245.1 any eq www
permit tcp host 10.142.245.1 any eq 443
permit tcp any eq 443 host 10.142.245.1
permit udp host 10.142.245.1 eq isakmp host 10.142.245.2 eq isakmp
permit esp host 10.142.245.1 host 10.142.245.2
27
Implmentation du protocole HSRP
Sige
SigeVPN
MPLS
standby
standby 11 ip
ip 10.142.2.3
10.142.2.3
standby
standby 11 priority
priority 100
110
standby
standby 11 preempt
preempt
28
Implmentation du protocole HSRP
Scnario 1
29
Implmentation du protocole HSRP
Scnario 2
30
Implmentation du protocole HSRP
Scnario 3
31
Implmentation du protocole HSRP
implmentation du paramtre track
32
Conclusion
33
34