Cisco 1117-4pwe +Neostrada ADSL2+

Problemy związane z routingiem

Moderatorzy: mikrobi, aron, garfield, gangrena, Seba

Wiadomość
Autor
wdowiak
fresh
fresh
Posty: 6
Rejestracja: 11 cze 2019, 16:45

Cisco 1117-4pwe +Neostrada ADSL2+

#1

#1 Post autor: wdowiak » 11 cze 2019, 16:56

Witam, od paru dni jestem właścicielem routera jak w tytule. Próbuję uruchomić na nim neostradę i niestety cały czas moje prace kończą się porażką. Proszę o pomoc i sprawdzenie gdzie robię błąd.

version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$SY3R$NYGxGDbXM7rAkmqP6j7eK1
enable password 7 060D0D331A1A1E1612
!
no aaa new-model
!
ip dhcp excluded-address 192.168.178.1 192.168.178.50
!
ip dhcp pool CLIENT
import all
network 192.168.178.0 255.255.255.0
default-router 192.168.178.1
dns-server 194.204.159.1 194.204.152.34
lease 0 2
!
!
!
!
!
!
!
!
!
!
subscriber templating
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-3402644250
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3402644250
revocation-check none
rsakeypair TP-self-signed-3402644250
!
!
crypto pki certificate chain TP-self-signed-3402644250
certificate self-signed 01
30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33343032 36343432 3530301E 170D3139 30363130 31373431
30365A17 0D333030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 34303236
34343235 30308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201
0A028201 0100A077 DB1BE053 A727FEF4 3BBB9F6B A12C4A60 9E70AB2D E232DC3E
7A3CA277 3346D38C 631B8C44 A6F45242 598F80C8 19CBA43C B006B7B4 46DDE5F8
FA85ECDF 2333A4A6 CCBC5ADF 8A6D84F5 1128B007 5E8694EB 11E46455 E6F584EB
3B13FF3B 2F4DFD14 66CE8D84 DDC80FBE F49BAD81 E693A8B1 7A475543 654D69C4
4E2B80C7 2744A0B6 4619BAEE EF4A4176 17EFA1ED 05681D29 5D046C70 18C47A2E
114DF220 EEC30C04 AD0CC51B A338A49E 4C181B40 8B4DA9E7 C08D0A68 0AEFA1DF
138884DB F5B54DCE 67E7F833 B5CACB25 FACDBC93 362883DF 4255B9CD BF135E6E
6DB6EB53 597F7F98 406B2953 28ABEF10 7FCF68C0 233B8C52 2B52B1AF 55065F35
01BD9B77 6D850203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF
301F0603 551D2304 18301680 149442CF EC0D3B3C 98D47608 D73F8150 F57866DF
9A301D06 03551D0E 04160414 9442CFEC 0D3B3C98 D47608D7 3F8150F5 7866DF9A
300D0609 2A864886 F70D0101 05050003 82010100 8A6E706C A2661F65 D1CE167C
327CFAB5 9140C3D4 B01DD449 A128DC30 EEB3799B 7D52CBC1 482A5B3A 31675483
15B4ADBF B813F22B 5E7CC1C3 D5819ADA 691C395B 513EBD06 93DB17E6 92FAD598
A0AC15B6 0470D164 A62B351D AEAC5D93 DB858589 895E9753 802E6840 A7A6E3D9
8FE05187 17189B69 6659E084 90A5D6A2 39E472EB 02B48CF5 7E232B0A BBA12AB1
A68E465B CE1EF766 5F0F039E D0AE0B53 BA32E60F 52101A5C 14A8A503 5EFFA5B5
FF66E30B AD872269 7D662AF2 5BA04589 68E079BF D43DCC77 47CC4BA9 5DA699C6
735C442F F897B959 80B9A607 14D3789A 64B4336F 7DDC9813 C2558ECC EA4D7212
3F8D2FF0 A973EF5D 14495326 0D8D4580 01FFD4B0
quit
!
license udi pid C1117-4PWE sn FCZ2320926E
no license smart enable
!
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
!
username admin privilege 15 password 7 000F1114520F1C0918
!
redundancy
mode none
!
controller VDSL 0/2/0
operating mode adsl2+ annex A
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface GigabitEthernet0/0/0
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet0/1/0
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
!
interface GigabitEthernet0/1/3
!
interface Wlan-GigabitEthernet0/1/4
!
interface ATM0/2/0
no ip address
no atm enable-ilmi-trap
! interface atm0/2/0 point-to-point
! no atm enable-ilmi-trap
cdp enable
pvc 0/35
ubr 1045
encapsulation aal5mux pppoe-client
pppoe-client dial-pool-member 120
!
!
interface Ethernet0/2/0
no ip address
no negotiation auto
!
interface Vlan1
ip address 192.168.178.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer120
mtu 1492
ip address negotiated
encapsulation ppp
load-interval 30
dialer pool 120
dialer-group 1
ppp mtu adaptive
ip tcp adjust-mss 1432
no cdp enable
ppp chap hostname yyyyyyyy@neostrada.pl
ppp chap password 0 xxxxxx
ppp ipcp address required
ppp link reorders
! ip virtual-reassembly
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 Dialer120
!
!
dialer-list 1 protocol ip permit
!
!
snmp-server community public RW
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps pfr
snmp-server enable traps flowmon
snmp-server enable traps ds1
snmp-server enable traps entity-perf throughput-notif
snmp-server enable traps ds3
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps eigrp
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps casa
snmp-server enable traps license
snmp-server enable traps smart-license
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps memory bufferpeak
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps dhcp
snmp-server enable traps fru-ctrl
snmp-server enable traps entity
snmp-server enable traps event-manager
snmp-server enable traps frame-relay
snmp-server enable traps frame-relay subif
snmp-server enable traps hsrp
snmp-server enable traps pimstdmib neighbor-loss invalid-register invalid-join-prune rp-mapping-change interface-election
snmp-server enable traps ipmulticast
snmp-server enable traps isis
snmp-server enable traps ip local pool
snmp-server enable traps msdp
snmp-server enable traps mvpn
snmp-server enable traps ospfv3 state-change
snmp-server enable traps ospfv3 errors
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps pppoe
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps syslog
snmp-server enable traps l2tun session
snmp-server enable traps l2tun pseudowire status
snmp-server enable traps aaa_server
snmp-server enable traps atm subif
snmp-server enable traps pki
snmp-server enable traps ethernet evc status create delete
snmp-server enable traps ether-oam
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps entity-state
snmp-server enable traps entity-qfp mem-res-thresh throughput-notif
snmp-server enable traps adslline
snmp-server enable traps vdsl2line
snmp-server enable traps entity-sensor
snmp-server enable traps flash insertion removal lowspace
snmp-server enable traps srp
snmp-server enable traps entity-diag boot-up-fail hm-test-recover hm-thresh-reached scheduled-test-fail
snmp-server enable traps isdn call-information
snmp-server enable traps isdn layer2
snmp-server enable traps isdn chan-not-avail
snmp-server enable traps isdn ietf
snmp-server enable traps cnpd
snmp-server enable traps bfd
snmp-server enable traps nhrp nhs
snmp-server enable traps nhrp nhc
snmp-server enable traps nhrp nhp
snmp-server enable traps nhrp quota-exceeded
snmp-server enable traps ipsla
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps c3g
snmp-server enable traps LTE
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps port-security
snmp-server enable traps auth-framework sec-violation
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps alarms informational
snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down
snmp-server enable traps rf
snmp-server enable traps transceiver all
!
!
control-plane
!
!
line con 0
transport input none
stopbits 1
line vty 0 4
password 7 10450B0B534305041B
login
!
!
!
!
!
!
end
Ostatnio zmieniony 11 cze 2019, 17:06 przez wdowiak, łącznie zmieniany 1 raz.

Awatar użytkownika
drake
CCIE
CCIE
Posty: 1508
Rejestracja: 06 maja 2005, 01:32
Lokalizacja: Dortmund, DE
Kontakt:

Re: Cisco 1117-4pwe +Neostrada ADSL2+

#2

#2 Post autor: drake » 11 cze 2019, 17:05

Hej,
widze ze nie dziala jak nalezy, popraw tu i tam :)

A tak na serio, to chyba dobry zart... serio - tak bez jakichkolwiek szczegolow oczekujesz pomocy stricte technicznej? Napisz co "dokladnie" ci nie dziala, co do tej pory skonfigurowales, no i oczywiscie czy operator potwierdzil ci kompatybilnosc tego routera z ich siecia jako CPE.

Pozdruffka!
Never stop exploring :)

https://iverion.de

wdowiak
fresh
fresh
Posty: 6
Rejestracja: 11 cze 2019, 16:45

Re: Cisco 1117-4pwe +Neostrada ADSL2+

#3

#3 Post autor: wdowiak » 11 cze 2019, 17:25

No tak na serio to nie jest żart. Nie jestem specjalistą od konfiguracji routerów, gdybym był to nie szukałbym pomocy na forum.
A tak na serio to tak wygląda stan controllera VDSL:
Router#show controller vdsl 0/2/0
Controller VDSL 0/2/0 is UP

Daemon Status: UP

XTU-R (DS) XTU-C (US)
Chip Vendor ID: 'BDCM' 'BDCM'
Chip Vendor Specific: 0x0000 0xA495
Chip Vendor Country: 0xB500 0xB500
Modem Vendor ID: 'CSCO' 'ALCB'
Modem Vendor Specific: 0x4602 0x0000
Modem Vendor Country: 0xB500 0x0F00
Serial Number Near: FCZ2320926E C1117-4P 16.9.2
Serial Number Far: AA1340FE5ER-30
Modem Version Near: 16.9.2
Modem Version Far: 0xa495

Modem Status: TC Sync (Showtime!)
DSL Config Mode: AUTO
Trained Mode: G.992.5 (ADSL2+) Annex A

TC Mode: ATM
Selftest Result: 0x00
DELT configuration: disabled
DELT state: not running

Failed full inits: 0
Short inits: 0
Failed short inits: 0

Modem FW Version: 4.14L.04
Modem PHY Version: A2pv6F039t.d26d
Modem PHY Source: System

Line 0:

XTU-R (DS) XTU-C (US)
Trellis: ON ON
SRA: enabled enabled
SRA count: 0 0
Bit swap: enabled enabled
Bit swap count: 5 1
Line Attenuation: 29.0 dB 16.3 dB
Signal Attenuation: 33.4 dB 15.8 dB
Noise Margin: 6.3 dB 7.4 dB
Attainable Rate: 17293 kbits/s 1307 kbits/s
Actual Power: 14.0 dBm 12.1 dBm
Total FECC: 922 0
Total ES: 0 0
Total SES: 0 0
Total LOSS: 0 0
Total UAS: 86 86
Total LPRS: 0 0
Total LOFS: 0 0
Total LOLS: 0 0


DS Channel1 DS Channel0 US Channel1 US Channel0
Speed (kbps): NA 12446 NA 1298
SRA Previous Speed: NA 0 NA 0
Previous Speed: NA 0 NA 0
Total Cells: NA 39362155 NA 4098514
User Cells: NA 1 NA 0
Reed-Solomon EC: NA 922 NA 0
CRC Errors: NA 0 NA 0
Header Errors: NA 0 NA 0
Interleave (ms): NA 7.77 NA 3.80
Actual INP: NA 4.10 NA 0.67

Training Log : Stopped
Training Log Filename : flash:vdsllog.bin

lbromirs
CCIE
CCIE
Posty: 4023
Rejestracja: 30 lis 2006, 08:44

Re: Cisco 1117-4pwe +Neostrada ADSL2+

#4

#4 Post autor: lbromirs » 11 cze 2019, 22:27

Modem się zsynchronizował na 20/1. Teraz pytanie czy podniosło się PPP i czy masz adres IP. Proponuje zacząć od 'sh ip int brief', a potem jeśli nie ma IP - od 'debug ppp auth/error'.

wdowiak
fresh
fresh
Posty: 6
Rejestracja: 11 cze 2019, 16:45

Re: Cisco 1117-4pwe +Neostrada ADSL2+

#5

#5 Post autor: wdowiak » 12 cze 2019, 08:24

Adresu PPP nie mam. debug ppp auth/error nic mi nie pokazał. Natomiast debug atm event pokazał błędy:
*Jun 12 06:11:40.520: ATM0/2/0: VC 0/35 was not activated
*Jun 12 06:11:41.522: ATM0/2/0 Restarting VCs from periodic process
*Jun 12 06:11:41.522: (ATM0/2/0): VPI/VCI: 0/35, peak 1291, Avg 0, mbs 0
*Jun 12 06:11:41.522: ATM VC notification event 4
*Jun 12 06:11:41.522: (ATM0/2/0): VPI/VCI: 0/35, peak 1291, Avg 0, mbs 0
*Jun 12 06:11:41.522: ATM VC notification event 4
*Jun 12 06:11:41.522: Reserved bw for 0/35 Available bw = 1291 , atm_db->allocated =0
*Jun 12 06:11:41.523: spa_atm_rp_setup_vc (ATM0/2/0): vc:1 vpi:0 vci:35 state:4 config_status:4 epd_disable 0
*Jun 12 06:11:41.523: spa_atm_rp_setup_cos
*Jun 12 06:11:41.523: (spa_atm_rp_setup_vc)ATM0/2/0: invoking platform specific api

wdowiak
fresh
fresh
Posty: 6
Rejestracja: 11 cze 2019, 16:45

Re: Cisco 1117-4pwe +Neostrada ADSL2+

#6

#6 Post autor: wdowiak » 12 cze 2019, 08:31

Dodatkowo debug atm errors:
*Jun 12 06:28:03.085: ATM0/2/0: platform specific atm_setup_vc failed, status 1
*Jun 12 06:28:03.085: ATM0/2/0: ATM setup VC 0/35, failed 4

wdowiak
fresh
fresh
Posty: 6
Rejestracja: 11 cze 2019, 16:45

Re: Cisco 1117-4pwe +Neostrada ADSL2+

#7

#7 Post autor: wdowiak » 12 cze 2019, 16:13

Zadziałało, chciałbym podziękować koledze lbromirs za wskazanie kierunku. Dzięki

Awatar użytkownika
konradrz
CCIE
CCIE
Posty: 354
Rejestracja: 23 sty 2008, 14:21
Lokalizacja: Singapore, SG
Kontakt:

Re: Cisco 1117-4pwe +Neostrada ADSL2+

#8

#8 Post autor: konradrz » 12 cze 2019, 17:08

To jeszcze - dla potomnych (może ktoś będzie miał podobny błąd kiedyś) - powiedz waszmość, co było źle, co ustawiłeś, co naprawiłeś :)

wdowiak
fresh
fresh
Posty: 6
Rejestracja: 11 cze 2019, 16:45

Re: Cisco 1117-4pwe +Neostrada ADSL2+

#9

#9 Post autor: wdowiak » 13 cze 2019, 07:15

Było:
interface ATM0/2/0
no ip address
no atm enable-ilmi-trap
! interface atm0/2/0 point-to-point
! no atm enable-ilmi-trap
cdp enable
pvc 0/35
ubr 1045
encapsulation aal5mux pppoe-client
pppoe-client dial-pool-member 120
!

Jest działające:
interface ATM0/2/0
no ip address
no atm oversubscribe
no atm enable-ilmi-trap
no shut
interface atm0/2/0.1 point-to-point
no atm enable-ilmi-trap
cdp enable
pvc 0/35
ubr 1045
encapsulation aal5mux ppp dialer
dialer pool-member 1
!

Gizmo
wannabe
wannabe
Posty: 181
Rejestracja: 28 sty 2008, 21:55

Re: Cisco 1117-4pwe +Neostrada ADSL2+

#10

#10 Post autor: Gizmo » 17 cze 2019, 11:15

Taka mała rada. Na interfejsach zewnętrznych nie używa się CDP (wewnątrz sieci w wielu wypadkach również). Raz, że to niepotrzebnie zaśmieca interfejs, bo druga strona raczej tego nie odbierze. Dwa, to hardening urządzenia. CDP "zdradza" z czym atakujący ma do czynienia i parę innych informacji :)
“Two possibilities exist: either we are alone in the Universe or we are not. Both are equally terrifying.” - A.C.Clark

ODPOWIEDZ