для Cisco Cisco Packet Data Gateway (PDG)
Sample L2 Interchassis HA Configuration
ASR 9000 Chassis RSP Configuration (IOS-XR) ▀
SecGW Administration Guide, StarOS Release 17 ▄
83
ASR 9000 Chassis RSP Configuration (IOS-XR)
Important:
Primary and standby ASR 9000 chassis must be configured to handle the SecGWs (CPU-VM
complexes) running on ASR 9000 VSMs. There are four CPU-VM complexes per VSM.
The sample configurations must be applied to the primary and backup ASR 9000 chassis. Each chassis will have unique
and shared IP addresses to assure high availability across chassis.
and shared IP addresses to assure high availability across chassis.
Notes:
Set basic chassis parameters
Enable oneP communication. (TLS protocol)
Enable virtual services and assign virtual interfaces for each CPU-VM complex.
Configure physical Gigabit Ethernet (GigE) ASR 9000 interfaces. Shutdown unused ports.
Configure a GigE public interface (with VLANs) for IKE and ESP traffic on each CPU-VM complex.
Configure a GigE private interface (with VLANs) for clear traffic on each CPU-VM complex.
Configure a 10 Gigabit Ethernet (10GigE) interface for IKE and ESP traffic on each CPU-VM complex. Shut
down unused ports.
Configure a VLAN on this interface for clear and SRP traffic.
Configure a VLAN on this interface for SRP traffic.
Configure a VLAN on this interface for clear traffic
Configure a 10GigE Management interface on each CPU-VM complex.
Configure a Bridged Virtual Interface (BVI) for the chassis. A BVI interface configured on the RSP is used as
the sess-ip-address in all four SecGW(s) for bringing up the oneP session between the RSP and SecGW.
Configure static IPv4 and IPV6 addresses.
Configure an L2 VPN.
Configure HSRP tracking for each CPU-VM complex (shared parameters across ASR 9000 chassis).
Configure IP Service Level Agreement (SLA) operations.