[c-nsp] Small office sanity check

Dave Weis djweis at internetsolver.com
Tue Oct 12 09:29:12 EDT 2010


I realize it's not a Cisco device but an Adtran 3448 would fit exactly what you are trying to do.

http://www.adtran.com/web/page/portal/Adtran/product/4200821E2

 

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net 
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jason Berenson
> Sent: Monday, October 11, 2010 9:43 PM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Small office sanity check
> 
>   Greetings,
> 
> I'm trying to come up with a small office router/switch 
> configuration.  
> This would be an office with a DSL or T1 with 4-8 IP phones 
> and the same in computers.  Requirements are as follows:
> 
> - Covad split PVC voice/data for QoS
> - LLDP to dynamically assign VLANs to phones and keep 
> computers in VLAN 1
> - DHCP with options capability to send config server 
> information to phones
> - PoE that can do between 7W and 15W per port
> - VRF to split voice/data routing
> - As cheap as possible
> 
> Here's what I've come up with so far:
> 
> - Cisco 1721 with ADSL or T1 module
> - Cisco 300 seris SRW208P-K9-NA
> 
> Relevant portion of the 1721 config:
> 
> ip dhcp pool voice
>     vrf voice
>     network 192.168.10.0 255.255.255.0
>     dns-server 1.1.1.1 2.2.2.2
>     netbios-node-type h-node
>     default-router 192.168.10.1
>     option 66 ascii "config-server"
>     lease 30
> !
> ip vrf voice
>   rd 2:1
>   route-target export 2:1
>   route-target import 2:1
> 
> interface ATM0
>   no ip address
>   no atm ilmi-keepalive
>   dsl operating-mode auto
> !
> interface ATM0.1 point-to-point
>   ip address 10.3.5.202 255.255.255.252
>   pvc 0/35
>    description DATA
>    encapsulation aal5mux ip
>   !
> !
> interface ATM0.2 point-to-point
>   ip vrf forwarding voice
>   ip address x.x.x.x 255.255.255.252
>   pvc 0/36
>    description VOICE
>    encapsulation aal5mux ip
>   !
> !
> interface FastEthernet0
>   no ip address
>   speed 100
>   full-duplex
>   no cdp enable
> !
> interface FastEthernet0.1
>   encapsulation dot1Q 1 native
>   ip address y.y.y.y 255.255.255.252
>   no cdp enable
> !
> interface FastEthernet0.120
>   encapsulation dot1Q 120
>   ip vrf forwarding voice
>   ip address 192.168.10.1 255.255.255.0
>   no cdp enable
> !
> ip nat inside source list 101 interface ATM0.2 vrf voice 
> overload ip classless ip route 0.0.0.0 0.0.0.0 10.3.5.201 
> name data ip route vrf voice 0.0.0.0 0.0.0.0 y.y.y.z name 
> voice no ip http server ip http authentication local !
> !
> access-list 101 permit ip 192.168.10.0 0.0.0.255 any
> 
> This should allow for a routed public net on VLAN 1 for their 
> firewall and a NAT'd network on VLAN 120 for the phones.  Any 
> pointers, comments, recommendations are welcome.
> 
> Thanks,
> Jason
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 


More information about the cisco-nsp mailing list