DrayTek RoadShow 2015 @ Portugal (Setembro) - Sessão 1

Preview:

Click to see full reader

Citation preview

1

Session 1

Henry Lo

Application Engineer

Seminar

Rui Jorge

Technical Manager

2

• Multi WAN- WAN Types - Load Balance and Backup - Triple Play - WAN Budget

• Multi LAN Subnets / VLAN- Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-

subnets with APs

• Network Topology and Switch Management

Outline — Session 1

• LAN-to-LAN VPN - Supported Protocol - Hub and Spokes - VPN Trunk

• Remote Dial-in VPN- Smart VPN Client - SSL VPN

• Load-Balance/Route Policy

3

Outline — Session 2

• High Availability• User Management

- Customized Login Page Logo - Create Accounts for Accommodations

• AP Management- Setup, Configure, and Maintenance - Management Methods

• WiFi Airtime Fairness• AP Station Statistics• Bandwidth Management

4

• LAN-to-LAN VPN - Supported Protocol - Hub and Spokes - VPN Trunk

• Remote Dial-in VPN- Smart VPN Client - SSL VPN

• Load-Balance/Route Policy

• Multi WAN- WAN Types - Load Balance and Backup - Triple Play - WAN Budget

• Multi LAN Subnets / VLAN- Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-

subnets with APs

• Network Topology and Switch Management

Outline — Session 1

5

• xDSL - ADSL, ADSL2/2+ - VDSL2

• Ethernet (10/100/1000) • Fiber • USB 3G/4G Dongle

Available WAN Interface

6

• xDSL - ADSL, ADSL2/2+ - VDSL2

• Ethernet (10/100/1000) • Fiber • USB 3G/4G Dongle

Available WAN Interface

What if:• Physical Connection Down • No Dongle Available

7

• WiFi WAN (V2860 / V2925)- Choose Wireless Mode

Available WAN Interface

8

Available WAN Interface

• WiFi WAN (V2860 / V2925)- Choose Wireless Mode - AP Discovery

9

Available WAN Interface

• WiFi WAN (V2860 / V2925)- Choose Wireless Mode - AP Discovery - Select AP

10

Available WAN Interface

• WiFi WAN (V2860 / V2925)- Choose Wireless Mode - AP Discovery - Select AP - Auto Channel

11

Available WAN Interface

• WiFi WAN (V2860 / V2925)- Choose Wireless Mode - AP Discovery - Select AP - Auto Channel - Business Continue

12

• Auto Weight / According to Line Speed

Load Balance and Backup

13

• Auto Weight

Load Balance and Backup

14

• According to Line Speed

Load Balance and Backup

15

• According to Line Speed

Load Balance and Backup

16

• Verify the Load Balance

Load Balance and Backup

17

• 4 Mechanisms for WAN Load Balance - CAH, cached - BAL, balanced - DNS - Policy

Load Balance and Backup

18

• Multi-Layers Backup

Load Balance and Backup

19

• Multi-Layers Backup

Load Balance and Backup

20

Triple Play

21

• WAN Type - VPI/VCI for ADSL - Tag for VDSL / Ethernet / Fiber

• Port-Based Bridge - to IPTV Setup Box

• Open WAN Interface - for IP Phones

• Access Mode - PPPoE - DHCP / Static

Triple Play

22

• Open WAN Interface

Triple Play

Exemplos de ligações em “Triple-Play” em Portugal

NOS Fibra

➢ Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN) directamente a Porta LAN4 do Router/Modem do Operador (ZON HUB), e configurar campos conforme exemplo em baixo :l

Router/Modem ZON HUB :

Router/Modem ZON HUB :

NOS Fibra

Router/Modem ZON HUB :

Router Broadband DrayTek (ex: série Vigor2925, Vigor2120, Vigro2960, etc) :

NOS Fibra

Router/Modem ZON HUB :

MEO Fibra (modo Single-Edge) > apenas acesso a Dados/Internet

➢ Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN) directamente ao ONT da MEO e configurar campos conforme exemplo em baixo :l

Router/Modem ZON HUB :

MEO Fibra (modo Single-Edge) > acesso a Dados/Internet + IPTV

➢ Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN) directamente ao ONT da MEO e configurar campos conforme exemplo em baixo :l

Router/Modem ZON HUB :

MEO Fibra (modo Single-Edge) > acesso a Dados/Internet + IPTV

➢ Ligar BOX de IPTV numa das portas do Switch do Router DrayTek e configurar conforme exemplo em baixo :l

Router/Modem ZON HUB :

MEO Fibra (modo Single-Edge) > acesso a Dados/Internet + IPTV + Voz

➢ Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN) a um Switch sem Gestão e configurar campos conforme exemplo anterior :

Router/Modem ZON HUB :

MEO Fibra (modo Single-Edge) > acesso a Dados/Internet + IPTV + Voz

➢Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN –e- Portas VoIP/FXS) directamente ao ONT da MEO e configurar campos conforme exemplo em baixo :

Router/Modem ZON HUB :

MEO Fibra (modo Single-Edge) > acesso a Dados/Internet + IPTV + Voz

➢Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN –e- Portas VoIP/FXS) directamente ao ONT da MEO e configurar campos conforme exemplo em baixo :

Router/Modem ZON HUB :

Vodafone Fibra

➢ Nota : Huawei HG8247H (Fibra Nova Geração) – só via Duplo-NAT

Router/Modem ZON HUB :

Vodafone Fibra > apenas acesso a Dados/Internet

➢ Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN) directamente ao ONT da Vodafone e configurar campos conforme exemplo em baixo :

Router/Modem ZON HUB :

Vodafone Fibra > apenas acesso a Dados/Internet + IPTV + Voz

➢ Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN –e- Portas VoIP/FXS) directamente ao ONT da Vodafone e configurar campos conforme exemplo em baixo :

Router/Modem ZON HUB :

Vodafone Fibra > apenas acesso a Dados/Internet + IPTV + Voz

➢ Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN –e- Portas VoIP/FXS) directamente ao ONT da Vodafone e configurar campos conforme exemplo em baixo :

Router/Modem ZON HUB :

Vodafone Fibra > apenas acesso a Dados/Internet + IPTV + Voz

➢ Ligar Porta WAN do Router DrayTek (modelo Broadband com porta Ethernet WAN –e- Portas VoIP/FXS) directamente ao ONT da Vodafone e configurar campos conforme exemplo em baixo :

Router/Modem ZON HUB :

38

• Set Quota • Action • Billing Cycle

WAN Budget

39

• Keep Tracking on the Usages

WAN Budget Limit

40

Outline — Session 1

• LAN-to-LAN VPN - Supported Protocol - Hub and Spokes - VPN Trunk

• Remote Dial-in VPN- Smart VPN Client - SSL VPN

• Load-Balance/Route Policy

• Multi WAN- WAN Types - Load Balance and Backup - Triple Play - WAN Budget

• Multi LAN Subnets / VLAN- Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-

subnets with APs

• Network Topology and Switch Management

41

Multi LAN Subnets / VLAN

• The Initial Status

42

Multi LAN Subnets/VLAN

• Port-Based

43

Multi LAN Subnets/VLAN

• Tag-Based

44

Multi LAN Subnets/VLAN• Tips to Configure Hybrid VLAN

- Reserve P1 for Administrator Management, no tag

45

Multi LAN Subnets/VLAN• Tips to Configure Hybrid VLAN

- Reserve P1 for Administrator Management, no tag - Reserve VLAN0 for other Vigor AP/Switch plug-n-play, no tag

46

• Enable LAN2 and LAN3

• Enable Inter-LAN Routing

Multi LAN Subnets/VLAN

47

• A Hybrid Example- P1 Administrator - P3 AP with 4 SSID

Multi LAN Subnets/VLAN

48

Multi LAN Subnets/VLAN

49

• Multi WAN- WAN Types - Load Balance and Backup - Triple Play - WAN Budget

• Multi LAN Subnets / VLAN- Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-

subnets with APs

• Network Topology and Switch Management

Outline

• LAN-to-LAN VPN - Supported Protocol - Hub and Spokes - VPN Trunk

• Remote Dial-in VPN- Smart VPN Client - SSL VPN

• Load-Balance/Route Policy

50

Your Network Topology

51

Switch Management

• Existing VLAN Setup on Router:

• Trunk Port in Darker-Grey

52

Switch Management

53

Switch Management

• Auto Show All VID for each VLAN

• Trunk Port in Darker-Grey

54

Switch Management

• Trunk Port in Darker-Grey

• Auto Show All VID for each VLAN

• Select VLAN for each Port

• Finish!

55

Outline

• Multi WAN- WAN Types - Load Balance and Backup - Triple Play - WAN Budget

• Multi LAN Subnets / VLAN- Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-

subnets with APs

• LAN-to-LAN VPN - Supported Protocol - Hub and Spokes - VPN Trunk

• Remote Dial-in VPN- Smart VPN Client - SSL VPN

• Load-Balance/Route Policy

56

Supported VPN Protocol

• PPTP (TCP 1723)

• L2TP (UDP 1701)

• IPsec (UDP 500)

• L2TP over IPsec

• SSL VPN (TCP 443)

• mOTP

57

Supported VPN Protocols

None/Nice to Have/Must

LAN to LAN

PPTP

L2TP/IPSec

IPSec

SSLport configurable

58

LAN-to-LAN VPN

• VPN for more subnets

VPN

172.16.10.1/24 192.168.1.1/24

Headquarters

Dial-in

Branch 1

Dial-out

192.168.5.1/24

VPN

59

LAN-to-LAN VPN• Hub and Spokes

VPN172.16.10.1/24

192.168.1.1/24

172.16.20.1/24

Branch 2

VPN 172.16.30.1/24

VPN

172.16.40.1/24

Branch 3

Branch 4

Headquarters

Branch 1

60

LAN-to-LAN VPN

• VPN Trunk — Backup

VPN 1

172.16.10.1/24 192.168.1.1/24

Dial-inBranch 1

Dial-out

VPN 2WAN 1WAN 2

Headquarters

61

LAN-to-LAN VPN

• VPN Trunk — Load Balance

VPN 1

172.16.10.1/24 192.168.1.1/24

Dial-inBranch 1

Dial-out

VPN 2WAN 1WAN 2

Headquarters

62

None/Nice to Have/Must

Host to LAN

PPTP

L2TP/IPSec

IPSec

SSLport configurable

PC Android Mac iOS

Must

DrayTek Smart VPN

Client

DrayTek Smart VPN

Client

Must Must

63

Remote Dial-In VPN

• Smart VPN Client for Android — SSL VPN

64

Outline

• Multi WAN- WAN Types - Load Balance and Backup - Triple Play - WAN Budget

• Multi LAN Subnets / VLAN- Port-Based - Tag-Based - Inter-LAN Routing - Hybrid Example — Setup multi-

subnets with APs

• LAN-to-LAN VPN - Supported Protocol - Hub and Spokes - VPN Trunk

• Remote Dial-in VPN- Smart VPN Client - SSL VPN

• Load-Balance/Route Policy

65

General View

66

Configuration Page

67

Configuration Page• Set Criteria

- Protocol - Source / Dest IP - Port

68

Configuration Page• Choose Route

- Interface - Gateway

• Give Priority- Higher than Routing Table? - Higher than other Policies?

69

Configuration Page• NAT or Routing?

- Regardless of the original LAN type

• Failover to Interface / Policy• Gradual / Immediate Failback

70

Idea of Priority• Compare between Routing Table and Route Policies

100

Index Interface12

Src IP Dest IP

WAN2 LAN2 AnyWAN1 LAN2 8.8.8.8

Priority

100INTERNET

WAN1 WAN2

LAN1 Servers

LAN2 PC

150

200

INTERNET

WAN1 WAN2

LAN1 Servers

LAN2 PC 71

Idea of Priority• Compare between Routing Table and Route Policies

Index Interface12

Src IP Dest IP

3

WAN2 LAN2 AnyWAN1 LAN2 8.8.8.8

Priority

200

150

200

INTERNET

WAN1 WAN2

LAN1 Servers

LAN2 PC 72

Idea of Priority• Compare between Routing Table and Route Policies

Index Interface12

Src IP Dest IP

3

WAN1 LAN2 8.8.8.8WAN2 LAN2 Any

Priority200

250

250

• Priority First, Sequence Second

73

Idea of Priority• Compare between Routing Table and Route Policies

• Priority First, Sequence Second - With Same Priority, Sequence Matters

74

Idea of Priority• Compare between Routing Table and Route Policies

75

Route Policy Diagnose

8.8.8.8

76

• Send SIP Traffic to the Less-Jitter WAN

Load Balance

77

Route Policy with VPN• Local Users to Remote Server

- Only Specified LAN IP are eligible to send traffic via the VPN tunnel

Manager IPTV

INTERNET

VPN

Tun

nel

VPN TunnelVPN Server

Netflix Servernetflix-380.vo.llnwd.net

Employees

http://netflix-380.vo.llnwd.net

78

Q&A

Recommended

Produtos DrayTek - Roteadores, Switchs, Telefonia IP
Technology
Draytek VigorCMS Operational Manual V12
Documents
DrayTek Seminar in Greece, session 2
Technology
Vigor-2766 Draytek datasheet
Documents
DrayTek - Q4
Documents
DrayTek Seminar in Greece, Session 1
Technology
DrayTek V3200 QuickStartGuide v1.0
Documents
Draytek Telnet
Documents
Draytek Databook 2015
Documents
Case DrayTek - Solução Dslam
Technology
DrayTek Roadshow in Turkey, Session 2
Technology
Everbest (Draytek) Nov. 2011 VigorACS SI version
Documents
VDSL Setup Instructions - Draytek DV130 example
Documents
DrayTek Telnet Commands Reference Guide
Documents
Reliable Networking Solutions - DrayTek
Documents
Draytek Telnet Cmdrefguide 30
Documents
Ik1 draytek 2012_(5)
Technology
DrayTek & GreenBow IPsec VPN Configuration (pt)
Documents
DrayTek Telnet+Commands+V1.11
Documents
Draytek - Smart Monitor QuickStartGuide_V1.0
Documents