Router Configuration and Router Provisioning

Global configuration

Authority	Conductor IP@
Tenants	Tenant is as the endpoints/users that need a similar set of accesses to common set of services Name = endpoint + service >> control access to Network
	subtenants: Hierarchical scope subtenant.tenant or sub3.sub2.sub1.tenant
Service Policy	define Vector ( broadband or MPLS )
Security Policy	encrypted or not
Service	Name Scope: Private / Public ???? Matching criteria: Transport protocol: UDP/TCP/ICMP/GRE Action: Allow / Deny Security Policy: Service Policy: Access Policy:


PCLI	show fib router xxxxxxx
Global Service	packet without a Tenant ( default bucket )

Apply ( 3 ways )	to Network Interface
Network interface	Neighborhoods: subnet(s) – map to – tenant
	dynamic: using the metadata
PCLI	show tenant members router all

Local Configuration: Router

LAN Interface	Device Interface: PCI forwarding= True ( change from WAN to LAN interface ??? )
	Network Interface: tenant, Static IP address ( + Host service: DHCP server, web-server, ssh-server, )
DHCP server ( on the LAN interface )	Host service: DHCP-server address pool: 192.168.127.100 - 192.168.127.200 Router@ DNS NTP, static route, customer options, vendor-specific
SSR on Server side
service route

service-route ( for localbreakout and EoSVR??? )	service-route SSR https://docs.128technology.com/docs/config_reference_guide/#service-route Branch: point to the peer DC: point the DC servers, or GW
service-route policy ( LB )	https://docs.128technology.com/docs/config_reference_guide/#service-route-policy

Router Provisioning

ZTP or Zero-Touch Provisioning	salt-minion call the salt-master on the Conductor
OTP or One-Touch Provisioning
Automated Provisioned	Conductor provisioning

ISO image

Centos 7.5

128T sofware

Useful OS settings and tools

OTP's ISO

DHCP client on interfaces

Web server GUI

>> Need to address the Conductor IP@

Interactive ISO