- 论坛徽章:
- 0
|
华为18-22-24路由器往外ping时出现不规则丢包,丢包率在20%左右,请高手帮看看!\r\n配置如下 :\r\n#\r\n sysname Quidway\r\n#\r\n FTP server enable\r\n#\r\n firewall enable\r\n#\r\n dialer-rule 1 ip permit\r\n#\r\n web set-package force flash:/http.zip\r\n#\r\nradius scheme system\r\n#\r\ndomain system\r\n#\r\nlocal-user admin\r\n password cipher .]@USE=B,53Q=^Q`MAF4<1!!\r\n service-type telnet terminal\r\n level 3\r\n service-type ftp\r\n#\r\nacl number 2000\r\n rule 0 permit source 192.168.0.0 0.0.0.255\r\nacl number 3333\r\n rule 0 deny udp destination-port eq tftp\r\n rule 1 deny tcp source-port eq 135 destination-port eq 135\r\n rule 2 deny udp source-port eq 135 destination-port eq 135\r\n rule 3 deny tcp source-port eq 137 destination-port eq 137\r\n rule 4 deny tcp source-port eq 1068 destination-port eq 138\r\n rule 5 deny tcp source-port eq 389 destination-port eq 139\r\n rule 6 deny tcp source-port eq 593 destination-port eq 139\r\n rule 7 deny udp source-port eq 445 destination-port eq 445\r\n rule 8 deny tcp source-port eq 1025 destination-port eq 445\r\n rule 9 deny udp source-port eq 1434 destination-port eq 539\r\n rule 10 deny tcp source-port eq 3127 destination-port eq 539\r\n rule 11 deny tcp source-port eq 3128 destination-port eq 593\r\n rule 12 deny tcp source-port eq 4444 destination-port eq 593\r\n rule 13 deny tcp source-port eq 5554 destination-port eq 1434\r\n rule 14 deny tcp source-port eq 5800 destination-port eq 1433\r\n rule 15 deny tcp source-port eq 5900 destination-port eq 4444\r\n rule 16 deny tcp source-port eq 8998 destination-port eq 9996\r\n rule 17 deny tcp source-port eq 9995 destination-port eq 5554\r\n rule 18 deny tcp source-port eq 9996 destination-port eq 9996\r\n rule 19 deny tcp destination-port eq 445\r\n rule 20 deny udp destination-port eq 445\r\n rule 21 deny tcp destination-port eq 135\r\n rule 22 deny udp destination-port eq 135\r\n rule 23 deny tcp destination-port eq 136\r\n rule 24 deny udp destination-port eq 136\r\n rule 25 deny tcp destination-port eq 137\r\n rule 26 deny udp destination-port eq netbios-ns\r\n rule 27 deny udp destination-port eq 1068\r\n rule 28 deny tcp destination-port eq 1023\r\n rule 29 deny udp destination-port eq 1023\r\n rule 30 permit icmp icmp-type echo\r\n rule 31 deny udp source-port eq 0 destination-port eq netbios-ns\r\n rule 32 deny udp source-port eq 11 destination-port eq netbios-ns\r\n rule 33 deny icmp\r\n rule 40 deny tcp destination-port eq 138\r\n rule 41 deny udp destination-port eq netbios-dgm\r\n rule 43 deny tcp destination-port eq 139\r\n rule 51 deny udp destination-port eq netbios-ssn\r\n rule 62 deny tcp destination-port eq 389\r\n rule 63 deny tcp destination-port eq 539\r\n rule 64 deny udp destination-port eq 539\r\n rule 65 deny tcp destination-port eq 4444\r\n rule 66 deny tcp destination-port eq 707\r\n rule 70 deny tcp destination-port eq 593\r\n rule 71 deny udp destination-port eq 593\r\n rule 72 deny tcp destination-port eq 1024\r\n rule 73 deny tcp destination-port eq 1025\r\n rule 74 deny tcp destination-port eq 1033\r\n rule 75 deny tcp destination-port eq 1068\r\n rule 76 deny tcp destination-port eq 1243\r\n rule 77 deny tcp destination-port eq 1978\r\n rule 78 deny tcp destination-port eq 1999\r\n rule 79 deny tcp destination-port eq 2000\r\n rule 80 deny tcp destination-port eq 2001\r\n rule 81 deny tcp destination-port eq 3127\r\n rule 82 deny tcp destination-port eq 4899\r\n rule 83 deny tcp destination-port eq 5022\r\n rule 84 deny tcp destination-port eq 6881\r\n rule 85 deny tcp destination-port eq 6882\r\n rule 86 deny tcp destination-port eq 6883\r\n rule 87 deny tcp destination-port eq 6884\r\n rule 88 deny tcp destination-port eq 6885\r\n rule 138 deny tcp destination-port eq 8011\r\n rule 139 deny tcp destination-port eq 8998\r\n rule 140 deny tcp destination-port eq 9995\r\n rule 141 deny tcp destination-port eq 12345\r\n rule 142 deny tcp destination-port eq 12346\r\n rule 143 deny tcp destination-port eq 27374\r\n rule 145 deny tcp destination-port eq 30100\r\n rule 161 permit icmp icmp-type echo-reply\r\n rule 162 permit icmp icmp-type ttl-exceeded\r\n#\r\ninterface Dialer1\r\n link-protocol ppp\r\n ppp pap local-user mglb007@wsl02.yn password cipher V3\"LO2/=!<WQ=^Q`MAF4<1!!\r\n tcp mss 1024\r\n ip address ppp-negotiate\r\n dialer user admin\r\n dialer-group 1\r\n dialer bundle 1\r\n nat outbound 2000\r\n#\r\ninterface Dialer2\r\n link-protocol ppp\r\n ppp pap local-user mglb007@wsl02.yn password cipher V3\"LO2/=!<WQ=^Q`MAF4<1!!\r\n tcp mss 1024\r\n ip address ppp-negotiate\r\n dialer user admin\r\n dialer-group 1\r\n dialer bundle 2\r\n nat outbound 2000\r\n#\r\ninterface Ethernet1/0\r\n pppoe-client dial-bundle-number 1\r\n ip address dhcp-alloc\r\n firewall packet-filter 3333 inbound\r\n#\r\ninterface Ethernet2/0\r\n pppoe-client dial-bundle-number 2\r\n ip address dhcp-alloc\r\n firewall packet-filter 3333 inbound\r\n#\r\ninterface Ethernet3/0\r\n ip address 192.168.0.49 255.255.255.0\r\n#\r\ninterface Ethernet3/1\r\n#\r\ninterface Ethernet3/2\r\n#\r\ninterface Ethernet3/3\r\n#\r\ninterface Ethernet3/4\r\n\r\ninterface Ethernet3/5\r\n#\r\ninterface Ethernet3/6\r\n#\r\ninterface Ethernet3/7\r\n#\r\ninterface Ethernet3/8\r\n#\r\ninterface Ethernet3/9\r\n#\r\ninterface Ethernet3/10\r\n#\r\ninterface Ethernet3/11\r\n#\r\ninterface Ethernet3/12\r\n#\r\ninterface Ethernet3/13\r\n#\r\ninterface Ethernet3/14\r\n#\r\ninterface Ethernet3/15\r\n \r\ninterface Ethernet3/16\r\n#\r\ninterface Ethernet3/17\r\n#\r\ninterface Ethernet3/18\r\n#\r\ninterface Ethernet3/19\r\n#\r\ninterface Ethernet3/20\r\n#\r\ninterface Ethernet3/21\r\n#\r\ninterface Ethernet3/22\r\n#\r\ninterface Ethernet3/23\r\n#\r\ninterface Ethernet3/24\r\n#\r\ninterface NULL0\r\n#\r\n ip route-static 0.0.0.0 0.0.0.0 Dialer 1 preference 60\r\n ip route-static 0.0.0.0 0.0.0.0 Dialer 2 preference 60\r\n#\r\nuser-interface con 0\r\nuser-interface vty 0 4\r\n authentication-mode scheme\r\n#\r\nreturn |
|