腾讯云与阿里云的基本配置比较

 云计算  No Responses »
6 月 202014
 

腾讯云主机最低配置CPU信息 Xeon X3440 2.53Ghz主频 4MB缓存

[root@VM_27_135_centos ~]# cat /proc/cpuinfo
 processor : 0
 vendor_id : GenuineIntel
 cpu family : 6
 model : 30
 model name : Intel(R) Xeon(R) CPU X3440 @ 2.53GHz
 stepping : 5
 cpu MHz : 2526.998
 cache size : 4096 KB
 physical id : 0
 siblings : 1
 core id : 0
 cpu cores : 1
 apicid : 0
 initial apicid : 0
 fpu : yes
 fpu_exception : yes
 cpuid level : 11
 wp : yes
 flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc up arch_perfmon rep_good unfair_spinlock pni ssse3 cx16 sse4_1 sse4_2 popcnt hypervisor lahf_lm
 bogomips : 5053.99
 clflush size : 64
 cache_alignment : 64
 address sizes : 40 bits physical, 48 bits virtual
 power management:

阿里云主机最低配置CPU信息
[root@AY1405192126447871b3Z ~]# cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 45
model name : Intel(R) Xeon(R) CPU E5-2430 0 @ 2.20GHz
stepping : 7
cpu MHz : 2200.095
cache size : 15360 KB
physical id : 0
siblings : 1
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat clflush mmx fxsr sse sse2 ht syscall nx lm up rep_good unfair_spinlock pni ssse3 cx16 sse4_1 sse4_2 popcnt aes hypervisor lahf_lm
bogomips : 4400.19
clflush size : 64
cache_alignment : 64
address sizes : 46 bits physical, 48 bits virtual
power management:

[root@AY1405192126447871b3Z ~]#

查看demsg确认使用的虚拟化技术平台
[root@VM_27_135_centos ~]# dmesg |grep xen
[root@VM_27_135_centos ~]# dmesg |grep kvm
kvm-clock: Using msrs 4b564d01 and 4b564d00
kvm-clock: cpu 0, msr 0:1c257c1, boot clock
kvm-clock: cpu 0, msr 0:22167c1, primary cpu clock
kvm-stealtime: cpu 0, msr 220e880
Switching to clocksource kvm-clock
[root@VM_27_135_centos ~]#
[root@AY1405192126447871b3Z ~]# dmesg |grep xen
CPU: CPU feature rdtscp disabled on xen guest
CPU: CPU feature constant_tsc disabled on xen guest
xen-platform-pci 0000:00:03.0: PCI INT A -> GSI 28 (level, low) -> IRQ 28
[root@AY1405192126447871b3Z ~]# dmesg |grep kvm
[root@AY1405192126447871b3Z ~]#

[root@VM_27_135_centos ~]#

腾讯云主机为单网卡,主机无公网IP绑定
[root@VM_27_135_centos ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 52:54:00:D3:AD:AD
inet addr:10.142.27.135 Bcast:10.142.27.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:fed3:adad/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:25968 errors:0 dropped:0 overruns:0 frame:0
TX packets:21664 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:190788488 (181.9 MiB) TX bytes:10550093 (10.0 MiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:200 (200.0 b) TX bytes:200 (200.0 b)

[root@VM_27_135_centos ~]#

阿里云主机为双网卡,分别绑定公网IP和私网IP(阿里云北京节点)
[root@AY1405192126447871b3Z ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3E:00:3B:C0
inet addr:10.162.222.113 Bcast:10.162.223.255 Mask:255.255.240.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:83246285 errors:0 dropped:0 overruns:0 frame:0
TX packets:81922830 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:25346599332 (23.6 GiB) TX bytes:25324814074 (23.5 GiB)
Interrupt:165

eth1 Link encap:Ethernet HWaddr 00:16:3E:00:3B:C2
inet addr:182.92.x.xx Bcast:182.92.11.255 Mask:255.255.252.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:131305480 errors:0 dropped:0 overruns:0 frame:0
TX packets:793230 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6117093526 (5.6 GiB) TX bytes:270508082 (257.9 MiB)
Interrupt:164

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:68664 errors:0 dropped:0 overruns:0 frame:0
TX packets:68664 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5239997 (4.9 MiB) TX bytes:5239997 (4.9 MiB)

[root@AY1405192126447871b3Z ~]#
默认CentOS6.3 x86_64系统 默认内核版本和执行yum update后的内核版本
[root@VM_27_135_centos ~]# uname -ar
Linux VM_27_135_centos 2.6.32-279.el6.x86_64 #1 SMP Fri Jun 22 12:19:21 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux
[root@VM_27_135_centos ~]#

[root@VM_27_135_centos ~]# uname -ar
Linux VM_27_135_centos 2.6.32-431.20.3.el6.centos.plus.x86_64 #1 SMP Thu Jun 19 23:04:15 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
[root@VM_27_135_centos ~]#
在本地本机ping www.qq.com的延时(深圳电信100M光纤ADSL)
harveymei@linux-7zyd:~> ping -c 6 www.qq.com
PING www.qq.com (14.17.32.211) 56(84) bytes of data.
64 bytes from 14.17.32.211: icmp_seq=1 ttl=55 time=2.16 ms
64 bytes from 14.17.32.211: icmp_seq=2 ttl=55 time=3.60 ms
64 bytes from 14.17.32.211: icmp_seq=3 ttl=55 time=3.57 ms
64 bytes from 14.17.32.211: icmp_seq=4 ttl=55 time=3.72 ms
64 bytes from 14.17.32.211: icmp_seq=5 ttl=55 time=4.98 ms
64 bytes from 14.17.32.211: icmp_seq=6 ttl=55 time=3.03 ms

— www.qq.com ping statistics —
6 packets transmitted, 6 received, 0% packet loss, time 5005ms
rtt min/avg/max/mdev = 2.160/3.515/4.988/0.846 ms
harveymei@linux-7zyd:~>

在qcloud(腾讯云华南广州节点1Mbps)主机上ping www.qq.com的延时
[root@VM_27_135_centos ~]# ping -c 6 www.qq.com
PING www.qq.com (183.60.15.153) 56(84) bytes of data.
64 bytes from 183.60.15.153: icmp_seq=1 ttl=51 time=11.2 ms
64 bytes from 183.60.15.153: icmp_seq=2 ttl=51 time=11.2 ms
64 bytes from 183.60.15.153: icmp_seq=3 ttl=51 time=11.2 ms
64 bytes from 183.60.15.153: icmp_seq=4 ttl=51 time=11.2 ms
64 bytes from 183.60.15.153: icmp_seq=5 ttl=51 time=11.2 ms
64 bytes from 183.60.15.153: icmp_seq=6 ttl=51 time=11.2 ms

— www.qq.com ping statistics —
6 packets transmitted, 6 received, 0% packet loss, time 5018ms
rtt min/avg/max/mdev = 11.202/11.242/11.272/0.109 ms
[root@VM_27_135_centos ~]#

[root@VM_27_135_centos ~]# ping -c 6 www.qq.com
PING www.qq.com (14.17.32.211) 56(84) bytes of data.
64 bytes from 14.17.32.211: icmp_seq=1 ttl=50 time=10.6 ms
64 bytes from 14.17.32.211: icmp_seq=2 ttl=50 time=10.3 ms
64 bytes from 14.17.32.211: icmp_seq=3 ttl=50 time=10.5 ms
64 bytes from 14.17.32.211: icmp_seq=4 ttl=50 time=10.5 ms
64 bytes from 14.17.32.211: icmp_seq=5 ttl=50 time=10.5 ms
64 bytes from 14.17.32.211: icmp_seq=6 ttl=50 time=10.5 ms

— www.qq.com ping statistics —
6 packets transmitted, 6 received, 0% packet loss, time 5019ms
rtt min/avg/max/mdev = 10.391/10.549/10.639/0.154 ms
[root@VM_27_135_centos ~]#

在阿里云北京节点1Mbps主机上ping www.qq.com的延时
[root@AY1405192126447871b3Z ~]# ping -c 6 www.qq.com
PING www.qq.com (61.135.157.156) 56(84) bytes of data.
64 bytes from 61.135.157.156: icmp_seq=1 ttl=52 time=5.76 ms
64 bytes from 61.135.157.156: icmp_seq=2 ttl=52 time=5.55 ms
64 bytes from 61.135.157.156: icmp_seq=3 ttl=52 time=5.72 ms
64 bytes from 61.135.157.156: icmp_seq=4 ttl=52 time=5.69 ms
64 bytes from 61.135.157.156: icmp_seq=5 ttl=52 time=5.69 ms
64 bytes from 61.135.157.156: icmp_seq=6 ttl=52 time=5.62 ms

— www.qq.com ping statistics —
6 packets transmitted, 6 received, 0% packet loss, time 5014ms
rtt min/avg/max/mdev = 5.550/5.674/5.760/0.091 ms
[root@AY1405192126447871b3Z ~]#
可以ping通内部网络非本人账户下其他主机或设备
[root@VM_27_135_centos ~]# ping -c 2 10.142.27.136
PING 10.142.27.136 (10.142.27.136) 56(84) bytes of data.
From 10.142.27.135 icmp_seq=1 Destination Host Unreachable
From 10.142.27.135 icmp_seq=2 Destination Host Unreachable

— 10.142.27.136 ping statistics —
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 3000ms
pipe 2
[root@VM_27_135_centos ~]# ping -c 2 10.142.27.135
PING 10.142.27.135 (10.142.27.135) 56(84) bytes of data.
64 bytes from 10.142.27.135: icmp_seq=1 ttl=64 time=0.024 ms
64 bytes from 10.142.27.135: icmp_seq=2 ttl=64 time=0.028 ms

— 10.142.27.135 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.024/0.026/0.028/0.002 ms
[root@VM_27_135_centos ~]# ping -c 2 10.142.27.134
PING 10.142.27.134 (10.142.27.134) 56(84) bytes of data.
64 bytes from 10.142.27.134: icmp_seq=1 ttl=64 time=1.15 ms
64 bytes from 10.142.27.134: icmp_seq=2 ttl=64 time=0.501 ms

— 10.142.27.134 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.501/0.827/1.154/0.327 ms
[root@VM_27_135_centos ~]# ping -c 2 10.142.27.129
PING 10.142.27.129 (10.142.27.129) 56(84) bytes of data.
64 bytes from 10.142.27.129: icmp_seq=1 ttl=64 time=2.35 ms
64 bytes from 10.142.27.129: icmp_seq=2 ttl=64 time=0.699 ms

— 10.142.27.129 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.699/1.529/2.359/0.830 ms
[root@VM_27_135_centos ~]#

阿里云香港节点基础电信运营商名气通新闻稿

有關名氣通電訊有限公司 (名氣通)
名氣通電訊有限公司(名氣通)為香港中華煤氣有限公司(煤氣公司)的全資附屬機構,於 2004 年正式成立,主要業務包括網絡構建、數據中心與智能家居及雲計算服務。秉承煤氣公司的優良服務文化,名氣通作為中立電訊供應商,在香港及內地均擁有多個世界級數據中心及網路基建服務,並利用煤氣管道光纖技術於香港鋪設光纖網路,為各大企業、國際網路服務商及專業客戶提供更廣泛的服務。

Juniper SSG140 配置命令

 未分类  No Responses »
6 月 202014
 

unset key protection enable
set clock dst-off
set clock ntp
set clock timezone 8
set clock dst recurring start-weekday 2 0 3 02:00 end-weekday 1 0 11 02:00
set vrouter trust-vr sharable
set vrouter “untrust-vr”
exit
set vrouter “trust-vr”
unset auto-route-export
exit
set service “OPENVPN” protocol udp src-port 0-65535 dst-port 1194-1194
set service “HTTP2” protocol tcp src-port 0-65535 dst-port 8080-8080
set alg appleichat enable
unset alg appleichat re-assembly enable
set alg sctp enable
set auth-server “Local” id 0
set auth-server “Local” server-name “Local”
set auth default auth server “Local”
set auth radius accounting port 1646
set admin name “netscreen”
set admin password “nOUoImr0FJQCcDTNysHDssAtkpJPon”
set admin http redirect
set admin auth web timeout 10
set admin auth server “Local”
set admin format dos
set zone “Trust” vrouter “trust-vr”
set zone “Untrust” vrouter “trust-vr”
set zone “DMZ” vrouter “trust-vr”
set zone “VLAN” vrouter “trust-vr”
set zone “Untrust-Tun” vrouter “trust-vr”
set zone “Trust” tcp-rst
set zone “Untrust” block
unset zone “Untrust” tcp-rst
set zone “MGT” block
unset zone “V1-Trust” tcp-rst
unset zone “V1-Untrust” tcp-rst
set zone “DMZ” tcp-rst
unset zone “V1-DMZ” tcp-rst
unset zone “VLAN” tcp-rst
set zone “Untrust” screen tear-drop
set zone “Untrust” screen syn-flood
set zone “Untrust” screen ping-death
set zone “Untrust” screen ip-filter-src
set zone “Untrust” screen land
set zone “V1-Untrust” screen tear-drop
set zone “V1-Untrust” screen syn-flood
set zone “V1-Untrust” screen ping-death
set zone “V1-Untrust” screen ip-filter-src
set zone “V1-Untrust” screen land
set interface “ethernet0/0” zone “Trust”
set interface “ethernet0/1” zone “Trust”
set interface “ethernet0/2” zone “Untrust”
set interface “ethernet0/3” zone “Untrust”
set interface “ethernet0/7” zone “Trust”
set interface ethernet0/0 ip 192.168.21.1/24
set interface ethernet0/0 nat
unset interface vlan1 ip
set interface ethernet0/1 ip 192.168.11.1/24
set interface ethernet0/1 nat
set interface ethernet0/2 ip 113.106.92.174/27
set interface ethernet0/2 route
set interface ethernet0/3 ip 106.3.224.174/27
set interface ethernet0/3 route
set interface ethernet0/7 ip 172.16.0.1/24
set interface ethernet0/7 nat
unset interface vlan1 bypass-others-ipsec
unset interface vlan1 bypass-non-ip
set interface ethernet0/0 ip manageable
set interface ethernet0/1 ip manageable
set interface ethernet0/2 ip manageable
set interface ethernet0/3 ip manageable
set interface ethernet0/7 ip manageable
unset interface ethernet0/0 manage ssh
unset interface ethernet0/0 manage telnet
unset interface ethernet0/0 manage snmp
unset interface ethernet0/1 manage ssh
unset interface ethernet0/1 manage telnet
set interface ethernet0/2 manage ping
set interface ethernet0/2 manage ssh
set interface ethernet0/3 manage ping
set interface ethernet0/3 manage ssh
unset interface ethernet0/7 manage telnet
unset interface ethernet0/7 manage snmp
set interface vlan1 manage mtrace
set interface ethernet0/2 vip interface-ip 1194 “OPENVPN” 192.168.11.70 manual
set interface ethernet0/2 vip 113.106.92.180 8080 “HTTP2” 192.168.11.100 manual
set interface ethernet0/3 vip 106.3.224.180 8080 “HTTP2” 192.168.11.100 manual
unset flow no-tcp-seq-check
set flow tcp-syn-check
unset flow tcp-syn-bit-check
set flow reverse-route clear-text prefer
set flow reverse-route tunnel always
set pki authority default scep mode “auto”
set pki x509 default cert-path partial
set dns host dns1 202.96.134.33
set dns host dns2 202.96.128.86
set dns host dns3 0.0.0.0
set address “Trust” “10.8.0.0/24” 10.8.0.0 255.255.255.0
set address “Trust” “192.168.1.0/24” 192.168.1.0 255.255.255.0
set address “Trust” “192.168.1.1/24” 192.168.1.1 255.255.255.0
set address “Trust” “192.168.100.0/24” 192.168.100.0 255.255.255.0
set address “Trust” “192.168.11.0/24” 192.168.11.0 255.255.255.0
set address “Trust” “192.168.21.0/21” 192.168.21.0 255.255.248.0
set address “Untrust” “192.168.1.1/24” 192.168.1.1 255.255.255.0
set address “Untrust” “192.168.11.1/24” 192.168.11.1 255.255.255.0
set address “Untrust” “220.243.139.229/27” 220.243.139.229 255.255.255.224
set crypto-policy
exit
set ike respond-bad-spi 1
set ike ikev2 ike-sa-soft-lifetime 60
unset ike ikeid-enumeration
unset ike dos-protection
unset ipsec access-session enable
set ipsec access-session maximum 5000
set ipsec access-session upper-threshold 0
set ipsec access-session lower-threshold 0
set ipsec access-session dead-p2-sa-timeout 0
unset ipsec access-session log-error
unset ipsec access-session info-exch-connected
unset ipsec access-session use-error-log
set vrouter “untrust-vr”
exit
set vrouter “trust-vr”
exit
set l2tp default dns1 202.96.128.86
set l2tp default dns2 202.96.134.33
set l2tp default ppp-auth chap
set url protocol websense
exit
set policy id 1 from “Trust” to “Untrust” “192.168.21.0/21” “Any” “ANY” permit log
set policy id 1
exit
set policy id 2 from “Trust” to “Untrust” “192.168.11.0/24” “Any” “ANY” permit log
set policy id 2
exit
set policy id 6 from “Untrust” to “Trust” “Any” “VIP(ethernet0/2)” “OPENVPN” permit log
set policy id 6
exit
set policy id 7 from “Untrust” to “Trust” “Any” “VIP(113.106.92.180)” “HTTP2” permit log
set policy id 7 disable
set policy id 7
exit
set policy id 8 from “Untrust” to “Trust” “Any” “VIP(106.3.224.180)” “HTTP2” permit log
set policy id 8 disable
set policy id 8
exit
set nsmgmt bulkcli reboot-timeout 60
set ssh version v2
set ssh enable
set config lock timeout 5
unset license-key auto-update
set telnet client enable
set ntp server “time.nist.gov”
set ntp server src-interface “ethernet0/2”
set snmp community “public” Read-Write Trap-on traffic version any
set snmp host “public” 192.168.11.70 255.255.255.255 trap v2
set snmp contact “GDC A12 RACK”
set snmp name “SSG140”
set snmp port listen 161
set snmp port trap 162
set vrouter “untrust-vr”
exit
set vrouter “trust-vr”
set source-routing enable
unset add-default-route
set route 0.0.0.0/0 interface ethernet0/2 gateway 113.106.92.161
set route 10.8.0.0/24 interface ethernet0/1 gateway 192.168.11.70
set route 0.0.0.0/0 interface ethernet0/3 gateway 106.3.224.161
exit
set vrouter “untrust-vr”
exit
set vrouter “trust-vr”
exit