diff options
| author | Ole Mathias Aa. Heggem <olemathias.aa.heggem@gmail.com> | 2020-04-11 01:06:20 +0200 | 
|---|---|---|
| committer | Ole Mathias Aa. Heggem <olemathias.aa.heggem@gmail.com> | 2020-04-11 01:06:20 +0200 | 
| commit | f5da0d943401e527f5162e9c6344deb65b19b045 (patch) | |
| tree | 6cecbe12d4f16ce85d4efb8a7a124476d38d52dd /examples/tg19/netconf/r1.stand.conf | |
| parent | 38cc638f11c07fdb3d48f7b9ba7e66a2b0faafb6 (diff) | |
Diffstat (limited to 'examples/tg19/netconf/r1.stand.conf')
| -rw-r--r-- | examples/tg19/netconf/r1.stand.conf | 659 | 
1 files changed, 659 insertions, 0 deletions
| diff --git a/examples/tg19/netconf/r1.stand.conf b/examples/tg19/netconf/r1.stand.conf new file mode 100644 index 0000000..93bb7d5 --- /dev/null +++ b/examples/tg19/netconf/r1.stand.conf @@ -0,0 +1,659 @@ +version 17.3R3.10; +groups { +    pvehosts { +        interfaces { +            <ae*> { +                vlan-tagging; +                encapsulation flexible-ethernet-services; +                aggregated-ether-options { +                    lacp { +                        active; +                    } +                } +                unit 0 { +                    family ethernet-switching { +                        interface-mode trunk; +                        vlan { +                            members [ deltagerevm gamevm miscvm techvm vmhosts elastic-cluster ]; +                        } +                    } +                } +            } +        } +    } +} +system { +    host-name r1.stand; +    auto-snapshot; +    domain-name tg19.gathering.org; +    time-zone Europe/Oslo; +    authentication-order tacplus; +    root-authentication { +        encrypted-password "<removed>"; ## SECRET-DATA +    } +    name-server { +        2a06:5841:a:103::62; +        2a06:5841:a:104::126; +    } +    tacplus-server { +        134.90.150.164 secret "<removed>"; ## SECRET-DATA +    } +    login { +        user technet { +            uid 2000; +            class super-user; +            authentication { +                encrypted-password "<removed>"; ## SECRET-DATA +            } +        } +    } +    services { +        ssh { +            root-login deny; +            no-tcp-forwarding; +            protocol-version v2; +            client-alive-count-max 2; +            client-alive-interval 300; +            connection-limit 50; +            rate-limit 5; +        } +        netconf { +            ssh { +                port 830; +            } +        } +    } +    syslog { +        user * { +            any emergency; +        } +        host log.tg19.gathering.org { +            any warning; +            authorization info; +            daemon warning; +            user warning; +            change-log any; +            interactive-commands any; +            match "!(.*License.*)"; +            allow-duplicates; +            facility-override local7; +            explicit-priority; +        } +        host 185.110.149.70 { +            any any; +            port 2514; +        } +        /* Local logging of syslog message */ +        file messages { +            any notice; +            authorization info; +        } +        /* Local logging of all user-commands typed in the CLI */ +        file interactive-commands { +            interactive-commands any; +            match "UI_CMDLINE_READ_LINE|UI_COMMIT_COMPLETED"; +        } +    } +    /* Save changes to central site */ +    archival { +        configuration { +            transfer-on-commit; +            archive-sites { +                "scp://user@host/some/folder/" password "<removed>"; ## SECRET-DATA +            } +        } +    } +    commit synchronize; +    ntp { +        /* ntp.uio.no */ +        server 2001:700:100:2::6; +    } +} +chassis { +    redundancy { +        graceful-switchover; +    } +    aggregated-devices { +        ethernet { +            device-count 50; +        } +    } +    alarm { +        management-ethernet { +            link-down ignore; +        } +    } +} +security { +    ssh-known-hosts { +        host <removed> { +            ecdsa-sha2-nistp256-key <removed>; +        } +    } +} +interfaces { +    interface-range all-ports { +        member ge-*/*/*; +        member xe-*/*/*; +        member et-*/*/*; +    } +    xe-0/0/0 { +        description "C: birthday <enp101s0f0>"; +        gigether-options { +            802.3ad ae11; +        } +    } +    xe-0/0/1 { +        description "C: funshine <enp101s0f0>"; +        gigether-options { +            802.3ad ae12; +        } +    } +    xe-0/0/2 { +        description "C: pieceofheart <enp134s0f0>"; +        gigether-options { +            802.3ad ae13; +        } +    } +    xe-0/0/3 { +        description "C: bedtime <enp134s0f0>"; +        gigether-options { +            802.3ad ae14; +        } +    } +    xe-0/0/5 { +        description "C: WLC"; +        native-vlan-id 106; +        unit 0 { +            family ethernet-switching { +                interface-mode trunk; +                vlan { +                    members [ stand-wifi-mgmt stand-wifi-klienter stand-wifi-nocnet ]; +                } +            } +        } +    } +    et-0/0/50 { +        description "G: r1.noc et-3/3/0"; +        gigether-options { +            802.3ad ae0; +        } +    } +    xe-1/0/0 { +        description "C: birthday <enp101s0f1>"; +        gigether-options { +            802.3ad ae11; +        } +    } +    xe-1/0/1 { +        description "C: funshine <enp101s0f1>"; +        gigether-options { +            802.3ad ae12; +        } +    } +    xe-1/0/2 { +        description "C: pieceofheart <enp134s0f1>"; +        gigether-options { +            802.3ad ae13; +        } +    } +    xe-1/0/3 { +        description "C: bedtime <enp134s0f1>"; +        gigether-options { +            802.3ad ae14; +        } +    } +    et-1/0/50 { +        description "G: r1.tele et-0/0/53"; +        gigether-options { +            802.3ad ae1; +        } +    } +    xe-2/0/0 { +        description "C: cheer <enp101s0f0>"; +        gigether-options { +            802.3ad ae15; +        } +    } +    xe-2/0/1 { +        description "C: rainbowheart <enp2s0f0>"; +        gigether-options { +            802.3ad ae16; +        } +    } +    xe-2/0/2 { +        description "C: wonderheart <enp2s0f0>"; +        gigether-options { +            802.3ad ae17; +        } +    } +    xe-2/0/3 { +        description "C: surprise <enp134s0f0>"; +        gigether-options { +            802.3ad ae18; +        } +    } +    xe-2/0/5 { +        description "C: WLC"; +        native-vlan-id 106; +        unit 0 { +            family ethernet-switching { +                interface-mode trunk; +                vlan { +                    members [ stand-wifi-mgmt stand-wifi-klienter stand-wifi-nocnet ]; +                } +            } +        } +    } +    xe-2/0/13 { +        description "Deltakerserver (Vanstalk)"; +        unit 0 { +            family ethernet-switching { +                interface-mode access; +                vlan { +                    members deltagerevm; +                } +            } +        } +    } +    et-2/0/50 { +        description "G: r1.noc et-2/3/0"; +        gigether-options { +            802.3ad ae0; +        } +    } +    xe-3/0/0 { +        description "C: cheer <enp101s0f1>"; +        gigether-options { +            802.3ad ae15; +        } +    } +    xe-3/0/1 { +        description "C: rainbowheart <enp2s0f1>"; +        gigether-options { +            802.3ad ae16; +        } +    } +    xe-3/0/2 { +        description "C: wonderheart <enp2s0f1>"; +        gigether-options { +            802.3ad ae17; +        } +    } +    xe-3/0/3 { +        description "C: surprise <enp134s0f1>"; +        gigether-options { +            802.3ad ae18; +        } +    } +    et-3/0/50 { +        description "G: r1.tele et-1/0/53"; +        gigether-options { +            802.3ad ae1; +        } +    } +    ae0 { +        description "B: r1.noc ae1"; +        unit 0 { +            family inet { +                address 185.110.148.161/31; +            } +            family inet6 { +                address 2a06:5841:f:f11::1/127; +            } +        } +    } +    ae1 { +        description "B: r1.tele ae4"; +        aggregated-ether-options { +            lacp { +                active; +            } +        } +        unit 0 { +            family inet { +                address 185.110.148.139/31; +            } +            family inet6 { +                address 2a06:5841:f:f06::1/127; +            } +        } +    } +    ae11 { +        apply-groups pvehosts; +        description "C: birthday.stand"; +    } +    ae12 { +        apply-groups pvehosts; +        description "C: funshine.stand"; +    } +    ae13 { +        apply-groups pvehosts; +        description "C: pieceofheart.stand <bond0>"; +    } +    ae14 { +        apply-groups pvehosts; +        description "C: bedtime.stand <bond0>"; +    } +    ae15 { +        apply-groups pvehosts; +        description "C: cheer.stand <bond0>"; +    } +    ae16 { +        apply-groups pvehosts; +        description "C: rainbowheart.stand <bond0>"; +    } +    ae17 { +        apply-groups pvehosts; +        description "C: wonderheart.stand <bond0>"; +    } +    ae18 { +        apply-groups pvehosts; +        description "C: surprise.stand <bond0>"; +    } +    irb { +        unit 100 { +            family inet { +                address 185.110.149.161/27; +            } +            family inet6 { +                address 2a06:5841:a:102::1/64; +            } +        } +        unit 101 { +            family inet { +                address 185.110.149.65/26; +            } +            family inet6 { +                address 2a06:5841:a:104::1/64; +            } +        } +        unit 103 { +            family inet { +                address 88.92.17.1/24; +            } +            family inet6 { +                address 2a06:5841:a:202::1/64; +            } +        } +        unit 104 { +            family inet { +                address 88.92.18.1/24; +            } +            family inet6 { +                address 2a06:5841:a:203::1/64; +            } +        } +        unit 105 { +            family inet { +                address 88.92.19.1/24; +            } +            family inet6 { +                address 2a06:5844:a:101::1/64; +            } +        } +        unit 106 { +            family inet { +                address 88.92.4.1/27; +            } +            family inet6 { +                address 2a06:5841:d:c::1/64; +            } +        } +        unit 107 { +            family inet { +                address 88.92.32.1/19; +            } +            family inet6 { +                address 2a06:5844:a::1/64; +            } +        } +        unit 108 { +            family inet { +                address 185.110.150.129/25; +            } +            family inet6 { +                address 2a06:5841:f:f::1/64; +            } +        } +    } +    lo0 { +        unit 0 { +            family inet { +                filter { +                    input mgmt-v4; +                } +                address 127.0.0.1/32; +                address 185.110.148.68/32; +            } +            family inet6 { +                filter { +                    input mgmt-v6; +                } +                address ::1/128; +                address 2a06:5841:f:e::68/128; +            } +        } +    } +} +snmp { +    contact NOC; +    community <removed> { +        authorization read-only; +        client-list-name mgmt; +    } +} +forwarding-options { +    dhcp-relay { +        server-group { +            v4-wlc { +                185.110.149.2; +            } +        } +        group wlc { +            active-server-group v4-wlc; +            interface irb.107; +            interface irb.108; +        } +    } +} +routing-options { +    nonstop-routing; +} +protocols { +    igmp { +        interface irb.100 { +            version 2; +        } +    } +    router-advertisement { +        interface irb.107 { +            min-advertisement-interval 30; +            other-stateful-configuration; +            dns-server-address 2a06:5841:a:103::62; +            dns-server-address 2a06:5841:a:104::126; +            prefix 2a06:5844:a::/64; +        } +        interface irb.108 { +            min-advertisement-interval 3; +            other-stateful-configuration; +            dns-server-address 2a06:5841:a:103::62; +            dns-server-address 2a06:5841:a:104::126; +            prefix 2a06:5841:f:f::/64; +        } +    } +    ospf { +        export [ direct-to-ospf static-to-ospf ]; +        reference-bandwidth 1000g; +        area 0.0.0.0 { +            interface ae0.0; +            interface ae1.0; +        } +    } +    ospf3 { +        export [ static-to-ospf direct-to-ospf ]; +        reference-bandwidth 1000g; +        area 0.0.0.0 { +            interface ae0.0; +            interface ae1.0; +        } +    } +    lldp { +        interface all; +    } +    lldp-med { +        interface all; +    } +    igmp-snooping { +        vlan default; +    } +    sflow { +        sample-rate { +            ingress 10000; +            egress 10000; +        } +        collector <removed>; +        interfaces all-ports; +    } +    layer2-control { +        nonstop-bridging; +    } +    rstp { +        interface all; +    } +} +policy-options { +    prefix-list mgmt-v4 { +    } +    prefix-list mgmt-v6 { +    } +    /* Merged separate v4- og v6-lister */ +    prefix-list mgmt { +        apply-path "policy-options prefix-list <mgmt-v*> <*>"; +    } +    policy-statement direct-to-ospf { +        from protocol direct; +        then { +            external { +                type 1; +            } +            accept; +        } +    } +    policy-statement static-to-ospf { +        from protocol static; +        then { +            external { +                type 1; +            } +            accept; +        } +    } +} +firewall { +    family inet { +        filter mgmt-v4 { +            term accept-ssh { +                from { +                    source-prefix-list { +                        mgmt-v4; +                    } +                    destination-port 22; +                } +                then accept; +            } +            term discard-ssh { +                from { +                    destination-port 22; +                } +                then { +                    discard; +                } +            } +            term accept-all { +                then accept; +            } +        } +    } +    family inet6 { +        filter mgmt-v6 { +            term accept-ssh { +                from { +                    source-prefix-list { +                        mgmt-v6; +                    } +                    destination-port 22; +                } +                then accept; +            } +            term discard-ssh { +                from { +                    destination-port 22; +                } +                then discard; +            } +            term accept-all { +                then accept; +            } +        } +    } +} +virtual-chassis { +    preprovisioned; +    no-split-detection; +    member 0 { +        role routing-engine; +        serial-number <removed>; +    } +    member 1 { +        role line-card; +        serial-number <removed>; +    } +    member 2 { +        role routing-engine; +        serial-number <removed>; +    } +    member 3 { +        role line-card; +        serial-number <removed>; +    } +} +vlans { +    deltagerevm { +        vlan-id 105; +        l3-interface irb.105; +    } +    elastic-cluster { +        vlan-id 110; +    } +    gamevm { +        vlan-id 104; +        l3-interface irb.104; +    } +    miscvm { +        vlan-id 103; +        l3-interface irb.103; +    } +    stand-wifi-klienter { +        vlan-id 107; +        l3-interface irb.107; +    } +    stand-wifi-mgmt { +        vlan-id 106; +        l3-interface irb.106; +    } +    stand-wifi-nocnet { +        vlan-id 108; +        l3-interface irb.108; +    } +    techvm { +        vlan-id 101; +        l3-interface irb.101; +    } +    vmhosts { +        vlan-id 100; +        l3-interface irb.100; +    } +} + + | 
