diff options
| author | Ole Mathias Heggem <olemathias.aa.heggem@gmail.com> | 2023-04-26 22:22:31 +0200 | 
|---|---|---|
| committer | Ole Mathias Heggem <olemathias.aa.heggem@gmail.com> | 2023-04-26 22:22:31 +0200 | 
| commit | 04862e4eebba26c6d90685fa63051d1f3cc81234 (patch) | |
| tree | 6a09be476589c9ade8fe661103eeb6fd4b0f3682 /examples/tg23/netconfig/e1.noc.tg23.gathering.org.conf | |
| parent | 1e83fed0a29559bfb019b93101a368d4606e7d98 (diff) | |
TG23 🚀
Diffstat (limited to 'examples/tg23/netconfig/e1.noc.tg23.gathering.org.conf')
| -rw-r--r-- | examples/tg23/netconfig/e1.noc.tg23.gathering.org.conf | 360 | 
1 files changed, 360 insertions, 0 deletions
| diff --git a/examples/tg23/netconfig/e1.noc.tg23.gathering.org.conf b/examples/tg23/netconfig/e1.noc.tg23.gathering.org.conf new file mode 100644 index 0000000..f632588 --- /dev/null +++ b/examples/tg23/netconfig/e1.noc.tg23.gathering.org.conf @@ -0,0 +1,360 @@ +## ex4300-48mp +## Last commit: 2023-04-06 21:59:05 CEST by espenh +version 20.2R3-S2.5; +system { +    host-name e1.noc; +    root-authentication { +        encrypted-password "<removed>"; ## SECRET-DATA +    } +    commit synchronize; +    login { +        user api { +            uid 2000; +            class super-user; +            authentication { +                ssh-ed25519 "<removed>"; ## SECRET-DATA +            } +        } +        user tech { +            uid 2001; +            class super-user; +            authentication { +                encrypted-password "<removed>"; ## SECRET-DATA +            } +        } +    } +    services { +        ssh { +            root-login deny; +            no-tcp-forwarding; +            protocol-version v2; +            client-alive-count-max 2; +            client-alive-interval 300; +            connection-limit 50; +            rate-limit 5; +        } +        netconf { +            ssh { +                port 830; +            } +        } +    } +    auto-snapshot; +    domain-name tg23.gathering.org; +    time-zone Europe/Oslo; +    /* tacacs primary, failbacks to local users */ +    authentication-order tacplus; +    ports { +        console log-out-on-disconnect; +    } +    name-server { +        2a06:5841:f:d::101; +        2a06:5841:f:e::132; +    } +    tacplus-server { +        <removed> { +            secret "<removed>"; ## SECRET-DATA +            source-address 151.216.131.2; +        } +    } +    syslog { +        user * { +            any emergency; +        } +        host log.tg23.gathering.org { +            any warning; +            authorization info; +            daemon warning; +            user warning; +            change-log any; +            interactive-commands any; +            match "!(.*License.*)"; +            allow-duplicates; +            facility-override local7; +            explicit-priority; +        } +        /* Oxidized syslog */ +        host 185.110.148.112 { +            interactive-commands notice; +            match UI_COMMIT_COMPLETED; +            source-address 151.216.131.2; +        } +        /* Local logging of syslog message */ +        file messages { +            any notice; +            authorization info; +            /* Fjerner mye graps i loggene */ +            match "!(.*License.*|.*EX-BCM PIC.*|.*mojito_i2c_read.*|.*qsfp_tk_read_mem_page.*)"; +        } +        /* Local logging of all user-commands typed in the CLI */ +        file interactive-commands { +            interactive-commands any; +            match "UI_CMDLINE_READ_LINE|UI_COMMIT_COMPLETED"; +        } +    } +    ntp { +        /* ntp.uio.no */ +        server 2001:700:100:2::6; +    } +} +chassis { +    aggregated-devices { +        ethernet { +            device-count 32; +        } +    } +    alarm { +        management-ethernet { +            link-down ignore; +        } +    } +} +interfaces { +    interface-range all-ports { +        member ge-*/*/*; +        member mge-*/*/*; +        member xe-*/*/*; +        member et-*/*/*; +    } +    interface-range edge-ports { +        member-range ge-0/0/0 to ge-0/0/23; +        member-range mge-0/0/24 to mge-0/0/43; +        member-range xe-0/2/2 to xe-0/2/3; +        description "C: e1.noc - VLAN 200"; +        unit 0 { +            family ethernet-switching { +                interface-mode access; +                vlan { +                    members e1.noc; +                } +            } +        } +    } +    interface-range uplink-ports { +        member xe-0/2/0; +        member xe-0/2/1; +        description "G: d1.ring (ae0)"; +        ether-options { +            802.3ad ae0; +        } +    } +    mge-0/0/40 { +        description "C: AP - VLAN 777 untagged (mgmt) - VLAN 778 tagged"; +        native-vlan-id 777; +        unit 0 { +            family ethernet-switching { +                interface-mode trunk; +                vlan { +                    members [ ssid-the-gathering aps-mgmt ]; +                } +            } +        } +    } +    mge-0/0/41 { +        description "C: AP - VLAN 777 untagged (mgmt) - VLAN 778 tagged"; +        native-vlan-id 777; +        unit 0 { +            family ethernet-switching { +                interface-mode trunk; +                vlan { +                    members [ ssid-the-gathering aps-mgmt ]; +                } +            } +        } +    } +    mge-0/0/42 { +        description "C: AP - VLAN 777 untagged (mgmt) - VLAN 778 tagged"; +        native-vlan-id 777; +        unit 0 { +            family ethernet-switching { +                interface-mode trunk; +                vlan { +                    members [ ssid-the-gathering aps-mgmt ]; +                } +            } +        } +    } +    mge-0/0/43 { +        description "C: AP - VLAN 777 untagged (mgmt) - VLAN 778 tagged"; +        native-vlan-id 777; +        unit 0 { +            family ethernet-switching { +                interface-mode trunk; +                vlan { +                    members [ ssid-the-gathering aps-mgmt ]; +                } +            } +        } +    } +    ae0 { +        description "B: d1.ring"; +        aggregated-ether-options { +            lacp { +                active; +            } +        } +        unit 0 { +            family ethernet-switching { +                interface-mode trunk; +                vlan { +                    members [ e1.noc edge-mgmt aps-mgmt ssid-the-gathering ]; +                } +            } +        } +    } +    irb { +        unit 666 { +            description "switch management"; +            family inet { +                filter { +                    input mgmt-v4; +                } +                address 151.216.131.2/25; +            } +            family inet6 { +                filter { +                    input mgmt-v6; +                } +                address 2a06:5841:f:20::2/64; +            } +        } +    } +    lo0 { +        unit 0 { +            family inet { +                filter { +                    input mgmt-v4; +                } +            } +            family inet6 { +                filter { +                    input mgmt-v6; +                } +            } +        } +    } +} +snmp { +    contact "<removed>"; +    community <removed> { +        authorization read-only; +        client-list-name mgmt; +    } +} +policy-options { +    prefix-list mgmt-v4 { +    } +    prefix-list mgmt-v6 { +    } +    /* Merged separate v4- og v6-lister */ +    prefix-list mgmt { +        apply-path "policy-options prefix-list <mgmt-v*> <*>"; +    } +} +firewall { +    family inet { +        filter mgmt-v4 { +            term accept-ssh { +                from { +                    source-prefix-list { +                        mgmt-v4; +                    } +                    destination-port 22; +                } +                then accept; +            } +            term discard-ssh { +                from { +                    destination-port 22; +                } +                then { +                    discard; +                } +            } +            term accept-all { +                then accept; +            } +        } +    } +    family inet6 { +        filter mgmt-v6 { +            term accept-ssh { +                from { +                    source-prefix-list { +                        mgmt-v6; +                    } +                    destination-port 22; +                } +                then accept; +            } +            term discard-ssh { +                from { +                    destination-port 22; +                } +                then discard; +            } +            term accept-all { +                then accept; +            } +        } +    } +} +routing-options { +    rib inet.0 { +        static { +            route 0.0.0.0/0 next-hop 151.216.131.1; +        } +    } +    rib inet6.0 { +        static { +            route ::/0 next-hop 2a06:5841:f:20::1; +        } +    } +} +protocols { +    lldp { +        port-id-subtype interface-name; +        port-description-type interface-description; +        interface uplink-ports; +        interface mge-0/0/40; +        interface mge-0/0/41; +        interface mge-0/0/42; +        interface mge-0/0/43; +    } +    lldp-med { +        interface mge-0/0/40; +        interface mge-0/0/41; +        interface mge-0/0/42; +        interface mge-0/0/43; +    } +    igmp-snooping { +        vlan all; +    } +    rstp { +        bridge-priority 32k; +        interface edge-ports { +            edge; +            no-root-port; +        } +    } +} +vlans { +    aps-mgmt { +        vlan-id 777; +    } +    e1.noc { +        vlan-id 200; +    } +    edge-mgmt { +        vlan-id 666; +        l3-interface irb.666; +    } +    ssid-the-gathering { +        vlan-id 778; +    } +} +poe { +    interface all { +        high-power; +    } +} | 
