aboutsummaryrefslogtreecommitdiffstats
path: root/examples/tg23/netconfig/r1.stand.tg23.gathering.org.conf
diff options
context:
space:
mode:
Diffstat (limited to 'examples/tg23/netconfig/r1.stand.tg23.gathering.org.conf')
-rw-r--r--examples/tg23/netconfig/r1.stand.tg23.gathering.org.conf739
1 files changed, 739 insertions, 0 deletions
diff --git a/examples/tg23/netconfig/r1.stand.tg23.gathering.org.conf b/examples/tg23/netconfig/r1.stand.tg23.gathering.org.conf
new file mode 100644
index 0000000..5290d75
--- /dev/null
+++ b/examples/tg23/netconfig/r1.stand.tg23.gathering.org.conf
@@ -0,0 +1,739 @@
+## qfx5110-48s-4c
+## Last commit: 2023-04-08 00:12:59 CEST by olemathias
+version 21.2R3-S2.9;
+groups {
+ pvehosts {
+ interfaces {
+ <ae*> {
+ vlan-tagging;
+ encapsulation flexible-ethernet-services;
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ interface-mode trunk;
+ vlan {
+ members [ techvm vmhosts vms ];
+ }
+ }
+ }
+ }
+ }
+ }
+}
+system {
+ host-name r1.stand;
+ root-authentication {
+ encrypted-password "<removed>"; ## SECRET-DATA
+ }
+ commit synchronize;
+ login {
+ user api {
+ uid 2001;
+ class super-user;
+ authentication {
+ ssh-ed25519 "<removed>"; ## SECRET-DATA
+ }
+ }
+ user tech {
+ uid 2000;
+ class super-user;
+ authentication {
+ encrypted-password "<removed>"; ## SECRET-DATA
+ }
+ }
+ }
+ services {
+ ssh {
+ root-login deny;
+ no-tcp-forwarding;
+ protocol-version v2;
+ client-alive-count-max 2;
+ client-alive-interval 300;
+ connection-limit 50;
+ rate-limit 5;
+ }
+ netconf {
+ ssh {
+ port 830;
+ }
+ }
+ }
+ auto-snapshot;
+ domain-name tg23.gathering.org;
+ time-zone Europe/Oslo;
+ /* tacacs primary, failbacks to local users */
+ authentication-order tacplus;
+ ports {
+ console log-out-on-disconnect;
+ }
+ name-server {
+ 2a06:5841:f:d::101;
+ 2a06:5841:f:e::132;
+ }
+ tacplus-server {
+ <removed> {
+ secret "<removed>"; ## SECRET-DATA
+ source-address 185.110.148.1;
+ }
+ }
+ syslog {
+ user * {
+ any emergency;
+ }
+ host log.tg23.gathering.org {
+ any warning;
+ authorization info;
+ daemon warning;
+ user warning;
+ change-log any;
+ interactive-commands any;
+ match "!(.*License.*)";
+ allow-duplicates;
+ facility-override local7;
+ explicit-priority;
+ }
+ /* Oxidized syslog */
+ host 185.110.148.112 {
+ interactive-commands notice;
+ match UI_COMMIT_COMPLETED;
+ source-address 185.110.148.1;
+ }
+ /* Local logging of all user-commands typed in the CLI */
+ file interactive-commands {
+ interactive-commands any;
+ match "UI_CMDLINE_READ_LINE|UI_COMMIT_COMPLETED";
+ }
+ /* Local logging of syslog message */
+ file messages {
+ any notice;
+ authorization info;
+ /* Fjerner mye graps i loggene */
+ match "!(.*License.*|.*EX-BCM PIC.*|.*mojito_i2c_read.*|.*qsfp_tk_read_mem_page.*)";
+ }
+ }
+ ntp {
+ /* ntp.uio.no */
+ server 2001:700:100:2::6;
+ }
+}
+chassis {
+ redundancy {
+ graceful-switchover;
+ }
+ aggregated-devices {
+ ethernet {
+ device-count 40;
+ }
+ }
+ alarm {
+ management-ethernet {
+ link-down ignore;
+ }
+ }
+}
+interfaces {
+ interface-range all-ports {
+ member ge-*/*/*;
+ member xe-*/*/*;
+ member et-*/*/*;
+ }
+ xe-0/0/0 {
+ description "C: speilegg enp101s0f0 (ae11)";
+ gigether-options {
+ 802.3ad ae11;
+ }
+ }
+ xe-0/0/1 {
+ description "C: speilegg enp101s1f0 (ae11)";
+ gigether-options {
+ 802.3ad ae11;
+ }
+ }
+ xe-0/0/2 {
+ description "C: punchknapp enp101s0f0 (ae12)";
+ gigether-options {
+ 802.3ad ae12;
+ }
+ }
+ xe-0/0/3 {
+ description "C: punchknapp enp101s1f0 (ae12)";
+ gigether-options {
+ 802.3ad ae12;
+ }
+ }
+ xe-0/0/4 {
+ description "C: sorbis enp101s0f0 (ae13)";
+ gigether-options {
+ 802.3ad ae13;
+ }
+ }
+ xe-0/0/5 {
+ description "C: sorbis enp101s1f0 (ae13)";
+ gigether-options {
+ 802.3ad ae13;
+ }
+ }
+ xe-0/0/6 {
+ description "C: hobby enp101s0f0 (ae14)";
+ gigether-options {
+ 802.3ad ae14;
+ }
+ }
+ xe-0/0/7 {
+ description "C: hobby enp101s1f0 (ae14)";
+ gigether-options {
+ 802.3ad ae14;
+ }
+ }
+ xe-0/0/8 {
+ description "C: dumle enp101s0f0 (ae15)";
+ gigether-options {
+ 802.3ad ae15;
+ }
+ }
+ xe-0/0/9 {
+ description "C: dumle enp101s1f0 (ae15)";
+ gigether-options {
+ 802.3ad ae15;
+ }
+ }
+ xe-0/0/10 {
+ description "C: krokodille (storage) (ae3)";
+ gigether-options {
+ 802.3ad ae3;
+ }
+ }
+ xe-0/0/11 {
+ description "C: krokodille (storage) (ae3)";
+ gigether-options {
+ 802.3ad ae3;
+ }
+ }
+ xe-0/0/12 {
+ description "C: rekrutt (GPU) (ae7)";
+ gigether-options {
+ 802.3ad ae7;
+ }
+ }
+ xe-0/0/13 {
+ description "C: rekrutt (GPU) (ae7)";
+ gigether-options {
+ 802.3ad ae7;
+ }
+ }
+ xe-0/0/42 {
+ description "C: TGHACK 1";
+ gigether-options {
+ 802.3ad ae4;
+ }
+ }
+ xe-0/0/43 {
+ description "C: TGHACK 2";
+ gigether-options {
+ 802.3ad ae5;
+ }
+ }
+ xe-0/0/44 {
+ description "C: TGHACK 3";
+ gigether-options {
+ 802.3ad ae6;
+ }
+ }
+ xe-0/0/45 {
+ description "C: Unes";
+ gigether-options {
+ 802.3ad ae9;
+ }
+ }
+ et-0/0/48 {
+ description "G: r1.tele et-4/0/2 (ae0)";
+ gigether-options {
+ 802.3ad ae0;
+ }
+ }
+ xe-1/0/0 {
+ description "C: speilegg enp101s0f1 (ae11)";
+ gigether-options {
+ 802.3ad ae11;
+ }
+ }
+ xe-1/0/1 {
+ description "C: speilegg enp101s1f1 (ae11)";
+ gigether-options {
+ 802.3ad ae11;
+ }
+ }
+ xe-1/0/2 {
+ description "C: punchknapp enp101s0f1 (ae12)";
+ gigether-options {
+ 802.3ad ae12;
+ }
+ }
+ xe-1/0/3 {
+ description "C: punchknapp enp101s1f1 (ae12)";
+ gigether-options {
+ 802.3ad ae12;
+ }
+ }
+ xe-1/0/4 {
+ description "C: sorbis enp101s0f1 (ae13)";
+ gigether-options {
+ 802.3ad ae13;
+ }
+ }
+ xe-1/0/5 {
+ description "C: sorbis enp101s1f1 (ae13)";
+ gigether-options {
+ 802.3ad ae13;
+ }
+ }
+ xe-1/0/6 {
+ description "C: hobby enp101s0f1 (ae14)";
+ gigether-options {
+ 802.3ad ae14;
+ }
+ }
+ xe-1/0/7 {
+ description "C: hobby enp101s1f1 (ae14)";
+ gigether-options {
+ 802.3ad ae14;
+ }
+ }
+ xe-1/0/8 {
+ description "C: dumle enp101s0f1 (ae15)";
+ gigether-options {
+ 802.3ad ae15;
+ }
+ }
+ xe-1/0/9 {
+ description "C: dumle enp101s1f1 (ae15)";
+ gigether-options {
+ 802.3ad ae15;
+ }
+ }
+ xe-1/0/10 {
+ description "C: krokodille (storage) (ae3)";
+ gigether-options {
+ 802.3ad ae3;
+ }
+ }
+ xe-1/0/11 {
+ description "C: krokodille (storage) (ae3)";
+ gigether-options {
+ 802.3ad ae3;
+ }
+ }
+ xe-1/0/12 {
+ description "C: rekrutt (GPU) (ae7)";
+ gigether-options {
+ 802.3ad ae7;
+ }
+ }
+ xe-1/0/13 {
+ description "C: rekrutt (GPU) (ae7)";
+ gigether-options {
+ 802.3ad ae7;
+ }
+ }
+ xe-1/0/42 {
+ description "C: TGHACK 1";
+ gigether-options {
+ 802.3ad ae4;
+ }
+ }
+ xe-1/0/43 {
+ description "C: TGHACK 2";
+ gigether-options {
+ 802.3ad ae5;
+ }
+ }
+ xe-1/0/44 {
+ description "C: TGHACK 3";
+ gigether-options {
+ 802.3ad ae6;
+ }
+ }
+ xe-1/0/45 {
+ description "C: Unes";
+ gigether-options {
+ 802.3ad ae9;
+ }
+ }
+ et-1/0/48 {
+ description "G: r1.tele et-5/0/2 (ae0)";
+ gigether-options {
+ 802.3ad ae0;
+ }
+ }
+ ae0 {
+ description "B: r1.tele ae12";
+ aggregated-ether-options {
+ lacp {
+ active;
+ periodic fast;
+ }
+ }
+ unit 0 {
+ family inet {
+ address 185.110.148.161/31;
+ }
+ family inet6 {
+ address 2a06:5841:f:100::2/64;
+ }
+ }
+ }
+ ae3 {
+ description "C: krokodille (storage) bond0";
+ flexible-vlan-tagging;
+ encapsulation flexible-ethernet-services;
+ aggregated-ether-options {
+ lacp {
+ active;
+ periodic fast;
+ }
+ }
+ unit 100 {
+ description "C: krokodille vm-host";
+ vlan-tags outer 100;
+ family inet {
+ address 185.110.148.34/31;
+ }
+ family inet6 {
+ address 2a06:5841:f:b::2/127;
+ }
+ }
+ unit 101 {
+ description "C: krokodille vms";
+ vlan-tags outer 101;
+ family inet {
+ address 151.216.248.129/28;
+ }
+ family inet6 {
+ address 2a06:5841:100:2::1/64;
+ }
+ }
+ }
+ ae4 {
+ description "C: Crew-server (TG:Hack) 1";
+ aggregated-ether-options {
+ lacp {
+ active;
+ periodic fast;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ interface-mode access;
+ vlan {
+ members tghack;
+ }
+ }
+ }
+ }
+ ae5 {
+ description "C: Crew-server (TG:Hack) 2";
+ aggregated-ether-options {
+ lacp {
+ active;
+ periodic fast;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ interface-mode access;
+ vlan {
+ members tghack;
+ }
+ }
+ }
+ }
+ ae6 {
+ description "C: Crew-server (TG:Hack) 3";
+ aggregated-ether-options {
+ lacp {
+ active;
+ periodic fast;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ interface-mode access;
+ vlan {
+ members tghack;
+ }
+ }
+ }
+ }
+ ae7 {
+ description "C: rekrutt (GPU) bond0";
+ aggregated-ether-options {
+ lacp {
+ active;
+ periodic fast;
+ }
+ }
+ unit 0 {
+ description "C: rekrutt";
+ family inet {
+ address 151.216.248.145/28;
+ }
+ family inet6 {
+ address 2a06:5841:100:3::1/64;
+ }
+ }
+ }
+ ae9 {
+ description "C: Crew-server (Unes)";
+ aggregated-ether-options {
+ lacp {
+ active;
+ periodic fast;
+ }
+ }
+ unit 0 {
+ family inet {
+ address 151.216.252.33/27;
+ }
+ family inet6 {
+ address 2a06:5841:200:b::1/64;
+ }
+ }
+ }
+ ae11 {
+ apply-groups pvehosts;
+ description "C: speilegg bond0";
+ }
+ ae12 {
+ apply-groups pvehosts;
+ description "C: punchknapp bond0";
+ }
+ ae13 {
+ apply-groups pvehosts;
+ description "C: sorbis bond0";
+ }
+ ae14 {
+ apply-groups pvehosts;
+ description "C: hobby bond0";
+ }
+ ae15 {
+ apply-groups pvehosts;
+ description "C: dumle bond0";
+ }
+ irb {
+ unit 100 {
+ family inet {
+ address 185.110.148.65/27;
+ }
+ family inet6 {
+ address 2a06:5841:f:c::1/64;
+ }
+ }
+ unit 101 {
+ family inet {
+ address 185.110.148.129/27;
+ }
+ family inet6 {
+ address 2a06:5841:f:e::1/64;
+ }
+ }
+ unit 102 {
+ family inet {
+ address 151.216.249.1/24;
+ }
+ family inet6 {
+ address 2a06:5841:100:1::1/64;
+ }
+ }
+ unit 200 {
+ family inet {
+ address 151.216.252.1/27;
+ }
+ family inet6 {
+ address 2a06:5841:200:a::1/64;
+ }
+ }
+ }
+ lo0 {
+ unit 0 {
+ family inet {
+ filter {
+ input mgmt-v4;
+ }
+ address 185.110.148.1/32;
+ }
+ family inet6 {
+ filter {
+ input mgmt-v6;
+ }
+ address 2a06:5841:f:a::1/128;
+ }
+ }
+ }
+}
+snmp {
+ contact "<removed>";
+ community <removed> {
+ authorization read-only;
+ client-list-name mgmt;
+ }
+}
+policy-options {
+ prefix-list mgmt-v4 {
+ }
+ prefix-list mgmt-v6 {
+ }
+ /* Merged separate v4- og v6-lister */
+ prefix-list mgmt {
+ apply-path "policy-options prefix-list <mgmt-v*> <*>";
+ }
+ policy-statement direct-to-ospf {
+ from protocol direct;
+ then {
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ policy-statement static-to-ospf {
+ from protocol static;
+ then {
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+}
+firewall {
+ family inet {
+ filter 20G-POLICER-V4-FILTER {
+ term A {
+ then policer 20G-POLICER;
+ }
+ }
+ filter mgmt-v4 {
+ term accept-ssh {
+ from {
+ source-prefix-list {
+ mgmt-v4;
+ }
+ destination-port 22;
+ }
+ then accept;
+ }
+ term discard-ssh {
+ from {
+ destination-port 22;
+ }
+ then {
+ discard;
+ }
+ }
+ term accept-all {
+ then accept;
+ }
+ }
+ }
+ family inet6 {
+ filter 20G-POLICER-V6-FILTER {
+ term A {
+ then policer 20G-POLICER;
+ }
+ }
+ filter mgmt-v6 {
+ term accept-ssh {
+ from {
+ source-prefix-list {
+ mgmt-v6;
+ }
+ destination-port 22;
+ }
+ then accept;
+ }
+ term discard-ssh {
+ from {
+ destination-port 22;
+ }
+ then discard;
+ }
+ term accept-all {
+ then accept;
+ }
+ }
+ }
+ policer 20G-POLICER {
+ filter-specific;
+ if-exceeding {
+ bandwidth-limit 20g;
+ burst-size-limit 100m;
+ }
+ then discard;
+ }
+}
+routing-options {
+ nonstop-routing;
+}
+protocols {
+ ospf3 {
+ realm ipv4-unicast {
+ area 0.0.0.0 {
+ interface ae0.0;
+ }
+ export [ direct-to-ospf static-to-ospf ];
+ }
+ area 0.0.0.0 {
+ interface ae0.0;
+ }
+ export [ direct-to-ospf static-to-ospf ];
+ reference-bandwidth 1000g;
+ }
+ lldp {
+ port-id-subtype interface-name;
+ port-description-type interface-description;
+ interface all;
+ }
+ igmp-snooping {
+ vlan all;
+ }
+ rstp {
+ bridge-priority 4k;
+ }
+}
+poe {
+ interface all;
+}
+virtual-chassis {
+ preprovisioned;
+ no-split-detection;
+ member 0 {
+ role routing-engine;
+ serial-number <removed>;
+ }
+ member 1 {
+ role routing-engine;
+ serial-number <removed>;
+ }
+}
+vlans {
+ techvm {
+ vlan-id 101;
+ l3-interface irb.101;
+ }
+ tghack {
+ vlan-id 200;
+ l3-interface irb.200;
+ }
+ vmhosts {
+ vlan-id 100;
+ l3-interface irb.100;
+ }
+ vms {
+ vlan-id 102;
+ l3-interface irb.102;
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-26 17:42:10 +0000