[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Thu Feb 20 18:01:06 CST 2014
Index: core.alt.onenet.net
===================================================================
--- core.alt.onenet.net (revision 109196)
+++ core.alt.onenet.net (working copy)
@@ -324,14 +324,14 @@
#lo0.16384 up up
#lo0.16385 up up
#lsi up up
-#lsi.1102998 up up
-#lsi.1102999 up up
-#lsi.1103000 up up
-#lsi.1103001 up up
-#lsi.1103002 up up
-#lsi.1103003 up up
-#lsi.1103004 up up
-#lsi.1103005 up up
+#lsi.1103070 up up
+#lsi.1103071 up up
+#lsi.1103072 up up
+#lsi.1103073 up up
+#lsi.1103074 up up
+#lsi.1103075 up up
+#lsi.1103076 up up
+#lsi.1103077 up up
#mtun up up
#pimd up up
#pime up up
Index: core.mus.onenet.net
===================================================================
--- core.mus.onenet.net (revision 107324)
+++ core.mus.onenet.net (working copy)
@@ -260,8 +260,8 @@
#xe-0/0/1 up down
#xe-0/1/0 up down
#xe-0/1/1 up down
-#ge-0/2/0 up up
-#ge-0/2/0.0 up up
+#ge-0/2/0 up down
+#ge-0/2/0.0 up down
#lc-0/2/0 up up
#lc-0/2/0.32769 up up
#pfe-0/2/0 up up
@@ -1225,7 +1225,6 @@
{master}
# grnoc-mon at MUSKOGEE-MX480-RE0> show ospf neighbor
# Address Interface State ID Pri Dead
-# 164.58.245.10 ge-0/2/0.0 Full 164.58.199.94
# 164.58.245.205 xe-0/0/0.70 Full 164.58.199.224
#
# {master}
Index: core1.lan-mx80.onenet.net
===================================================================
--- core1.lan-mx80.onenet.net (revision 109204)
+++ core1.lan-mx80.onenet.net (working copy)
@@ -268,7 +268,7 @@
#lsi.1059516 up up
#lsi.1059685 up up
#lsi.1059872 up up
-#lsi.1060145 up up
+#lsi.1060154 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: core1.sti-mx960.onenet.net
===================================================================
--- core1.sti-mx960.onenet.net (revision 109207)
+++ core1.sti-mx960.onenet.net (working copy)
@@ -620,7 +620,7 @@
#lsi.1067817 up up
#lsi.1067818 up up
#lsi.1067819 up up
-#lsi.1068092 up up
+#lsi.1068101 up up
#mtun up up
#pimd up up
#pime up up
Index: core1.dc.onenet.net
===================================================================
--- core1.dc.onenet.net (revision 109200)
+++ core1.dc.onenet.net (working copy)
@@ -845,9 +845,9 @@
#lsi.1057672 up up
#lsi.1057714 up up
#lsi.1057901 up up
-#lsi.1057961 up up
#lsi.1057981 up up
-#lsi.1058176 up up
+#lsi.1058178 up up
+#lsi.1058186 up up
#mtun up up
#pimd up up
#pime up up
Index: core.ida.onenet.net
===================================================================
--- core.ida.onenet.net (revision 109197)
+++ core.ida.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at IDABEL-MX480-RE0> show system commit
+# 2014-02-20 17:25:22 CST by jeremyt via cli commit confirmed, rollback in 2mins synchronize
# 2014-02-20 16:35:18 CST by jeremyt via cli commit synchronize
# 2014-02-20 11:03:54 CST by josh via cli commit synchronize
# 2014-02-20 09:43:54 CST by andrew via cli commit confirmed, rollback in 2mins synchronize
# 2014-02-19 15:15:00 CST by josh via cli commit confirmed, rollback in 1mins synchronize
# 2014-02-19 15:06:51 CST by josh via cli commit synchronize
-# 2014-02-19 15:05:24 CST by josh via cli commit synchronize
# grnoc-mon at IDABEL-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -249,7 +249,7 @@
# grnoc-mon at IDABEL-MX480-RE0> show system uptime
# System booted: 2013-05-26 00:55 CDT
# Protocols started: 2013-05-26 01:13 CDT
-# Last configured: 2014-02-20 16:35 CST by jeremyt
+# Last configured: 2014-02-20 17:25 CST by jeremyt
#
# {master}
# grnoc-mon at IDABEL-MX480-RE0> show interface terse
@@ -329,7 +329,7 @@
#pp0 up up
#tap up up
# grnoc-mon at IDABEL-MX480-RE0> show configuration
-## Last commit: 2014-02-20 16:35:18 CST by jeremyt
+## Last commit: 2014-02-20 17:25:22 CST by jeremyt
version 11.4R7.5;
groups {
re0 {
@@ -895,13 +895,36 @@
164.58.244.0/22;
164.58.253.0/24;
}
- prefix-list joshie {
- apply-path "protocols bgp group <*> neighbor <*>";
+ prefix-list interfaces;
+ prefix-list PRE-MGMT-SOURCES {
+ 64.207.244.14/32;
+ 66.129.224.37/32;
+ 129.15.127.96/28;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
+ 164.58.244.0/22;
+ 164.58.253.0/24;
}
+ prefix-list PRE-RADIUS-SOURCES {
+ 156.110.31.11/32;
+ }
+ prefix-list PRE-NTP-SOURCES {
+ apply-path "system ntp server <*>";
+ }
+ prefix-list PRE-DNS-SOURCES {
+ apply-path "system name-server <*>";
+ }
+ prefix-list PRE-SNMP-SOURCES {
+ apply-path "snmp client-list snmp-management <1*>";
+ }
prefix-list PRE-LOCALIPv4-SOURCES {
apply-path "interfaces <*> unit <*> family inet address <*>";
}
- prefix-list interfaces;
+ prefix-list PRE-BGP-ALLOW {
+ apply-path "protocols bgp group <*> neighbor <*>";
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -1041,45 +1064,13 @@
firewall {
family inet {
filter PROTECT-RE {
- term OSPF-ALLOW {
- from {
- source-address {
- 164.58.199.0/24;
- 164.58.0.0/16;
- 156.110.0.0/16;
- }
- protocol ospf;
- }
- then accept;
- }
- term EBGP-ALLOW {
- from {
- prefix-list {
- EBGP-IPV4-NEIGHBORS;
- }
- protocol tcp;
- port 179;
- }
- then accept;
- }
- term IBGP-ALLOW {
- from {
- source-address {
- 164.58.199.216/32;
- 164.58.199.226/32;
- }
- protocol tcp;
- port 179;
- }
- then accept;
- }
term SSH-WEB-ALLOW {
from {
source-prefix-list {
- ALLOWED-MGMT-SOURCES;
+ PRE-MGMT-SOURCES;
}
protocol tcp;
- port ssh;
+ destination-port [ ssh http https ];
}
then accept;
}
@@ -1099,10 +1090,29 @@
discard;
}
}
+ term OSPF-ALLOW {
+ from {
+ source-prefix-list {
+ PRE-LOCALIPv4-SOURCES;
+ }
+ protocol ospf;
+ }
+ then accept;
+ }
+ term BGP-ALLOW {
+ from {
+ prefix-list {
+ PRE-BGP-ALLOW;
+ }
+ protocol tcp;
+ port 179;
+ }
+ then accept;
+ }
term RADIUS-ALLOW {
from {
- source-address {
- 156.110.31.11/32;
+ source-prefix-list {
+ PRE-RADIUS-SOURCES;
}
protocol [ udp tcp ];
port [ radius radacct ];
@@ -1111,8 +1121,8 @@
}
term NTP-ALLOW {
from {
- source-address {
- 164.58.3.98/32;
+ source-prefix-list {
+ PRE-NTP-SOURCES;
}
protocol udp;
port ntp;
@@ -1121,9 +1131,8 @@
}
term DOMAIN-ALLOW {
from {
- source-address {
- 164.58.253.10/32;
- 164.58.198.10/32;
+ source-prefix-list {
+ PRE-DNS-SOURCES;
}
port domain;
}
@@ -1132,7 +1141,7 @@
term SYSLOG-ALLOW {
from {
source-prefix-list {
- ALLOWED-MGMT-SOURCES;
+ PRE-MGMT-SOURCES;
}
port syslog;
}
@@ -1141,7 +1150,7 @@
term FTP-ALLOW {
from {
source-prefix-list {
- ALLOWED-MGMT-SOURCES;
+ PRE-MGMT-SOURCES;
}
port ftp;
}
@@ -1150,7 +1159,7 @@
term JSPACE-ALLOW {
from {
source-prefix-list {
- ALLOWED-MGMT-SOURCES;
+ PRE-MGMT-SOURCES;
}
source-port 7408;
}
@@ -1158,10 +1167,8 @@
}
term SNMP-ALLOW {
from {
- source-address {
- 164.58.253.0/24;
- 156.110.31.0/27;
- 156.110.31.32/28;
+ source-prefix-list {
+ PRE-SNMP-SOURCES;
}
protocol [ tcp udp ];
port [ snmp snmptrap ];
@@ -1170,19 +1177,16 @@
}
term LDP-ALLOW {
from {
- source-address {
- 164.58.0.0/16;
- 156.110.0.0/16;
+ source-prefix-list {
+ PRE-LOCALIPv4-SOURCES;
}
port ldp;
}
- then accept;
}
term PIM-ALLOW {
from {
- source-address {
- 164.58.0.0/16;
- 156.110.0.0/16;
+ source-prefix-list {
+ PRE-LOCALIPv4-SOURCES;
}
protocol pim;
}
@@ -1190,9 +1194,8 @@
}
term BFD-ALLOW {
from {
- source-address {
- 164.58.0.0/16;
- 156.110.0.0/16;
+ source-prefix-list {
+ PRE-LOCALIPv4-SOURCES;
}
protocol udp;
port [ 3784 3785 ];
Index: core1.nor.onenet.net
===================================================================
--- core1.nor.onenet.net (revision 109203)
+++ core1.nor.onenet.net (working copy)
@@ -450,7 +450,7 @@
#lsi.1056221 up up
#lsi.1056389 up up
#lsi.1056576 up up
-#lsi.1056849 up up
+#lsi.1056858 up up
#mtun up up
#pimd up up
#pime up up
Index: core1.okccc.onenet.net
===================================================================
--- core1.okccc.onenet.net (revision 109201)
+++ core1.okccc.onenet.net (working copy)
@@ -532,7 +532,7 @@
#lsi.1048583 up up
#lsi.1048584 up up
#lsi.1048771 up up
-#lsi.1049044 up up
+#lsi.1049053 up up
#mtun up up
#pimd up up
#pime up up
Index: core.law.onenet.net
===================================================================
--- core.law.onenet.net (revision 109198)
+++ core.law.onenet.net (working copy)
@@ -474,7 +474,7 @@
#lsi.1058664 up up
#lsi.1058703 up up
#lsi.1058853 up up
-#lsi.1059126 up up
+#lsi.1059135 up up
#mtun up up
#pimd up up
#pime up up
Index: core5.okc.onenet.net
===================================================================
--- core5.okc.onenet.net (revision 109202)
+++ core5.okc.onenet.net (working copy)
@@ -576,7 +576,7 @@
#lsi.1491894 up up
#lsi.1492062 up up
#lsi.1492249 up up
-#lsi.1492522 up up
+#lsi.1492531 up up
#lsi.1496838 up up
#lsi.2010116 up up
#mtun up up
Index: hub.alt.onenet.net
===================================================================
--- hub.alt.onenet.net (revision 109205)
+++ hub.alt.onenet.net (working copy)
@@ -308,8 +308,8 @@
#t1-2/0/2:15 up down
#t1-2/0/2:16 up up
#t1-2/0/2:16.0 up up
-#t1-2/0/2:17 up down
-#t1-2/0/2:17.0 up down
+#t1-2/0/2:17 up up
+#t1-2/0/2:17.0 up up
#t1-2/0/2:18 up up
#t1-2/0/2:18.0 up up
#t1-2/0/2:19 up up
@@ -1468,6 +1468,7 @@
# Address Interface State ID Pri Dead
# 164.58.244.49 ge-3/2/3.0 Full 164.58.199.27
# 164.58.244.198 t3-2/0/3.0 Full 164.58.199.187
+# 172.23.4.14 t1-2/0/2:17.0 Full 10.199.2.72
# 172.23.4.2 t1-2/0/2:6.0 Full 10.199.2.70
#
# {master}
Index: hub.mia.onenet.net
===================================================================
--- hub.mia.onenet.net (revision 109208)
+++ hub.mia.onenet.net (working copy)
@@ -442,7 +442,7 @@
#lsi.1053362 up up
#lsi.1053531 up up
#lsi.1053718 up up
-#lsi.1053991 up up
+#lsi.1054000 up up
#mtun up up
#pimd up up
#pime up up
Index: hub.mus.onenet.net
===================================================================
--- hub.mus.onenet.net (revision 109134)
+++ hub.mus.onenet.net (working copy)
@@ -401,8 +401,8 @@
#ge-2/2/1.307 up up
#ge-2/2/1.308 up up
#ge-2/2/1.32767 up up
-#ge-2/2/2 up up
-#ge-2/2/2.0 up up
+#ge-2/2/2 up down
+#ge-2/2/2.0 up down
#ge-2/2/3 up down
#gr-2/3/0 up up
#ip-2/3/0 up up
@@ -1786,7 +1786,6 @@
{master}
# grnoc-mon at MUSKOGEE-M120-RE0> show ospf neighbor
# Address Interface State ID Pri Dead
-# 164.58.245.9 ge-2/2/2.0 Full 164.58.199.95
# 164.58.245.145 ge-3/2/0.0 Full 164.58.199.90
# 164.58.1.254 ge-3/2/3.0 Full 164.58.199.110
# 172.23.0.226 lsq-2/3/0.9 Full 10.199.2.92
Index: hub.sal.onenet.net
===================================================================
--- hub.sal.onenet.net (revision 109209)
+++ hub.sal.onenet.net (working copy)
@@ -320,7 +320,7 @@
#t1-2/0/2:21.0 up up
#t1-2/0/2:22 up up
#t1-2/0/2:22.0 up up
-#t1-2/0/2:23 down up
+#t1-2/0/2:23 down down
#t1-2/0/2:23.0 up down
#t1-2/0/2:24 up down
#t1-2/0/2:25 up down
More information about the Nocrancid
mailing list