[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Mon Jul 7 12:02:19 CDT 2014
Index: configs/swi.odot.dun.onenet.net
===================================================================
--- configs/swi.odot.dun.onenet.net (revision 117626)
+++ configs/swi.odot.dun.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at swi.odot.dun.onenet.net> show system commit
+# 2014-07-07 11:07:42 CDT by jeremyt via cli commit confirmed, rollback in 2mins
# 2014-07-07 10:47:59 CDT by jeremyt via cli
# 2014-07-07 10:47:09 CDT by jeremyt via cli commit confirmed, rollback in 1mins
# 2014-07-07 09:31:49 CDT by root via other
# 2014-07-07 09:29:08 CDT by andrew via cli commit confirmed, rollback in 2mins
# 2014-07-02 15:55:53 CDT by rnordmark via cli
-# 2014-07-02 15:54:10 CDT by rnordmark via cli commit confirmed, rollback in 5mins
# grnoc-mon at swi.odot.dun.onenet.net> show chassis environment
# Class Item Status Measurement
# Power FPC 0 Power Supply 0 OK
@@ -154,7 +154,7 @@
# --------------------------------------------------------------------------
# System booted: 2014-05-07 12:20 CDT
# Protocols started: 2014-05-07 12:23 CDT
-# Last configured: 2014-07-07 10:47 CDT by jeremyt
+# Last configured: 2014-07-07 11:07 CDT by jeremyt
#
# {master:0}
# grnoc-mon at swi.odot.dun.onenet.net> show interface terse
@@ -209,7 +209,7 @@
#vlan.345 up up
#vme up down
# grnoc-mon at swi.odot.dun.onenet.net> show configuration
-## Last commit: 2014-07-07 10:47:59 CDT by jeremyt
+## Last commit: 2014-07-07 11:07:42 CDT by jeremyt
version 12.3R3.4;
system {
host-name swi.odot.dun.onenet.net;
@@ -355,6 +355,9 @@
lo0 {
unit 0 {
family inet {
+ filter {
+ input PROTECT-RE;
+ }
address 164.58.199.198/32;
address 127.0.0.1/32;
}
@@ -434,42 +437,15 @@
prefix-list MGMT {
156.110.31.0/27;
156.110.31.32/28;
+ 156.110.72.0/24;
+ 164.58.3.98/32;
164.58.10.0/24;
- 164.58.12.233/32;
164.58.15.0/24;
- 164.58.244.0/22;
- 164.58.247.209/32;
+ 164.58.199.0/24;
+ 164.58.244.0/23;
+ 164.58.247.0/24;
164.58.253.0/24;
}
- prefix-list PRE-MGMT-SOURCES {
- 64.207.244.14/32;
- 66.129.224.37/32;
- 129.15.127.96/28;
- 156.110.31.0/27;
- 156.110.31.32/28;
- 164.58.10.0/24;
- 164.58.15.0/24;
- 164.58.244.0/22;
- 164.58.253.0/24;
- }
- prefix-list PRE-RADIUS-SOURCES {
- apply-path "system radius-server <*>";
- }
- prefix-list PRE-NTP-SOURCES {
- apply-path "system ntp server <*>";
- }
- prefix-list PRE-DNS-SOURCES {
- apply-path "system name-server <*>";
- }
- prefix-list PRE-SNMP-SOURCES {
- apply-path "snmp client-list snmp-management <1*>";
- }
- prefix-list PRE-LOCALIPv4-SOURCES {
- apply-path "interfaces <*> unit <*> family inet address <*>";
- }
- prefix-list PRE-L0-SOURCES {
- apply-path "interfaces lo0 unit <*> family inet address <164.*>";
- }
policy-statement REDISTRIBUTE-DIRECTS {
term 1 {
from protocol direct;
@@ -486,148 +462,14 @@
firewall {
family inet {
filter PROTECT-RE {
- term SSH-ALLOW {
+ term 1 {
from {
- protocol tcp;
- destination-port ssh;
- }
- then accept;
- }
- term FIRST-FRAG {
- from {
- ##
- ## Warning: statement ignored: unsupported platform (ex2200-24t-4g)
- ##
- first-fragment;
- }
- then {
- discard;
- }
- }
- term NEXT-FRAG {
- from {
- is-fragment;
- }
- then {
- discard;
- }
- }
- term OSPF-ALLOW {
- from {
source-prefix-list {
- PRE-LOCALIPv4-SOURCES;
+ MGMT;
}
- protocol ospf;
}
then accept;
}
- term RADIUS-ALLOW {
- from {
- source-prefix-list {
- PRE-RADIUS-SOURCES;
- }
- protocol [ udp tcp ];
- ##
- ## Warning: statement ignored: unsupported platform (ex2200-24t-4g)
- ##
- port [ radius radacct ];
- }
- then accept;
- }
- term NTP-ALLOW {
- from {
- source-prefix-list {
- PRE-NTP-SOURCES;
- PRE-L0-SOURCES;
- }
- protocol udp;
- ##
- ## Warning: statement ignored: unsupported platform (ex2200-24t-4g)
- ##
- port ntp;
- }
- then accept;
- }
- term DOMAIN-ALLOW {
- from {
- source-prefix-list {
- PRE-DNS-SOURCES;
- }
- ##
- ## Warning: statement ignored: unsupported platform (ex2200-24t-4g)
- ##
- port domain;
- }
- then accept;
- }
- term SYSLOG-ALLOW {
- from {
- source-prefix-list {
- PRE-MGMT-SOURCES;
- }
- ##
- ## Warning: statement ignored: unsupported platform (ex2200-24t-4g)
- ##
- port syslog;
- }
- then accept;
- }
- term FTP-ALLOW {
- from {
- source-prefix-list {
- PRE-MGMT-SOURCES;
- }
- ##
- ## Warning: statement ignored: unsupported platform (ex2200-24t-4g)
- ##
- port ftp;
- }
- then accept;
- }
- term JSPACE-ALLOW {
- from {
- source-prefix-list {
- PRE-MGMT-SOURCES;
- }
- source-port 7408;
- }
- then accept;
- }
- term SNMP-ALLOW {
- from {
- source-prefix-list {
- PRE-SNMP-SOURCES;
- }
- protocol [ tcp udp ];
- ##
- ## Warning: statement ignored: unsupported platform (ex2200-24t-4g)
- ##
- port [ snmp snmptrap ];
- }
- then accept;
- }
- term PIM-ALLOW {
- from {
- source-prefix-list {
- PRE-LOCALIPv4-SOURCES;
- }
- protocol pim;
- }
- then accept;
- }
- term BFD-ALLOW {
- from {
- source-prefix-list {
- PRE-LOCALIPv4-SOURCES;
- }
- protocol udp;
- ##
- ## Warning: statement ignored: unsupported platform (ex2200-24t-4g)
- ##
- port [ 3784 3785 ];
- }
- then accept;
- }
term ICMP-ALLOW {
from {
protocol icmp;
@@ -635,32 +477,11 @@
}
then accept;
}
- term TRACEROUTE-ALLOW {
- from {
- protocol udp;
- destination-port 33434-33523;
- }
- then accept;
- }
- term DENY-SERVICES-INBOUND {
- from {
- destination-port [ ssh telnet http https snmp ntp domain ];
- }
+ term Reject {
then {
discard;
}
}
- term SERVICES-OUTBOUND {
- from {
- source-port [ ssh telnet ];
- }
- then accept;
- }
- term DENY_ALL {
- then {
- discard;
- }
- }
}
}
}
Index: configs/hub.dur.onenet.net
===================================================================
--- configs/hub.dur.onenet.net (revision 117617)
+++ configs/hub.dur.onenet.net (working copy)
@@ -344,22 +344,22 @@
#t1-2/0/3:4 up down
#t1-2/0/3:5 down down
#t1-2/0/3:6 down down
-#t1-2/0/3:7 up down
-#t1-2/0/3:7.0 up down
-#t1-2/0/3:8 up down
-#t1-2/0/3:8.0 up down
+#t1-2/0/3:7 up up
+#t1-2/0/3:7.0 up up
+#t1-2/0/3:8 up up
+#t1-2/0/3:8.0 up up
#t1-2/0/3:9 down down
#t1-2/0/3:10 down down
-#t1-2/0/3:11 up down
-#t1-2/0/3:11.0 up down
+#t1-2/0/3:11 up up
+#t1-2/0/3:11.0 up up
#t1-2/0/3:12 up up
#t1-2/0/3:12.0 up up
#t1-2/0/3:13 up down
#t1-2/0/3:13.0 up down
#t1-2/0/3:14 down down
#t1-2/0/3:15 down down
-#t1-2/0/3:16 up down
-#t1-2/0/3:16.0 up down
+#t1-2/0/3:16 up up
+#t1-2/0/3:16.0 up up
#t1-2/0/3:17 down down
#t1-2/0/3:18 down down
#t1-2/0/3:19 down down
@@ -397,7 +397,7 @@
#lsq-2/3/0.5 up up
#lsq-2/3/0.9 up up
#lsq-2/3/0.10 up up
-#lsq-2/3/0.20 up down
+#lsq-2/3/0.20 up up
#lsq-2/3/0.21 up up
#mt-2/3/0 up up
#pd-2/3/0 up up
Index: configs/core3.okc-m120.onenet.net
===================================================================
--- configs/core3.okc-m120.onenet.net (revision 117626)
+++ configs/core3.okc-m120.onenet.net (working copy)
@@ -1526,8 +1526,8 @@
#t1-4/0/0:27 down down
#t1-4/0/0:28 down down
#ct3-4/0/1 up up
-#t1-4/0/1:1 up down
-#t1-4/0/1:1.0 up down
+#t1-4/0/1:1 up up
+#t1-4/0/1:1.0 up up
#t1-4/0/1:2 up down
#t1-4/0/1:2.0 up down
#t1-4/0/1:3 down down
Index: configs/core5.tul.onenet.net
===================================================================
--- configs/core5.tul.onenet.net (revision 117535)
+++ configs/core5.tul.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TULSA-CORE5-MX480-RE0> show system commit
+# 2014-07-07 11:20:41 CDT by donnie via cli commit synchronize
# 2014-07-03 15:12:29 CDT by donnie via cli commit synchronize
# 2014-07-01 15:23:54 CDT by joel via cli commit synchronize
# 2014-06-26 13:39:04 CDT by donnie via cli commit synchronize
# 2014-06-26 13:27:22 CDT by donnie via cli commit synchronize
# 2014-06-26 11:05:01 CDT by donnie via cli commit synchronize
-# 2014-06-23 10:43:51 CDT by joel via cli commit synchronize
# grnoc-mon at TULSA-CORE5-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -379,7 +379,7 @@
# grnoc-mon at TULSA-CORE5-MX480-RE0> show system uptime
# System booted: 2013-04-27 23:43 CDT
# Protocols started: 2013-04-27 23:45 CDT
-# Last configured: 2014-07-03 15:12 CDT by donnie
+# Last configured: 2014-07-07 11:20 CDT by donnie
#
# {master}
# grnoc-mon at TULSA-CORE5-MX480-RE0> show interface terse
@@ -580,7 +580,7 @@
#pp0 up up
#tap up up
# grnoc-mon at TULSA-CORE5-MX480-RE0> show configuration
-## Last commit: 2014-07-03 15:12:29 CDT by donnie
+## Last commit: 2014-07-07 11:20:41 CDT by donnie
version 11.4R7.5;
groups {
re0 {
@@ -972,7 +972,7 @@
}
}
ge-0/3/2 {
- description "NNI to MBO | CIR000XXXX";
+ description "NNI to MBO - TUL - | CIR000XXXX";
vlan-tagging;
encapsulation flexible-ethernet-services;
gigether-options {
Index: configs/hub.ard.onenet.net
===================================================================
--- configs/hub.ard.onenet.net (revision 117592)
+++ configs/hub.ard.onenet.net (working copy)
@@ -333,8 +333,8 @@
#t1-2/0/3:2 down down
#t1-2/0/3:3 up up
#t1-2/0/3:3.0 up up
-#t1-2/0/3:4 up down
-#t1-2/0/3:4.0 up down
+#t1-2/0/3:4 up up
+#t1-2/0/3:4.0 up up
#t1-2/0/3:5 up down
#t1-2/0/3:5.0 up down
#t1-2/0/3:6 up up
More information about the Nocrancid
mailing list