[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Tue Nov 4 17:02:17 CST 2014
Index: configs/cor.cai.hart-acx2100.onenet.net
===================================================================
--- configs/cor.cai.hart-acx2100.onenet.net (revision 121101)
+++ configs/cor.cai.hart-acx2100.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> show system commit
-# 2014-11-04 14:13:36 CST by andrew via cli
-# 2014-11-04 14:13:07 CST by andrew via cli commit confirmed, rollback in 2mins
-# 2014-11-04 13:58:14 CST by andrew via cli
-# 2009-12-31 19:28:57 CST by root via cli
-# 2009-12-31 19:24:36 CST by root via cli
-# 2009-12-31 19:18:50 CST by root via cli
+# 2014-11-04 16:59:44 CST by rnordmark via cli
+# 2014-11-04 16:58:26 CST by rnordmark via cli commit confirmed, rollback in 5mins
+# 2014-11-04 16:57:22 CST by rnordmark via cli
+# 2014-11-04 16:52:50 CST by rnordmark via cli commit confirmed, rollback in 5mins
+# 2014-11-04 16:50:19 CST by rnordmark via cli commit confirmed, rollback in 5mins
+# 2014-11-04 16:49:32 CST by rnordmark via cli commit confirmed, rollback in 5mins
# grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> show chassis environment
# Class Item Status Measurement
# PCB Left OK
@@ -156,7 +156,7 @@
# grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> show system uptime
# System booted: 2014-11-04 13:19 CST
# Protocols started: 2014-11-04 13:20 CST
-# Last configured: 2014-11-04 14:13 CST by andrew
+# Last configured: 2014-11-04 16:59 CST by rnordmark
#
# grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> show interface terse
#Interface Admin Link
@@ -211,7 +211,7 @@
#pime up up
#tap up up
# grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> show configuration
-## Last commit: 2014-11-04 14:13:36 CST by andrew
+## Last commit: 2014-11-04 16:59:44 CST by rnordmark
version 12.3X54-D10.6;
system {
host-name HARTSHORNE-PUBLIC-LIBRARY-ACX2100;
@@ -447,6 +447,9 @@
lo0 {
unit 0 {
family inet {
+ filter {
+ input PROTECT-RE;
+ }
address 164.58.199.165/32;
}
family inet6 {
@@ -683,6 +686,218 @@
community HARTSHORNE members 5078:165;
community SEPLS-VPN members target:5078:2533;
}
+firewall {
+ family inet {
+ filter PROTECT-RE {
+ term SSH-ALLOW {
+ from {
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
+ }
+ protocol tcp;
+ destination-port ssh;
+ }
+ then accept;
+ }
+ term FIRST-FRAG {
+ from {
+ first-fragment;
+ }
+ then {
+ discard;
+ }
+ }
+ term NEXT-FRAG {
+ from {
+ is-fragment;
+ }
+ then {
+ discard;
+ }
+ }
+ term BGP-ALLOW {
+ from {
+ source-address {
+ 164.58.199.226/32;
+ 164.58.199.216/32;
+ }
+ protocol tcp;
+ source-port 179;
+ }
+ then accept;
+ }
+ term RADIUS-ALLOW {
+ from {
+ source-address {
+ 156.110.31.11/32;
+ }
+ protocol [ udp tcp ];
+ source-port [ 1812 1813 ];
+ }
+ then accept;
+ }
+ term OSPF-ALLOW {
+ from {
+ source-address {
+ 164.58.244.0/22;
+ }
+ protocol ospf;
+ }
+ then accept;
+ }
+ term NTP-ALLOW {
+ from {
+ source-address {
+ 164.58.3.98/32;
+ 164.58.199.0/24;
+ }
+ protocol udp;
+ source-port [ ntp 123 ];
+ destination-port 123;
+ }
+ then accept;
+ }
+ term DOMAIN-ALLOW {
+ from {
+ source-address {
+ 164.58.253.10/32;
+ 164.58.198.10/32;
+ }
+ source-port domain;
+ destination-port domain;
+ }
+ then accept;
+ }
+ term SYSLOG-ALLOW {
+ from {
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
+ }
+ source-port syslog;
+ destination-port syslog;
+ }
+ then accept;
+ }
+ term FTP-ALLOW {
+ from {
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
+ }
+ source-port ftp;
+ destination-port ftp;
+ }
+ then accept;
+ }
+ term JSPACE-ALLOW {
+ from {
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
+ }
+ source-port 7408;
+ }
+ then accept;
+ }
+ term SNMP-ALLOW {
+ from {
+ source-address {
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.253.0/24;
+ }
+ protocol [ tcp udp ];
+ source-port [ snmp snmptrap ];
+ destination-port [ snmp snmptrap ];
+ }
+ then accept;
+ }
+ term LDP-ALLOW {
+ from {
+ source-address {
+ 164.58.244.0/22;
+ }
+ source-port ldp;
+ destination-port ldp;
+ }
+ then accept;
+ }
+ term PIM-ALLOW {
+ from {
+ source-address {
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ protocol pim;
+ }
+ then accept;
+ }
+ term BFD-ALLOW {
+ from {
+ source-address {
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ protocol udp;
+ source-port [ 3784 3785 ];
+ destination-port [ 3784 3785 ];
+ }
+ then accept;
+ }
+ term ICMP-ALLOW {
+ from {
+ protocol icmp;
+ icmp-type [ echo-reply echo-request unreachable time-exceeded ];
+ }
+ then accept;
+ }
+ term TRACEROUTE-ALLOW {
+ from {
+ protocol udp;
+ destination-port 33434-33523;
+ }
+ then accept;
+ }
+ term DENY-SERVICES-INBOUND {
+ from {
+ destination-port [ ssh telnet http https snmp ntp domain ];
+ }
+ then {
+ discard;
+ }
+ }
+ term SERVICES-OUTBOUND {
+ from {
+ source-port [ ssh telnet ];
+ }
+ then accept;
+ }
+ term DENY_ALL {
+ then {
+ discard;
+ }
+ }
+ }
+ }
+}
routing-instances {
SEPLS-L3VPN {
description SEPLS-L3VPN;
Index: configs/core4.okc.onenet.net
===================================================================
--- configs/core4.okc.onenet.net (revision 121103)
+++ configs/core4.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE4-MX480-RE0> show system commit
+# 2014-11-04 16:43:29 CST by sky via cli commit synchronize
+# 2014-11-04 16:37:54 CST by sky via cli commit synchronize
# 2014-11-04 14:24:39 CST by joel via cli commit synchronize
# 2014-11-04 14:13:11 CST by joel via cli commit synchronize
# 2014-11-04 12:18:32 CST by joel via cli commit synchronize
# 2014-10-31 23:30:47 CDT by andrew via cli commit synchronize
-# 2014-10-31 22:54:45 CDT by andrew via cli commit synchronize
-# 2014-10-31 22:53:59 CDT by andrew via cli commit synchronize
# grnoc-mon at OKC-CORE4-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -418,7 +418,7 @@
# grnoc-mon at OKC-CORE4-MX480-RE0> show system uptime
# System booted: 2014-09-16 23:49 CDT
# Protocols started: 2014-09-16 23:51 CDT
-# Last configured: 2014-11-04 14:24 CST by joel
+# Last configured: 2014-11-04 16:43 CST by sky
#
# {master}
# grnoc-mon at OKC-CORE4-MX480-RE0> show interface terse
@@ -712,6 +712,8 @@
#xe-2/0/1.870 up up
#xe-2/0/1.871 up up
#xe-2/0/1.873 up up
+#xe-2/0/1.874 up up
+#xe-2/0/1.875 up up
#xe-2/0/1.32767 up up
#xe-2/1/0 up up
#xe-2/1/0.500 up up
@@ -765,7 +767,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE4-MX480-RE0> show configuration
-## Last commit: 2014-11-04 14:24:39 CST by joel
+## Last commit: 2014-11-04 16:43:29 CST by sky
version 12.3R7.7;
groups {
re0 {
@@ -3005,6 +3007,14 @@
}
}
}
+ unit 874 {
+ description "TAGNET-2616-CHICKASHA-10M-CIR0006020 [ORDERED]";
+ vlan-id 874;
+ }
+ unit 875 {
+ description "TAGNET-6018-PERKINS-10M-CIR0006018 [ORDERED]";
+ vlan-id 875;
+ }
}
xe-2/1/0 {
description "CORE 10G to SWI.OKCPS xe-0/1/0 | OneNet-OKC-OKL113OKC-5904";
Index: configs/core5.tul.onenet.net
===================================================================
--- configs/core5.tul.onenet.net (revision 121103)
+++ configs/core5.tul.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TULSA-CORE5-MX480-RE0> show system commit
+# 2014-11-04 16:57:37 CST by sky via cli commit synchronize
+# 2014-11-04 16:53:28 CST by sky via cli commit synchronize
+# 2014-11-04 16:45:59 CST by sky via cli commit synchronize
+# 2014-11-04 16:41:29 CST by sky via cli commit synchronize
# 2014-11-04 15:58:28 CST by sky via cli commit synchronize
# 2014-11-04 15:45:38 CST by sky via cli commit synchronize
-# 2014-11-04 13:39:36 CST by andrew via cli commit synchronize
-# 2014-11-03 12:45:01 CST by andrew via cli commit synchronize
-# 2014-11-03 11:47:56 CST by andrew via cli commit synchronize
-# 2014-11-03 11:39:42 CST by andrew via cli commit synchronize
# grnoc-mon at TULSA-CORE5-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -389,7 +389,7 @@
# grnoc-mon at TULSA-CORE5-MX480-RE0> show system uptime
# System booted: 2014-09-20 01:27 CDT
# Protocols started: 2014-09-20 01:28 CDT
-# Last configured: 2014-11-04 15:58 CST by sky
+# Last configured: 2014-11-04 16:57 CST by sky
#
# {master}
# grnoc-mon at TULSA-CORE5-MX480-RE0> show interface terse
@@ -482,6 +482,7 @@
#xe-1/0/1.193 up up
#xe-1/0/1.194 up up
#xe-1/0/1.195 up up
+#xe-1/0/1.199 up up
#xe-1/0/1.204 up up
#xe-1/0/1.206 up up
#xe-1/0/1.32767 up up
@@ -588,6 +589,8 @@
#xe-2/3/0.155 up up
#xe-2/3/0.156 up up
#xe-2/3/0.157 up up
+#xe-2/3/0.158 up up
+#xe-2/3/0.159 up up
#xe-2/3/0.32767 up up
#xe-2/3/1 up up
#xe-2/3/1.0 up up
@@ -627,7 +630,7 @@
#pp0 up up
#tap up up
# grnoc-mon at TULSA-CORE5-MX480-RE0> show configuration
-## Last commit: 2014-11-04 15:58:28 CST by sky
+## Last commit: 2014-11-04 16:57:37 CST by sky
version 12.3R7.7;
groups {
re0 {
@@ -1394,6 +1397,10 @@
address 192.168.254.5/30;
}
}
+ unit 199 {
+ description "TAGNET-7275-Tulsa-Admiral-10M-CIR0005989 [ORDERED]";
+ vlan-id 199;
+ }
unit 204 {
description TAGNET-7236-Tulsa-Garnett-10M-CIR0006002;
vlan-id 204;
@@ -1795,6 +1802,14 @@
}
}
}
+ unit 158 {
+ description "TAGNET-7404-BARTLESVILLE-10M-CIR0006021 [ORDERED]";
+ vlan-id 158;
+ }
+ unit 159 {
+ description "TAGNET-7260-COLLINSVILLE-10M-CIR0006019 [ORDERED]";
+ vlan-id 159;
+ }
}
xe-2/3/1 {
description "NETFX AE0";
More information about the Nocrancid
mailing list