[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Mon Oct 6 14:02:16 CDT 2014
Index: configs/core.law.onenet.net
===================================================================
--- configs/core.law.onenet.net (revision 120234)
+++ configs/core.law.onenet.net (working copy)
@@ -496,8 +496,8 @@
#lsi.1061164 up up
#lsi.1061169 up up
#lsi.1061170 up up
-#lsi.1061172 up up
#lsi.1061173 up up
+#lsi.1061174 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/swi.odot.ton.onenet.net
===================================================================
--- configs/swi.odot.ton.onenet.net (revision 120233)
+++ configs/swi.odot.ton.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at swi1.ODOT-TON-4200> show system commit
+# 2014-10-06 13:22:40 CDT by admin via cli commit confirmed, rollback in 2mins
# 2014-10-06 11:41:21 CDT by andrew via cli commit confirmed, rollback in 5mins
# 2013-09-16 03:49:30 CDT by rnordmark via cli
# 2013-09-13 06:14:08 CDT by admin via cli
# 2013-09-13 04:35:15 CDT by admin via cli commit confirmed, rollback in 3mins
# 2013-09-13 02:49:31 CDT by admin via cli
-# 2013-09-13 02:45:44 CDT by admin via cli
# grnoc-mon at swi1.ODOT-TON-4200> show chassis environment
# Class Item Status Measurement
# Power FPC 0 Power Supply 0 OK
@@ -162,7 +162,7 @@
# --------------------------------------------------------------------------
# System booted: 2014-08-28 21:47 CDT
# Protocols started: 2014-08-28 21:49 CDT
-# Last configured: 2014-10-06 11:41 CDT by andrew
+# Last configured: 2014-10-06 13:22 CDT by admin
#
# {master:0}
# grnoc-mon at swi1.ODOT-TON-4200> show interface terse
@@ -223,7 +223,7 @@
#vlan.2543 up up
#vme up down
# grnoc-mon at swi1.ODOT-TON-4200> show configuration
-## Last commit: 2014-10-06 11:41:21 CDT by andrew
+## Last commit: 2014-10-06 13:22:40 CDT by admin
version 12.3R4.6;
system {
host-name swi1.ODOT-TON-4200;
@@ -233,8 +233,12 @@
root-authentication {
# encrypted-password <removed>;
}
+ name-server {
+ 164.58.253.10;
+ 164.58.198.10;
+ }
radius-server {
- 10.119.255.7 {
+ 156.110.31.11 {
port 1812;
accounting-port 1813;
# secret "<removed>"; ## SECRET-DATA
@@ -301,16 +305,16 @@
user * {
any emergency;
}
- host 10.119.255.10 {
+ host 164.58.253.92 {
any any;
}
- host 10.119.255.11 {
+ host 164.58.253.38 {
any any;
}
file messages {
any notice;
authorization info;
- match "!(.*LI Packet length.*|.* grnoc-mon.*|.*Connection closed by 10.119.255.1.*|.* exited, status 255.*)";
+ match "!(.*LI Packet length.*|.* grnoc-mon.*|.*Connection closed by 164.58.253.113.*|.* exited, status 255.*)";
}
file interactive-commands {
interactive-commands any;
@@ -331,8 +335,7 @@
source-address 10.119.248.150;
}
ntp {
- server 10.119.255.6;
- server 10.119.255.5 prefer;
+ server 164.58.3.98 prefer;
}
}
chassis {
@@ -438,7 +441,6 @@
description OneNet;
contact "Net Group";
client-list snmp-management {
- 10.119.255.0/24;
156.110.31.0/27;
156.110.31.32/28;
164.58.253.0/24;
@@ -455,8 +457,8 @@
trap-group "<removed>" {
version v2;
targets {
- 10.119.255.8;
- 10.119.255.9;
+ 164.58.253.34;
+ 164.58.253.35;
}
}
}
@@ -484,21 +486,25 @@
prefix-list PRE-MGMT-SOURCES {
156.110.31.0/27;
156.110.31.32/28;
- 164.58.3.98/32;
164.58.253.0/24;
}
+ prefix-list PRE-DNS-SOURCES {
+ apply-path "system name-server <*>";
+ }
+ prefix-list PRE-NTP-SOURCES {
+ apply-path "system ntp server <*>";
+ }
}
firewall {
family inet {
filter PROTECT-RE {
- term 1 {
+ term MGMT {
from {
- source-address {
- 10.119.255.0/24;
- }
source-prefix-list {
+ PRE-MGMT-SOURCES;
+ PRE-DNS-SOURCES;
+ PRE-NTP-SOURCES;
PRE-LOCALIPv4-SOURCES;
- PRE-MGMT-SOURCES;
}
}
then accept;
Index: configs/san-sw-lawton.onenet.net
===================================================================
--- configs/san-sw-lawton.onenet.net (revision 120233)
+++ configs/san-sw-lawton.onenet.net (working copy)
@@ -1,13 +1,13 @@
# RANCID-CONTENT-TYPE: juniper
#
-# grnoc-mon at SAN-EX2200> show system commit
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show system commit
+# 2014-10-06 13:55:17 CDT by admin via cli commit confirmed, rollback in 5mins
# 2014-10-06 11:47:37 CDT by andrew via cli
# 2014-08-13 15:23:46 CDT by andrew via cli commit confirmed, rollback in 2mins
# 2014-08-13 14:42:52 CDT by admin via cli commit confirmed, rollback in 2mins
# 2014-08-13 14:30:37 CDT by andrew via cli commit confirmed, rollback in 2mins
# 2014-05-23 13:15:32 CDT by root via other
-# 2014-05-23 13:11:25 CDT by admin via cli
-# grnoc-mon at SAN-EX2200> show chassis environment
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show chassis environment
# Class Item Status Measurement
# Power FPC 0 Power Supply 0 OK
# Temp FPC 0 CPU OK
@@ -24,17 +24,17 @@
# Fans FPC 0 Fan 1 OK
# FPC 0 Fan 2 OK
#
-# grnoc-mon at SAN-EX2200> show chassis firmware
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show chassis firmware
# Part Type Version
# FPC 0 uboot U-Boot 1.1.6 (Nov 22 2009 - 07:01:21)
# loader FreeBSD/arm U-Boot loader 1.0
#
-# grnoc-mon at SAN-EX2200> show chassis fpc detail
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show chassis fpc detail
# Slot 0 information:
# State Online
# Total CPU DRAM 512 MB
#
-# grnoc-mon at SAN-EX2200> show chassis hardware
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show chassis hardware
# Hardware inventory:
# Item Version Part number Serial number Description
# Chassis CW0210102846 EX2200-24T-4G
@@ -50,8 +50,8 @@
# Power Supply 0 PS 100W AC
# Fan Tray Fan Tray
#
-# grnoc-mon at SAN-EX2200> show chassis hardware models
-# grnoc-mon at SAN-EX2200> show chassis routing-engine
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show chassis hardware models
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show chassis routing-engine
# Routing Engine status:
# Slot 0:
# Current state Master
@@ -59,10 +59,10 @@
# DRAM 512 MB
# Serial ID CW0210102846
#
-# grnoc-mon at SAN-EX2200> show chassis scb
-# grnoc-mon at SAN-EX2200> show chassis sfm detail
-# grnoc-mon at SAN-EX2200> show chassis ssb
-# grnoc-mon at SAN-EX2200> show system boot-messages
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show chassis scb
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show chassis sfm detail
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show chassis ssb
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show system boot-messages
# GDB: debug ports: uart
# GDB: current port: uart
# KDB: debugger backends: ddb gdb
@@ -117,20 +117,20 @@
# da0: 1000MB (2048000 512 byte sectors: 64H 32S/T 1000C)
# Trying to mount root from ufs:/dev/da0s1a
#
-# grnoc-mon at SAN-EX2200> show version
-# Hostname: SAN-EX2200 # Model: ex2200-24t-4g # JUNOS Base OS boot [10.1R1.8] # JUNOS Base OS Software Suite [10.1R1.8] # JUNOS Kernel Software Suite [10.1R1.8] # JUNOS Crypto Software Suite [10.1R1.8] # JUNOS Online Documentation [10.1R1.8] # JUNOS Enterprise Software Suite [10.1R1.8] # JUNOS Packet Forwarding Engine Enterprise Software Suite [10.1R1.8] # JUNOS Routing Software Suite [10.1R1.8] # JUNOS Web Management [10.1R1.8] # # grnoc-mon at SAN-EX2200> file list /var/tmp detail #
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show version
+# Hostname: SAN-SWI-LAWTON-EX2200 # Model: ex2200-24t-4g # JUNOS Base OS boot [10.1R1.8] # JUNOS Base OS Software Suite [10.1R1.8] # JUNOS Kernel Software Suite [10.1R1.8] # JUNOS Crypto Software Suite [10.1R1.8] # JUNOS Online Documentation [10.1R1.8] # JUNOS Enterprise Software Suite [10.1R1.8] # JUNOS Packet Forwarding Engine Enterprise Software Suite [10.1R1.8] # JUNOS Routing Software Suite [10.1R1.8] # JUNOS Web Management [10.1R1.8] # # grnoc-mon at SAN-SWI-LAWTON-EX2200> file list /var/tmp detail #
# /var/tmp:
# total 20
# drwxrwxr-x 2 root wheel 512 Dec 31 1969 .snap/
# drwxr-xr-x 2 root field 512 Feb 6 2011 gres-tp/
# -rw-r--r-- 1 root field 76 May 23 13:16 krt_gencfg_filter.txt
#
-# grnoc-mon at SAN-EX2200> show system uptime
-# System booted: 2014-05-23 13:13 CDT
-# Protocols started: 2014-05-23 13:16 CDT
-# Last configured: 2014-10-06 11:47 CDT by andrew
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show system uptime
+# System booted: 2014-05-23 13:09 CDT
+# Protocols started: 2014-05-23 13:11 CDT
+# Last configured: 2014-10-06 13:55 CDT by admin
#
-# grnoc-mon at SAN-EX2200> show interface terse
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show interface terse
#Interface Admin Link
#ge-0/0/0 up down
#ge-0/0/0.0 up down
@@ -207,19 +207,23 @@
#vlan up up
#vlan.0 up down
#vlan.2543 up up
-# grnoc-mon at SAN-EX2200> show configuration
-## Last commit: 2014-10-06 11:47:37 CDT by andrew
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show configuration
+## Last commit: 2014-10-06 13:55:17 CDT by admin
version 10.1R1.8;
system {
- host-name SAN-EX2200;
+ host-name SAN-SWI-LAWTON-EX2200;
domain-name onenet.net;
time-zone America/Chicago;
authentication-order [ radius password ];
root-authentication {
# encrypted-password <removed>;
}
+ name-server {
+ 164.58.253.10;
+ 164.58.198.10;
+ }
radius-server {
- 10.119.255.7 {
+ 156.110.31.11 {
port 1812;
accounting-port 1813;
# secret "<removed>"; ## SECRET-DATA
@@ -289,23 +293,37 @@
user * {
any emergency;
}
+ host 164.58.253.92 {
+ any any;
+ }
+ host 164.58.253.38 {
+ any any;
+ }
file messages {
any notice;
authorization info;
+ match "!(.*LI Packet length.*|.* grnoc-mon.*|.*Connection closed by 164.58.253.113.*|.* exited, status 255.*)";
}
file interactive-commands {
interactive-commands any;
}
+ file PROTECT-RE {
+ firewall any;
+ archive no-world-readable;
+ }
file default-log-messages {
any any;
- match "(requested 'commit' operation)|(copying configuration to juniper.save)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|(vc add)|(vc delete)|transitioned|Transferred|transfer-file|QFABRIC_NETWORK_NODE_GROUP|QFABRIC_SERVER_NODE_GROUP|QFABRIC_NODE|(license add)|(license delete)|GRES";
+ match "(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete) | CFMD_CCM_DEFECT| LFMD_3AH | RPD_MPLS_PATH_BFD";
structured-data;
}
+ file updown {
+ any any;
+ match "SNMP_TRAP_LINK_|(TRAP_LINK)|bgp_rt_maxprefixes_check|RPD_BGP_NEIGHBOR_STATE";
+ }
source-address 10.119.248.130;
}
ntp {
- server 10.110.255.5 prefer;
- server 10.110.255.6;
+ server 164.58.3.98 prefer;
}
}
chassis {
@@ -547,7 +565,6 @@
description OneNet;
contact "Net Group";
client-list snmp-management {
- 10.119.255.0/24;
156.110.31.0/27;
156.110.31.32/28;
164.58.253.0/24;
@@ -564,8 +581,8 @@
trap-group "<removed>" {
version v2;
targets {
- 10.119.255.8;
- 10.119.255.9;
+ 164.58.253.34;
+ 164.58.253.35;
}
}
}
@@ -593,21 +610,25 @@
prefix-list PRE-MGMT-SOURCES {
156.110.31.0/27;
156.110.31.32/28;
- 164.58.3.98/32;
164.58.253.0/24;
}
+ prefix-list PRE-DNS-SOURCES {
+ apply-path "system name-server <*>";
+ }
+ prefix-list PRE-NTP-SOURCES {
+ apply-path "system ntp server <*>";
+ }
}
firewall {
family inet {
filter PROTECT-RE {
- term 1 {
+ term MGMT {
from {
- source-address {
- 10.119.255.0/24;
- }
source-prefix-list {
+ PRE-MGMT-SOURCES;
+ PRE-DNS-SOURCES;
+ PRE-NTP-SOURCES;
PRE-LOCALIPv4-SOURCES;
- PRE-MGMT-SOURCES;
}
}
then accept;
@@ -649,10 +670,10 @@
vlan-id 255;
}
}
-# grnoc-mon at SAN-EX2200> show ospf neighbor
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show ospf neighbor
# error: command is not valid on the ex2200-24t-4g
#
-# grnoc-mon at SAN-EX2200> show bfd session
+# grnoc-mon at SAN-SWI-LAWTON-EX2200> show bfd session
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/swi.cai.coal.onenet.net
===================================================================
--- configs/swi.cai.coal.onenet.net (revision 115614)
+++ configs/swi.cai.coal.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at SWI-COAL-COUNTY-HOSPITAL-EX-3300> show system commit
+# 2014-10-06 13:51:37 CDT by joel via cli
# 2014-04-28 09:27:15 CDT by rnordmark via cli
# 2014-04-28 09:26:39 CDT by rnordmark via cli commit confirmed, rollback in 5mins
# 2014-01-29 13:53:51 CST by rnordmark via cli
# 2014-01-29 13:23:40 CST by root via other
# 2014-01-29 13:20:20 CST by rnordmark via cli commit confirmed, rollback in 3mins
-# 2013-12-05 14:16:51 CST by joel via cli
# grnoc-mon at SWI-COAL-COUNTY-HOSPITAL-EX-3300> show chassis environment
# Class Item Status Measurement
# Power FPC 0 Power Supply 0 OK
@@ -162,7 +162,7 @@
# --------------------------------------------------------------------------
# System booted: 2013-05-01 14:39 CDT
# Protocols started: 2013-05-01 14:41 CDT
-# Last configured: 2014-04-28 09:27 CDT by rnordmark
+# Last configured: 2014-10-06 13:51 CDT by joel
#
# {master:0}
# grnoc-mon at SWI-COAL-COUNTY-HOSPITAL-EX-3300> show interface terse
@@ -214,7 +214,7 @@
#vlan.250 up up
#vme up down
# grnoc-mon at SWI-COAL-COUNTY-HOSPITAL-EX-3300> show configuration
-## Last commit: 2014-04-28 09:27:15 CDT by rnordmark
+## Last commit: 2014-10-06 13:51:37 CDT by joel
version 12.3R2.5;
system {
host-name SWI-COAL-COUNTY-HOSPITAL-EX-3300;
@@ -294,6 +294,7 @@
}
interfaces {
ge-0/0/0 {
+ description "Hub Appliance - NetGuardian - CAICOAL";
disable;
}
ge-0/0/1 {
@@ -360,6 +361,7 @@
disable;
}
ge-0/0/22 {
+ description Cottonwood-Public-School-50M-CIR0005898;
disable;
}
ge-0/0/23 {
Index: configs/core.hut.ard.onenet.net
===================================================================
--- configs/core.hut.ard.onenet.net (revision 120233)
+++ configs/core.hut.ard.onenet.net (working copy)
@@ -299,7 +299,7 @@
#lsi.1048622 up up
#lsi.1048625 up up
#lsi.1048628 up up
-#lsi.1048630 up up
+#lsi.1048631 up up
#me0 up up
#me0.0 up up
#mtun up up
Index: configs/core.ard.onenet.net
===================================================================
--- configs/core.ard.onenet.net (revision 120233)
+++ configs/core.ard.onenet.net (working copy)
@@ -340,7 +340,7 @@
#lsi.1048719 up up
#lsi.1048720 up up
#lsi.1048722 up up
-#lsi.1048724 up up
+#lsi.1048725 up up
#mtun up up
#pimd up up
#pime up up
Index: configs/rpswi3.rp3f2.onenet.net
===================================================================
--- configs/rpswi3.rp3f2.onenet.net (revision 120153)
+++ configs/rpswi3.rp3f2.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at RPSWI3-RP3FL2-EX2200> show system commit
+# 2014-10-06 13:19:26 CDT by admin via cli commit confirmed, rollback in 5mins
# 2014-09-29 14:47:33 CDT by andrew via cli
# 2014-09-05 08:56:25 CDT by andrew via cli
# 2014-08-29 21:45:12 CDT by andrew via cli commit confirmed, rollback in 2mins
# 2014-08-29 21:16:10 CDT by andrew via cli commit confirmed, rollback in 2mins
# 2014-08-29 13:42:24 CDT by andrew via cli commit confirmed, rollback in 2mins
-# 2014-08-28 10:30:51 CDT by andrew via cli
# grnoc-mon at RPSWI3-RP3FL2-EX2200> show chassis environment
# Class Item Status Measurement
# Power FPC 0 Power Supply 0 OK
@@ -156,7 +156,7 @@
# --------------------------------------------------------------------------
# System booted: 2014-08-26 10:18 CDT
# Protocols started: 2014-08-26 10:21 CDT
-# Last configured: 2014-09-29 14:47 CDT by andrew
+# Last configured: 2014-10-06 13:19 CDT by admin
#
# {master:0}
# grnoc-mon at RPSWI3-RP3FL2-EX2200> show interface terse
@@ -217,7 +217,7 @@
#vlan.80 up up
#vme up down
# grnoc-mon at RPSWI3-RP3FL2-EX2200> show configuration
-## Last commit: 2014-09-29 14:47:33 CDT by andrew
+## Last commit: 2014-10-06 13:19:26 CDT by admin
version 12.3R7.7;
system {
host-name RPSWI3-RP3FL2-EX2200;
@@ -228,11 +228,11 @@
# encrypted-password <removed>;
}
name-server {
- 10.119.255.3;
- 10.119.255.4;
+ 164.58.253.10;
+ 164.58.198.10;
}
radius-server {
- 10.119.255.7 {
+ 156.110.31.11 {
port 1812;
accounting-port 1813;
# secret "<removed>"; ## SECRET-DATA
@@ -299,16 +299,16 @@
user * {
any emergency;
}
- host 10.119.255.10 {
+ host 164.58.253.92 {
any any;
}
- host 10.119.255.11 {
+ host 164.58.253.38 {
any any;
}
file messages {
any notice;
authorization info;
- match "!(.*LI Packet length.*|.* grnoc-mon.*|.*Connection closed by 10.119.255.1.*|.* exited, status 255.*)";
+ match "!(.*LI Packet length.*|.* grnoc-mon.*|.*Connection closed by 164.58.253.113.*|.* exited, status 255.*)";
}
file interactive-commands {
interactive-commands any;
@@ -329,8 +329,7 @@
source-address 10.119.248.154;
}
ntp {
- server 10.119.255.6;
- server 10.119.255.5 prefer;
+ server 164.58.3.98 prefer;
}
}
chassis {
@@ -538,7 +537,9 @@
description OneNet;
contact "Net Group";
client-list snmp-management {
- 10.119.255.0/24;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.253.0/24;
0.0.0.0/0 {
restrict;
}
@@ -552,8 +553,8 @@
trap-group "<removed>" {
version v2;
targets {
- 10.119.255.8;
- 10.119.255.9;
+ 164.58.253.34;
+ 164.58.253.35;
}
}
}
@@ -578,16 +579,27 @@
prefix-list PRE-LOCALIPv4-SOURCES {
apply-path "interfaces <*> unit <*> family inet address <*>";
}
+ prefix-list PRE-MGMT-SOURCES {
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.253.0/24;
+ }
+ prefix-list PRE-DNS-SOURCES {
+ apply-path "system name-server <*>";
+ }
+ prefix-list PRE-NTP-SOURCES {
+ apply-path "system ntp server <*>";
+ }
}
firewall {
family inet {
filter PROTECT-RE {
- term 1 {
+ term MGMT {
from {
- source-address {
- 10.119.255.0/24;
- }
source-prefix-list {
+ PRE-MGMT-SOURCES;
+ PRE-DNS-SOURCES;
+ PRE-NTP-SOURCES;
PRE-LOCALIPv4-SOURCES;
}
}
Index: configs/san-sw-tulsa-ex2200.onenet.net
===================================================================
--- configs/san-sw-tulsa-ex2200.onenet.net (revision 120233)
+++ configs/san-sw-tulsa-ex2200.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at SAN-SW-TULSA-EX2200> show system commit
+# 2014-10-06 13:47:38 CDT by admin via cli commit confirmed, rollback in 5mins
# 2014-10-06 11:42:22 CDT by andrew via cli
# 2014-08-13 15:17:48 CDT by admin via cli commit confirmed, rollback in 2mins
# 2014-08-13 15:13:01 CDT by andrew via cli commit confirmed, rollback in 2mins
# 2014-08-13 14:58:08 CDT by andrew via cli commit confirmed, rollback in 2mins
# 2014-08-04 14:56:32 CDT by admin via cli
-# 2014-08-04 14:53:35 CDT by admin via cli commit confirmed, rollback in 5mins
# grnoc-mon at SAN-SW-TULSA-EX2200> show chassis environment
# Class Item Status Measurement
# Power FPC 0 Power Supply 0 OK
@@ -141,7 +141,7 @@
# grnoc-mon at SAN-SW-TULSA-EX2200> show system uptime
# System booted: 2014-04-16 15:04 CDT
# Protocols started: 2014-04-16 15:08 CDT
-# Last configured: 2014-10-06 11:42 CDT by andrew
+# Last configured: 2014-10-06 13:47 CDT by admin
#
# grnoc-mon at SAN-SW-TULSA-EX2200> show interface terse
#Interface Admin Link
@@ -216,7 +216,7 @@
#vlan up up
#vlan.2543 up up
# grnoc-mon at SAN-SW-TULSA-EX2200> show configuration
-## Last commit: 2014-10-06 11:42:22 CDT by andrew
+## Last commit: 2014-10-06 13:47:38 CDT by admin
version 11.4R6.6;
system {
host-name SAN-SW-TULSA-EX2200;
@@ -227,11 +227,11 @@
# encrypted-password <removed>;
}
name-server {
- 10.119.255.3;
- 10.119.255.4;
+ 164.58.253.10;
+ 164.58.198.10;
}
radius-server {
- 10.119.255.7 {
+ 156.110.31.11 {
port 1812;
accounting-port 1813;
# secret "<removed>"; ## SECRET-DATA
@@ -298,17 +298,36 @@
user * {
any emergency;
}
+ host 164.58.253.92 {
+ any any;
+ }
+ host 164.58.253.38 {
+ any any;
+ }
file messages {
any notice;
authorization info;
+ match "!(.*LI Packet length.*|.* grnoc-mon.*|.*Connection closed by 164.58.253.113.*|.* exited, status 255.*)";
}
file interactive-commands {
interactive-commands any;
}
+ file PROTECT-RE {
+ firewall any;
+ archive no-world-readable;
+ }
+ file default-log-messages {
+ any any;
+ match "(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete) | CFMD_CCM_DEFECT| LFMD_3AH | RPD_MPLS_PATH_BFD";
+ structured-data;
+ }
+ file updown {
+ any any;
+ match "SNMP_TRAP_LINK_|(TRAP_LINK)|bgp_rt_maxprefixes_check|RPD_BGP_NEIGHBOR_STATE";
+ }
}
ntp {
- server 10.110.255.5 prefer;
- server 10.110.255.6;
+ server 164.58.3.98 prefer;
}
}
chassis {
@@ -603,7 +622,6 @@
description OneNet;
contact "Net Group";
client-list snmp-management {
- 10.119.255.0/24;
156.110.31.0/27;
156.110.31.32/28;
164.58.253.0/24;
@@ -617,6 +635,13 @@
community "<removed>" {
authorization read-write;
}
+ trap-group "<removed>" {
+ version v2;
+ targets {
+ 164.58.253.34;
+ 164.58.253.35;
+ }
+ }
}
routing-options {
static {
@@ -642,21 +667,25 @@
prefix-list PRE-MGMT-SOURCES {
156.110.31.0/27;
156.110.31.32/28;
- 164.58.3.98/32;
164.58.253.0/24;
}
+ prefix-list PRE-DNS-SOURCES {
+ apply-path "system name-server <*>";
+ }
+ prefix-list PRE-NTP-SOURCES {
+ apply-path "system ntp server <*>";
+ }
}
firewall {
family inet {
filter PROTECT-RE {
- term 1 {
+ term MGMT {
from {
- source-address {
- 10.119.255.0/24;
- }
source-prefix-list {
+ PRE-MGMT-SOURCES;
+ PRE-DNS-SOURCES;
+ PRE-NTP-SOURCES;
PRE-LOCALIPv4-SOURCES;
- PRE-MGMT-SOURCES;
}
}
then accept;
More information about the Nocrancid
mailing list