[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Mon Aug 22 15:03:53 CDT 2016
Index: configs/maysville-es.client.onenet.net
===================================================================
--- configs/maysville-es.client.onenet.net (revision 145811)
+++ configs/maysville-es.client.onenet.net (working copy)
@@ -614,7 +614,6 @@
# OSPF instance is not running
#
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show bfd session
-quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/oids-okmulgee.client.onenet.net
===================================================================
--- configs/oids-okmulgee.client.onenet.net (revision 145398)
+++ configs/oids-okmulgee.client.onenet.net (working copy)
@@ -1,6 +1,7 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OIDS-OKMULGEE-LR-004619> show system commit
+# 2016-08-22 14:53:53 CDT by andrew via cli
# 2016-03-24 14:22:58 CDT by admin via cli
# 2016-03-03 14:06:12 CST by admin via cli
# 2016-03-03 13:53:21 CST by admin via cli
@@ -88,18 +89,16 @@
# ###PCB Group initialized for tcppcbgroup
# ad0: Device does not support APM
# ad0: 2000MB <CF 2GB 20100924> at ata2-master WDMA2
-# Trying to mount root from ufs:/dev/ad0s2a
-# WARNING: / was not properly dismounted
-# WARNING: / was not properly dismounted
+# Trying to mount root from ufs:/dev/ad0s1a
#
# grnoc-mon at OIDS-OKMULGEE-LR-004619> show version
# Hostname: OIDS-OKMULGEE-LR-004619 # Model: srx220h2 # JUNOS Software Release [12.1X46-D20.5] # # grnoc-mon at OIDS-OKMULGEE-LR-004619> file list /var/tmp detail # lrw-r--r-- 1 root wheel 11 May 14 2014 /var/tmp@ -> /cf/var/tmp
# total files: 1
#
# grnoc-mon at OIDS-OKMULGEE-LR-004619> show system uptime
-# System booted: 2016-08-08 13:59 CDT
-# Protocols started: 2016-08-08 14:01 CDT
-# Last configured: 2016-03-24 14:22 CDT by admin
+# System booted: 2016-08-22 14:30 CDT
+# Protocols started: 2016-08-22 14:32 CDT
+# Last configured: 2016-08-22 14:53 CDT by andrew
#
# grnoc-mon at OIDS-OKMULGEE-LR-004619> show interface terse
#Interface Admin Link
@@ -144,10 +143,11 @@
#vlan up up
#vlan.3 up up
# grnoc-mon at OIDS-OKMULGEE-LR-004619> show configuration
-## Last commit: 2016-03-24 14:22:58 CDT by admin
+## Last commit: 2016-08-22 14:53:53 CDT by andrew
version 12.1X46-D20.5;
system {
host-name OIDS-OKMULGEE-LR-004619;
+ auto-snapshot;
domain-name onenet.net;
time-zone America/Chicago;
authentication-order [ radius password ];
Index: configs/hub.dun.onenet.net
===================================================================
--- configs/hub.dun.onenet.net (revision 144813)
+++ configs/hub.dun.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at DUNCAN-M120-RE0> show system commit
+# 2016-08-22 14:26:46 CDT by andrew via cli commit synchronize
# 2016-07-20 19:28:21 CDT by andrew via cli commit synchronize
# 2016-07-20 18:27:50 CDT by andrew via cli commit synchronize
# 2016-07-20 11:23:51 CDT by sky via cli commit synchronize
# 2016-07-20 10:03:57 CDT by andrew via cli commit synchronize
# 2016-06-20 13:56:15 CDT by sean via cli commit synchronize
-# 2016-06-13 14:07:04 CDT by aberrios via cli commit synchronize
# grnoc-mon at DUNCAN-M120-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -263,7 +263,7 @@
# grnoc-mon at DUNCAN-M120-RE0> show system uptime
# System booted: 2016-03-15 01:19 CDT
# Protocols started: 2016-03-15 01:24 CDT
-# Last configured: 2016-07-20 19:28 CDT by andrew
+# Last configured: 2016-08-22 14:26 CDT by andrew
#
# {master}
# grnoc-mon at DUNCAN-M120-RE0> show interface terse
@@ -289,6 +289,7 @@
#t1-2/0/2:10 up up
#t1-2/0/2:10.16 up up
#t1-2/0/2:10.17 up up
+#t1-2/0/2:10.18 up up
#t1-2/0/2:11 down down
#t1-2/0/2:12 up up
#t1-2/0/2:12.0 up up
@@ -410,7 +411,7 @@
#pp0 up up
#tap up up
# grnoc-mon at DUNCAN-M120-RE0> show configuration
-## Last commit: 2016-07-20 19:28:21 CDT by andrew
+## Last commit: 2016-08-22 14:26:46 CDT by andrew
version 13.3R8.7;
groups {
re0 {
@@ -781,6 +782,15 @@
address 10.119.76.116/31;
}
}
+ unit 18 {
+ dlci 18;
+ family inet {
+ sampling {
+ input;
+ }
+ address 172.23.5.165/30;
+ }
+ }
}
t1-2/0/2:11 {
disable;
@@ -1188,6 +1198,7 @@
discard;
no-readvertise;
}
+ route 164.58.9.116/30 next-hop 172.23.5.166;
}
router-id 164.58.199.18;
autonomous-system 5078;
Index: configs/meeker-ps.client.onenet.net
===================================================================
--- configs/meeker-ps.client.onenet.net (revision 145802)
+++ configs/meeker-ps.client.onenet.net (working copy)
@@ -144,8 +144,8 @@
#ge-0/0/11 down down
#ge-0/0/12 down down
#ge-0/0/13 down down
-#ge-0/0/14 up up
-#ge-0/0/14.0 up up
+#ge-0/0/14 up down
+#ge-0/0/14.0 up down
#ge-0/0/15 up up
#ge-0/0/15.0 up up
#fxp2 up up
Index: configs/okc-vpn-cluster.okc.onenet.net
===================================================================
--- configs/okc-vpn-cluster.okc.onenet.net (revision 145661)
+++ configs/okc-vpn-cluster.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show system commit
+# 2016-08-22 14:23:22 CDT by sky via cli
# 2016-07-27 20:43:25 CDT by andrew via cli commit confirmed, rollback in 3mins
# 2016-07-27 20:28:29 CDT by andrew via cli commit confirmed, rollback in 3mins
# 2016-07-26 13:56:06 CDT by sean via cli
# 2016-07-26 13:13:57 CDT by sean via cli
# 2016-07-26 10:50:46 CDT by sky via cli
-# 2016-07-26 10:38:33 CDT by sky via cli
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show chassis environment
# node0:
# --------------------------------------------------------------------------
@@ -234,12 +234,12 @@
# --------------------------------------------------------------------------
# System booted: 2016-03-01 19:49 CST
# Protocols started: 2016-03-01 20:04 CST
-# Last configured: 2016-07-27 20:43 CDT by andrew
+# Last configured: 2016-08-22 14:23 CDT by sky
#
# node1:
# --------------------------------------------------------------------------
# System booted: 2016-03-01 19:35 CST
-# Last configured: 2016-07-27 20:44 CDT by root
+# Last configured: 2016-08-22 14:24 CDT by root
#
# {primary:node0}
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show interface terse
@@ -362,7 +362,7 @@
#tap up up
#vlan up up
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show configuration
-## Last commit: 2016-07-27 20:43:25 CDT by andrew
+## Last commit: 2016-08-22 14:23:22 CDT by sky
version 12.1X46-D40.2;
groups {
node0 {
@@ -749,14 +749,14 @@
}
}
unit 15 {
- description "ODOT-ALTUS-MGMT [NO-MONITOR]";
+ description "ODOT-ALTUS-REGMAINT-MGMT [NO-MONITOR]";
family inet {
mtu 1440;
address 10.119.11.14/31;
}
}
unit 16 {
- description "ODOT-ALTUS-AGENCY-DATA [NO-MONITOR]";
+ description "ODOT-ALTUS-REGMAINT-AGENCY-DATA [NO-MONITOR]";
family inet {
mtu 1440;
address 10.119.8.14/31;
Index: configs/doh-waurika.client.onenet.net
===================================================================
--- configs/doh-waurika.client.onenet.net (revision 144880)
+++ configs/doh-waurika.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at DOH-WAURIKA-SRX220> show system commit
+# 2016-08-22 14:28:51 CDT by andrew via cli
# 2016-07-22 18:55:47 CDT by admin via cli
# 2016-07-20 19:27:42 CDT by andrew via cli commit confirmed, rollback in 5mins
# 2014-11-07 15:47:06 CST by admin via netconf
# 2014-09-04 22:29:06 CDT by root via other
# 2014-09-02 21:05:12 CDT by andrew via cli
-# 2014-09-01 23:29:12 CDT by rnordmark via cli
# grnoc-mon at DOH-WAURIKA-SRX220> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -104,7 +104,7 @@
# grnoc-mon at DOH-WAURIKA-SRX220> show system uptime
# System booted: 2016-07-20 19:30 CDT
# Protocols started: 2016-07-20 19:32 CDT
-# Last configured: 2016-07-22 18:55 CDT by admin
+# Last configured: 2016-08-22 14:28 CDT by andrew
#
# grnoc-mon at DOH-WAURIKA-SRX220> show interface terse
#Interface Admin Link
@@ -119,6 +119,7 @@
#sp-0/0/0.0 up up
#sp-0/0/0.16383 up up
#ge-0/0/1 down down
+#ge-0/0/1.0 up down
#ge-0/0/2 down down
#ge-0/0/3 down down
#ge-0/0/4 down down
@@ -128,6 +129,7 @@
#t1-1/0/0 up up
#t1-1/0/0.16 up up
#t1-1/0/0.17 up up
+#t1-1/0/0.18 up up
#fxp2 up up
#fxp2.0 up up
#gre up up
@@ -149,7 +151,7 @@
#tap up up
#vlan up up
# grnoc-mon at DOH-WAURIKA-SRX220> show configuration
-## Last commit: 2016-07-22 18:55:47 CDT by admin
+## Last commit: 2016-08-22 14:28:51 CDT by andrew
version 12.1X46-D20.5;
system {
host-name DOH-WAURIKA-SRX220;
@@ -285,7 +287,18 @@
}
}
ge-0/0/1 {
+ description DOH-PUBLIC;
disable;
+ speed 100m;
+ link-mode full-duplex;
+ unit 0 {
+ family inet {
+ filter {
+ input DOH-COS;
+ }
+ address 164.58.9.117/30;
+ }
+ }
}
ge-0/0/2 {
disable;
@@ -333,6 +346,15 @@
address 10.119.76.117/31;
}
}
+ unit 18 {
+ dlci 18;
+ family inet {
+ filter {
+ output DOH-COS;
+ }
+ address 172.23.5.166/30;
+ }
+ }
}
t1-2/0/0 {
disable;
@@ -561,6 +583,18 @@
}
}
}
+ from-zone DOH-PUBLIC to-zone DOH-PUBLIC {
+ policy DOH-PUBLIC {
+ match {
+ source-address any;
+ destination-address any;
+ application any;
+ }
+ then {
+ permit;
+ }
+ }
+ }
}
zones {
security-zone DOH-DATA {
@@ -600,6 +634,29 @@
}
}
}
+ security-zone DOH-PUBLIC {
+ interfaces {
+ t1-1/0/0.18 {
+ host-inbound-traffic {
+ system-services {
+ ping;
+ traceroute;
+ ssh;
+ snmp;
+ }
+ }
+ }
+ ge-0/0/1.0 {
+ host-inbound-traffic {
+ system-services {
+ ping;
+ traceroute;
+ snmp;
+ }
+ }
+ }
+ }
+ }
}
}
firewall {
@@ -707,6 +764,16 @@
}
}
}
+ DOH-PUBLIC {
+ instance-type virtual-router;
+ interface ge-0/0/1.0;
+ interface t1-1/0/0.18;
+ routing-options {
+ static {
+ route 0.0.0.0/0 next-hop 172.23.5.165;
+ }
+ }
+ }
}
# grnoc-mon at DOH-WAURIKA-SRX220> show ospf neighbor
# OSPF instance is not running
Index: configs/city-of-lawton.client.onenet.net
===================================================================
--- configs/city-of-lawton.client.onenet.net (revision 145580)
+++ configs/city-of-lawton.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at CITY-OF-LAWTON-TAG-005231> show system commit
+# 2016-08-22 14:58:32 CDT by joel via cli commit confirmed, rollback in 2mins
+# 2016-08-22 14:48:14 CDT by joel via cli
+# 2016-08-22 14:40:57 CDT by joel via cli commit confirmed, rollback in 2mins
+# 2016-08-22 14:32:31 CDT by joel via cli commit confirmed, rollback in 3mins
# 2016-08-08 14:19:32 CDT by joel via cli commit confirmed, rollback in 3mins
# 2016-08-05 20:57:31 CDT by joel via cli commit confirmed, rollback in 3mins
-# 2016-07-29 09:32:24 CDT by joel via cli commit confirmed, rollback in 3mins
-# 2016-07-29 09:28:02 CDT by joel via cli commit confirmed, rollback in 3mins
-# 2016-07-27 18:51:57 CDT by joel via cli
-# 2016-07-27 19:10:23 CDT by root via cli
# grnoc-mon at CITY-OF-LAWTON-TAG-005231> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -116,7 +116,7 @@
# Time Source: NTP CLOCK
# System booted: 2016-07-27 15:02 CDT
# Protocols started: 2016-07-27 15:02 CDT
-# Last configured: 2016-08-08 14:19 CDT by joel
+# Last configured: 2016-08-22 14:58 CDT by joel
#
# grnoc-mon at CITY-OF-LAWTON-TAG-005231> show interface terse
#Interface Admin Link
@@ -171,7 +171,7 @@
#vlan up down
#vtep up up
# grnoc-mon at CITY-OF-LAWTON-TAG-005231> show configuration
-## Last commit: 2016-08-08 14:19:32 CDT by joel
+## Last commit: 2016-08-22 14:58:32 CDT by joel
version 15.1X49-D50.3;
system {
host-name CITY-OF-LAWTON-TAG-005231;
@@ -708,6 +708,15 @@
description "Trustwave Content Filter - Outside Source IP for Support";
wildcard-address 208.90.236.133/32;
}
+ address WEBMONITOR-CITYOF-LAWTON-OUTSIDE-156.110.87.206 {
+ description "webmonitor.cityof.lawton.ok.us webserver - OUTSIDE IP";
+ wildcard-address 156.110.87.206/32;
+ }
+ address WEBMONITOR-CITYOF-LAWTON-INSIDE-172.16.2.3 {
+ description "webmonitor.cityof.lawton.ok.us webserver - INSIDE IP";
+ wildcard-address 172.16.2.3/32;
+ }
+ address ABUSE-94.242.255.196 94.242.255.196/32;
address-set VERIZON-STATIC-FT-SILL-1 {
description "Fort Sill MP Static IPs for CAD Access";
address VERIZON-STATIC-FT-SILL-1-166.148.145.240;
@@ -809,6 +818,9 @@
address TRUSTWAVE-SUPPORT-1-208.90.236.132;
address TRUSTWAVE-SUPPORT-2-208.90.236.133;
}
+ address-set ABUSE {
+ address ABUSE-94.242.255.196;
+ }
}
}
screen {
@@ -849,6 +861,11 @@
156.110.87.202/32;
}
}
+ pool WEBMONITOR-CITYOF-LAWTON {
+ address {
+ 156.110.87.206/32;
+ }
+ }
rule-set TRUST-TO-UNTRUST-NAT {
from zone TRUST;
to zone UNTRUST;
@@ -876,6 +893,18 @@
}
}
}
+ rule WEBMONITOR-CITYOF-LAWTON {
+ match {
+ source-address 172.16.2.3/32;
+ }
+ then {
+ source-nat {
+ pool {
+ WEBMONITOR-CITYOF-LAWTON;
+ }
+ }
+ }
+ }
rule NAT-TRUST-TO-UNTRUST {
match {
source-address 0.0.0.0/0;
@@ -1071,6 +1100,18 @@
}
}
}
+ rule NAT-WEBMONITOR-CITYOF-LAWTON {
+ match {
+ destination-address 156.110.87.206/32;
+ }
+ then {
+ static-nat {
+ prefix {
+ 172.16.2.3/32;
+ }
+ }
+ }
+ }
}
}
}
@@ -1112,6 +1153,19 @@
}
}
from-zone UNTRUST to-zone TRUST {
+ policy ABUSE-DENY {
+ match {
+ source-address ABUSE;
+ destination-address any;
+ application any;
+ }
+ then {
+ deny;
+ log {
+ session-init;
+ }
+ }
+ }
policy ALLOW-TO-CITY-OF {
description "www ftp access to www.cityof.lawton.ok.us";
match {
@@ -1145,6 +1199,20 @@
permit;
}
}
+ policy ALLOW-WEBMONITOR-CITYOF-LAWTON-HTTP {
+ description "Allow http access to webmonitor.cityof.lawton.ok.us";
+ match {
+ source-address any;
+ destination-address WEBMONITOR-CITYOF-LAWTON-INSIDE-172.16.2.3;
+ application junos-http;
+ }
+ then {
+ permit;
+ log {
+ session-close;
+ }
+ }
+ }
policy ALLOW-LAWTON-CAD-MS-UDP {
description "permit udp object-group DM_INLINE_NETWORK_3 object Server-CADMS object-group CAD-MS-UDP - NO DESCRIPTION IN ASA";
match {
Index: configs/maysville-hs.client.onenet.net
===================================================================
--- configs/maysville-hs.client.onenet.net (revision 145806)
+++ configs/maysville-hs.client.onenet.net (working copy)
@@ -598,6 +598,7 @@
# OSPF instance is not running
#
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show bfd session
+quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/rpswi1.okc.onenet.net
===================================================================
--- configs/rpswi1.okc.onenet.net (revision 145809)
+++ configs/rpswi1.okc.onenet.net (working copy)
@@ -213,8 +213,8 @@
#ge-0/0/18.0 up up
#ge-0/0/19 up up
#ge-0/0/19.0 up up
-#ge-0/0/20 up up
-#ge-0/0/20.0 up up
+#ge-0/0/20 up down
+#ge-0/0/20.0 up down
#ge-0/0/21 up down
#ge-0/0/21.0 up down
#ge-0/0/22 up down
@@ -265,8 +265,8 @@
#ge-0/0/44.0 up down
#ge-0/0/45 up up
#ge-0/0/45.0 up up
-#ge-0/0/46 up down
-#ge-0/0/46.0 up down
+#ge-0/0/46 up up
+#ge-0/0/46.0 up up
#ge-0/0/47 up down
#ge-0/0/47.0 up down
#xe-0/1/0 up up
Index: configs/swi1.ggc-etn.onenet.net
===================================================================
--- configs/swi1.ggc-etn.onenet.net (revision 145811)
+++ configs/swi1.ggc-etn.onenet.net (working copy)
@@ -178,14 +178,14 @@
#ge-0/0/2.0 up up
#ge-0/0/3 up up
#ge-0/0/3.0 up up
-#ge-0/0/4 up down
-#ge-0/0/4.0 up down
-#ge-0/0/5 up down
-#ge-0/0/5.0 up down
-#ge-0/0/6 up down
-#ge-0/0/6.0 up down
-#ge-0/0/7 up down
-#ge-0/0/7.0 up down
+#ge-0/0/4 up up
+#ge-0/0/4.0 up up
+#ge-0/0/5 up up
+#ge-0/0/5.0 up up
+#ge-0/0/6 up up
+#ge-0/0/6.0 up up
+#ge-0/0/7 up up
+#ge-0/0/7.0 up up
#ge-0/0/8 up up
#ge-0/0/8.0 up up
#ge-0/0/9 up up
@@ -219,8 +219,8 @@
#ae0.0 up up
#ae1 up up
#ae1.0 up up
-#ae2 up down
-#ae2.0 up down
+#ae2 up up
+#ae2.0 up up
#ae3 up up
#ae3.0 up up
#ae4 up up
More information about the Nocrancid
mailing list