[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Fri Aug 26 09:03:52 CDT 2016
Index: router.db
===================================================================
--- router.db (revision 145932)
+++ router.db (working copy)
@@ -14,7 +14,7 @@
acx.war.onenet.net:juniper:up
ada-adva.p.onenet.net:fsp3000:up
ada-hs-srx240.client.onenet.net:juniper:up
-adair-ps.client.onenet.net:juniper:up
+adair-ps.client.onenet.net:juniper:down
alex-ps.client.onenet.net:juniper:up
ALLEN-PUBLIC-LIBRARY.client.onenet.net:juniper:up
alt-adva.p.onenet.net:fsp3000:up
Index: routers.up
===================================================================
--- routers.up (revision 145873)
+++ routers.up (working copy)
@@ -13,7 +13,6 @@
acx.war.onenet.net:juniper
ada-adva.p.onenet.net:fsp3000
ada-hs-srx240.client.onenet.net:juniper
-adair-ps.client.onenet.net:juniper
alex-ps.client.onenet.net:juniper
allen-public-library.client.onenet.net:juniper
alt-adva.p.onenet.net:fsp3000
Index: configs/core3.okc-m120.onenet.net
===================================================================
--- configs/core3.okc-m120.onenet.net (revision 145932)
+++ configs/core3.okc-m120.onenet.net (working copy)
@@ -456,8 +456,8 @@
#t1-2/3/0:1:21.0 up up
#t1-2/3/0:1:22 up up
#t1-2/3/0:1:22.0 up up
-#t1-2/3/0:1:23 up down
-#t1-2/3/0:1:23.0 up down
+#t1-2/3/0:1:23 up up
+#t1-2/3/0:1:23.0 up up
#t1-2/3/0:1:24 down down
#t1-2/3/0:1:25 up up
#t1-2/3/0:1:25.0 up up
Index: configs/core.hut.waur.onenet.net
===================================================================
--- configs/core.hut.waur.onenet.net (revision 145932)
+++ configs/core.hut.waur.onenet.net (working copy)
@@ -28,6 +28,16 @@
# TFEB 0 TBB PFE Chip OK
# TFEB 0 TFEB PCIE TSen OK
# TFEB 0 TFEB PCIE Chip OK
+# TFEB 0 QX 0 TSen OK
+# TFEB 0 QX 0 Chip OK
+# TFEB 0 LU 0 TSen OK
+# TFEB 0 LU 0 Chip OK
+# TFEB 0 MQ 0 TSen OK
+# TFEB 0 MQ 0 Chip OK
+# TFEB 0 TBB PFE TSen OK
+# TFEB 0 TBB PFE Chip OK
+# TFEB 0 TFEB PCIE TSen OK
+# TFEB 0 TFEB PCIE Chip OK
# Fans Fan 1 OK
# Fan 2 OK
# Fan 3 OK
Index: configs/quapaw-ps.client.onenet.net
===================================================================
--- configs/quapaw-ps.client.onenet.net (revision 145911)
+++ configs/quapaw-ps.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at QUAPAW-PS-LR-004903> show system commit
+# 2016-08-26 08:20:11 CDT by joel via cli commit confirmed, rollback in 3mins
# 2016-08-25 16:28:00 CDT by joel via cli
# 2016-08-25 03:50:02 CDT by joel via cli commit confirmed, rollback in 3mins
# 2015-10-21 11:06:00 CDT by joel via cli commit confirmed, rollback in 5mins
# 2015-10-20 15:08:44 CDT by joel via cli
# 2015-10-20 11:29:17 CDT by joel via cli
-# 2015-10-20 10:41:39 CDT by admin via cli
# grnoc-mon at QUAPAW-PS-LR-004903> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -116,7 +116,7 @@
# grnoc-mon at QUAPAW-PS-LR-004903> show system uptime
# System booted: 2016-08-22 09:03 CDT
# Protocols started: 2016-08-22 09:07 CDT
-# Last configured: 2016-08-25 16:28 CDT by joel
+# Last configured: 2016-08-26 08:20 CDT by joel
#
# grnoc-mon at QUAPAW-PS-LR-004903> show interface terse
#Interface Admin Link
@@ -147,7 +147,6 @@
#ge-0/0/14 up up
#ge-0/0/14.0 up up
#ge-0/0/15 down down
-#ge-0/0/15.0 up down
#fxp2 up up
#fxp2.0 up up
#gre up up
@@ -168,18 +167,10 @@
#st0 up up
#tap up up
#vlan up up
-#vlan.99 up down
#vlan.100 up up
-#vlan.200 up down
-#vlan.300 up down
-#vlan.400 up down
-#vlan.600 up down
-#vlan.601 up down
-#vlan.800 up down
-#vlan.900 up down
#vlan.999 up down
# grnoc-mon at QUAPAW-PS-LR-004903> show configuration
-## Last commit: 2016-08-25 16:28:00 CDT by joel
+## Last commit: 2016-08-26 08:20:11 CDT by joel
version 12.1X44-D35.5;
system {
host-name QUAPAW-PS-LR-004903;
@@ -387,14 +378,6 @@
ge-0/0/15 {
description "Trunk to Master-Core Switches (WideBand Networks) - MS-MDF-SWITCH-2";
disable;
- unit 0 {
- family ethernet-switching {
- port-mode trunk;
- vlan {
- members [ TR-0099-MANAGEMENT TR-0100-HIGH-SCHOOL TR-0200-MIDDLE-SCHOOL TR-0300-ELEMENTARY TR-0400-ADMIN TR-0600-PUBLIC-WIFI TR-0601-STUDENT-WIFI TR-0800-SERVERS TR-0900-VIDEO ];
- }
- }
- }
}
lo0 {
unit 0 {
@@ -406,60 +389,12 @@
}
}
vlan {
- unit 99 {
- description "L3 INTERFACE - TR-0099-MANAGEMENT - 10.0.0.1/24";
- family inet {
- address 10.0.0.1/24;
- }
- }
unit 100 {
description "L3 INTERFACE - TR-0100-HIGH-SCHOOL - 172.16.0.1/16";
family inet {
address 172.16.0.1/16;
}
}
- unit 200 {
- description "L3 INTERFACE - TR-0200-MIDDLE-SCHOOL - 10.2.0.1/23";
- family inet {
- address 10.2.0.1/23;
- }
- }
- unit 300 {
- description "L3 INTERFACE - TR-0300-ELEMENTARY - 10.3.0.1/23";
- family inet {
- address 10.7.0.1/24;
- }
- }
- unit 400 {
- description "L3 INTERFACE - TR-0400-ADMIN - 10.4.0.1/23";
- family inet {
- address 10.4.0.1/23;
- }
- }
- unit 600 {
- description "L3 INTERFACE - TR-0600-PUBLIC-WIFI - 10.6.0.1/22";
- family inet {
- address 10.6.0.1/22;
- }
- }
- unit 601 {
- description "L3 INTERFACE - TR-0601-STUDENT-WIFI - 10.6.4.1/22";
- family inet {
- address 10.6.4.1/22;
- }
- }
- unit 800 {
- description "L3 INTERFACE - TR-0800-SERVERS - 10.8.0.1/24";
- family inet {
- address 10.8.0.1/24;
- }
- }
- unit 900 {
- description "L3 INTERFACE - TR-0900-VIDEO - 164.58.58.97/28";
- family inet {
- address 164.58.58.97/28;
- }
- }
unit 999 {
description "L3 INTERFACE - TEST-VLAN - 10.100.0.1/24";
family inet {
@@ -475,11 +410,6 @@
maximum-hop-count 4;
interface {
vlan.100;
- vlan.200;
- vlan.300;
- vlan.400;
- vlan.600;
- vlan.601;
}
}
}
@@ -605,7 +535,7 @@
}
}
rule-set ZONE-TO-UNTRUST-NAT {
- from zone [ TR-0099-MANAGEMENT TR-0100-HIGH-SCHOOL TR-0200-MIDDLE-SCHOOL TR-0300-ELEMENTARY TR-0400-ADMIN TR-0600-PUBLIC-WIFI TR-0601-STUDENT-WIFI TR-0800-SERVERS ];
+ from zone TR-0100-HIGH-SCHOOL;
to zone UNTRUST;
rule NAT-TRUST-TO-UNTRUST {
match {
@@ -618,20 +548,6 @@
}
}
}
- rule-set VIDEO-TO-UNTRUST-NAT {
- from zone TR-0900-VIDEO;
- to zone UNTRUST;
- rule NAT-VIDEO-TO-UNTRUST {
- match {
- source-address 0.0.0.0/0;
- }
- then {
- source-nat {
- interface;
- }
- }
- }
- }
}
static {
rule-set STATIC-NAT {
@@ -688,226 +604,55 @@
}
}
policies {
- from-zone TEST to-zone UNTRUST {
- policy ALLOW-ALL-OUT {
+ from-zone UNTRUST to-zone TR-0100-HIGH-SCHOOL {
+ policy STATIC-NAT-QUAPAW-STORAGE-SVR {
match {
- source-address any;
- destination-address any;
+ source-address ONENET-164.58.69.122/32;
+ destination-address HOST-QUAPAW-STORAGE-SVR-172.16.0.11/32;
application any;
}
then {
permit;
}
}
- }
- from-zone TR-0099-MANAGEMENT to-zone TR-0800-SERVERS {
- policy ALLOW-ALL {
+ policy STATIC-NAT-VIDEO {
match {
source-address any;
- destination-address any;
+ destination-address VIDEO-172.16.255.2/32;
application any;
}
then {
permit;
}
}
- }
- from-zone TR-0100-HIGH-SCHOOL to-zone TR-0800-SERVERS {
- policy ALLOW-ALL {
+ policy STATIC-NAT-UNIFI {
match {
- source-address any;
- destination-address any;
+ source-address ONENET-164.58.69.122/32;
+ destination-address HOST-UNIFI-CONTROLLER-172.16.0.12/32;
application any;
}
then {
permit;
- }
- }
- }
- from-zone TR-0200-MIDDLE-SCHOOL to-zone TR-0800-SERVERS {
- policy ALLOW-ALL {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0300-ELEMENTARY to-zone TR-0800-SERVERS {
- policy ALLOW-ALL {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0400-ADMIN to-zone TR-0800-SERVERS {
- policy ALLOW-ALL {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0600-PUBLIC-WIFI to-zone TR-0800-SERVERS {
- policy ALLOW-ALL {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0601-STUDENT-WIFI to-zone TR-0800-SERVERS {
- policy ALLOW-ALL {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0800-SERVERS to-zone TR-0099-MANAGEMENT {
- policy ALLOW-MGMT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0800-SERVERS to-zone TR-0100-HIGH-SCHOOL {
- policy ALLOW-MGMT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0800-SERVERS to-zone TR-0200-MIDDLE-SCHOOL {
- policy ALLOW-MGMT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0800-SERVERS to-zone TR-0300-ELEMENTARY {
- policy ALLOW-MGMT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0800-SERVERS to-zone TR-0400-ADMIN {
- policy ALLOW-MGMT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0800-SERVERS to-zone TR-0600-PUBLIC-WIFI {
- policy ALLOW-MGMT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0800-SERVERS to-zone TR-0601-STUDENT-WIFI {
- policy ALLOW-MGMT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0800-SERVERS to-zone TR-0800-SERVERS {
- policy ALLOW-MGMT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0099-MANAGEMENT to-zone UNTRUST {
- policy ALLOW-SERVICES {
- match {
- source-address any;
- destination-address any;
- application [ junos-ntp junos-icmp-ping junos-icmp-all junos-dns-udp ];
- }
- then {
- permit;
log {
session-close;
}
}
}
- }
- from-zone TR-0100-HIGH-SCHOOL to-zone UNTRUST {
- policy ALLOW-ALL-OUT {
+ policy STATIC-NAT-ESXI {
match {
- source-address any;
- destination-address any;
+ source-address ONENET-164.58.69.122/32;
+ destination-address ESXI-172.16.0.9/32;
application any;
}
then {
permit;
+ log {
+ session-init;
+ }
}
}
}
- from-zone TR-0200-MIDDLE-SCHOOL to-zone UNTRUST {
+ from-zone TEST to-zone UNTRUST {
policy ALLOW-ALL-OUT {
match {
source-address any;
@@ -919,7 +664,7 @@
}
}
}
- from-zone TR-0300-ELEMENTARY to-zone UNTRUST {
+ from-zone TR-0100-HIGH-SCHOOL to-zone UNTRUST {
policy ALLOW-ALL-OUT {
match {
source-address any;
@@ -931,126 +676,6 @@
}
}
}
- from-zone TR-0400-ADMIN to-zone UNTRUST {
- policy ALLOW-ALL-OUT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0600-PUBLIC-WIFI to-zone UNTRUST {
- policy ALLOW-ALL-OUT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0601-STUDENT-WIFI to-zone UNTRUST {
- policy ALLOW-ALL-OUT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0800-SERVERS to-zone UNTRUST {
- policy ALLOW-ALL-OUT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone TR-0900-VIDEO to-zone UNTRUST {
- policy ALLOW-ALL-OUT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone UNTRUST to-zone TR-0900-VIDEO {
- policy ALLOW-ALL-OUT {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
- from-zone UNTRUST to-zone TR-0100-HIGH-SCHOOL {
- policy STATIC-NAT-QUAPAW-STORAGE-SVR {
- match {
- source-address ONENET-164.58.69.122/32;
- destination-address HOST-QUAPAW-STORAGE-SVR-172.16.0.11/32;
- application any;
- }
- then {
- permit;
- }
- }
- policy STATIC-NAT-VIDEO {
- match {
- source-address any;
- destination-address VIDEO-172.16.255.2/32;
- application any;
- }
- then {
- permit;
- }
- }
- policy STATIC-NAT-UNIFI {
- match {
- source-address ONENET-164.58.69.122/32;
- destination-address HOST-UNIFI-CONTROLLER-172.16.0.12/32;
- application any;
- }
- then {
- permit;
- log {
- session-close;
- }
- }
- }
- policy STATIC-NAT-ESXI {
- match {
- source-address ONENET-164.58.69.122/32;
- destination-address ESXI-172.16.0.9/32;
- application any;
- }
- then {
- permit;
- log {
- session-init;
- }
- }
- }
- }
}
zones {
security-zone TEST {
@@ -1082,20 +707,6 @@
}
}
}
- security-zone TR-0099-MANAGEMENT {
- interfaces {
- vlan.99 {
- host-inbound-traffic {
- system-services {
- ntp;
- ping;
- ssh;
- traceroute;
- }
- }
- }
- }
- }
security-zone TR-0100-HIGH-SCHOOL {
interfaces {
vlan.100 {
@@ -1109,95 +720,6 @@
}
}
}
- security-zone TR-0200-MIDDLE-SCHOOL {
- interfaces {
- vlan.200 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- dhcp;
- }
- }
- }
- }
- }
- security-zone TR-0300-ELEMENTARY {
- interfaces {
- vlan.300 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- dhcp;
- }
- }
- }
- }
- }
- security-zone TR-0400-ADMIN {
- interfaces {
- vlan.400 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- dhcp;
- }
- }
- }
- }
- }
- security-zone TR-0600-PUBLIC-WIFI {
- interfaces {
- vlan.600 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- dhcp;
- }
- }
- }
- }
- }
- security-zone TR-0601-STUDENT-WIFI {
- interfaces {
- vlan.601 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- dhcp;
- }
- }
- }
- }
- }
- security-zone TR-0800-SERVERS {
- interfaces {
- vlan.800 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- }
- }
- security-zone TR-0900-VIDEO {
- interfaces {
- vlan.900 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- }
- }
}
}
firewall {
@@ -1265,51 +787,11 @@
vlan-id 999;
l3-interface vlan.999;
}
- TR-0099-MANAGEMENT {
- description TR-0099-MANAGEMENT;
- vlan-id 99;
- l3-interface vlan.99;
- }
TR-0100-HIGH-SCHOOL {
description TR-0100-HIGH-SCHOOL;
vlan-id 100;
l3-interface vlan.100;
}
- TR-0200-MIDDLE-SCHOOL {
- description TR-0200-MIDDLE-SCHOOL;
- vlan-id 200;
- l3-interface vlan.200;
- }
- TR-0300-ELEMENTARY {
- description TR-0300-ELEMENTARY;
- vlan-id 300;
- l3-interface vlan.300;
- }
- TR-0400-ADMIN {
- description TR-0400-ADMIN;
- vlan-id 400;
- l3-interface vlan.400;
- }
- TR-0600-PUBLIC-WIFI {
- description TR-0600-PUBLIC-WIFI;
- vlan-id 600;
- l3-interface vlan.600;
- }
- TR-0601-STUDENT-WIFI {
- description TR-0601-STUDENT-WIFI;
- vlan-id 601;
- l3-interface vlan.601;
- }
- TR-0800-SERVERS {
- description TR-0800-SERVERS;
- vlan-id 800;
- l3-interface vlan.800;
- }
- TR-0900-VIDEO {
- description TR-0900-VIDEO;
- vlan-id 900;
- l3-interface vlan.900;
- }
}
# grnoc-mon at QUAPAW-PS-LR-004903> show ospf neighbor
# OSPF instance is not running
Index: configs/chisholm-ps.client.onenet.net
===================================================================
--- configs/chisholm-ps.client.onenet.net (revision 145932)
+++ configs/chisholm-ps.client.onenet.net (working copy)
@@ -118,8 +118,8 @@
#ge-0/0/3 down down
#ge-0/0/4 down down
#ge-0/0/5 down down
-#ge-0/0/6 up up
-#ge-0/0/6.0 up up
+#ge-0/0/6 up down
+#ge-0/0/6.0 up down
#ge-0/0/7 up up
#ge-0/0/7.0 up up
#fxp2 up up
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net (revision 145932)
+++ configs/stringtown-high-school.client.onenet.net (working copy)
@@ -674,7 +674,6 @@
# OSPF instance is not running
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show bfd session
-quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/odot-stillwater-residence.client.onenet.net
===================================================================
--- configs/odot-stillwater-residence.client.onenet.net (revision 145932)
+++ configs/odot-stillwater-residence.client.onenet.net (working copy)
@@ -124,8 +124,8 @@
#ge-0/0/2.0 up up
#ge-0/0/3 up up
#ge-0/0/3.0 up up
-#ge-0/0/4 up up
-#ge-0/0/4.0 up up
+#ge-0/0/4 up down
+#ge-0/0/4.0 up down
#ge-0/0/5 up down
#ge-0/0/5.0 up down
#ge-0/0/6 up up
Index: configs/maysville-hs.client.onenet.net
===================================================================
--- configs/maysville-hs.client.onenet.net (revision 145920)
+++ configs/maysville-hs.client.onenet.net (working copy)
@@ -598,6 +598,7 @@
# OSPF instance is not running
#
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show bfd session
+quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/rpswi1.okc.onenet.net
===================================================================
--- configs/rpswi1.okc.onenet.net (revision 145898)
+++ configs/rpswi1.okc.onenet.net (working copy)
@@ -263,8 +263,8 @@
#ge-0/0/43.0 up up
#ge-0/0/44 up down
#ge-0/0/44.0 up down
-#ge-0/0/45 up down
-#ge-0/0/45.0 up down
+#ge-0/0/45 up up
+#ge-0/0/45.0 up up
#ge-0/0/46 up down
#ge-0/0/46.0 up down
#ge-0/0/47 up down
Index: routers.down
===================================================================
--- routers.down (revision 145728)
+++ routers.down (working copy)
@@ -10,6 +10,7 @@
OMES-MX480-1:juniper:down
SRX1.RP3F1-JOEL-SRX-TEST:juniper:down
SWI1.STROUD.onenet.net:juniper:down
+adair-ps.client.onenet.net:juniper:down
cleveland-ps-srx220.client.onenet.net:juniper:down
core.okc.onenet.net:cisco:down
core.okclab.onenet.net:cisco:down
More information about the Nocrancid
mailing list