[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Mon Feb 1 10:02:50 CST 2016
Index: configs/maysville-es.client.onenet.net
===================================================================
--- configs/maysville-es.client.onenet.net (revision 139379)
+++ configs/maysville-es.client.onenet.net (working copy)
@@ -19,6 +19,7 @@
# SRX240 IO fan 2 OK
# Power Power Supply 0 OK
#
+# show chassis firmware
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show chassis firmware
# Part Type Version
# FPC 0 O/S Version 12.1X44-D35.5 by builder on 2014-05
Index: configs/waurika-hs.client.onenet.net
===================================================================
--- configs/waurika-hs.client.onenet.net (revision 139245)
+++ configs/waurika-hs.client.onenet.net (working copy)
@@ -1,6 +1,7 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at WAURIKA-HIGH-SRX220-LEASED-004637> show system commit
+# show chassis environment
# 2015-07-20 16:00:02 CDT by sky via cli
# 2015-07-20 15:59:27 CDT by sky via cli commit confirmed, rollback in 3mins
# 2015-03-31 11:00:49 CDT by admin via cli commit confirmed, rollback in 5mins
Index: configs/rpswi2.rp1f3.onenet.net
===================================================================
--- configs/rpswi2.rp1f3.onenet.net (revision 139380)
+++ configs/rpswi2.rp1f3.onenet.net (working copy)
@@ -512,8 +512,8 @@
#ge-1/0/4.0 up down
#ge-1/0/5 up down
#ge-1/0/5.0 up down
-#ge-1/0/6 up down
-#ge-1/0/6.0 up down
+#ge-1/0/6 up up
+#ge-1/0/6.0 up up
#ge-1/0/7 up down
#ge-1/0/7.0 up down
#ge-1/0/8 up up
Index: configs/core1.okc-mx960.onenet.net
===================================================================
--- configs/core1.okc-mx960.onenet.net (revision 139146)
+++ configs/core1.okc-mx960.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE1-MX960-RE0> show system commit
+# 2016-02-01 09:12:31 CST by andrew via cli commit synchronize
# 2016-01-24 15:00:13 CST by andrew via cli commit synchronize
# 2016-01-22 18:26:53 CST by andrew via cli commit synchronize
# 2016-01-22 16:39:50 CST by andrew via cli commit synchronize
# 2016-01-22 16:29:15 CST by andrew via cli commit confirmed, rollback in 3mins synchronize
# 2016-01-22 14:10:03 CST by andrew via cli commit synchronize
-# 2016-01-22 12:17:20 CST by andrew via cli commit synchronize
# grnoc-mon at OKC-CORE1-MX960-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -554,7 +554,7 @@
# grnoc-mon at OKC-CORE1-MX960-RE0> show system uptime
# System booted: 2015-06-07 00:00 CDT
# Protocols started: 2015-06-07 00:03 CDT
-# Last configured: 2016-01-24 15:00 CST by andrew
+# Last configured: 2016-02-01 09:12 CST by andrew
#
# {master}
# grnoc-mon at OKC-CORE1-MX960-RE0> show interface terse
@@ -686,6 +686,7 @@
#ge-2/3/8.2548 up up
#ge-2/3/8.2550 up up
#ge-2/3/8.2570 up up
+#ge-2/3/8.2571 up up
#ge-2/3/8.32767 up up
#ge-2/3/9 up up
#ge-2/3/9.0 up up
@@ -847,9 +848,10 @@
#lsi.512 up up
#lsi.513 up up
#lsi.514 up up
-#lsi.515 up up
#lsi.516 up up
#lsi.517 up up
+#lsi.518 up up
+#lsi.519 up up
#lsi.1059891 up up
#lsi.1059942 up up
#lsi.1060070 up up
@@ -865,7 +867,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE1-MX960-RE0> show configuration
-## Last commit: 2016-01-24 15:00:13 CST by andrew
+## Last commit: 2016-02-01 09:12:31 CST by andrew
version 13.3R6.5;
groups {
re0 {
@@ -1484,6 +1486,14 @@
address 10.119.52.8/31;
}
}
+ unit 2571 {
+ description "DHS AGENCY GUEST VPN [NO-MONITOR]";
+ vlan-id 2571;
+ family inet {
+ mtu 1500;
+ address 10.119.56.8/31;
+ }
+ }
}
ge-2/3/9 {
description "OneNet State VPN Headend Untrust [NO-MONITOR] | CIR000XXXX";
@@ -13158,6 +13168,48 @@
then reject;
}
}
+ policy-statement DHS-GUEST-VRF-EXPORT {
+ term 1 {
+ from protocol static;
+ then {
+ community add DHS-GUEST-VPN;
+ accept;
+ }
+ }
+ term 2 {
+ from protocol direct;
+ then {
+ community add DHS-GUEST-VPN;
+ accept;
+ }
+ }
+ term 3 {
+ from protocol ospf;
+ then {
+ community add DHS-GUEST-VPN;
+ accept;
+ }
+ }
+ term 4 {
+ from protocol bgp;
+ then {
+ community add DHS-GUEST-VPN;
+ accept;
+ }
+ }
+ }
+ policy-statement DHS-GUEST-VRF-IMPORT {
+ term 1 {
+ from {
+ protocol bgp;
+ community DHS-GUEST-VPN;
+ }
+ then accept;
+ }
+ term 2 {
+ then reject;
+ }
+ }
policy-statement EBGP-INTERNET-TO-SOCKNET-EXPORT {
term ACCEPT-DEFAULT {
from {
@@ -13487,6 +13539,7 @@
}
}
community DHS-DATA-VPN members target:5078:2570;
+ community DHS-GUEST-VPN members target:5078:2571;
community OKCCORE1 members 5078:211;
community OMES-AGENCY-DATA-VPN members target:5078:2548;
community OMES-MGMT-VPN members target:5078:2550;
@@ -13973,7 +14026,7 @@
description DHS-DATA-L3VPN;
instance-type vrf;
interface ge-2/3/8.2570;
- route-distinguisher 164.58.199.214:2570;
+ route-distinguisher 164.58.199.211:2570;
vrf-import DHS-DATA-VRF-IMPORT;
vrf-export DHS-DATA-VRF-EXPORT;
vrf-target target:5078:2570;
@@ -13987,6 +14040,24 @@
}
}
}
+ DHS-GUEST-L3VPN {
+ description DHS-GUEST-L3VPN;
+ instance-type vrf;
+ interface ge-2/3/8.2571;
+ route-distinguisher 164.58.199.211:2571;
+ vrf-import DHS-GUEST-VRF-IMPORT;
+ vrf-export DHS-GUEST-VRF-EXPORT;
+ vrf-target target:5078:2571;
+ vrf-table-label;
+ protocols {
+ ospf {
+ export DHS-EXPORT-BGP-TO-OSPF;
+ area 0.0.0.0 {
+ interface ge-2/3/8.2571;
+ }
+ }
+ }
+ }
OMES-AGENCY-DATA-L3VPN {
description OMES-AGENCY-DATA-L3VPN;
instance-type vrf;
Index: configs/city-of-lawton.client.onenet.net
===================================================================
--- configs/city-of-lawton.client.onenet.net (revision 138744)
+++ configs/city-of-lawton.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at CITY-OF-LAWTON-TAG-004950> show system commit
+# 2016-02-01 09:57:18 CST by joel via cli
+# 2016-02-01 09:51:18 CST by joel via cli commit confirmed, rollback in 3mins
+# 2016-02-01 09:43:25 CST by joel via cli commit confirmed, rollback in 3mins
# 2016-01-11 10:24:09 CST by joel via cli
# 2015-11-19 09:30:51 CST by joel via cli
# 2015-11-18 16:14:12 CST by joel via cli
-# 2015-11-18 15:53:21 CST by joel via cli
-# 2015-11-18 15:48:50 CST by joel via cli
-# 2015-11-18 15:46:09 CST by joel via cli
# grnoc-mon at CITY-OF-LAWTON-TAG-004950> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -115,7 +115,7 @@
# grnoc-mon at CITY-OF-LAWTON-TAG-004950> show system uptime
# System booted: 2015-11-18 00:25 CST
# Protocols started: 2015-11-18 00:28 CST
-# Last configured: 2016-01-11 10:24 CST by joel
+# Last configured: 2016-02-01 09:57 CST by joel
#
# grnoc-mon at CITY-OF-LAWTON-TAG-004950> show interface terse
#Interface Admin Link
@@ -169,7 +169,7 @@
#vlan up up
#vlan.999 up down
# grnoc-mon at CITY-OF-LAWTON-TAG-004950> show configuration
-## Last commit: 2016-01-11 10:24:09 CST by joel
+## Last commit: 2016-02-01 09:57:18 CST by joel
version 12.1X46-D20.5;
system {
host-name CITY-OF-LAWTON-TAG-004950;
@@ -1292,6 +1292,54 @@
}
}
}
+ from-zone DMZ to-zone UNTRUST {
+ policy ALLOW-GISWEB-to-ESRI-for-LICENSING {
+ match {
+ source-address SERVER-GISWEB-INSIDE-192.168.100.86;
+ destination-address any;
+ application GIS-WEB-LICENSING-ESRI-PRODUCTS;
+ }
+ then {
+ permit;
+ log {
+ session-close;
+ }
+ }
+ }
+ policy ALLOW-GISWEB-to-HTTP {
+ match {
+ source-address SERVER-GISWEB-INSIDE-192.168.100.86;
+ destination-address any;
+ application junos-http;
+ }
+ then {
+ permit;
+ }
+ }
+ policy ALLOW-GISWEB-to-HTTPS {
+ match {
+ source-address SERVER-GISWEB-INSIDE-192.168.100.86;
+ destination-address any;
+ application junos-https;
+ }
+ then {
+ permit;
+ }
+ }
+ policy DENY-ALL-ELSE {
+ match {
+ source-address any;
+ destination-address any;
+ application any;
+ }
+ then {
+ deny;
+ log {
+ session-init;
+ }
+ }
+ }
+ }
}
zones {
security-zone DMZ {
@@ -1419,6 +1467,10 @@
term udp-500 protocol udp destination-port 500;
term udp-4500 protocol udp destination-port 4500;
}
+ application GIS-WEB-LICENSING-ESRI-PRODUCTS {
+ description "GIS-WEB ESRI Products Licensing Ports";
+ term LICENSING-tcp-27000-27009 protocol tcp destination-port 27000-27009;
+ }
}
ethernet-switching-options {
secure-access-port {
Index: configs/core4.okc.onenet.net
===================================================================
--- configs/core4.okc.onenet.net (revision 139375)
+++ configs/core4.okc.onenet.net (working copy)
@@ -10756,6 +10756,7 @@
# 172.23.0.54 xe-2/0/1.803 Full 10.199.2.127
# 172.23.0.98 xe-2/0/1.804 Full 10.199.2.79
# 172.23.4.50 xe-2/0/1.805 Full 10.199.2.116
+# 172.23.5.162 xe-2/0/1.813 Full 10.199.2.67
# 172.23.5.194 xe-2/0/1.877 Full 10.199.2.46
#
# {master}
Index: configs/wainwright-isd.client.onenet.net
===================================================================
--- configs/wainwright-isd.client.onenet.net (revision 139380)
+++ configs/wainwright-isd.client.onenet.net (working copy)
@@ -1,13 +1,13 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at WAINWRIGHT-ISD-SRX220-LEASED-4659-005783> show system commit
-# show chassis environment
# 2016-01-27 13:10:56 CST by sean via cli commit confirmed, rollback in 2mins
# 2016-01-27 11:31:12 CST by joel via cli
# 2016-01-24 12:05:51 CST by sean via cli commit confirmed, rollback in 3mins
# 2016-01-22 18:54:01 CST by sean via cli commit confirmed, rollback in 2mins
# 2016-01-22 18:37:01 CST by sean via cli
# 2016-01-22 17:45:04 CST by sean via cli commit confirmed, rollback in 2mins
+# show chassis firmware
# grnoc-mon at WAINWRIGHT-ISD-SRX220-LEASED-4659-005783> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
Index: configs/maysville-hs.client.onenet.net
===================================================================
--- configs/maysville-hs.client.onenet.net (revision 139380)
+++ configs/maysville-hs.client.onenet.net (working copy)
@@ -46,7 +46,6 @@
# Serial ID ACLC7669
#
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show chassis scb
-# show chassis sfm detail
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show chassis sfm detail
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show chassis ssb
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show system boot-messages
Index: configs/meeker-ps.client.onenet.net
===================================================================
--- configs/meeker-ps.client.onenet.net (revision 139379)
+++ configs/meeker-ps.client.onenet.net (working copy)
@@ -144,8 +144,8 @@
#ge-0/0/11 down down
#ge-0/0/12 down down
#ge-0/0/13 down down
-#ge-0/0/14 up up
-#ge-0/0/14.0 up up
+#ge-0/0/14 up down
+#ge-0/0/14.0 up down
#ge-0/0/15 up up
#ge-0/0/15.0 up up
#fxp2 up up
Index: configs/hub.tsb.onenet.net
===================================================================
--- configs/hub.tsb.onenet.net (revision 139380)
+++ configs/hub.tsb.onenet.net (working copy)
@@ -199,7 +199,7 @@
# -rw-rw---- 1 root field 51994624 Oct 24 2013 ifinfo.core.1
# -rw-rw---- 1 root field 51974144 Oct 24 2013 ifinfo.core.2
# -rw-rw---- 1 root field 52744192 Oct 24 2013 ifinfo.core.3
-# -rw-rw---- 1 root field 52727808 Feb 1 08:56 ifinfo.core.4
+# -rw-rw---- 1 root field 52727808 Feb 1 09:56 ifinfo.core.4
# drwxrwxrwx 2 root wheel 512 Oct 12 2012 install/
# -rw-rw---- 1 root field 33464320 Mar 3 2014 jdiameterd.core.0
# -rw-r--r-- 1 eng field 99542994 Apr 23 2013 jinstall-ppc-11.4R7.5-domestic-signed.tgz
Index: configs/rpswi1.okc.onenet.net
===================================================================
--- configs/rpswi1.okc.onenet.net (revision 139380)
+++ configs/rpswi1.okc.onenet.net (working copy)
@@ -261,12 +261,12 @@
#ge-0/0/42.0 up down
#ge-0/0/43 up up
#ge-0/0/43.0 up up
-#ge-0/0/44 up up
-#ge-0/0/44.0 up up
+#ge-0/0/44 up down
+#ge-0/0/44.0 up down
#ge-0/0/45 up up
#ge-0/0/45.0 up up
-#ge-0/0/46 up up
-#ge-0/0/46.0 up up
+#ge-0/0/46 up down
+#ge-0/0/46.0 up down
#ge-0/0/47 up up
#ge-0/0/47.0 up up
#xe-0/1/0 up up
More information about the Nocrancid
mailing list