[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Thu Jan 21 19:02:27 CST 2016
Index: router.db
===================================================================
--- router.db (revision 139064)
+++ router.db (working copy)
@@ -125,6 +125,7 @@
core8.okc.onenet.net:cisco:down
core8.tul-C7603.onenet.net:cisco:down
core8.tul.onenet.net:juniper:up
+core9.okc.onenet.net:juniper:up
core9.tul.onenet.net:cisco:down
decom.san-sw-tulsa.onenet.net:cisco:down
denison-ps-srx220.client.onenet.net:juniper:up
Index: routers.up
===================================================================
--- routers.up (revision 139021)
+++ routers.up (working copy)
@@ -112,6 +112,7 @@
core6.tul-m7i.onenet.net:juniper
core8.okc-mx480.onenet.net:juniper
core8.tul.onenet.net:juniper
+core9.okc.onenet.net:juniper
denison-ps-srx220.client.onenet.net:juniper
dewey-ps.client.onenet.net:juniper
dickson-ps.client.onenet.net:juniper
Index: configs/maysville-es.client.onenet.net
===================================================================
--- configs/maysville-es.client.onenet.net (revision 139062)
+++ configs/maysville-es.client.onenet.net (working copy)
@@ -1,7 +1,6 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show system commit
-# show chassis environment
# 2015-10-26 13:12:04 CDT by admin via cli
# 2015-10-26 13:08:26 CDT by admin via cli
# 2015-10-26 12:58:03 CDT by admin via cli
Index: configs/hub.dur.onenet.net
===================================================================
--- configs/hub.dur.onenet.net (revision 139055)
+++ configs/hub.dur.onenet.net (working copy)
@@ -373,7 +373,7 @@
#fe-2/1/1.0 up up
#fe-2/1/2 up up
#fe-2/1/2.0 up up
-#fe-2/1/3 down down
+#fe-2/1/3 down up
#ge-2/2/0 down down
#pc-2/2/0 up up
#pc-2/2/0.16383 up up
Index: configs/core9.okc.onenet.net
===================================================================
--- configs/core9.okc.onenet.net (revision 139065)
+++ configs/core9.okc.onenet.net (working copy)
@@ -0,0 +1,834 @@
+# RANCID-CONTENT-TYPE: juniper
+#
+# grnoc-mon at OKC-CORE9-VRR> show system commit
+# 2016-01-21 18:29:49 CST by admin via cli
+# 2016-01-21 18:15:42 CST by root via cli
+# 2016-01-21 18:10:14 CST by root via cli
+# 2016-01-21 18:09:34 CST by root via cli
+# 2016-01-21 18:01:01 CST by root via other
+# rescue 2016-01-21 18:30:29 CST by andrew via cli
+#
+# grnoc-mon at OKC-CORE9-VRR> show chassis environment
+#
+# grnoc-mon at OKC-CORE9-VRR> show chassis firmware
+#
+# grnoc-mon at OKC-CORE9-VRR> show chassis fpc detail
+#
+# grnoc-mon at OKC-CORE9-VRR> show chassis hardware
+# Hardware inventory:
+# Item Version Part number Serial number Description
+# Chassis VR56A17146C4 VRR
+# Midplane
+# Routing Engine RE-VRR
+#
+# grnoc-mon at OKC-CORE9-VRR> show chassis hardware models
+#
+# grnoc-mon at OKC-CORE9-VRR> show chassis routing-engine
+# Routing Engine status:
+# DRAM 6124 MB (6144 MB installed)
+# Serial ID VR56A17146C4
+#
+# grnoc-mon at OKC-CORE9-VRR> show chassis scb
+# grnoc-mon at OKC-CORE9-VRR> show chassis sfm detail
+# grnoc-mon at OKC-CORE9-VRR> show chassis ssb
+# grnoc-mon at OKC-CORE9-VRR> show system boot-messages
+# Copyright (c) 1996-2015, Juniper Networks, Inc.
+# All rights reserved.
+# Copyright (c) 1992-2007 The FreeBSD Project.
+# Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
+# The Regents of the University of California. All rights reserved.
+# FreeBSD is a registered trademark of The FreeBSD Foundation.
+# Timecounter "i8254" frequency 1193182 Hz quality 0
+# CPU: QEMU Virtual CPU version (cpu64-rhel6) (3092.99-MHz K8-class CPU)
+# Origin = "GenuineIntel" Id = 0x6d3 Stepping = 3
+# Features=0x78bfbfd<FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2>
+# Features2=0x80002001<SSE3,CX16,<b31>>
+# AMD Features=0x20100800<SYSCALL,NX,LM>
+# AMD Features2=0x1<LAHF>
+# Security policy loaded: Junos MAC/veriexec (mac_veriexec)
+# Security policy loaded: JUNOS MAC/runasnonroot (mac_runasnonroot)
+# Security policy loaded: JUNOS MAC/pcap (mac_pcap)
+# MAC/veriexec fingerprint module loaded: SHA1
+# MAC/veriexec fingerprint module loaded: SHA256
+# Initializing M/T/EX platform properties ..
+# cpu0 on motherboard
+# pcib0: <Host to PCI bridge> pcibus 0 on motherboard
+# pci0: <PCI bus> on pcib0
+# Correcting Natoma config for non-SMP
+# isab0: <PCI-ISA bridge> at device 1.0 on pci0
+# isa0: <ISA bus> on isab0
+# atapci0: <Intel PIIX3 WDMA2 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xc000-0xc00f at device 1.1 on pci0
+# ata0: <ATA channel 0> on atapci0
+# ata1: <ATA channel 1> on atapci0
+# smb0: <Intel 82371AB SMB controller> irq 9 at device 1.3 on pci0
+# em0: <Intel(R) PRO/1000 Network Connection Version - 3.2.18> port 0xc040-0xc07f mem 0xf0000000-0xf001ffff irq 11 at device 3.0 on pci0
+# em0: Memory Access and/or Bus Master bits were not set!
+# pci0: <serial bus, USB> at device 4.0 (no driver attached)
+# pci0: <serial bus, USB> at device 4.1 (no driver attached)
+# pci0: <serial bus, USB> at device 4.2 (no driver attached)
+# ehci0: <EHCI (generic) USB 2.0 controller> mem 0xf0040000-0xf0040fff irq 11 at device 4.7 on pci0
+# usb0: EHCI version 1.0
+# usb0: <EHCI (generic) USB 2.0 controller> on ehci0
+# usb0: USB revision 2.0
+# uhub0: Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
+# uhub0: 6 ports with 6 removable, self powered
+# virtio_pci0: <VirtIO PCI Balloon adapter> port 0xc0e0-0xc0ff irq 10 at device 5.0 on pci0
+# orm0: <ISA Option ROMs> at iomem 0xc0000-0xc0fff,0xc1000-0xc17ff on isa0
+# atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
+# atkbd0: <AT Keyboard> irq 1 on atkbdc0
+# kbd0 at atkbd0
+# psm0: <PS/2 Mouse> irq 12 on atkbdc0
+# psm0: model IntelliMouse Explorer, device ID 4
+# sio0 at port 0x3f8-0x3ff irq 4 flags 0x90 on isa0
+# sio0: type 16550A, console
+# sio1: configured irq 5 not in bitmap of probed irqs 0
+# sio1: port may not be enabled
+# sio2: configured irq 3 not in bitmap of probed irqs 0
+# sio2: port may not be enabled
+# sio3: configured irq 7 not in bitmap of probed irqs 0
+# sio3: port may not be enabled
+# Setting the product info to VRR
+# Initializing product: 170 ..
+# Setting up M/T interface operations and attributes
+# em0: bus=0, device=3, func=0, Ethernet address 52:54:00:47:1b:70
+# Loading Redundant LT driver
+# Registered AMT tunnel Encap with UDP Tunnel!
+# ###PCB Group initialized for udppcbgroup
+# ###PCB Group initialized for tcppcbgroup
+# ad0: 16378MB <QEMU HARDDISK 0.12.1> at ata0-master WDMA2
+# Loading JUNOS chassis module
+# chassis_init_hw_chassis_startup_time: chassis startup time 0.000000
+# Kernel thread "wkupdaemon" (pid 41) exited prematurely.
+# Trying to mount root from ufs:/dev/ad0s1a
+# ad0: WARNING - READ_DMA ABORT error (retrying request) LBA=63
+# ad0: WARNING - READ_DMA ABORT error (retrying request) LBA=63
+# ad0: WARNING - READ_DMA ABORT error (retrying request) LBA=63
+# ad0: WARNING - READ_DMA ABORT error (retrying request) LBA=63
+# ad0: FAILURE - READ_DMA status=41<READY,ERROR> error=4<ABORTED> LBA=63
+#
+# grnoc-mon at OKC-CORE9-VRR> show version
+# Hostname: OKC-CORE9-VRR # Model: vrr # Junos: 14.2R4.9 # JUNOS Base OS boot [14.2R4.9] # JUNOS Base OS Software Suite [14.2R4.9] # JUNOS Crypto Software Suite [14.2R4.9] # JUNOS Online Documentation [14.2R4.9] # JUNOS 64-bit Kernel Software Suite [14.2R4.9] # JUNOS platform Software Suite [14.2R4.9] # JUNOS Routing Software Suite [14.2R4.9] # JUNOS Runtime Software Suite [14.2R4.9] # JUNOS 64-bit Runtime Software Suite [14.2R4.9] # # grnoc-mon at OKC-CORE9-VRR> file list /var/tmp detail #
+# /var/tmp:
+# total blocks: 44
+# -rw-r--r-- 1 root field 0 Jan 21 18:01 LOCK_FILE
+# drwxr-xr-x 2 root 929 512 Jan 21 18:01 gres-tp/
+# -rw-r--r-- 1 root field 4 Jan 21 18:08 idp_license_info
+# drwxrwxrwx 2 root wheel 512 Jan 21 18:01 install/
+# -rw-r--r-- 1 root 929 79 Jan 21 18:15 kmdchk.log
+# drwxrwxrwx 2 root wheel 512 Jan 21 18:01 pics/
+# drwxr-xr-x 2 root field 512 Jan 21 18:01 rtsdb/
+# drwxr-xr-x 2 root 929 512 Jan 21 18:00 sd-upgrade/
+# drwxr-xr-x 3 root field 512 Jan 21 18:08 sec-download/
+# drwxrwxrwt 2 root wheel 512 Jan 21 18:01 vi.recover/
+# total files: 3
+#
+# grnoc-mon at OKC-CORE9-VRR> show system uptime
+# System booted: 2016-01-21 18:07 CST
+# Protocols started: 2016-01-21 18:08 CST
+# Last configured: 2016-01-21 18:29 CST by admin
+#
+# grnoc-mon at OKC-CORE9-VRR> show interface terse
+#Interface Admin Link
+#cbp0 up up
+#demux0 up up
+#dsc up up
+#em0 up up
+#em0.801 up up
+#esi up up
+#gre up up
+#ipip up up
+#irb up up
+#jsrv up up
+#jsrv.1 up up
+#lo0 up up
+#lo0.0 up up
+#lo0.16384 up up
+#lo0.16385 up up
+#lo0.32768 up up
+#lsi up up
+#mtun up up
+#pimd up up
+#pime up up
+#pip0 up up
+#pp0 up up
+#tap up up
+#vtep up up
+# grnoc-mon at OKC-CORE9-VRR> show configuration
+## Last commit: 2016-01-21 18:29:49 CST by admin
+version 14.2R4.9;
+groups {
+ ISIS-LEVEL2 {
+ protocols {
+ isis {
+ interface <*> {
+ link-protection;
+ bfd-liveness-detection {
+ minimum-interval 400;
+ multiplier 3;
+ }
+ level 2 {
+ hello-#authentication-#key <removed>;
+ hello-authentication-type md5;
+ }
+ level 1 disable;
+ }
+ }
+ }
+ }
+}
+system {
+ host-name OKC-CORE9-VRR;
+ domain-name onenet.net;
+ backup-router 172.25.46.1;
+ time-zone America/Chicago;
+ authentication-order [ radius password ];
+ root-authentication {
+# encrypted-password <removed>;
+ }
+ name-server {
+ 164.58.253.10;
+ 164.58.253.4;
+ }
+ radius-server {
+ 156.110.31.11 {
+ port 1812;
+ accounting-port 1813;
+# secret "<removed>"; ## SECRET-DATA
+ source-address 164.58.199.219;
+ }
+ }
+ login {
+ message "\n\n************************************ WARNING ****************************************\n\n* To protect the system from unauthorized use, *\n\n* activities on this system are monitored,recorded and subject to audit. *\n\n* Use of this system is expressed consent to such monitoring and recording. *\n\n* Any unauthorized access or use of this system is prohibited and *\n\n* is subject to criminal and civil penalties and/or administrative action. *\n\n******************** UNAUTHORIZED USE IS STRICTLY PROHIBITED ************************\n\n";
+ class admin {
+ idle-timeout 1440;
+ permissions all;
+ }
+ class lockdown {
+ idle-timeout 2;
+ permissions view;
+ deny-commands .*;
+ deny-configuration .*;
+ }
+ class operator-local {
+ idle-timeout 15;
+ permissions [ access admin configure firewall interface network routing snmp system trace view ];
+ allow-commands "show log messages";
+ }
+ class robot {
+ idle-timeout 10;
+ permissions [ admin configure firewall interface routing secret security snmp system trace view ];
+ }
+ user admin {
+ uid 1000;
+ class super-user;
+ authentication {
+# encrypted-password <removed>;
+ }
+ }
+ user eng {
+ uid 2018;
+ class admin;
+ }
+ user rancid {
+ uid 2001;
+ class robot;
+ }
+ user remote {
+ uid 2002;
+ class operator-local;
+ }
+ user upgrades {
+ uid 2003;
+ class operator;
+ authentication {
+# ssh-rsa <removed>;
+ }
+ }
+ }
+ services {
+ ssh {
+ root-login deny;
+ protocol-version v2;
+ max-sessions-per-connection 32;
+ }
+ netconf {
+ ssh;
+ }
+ web-management {
+ http;
+ }
+ }
+ syslog {
+ archive size 10m files 20;
+ user * {
+ any emergency;
+ }
+ host 164.58.253.92 {
+ any any;
+ }
+ host 164.58.253.38 {
+ any any;
+ }
+ file messages {
+ any notice;
+ authorization info;
+ }
+ file interactive-commands {
+ interactive-commands any;
+ }
+ file PROTECT-RE {
+ firewall any;
+ archive no-world-readable;
+ }
+ file default-log-messages {
+ any info;
+ match "(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|CFMD_CCM_DEFECT| LFMD_3AH | RPD_MPLS_PATH_BFD|(Master Unchanged, Members Changed)|(Master Changed, Members Changed)|(Master Detected, Members Changed)|(vc add)|(vc delete)|(Master detected)|(Master changed)|(Backup detected)|(Backup changed)|(interface vcp-)";
+ structured-data;
+ }
+ file updown {
+ any any;
+ match "SNMP_TRAP_LINK_|(TRAP_LINK)|bgp_rt_maxprefixes_check|RPD_BGP_NEIGHBOR_STATE";
+ }
+ source-address 164.58.199.219;
+ }
+ ntp {
+ server 164.58.3.98 prefer;
+ }
+}
+security {
+ ipsec {
+ security-association OneNet-OSPF3-AUTH {
+ mode transport;
+ manual {
+ direction bidirectional {
+ protocol ah;
+ spi 256;
+ authentication {
+ algorithm hmac-md5-96;
+# key <removed>;
+ }
+ }
+ }
+ }
+ }
+}
+interfaces {
+ em0 {
+ vlan-tagging;
+ unit 801 {
+ vlan-id 801;
+ family inet {
+ mtu 1500;
+ address 164.58.244.141/31;
+ }
+ family iso;
+ family inet6 {
+ mtu 1500;
+ address 2610:1d8:6900::5/127;
+ }
+ family mpls;
+ }
+ }
+ lo0 {
+ unit 0 {
+ family inet {
+ filter {
+ input PROTECT-RE;
+ }
+ address 127.0.0.1/32;
+ address 164.58.199.219/32;
+ }
+ family iso {
+ address 49.0001.1640.5819.9219.00;
+ }
+ family inet6 {
+ address 2610:1d8::164:58:199:219/128;
+ }
+ }
+ }
+}
+snmp {
+ location "Oklahoma City, OK";
+ contact "Net Group";
+ client-list snmp-management {
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.253.0/24;
+ 0.0.0.0/0 {
+ restrict;
+ }
+ }
+ community "<removed>" {
+ authorization read-only;
+ }
+ community "<removed>" {
+ authorization read-write;
+ }
+ trap-options {
+ source-address 164.58.199.219;
+ }
+ trap-group "<removed>" {
+ version v2;
+ targets {
+ 164.58.253.34;
+ 164.58.253.35;
+ }
+ }
+}
+routing-options {
+ router-id 164.58.199.219;
+ autonomous-system 5078;
+ forwarding-table {
+ export LOAD-BALANCE;
+ }
+}
+protocols {
+ mpls {
+ interface lo0.0;
+ interface em0.801;
+ }
+ bgp {
+ group ROUTE-REFLECTOR-V4 {
+ type internal;
+ local-address 164.58.199.219;
+ family inet {
+ any;
+ }
+ family inet-vpn {
+ unicast;
+ }
+ family inet6-vpn {
+ unicast;
+ }
+ family l2vpn {
+ signaling;
+ }
+# authentication-#key <removed>;
+ peer-as 5078;
+ neighbor 164.58.199.216 {
+ description ROUTE-REFLECTOR-OKC-M7i;
+ }
+ neighbor 164.58.199.226 {
+ description ROUTE-REFLECTOR-TULSA-M7i;
+ }
+ }
+ group GLOBAL-ROUTING-V4 {
+ type internal;
+ family inet {
+ any;
+ }
+ family inet-vpn {
+ unicast;
+ }
+ family inet6-vpn {
+ unicast;
+ }
+ family l2vpn {
+ signaling;
+ }
+# authentication-#key <removed>;
+ cluster 164.58.199.219;
+ peer-as 5078;
+ neighbor 164.58.199.69 {
+ description "FAYE.OKCDC [NO-MONITOR]";
+ }
+ }
+ }
+ isis {
+ apply-groups ISIS-LEVEL2;
+ reference-bandwidth 1000g;
+ overload;
+ level 1 disable;
+ interface em0.801;
+ interface fxp0.0 {
+ apply-groups-except ISIS-LEVEL2;
+ disable;
+ }
+ interface lo0.0 {
+ apply-groups-except ISIS-LEVEL2;
+ passive;
+ level 1 disable;
+ }
+ }
+ ospf {
+ reference-bandwidth 100g;
+ area 0.0.0.0 {
+ interface em0.801 {
+ authentication {
+ md5 7# key <removed>;
+ }
+ }
+ interface lo0.0;
+ interface fxp0.0 {
+ disable;
+ }
+ }
+ }
+ ospf3 {
+ reference-bandwidth 100g;
+ area 0.0.0.0 {
+ interface em0.801 {
+ link-protection;
+ ipsec-sa OneNet-OSPF3-AUTH;
+ bfd-liveness-detection {
+ minimum-interval 400;
+ multiplier 3;
+ }
+ }
+ interface lo0.0;
+ }
+ }
+ ldp {
+ preference 255;
+ track-igp-metric;
+ interface em0.801;
+ interface lo0.0;
+ }
+}
+policy-options {
+ prefix-list CORE-BGP {
+ 164.58.199.211/32;
+ 164.58.199.212/32;
+ 164.58.199.213/32;
+ 164.58.199.214/32;
+ 164.58.199.215/32;
+ 164.58.199.219/32;
+ 164.58.199.221/32;
+ 164.58.199.222/32;
+ 164.58.199.223/32;
+ 164.58.199.224/32;
+ 164.58.199.225/32;
+ 164.58.199.226/32;
+ 164.58.199.230/32;
+ 164.58.199.231/32;
+ 164.58.199.232/32;
+ 164.58.199.233/32;
+ 164.58.199.234/32;
+ 164.58.250.126/32;
+ }
+ prefix-list HUB-BGP {
+ 10.199.2.0/24;
+ 164.58.199.0/24;
+ }
+ prefix-list PRE-LDP-SOURCES {
+ 10.199.0.0/16;
+ }
+ prefix-list SOFTWARE-BGP {
+ 164.58.250.127/32;
+ }
+ policy-statement DEFAULT-IBGP-EXPORT {
+ term NEEDED-ROUTES {
+ from {
+ protocol bgp;
+ as-path NULL;
+ }
+ then accept;
+ }
+ term ONENET-ROUTES {
+ from {
+ protocol bgp;
+ route-filter 164.58.0.0/16 orlonger;
+ route-filter 156.110.0.0/16 orlonger;
+ }
+ then accept;
+ }
+ term INTERNAL-BGP-ROUTES {
+ from {
+ protocol bgp;
+ community [ ONENET_SRC_CUSTOMER ONENET_SRC_PEER ];
+ }
+ then accept;
+ }
+ term MPLS-ROUTES {
+ from {
+ protocol bgp;
+ community MPLS-ROUTES;
+ }
+ then accept;
+ }
+ term DEFAULT {
+ from {
+ route-filter 0.0.0.0/0 exact;
+ }
+ then accept;
+ }
+ term REJECT {
+ then reject;
+ }
+ }
+ policy-statement DEFAULT-IBGP-V6-EXPORT {
+ term NEEDED-ROUTES {
+ from {
+ protocol bgp;
+ as-path NULL;
+ }
+ then accept;
+ }
+ term DEFAULT {
+ from {
+ route-filter ::/0 exact;
+ }
+ then accept;
+ }
+ term REJECT {
+ then reject;
+ }
+ }
+ policy-statement HUB-SITES-EXPORT {
+ inactive: term ALLOW-IBGP {
+ from as-path NULL;
+ then accept;
+ }
+ term ACCEPT-DEFAULT {
+ from {
+ route-filter 0.0.0.0/0 exact;
+ }
+ then accept;
+ }
+ term REJECT-ALL-ELSE {
+ then reject;
+ }
+ }
+ policy-statement IBGP-DEFAULT-ROUTE-EXPORT {
+ term DEFAULT-ROUTE {
+ from {
+ route-filter 0.0.0.0/0 exact accept;
+ }
+ }
+ term REJECT {
+ then reject;
+ }
+ }
+ policy-statement IBGP-DOH-EXPORT {
+ term doh {
+ from community DOH-VPN;
+ then accept;
+ }
+ term default {
+ from {
+ route-filter 0.0.0.0/0 exact accept;
+ }
+ }
+ term reject {
+ then reject;
+ }
+ }
+ policy-statement IBGP-EXABGP-V4-EXPORT {
+ term SEND-ROUTES {
+ then accept;
+ }
+ term REJECT-ALL-ELSE {
+ then reject;
+ }
+ }
+ policy-statement IBGP-EXABGP-V4-IMPORT {
+ term REJECT-ALL-ELSE {
+ then reject;
+ }
+ }
+ policy-statement IBGP-OSF-EXPORT {
+ term doh {
+ from community DOH-VPN;
+ then accept;
+ }
+ term default {
+ from {
+ route-filter 0.0.0.0/0 exact accept;
+ }
+ }
+ term reject {
+ then reject;
+ }
+ }
+ policy-statement LOAD-BALANCE {
+ then {
+ load-balance per-packet;
+ }
+ }
+ policy-statement REDISTRIBUTE-DIRECTS {
+ term 1 {
+ from protocol direct;
+ then {
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ }
+ policy-statement REDISTRIBUTE-STATICS {
+ term 1 {
+ from protocol static;
+ then accept;
+ }
+ }
+ community DOH-VPN members target:5078:3000;
+ community MPLS-ROUTES members target:5078:.*;
+ community ONENET_SRC_CUSTOMER members 5078:4300;
+ community ONENET_SRC_PEER members 5078:4200;
+ as-path NULL "()";
+}
+firewall {
+ family inet {
+ filter PROTECT-RE {
+ term SERVICES {
+ from {
+ source-address {
+ 129.15.127.96/28;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.253.0/24;
+ 64.207.244.14/32;
+ 66.129.224.37/32;
+ 164.58.15.0/24;
+ 164.58.244.0/22;
+ }
+ protocol tcp;
+ destination-port [ ssh http ];
+ }
+ then accept;
+ }
+ term OSPF-ALLOW {
+ from {
+ source-address {
+ 164.58.199.0/24;
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ protocol ospf;
+ }
+ then accept;
+ }
+ term IBGP-allow {
+ from {
+ source-prefix-list {
+ CORE-BGP;
+ HUB-BGP;
+ SOFTWARE-BGP;
+ }
+ protocol tcp;
+ port 179;
+ }
+ then accept;
+ }
+ term FIRST-FRAG {
+ from {
+ first-fragment;
+ }
+ then {
+ discard;
+ }
+ }
+ term NEXT-FRAG {
+ from {
+ is-fragment;
+ }
+ then {
+ discard;
+ }
+ }
+ term ICMP-ALLOW {
+ from {
+ protocol icmp;
+ icmp-type [ echo-reply echo-request unreachable time-exceeded ];
+ }
+ then accept;
+ }
+ term SERVICES-OUTBOUND {
+ from {
+ source-port [ domain ntp ssh syslog ftp 7804 telnet ];
+ }
+ then accept;
+ }
+ term RADIUS {
+ from {
+ source-address {
+ 156.110.31.11/32;
+ }
+ protocol [ udp tcp ];
+ port [ radius radacct ];
+ }
+ then accept;
+ }
+ term NTP {
+ from {
+ source-address {
+ 164.58.10.1/32;
+ 164.58.199.0/24;
+ }
+ protocol udp;
+ port ntp;
+ }
+ then accept;
+ }
+ term SNMP-ALLOW {
+ from {
+ source-address {
+ 164.58.253.0/24;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ }
+ protocol [ tcp udp ];
+ port [ snmp snmptrap ];
+ }
+ then accept;
+ }
+ term LDP-ALLOW {
+ from {
+ source-address {
+ 164.58.199.0/24;
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ port ldp;
+ }
+ }
+ term PIM-ALLOW {
+ from {
+ source-address {
+ 164.58.199.0/24;
+ 164.58.0.0/16;
+ }
+ protocol pim;
+ }
+ then accept;
+ }
+ term BFD-ALLOW {
+ from {
+ source-address {
+ 164.58.0.0/16;
+ }
+ protocol udp;
+ port [ 3784 3785 ];
+ }
+ then accept;
+ }
+ term TRACEROUTE-ALLOW {
+ from {
+ protocol udp;
+ destination-port 33434-33523;
+ }
+ then accept;
+ }
+ term DENY_ALL {
+ then {
+ discard;
+ }
+ }
+ }
+ }
+}
+# grnoc-mon at OKC-CORE9-VRR> show ospf neighbor
+# Address Interface State ID Pri Dead
+# 164.58.244.140 em0.801 Full 164.58.199.69
+#
+# grnoc-mon at OKC-CORE9-VRR> show bfd session
+ Detect Transmit
+Address State Interface Time Interval Multiplier
+164.58.244.140 Up em0.801 1.200 0.400 3
+fe80::120e:7e03:219a:2aa5 Up em0.801 1.200 0.400 3
+
+2 sessions, 2 clients
+Cumulative transmit rate 5.0 pps, cumulative receive rate 5.0 pps
+
Index: configs/rpswi2.rp1f3.onenet.net
===================================================================
--- configs/rpswi2.rp1f3.onenet.net (revision 139064)
+++ configs/rpswi2.rp1f3.onenet.net (working copy)
@@ -512,8 +512,8 @@
#ge-1/0/4.0 up down
#ge-1/0/5 up down
#ge-1/0/5.0 up down
-#ge-1/0/6 up down
-#ge-1/0/6.0 up down
+#ge-1/0/6 up up
+#ge-1/0/6.0 up up
#ge-1/0/7 up down
#ge-1/0/7.0 up down
#ge-1/0/8 up up
@@ -578,8 +578,8 @@
#ge-1/0/37.0 up down
#ge-1/0/38 up down
#ge-1/0/38.0 up down
-#ge-1/0/39 up up
-#ge-1/0/39.0 up up
+#ge-1/0/39 up down
+#ge-1/0/39.0 up down
#ge-1/0/40 up down
#ge-1/0/40.0 up down
#ge-1/0/41 up down
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net (revision 139063)
+++ configs/stringtown-high-school.client.onenet.net (working copy)
@@ -1,7 +1,6 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show system commit
-# show chassis environment
# 2016-01-19 09:16:22 CST by joel via cli
# 2016-01-11 10:33:48 CST by joel via cli
# 2016-01-07 22:36:29 CST by root via cli
Index: configs/hub.chi.onenet.net
===================================================================
--- configs/hub.chi.onenet.net (revision 139064)
+++ configs/hub.chi.onenet.net (working copy)
@@ -294,7 +294,7 @@
#t1-2/0/2:1 up up
#t1-2/0/2:1.16 up up
#t1-2/0/2:1.17 up up
-#t1-2/0/2:2 down up
+#t1-2/0/2:2 down down
#t1-2/0/2:3 down down
#t1-2/0/2:4 down down
#t1-2/0/2:5 down down
Index: configs/acx.cai.hart-acx2100.onenet.net
===================================================================
--- configs/acx.cai.hart-acx2100.onenet.net (revision 139061)
+++ configs/acx.cai.hart-acx2100.onenet.net (working copy)
@@ -73,6 +73,7 @@
# grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> show chassis sfm detail
# grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> show chassis ssb
# grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> show system boot-messages
+# show version
# platform_early_bootinit: MX-PPC Series Early Boot Initialization
# mxppc_set_re_type: hw.board.type is ACX-2100
# WDOG initialized
@@ -141,7 +142,8 @@
# WARNING: /var was not properly dismounted
#
# grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> show version
-# Hostname: HARTSHORNE-PUBLIC-LIBRARY-ACX2100 # Model: acx2100 # JUNOS Crypto Software Suite [12.3X54-D10.6] # JUNOS Base OS Software Suite [12.3X54-D10.6] # JUNOS Kernel Software Suite [12.3X54-D10.6] # JUNOS Base OS boot [12.3X54-D10.6] # JUNOS Packet Forwarding Engine Support (ACX) [12.3X54-D10.6] # JUNOS Online Documentation [12.3X54-D10.6] # JUNOS Routing Software Suite [12.3X54-D10.6] # # grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> file list /var/tmp detail #
+# Hostname: HARTSHORNE-PUBLIC-LIBRARY-ACX2100 # Model: acx2100 # JUNOS Crypto Software Suite [12.3X54-D10.6] # JUNOS Base OS Software Suite [12.3X54-D10.6] # JUNOS Kernel Software Suite [12.3X54-D10.6] # JUNOS Base OS boot [12.3X54-D10.6] # JUNOS Packet Forwarding Engine Support (ACX) [12.3X54-D10.6] # JUNOS Online Documentation [12.3X54-D10.6] # JUNOS Routing Software Suite [12.3X54-D10.6] # # grnoc-mon at HARTSHORNE-PUBLIC-LIBRARY-ACX2100> file list /var/tmp detail # show system uptime
+#
# /var/tmp:
# total blocks: 291872
# drwxr-xr-x 2 root field 512 Dec 31 2009 gres-tp/
Index: configs/meeker-ps.client.onenet.net
===================================================================
--- configs/meeker-ps.client.onenet.net (revision 139064)
+++ configs/meeker-ps.client.onenet.net (working copy)
@@ -1,6 +1,7 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at MEEKER-PS-LEASED-ASSET-TAG-004947> show system commit
+# show chassis environment
# 2015-12-14 15:34:07 CST by sean via cli
# 2015-11-20 10:50:09 CST by joel via cli
# 2015-11-20 10:48:21 CST by joel via cli
Index: configs/hub.tsb.onenet.net
===================================================================
--- configs/hub.tsb.onenet.net (revision 139064)
+++ configs/hub.tsb.onenet.net (working copy)
@@ -199,7 +199,7 @@
# -rw-rw---- 1 root field 51994624 Oct 24 2013 ifinfo.core.1
# -rw-rw---- 1 root field 51974144 Oct 24 2013 ifinfo.core.2
# -rw-rw---- 1 root field 52744192 Oct 24 2013 ifinfo.core.3
-# -rw-rw---- 1 root field 52727808 Jan 21 17:56 ifinfo.core.4
+# -rw-rw---- 1 root field 52727808 Jan 21 18:56 ifinfo.core.4
# drwxrwxrwx 2 root wheel 512 Oct 12 2012 install/
# -rw-rw---- 1 root field 33464320 Mar 3 2014 jdiameterd.core.0
# -rw-r--r-- 1 eng field 99542994 Apr 23 2013 jinstall-ppc-11.4R7.5-domestic-signed.tgz
Index: routers.all
===================================================================
--- routers.all (revision 139021)
+++ routers.all (working copy)
@@ -149,6 +149,7 @@
core8.okc.onenet.net:cisco
core8.tul-C7603.onenet.net:cisco
core8.tul.onenet.net:juniper
+core9.okc.onenet.net:juniper
core9.tul.onenet.net:cisco
decom.san-sw-tulsa.onenet.net:cisco
denison-ps-srx220.client.onenet.net:juniper
More information about the Nocrancid
mailing list