[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Wed Mar 2 00:02:39 CST 2016
Index: configs/maysville-es.client.onenet.net
===================================================================
--- configs/maysville-es.client.onenet.net (revision 140353)
+++ configs/maysville-es.client.onenet.net (working copy)
@@ -45,8 +45,10 @@
# Serial ID ACDT6307
#
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show chassis scb
+# show chassis sfm detail
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show chassis sfm detail
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show chassis ssb
+# show system boot-messages
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show system boot-messages
# kld_map_v: 0x8ff80000, kld_map_p: 0x0
# Copyright (c) 1996-2014, Juniper Networks, Inc.
@@ -110,10 +112,11 @@
# Trying to mount root from ufs:/dev/da0s1a
#
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show version
-# Hostname: MAYSVILLE-ES-LEASED-ASSET-TAG-004945 # Model: srx240h2 # JUNOS Software Release [12.1X44-D35.5] # # grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> file list /var/tmp detail # lrw-r--r-- 1 root wheel 11 May 19 2014 /var/tmp@ -> /cf/var/tmp
+# file list /var/tmp detail # Hostname: MAYSVILLE-ES-LEASED-ASSET-TAG-004945 # Model: srx240h2 # JUNOS Software Release [12.1X44-D35.5] # # grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> file list /var/tmp detail # lrw-r--r-- 1 root wheel 11 May 19 2014 /var/tmp@ -> /cf/var/tmp
# total files: 1
#
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show system uptime
+# show interface terse
# System booted: 2016-01-07 00:16 CST
# Protocols started: 2016-01-07 00:19 CST
# Last configured: 2015-10-26 13:12 CDT by admin
@@ -169,6 +172,7 @@
#vlan up up
#vlan.999 up down
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show configuration
+show ospf neighbor
## Last commit: 2015-10-26 13:12:04 CDT by admin
version 12.1X44-D35.5;
system {
@@ -614,6 +618,7 @@
# OSPF instance is not running
#
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show bfd session
+quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/faye.okcdc.onenet.net
===================================================================
--- configs/faye.okcdc.onenet.net (revision 140322)
+++ configs/faye.okcdc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at FAYE-MX104-RE0> show system commit
+# 2016-03-01 23:44:09 CST by andrew via cli
# 2016-02-29 18:17:51 CST by andrew via cli
# 2016-02-26 12:03:12 CST by andrew via cli
# 2016-02-26 11:59:53 CST by andrew via cli
# 2016-02-25 16:58:30 CST by andrew via cli
# 2016-02-25 16:28:15 CST by andrew via cli
-# 2016-02-24 22:43:11 CST by andrew via cli
# grnoc-mon at FAYE-MX104-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -248,7 +248,7 @@
# grnoc-mon at FAYE-MX104-RE0> show system uptime
# System booted: 2016-02-14 17:30 CST
# Protocols started: 2016-02-14 17:39 CST
-# Last configured: 2016-02-29 18:17 CST by andrew
+# Last configured: 2016-03-01 23:44 CST by andrew
#
# grnoc-mon at FAYE-MX104-RE0> show interface terse
#Interface Admin Link
@@ -318,8 +318,6 @@
#ge-1/1/8 up up
#ge-1/1/8.0 up up
#ge-1/1/9 up up
-#ge-1/1/9.666 up up
-#ge-1/1/9.2548 up up
#ge-1/1/9.2550 up up
#ge-1/1/9.32767 up up
#xe-2/0/0 up up
@@ -352,7 +350,6 @@
#lo0.16384 up up
#lo0.16385 up up
#lsi up up
-#lsi.0 up up
#lsi.1 up up
#lsi.2 up up
#lsi.1048576 up up
@@ -386,7 +383,7 @@
#pp0 up up
#tap up up
# grnoc-mon at FAYE-MX104-RE0> show configuration
-## Last commit: 2016-02-29 18:17:51 CST by andrew
+## Last commit: 2016-03-01 23:44:09 CST by andrew
version 13.3R8.7;
groups {
re0 {
@@ -928,21 +925,6 @@
description "TULSA VPN HEADEND TRUST [NO-MONITOR]";
vlan-tagging;
mtu 9014;
- unit 666 {
- vlan-id 666;
- family inet {
- mtu 1500;
- address 164.58.10.1/30;
- }
- }
- unit 2548 {
- description "OMES AGENCY DATA [NO-MONITOR]";
- vlan-id 2548;
- family inet {
- mtu 1500;
- address 10.119.24.12/31;
- }
- }
unit 2550 {
description "OMES MGMT [NO-MONITOR]";
vlan-id 2550;
@@ -1250,18 +1232,6 @@
description TUL-CORE6-IBGP-V6;
}
}
- group TEST {
- type external;
- accept-remote-nexthop;
- family inet {
- unicast;
- }
- neighbor 164.58.10.2 {
- import EBGP-XXXXXX-IMPORT;
- export EXPORT-DEFAULT;
- peer-as 64572;
- }
- }
group FLOWSPEC-SERVER-V4 {
type internal;
local-address 164.58.199.69;
@@ -1494,9 +1464,6 @@
198.186.190.0/24;
209.50.158.0/24;
}
- prefix-list EBGP-XXXXXX-PREFIXES {
- 164.58.10.4/30;
- }
prefix-list EBGP-ANDREW-TEST-V4-PREFIXES {
156.110.140.0/24;
}
@@ -1671,75 +1638,6 @@
then reject;
}
}
- policy-statement EBGP-XXXXXX-IMPORT {
- term CHECK-BLACKHOLE-LENGTH {
- from {
- community ONENET_BLACKHOLE;
- route-filter 0.0.0.0/0 prefix-length-range /24-/32;
- }
- then next term;
- }
- term ACCEPT-BLACKHOLE {
- from {
- community ONENET_BLACKHOLE;
- prefix-list-filter EBGP-XXXXXX-PREFIXES orlonger;
- }
- then {
- community set ONENET_BLACKHOLE;
- community add ONENET_PEER_XXXXXX;
- next-hop 192.0.2.1;
- accept;
- }
- }
- inactive: term REJECT-25-ORLONGER {
- from {
- route-filter 0.0.0.0/0 prefix-length-range /25-/32;
- }
- then reject;
- }
- term REMOVE-NON-ONENET-COMMUNITIES {
- from {
- prefix-list-filter EBGP-XXXXXX-PREFIXES orlonger;
- }
- then {
- community delete NOT_ONENET;
- next term;
- }
- }
- term SANITIZE-COMMUNITIES {
- from {
- community ONENET_SANITIZE;
- prefix-list-filter EBGP-XXXXXX-PREFIXES orlonger;
- }
- then {
- community delete ONENET_SANITIZE;
- next term;
- }
- }
- term ACCEPT-ROUTES {
- from {
- prefix-list-filter EBGP-XXXXXX-PREFIXES orlonger;
- }
- then {
- community add ONENET_PEER_XXXXXX;
- accept;
- }
- }
- term REJECT-ALL-ELSE {
- then reject;
- }
- }
- policy-statement EXPORT-DEFAULT {
- term DEFAULT {
- from {
- route-filter 0.0.0.0/0 exact;
- }
- then accept;
- }
- term REJECT-ALL-ELSE {
- then reject;
- }
- }
policy-statement EXPORT-NOTHING {
term REJECT-ALL-ELSE {
then reject;
@@ -1760,48 +1658,6 @@
then accept;
}
}
- policy-statement OMES-AGENCY-DATA-VRF-EXPORT {
- term 1 {
- from protocol static;
- then {
- community add OMES-AGENCY-DATA-VPN;
- accept;
- }
- }
- term 2 {
- from protocol direct;
- then {
- community add OMES-AGENCY-DATA-VPN;
- accept;
- }
- }
- term 3 {
- from protocol ospf;
- then {
- community add OMES-AGENCY-DATA-VPN;
- accept;
- }
- }
- term 4 {
- from protocol bgp;
- then {
- community add OMES-AGENCY-DATA-VPN;
- accept;
- }
- }
- }
- policy-statement OMES-AGENCY-DATA-VRF-IMPORT {
- term 1 {
- from {
- protocol bgp;
- community OMES-AGENCY-DATA-VPN;
- }
- then accept;
- }
- term 2 {
- then reject;
- }
- }
policy-statement OMES-EXPORT-BGP-TO-OSPF {
term DEFAULT-EXPORT {
from {
@@ -1948,7 +1804,6 @@
invert-match;
members 5078:*;
}
- community OMES-AGENCY-DATA-VPN members target:5078:2548;
community OMES-MGMT-VPN members target:5078:2550;
community ONENET-MGMT-VPN members target:5078:2543;
community ONENET_ADV_AKAMAI members 5078:5400;
@@ -2478,24 +2333,6 @@
}
}
routing-instances {
- OMES-AGENCY-DATA-L3VPN {
- description OMES-AGENCY-DATA-L3VPN;
- instance-type vrf;
- interface ge-1/1/9.2548;
- route-distinguisher 164.58.199.69:2548;
- vrf-import OMES-AGENCY-DATA-VRF-IMPORT;
- vrf-export OMES-AGENCY-DATA-VRF-EXPORT;
- vrf-target target:5078:2548;
- vrf-table-label;
- protocols {
- ospf {
- export OMES-EXPORT-BGP-TO-OSPF;
- area 0.0.0.0 {
- interface ge-1/1/9.2548;
- }
- }
- }
- }
OMES-MGMT-L3VPN {
description OMES-MGMT-L3VPN;
instance-type vrf;
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net (revision 140347)
+++ configs/stringtown-high-school.client.onenet.net (working copy)
@@ -46,6 +46,7 @@
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show chassis scb
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show chassis sfm detail
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show chassis ssb
+# show system boot-messages
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show system boot-messages
# kld_map_v: 0x8ff80000, kld_map_p: 0x0
# Copyright (c) 1996-2014, Juniper Networks, Inc.
@@ -110,7 +111,7 @@
# WARNING: / was not properly dismounted
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show version
-# Hostname: STRINGTOWN-HIGH-SCHOOL-TAG-004909 # Model: srx240h2 # JUNOS Software Release [12.1X44-D35.5] # # grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> file list /var/tmp detail # lrw-r--r-- 1 root wheel 11 May 19 2014 /var/tmp@ -> /cf/var/tmp
+# file list /var/tmp detail # Hostname: STRINGTOWN-HIGH-SCHOOL-TAG-004909 # Model: srx240h2 # JUNOS Software Release [12.1X44-D35.5] # # grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> file list /var/tmp detail # lrw-r--r-- 1 root wheel 11 May 19 2014 /var/tmp@ -> /cf/var/tmp
# total files: 1
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show system uptime
Index: configs/hub.chi.onenet.net
===================================================================
--- configs/hub.chi.onenet.net (revision 140343)
+++ configs/hub.chi.onenet.net (working copy)
@@ -294,7 +294,7 @@
#t1-2/0/2:1 up up
#t1-2/0/2:1.16 up up
#t1-2/0/2:1.17 up up
-#t1-2/0/2:2 down down
+#t1-2/0/2:2 down up
#t1-2/0/2:3 down down
#t1-2/0/2:4 down down
#t1-2/0/2:5 down down
Index: configs/core1.okc-mx960.onenet.net
===================================================================
--- configs/core1.okc-mx960.onenet.net (revision 140353)
+++ configs/core1.okc-mx960.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE1-MX960-RE0> show system commit
+# 2016-03-01 23:29:43 CST by andrew via cli commit synchronize
+# 2016-03-01 23:25:31 CST by andrew via cli commit synchronize
# 2016-03-01 22:47:11 CST by andrew via cli commit confirmed, rollback in 10mins synchronize
# 2016-03-01 22:17:09 CST by andrew via cli commit synchronize
# 2016-03-01 21:56:28 CST by andrew via cli commit synchronize
# 2016-03-01 21:31:24 CST by andrew via cli commit synchronize
-# 2016-02-28 21:44:17 CST by andrew via cli commit synchronize
-# 2016-02-28 21:42:51 CST by andrew via cli commit synchronize
# grnoc-mon at OKC-CORE1-MX960-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -555,7 +555,7 @@
# grnoc-mon at OKC-CORE1-MX960-RE0> show system uptime
# System booted: 2015-06-07 00:00 CDT
# Protocols started: 2015-06-07 00:03 CDT
-# Last configured: 2016-03-01 22:47 CST by andrew
+# Last configured: 2016-03-01 23:29 CST by andrew
#
# {master}
# grnoc-mon at OKC-CORE1-MX960-RE0> show interface terse
@@ -685,8 +685,6 @@
#ge-2/3/6 up down
#ge-2/3/7 up down
#ge-2/3/8 up up
-#ge-2/3/8.2531 up up
-#ge-2/3/8.2548 up up
#ge-2/3/8.32767 up up
#ge-2/3/9 up up
#ge-2/3/9.0 up up
@@ -831,7 +829,6 @@
#lo0.16384 up up
#lo0.16385 up up
#lsi up up
-#lsi.512 up up
#lsi.1059891 up up
#lsi.1059942 up up
#lsi.1060070 up up
@@ -847,7 +844,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE1-MX960-RE0> show configuration
-## Last commit: 2016-03-01 22:47:11 CST by andrew
+## Last commit: 2016-03-01 23:29:43 CST by andrew
version 13.3R6.5;
groups {
re0 {
@@ -1447,19 +1444,6 @@
flexible-vlan-tagging;
mtu 9014;
encapsulation flexible-ethernet-services;
- unit 2531 {
- description "TEMP-TAG-WIRELESS-AGENT-3004 [NO-MONITOR]";
- vlan-id 2531;
- family inet;
- }
- unit 2548 {
- description "OMES AGENCY DATA VPN [NO-MONITOR]";
- vlan-id 2548;
- family inet {
- mtu 1500;
- address 10.119.24.10/31;
- }
- }
}
ge-2/3/9 {
description "OneNet State VPN Headend Untrust [NO-MONITOR] | CIR000XXXX";
@@ -13048,60 +13032,6 @@
}
}
}
- policy-statement OMES-AGENCY-DATA-VRF-EXPORT {
- term 1 {
- from protocol static;
- then {
- community add OMES-AGENCY-DATA-VPN;
- accept;
- }
- }
- term 2 {
- from protocol direct;
- then {
- community add OMES-AGENCY-DATA-VPN;
- accept;
- }
- }
- term 3 {
- from protocol ospf;
- then {
- community add OMES-AGENCY-DATA-VPN;
- accept;
- }
- }
- term 4 {
- from protocol bgp;
- then {
- community add OMES-AGENCY-DATA-VPN;
- accept;
- }
- }
- }
- policy-statement OMES-AGENCY-DATA-VRF-IMPORT {
- term 1 {
- from {
- protocol bgp;
- community OMES-AGENCY-DATA-VPN;
- }
- then accept;
- }
- term 2 {
- then reject;
- }
- }
- policy-statement OMES-EXPORT-BGP-TO-OSPF {
- term DEFAULT-EXPORT {
- from {
- protocol bgp;
- route-filter 0.0.0.0/0 exact;
- }
- then accept;
- }
- term REJECT-ALL-ELSE {
- then reject;
- }
- }
policy-statement REDISTRIBUTE-DIRECTS {
term 1 {
from protocol direct;
@@ -13134,7 +13064,6 @@
}
}
community OKCCORE1 members 5078:211;
- community OMES-AGENCY-DATA-VPN members target:5078:2548;
community ONENET_AGGREGATE members 5078:9601;
}
class-of-service {
@@ -13611,24 +13540,6 @@
}
}
routing-instances {
- OMES-AGENCY-DATA-L3VPN {
- description OMES-AGENCY-DATA-L3VPN;
- instance-type vrf;
- interface ge-2/3/8.2548;
- route-distinguisher 164.58.199.211:2548;
- vrf-import OMES-AGENCY-DATA-VRF-IMPORT;
- vrf-export OMES-AGENCY-DATA-VRF-EXPORT;
- vrf-target target:5078:2548;
- vrf-table-label;
- protocols {
- ospf {
- export OMES-EXPORT-BGP-TO-OSPF;
- area 0.0.0.0 {
- interface ge-2/3/8.2548;
- }
- }
- }
- }
VPLS-ONENET-DC {
description ONENET-SANS-VPLS-OKC-TULSA-LAWTON;
instance-type vpls;
Index: configs/core5.okc.onenet.net
===================================================================
--- configs/core5.okc.onenet.net (revision 140353)
+++ configs/core5.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE5-MX480-RE0> show system commit
+# 2016-03-01 23:25:25 CST by andrew via cli commit synchronize
+# 2016-03-01 23:01:33 CST by andrew via cli commit synchronize
# 2016-03-01 22:47:13 CST by andrew via cli commit confirmed, rollback in 10mins synchronize
# 2016-03-01 22:06:55 CST by andrew via cli commit synchronize
# 2016-03-01 21:47:44 CST by andrew via cli commit synchronize
# 2016-03-01 21:30:10 CST by andrew via cli commit confirmed, rollback in 3mins synchronize
-# 2016-03-01 20:33:10 CST by andrew via cli commit synchronize
-# 2016-03-01 20:31:40 CST by andrew via cli commit synchronize
# grnoc-mon at OKC-CORE5-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -476,7 +476,7 @@
# grnoc-mon at OKC-CORE5-MX480-RE0> show system uptime
# System booted: 2014-09-16 23:50 CDT
# Protocols started: 2014-09-16 23:51 CDT
-# Last configured: 2016-03-01 22:47 CST by andrew
+# Last configured: 2016-03-01 23:25 CST by andrew
#
# {master}
# grnoc-mon at OKC-CORE5-MX480-RE0> show interface terse
@@ -870,7 +870,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE5-MX480-RE0> show configuration
-## Last commit: 2016-03-01 22:47:13 CST by andrew
+## Last commit: 2016-03-01 23:25:25 CST by andrew
version 12.3R7.7;
groups {
re0 {
@@ -2982,17 +2982,20 @@
}
unit 601 {
description "OKC-VPN-CLUSTER-OMES-AGENCY-DATA [NO-MONITOR]";
- family inet;
+ family inet {
+ mtu 1500;
+ address 10.119.24.10/31;
+ }
}
unit 602 {
- description "OKC-VPN-CLUSTER-DHS-AGENCY-DATA [NO-MONITOR]";
+ description "OKC-VPN-CLUSTER-DHS-AGENCY-DATA--CARTER [NO-MONITOR]";
family inet {
mtu 1500;
address 10.119.52.10/31;
}
}
unit 603 {
- description "OKC-VPN-CLUSTER-DHS-GUEST [NO-MONITOR]";
+ description "OKC-VPN-CLUSTER-DHS-GUEST--CARTER [NO-MONITOR]";
family inet {
mtu 1500;
address 10.119.56.10/31;
@@ -11994,6 +11997,7 @@
interface ge-1/3/8.501;
interface ge-1/3/8.504;
interface xe-2/0/1.1109;
+ interface irb.601;
route-distinguisher 164.58.199.215:2548;
vrf-import OMES-AGENCY-DATA-VRF-IMPORT;
vrf-export OMES-AGENCY-DATA-VRF-EXPORT;
@@ -12029,6 +12033,9 @@
area 10.119.24.150 {
interface ge-1/2/7.504;
}
+ area 0.0.0.0 {
+ interface irb.601;
+ }
}
}
}
Index: configs/swi.cai.dun.onenet.net
===================================================================
--- configs/swi.cai.dun.onenet.net (revision 140353)
+++ configs/swi.cai.dun.onenet.net (working copy)
@@ -1,7 +1,6 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at SWI-DUNCAN-PUBLIC-LIBRARY-EX-3300> show system commit
-# show chassis environment
# 2014-04-28 14:03:42 CDT by joel via cli commit confirmed, rollback in 2mins
# 2014-02-12 14:39:48 CST by donnie via cli
# 2014-02-12 11:10:28 CST by donnie via cli
Index: configs/maysville-hs.client.onenet.net
===================================================================
--- configs/maysville-hs.client.onenet.net (revision 140353)
+++ configs/maysville-hs.client.onenet.net (working copy)
@@ -1,6 +1,7 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show system commit
+# show chassis environment
# 2016-01-27 15:43:17 CST by joel via cli commit confirmed, rollback in 5mins
# 2015-10-26 14:44:11 CDT by admin via cli
# 2015-10-26 18:25:25 CDT by root via cli
@@ -9,7 +10,6 @@
# 2015-05-14 17:55:25 CDT by root via other
# rescue 2015-10-26 17:25:18 CDT by root via recovery-mgmt
#
-# show chassis environment
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
Index: configs/antlers-public-library.client.onenet.net
===================================================================
--- configs/antlers-public-library.client.onenet.net (revision 140353)
+++ configs/antlers-public-library.client.onenet.net (working copy)
@@ -1,7 +1,6 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at ANTLERS-PUBLIC-LIBRARY-TAG-004632> show system commit
-# show chassis environment
# 2015-12-04 14:47:16 CST by joel via cli commit confirmed, rollback in 5mins
# 2015-12-04 14:39:55 CST by joel via cli
# 2015-12-04 13:26:16 CST by joel via cli
Index: configs/okc-vpn-cluster.okc.onenet.net
===================================================================
--- configs/okc-vpn-cluster.okc.onenet.net (revision 140353)
+++ configs/okc-vpn-cluster.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show system commit
+# 2016-03-01 23:35:59 CST by andrew via cli
+# 2016-03-01 23:26:20 CST by andrew via cli commit confirmed, rollback in 10mins
# 2016-03-01 22:54:10 CST by andrew via cli commit confirmed, rollback in 10mins
# 2016-03-01 22:48:17 CST by andrew via cli commit confirmed, rollback in 10mins
# 2016-03-01 22:12:55 CST by andrew via cli
# 2016-03-01 22:08:31 CST by andrew via cli
-# 2016-03-01 22:00:51 CST by andrew via cli commit confirmed, rollback in 10mins
-# 2016-03-01 21:55:33 CST by andrew via cli commit confirmed, rollback in 5mins
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show chassis environment
# node0:
# --------------------------------------------------------------------------
@@ -234,12 +234,12 @@
# --------------------------------------------------------------------------
# System booted: 2016-03-01 19:49 CST
# Protocols started: 2016-03-01 20:04 CST
-# Last configured: 2016-03-01 22:54 CST by andrew
+# Last configured: 2016-03-01 23:35 CST by andrew
#
# node1:
# --------------------------------------------------------------------------
# System booted: 2016-03-01 19:35 CST
-# Last configured: 2016-03-01 22:54 CST by root
+# Last configured: 2016-03-01 23:35 CST by root
#
# {primary:node0}
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show interface terse
@@ -335,6 +335,7 @@
#reth1.32767 up up
#st0 up up
#st0.0 up up
+#st0.2 up up
#st0.4 up up
#st0.5 up up
#st0.7 up up
@@ -346,7 +347,7 @@
#tap up up
#vlan up up
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show configuration
-## Last commit: 2016-03-01 22:54:10 CST by andrew
+## Last commit: 2016-03-01 23:35:59 CST by andrew
version 12.1X46-D40.2;
groups {
node0 {
@@ -615,6 +616,10 @@
unit 601 {
description "CORE5-OKC-OMES-AGENCY-DATA [NO-MONITOR]";
vlan-id 601;
+ family inet {
+ mtu 1500;
+ address 10.119.24.11/31;
+ }
}
unit 602 {
description "CORE5-OKC-DHS-DATA [NO-MONITOR]";
@@ -656,6 +661,13 @@
address 164.58.23.241/30;
}
}
+ unit 2 {
+ description "ODOT-KINGFISHER-AGENCY-DATA [NO-MONITOR]";
+ family inet {
+ mtu 1440;
+ address 10.119.8.8/31;
+ }
+ }
unit 4 {
description "OTRD-ROMAN-NOSE-DATA [NO-MONITOR]";
family inet {
@@ -854,6 +866,11 @@
proposals PRE-G2-AES128-SHA;
# pre-shared-#key <removed>;
}
+ policy IKE-ODOT-DATA-KINGFISHER {
+ mode main;
+ proposals PRE-G2-AES128-SHA;
+# pre-shared-#key <removed>;
+ }
gateway IKE-GATE-COMANCHE-PS {
ike-policy IKE-COMANCHE-PS;
address 166.141.5.145;
@@ -897,6 +914,12 @@
external-interface lo0.0;
local-address 164.58.0.253;
}
+ gateway IKE-GATE-ODOT-DATA-KINGFISHER {
+ ike-policy IKE-ODOT-DATA-KINGFISHER;
+ address 166.130.159.232;
+ external-interface lo0.0;
+ local-address 164.58.0.253;
+ }
}
ipsec {
proposal ESP-AES128-SHA {
@@ -926,6 +949,9 @@
policy VPN-POLICY-OTRD-DATA-ROMAN-NOSE {
proposals ESP-AES128-SHA;
}
+ policy VPN-POLICY-ODOT-DATA-KINGFISHER {
+ proposals ESP-AES128-SHA;
+ }
vpn IPSEC-VPN-COMANCHE-PS {
bind-interface st0.0;
ike {
@@ -992,7 +1018,24 @@
}
establish-tunnels immediately;
}
+ vpn IPSEC-VPN-ODOT-DATA-KINGFISHER {
+ bind-interface st0.2;
+ vpn-monitor {
+ optimized;
+ source-interface st0.2;
+ destination-ip 10.119.8.9;
+ }
+ ike {
+ gateway IKE-GATE-ODOT-DATA-KINGFISHER;
+ ipsec-policy VPN-POLICY-ODOT-DATA-KINGFISHER;
+ }
+ establish-tunnels immediately;
+ }
}
+ alg {
+ msrpc disable;
+ sunrpc disable;
+ }
forwarding-options {
family {
inet6 {
@@ -1198,6 +1241,18 @@
}
}
}
+ st0.2 {
+ host-inbound-traffic {
+ system-services {
+ ping;
+ traceroute;
+ }
+ protocols {
+ bgp;
+ ospf;
+ }
+ }
+ }
}
}
security-zone DHS-DATA {
@@ -1417,6 +1472,15 @@
OMES-AGENCY-DATA {
instance-type virtual-router;
interface reth1.601;
+ interface st0.2;
+ protocols {
+ ospf {
+ area 0.0.0.0 {
+ interface reth1.601;
+ interface st0.2;
+ }
+ }
+ }
}
OMES-MGMT {
instance-type virtual-router;
Index: configs/hub.tsb.onenet.net
===================================================================
--- configs/hub.tsb.onenet.net (revision 140353)
+++ configs/hub.tsb.onenet.net (working copy)
@@ -198,7 +198,7 @@
# -rw-rw---- 1 root field 51994624 Oct 24 2013 ifinfo.core.1
# -rw-rw---- 1 root field 51974144 Oct 24 2013 ifinfo.core.2
# -rw-rw---- 1 root field 52744192 Oct 24 2013 ifinfo.core.3
-# -rw-rw---- 1 root field 52727808 Mar 1 22:58 ifinfo.core.4
+# -rw-rw---- 1 root field 52727808 Mar 1 23:58 ifinfo.core.4
# drwxrwxrwx 2 root wheel 512 Oct 12 2012 install/
# -rw-rw---- 1 root field 33464320 Mar 3 2014 jdiameterd.core.0
# -rw-r--r-- 1 eng field 99542994 Apr 23 2013 jinstall-ppc-11.4R7.5-domestic-signed.tgz
More information about the Nocrancid
mailing list