[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Sat Aug 19 16:05:40 CDT 2017
Index: configs/odmhsas.central-office.okc.client.onenet.net
===================================================================
--- configs/odmhsas.central-office.okc.client.onenet.net (revision 155887)
+++ configs/odmhsas.central-office.okc.client.onenet.net (working copy)
@@ -198,7 +198,7 @@
#st0.21 up up
#st0.22 up up
#st0.23 up up
-#st0.24 up up
+#st0.24 up down
#st0.25 up up
#st0.26 up up
#st0.27 up up
Index: configs/olustee-eldorado-ps.client.onenet.net
===================================================================
--- configs/olustee-eldorado-ps.client.onenet.net (revision 155910)
+++ configs/olustee-eldorado-ps.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OLUSTEE-ELDORADO-PS-LR-005451> show system commit
+# 2017-08-19 15:59:20 CDT by joel via cli
+# 2017-08-19 15:56:07 CDT by joel via cli
+# 2017-08-19 15:52:17 CDT by joel via cli commit confirmed, rollback in 5mins
+# 2017-08-19 15:18:35 CDT by joel via cli commit confirmed, rollback in 5mins
# 2017-08-19 14:55:12 CDT by joel via cli
# 2017-08-19 14:48:27 CDT by joel via cli commit confirmed, rollback in 5mins
-# 2017-08-19 13:58:00 CDT by joel via cli
-# 2017-08-18 14:15:51 CDT by andrew via cli
-# 2017-08-18 14:14:06 CDT by andrew via cli
-# 2017-08-17 13:52:22 CDT by admin via cli
# grnoc-mon at OLUSTEE-ELDORADO-PS-LR-005451> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -136,7 +136,7 @@
# Time Source: NTP CLOCK
# System booted: 2017-08-19 12:50 CDT
# Protocols started: 2017-08-19 12:50 CDT
-# Last configured: 2017-08-19 14:55 CDT by joel
+# Last configured: 2017-08-19 15:59 CDT by joel
#
# grnoc-mon at OLUSTEE-ELDORADO-PS-LR-005451> show interface terse
#Interface Admin Link
@@ -194,8 +194,48 @@
#vlan up down
#vtep up up
# grnoc-mon at OLUSTEE-ELDORADO-PS-LR-005451> show configuration
-## Last commit: 2017-08-19 14:55:12 CDT by joel
+## Last commit: 2017-08-19 15:59:20 CDT by joel
version 15.1X49-D90.7;
+groups {
+ DENY-ALL-ELSE {
+ security {
+ policies {
+ from-zone <*> to-zone <*> {
+ policy DENY-ALL-ELSE {
+ match {
+ source-address any;
+ destination-address any;
+ application any;
+ }
+ then {
+ deny;
+ log {
+ session-init;
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ LOG-TRAFFIC {
+ security {
+ policies {
+ from-zone <*> to-zone <*> {
+ policy <*> {
+ then {
+ log {
+ session-init;
+ session-close;
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
+apply-groups [ DENY-ALL-ELSE LOG-TRAFFIC ];
system {
host-name OLUSTEE-ELDORADO-PS-LR-005451;
auto-snapshot;
@@ -319,6 +359,14 @@
any any;
match "SNMP_TRAP_LINK_|(TRAP_LINK)|bgp_rt_maxprefixes_check|RPD_BGP_NEIGHBOR_STATE";
}
+ file blocked-traffic {
+ any any;
+ match RT_FLOW_SESSION_DENY;
+ }
+ file allowed-traffic {
+ any any;
+ match RT_FLOW_SESSION_CREATE;
+ }
}
max-configurations-on-flash 20;
max-configuration-rollbacks 20;
@@ -358,6 +406,11 @@
}
nat {
source {
+ pool DOMAIN-CONTROLLER-OUTSIDE {
+ address {
+ 156.110.39.250/32;
+ }
+ }
rule-set TEST-TO-UNTRUST-NAT {
from zone TEST;
to zone UNTRUST;
@@ -375,6 +428,18 @@
rule-set TRUST-TO-UNTRUST-NAT {
from zone TRUST;
to zone UNTRUST;
+ rule NAT-DOMAIN-CONTROLLER-OUTSIDE {
+ match {
+ source-address 172.16.1.2/32;
+ }
+ then {
+ source-nat {
+ pool {
+ DOMAIN-CONTROLLER-OUTSIDE;
+ }
+ }
+ }
+ }
rule NAT-TRUST-TO-UNTRUST {
match {
source-address 172.16.0.0/12;
@@ -436,7 +501,7 @@
match {
source-address any;
destination-address DOMAIN-CONTROLLER-172.16.1.2;
- application MICROSOFT-IPSEC-VPN;
+ application [ MICROSOFT-IPSEC-VPN junos-icmp-all ];
}
then {
permit;
@@ -724,6 +789,8 @@
term tcp-50 protocol tcp destination-port 50;
term udp-500 protocol udp destination-port 500;
term udp-4500 protocol udp destination-port 4500;
+ term tcp-500 protocol tcp destination-port 500;
+ term tcp-4500 protocol tcp destination-port 4500;
}
}
vlans {
Index: configs/hub.dur.onenet.net
===================================================================
--- configs/hub.dur.onenet.net (revision 155910)
+++ configs/hub.dur.onenet.net (working copy)
@@ -433,7 +433,7 @@
#fe-2/1/1 up up
#fe-2/1/1.0 up up
#fe-2/1/2 up down
-#fe-2/1/3 down up
+#fe-2/1/3 down down
#ge-2/2/0 up up
#ge-2/2/0.0 up up
#pc-2/2/0 up up
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net (revision 155908)
+++ configs/stringtown-high-school.client.onenet.net (working copy)
@@ -691,6 +691,7 @@
# OSPF instance is not running
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show bfd session
+quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
More information about the Nocrancid
mailing list