[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Mon Aug 28 12:04:51 CDT 2017
Index: configs/allen-public-library.client.onenet.net
===================================================================
--- configs/allen-public-library.client.onenet.net (revision 156089)
+++ configs/allen-public-library.client.onenet.net (working copy)
@@ -160,8 +160,8 @@
#ge-0/0/6.0 up up
#ge-0/0/7 up down
#ge-0/0/7.0 up down
-#ge-0/0/8 up up
-#ge-0/0/8.0 up up
+#ge-0/0/8 up down
+#ge-0/0/8.0 up down
#ge-0/0/9 up down
#ge-0/0/9.0 up down
#ge-0/0/10 up down
Index: configs/university-of-tulsa.nid.onenet.net
===================================================================
--- configs/university-of-tulsa.nid.onenet.net (revision 155879)
+++ configs/university-of-tulsa.nid.onenet.net (working copy)
@@ -2570,10 +2570,10 @@
innertag-prio-ctrl disabled
n2a-outertag-prio-ctrl disabled
ctag push 501-0
- access-learning-ctrl none
+ access-learning-ctrl mac-based
access-max-forwarding-entries 16384
protect-access-learning none
- network-learning-ctrl none
+ network-learning-ctrl mac-based
network-max-forwarding-entries 16384
protect-network-learning none
aging-timer 300
Index: configs/core.sem.onenet.net
===================================================================
--- configs/core.sem.onenet.net (revision 156134)
+++ configs/core.sem.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at SEMINOLE-MX480-RE0> show system commit
+# 2017-08-28 11:05:20 CDT by aberrios via cli commit synchronize
# 2017-08-22 09:44:20 CDT by andrew via cli commit synchronize
# 2017-08-21 16:43:52 CDT by sky via cli commit synchronize
# 2017-08-01 09:39:50 CDT by sean via cli commit synchronize
# 2017-07-31 12:52:59 CDT by aberrios via cli commit synchronize
# 2017-07-30 12:48:39 CDT by andrew via cli commit synchronize
-# 2017-07-29 21:07:28 CDT by andrew via cli commit synchronize
# grnoc-mon at SEMINOLE-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -365,7 +365,7 @@
# grnoc-mon at SEMINOLE-MX480-RE0> show system uptime
# System booted: 2016-03-21 00:55 CDT
# Protocols started: 2016-03-21 01:06 CDT
-# Last configured: 2017-08-22 09:44 CDT by andrew
+# Last configured: 2017-08-28 11:05 CDT by aberrios
#
# {master}
# grnoc-mon at SEMINOLE-MX480-RE0> show interface terse
@@ -477,7 +477,7 @@
#pp0 up up
#tap up up
# grnoc-mon at SEMINOLE-MX480-RE0> show configuration
-## Last commit: 2017-08-22 09:44:20 CDT by andrew
+## Last commit: 2017-08-28 11:05:20 CDT by aberrios
version 13.3R8.7;
groups {
re0 {
@@ -803,7 +803,7 @@
mtu 9192;
encapsulation flexible-ethernet-services;
unit 500 {
- description JUSTICE-PS-150M-CIR0019405;
+ description JUSTICE-PS-150M-CIR0019405-LR;
bandwidth 150m;
vlan-id 504;
family inet {
Index: configs/hub.okm.onenet.net
===================================================================
--- configs/hub.okm.onenet.net (revision 156137)
+++ configs/hub.okm.onenet.net (working copy)
@@ -429,9 +429,9 @@
#t1-2/0/2:12 down down
#t1-2/0/2:13 down down
#t1-2/0/2:14 down down
-#t1-2/0/2:15 up up
-#t1-2/0/2:15.16 up up
-#t1-2/0/2:15.17 up up
+#t1-2/0/2:15 up down
+#t1-2/0/2:15.16 up down
+#t1-2/0/2:15.17 up down
#t1-2/0/2:16 down down
#t1-2/0/2:17 down down
#t1-2/0/2:18 down down
Index: configs/core5.okc.onenet.net
===================================================================
--- configs/core5.okc.onenet.net (revision 156134)
+++ configs/core5.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE5-MX480-RE0> show system commit
+# 2017-08-28 11:25:38 CDT by sean via cli commit synchronize
+# 2017-08-28 11:20:00 CDT by sean via cli commit synchronize
+# 2017-08-28 11:18:46 CDT by sean via cli commit synchronize
+# 2017-08-28 11:10:11 CDT by sean via cli commit synchronize
# 2017-08-26 10:09:14 CDT by andrew via cli commit synchronize
# 2017-08-25 10:27:00 CDT by andrew via cli commit synchronize
-# 2017-08-24 11:48:37 CDT by sky via cli commit synchronize
-# 2017-08-24 11:45:05 CDT by sky via cli commit synchronize
-# 2017-08-24 11:17:03 CDT by sky via cli commit synchronize
-# 2017-08-23 22:51:51 CDT by andrew via cli commit synchronize
# grnoc-mon at OKC-CORE5-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -562,7 +562,7 @@
# grnoc-mon at OKC-CORE5-MX480-RE0> show system uptime
# System booted: 2016-10-12 08:16 CDT
# Protocols started: 2016-10-12 08:18 CDT
-# Last configured: 2017-08-26 10:09 CDT by andrew
+# Last configured: 2017-08-28 11:25 CDT by sean
#
# {master}
# grnoc-mon at OKC-CORE5-MX480-RE0> show interface terse
@@ -715,6 +715,7 @@
#xe-1/0/0.726 up up
#xe-1/0/0.761 up up
#xe-1/0/0.762 up up
+#xe-1/0/0.766 up up
#xe-1/0/0.767 up up
#xe-1/0/0.822 up up
#xe-1/0/0.932 up up
@@ -1379,7 +1380,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE5-MX480-RE0> show configuration
-## Last commit: 2017-08-26 10:09:14 CDT by andrew
+## Last commit: 2017-08-28 11:25:38 CDT by sean
version 13.3R9.13;
groups {
re0 {
@@ -3030,6 +3031,20 @@
address 156.110.0.5/30;
}
}
+ unit 766 {
+ description "BLACKWELL-PS-CIR0020401 [ORDERED]";
+ vlan-id 766;
+ family inet {
+ rpf-check;
+ policer {
+ input 500M-POL;
+ output 500M-POL;
+ }
+ sampling {
+ input;
+ }
+ }
+ }
unit 767 {
description PERRY-PS-200M-CIR0020268-LR;
bandwidth 200m;
Index: configs/city-of-lawton.client.onenet.net
===================================================================
--- configs/city-of-lawton.client.onenet.net (revision 156155)
+++ configs/city-of-lawton.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at CITY-OF-LAWTON-TAG-005231> show system commit
-# 2017-08-28 10:54:34 CDT by joel via cli
-# 2017-08-28 10:51:11 CDT by joel via cli
-# 2017-08-28 10:45:51 CDT by joel via cli commit confirmed, rollback in 5mins
-# 2017-08-28 10:37:35 CDT by joel via cli commit confirmed, rollback in 5mins
-# 2017-08-28 09:50:05 CDT by joel via cli
-# 2017-08-28 09:43:42 CDT by joel via cli commit confirmed, rollback in 5mins
+# 2017-08-28 11:56:28 CDT by joel via cli
+# 2017-08-28 11:54:02 CDT by joel via cli
+# 2017-08-28 11:46:57 CDT by joel via cli
+# 2017-08-28 11:43:01 CDT by joel via cli
+# 2017-08-28 11:33:15 CDT by joel via cli
+# 2017-08-28 11:31:22 CDT by joel via cli
# grnoc-mon at CITY-OF-LAWTON-TAG-005231> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -134,7 +134,7 @@
# Time Source: NTP CLOCK
# System booted: 2017-08-25 14:03 CDT
# Protocols started: 2017-08-25 14:03 CDT
-# Last configured: 2017-08-28 10:54 CDT by joel
+# Last configured: 2017-08-28 11:56 CDT by joel
#
# grnoc-mon at CITY-OF-LAWTON-TAG-005231> show interface terse
#Interface Admin Link
@@ -210,46 +210,9 @@
#vlan up down
#vtep up up
# grnoc-mon at CITY-OF-LAWTON-TAG-005231> show configuration
-## Last commit: 2017-08-28 10:54:34 CDT by joel
+## Last commit: 2017-08-28 11:56:28 CDT by joel
version 15.1X49-D90.7;
groups {
- DENY-ALL-ELSE {
- security {
- policies {
- from-zone <*> to-zone <*> {
- policy DENY-ALL-ELSE {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- deny;
- log {
- session-init;
- }
- }
- }
- }
- }
- }
- }
- LOG-TRAFFIC {
- security {
- policies {
- from-zone <*> to-zone <*> {
- policy <*> {
- then {
- log {
- session-init;
- session-close;
- }
- }
- }
- }
- }
- }
- }
COMMON-APPLICATIONS {
security {
policies {
@@ -258,7 +221,7 @@
match {
source-address <*>;
destination-address <*>;
- application [ junos-icmp-all junos-http junos-https junos-ping ];
+ application [ junos-icmp-all junos-http junos-https junos-ping junos-dns-udp junos-dhcp-relay ];
}
then {
permit;
@@ -294,15 +257,15 @@
}
}
}
- SERVER-SERVICES {
+ QUASAR-ACCESS {
security {
policies {
- from-zone <*> to-zone TR-2000-SERVERS {
- policy SERVER-SERVICES {
+ from-zone <*> to-zone QUASAR {
+ policy <*> {
match {
- source-address any;
- destination-address [ SERVER-DC1-10.16.0.3 SERVER-DC2-10.16.0.4 ];
- application [ junos-dns-udp junos-dhcp-relay ];
+ source-address <*>;
+ destination-address [ QUASAR-VCENTER-ENV-192.168.11.0 QUASAR-VM-ENVIRONMENT-LINK ];
+ application [ junos-https junos-ping junos-icmp-all junos-http ];
}
then {
permit;
@@ -312,15 +275,21 @@
}
}
}
- from-zone <*> to-zone TRUST {
- policy SERVER-SERVICES {
+ }
+ }
+ }
+ DENY-ALL-ELSE {
+ security {
+ policies {
+ from-zone <*> to-zone <*> {
+ policy DENY-ALL-ELSE {
match {
source-address any;
- destination-address [ SERVER-DC1-172.16.1.3 SERVER-DC2-172.16.1.4 ];
- application [ junos-dns-udp junos-dhcp-relay ];
+ destination-address any;
+ application any;
}
then {
- permit;
+ deny;
log {
session-init;
}
@@ -330,19 +299,15 @@
}
}
}
- QUASAR-ACCESS {
+ LOG-TRAFFIC {
security {
policies {
- from-zone <*> to-zone QUASAR {
+ from-zone <*> to-zone <*> {
policy <*> {
- match {
- destination-address QUASAR-VCENTER-ENV-192.168.11.0;
- application [ junos-https junos-ping junos-icmp-all ];
- }
then {
- permit;
log {
session-init;
+ session-close;
}
}
}
@@ -351,7 +316,7 @@
}
}
}
-apply-groups [ DENY-ALL-ELSE LOG-TRAFFIC ];
+apply-groups [ LOG-TRAFFIC DENY-ALL-ELSE ];
system {
host-name CITY-OF-LAWTON-TAG-005231;
auto-snapshot;
@@ -487,18 +452,6 @@
}
}
security {
- log {
- mode stream;
- format syslog;
- source-address 164.58.58.118;
- stream onenet {
- category all;
- host {
- 164.58.253.117;
- port 514;
- }
- }
- }
address-book {
global {
address ABUSE-43.224.80.76 43.224.80.76/32;
@@ -878,6 +831,7 @@
address TRUST-172.16.0.0/12 172.16.0.0/12;
address SERVER-DC2-10.16.0.4 10.16.0.4/32;
address QUASAR-VCENTER-ENV-192.168.11.0 192.168.11.0/24;
+ address QUASAR-VM-ENVIRONMENT-LINK 192.168.255.0/29;
address-set VERIZON-STATIC-FT-SILL-1 {
description "Fort Sill MP Static IPs for CAD Access";
address VERIZON-STATIC-FT-SILL-1-166.148.145.240;
@@ -2021,7 +1975,7 @@
}
}
from-zone TR-0100-USERS to-zone TRUST {
- apply-groups [ COMMON-APPLICATIONS SERVER-SERVICES ];
+ apply-groups COMMON-APPLICATIONS;
policy ALLOW-TELNET-DELETE-ME {
match {
source-address TR-0100-USERS-10.1.0.0/16;
@@ -2110,6 +2064,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2153,6 +2108,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2177,6 +2133,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2189,6 +2146,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2201,6 +2159,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2213,6 +2172,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2225,6 +2185,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2237,6 +2198,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2249,6 +2211,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2261,6 +2224,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2273,6 +2237,7 @@
system-services {
ping;
traceroute;
+ dhcp;
}
}
}
@@ -2516,6 +2481,8 @@
DHCP-SERVERS {
172.16.1.3;
172.16.1.4;
+ 10.16.0.3;
+ 10.16.0.4;
}
}
active-server-group DHCP-SERVERS;
More information about the Nocrancid
mailing list