[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Wed Feb 22 14:06:01 CST 2017
Index: configs/kiamichi-fmc-battiest.client.onenet.net
===================================================================
--- configs/kiamichi-fmc-battiest.client.onenet.net (revision 150861)
+++ configs/kiamichi-fmc-battiest.client.onenet.net (working copy)
@@ -171,7 +171,7 @@
#ppe0 up up
#st0 up up
#st0.0 up up
-#st0.1 up down
+#st0.1 up up
#tap up up
#vlan up down
#vtep up up
Index: configs/rpswi2.rp3f2.onenet.net
===================================================================
--- configs/rpswi2.rp3f2.onenet.net (revision 150861)
+++ configs/rpswi2.rp3f2.onenet.net (working copy)
@@ -70,7 +70,7 @@
!show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 0 0 0/0 -
-* 1 VTY - - - - - 5533 0 0/0 -
+* 1 VTY - - - - - 5534 0 0/0 -
2 VTY - - - - - 9 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
Index: configs/core.hut.waur.onenet.net
===================================================================
--- configs/core.hut.waur.onenet.net (revision 150665)
+++ configs/core.hut.waur.onenet.net (working copy)
@@ -1546,7 +1546,6 @@
}
# grnoc-mon at WAURIKA-MX40> show ospf neighbor
# Address Interface State ID Pri Dead
-# 164.58.247.218 ge-1/1/1.70 Full 164.58.198.16
# 164.58.247.49 xe-0/0/0.40 Full 164.58.199.233
#
# grnoc-mon at WAURIKA-MX40> show bfd session
Index: configs/core.hut.ard.onenet.net
===================================================================
--- configs/core.hut.ard.onenet.net (revision 150841)
+++ configs/core.hut.ard.onenet.net (working copy)
@@ -2095,7 +2095,6 @@
}
# grnoc-mon at ARDMORE-MX40> show ospf neighbor
# Address Interface State ID Pri Dead
-# 164.58.244.62 ge-1/0/2.71 Full 164.58.198.16
# 164.58.246.83 ge-1/0/3.42 Full 164.58.199.168
# 164.58.247.65 xe-0/0/0.40 Full 164.58.199.211
#
Index: configs/odmhsas.central-office.okc.client.onenet.net
===================================================================
--- configs/odmhsas.central-office.okc.client.onenet.net (revision 150342)
+++ configs/odmhsas.central-office.okc.client.onenet.net (working copy)
@@ -187,7 +187,7 @@
#st0.21 up up
#st0.22 up up
#st0.23 up up
-#st0.24 up up
+#st0.24 up down
#st0.25 up up
#st0.26 up up
#st0.27 up up
Index: configs/odmhsas-camhc-idabel.client.onenet.net
===================================================================
--- configs/odmhsas-camhc-idabel.client.onenet.net (revision 150832)
+++ configs/odmhsas-camhc-idabel.client.onenet.net (working copy)
@@ -147,7 +147,7 @@
#ppd0 up up
#ppe0 up up
#st0 up up
-#st0.1 up up
+#st0.1 up down
#st0.2 up up
#tap up up
#vlan up up
Index: configs/rpswi1.rp3f2.onenet.net
===================================================================
--- configs/rpswi1.rp3f2.onenet.net (revision 150861)
+++ configs/rpswi1.rp3f2.onenet.net (working copy)
@@ -70,7 +70,7 @@
!show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 0 0 0/0 -
-* 1 VTY - - - - - 5559 0 0/0 -
+* 1 VTY - - - - - 5560 0 0/0 -
2 VTY - - - - - 13 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
Index: configs/hutard-adva.p.onenet.net
===================================================================
--- configs/hutard-adva.p.onenet.net (revision 149887)
+++ configs/hutard-adva.p.onenet.net (working copy)
@@ -64,7 +64,6 @@
</part>
<part name="MOD-2-6" description="8ROADM-C40" hw_version="" part_id="8ROADM-C40" part_num="" serial_number="FA72122200005" slot="MOD-2-6" vendor_id="ADVA">
<interface name="VCH-2-6-N11" abbr_name="VCH-2-6-N11" admin_state="up" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
- <interface name="VCH-2-6-N14" abbr_name="VCH-2-6-N14" admin_state="up" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
<interface name="VCH-2-6-N15" abbr_name="VCH-2-6-N15" admin_state="up" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
<interface name="VCH-2-6-N18" abbr_name="VCH-2-6-N18" admin_state="up" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
<interface name="VCH-2-6-N20" abbr_name="VCH-2-6-N20" admin_state="up" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net (revision 150860)
+++ configs/stringtown-high-school.client.onenet.net (working copy)
@@ -675,6 +675,7 @@
# OSPF instance is not running
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show bfd session
+quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/swi1.cap.onenet.net
===================================================================
--- configs/swi1.cap.onenet.net (revision 150861)
+++ configs/swi1.cap.onenet.net (working copy)
@@ -207,7 +207,7 @@
!show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 0 0 0/0 -
-* 1 VTY - - - - - 2125 0 0/0 -
+* 1 VTY - - - - - 2126 0 0/0 -
2 VTY - - - - - 0 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
Index: configs/rpswi1.okc.onenet.net
===================================================================
--- configs/rpswi1.okc.onenet.net (revision 150860)
+++ configs/rpswi1.okc.onenet.net (working copy)
@@ -213,8 +213,8 @@
#ge-0/0/18.0 up up
#ge-0/0/19 up up
#ge-0/0/19.0 up up
-#ge-0/0/20 up up
-#ge-0/0/20.0 up up
+#ge-0/0/20 up down
+#ge-0/0/20.0 up down
#ge-0/0/21 up up
#ge-0/0/21.0 up up
#ge-0/0/22 up up
Index: configs/rpswi1.rp3f3.onenet.net
===================================================================
--- configs/rpswi1.rp3f3.onenet.net (revision 150861)
+++ configs/rpswi1.rp3f3.onenet.net (working copy)
@@ -273,7 +273,7 @@
!show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 0 0 0/0 -
-* 1 VTY - - - - - 5008 0 0/0 -
+* 1 VTY - - - - - 5009 0 0/0 -
2 VTY - - - - - 4 0 0/0 -
3 VTY - - - - - 2 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
Index: configs/swi.cai.jef.onenet.net
===================================================================
--- configs/swi.cai.jef.onenet.net (revision 149893)
+++ configs/swi.cai.jef.onenet.net (working copy)
@@ -1,238 +1,258 @@
# RANCID-CONTENT-TYPE: juniper
#
-# grnoc-mon at SWI-CAI-JEF-EX3300> show system commit
-# 2016-07-25 10:28:05 CDT by rnordmark via cli
-# 2016-03-14 00:41:18 CDT by root via other
-# 2016-03-13 19:12:26 CDT by andrew via cli
-# 2015-03-12 21:39:42 CDT by andrew via cli commit confirmed, rollback in 5mins
-# 2015-03-12 21:30:49 CDT by andrew via cli
-# 2015-03-12 21:30:11 CDT by andrew via cli commit confirmed, rollback in 3mins
-# grnoc-mon at SWI-CAI-JEF-EX3300> show chassis environment
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show system commit
+# 2010-01-05 11:43:26 CST by root via cli
+# 2009-12-31 19:11:40 CST by root via cli
+# 2009-12-31 18:04:24 CST by root via other
+# 2009-12-31 18:06:31 CST by root via button
+# rescue 2009-12-31 18:08:14 CST by admin via cli
+#
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show chassis environment
# Class Item Status Measurement
-# Power FPC 0 Power Supply 0 OK
-# Temp FPC 0 CPU OK
-# FPC 0 EX-PFE1 OK
-# FPC 0 GEPHY1 OK
-# FPC 0 Fan Exhaust OK
-# FPC 0 SFP+ PHY OK
-# FPC 0 Local Sensor OK
-# Fans FPC 0 Fan 1 OK
-# FPC 0 Fan 2 OK
+# PCB Left OK
+# SFP+ Xcvr OK
+# FEB OK
+# PCB Up OK
+# PCB Mid OK
+# Telecom Mod OK
+# Routing Engine OK
+# Heater off
#
-# {master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show chassis firmware
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show chassis firmware
# Part Type Version
-# FPC 0 uboot U-Boot 1.1.6 (Aug 21 2011 - 01:45:26) 1.0
-# loader FreeBSD/arm U-Boot loader 1.1
+# FPC 0 O/S Version 12.3X54-D20.9 by builder on 2015-10
+# FPC 1 O/S Version 12.3X54-D20.9 by builder on 2015-10
+# FEB O/S Version 12.3X54-D20.9 by builder on 2015-10
#
-# {master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show chassis fpc detail
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show chassis fpc detail
# Slot 0 information:
# State Online
-# Total CPU DRAM 1024 MB
+# Total CPU DRAM 512 MB
+# Slot 1 information:
+# State Online
+# Total CPU DRAM 512 MB
#
-# {master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show chassis hardware
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show chassis hardware
# Hardware inventory:
# Item Version Part number Serial number Description
-# Chassis GD0211402150 EX3300-24T
-# Routing Engine 0 REV 08 750-034299 GD0211402150 EX3300 24-Port
-# FPC 0 REV 08 750-034299 GD0211402150 EX3300 24-Port
-# CPU BUILTIN BUILTIN FPC CPU
-# PIC 0 BUILTIN BUILTIN 24x 10/100/1000 Base-T
-# PIC 1 REV 08 750-034299 GD0211402150 4x GE/XE SFP+
-# Xcvr 0 740-011783 USWLHX22643 SFP-LX10
-# Xcvr 1 REV 01 740-031849 32T617600900 SFP-EX
-# Power Supply 0 PS 100W AC
-# Fan Tray Fan Tray
+# Chassis PY0214190077 ACX2100
+# Midplane REV 11 650-047694 PY0214190077 ACX2100
+# Routing Engine BUILTIN BUILTIN Routing Engine
+# FEB 0 BUILTIN BUILTIN Forwarding Engine Processor
+# FPC 0 BUILTIN BUILTIN FPC BUILTIN
+# MIC 0 BUILTIN BUILTIN 16x CHE1T1, RJ48
+# PIC 0 BUILTIN BUILTIN 16x CHE1T1, RJ48
+# FPC 1 BUILTIN BUILTIN FPC BUILTIN
+# MIC 0 BUILTIN BUILTIN 4x 1GE(LAN) RJ45
+# PIC 0 BUILTIN BUILTIN 4x 1GE(LAN) RJ45
+# MIC 1 BUILTIN BUILTIN 4x 1GE(LAN) SFP, RJ45
+# PIC 1 BUILTIN BUILTIN 4x 1GE(LAN) SFP, RJ45
+# MIC 2 BUILTIN BUILTIN 2x 1GE(LAN) SFP
+# PIC 2 BUILTIN BUILTIN 2x 1GE(LAN) SFP
+# Xcvr 0 740-011783 USWLHX22643 SFP-LX10
+# MIC 3 BUILTIN BUILTIN 2x 10GE(LAN) SFP+
+# PIC 3 BUILTIN BUILTIN 2x 10GE(LAN) SFP+
#
-# {master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show chassis hardware models
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show chassis hardware models
# Hardware inventory:
# Item Version Part number Serial number FRU model number
-# Routing Engine 0 REV 08 750-034299 GD0211402150 EX3300-24T
-# FPC 0 REV 08 750-034299 GD0211402150 EX3300-24T
-# PIC 0 BUILTIN BUILTIN EX3300-24T
-# PIC 1 REV 08 750-034299 GD0211402150 EX3300-24T
+# Midplane REV 11 650-047694 PY0214190077 ACX2100-AC
+# Routing Engine BUILTIN BUILTIN
+# FEB 0 BUILTIN BUILTIN
+# FPC 0 BUILTIN BUILTIN
+# FPC 1 BUILTIN BUILTIN
#
-# {master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show chassis routing-engine
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show chassis routing-engine
# Routing Engine status:
-# Slot 0:
-# Current state Master
-# DRAM 1024
-# Serial ID GD0211402150
+# DRAM 1536 MB (1536 MB installed)
+# Serial ID PY0214190077
#
-# grnoc-mon at SWI-CAI-JEF-EX3300> show chassis scb
-# grnoc-mon at SWI-CAI-JEF-EX3300> show chassis sfm detail
-# grnoc-mon at SWI-CAI-JEF-EX3300> show chassis ssb
-# grnoc-mon at SWI-CAI-JEF-EX3300> show system boot-messages
-# fpc0:
-# --------------------------------------------------------------------------
-# GDB: debug ports: uart
-# GDB: current port: uart
-# KDB: debugger backends: ddb gdb
-# KDB: current backend: ddb
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show chassis scb
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show chassis sfm detail
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show chassis ssb
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show system boot-messages
+# platform_early_bootinit: MX-PPC Series Early Boot Initialization
+# mxppc_set_re_type: hw.board.type is ACX-2100
+# WDOG initialized
# Copyright (c) 1996-2015, Juniper Networks, Inc.
# All rights reserved.
# Copyright (c) 1992-2006 The FreeBSD Project.
# Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
# The Regents of the University of California. All rights reserved.
-# can't re-use a leaf (all_slot_serialid)!
-# CPU: Early Feroceon 88FR571 rev 0 (Marvell core)
-# cpu55: Early Feroceon 88FR571 revision WB enabled EABT branch prediction enabled
-# 32KB/32B 4-way Instruction cache
-# 32KB/32B 4-way write-back-locking-C Data cache
-# SOC: Marvell MV78100, TClock 200MHz
+# WARNING: debug.mpsafenet forced to 0 as ipsec requires Giant
+# Timecounter "decrementer" frequency 62500000 Hz quality 0
+# cpu0: Freescale e500v2 core revision 5.1
+# cpu0: HID0 80004000<EMCP,TBEN>
+# Security policy loaded: JUNOS MAC/runasnonroot (mac_runasnonroot)
# Security policy loaded: Junos MAC/veriexec (mac_veriexec)
+# Security policy loaded: JUNOS MAC/pcap (mac_pcap)
+# MAC/veriexec fingerprint module loaded: SHA1
# MAC/veriexec fingerprint module loaded: SHA256
-# MAC/veriexec fingerprint module loaded: SHA1
# ETHERNET SOCKET BRIDGE initialising
-# Initializing EXSERIES properties ...
-# mbus0: <Marvell Internal Bus (Mbus)> on motherboard
-# ic0: <Marvell Integrated Interrupt Controller> at mem 0xf1020200-0xf102023b on mbus0
-# timer0: <Marvell CPU Timer> at mem 0xf1020300-0xf102032f irq 8 on mbus0
-# gpio0: <Marvell Integrated GPIO Controller> at mem 0xf1010100-0xf101011f irq 56,57,58,59 on mbus0
-# uart0: <16550 or compatible> at mem 0xf1012000-0xf101201f irq 12 on mbus0
+# Initializing M/T platform properties ..
+# nexus0: <PPC e500 Nexus device>
+# ocpbus0: <on-chip peripheral bus> on nexus0
+# openpic0: <OpenPIC in on-chip peripheral bus> iomem 0xf7f40000-0xf7f600b3 on ocpbus0
+# uart0: <16550 or compatible> iomem 0xf7f04500-0xf7f0450f irq 58 on ocpbus0
# uart0: console (9600,n,8,1)
-# uart1: <16550 or compatible> at mem 0xf1012100-0xf101211f irq 13 on mbus0
-# ehci0: <88F5XXX Integrated USB 2.0 controller> at mem 0xf1050000-0xf1050fff irq 72,16 on mbus0
+# uart1: <16550 or compatible> iomem 0xf7f04600-0xf7f0460f irq 58 on ocpbus0
+# lbc0: <Freescale 8533 Local Bus Controller> iomem 0xf7f05000-0xf7f05fff,0xf8000000-0xffffffff irq 17,16 on ocpbus0
+# cfi0: <AMD/Fujitsu - 8MB> iomem 0xffc00000-0xffffffff on lbc0
+# fsyspld0 iomem 0xfef00000-0xfef00fff on lbc0
+# ramdev0 iomem 0xfee1f000-0xfee1ffff on lbc0
+# i2c0: <MPC85XX OnChip i2c Controller> iomem 0xf7f03000-0xf7f03014 irq 59 on ocpbus0
+# 8564 rtc0: <8564 RTC> on i2c0
+# USB2513i usb hub0: <USB2513Bi usb hub> on i2c0
+# tsec0: <eTSEC ethernet controller> iomem 0xf7f24000-0xf7f24fff irq 45,46,50 on ocpbus0
+# tsec0: hardware MAC address 28:8a:1c:79:ae:ff
+# miibus0: <MII bus> on tsec0
+# brgphy0: <BCM54610 10/100/1000baseTX PHY> on miibus0
+# brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
+# tsec1: <eTSEC ethernet controller> iomem 0xf7f25000-0xf7f25fff irq 51,52,56 on ocpbus0
+# tsec1: hardware MAC address 02:00:00:00:00:04
+# miibus1: <MII bus> on tsec1
+# gentbi0: <Generic ten-bit interface> on miibus1
+# gentbi0: 1000baseSX-FDX, 1000baseT-FDX, auto
+# ehci0: <Frescale Integrated USB 2.0 controller> iomem 0xf7f22000-0xf7f22503 irq 44 on ocpbus0
# usb0: EHCI version 1.0
# usb0 on ehci0
# usb0: USB revision 2.0
-# uhub0: Marvell EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
+# uhub0: Freescale EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
# uhub0: 1 port with 1 removable, self powered
-# umass0: STMicroelectronics ST72682 High Speed Mode, rev 2.00/2.10, addr 2
-# ehci1: <88F5XXX Integrated USB 2.0 controller> at mem 0xf1051000-0xf1051fff irq 72,17 on mbus0
-# usb1: EHCI version 1.0
-# usb1 on ehci1
-# usb1: USB revision 2.0
-# uhub1: Marvell EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
-# uhub1: 1 port with 1 removable, self powered
-# ehci2: <88F5XXX Integrated USB 2.0 controller> at mem 0xf1052000-0xf1052fff irq 72,18 on mbus0
-# usb2: EHCI version 1.0
-# usb2 on ehci2
-# usb2: USB revision 2.0
-# uhub2: Marvell EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
-# uhub2: 1 port with 1 removable, self powered
-# mge0: <Marvell Gigabit Ethernet controller> at mem 0xf1072000-0xf1073fff irq 41,42,43,40,70 on mbus0
-# mge0: hardware MAC address 88:e0:f3:72:cf:bf
-# miibus0: <MII bus> on mge0
-# e1000phy0: <Marvell 88E1310 Gigabit PHY> on miibus0
-# e1000phy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX-FDX, auto
-# i2c0: <Marvell I2C ARM OnChip Controller> at mem 0xf1011000-0xf101101f on mbus0
-# 8564 rtc0: <8564 RTC> on i2c0
-# poe0: <POE> on i2c0
-# device_attach: poe0 attach returned 19
-# i2c1: <Marvell I2C ARM OnChip Controller> at mem 0xf1011100-0xf101111f on mbus0
-# pcib0: <Marvell MV78100 PCI-Express host controller> at mem 0xf1040000-0xf1041fff,0xe8000000-0xebffffff on mbus0
-# pci0: <PCI bus> on pcib0
-# mpfe0: <Juniper EX-series Packet Forwarding Engine> mem 0xe8000000-0xebffffff irq 112 at device 1.0 on pci0
-# mpfe0: 0x100000 bytes of rid 0x10 res 3 failed (0, 0xffffffff).
-# syspld0 at mem 0xf9000000-0xf90fffff on mbus0
-# cfi0: <SPI flash - 8MB> at mem 0xf1010600-0xf101062f,0xf8800000-0xf8ffffff irq 1 on mbus0
-# Initializing product: 112 ..
-# bmeb: bmeb_lib_init done 0xc41c4800, addr 0xc1d86cd0
-# bme0:Virtual BME driver initializing
-# Timecounter "CPU Timer" frequency 200000000 Hz quality 1000
+# uhub1: SMSC USB2513Bi, class 9/0, rev 2.00/b.a0, addr 2
+# uhub1: multiple transaction translators
+# uhub1: 3 ports with 3 removable, self powered
+# umass0: vendor 0x13fe USB DISK 2.0, rev 2.00/1.00, addr 3
+# umass0: SCSI over Bulk-Only; quirks = 0x0000
+# umass0:0:0:-1: Attached to scbus0
+# Initializing product: 140 ..
+# Setting up M/T interface operations and attributes
+# platform_cookie_read not implemented
# ###PCB Group initialized for udppcbgroup
# ###PCB Group initialized for tcppcbgroup
# da0 at umass-sim0 bus 0 target 0 lun 0
-# da0: <ST ST72682 2.10> Removable Direct Access SCSI-2 device
+# da0: < USB DISK 2.0 PMAP> Removable Direct Access SCSI-0 device
# da0: 40.000MB/s transfers
-# da0: 1000MB (2048000 512 byte sectors: 64H 32S/T 1000C)
-# Kernel thread "wkupdaemon" (pid 46) exited prematurely.
-# Trying to mount root from ufs:/dev/da0s1a
+# da0: 7640MB (15646720 512 byte sectors: 255H 63S/T 973C)
+# Kernel thread "wkupdaemon" (pid 45) exited prematurely.
+# Trying to mount root from ufs:/dev/da0s2a
#
-# {master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show version
-# fpc0: # -------------------------------------------------------------------------- # Hostname: SWI-CAI-JEF-EX3300 # Model: ex3300-24t # JUNOS Base OS boot [12.3R9.4] # JUNOS Base OS Software Suite [12.3R9.4] # JUNOS Kernel Software Suite [12.3R9.4] # JUNOS Crypto Software Suite [12.3R9.4] # JUNOS Online Documentation [12.3R9.4] # JUNOS Enterprise Software Suite [12.3R9.4] # JUNOS Packet Forwarding Engine Enterprise Software Suite [12.3R9.4] # JUNOS Routing Software Suite [12.3R9.4] # JUNOS Web Management [12.3R9.4] # JUNOS FIPS mode utilities [12.3R9.4] # # {master:0} # grnoc-mon at SWI-CAI-JEF-EX3300> file list /var/tmp detail #
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show version
+# Hostname: ACX-CAI-JEF-ACX2100 # Model: acx2100 # JUNOS Crypto Software Suite [12.3X54-D20.9] # JUNOS Base OS Software Suite [12.3X54-D20.9] # JUNOS Kernel Software Suite [12.3X54-D20.9] # JUNOS Base OS boot [12.3X54-D20.9] # JUNOS Packet Forwarding Engine Support (ACX) [12.3X54-D20.9] # JUNOS Online Documentation [12.3X54-D20.9] # JUNOS Routing Software Suite [12.3X54-D20.9] # # grnoc-mon at ACX-CAI-JEF-ACX2100> file list /var/tmp detail #
# /var/tmp:
-# total blocks: 32
-# drwxrwxr-x 2 root wheel 512 Dec 31 2004 .snap/
-# drwxr-xr-x 2 root field 512 Mar 14 2016 gres-tp/
-# drwxrwxrwx 2 root wheel 512 Mar 14 2016 install/
-# drwxrwxrwx 2 root wheel 512 Mar 14 2016 pics/
-# drwxr-xr-x 2 root field 512 Mar 14 2016 rtsdb/
-# drwxrwxrwt 2 root wheel 512 Mar 14 2016 vi.recover/
-# total files: 0
+# total blocks: 282312
+# -rw-r--r-- 1 root field 916 Dec 31 18:07 diagtest.log
+# drwxr-xr-x 2 root field 512 Dec 31 18:04 gres-tp/
+# drwxrwxrwx 2 root wheel 512 Dec 31 18:03 install/
+# -rw-r--r-- 1 root field 144450260 Dec 31 18:08 jinstall-ppc-12.3X51-D10.5-export-signed.tgz
+# drwxrwxrwx 2 root wheel 512 Dec 31 18:03 pics/
+# -r--r--r-- 1 root field 237 Dec 31 18:15 preinstall_boot_loader.conf
+# drwxr-xr-x 2 root field 512 Dec 31 18:04 rtsdb/
+# ---------- 1 root wheel 0 Dec 31 18:05 snap
+# drwxr-xr-x 2 root field 512 Dec 31 18:13 usb/
+# drwxrwxrwt 2 root wheel 512 Dec 31 18:03 vi.recover/
+# total files: 4
#
-# {master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show system uptime
-# fpc0:
-# --------------------------------------------------------------------------
-# System booted: 2016-03-14 00:39 CDT
-# Protocols started: 2016-03-14 00:41 CDT
-# Last configured: 2016-07-25 10:28 CDT by rnordmark
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show system uptime
+# System booted: 2010-01-01 18:17 CST
+# Protocols started: 2010-01-01 18:19 CST
+# Last configured: 2010-01-05 11:43 CST by root
#
-# {master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show interface terse
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show interface terse
#Interface Admin Link
-#ge-0/0/0 down down
-#ge-0/0/1 down down
-#ge-0/0/2 down down
-#ge-0/0/3 down down
-#ge-0/0/4 down down
-#ge-0/0/5 down down
-#ge-0/0/6 down down
-#ge-0/0/7 down down
-#ge-0/0/8 down down
-#ge-0/0/9 down down
-#ge-0/0/10 down down
-#ge-0/0/11 down down
-#ge-0/0/12 down down
-#ge-0/0/13 down down
-#ge-0/0/14 down down
-#ge-0/0/15 down down
-#ge-0/0/16 down down
-#ge-0/0/17 down down
-#ge-0/0/18 down down
-#ge-0/0/19 down down
-#ge-0/0/20 down down
-#ge-0/0/21 down down
-#ge-0/0/22 up up
-#ge-0/0/22.0 up up
-#ge-0/0/23 up up
-#ge-0/0/23.0 up up
-#ge-0/1/0 up up
-#ge-0/1/0.0 up up
-#ge-0/1/1 up up
-#ge-0/1/1.0 up up
-#bme0 up up
-#bme0.32768 up up
+#ct1-0/0/0 down down
+#lsq-0/0/0 up up
+#ct1-0/0/1 down down
+#ct1-0/0/2 down down
+#ct1-0/0/3 down down
+#ct1-0/0/4 down down
+#ct1-0/0/5 down down
+#ct1-0/0/6 down down
+#ct1-0/0/7 down down
+#ct1-0/0/8 down down
+#ct1-0/0/9 down down
+#ct1-0/0/10 down down
+#ct1-0/0/11 down down
+#ct1-0/0/12 down down
+#ct1-0/0/13 down down
+#ct1-0/0/14 down down
+#ct1-0/0/15 down down
+#ge-1/0/0 up down
+#ge-1/0/0.0 up down
+#ge-1/0/1 up down
+#ge-1/0/1.0 up down
+#ge-1/0/2 down down
+#ge-1/0/3 down down
+#ge-1/1/0 down down
+#ge-1/1/1 down down
+#ge-1/1/2 down down
+#ge-1/1/3 down down
+#ge-1/2/0 up up
+#ge-1/2/0.70 up up
+#ge-1/2/0.81 up up
+#ge-1/2/0.32767 up up
+#ge-1/2/1 up down
+#ge-1/2/1.71 up down
+#ge-1/2/1.32767 up down
+#xe-1/3/0 down down
+#xe-1/3/1 down down
#dsc up up
+#em0 up up
+#em0.0 up up
+#fxp0 down down
#gre up up
#ipip up up
+#irb up up
#lo0 up up
#lo0.0 up up
#lo0.16384 up up
+#lo0.16385 up up
#lsi up up
-#me0 up down
-#me0.0 up down
#mtun up up
#pimd up up
#pime up up
#tap up up
-#vlan up up
-#vlan.70 up up
-#vlan.71 up up
-#vlan.81 up up
-#vme up down
-# grnoc-mon at SWI-CAI-JEF-EX3300> show configuration
-## Last commit: 2016-07-25 10:28:05 CDT by rnordmark
-version 12.3R9.4;
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show configuration
+## Last commit: 2010-01-05 11:43:26 CST by root
+version 12.3X54-D20.9;
+groups {
+ ISIS-L2-INTERFACE {
+ protocols {
+ isis {
+ interface <*> {
+ point-to-point;
+ link-protection;
+ bfd-liveness-detection {
+ minimum-interval 400;
+ multiplier 3;
+ }
+ level 2 {
+ hello-#authentication-#key <removed>;
+ hello-authentication-type md5;
+ }
+ level 1 disable;
+ }
+ }
+ }
+ }
+}
system {
- host-name SWI-CAI-JEF-EX3300;
- auto-snapshot;
+ host-name ACX-CAI-JEF-ACX2100;
domain-name onenet.net;
time-zone America/Chicago;
authentication-order [ radius password ];
+ ports {
+ ##
+ ## Warning: statement ignored: unsupported platform (acx2100)
+ ##
+ console log-out-on-disconnect;
+ }
root-authentication {
# encrypted-password <removed>;
}
name-server {
164.58.253.10;
- 164.58.253.4;
+ 164.58.198.10;
}
radius-server {
156.110.31.11 {
@@ -242,15 +262,10 @@
source-address 164.58.198.16;
}
}
- radius-options {
- attributes {
- nas-ip-address 164.58.198.16;
- }
- }
login {
- message "\n\n************************************ WARNING ****************************************\n\n* To protect the system from unauthorized use, *\n\n* activities on this system are monitored,recorded and subject to audit. *\n\n* Use of this system is expressed consent to such monitoring and recording. *\n\n* Any unauthorized access or use of this system is prohibited and *\n\n* is subject to criminal and civil penalties and/or administrative action. *\n\n******************** UNAUTHORIZED USE IS STRICTLY PROHIBITED ************************\n\n;";
+ message "\n\n************************************ WARNING ****************************************\n\n* To protect the system from unauthorized use, *\n\n* activities on this system are monitored,recorded and subject to audit. *\n\n* Use of this system is expressed consent to such monitoring and recording. *\n\n* Any unauthorized access or use of this system is prohibited and *\n\n* is subject to criminal and civil penalties and/or administrative action. *\n\n******************** UNAUTHORIZED USE IS STRICTLY PROHIBITED ************************\n\n";
class admin {
- idle-timeout 1044;
+ idle-timeout 1440;
permissions all;
}
class lockdown {
@@ -289,6 +304,7 @@
}
}
services {
+ ftp;
ssh {
root-login deny;
protocol-version v2;
@@ -297,31 +313,44 @@
netconf {
ssh;
}
- web-management {
- http;
- }
}
syslog {
- archive size 10m files 5;
+ archive size 10m files 20;
user * {
any emergency;
}
+ host 164.58.253.92 {
+ any any;
+ }
+ host 164.58.253.38 {
+ any any;
+ }
file messages {
any notice;
authorization info;
+ match "!(.*LI Packet length.*|.* grnoc-mon.*|.*Connection closed by 164.58.253.113.*|.* exited, status 255.*)";
}
file interactive-commands {
interactive-commands any;
}
+ file PROTECT-RE {
+ firewall any;
+ archive no-world-readable;
+ }
file default-log-messages {
- any any;
- match "(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|cm_device|(Master Unchanged, Members Changed)|(Master Changed, Members Changed)|(Master Detected, Members Changed)|(vc add)|(vc delete)|(Master detected)|(Master changed)|(Backup detected)|(Backup changed)|(interface vcp-)";
+ any info;
+ match "(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|CFMD_CCM_DEFECT| LFMD_3AH | RPD_MPLS_PATH_BFD|(Master Unchanged, Members Changed)|(Master Changed, Members Changed)|(Master Detected, Members Changed)|(vc add)|(vc delete)|(Master detected)|(Master changed)|(Backup detected)|(Backup changed)|(interface vcp-)";
structured-data;
}
+ file updown {
+ any any;
+ match "SNMP_TRAP_LINK_|(TRAP_LINK)|bgp_rt_maxprefixes_check|RPD_BGP_NEIGHBOR_STATE";
+ }
source-address 164.58.198.16;
}
+ commit synchronize;
ntp {
- server 164.58.253.82 prefer;
+ server 164.58.3.98 prefer;
}
}
chassis {
@@ -331,116 +360,155 @@
}
}
}
+services {
+ ##
+ ## Warning: configuration block ignored: unsupported platform (acx2100)
+ ##
+ flow-monitoring {
+ version9 {
+ template ip-template {
+ ipv4-template;
+ }
+ template mpls-ipv4-template {
+ mpls-ipv4-template {
+ label-position [ 1 2 3 ];
+ }
+ }
+ }
+ }
+}
interfaces {
- ge-0/0/0 {
+ ct1-0/0/0 {
disable;
}
- ge-0/0/1 {
+ ct1-0/0/1 {
disable;
}
- ge-0/0/2 {
+ ct1-0/0/2 {
disable;
}
- ge-0/0/3 {
+ ct1-0/0/3 {
disable;
}
- ge-0/0/4 {
+ ct1-0/0/4 {
disable;
}
- ge-0/0/5 {
+ ct1-0/0/5 {
disable;
}
- ge-0/0/6 {
+ ct1-0/0/6 {
disable;
}
- ge-0/0/7 {
+ ct1-0/0/7 {
disable;
}
- ge-0/0/8 {
+ ct1-0/0/8 {
disable;
}
- ge-0/0/9 {
+ ct1-0/0/9 {
disable;
}
- ge-0/0/10 {
+ ct1-0/0/10 {
disable;
}
- ge-0/0/11 {
+ ct1-0/0/11 {
disable;
}
- ge-0/0/12 {
+ ct1-0/0/12 {
disable;
}
- ge-0/0/13 {
+ ct1-0/0/13 {
disable;
}
- ge-0/0/14 {
+ ct1-0/0/14 {
disable;
}
- ge-0/0/15 {
+ ct1-0/0/15 {
disable;
}
- ge-0/0/16 {
+ ge-1/0/0 {
+ description JEFFERSON-COUNTY-PUBLIC-WIFI-100M-CIR000XXXX;
+ unit 0 {
+ family inet {
+ address 156.110.25.1/30;
+ }
+ }
+ }
+ ge-1/0/1 {
+ description "CAI-Jefferson-County-Hospital-GE-CIR0005253 [ORDERED]";
+ unit 0 {
+ family inet {
+ address 164.58.63.9/30;
+ }
+ }
+ }
+ ge-1/0/2 {
disable;
}
- ge-0/0/17 {
+ ge-1/0/3 {
disable;
}
- ge-0/0/18 {
+ ge-1/1/0 {
disable;
+ media-type copper;
}
- ge-0/0/19 {
+ ge-1/1/1 {
disable;
+ media-type copper;
}
- ge-0/0/20 {
+ ge-1/1/2 {
disable;
+ media-type copper;
}
- ge-0/0/21 {
+ ge-1/1/3 {
disable;
+ media-type copper;
}
- ge-0/0/22 {
- description JEFFERSON-COUNTY-PUBLIC-WIFI-100M-CIR000XXXX;
- unit 0 {
+ ge-1/2/0 {
+ description "CORE 1GE to swi1.odot.waurika-regmaint ge-0/1/1 | OneNet-WAUUS7DOT-CAIJEF-GE-5252";
+ vlan-tagging;
+ mtu 9192;
+ encapsulation flexible-ethernet-services;
+ unit 70 {
+ vlan-id 70;
family inet {
- address 156.110.25.1/30;
+ mtu 9000;
+ address 164.58.247.218/30;
}
+ family iso;
+ family mpls;
}
- }
- ge-0/0/23 {
- description "CAI-Jefferson-County-Hospital-GE-CIR0005253 [ORDERED]";
- unit 0 {
+ unit 81 {
+ vlan-id 81;
family inet {
- address 164.58.63.9/30;
+ mtu 1500;
+ address 10.199.210.178/30;
}
+ family iso;
+ family mpls;
}
}
- ge-0/1/0 {
- description "CORE 1GE to swi1.odot.waurika-regmaint ge-0/1/1 | OneNet-WAUUS7DOT-CAIJEF-GE-5252";
+ ge-1/2/1 {
+ vlan-tagging;
mtu 9192;
- unit 0 {
- family ethernet-switching {
- port-mode trunk;
- vlan {
- members [ 81 vlan-70 ];
- }
+ encapsulation flexible-ethernet-services;
+ unit 71 {
+ vlan-id 71;
+ family inet {
+ mtu 9000;
+ address 164.58.244.62/30;
}
+ family iso;
+ family mpls;
}
}
- ge-0/1/1 {
- description "CORE 1GE to core.hut.ard ge-1/0/2 | OneNet-HUTARD-CAIJEF-GE-CIR000XXXX";
- unit 0 {
- family ethernet-switching {
- port-mode trunk;
- vlan {
- members 71;
- }
- }
- }
+ xe-1/3/0 {
+ disable;
}
- ge-0/1/2 {
+ xe-1/3/1 {
disable;
}
- ge-0/1/3 {
+ fxp0 {
disable;
}
lo0 {
@@ -451,34 +519,17 @@
}
address 164.58.198.16/32;
}
- }
- }
- vlan {
- mtu 9192;
- unit 70 {
- family inet {
- mtu 9000;
- address 164.58.247.218/30;
+ family iso {
+ address 49.0001.1640.5819.8016.00;
}
+ family inet6;
}
- unit 71 {
- family inet {
- mtu 9000;
- address 164.58.244.62/30;
- }
- }
- unit 81 {
- family inet {
- mtu 1500;
- address 10.199.210.178/30;
- }
- }
}
}
snmp {
- description OneNet;
+ description "NetGroup 1-888-566-3638";
location "CAIJEF, WAURIKA, OK";
- contact "Net Group";
+ contact "OneNet Netgroup";
client-list snmp-management {
156.110.31.0/27;
156.110.31.32/28;
@@ -493,84 +544,394 @@
community "<removed>" {
authorization read-write;
}
+ trap-options {
+ source-address 164.58.198.16;
+ }
trap-group "<removed>" {
version v2;
targets {
+ 164.58.253.34;
164.58.253.35;
}
}
}
+routing-options {
+ router-id 164.58.198.16;
+ autonomous-system 5078;
+ forwarding-table {
+ export LOAD-BALANCE;
+ }
+}
protocols {
- ##
- ## Warning: requires 'ospf2' license
- ##
+ mpls {
+ icmp-tunneling;
+ interface ge-1/2/0.70;
+ interface ge-1/2/1.71;
+ interface lo0.0;
+ }
+ bgp {
+ group CORE-RR-OKC-V4 {
+ type internal;
+ local-address 164.58.198.16;
+ family inet {
+ any;
+ }
+ family inet-vpn {
+ unicast;
+ }
+ family inet6-vpn {
+ unicast;
+ }
+ family l2vpn {
+ signaling;
+ }
+# authentication-#key <removed>;
+ export [ REDISTRIBUTE-DIRECTS REDISTRIBUTE-STATICS ];
+ peer-as 5078;
+ neighbor 164.58.199.216 {
+ description OKC-CORE6-IBGP-V4;
+ }
+ }
+ group CORE-RR-TUL-V4 {
+ type internal;
+ local-address 164.58.198.16;
+ family inet {
+ any;
+ }
+ family inet-vpn {
+ unicast;
+ }
+ family inet6-vpn {
+ unicast;
+ }
+ family l2vpn {
+ signaling;
+ }
+# authentication-#key <removed>;
+ export [ REDISTRIBUTE-DIRECTS REDISTRIBUTE-STATICS ];
+ peer-as 5078;
+ neighbor 164.58.199.226 {
+ description TUL-CORE6-IBGP-V4;
+ }
+ }
+ }
+ isis {
+ apply-groups ISIS-L2-INTERFACE;
+ reference-bandwidth 1000g;
+ level 1 disable;
+ interface ge-1/2/0.70;
+ interface ge-1/2/1.71;
+ interface fxp0.0 {
+ apply-groups-except ISIS-L2-INTERFACE;
+ disable;
+ }
+ interface lo0.0 {
+ apply-groups-except ISIS-L2-INTERFACE;
+ passive;
+ level 1 disable;
+ }
+ }
ospf {
- export [ REDISTRIBUTE-STATICS REDISTRIBUTE-DIRECTS ];
reference-bandwidth 100g;
area 0.0.0.0 {
- interface lo0.0;
- interface vlan.70 {
- metric 65535;
+ interface ge-1/2/0.70 {
+ link-protection;
authentication {
md5 7# key <removed>;
}
- }
- interface ge-0/1/1.0 {
- authentication {
- md5 7# key <removed>;
+ bfd-liveness-detection {
+ minimum-interval 400;
+ multiplier 3;
}
}
- interface vlan.71 {
- metric 65535;
+ interface ge-1/2/1.71 {
+ link-protection;
authentication {
md5 7# key <removed>;
}
+ bfd-liveness-detection {
+ minimum-interval 400;
+ multiplier 3;
+ }
}
+ interface lo0.0 {
+ passive;
+ }
+ interface fxp0.0 {
+ disable;
+ }
}
}
- igmp-snooping {
- vlan all;
+ ldp {
+ preference 255;
+ track-igp-metric;
+ interface ge-1/2/0.70;
+ interface ge-1/2/1.71;
+ interface lo0.0;
}
- rstp;
lldp {
- interface ge-0/1/0.0;
- interface ge-0/1/1.0;
+ interface ge-1/2/0;
+ interface ge-1/2/1;
}
}
policy-options {
- prefix-list MGMT {
- 156.110.31.0/27;
- 156.110.31.32/28;
- 164.58.10.0/24;
- 164.58.12.233/32;
- 164.58.15.0/24;
- 164.58.244.0/22;
- 164.58.253.0/24;
+ policy-statement LOAD-BALANCE {
+ then {
+ load-balance per-packet;
+ }
}
policy-statement REDISTRIBUTE-DIRECTS {
term 1 {
from protocol direct;
- then accept;
+ then {
+ community add CAIJEF;
+ external {
+ type 1;
+ }
+ accept;
+ }
}
}
policy-statement REDISTRIBUTE-STATICS {
term 1 {
from protocol static;
- then accept;
+ then {
+ community add CAIJEF;
+ accept;
+ }
}
}
+ community CAIJEF members 5078:16;
}
firewall {
family inet {
filter PROTECT-RE {
- term 1 {
+ term SSH-ALLOW {
from {
- source-prefix-list {
- MGMT;
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
}
+ protocol tcp;
+ destination-port ssh;
}
then accept;
}
+ term FIRST-FRAG {
+ from {
+ first-fragment;
+ }
+ then {
+ discard;
+ }
+ }
+ term NEXT-FRAG {
+ from {
+ is-fragment;
+ }
+ then {
+ discard;
+ }
+ }
+ term BGP-SRC-ALLOW {
+ from {
+ source-address {
+ 164.58.199.226/32;
+ 164.58.199.216/32;
+ }
+ protocol tcp;
+ source-port bgp;
+ }
+ then accept;
+ }
+ term BGP-DEST-ALLOW {
+ from {
+ source-address {
+ 164.58.199.226/32;
+ 164.58.199.216/32;
+ }
+ protocol tcp;
+ destination-port bgp;
+ }
+ then accept;
+ }
+ term RADIUS-ALLOW {
+ from {
+ source-address {
+ 156.110.31.11/32;
+ }
+ protocol [ udp tcp ];
+ source-port [ radius radacct ];
+ }
+ then accept;
+ }
+ term OSPF-ALLOW {
+ from {
+ source-address {
+ 164.58.244.0/22;
+ 10.199.210.0/24;
+ 172.23.0.0/16;
+ }
+ protocol ospf;
+ }
+ then accept;
+ }
+ term NTP-SRC-ALLOW {
+ from {
+ source-address {
+ 164.58.3.98/32;
+ 164.58.199.0/24;
+ 127.0.0.1/32;
+ }
+ protocol udp;
+ source-port ntp;
+ }
+ then accept;
+ }
+ term NTP-DEST-ALLOW {
+ from {
+ source-address {
+ 164.58.3.98/32;
+ 164.58.199.0/24;
+ 127.0.0.1/32;
+ }
+ protocol udp;
+ destination-port ntp;
+ }
+ then accept;
+ }
+ term DOMAIN-ALLOW {
+ from {
+ source-address {
+ 164.58.253.10/32;
+ 164.58.198.10/32;
+ }
+ source-port domain;
+ }
+ then accept;
+ }
+ term SYSLOG-ALLOW {
+ from {
+ source-address {
+ 164.58.253.38/32;
+ 164.58.253.92/32;
+ }
+ source-port syslog;
+ }
+ then accept;
+ }
+ term FTP-ALLOW {
+ from {
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
+ }
+ source-port ftp;
+ }
+ then accept;
+ }
+ term JSPACE-ALLOW {
+ from {
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
+ }
+ source-port 7408;
+ }
+ then accept;
+ }
+ term SNMP-POLL-ALLOW {
+ from {
+ source-address {
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.253.0/24;
+ }
+ protocol [ tcp udp ];
+ destination-port snmp;
+ }
+ then accept;
+ }
+ term SNMP-TRAP-ALLOW {
+ from {
+ source-address {
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.253.0/24;
+ }
+ protocol [ tcp udp ];
+ source-port snmptrap;
+ }
+ then accept;
+ }
+ term LDP-SRC-ALLOW {
+ from {
+ source-address {
+ 164.58.244.0/22;
+ 164.58.199.0/24;
+ 10.199.0.0/16;
+ 172.23.0.0/16;
+ }
+ source-port ldp;
+ }
+ then accept;
+ }
+ term LDP-DEST-ALLOW {
+ from {
+ source-address {
+ 164.58.244.0/22;
+ 164.58.199.0/24;
+ 10.199.0.0/16;
+ 172.23.0.0/16;
+ }
+ destination-port ldp;
+ }
+ then accept;
+ }
+ term PIM-ALLOW {
+ from {
+ source-address {
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ protocol pim;
+ }
+ then accept;
+ }
+ term BFD-DEST-ALLOW {
+ from {
+ source-address {
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ protocol udp;
+ destination-port [ 3784 3785 ];
+ }
+ then accept;
+ }
+ term BFD-SRC-ALLOW {
+ from {
+ source-address {
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ protocol udp;
+ source-port [ 3784 3785 ];
+ }
+ then accept;
+ }
term ICMP-ALLOW {
from {
protocol icmp;
@@ -578,57 +939,44 @@
}
then accept;
}
- term Reject {
+ term TRACEROUTE-ALLOW {
+ from {
+ protocol udp;
+ destination-port 33434-33523;
+ }
+ then accept;
+ }
+ term DENY-SERVICES-INBOUND {
+ from {
+ destination-port [ ssh telnet http https snmp ntp domain ];
+ }
then {
discard;
}
}
+ term SERVICES-OUTBOUND {
+ from {
+ source-port [ ssh telnet ];
+ }
+ then accept;
+ }
+ term DENY_ALL {
+ then {
+ discard;
+ }
+ }
}
}
- policer 100M-POL {
- ##
- ## Warning: statement ignored: unsupported platform (ex3300-24t)
- ##
- logical-interface-policer;
- if-exceeding {
- bandwidth-limit 100m;
- burst-size-limit 300k;
- }
- then discard;
- }
}
-ethernet-switching-options {
- voip;
- storm-control {
- interface all {
- level 50;
- }
- }
-}
-vlans {
- VLAN-81 {
- vlan-id 81;
- l3-interface vlan.81;
- }
- vlan-70 {
- vlan-id 70;
- l3-interface vlan.70;
- }
- vlan-71 {
- vlan-id 71;
- l3-interface vlan.71;
- }
-}
-{master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show ospf neighbor
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show ospf neighbor
# Address Interface State ID Pri Dead
-# 164.58.247.217 vlan.70 Full 164.58.199.151
-# 164.58.244.61 vlan.71 Full 164.58.199.160
+# 164.58.247.217 ge-1/2/0.70 Full 164.58.199.151
#
-# {master:0}
-# grnoc-mon at SWI-CAI-JEF-EX3300> show bfd session
+# grnoc-mon at ACX-CAI-JEF-ACX2100> show bfd session
+ Detect Transmit
+Address State Interface Time Interval Multiplier
+164.58.247.217 Down ge-1/2/0.70 0.000 1.000 3
-0 sessions, 0 clients
-Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
+1 sessions, 1 clients
+Cumulative transmit rate 1.0 pps, cumulative receive rate 0.0 pps
-{master:0}
More information about the Nocrancid
mailing list