[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Thu Mar 2 13:04:23 CST 2017
Index: configs/swi1.rp7f0.parknet.onenet.net
===================================================================
--- configs/swi1.rp7f0.parknet.onenet.net (revision 150780)
+++ configs/swi1.rp7f0.parknet.onenet.net (working copy)
@@ -155,8 +155,8 @@
# grnoc-mon at SWI1-RP7F0-PARKNET-005194> show system uptime
# fpc0:
# --------------------------------------------------------------------------
-# System booted: 2017-02-16 12:40 CST
-# Protocols started: 2017-02-16 12:44 CST
+# System booted: 2017-03-02 12:39 CST
+# Protocols started: 2017-03-02 12:43 CST
# Last configured: 2017-02-19 18:02 CST by andrew
#
# {master:0}
Index: configs/maysville-es.client.onenet.net
===================================================================
--- configs/maysville-es.client.onenet.net (revision 151170)
+++ configs/maysville-es.client.onenet.net (working copy)
@@ -614,7 +614,6 @@
# OSPF instance is not running
#
# grnoc-mon at MAYSVILLE-ES-LEASED-ASSET-TAG-004945> show bfd session
-quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/kiamichi-fmc-battiest.client.onenet.net
===================================================================
--- configs/kiamichi-fmc-battiest.client.onenet.net (revision 151171)
+++ configs/kiamichi-fmc-battiest.client.onenet.net (working copy)
@@ -171,7 +171,7 @@
#ppe0 up up
#st0 up up
#st0.0 up up
-#st0.1 up up
+#st0.1 up down
#tap up up
#vlan up down
#vtep up up
Index: configs/core6.tul.onenet.net
===================================================================
--- configs/core6.tul.onenet.net (revision 150977)
+++ configs/core6.tul.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TULSA-ROUTE-REFLECTOR> show system commit
+# 2017-03-02 12:19:31 CST by andrew via cli
# 2017-02-24 19:50:34 CST by andrew via cli
# 2017-02-22 14:24:23 CST by sky via cli
# 2017-02-22 14:21:06 CST by sky via cli
# 2017-02-10 14:50:36 CST by admin via netconf
# 2017-02-02 20:11:46 CST by andrew via cli
-# 2017-02-02 20:09:21 CST by andrew via cli commit confirmed, rollback in 3mins
# grnoc-mon at TULSA-ROUTE-REFLECTOR> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -285,7 +285,7 @@
# Time Source: NTP CLOCK
# System booted: 2016-11-05 15:33 CDT
# Protocols started: 2016-11-05 15:33 CDT
-# Last configured: 2017-02-24 19:50 CST by andrew
+# Last configured: 2017-03-02 12:19 CST by andrew
#
# grnoc-mon at TULSA-ROUTE-REFLECTOR> show interface terse
#Interface Admin Link
@@ -349,7 +349,7 @@
#tap up up
#vtep up up
# grnoc-mon at TULSA-ROUTE-REFLECTOR> show configuration
-## Last commit: 2017-02-24 19:50:34 CST by andrew
+## Last commit: 2017-03-02 12:19:31 CST by andrew
version 15.1F6.9;
groups {
ISIS-L2-INTERFACE {
@@ -1194,6 +1194,9 @@
neighbor 164.58.198.16 {
description ACX.CAI.JEF;
}
+ neighbor 164.58.198.4 {
+ description CAI-CLEET;
+ }
}
group DEFAULT-AND-IBGP-V6 {
family inet6 {
Index: configs/rpswi2.rp3f2.onenet.net
===================================================================
--- configs/rpswi2.rp3f2.onenet.net (revision 151171)
+++ configs/rpswi2.rp3f2.onenet.net (working copy)
@@ -70,7 +70,7 @@
!show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 0 0 0/0 -
-* 1 VTY - - - - - 5726 0 0/0 -
+* 1 VTY - - - - - 5727 0 0/0 -
2 VTY - - - - - 9 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
Index: configs/core6.okc.onenet.net
===================================================================
--- configs/core6.okc.onenet.net (revision 150977)
+++ configs/core6.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-ROUTE-REFLECTOR> show system commit
+# 2017-03-02 12:19:17 CST by andrew via cli
# 2017-02-24 19:50:24 CST by andrew via cli
# 2017-02-22 14:25:45 CST by sky via cli
# 2017-02-22 14:20:24 CST by sky via cli
# 2017-02-10 14:50:39 CST by admin via netconf
# 2017-02-02 20:11:38 CST by andrew via cli
-# 2017-02-02 20:09:33 CST by andrew via cli commit confirmed, rollback in 3mins
# grnoc-mon at OKC-ROUTE-REFLECTOR> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -285,7 +285,7 @@
# Time Source: NTP CLOCK
# System booted: 2016-10-12 08:17 CDT
# Protocols started: 2016-10-12 08:18 CDT
-# Last configured: 2017-02-24 19:50 CST by andrew
+# Last configured: 2017-03-02 12:19 CST by andrew
#
# grnoc-mon at OKC-ROUTE-REFLECTOR> show interface terse
#Interface Admin Link
@@ -349,7 +349,7 @@
#tap up up
#vtep up up
# grnoc-mon at OKC-ROUTE-REFLECTOR> show configuration
-## Last commit: 2017-02-24 19:50:24 CST by andrew
+## Last commit: 2017-03-02 12:19:17 CST by andrew
version 15.1F6.9;
groups {
ISIS-L2-INTERFACE {
@@ -1200,6 +1200,9 @@
neighbor 164.58.198.16 {
description ACX.CAI.JEF;
}
+ neighbor 164.58.198.4 {
+ description CAI-CLEET;
+ }
}
group DEFAULT-AND-IBGP-V6 {
family inet6 {
Index: configs/meeker-ps.client.onenet.net
===================================================================
--- configs/meeker-ps.client.onenet.net (revision 151168)
+++ configs/meeker-ps.client.onenet.net (working copy)
@@ -144,8 +144,8 @@
#ge-0/0/11 down down
#ge-0/0/12 down down
#ge-0/0/13 down down
-#ge-0/0/14 up down
-#ge-0/0/14.0 up down
+#ge-0/0/14 up up
+#ge-0/0/14.0 up up
#ge-0/0/15 up up
#ge-0/0/15.0 up up
#fxp2 up up
Index: configs/swi.cai.cleet.onenet.net
===================================================================
--- configs/swi.cai.cleet.onenet.net (revision 147469)
+++ configs/swi.cai.cleet.onenet.net (working copy)
@@ -1,236 +1,257 @@
# RANCID-CONTENT-TYPE: juniper
#
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show system commit
-# 2016-09-22 11:00:21 CDT by andrew via cli
-# 2016-06-16 10:36:54 CDT by andrew via cli commit confirmed, rollback in 3mins
-# 2016-03-16 00:28:08 CDT by root via other
-# 2014-11-07 15:45:48 CST by admin via netconf
-# 2014-11-05 22:15:51 CST by andrew via cli commit confirmed, rollback in 2mins
-# 2014-11-05 22:07:54 CST by andrew via cli commit confirmed, rollback in 2mins
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show chassis environment
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show system commit
+# 2010-01-12 10:58:21 CST by root via cli
+# 2010-01-12 10:46:39 CST by root via cli
+# 2009-12-31 19:13:00 CST by root via cli
+# 2009-12-31 18:04:24 CST by root via other
+# 2009-12-31 18:06:32 CST by root via button
+# rescue 2010-01-12 10:59:16 CST by admin via cli
+#
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show chassis environment
# Class Item Status Measurement
-# Power FPC 0 Power Supply 0 OK
-# Temp FPC 0 CPU OK
-# FPC 0 EX-PFE1 OK
-# FPC 0 GEPHY1 OK
-# FPC 0 Fan Exhaust OK
-# FPC 0 SFP+ PHY OK
-# FPC 0 Local Sensor OK
-# Fans FPC 0 Fan 1 OK
-# FPC 0 Fan 2 OK
+# PCB Left OK
+# SFP+ Xcvr OK
+# FEB OK
+# PCB Up OK
+# PCB Mid OK
+# Telecom Mod OK
+# Routing Engine OK
+# Heater off
#
-# {master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show chassis firmware
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show chassis firmware
# Part Type Version
-# FPC 0 uboot U-Boot 1.1.6 (Aug 21 2011 - 01:45:26) 1.0
-# loader FreeBSD/arm U-Boot loader 1.1
+# FPC 0 O/S Version 12.3X54-D20.9 by builder on 2015-10
+# FPC 1 O/S Version 12.3X54-D20.9 by builder on 2015-10
+# FEB O/S Version 12.3X54-D20.9 by builder on 2015-10
#
-# {master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show chassis fpc detail
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show chassis fpc detail
# Slot 0 information:
# State Online
-# Total CPU DRAM 1024 MB
+# Total CPU DRAM 512 MB
+# Slot 1 information:
+# State Online
+# Total CPU DRAM 512 MB
#
-# {master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show chassis hardware
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show chassis hardware
# Hardware inventory:
# Item Version Part number Serial number Description
-# Chassis GD0211402071 EX3300-24T
-# Routing Engine 0 REV 08 750-034299 GD0211402071 EX3300 24-Port
-# FPC 0 REV 08 750-034299 GD0211402071 EX3300 24-Port
-# CPU BUILTIN BUILTIN FPC CPU
-# PIC 0 BUILTIN BUILTIN 24x 10/100/1000 Base-T
-# PIC 1 REV 08 750-034299 GD0211402071 4x GE/XE SFP+
-# Xcvr 0 REV 01 740-031850 C11E00342 SFP-LX10
-# Xcvr 1 REV 01 740-031849 08T617600033 SFP-EX
-# Power Supply 0 PS 100W AC
-# Fan Tray Fan Tray
+# Chassis PY0214190035 ACX2100
+# Midplane REV 11 650-047694 PY0214190035 ACX2100
+# Routing Engine BUILTIN BUILTIN Routing Engine
+# FEB 0 BUILTIN BUILTIN Forwarding Engine Processor
+# FPC 0 BUILTIN BUILTIN FPC BUILTIN
+# MIC 0 BUILTIN BUILTIN 16x CHE1T1, RJ48
+# PIC 0 BUILTIN BUILTIN 16x CHE1T1, RJ48
+# FPC 1 BUILTIN BUILTIN FPC BUILTIN
+# MIC 0 BUILTIN BUILTIN 4x 1GE(LAN) RJ45
+# PIC 0 BUILTIN BUILTIN 4x 1GE(LAN) RJ45
+# MIC 1 BUILTIN BUILTIN 4x 1GE(LAN) SFP, RJ45
+# PIC 1 BUILTIN BUILTIN 4x 1GE(LAN) SFP, RJ45
+# MIC 2 BUILTIN BUILTIN 2x 1GE(LAN) SFP
+# PIC 2 BUILTIN BUILTIN 2x 1GE(LAN) SFP
+# Xcvr 0 REV 01 740-031850 C11E00342 SFP-LX10
+# Xcvr 1 REV 01 740-031849 08T617600033 SFP-LH
+# MIC 3 BUILTIN BUILTIN 2x 10GE(LAN) SFP+
+# PIC 3 BUILTIN BUILTIN 2x 10GE(LAN) SFP+
#
-# {master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show chassis hardware models
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show chassis hardware models
# Hardware inventory:
# Item Version Part number Serial number FRU model number
-# Routing Engine 0 REV 08 750-034299 GD0211402071 EX3300-24T
-# FPC 0 REV 08 750-034299 GD0211402071 EX3300-24T
-# PIC 0 BUILTIN BUILTIN EX3300-24T
-# PIC 1 REV 08 750-034299 GD0211402071 EX3300-24T
+# Midplane REV 11 650-047694 PY0214190035 ACX2100-AC
+# Routing Engine BUILTIN BUILTIN
+# FEB 0 BUILTIN BUILTIN
+# FPC 0 BUILTIN BUILTIN
+# FPC 1 BUILTIN BUILTIN
#
-# {master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show chassis routing-engine
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show chassis routing-engine
# Routing Engine status:
-# Slot 0:
-# Current state Master
-# DRAM 1024
-# Serial ID GD0211402071
+# DRAM 1536 MB (1536 MB installed)
+# Serial ID PY0214190035
#
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show chassis scb
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show chassis sfm detail
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show chassis ssb
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show system boot-messages
-# fpc0:
-# --------------------------------------------------------------------------
-# GDB: debug ports: uart
-# GDB: current port: uart
-# KDB: debugger backends: ddb gdb
-# KDB: current backend: ddb
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show chassis scb
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show chassis sfm detail
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show chassis ssb
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show system boot-messages
+# platform_early_bootinit: MX-PPC Series Early Boot Initialization
+# mxppc_set_re_type: hw.board.type is ACX-2100
+# WDOG initialized
# Copyright (c) 1996-2015, Juniper Networks, Inc.
# All rights reserved.
# Copyright (c) 1992-2006 The FreeBSD Project.
# Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
# The Regents of the University of California. All rights reserved.
-# can't re-use a leaf (all_slot_serialid)!
-# CPU: Early Feroceon 88FR571 rev 0 (Marvell core)
-# cpu55: Early Feroceon 88FR571 revision WB enabled EABT branch prediction enabled
-# 32KB/32B 4-way Instruction cache
-# 32KB/32B 4-way write-back-locking-C Data cache
-# SOC: Marvell MV78100, TClock 200MHz
+# WARNING: debug.mpsafenet forced to 0 as ipsec requires Giant
+# Timecounter "decrementer" frequency 62500000 Hz quality 0
+# cpu0: Freescale e500v2 core revision 5.1
+# cpu0: HID0 80004000<EMCP,TBEN>
+# Security policy loaded: JUNOS MAC/runasnonroot (mac_runasnonroot)
# Security policy loaded: Junos MAC/veriexec (mac_veriexec)
+# Security policy loaded: JUNOS MAC/pcap (mac_pcap)
+# MAC/veriexec fingerprint module loaded: SHA1
# MAC/veriexec fingerprint module loaded: SHA256
-# MAC/veriexec fingerprint module loaded: SHA1
# ETHERNET SOCKET BRIDGE initialising
-# Initializing EXSERIES properties ...
-# mbus0: <Marvell Internal Bus (Mbus)> on motherboard
-# ic0: <Marvell Integrated Interrupt Controller> at mem 0xf1020200-0xf102023b on mbus0
-# timer0: <Marvell CPU Timer> at mem 0xf1020300-0xf102032f irq 8 on mbus0
-# gpio0: <Marvell Integrated GPIO Controller> at mem 0xf1010100-0xf101011f irq 56,57,58,59 on mbus0
-# uart0: <16550 or compatible> at mem 0xf1012000-0xf101201f irq 12 on mbus0
+# Initializing M/T platform properties ..
+# nexus0: <PPC e500 Nexus device>
+# ocpbus0: <on-chip peripheral bus> on nexus0
+# openpic0: <OpenPIC in on-chip peripheral bus> iomem 0xf7f40000-0xf7f600b3 on ocpbus0
+# uart0: <16550 or compatible> iomem 0xf7f04500-0xf7f0450f irq 58 on ocpbus0
# uart0: console (9600,n,8,1)
-# uart1: <16550 or compatible> at mem 0xf1012100-0xf101211f irq 13 on mbus0
-# ehci0: <88F5XXX Integrated USB 2.0 controller> at mem 0xf1050000-0xf1050fff irq 72,16 on mbus0
+# uart1: <16550 or compatible> iomem 0xf7f04600-0xf7f0460f irq 58 on ocpbus0
+# lbc0: <Freescale 8533 Local Bus Controller> iomem 0xf7f05000-0xf7f05fff,0xf8000000-0xffffffff irq 17,16 on ocpbus0
+# cfi0: <AMD/Fujitsu - 8MB> iomem 0xffc00000-0xffffffff on lbc0
+# fsyspld0 iomem 0xfef00000-0xfef00fff on lbc0
+# ramdev0 iomem 0xfee1f000-0xfee1ffff on lbc0
+# i2c0: <MPC85XX OnChip i2c Controller> iomem 0xf7f03000-0xf7f03014 irq 59 on ocpbus0
+# 8564 rtc0: <8564 RTC> on i2c0
+# USB2513i usb hub0: <USB2513Bi usb hub> on i2c0
+# tsec0: <eTSEC ethernet controller> iomem 0xf7f24000-0xf7f24fff irq 45,46,50 on ocpbus0
+# tsec0: hardware MAC address 28:8a:1c:79:99:ff
+# miibus0: <MII bus> on tsec0
+# brgphy0: <BCM54610 10/100/1000baseTX PHY> on miibus0
+# brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
+# tsec1: <eTSEC ethernet controller> iomem 0xf7f25000-0xf7f25fff irq 51,52,56 on ocpbus0
+# tsec1: hardware MAC address 02:00:00:00:00:04
+# miibus1: <MII bus> on tsec1
+# gentbi0: <Generic ten-bit interface> on miibus1
+# gentbi0: 1000baseSX-FDX, 1000baseT-FDX, auto
+# ehci0: <Frescale Integrated USB 2.0 controller> iomem 0xf7f22000-0xf7f22503 irq 44 on ocpbus0
# usb0: EHCI version 1.0
# usb0 on ehci0
# usb0: USB revision 2.0
-# uhub0: Marvell EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
+# uhub0: Freescale EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
# uhub0: 1 port with 1 removable, self powered
-# umass0: STMicroelectronics ST72682 High Speed Mode, rev 2.00/2.10, addr 2
-# ehci1: <88F5XXX Integrated USB 2.0 controller> at mem 0xf1051000-0xf1051fff irq 72,17 on mbus0
-# usb1: EHCI version 1.0
-# usb1 on ehci1
-# usb1: USB revision 2.0
-# uhub1: Marvell EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
-# uhub1: 1 port with 1 removable, self powered
-# ehci2: <88F5XXX Integrated USB 2.0 controller> at mem 0xf1052000-0xf1052fff irq 72,18 on mbus0
-# usb2: EHCI version 1.0
-# usb2 on ehci2
-# usb2: USB revision 2.0
-# uhub2: Marvell EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
-# uhub2: 1 port with 1 removable, self powered
-# mge0: <Marvell Gigabit Ethernet controller> at mem 0xf1072000-0xf1073fff irq 41,42,43,40,70 on mbus0
-# mge0: hardware MAC address 88:e0:f3:72:e4:ff
-# miibus0: <MII bus> on mge0
-# e1000phy0: <Marvell 88E1310 Gigabit PHY> on miibus0
-# e1000phy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX-FDX, auto
-# i2c0: <Marvell I2C ARM OnChip Controller> at mem 0xf1011000-0xf101101f on mbus0
-# 8564 rtc0: <8564 RTC> on i2c0
-# poe0: <POE> on i2c0
-# device_attach: poe0 attach returned 19
-# i2c1: <Marvell I2C ARM OnChip Controller> at mem 0xf1011100-0xf101111f on mbus0
-# pcib0: <Marvell MV78100 PCI-Express host controller> at mem 0xf1040000-0xf1041fff,0xe8000000-0xebffffff on mbus0
-# pci0: <PCI bus> on pcib0
-# mpfe0: <Juniper EX-series Packet Forwarding Engine> mem 0xe8000000-0xebffffff irq 112 at device 1.0 on pci0
-# mpfe0: 0x100000 bytes of rid 0x10 res 3 failed (0, 0xffffffff).
-# syspld0 at mem 0xf9000000-0xf90fffff on mbus0
-# cfi0: <SPI flash - 8MB> at mem 0xf1010600-0xf101062f,0xf8800000-0xf8ffffff irq 1 on mbus0
-# Initializing product: 112 ..
-# bmeb: bmeb_lib_init done 0xc41c4800, addr 0xc1d86cd0
-# bme0:Virtual BME driver initializing
-# Timecounter "CPU Timer" frequency 200000000 Hz quality 1000
+# uhub1: SMSC USB2513Bi, class 9/0, rev 2.00/b.a0, addr 2
+# uhub1: multiple transaction translators
+# uhub1: 3 ports with 3 removable, self powered
+# umass0: vendor 0x13fe USB DISK 2.0, rev 2.00/1.00, addr 3
+# umass0: SCSI over Bulk-Only; quirks = 0x0000
+# umass0:0:0:-1: Attached to scbus0
+# Initializing product: 140 ..
+# Setting up M/T interface operations and attributes
+# platform_cookie_read not implemented
# ###PCB Group initialized for udppcbgroup
# ###PCB Group initialized for tcppcbgroup
# da0 at umass-sim0 bus 0 target 0 lun 0
-# da0: <ST ST72682 2.10> Removable Direct Access SCSI-2 device
+# da0: < USB DISK 2.0 PMAP> Removable Direct Access SCSI-0 device
# da0: 40.000MB/s transfers
-# da0: 1000MB (2048000 512 byte sectors: 64H 32S/T 1000C)
-# Kernel thread "wkupdaemon" (pid 46) exited prematurely.
+# da0: 7640MB (15646720 512 byte sectors: 255H 63S/T 973C)
+# Kernel thread "wkupdaemon" (pid 45) exited prematurely.
# Trying to mount root from ufs:/dev/da0s2a
#
-# {master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show version
-# fpc0: # -------------------------------------------------------------------------- # Hostname: SWI-CLEET-ADA-EX-3300 # Model: ex3300-24t # JUNOS Base OS boot [12.3R9.4] # JUNOS Base OS Software Suite [12.3R9.4] # JUNOS Kernel Software Suite [12.3R9.4] # JUNOS Crypto Software Suite [12.3R9.4] # JUNOS Online Documentation [12.3R9.4] # JUNOS Enterprise Software Suite [12.3R9.4] # JUNOS Packet Forwarding Engine Enterprise Software Suite [12.3R9.4] # JUNOS Routing Software Suite [12.3R9.4] # JUNOS Web Management [12.3R9.4] # JUNOS FIPS mode utilities [12.3R9.4] # # {master:0} # grnoc-mon at SWI-CLEET-ADA-EX-3300> file list /var/tmp detail #
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show version
+# Hostname: ACX-CAI-CLEET-ACX2100 # Model: acx2100 # JUNOS Crypto Software Suite [12.3X54-D20.9] # JUNOS Base OS Software Suite [12.3X54-D20.9] # JUNOS Kernel Software Suite [12.3X54-D20.9] # JUNOS Base OS boot [12.3X54-D20.9] # JUNOS Packet Forwarding Engine Support (ACX) [12.3X54-D20.9] # JUNOS Online Documentation [12.3X54-D20.9] # JUNOS Routing Software Suite [12.3X54-D20.9] # # grnoc-mon at ACX-CAI-CLEET-ACX2100> file list /var/tmp detail #
# /var/tmp:
-# total blocks: 32
-# drwxrwxr-x 2 root operator 512 Jun 28 2012 .snap/
-# drwxr-xr-x 2 root field 512 Mar 16 2016 gres-tp/
-# drwxrwxrwx 2 root wheel 512 Mar 16 2016 install/
-# drwxrwxrwx 2 root wheel 512 Mar 16 2016 pics/
-# drwxr-xr-x 2 root field 512 Mar 16 2016 rtsdb/
-# drwxrwxrwt 2 root wheel 512 Mar 16 2016 vi.recover/
-# total files: 0
+# total blocks: 282312
+# -rw-r--r-- 1 root field 916 Dec 31 2009 diagtest.log
+# drwxr-xr-x 2 root field 512 Dec 31 2009 gres-tp/
+# drwxrwxrwx 2 root wheel 512 Dec 31 2009 install/
+# -rw-r--r-- 1 root field 144450260 Dec 31 2009 jinstall-ppc-12.3X51-D10.5-export-signed.tgz
+# drwxrwxrwx 2 root wheel 512 Dec 31 2009 pics/
+# -r--r--r-- 1 root field 237 Dec 31 2009 preinstall_boot_loader.conf
+# drwxr-xr-x 2 root field 512 Dec 31 2009 rtsdb/
+# ---------- 1 root wheel 0 Dec 31 2009 snap
+# drwxr-xr-x 2 root field 512 Dec 31 2009 usb/
+# drwxrwxrwt 2 root wheel 512 Dec 31 2009 vi.recover/
+# total files: 4
#
-# {master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show system uptime
-# fpc0:
-# --------------------------------------------------------------------------
-# System booted: 2016-03-16 00:26 CDT
-# Protocols started: 2016-03-16 00:28 CDT
-# Last configured: 2016-09-22 11:00 CDT by andrew
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show system uptime
+# System booted: 2017-03-02 11:54 CST
+# Protocols started: 2017-03-02 11:56 CST
+# Last configured: 2010-01-12 10:58 CST by root
#
-# {master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show interface terse
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show interface terse
#Interface Admin Link
-#ge-0/0/0 down down
-#ge-0/0/1 down down
-#ge-0/0/2 down down
-#ge-0/0/3 down down
-#ge-0/0/4 down down
-#ge-0/0/5 down down
-#ge-0/0/6 down down
-#ge-0/0/7 down down
-#ge-0/0/8 down down
-#ge-0/0/9 down down
-#ge-0/0/10 down down
-#ge-0/0/11 down down
-#ge-0/0/12 down down
-#ge-0/0/13 down down
-#ge-0/0/14 down down
-#ge-0/0/15 down down
-#ge-0/0/16 down down
-#ge-0/0/17 down down
-#ge-0/0/18 down down
-#ge-0/0/19 down down
-#ge-0/0/20 down down
-#ge-0/0/21 down down
-#ge-0/0/22 down down
-#ge-0/0/23 up up
-#ge-0/0/23.0 up up
-#ge-0/1/0 up up
-#ge-0/1/0.0 up up
-#ge-0/1/1 up up
-#ge-0/1/1.0 up up
-#bme0 up up
-#bme0.32768 up up
+#ct1-0/0/0 down down
+#lsq-0/0/0 up up
+#ct1-0/0/1 down down
+#ct1-0/0/2 down down
+#ct1-0/0/3 down down
+#ct1-0/0/4 down down
+#ct1-0/0/5 down down
+#ct1-0/0/6 down down
+#ct1-0/0/7 down down
+#ct1-0/0/8 down down
+#ct1-0/0/9 down down
+#ct1-0/0/10 down down
+#ct1-0/0/11 down down
+#ct1-0/0/12 down down
+#ct1-0/0/13 down down
+#ct1-0/0/14 down down
+#ct1-0/0/15 down down
+#ge-1/0/0 up up
+#ge-1/0/0.0 up up
+#ge-1/0/1 down down
+#ge-1/0/2 up up
+#ge-1/0/2.0 up up
+#ge-1/0/3 down down
+#ge-1/1/0 down down
+#ge-1/1/1 down down
+#ge-1/1/2 down down
+#ge-1/1/3 down down
+#ge-1/2/0 up up
+#ge-1/2/0.70 up up
+#ge-1/2/0.81 up up
+#ge-1/2/0.32767 up up
+#ge-1/2/1 up up
+#ge-1/2/1.71 up up
+#ge-1/2/1.32767 up up
+#xe-1/3/0 down down
+#xe-1/3/1 down down
#dsc up up
+#em0 up up
+#em0.0 up up
+#fxp0 down down
#gre up up
#ipip up up
+#irb up up
#lo0 up up
#lo0.0 up up
#lo0.16384 up up
+#lo0.16385 up up
#lsi up up
-#me0 up down
-#me0.0 up down
#mtun up up
#pimd up up
#pime up up
#tap up up
-#vlan up up
-#vlan.70 up up
-#vlan.71 up up
-#vme up down
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show configuration
-## Last commit: 2016-09-22 11:00:21 CDT by andrew
-version 12.3R9.4;
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show configuration
+## Last commit: 2010-01-12 10:58:21 CST by root
+version 12.3X54-D20.9;
+groups {
+ ISIS-L2-INTERFACE {
+ protocols {
+ isis {
+ interface <*> {
+ point-to-point;
+ link-protection;
+ bfd-liveness-detection {
+ minimum-interval 400;
+ multiplier 3;
+ }
+ level 2 {
+ hello-#authentication-#key <removed>;
+ hello-authentication-type md5;
+ }
+ level 1 disable;
+ }
+ }
+ }
+ }
+}
system {
- host-name SWI-CLEET-ADA-EX-3300;
+ host-name ACX-CAI-CLEET-ACX2100;
domain-name onenet.net;
time-zone America/Chicago;
authentication-order [ radius password ];
+ ports {
+ ##
+ ## Warning: statement ignored: unsupported platform (acx2100)
+ ##
+ console log-out-on-disconnect;
+ }
root-authentication {
# encrypted-password <removed>;
}
- name-server {
- 164.58.253.10;
- 164.58.253.4;
- }
radius-server {
156.110.31.11 {
port 1812;
@@ -245,7 +266,7 @@
}
}
login {
- message "\n\n************************************ WARNING ****************************************\n\n* To protect the system from unauthorized use, *\n\n* activities on this system are monitored,recorded and subject to audit. *\n\n* Use of this system is expressed consent to such monitoring and recording. *\n\n* Any unauthorized access or use of this system is prohibited and *\n\n* is subject to criminal and civil penalties and/or administrative action. *\n\n******************** UNAUTHORIZED USE IS STRICTLY PROHIBITED ************************\n\n;";
+ message "\n\n************************************ WARNING ****************************************\n\n* To protect the system from unauthorized use, *\n\n* activities on this system are monitored,recorded and subject to audit. *\n\n* Use of this system is expressed consent to such monitoring and recording. *\n\n* Any unauthorized access or use of this system is prohibited and *\n\n* is subject to criminal and civil penalties and/or administrative action. *\n\n******************** UNAUTHORIZED USE IS STRICTLY PROHIBITED ************************\n\n";
class admin {
idle-timeout 1440;
permissions all;
@@ -266,7 +287,7 @@
permissions [ admin configure firewall interface routing secret security snmp system trace view ];
}
user admin {
- uid 2000;
+ uid 1000;
class super-user;
authentication {
# encrypted-password <removed>;
@@ -286,6 +307,7 @@
}
}
services {
+ ftp;
ssh {
root-login deny;
protocol-version v2;
@@ -294,31 +316,43 @@
netconf {
ssh;
}
- web-management {
- http;
- }
}
syslog {
- archive size 10m files 5;
+ archive size 10m files 20;
user * {
any emergency;
}
+ host 164.58.253.92 {
+ any any;
+ }
+ host 164.58.253.38 {
+ any any;
+ }
file messages {
any notice;
authorization info;
+ match "!(.*LI Packet length.*|.* grnoc-mon.*|.*Connection closed by 164.58.253.113.*|.* exited, status 255.*)";
}
file interactive-commands {
interactive-commands any;
}
+ file PROTECT-RE {
+ firewall any;
+ archive no-world-readable;
+ }
file default-log-messages {
- any any;
- match "(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|cm_device|(Master Unchanged, Members Changed)|(Master Changed, Members Changed)|(Master Detected, Members Changed)|(vc add)|(vc delete)|(Master detected)|(Master changed)|(Backup detected)|(Backup changed)|(interface vcp-)";
+ any info;
+ match "(requested 'commit' operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|CFMD_CCM_DEFECT| LFMD_3AH | RPD_MPLS_PATH_BFD|(Master Unchanged, Members Changed)|(Master Changed, Members Changed)|(Master Detected, Members Changed)|(vc add)|(vc delete)|(Master detected)|(Master changed)|(Backup detected)|(Backup changed)|(interface vcp-)";
structured-data;
}
+ file updown {
+ any any;
+ match "SNMP_TRAP_LINK_|(TRAP_LINK)|bgp_rt_maxprefixes_check|RPD_BGP_NEIGHBOR_STATE";
+ }
source-address 164.58.198.4;
}
+ commit synchronize;
ntp {
- server 164.58.253.82;
server 164.58.3.98 prefer;
}
}
@@ -329,115 +363,158 @@
}
}
}
+services {
+ ##
+ ## Warning: configuration block ignored: unsupported platform (acx2100)
+ ##
+ flow-monitoring {
+ version9 {
+ template ip-template {
+ ipv4-template;
+ }
+ template mpls-ipv4-template {
+ mpls-ipv4-template {
+ label-position [ 1 2 3 ];
+ }
+ }
+ }
+ }
+}
interfaces {
- ge-0/0/0 {
+ ct1-0/0/0 {
disable;
}
- ge-0/0/1 {
+ ct1-0/0/1 {
disable;
}
- ge-0/0/2 {
+ ct1-0/0/2 {
disable;
}
- ge-0/0/3 {
+ ct1-0/0/3 {
disable;
}
- ge-0/0/4 {
+ ct1-0/0/4 {
disable;
}
- ge-0/0/5 {
+ ct1-0/0/5 {
disable;
}
- ge-0/0/6 {
+ ct1-0/0/6 {
disable;
}
- ge-0/0/7 {
+ ct1-0/0/7 {
disable;
}
- ge-0/0/8 {
+ ct1-0/0/8 {
disable;
}
- ge-0/0/9 {
+ ct1-0/0/9 {
disable;
}
- ge-0/0/10 {
+ ct1-0/0/10 {
disable;
}
- ge-0/0/11 {
+ ct1-0/0/11 {
disable;
}
- ge-0/0/12 {
+ ct1-0/0/12 {
disable;
}
- ge-0/0/13 {
+ ct1-0/0/13 {
disable;
}
- ge-0/0/14 {
+ ct1-0/0/14 {
disable;
}
- ge-0/0/15 {
+ ct1-0/0/15 {
disable;
}
- ge-0/0/16 {
- disable;
+ ge-1/0/0 {
+ description CLEET-ADA-100M-CIR0005405;
+ unit 0 {
+ family inet {
+ address 156.110.130.25/30;
+ address 156.110.34.101/30;
+ }
+ }
}
- ge-0/0/17 {
+ ge-1/0/1 {
disable;
}
- ge-0/0/18 {
+ ge-1/0/2 {
+ description "Hub Appliance - NetGuardian - CAI-JEF [NO-MONITOR]";
+ speed 100m;
+ link-mode full-duplex;
+ gigether-options {
+ no-auto-negotiation;
+ }
+ unit 0 {
+ family inet {
+ address 10.196.12.65/30;
+ }
+ }
+ }
+ ge-1/0/3 {
disable;
}
- ge-0/0/19 {
+ ge-1/1/0 {
disable;
+ media-type copper;
}
- ge-0/0/20 {
+ ge-1/1/1 {
disable;
+ media-type copper;
}
- ge-0/0/21 {
+ ge-1/1/2 {
disable;
+ media-type copper;
}
- ge-0/0/22 {
+ ge-1/1/3 {
disable;
+ media-type copper;
}
- ge-0/0/23 {
- description CLEET-ADA-100M-CIR0005405;
- unit 0 {
+ ge-1/2/0 {
+ description 1GE;
+ vlan-tagging;
+ mtu 9192;
+ encapsulation flexible-ethernet-services;
+ unit 70 {
+ vlan-id 70;
family inet {
- address 156.110.130.25/30;
- address 156.110.34.101/30;
+ mtu 9000;
+ address 164.58.247.198/30;
}
+ family iso;
+ family mpls;
}
- }
- ge-0/1/0 {
- description "1GE to swi.odot.ada ge-0/1/0 | OneNet-CAICLEET-ADA128DOT-GE-XXXX";
- mtu 9192;
- unit 0 {
- family ethernet-switching {
- port-mode trunk;
- vlan {
- members [ 71 81 3900 ];
- }
- }
+ unit 81 {
+ vlan-id 81;
}
}
- ge-0/1/1 {
+ ge-1/2/1 {
description "CORE 1GE to core.sem ge-0/2/2 | OneNet-SEM-CAICLEET-GE-XXXX";
+ vlan-tagging;
mtu 9192;
- unit 0 {
- family ethernet-switching {
- port-mode trunk;
- vlan {
- members [ 70 81 3900 ];
- }
+ encapsulation flexible-ethernet-services;
+ unit 71 {
+ vlan-id 71;
+ family inet {
+ mtu 9000;
+ address 164.58.247.94/30;
}
+ family iso;
+ family mpls;
}
}
- ge-0/1/2 {
+ xe-1/3/0 {
disable;
}
- ge-0/1/3 {
+ xe-1/3/1 {
disable;
}
+ fxp0 {
+ disable;
+ }
lo0 {
unit 0 {
family inet {
@@ -446,29 +523,17 @@
}
address 164.58.198.4/32;
}
- }
- }
- vlan {
- mtu 9192;
- unit 70 {
- description OneNet-SEM-CAICLEET-GE-XXXX;
- family inet {
- mtu 9000;
- address 164.58.247.94/30;
+ family iso {
+ address 49.0001.1640.5819.8004.00;
}
+ family inet6;
}
- unit 71 {
- description OneNet-CAICLEET-ADA128DOT-GE-XXXX;
- family inet {
- mtu 9000;
- address 164.58.247.198/30;
- }
- }
}
}
snmp {
- description OneNet;
- contact "Net Group";
+ description "NetGroup 1-888-566-3638";
+ location "CAICLEET, WAURIKA, OK";
+ contact "OneNet Netgroup";
client-list snmp-management {
156.110.31.0/27;
156.110.31.32/28;
@@ -483,9 +548,13 @@
community "<removed>" {
authorization read-write;
}
+ trap-options {
+ source-address 164.58.198.4;
+ }
trap-group "<removed>" {
version v2;
targets {
+ 164.58.253.34;
164.58.253.35;
}
}
@@ -495,94 +564,382 @@
route 156.110.35.160/28 next-hop 156.110.34.102;
route 164.58.225.120/30 next-hop 156.110.34.102;
}
+ router-id 164.58.198.4;
+ autonomous-system 5078;
+ forwarding-table {
+ export LOAD-BALANCE;
+ }
}
protocols {
- ##
- ## Warning: requires 'ospf2' license
- ##
+ mpls {
+ icmp-tunneling;
+ interface ge-1/2/0.70;
+ interface ge-1/2/1.71;
+ interface lo0.0;
+ }
+ bgp {
+ group CORE-RR-OKC-V4 {
+ type internal;
+ local-address 164.58.198.4;
+ family inet {
+ any;
+ }
+ family inet-vpn {
+ unicast;
+ }
+ family inet6-vpn {
+ unicast;
+ }
+ family l2vpn {
+ signaling;
+ }
+# authentication-#key <removed>;
+ export [ REDISTRIBUTE-DIRECTS REDISTRIBUTE-STATICS ];
+ peer-as 5078;
+ neighbor 164.58.199.216 {
+ description OKC-CORE6-IBGP-V4;
+ }
+ }
+ group CORE-RR-TUL-V4 {
+ type internal;
+ local-address 164.58.198.4;
+ family inet {
+ any;
+ }
+ family inet-vpn {
+ unicast;
+ }
+ family inet6-vpn {
+ unicast;
+ }
+ family l2vpn {
+ signaling;
+ }
+# authentication-#key <removed>;
+ export [ REDISTRIBUTE-DIRECTS REDISTRIBUTE-STATICS ];
+ peer-as 5078;
+ neighbor 164.58.199.226 {
+ description TUL-CORE6-IBGP-V4;
+ }
+ }
+ }
+ isis {
+ apply-groups ISIS-L2-INTERFACE;
+ reference-bandwidth 1000g;
+ level 1 disable;
+ interface ge-1/2/0.70;
+ interface ge-1/2/1.71;
+ interface fxp0.0 {
+ apply-groups-except ISIS-L2-INTERFACE;
+ disable;
+ }
+ interface lo0.0 {
+ apply-groups-except ISIS-L2-INTERFACE;
+ passive;
+ level 1 disable;
+ }
+ }
ospf {
- export [ REDISTRIBUTE-STATICS REDISTRIBUTE-DIRECTS ];
reference-bandwidth 100g;
area 0.0.0.0 {
- interface lo0.0 {
- passive;
- }
- interface vlan.70 {
+ interface ge-1/2/0.70 {
link-protection;
authentication {
md5 7# key <removed>;
}
- ##
- ## Warning: requires 'bfd-liveness-detection' license
- ##
bfd-liveness-detection {
minimum-interval 400;
multiplier 3;
}
}
- interface vlan.71 {
+ interface ge-1/2/1.71 {
link-protection;
authentication {
md5 7# key <removed>;
}
- ##
- ## Warning: requires 'bfd-liveness-detection' license
- ##
bfd-liveness-detection {
minimum-interval 400;
multiplier 3;
}
}
+ interface lo0.0 {
+ passive;
+ }
+ interface fxp0.0 {
+ disable;
+ }
}
}
- igmp-snooping {
- vlan all;
+ ldp {
+ preference 255;
+ track-igp-metric;
+ interface ge-1/2/0.70;
+ interface ge-1/2/1.71;
+ interface lo0.0;
}
- rstp;
lldp {
- interface ge-0/1/0.0;
- interface ge-0/1/1.0;
+ interface ge-1/2/0;
+ interface ge-1/2/1;
}
}
policy-options {
- prefix-list MGMT {
- 156.110.31.0/27;
- 156.110.31.32/28;
- 164.58.3.98/32;
- 164.58.10.0/24;
- 164.58.15.0/24;
- 164.58.198.0/23;
- 164.58.244.0/22;
- 164.58.253.0/24;
+ policy-statement LOAD-BALANCE {
+ then {
+ load-balance per-packet;
+ }
}
- prefix-list PRE-LOCALIPv4-SOURCES {
- apply-path "interfaces <*> unit <*> family inet address <*>";
- }
policy-statement REDISTRIBUTE-DIRECTS {
term 1 {
from protocol direct;
- then accept;
+ then {
+ community add CAICLEET;
+ external {
+ type 1;
+ }
+ accept;
+ }
}
}
policy-statement REDISTRIBUTE-STATICS {
term 1 {
from protocol static;
- then accept;
+ then {
+ community add CAICLEET;
+ accept;
+ }
}
}
+ community CAICLEET members 5078:8004;
}
firewall {
family inet {
filter PROTECT-RE {
- term 1 {
+ term SSH-ALLOW {
from {
- source-prefix-list {
- MGMT;
- PRE-LOCALIPv4-SOURCES;
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
}
+ protocol tcp;
+ destination-port ssh;
}
then accept;
}
+ term FIRST-FRAG {
+ from {
+ first-fragment;
+ }
+ then {
+ discard;
+ }
+ }
+ term NEXT-FRAG {
+ from {
+ is-fragment;
+ }
+ then {
+ discard;
+ }
+ }
+ term BGP-SRC-ALLOW {
+ from {
+ source-address {
+ 164.58.199.226/32;
+ 164.58.199.216/32;
+ }
+ protocol tcp;
+ source-port bgp;
+ }
+ then accept;
+ }
+ term BGP-DEST-ALLOW {
+ from {
+ source-address {
+ 164.58.199.226/32;
+ 164.58.199.216/32;
+ }
+ protocol tcp;
+ destination-port bgp;
+ }
+ then accept;
+ }
+ term RADIUS-ALLOW {
+ from {
+ source-address {
+ 156.110.31.11/32;
+ }
+ protocol [ udp tcp ];
+ source-port [ radius radacct ];
+ }
+ then accept;
+ }
+ term OSPF-ALLOW {
+ from {
+ source-address {
+ 164.58.244.0/22;
+ 10.199.210.0/24;
+ 172.23.0.0/16;
+ }
+ protocol ospf;
+ }
+ then accept;
+ }
+ term NTP-SRC-ALLOW {
+ from {
+ source-address {
+ 164.58.3.98/32;
+ 164.58.199.0/24;
+ 127.0.0.1/32;
+ }
+ protocol udp;
+ source-port ntp;
+ }
+ then accept;
+ }
+ term NTP-DEST-ALLOW {
+ from {
+ source-address {
+ 164.58.3.98/32;
+ 164.58.199.0/24;
+ 127.0.0.1/32;
+ }
+ protocol udp;
+ destination-port ntp;
+ }
+ then accept;
+ }
+ term DOMAIN-ALLOW {
+ from {
+ source-address {
+ 164.58.253.10/32;
+ 164.58.198.10/32;
+ }
+ source-port domain;
+ }
+ then accept;
+ }
+ term SYSLOG-ALLOW {
+ from {
+ source-address {
+ 164.58.253.38/32;
+ 164.58.253.92/32;
+ }
+ source-port syslog;
+ }
+ then accept;
+ }
+ term FTP-ALLOW {
+ from {
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
+ }
+ source-port ftp;
+ }
+ then accept;
+ }
+ term JSPACE-ALLOW {
+ from {
+ source-address {
+ 164.58.253.0/24;
+ 164.58.244.0/22;
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.10.0/24;
+ 164.58.15.0/24;
+ }
+ source-port 7408;
+ }
+ then accept;
+ }
+ term SNMP-POLL-ALLOW {
+ from {
+ source-address {
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.253.0/24;
+ }
+ protocol [ tcp udp ];
+ destination-port snmp;
+ }
+ then accept;
+ }
+ term SNMP-TRAP-ALLOW {
+ from {
+ source-address {
+ 156.110.31.0/27;
+ 156.110.31.32/28;
+ 164.58.253.0/24;
+ }
+ protocol [ tcp udp ];
+ source-port snmptrap;
+ }
+ then accept;
+ }
+ term LDP-SRC-ALLOW {
+ from {
+ source-address {
+ 164.58.244.0/22;
+ 164.58.199.0/24;
+ 10.199.0.0/16;
+ 172.23.0.0/16;
+ }
+ source-port ldp;
+ }
+ then accept;
+ }
+ term LDP-DEST-ALLOW {
+ from {
+ source-address {
+ 164.58.244.0/22;
+ 164.58.199.0/24;
+ 10.199.0.0/16;
+ 172.23.0.0/16;
+ }
+ destination-port ldp;
+ }
+ then accept;
+ }
+ term PIM-ALLOW {
+ from {
+ source-address {
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ protocol pim;
+ }
+ then accept;
+ }
+ term BFD-DEST-ALLOW {
+ from {
+ source-address {
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ protocol udp;
+ destination-port [ 3784 3785 ];
+ }
+ then accept;
+ }
+ term BFD-SRC-ALLOW {
+ from {
+ source-address {
+ 164.58.0.0/16;
+ 156.110.0.0/16;
+ }
+ protocol udp;
+ source-port [ 3784 3785 ];
+ }
+ then accept;
+ }
term ICMP-ALLOW {
from {
protocol icmp;
@@ -590,53 +947,46 @@
}
then accept;
}
- term Reject {
+ term TRACEROUTE-ALLOW {
+ from {
+ protocol udp;
+ destination-port 33434-33523;
+ }
+ then accept;
+ }
+ term DENY-SERVICES-INBOUND {
+ from {
+ destination-port [ ssh telnet http https snmp ntp domain ];
+ }
then {
discard;
}
}
+ term SERVICES-OUTBOUND {
+ from {
+ source-port [ ssh telnet ];
+ }
+ then accept;
+ }
+ term DENY_ALL {
+ then {
+ discard;
+ }
+ }
}
}
}
-ethernet-switching-options {
- voip;
- storm-control {
- interface all {
- level 50;
- }
- }
-}
-vlans {
- VLAN-3900 {
- vlan-id 3900;
- }
- VLAN-70 {
- vlan-id 70;
- l3-interface vlan.70;
- }
- VLAN-71 {
- vlan-id 71;
- l3-interface vlan.71;
- }
- VLAN-81 {
- vlan-id 81;
- }
- default;
-}
-{master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show ospf neighbor
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show ospf neighbor
# Address Interface State ID Pri Dead
-# 164.58.247.93 vlan.70 Full 164.58.199.47
-# 164.58.247.197 vlan.71 Full 164.58.199.23
+# 164.58.247.197 ge-1/2/0.70 Full 164.58.199.23
+# 164.58.247.93 ge-1/2/1.71 Full 164.58.199.47
#
-# {master:0}
-# grnoc-mon at SWI-CLEET-ADA-EX-3300> show bfd session
+# grnoc-mon at ACX-CAI-CLEET-ACX2100> show bfd session
Detect Transmit
Address State Interface Time Interval Multiplier
-164.58.247.93 Up vlan.70 1.200 0.400 3
-164.58.247.197 Up vlan.71 1.200 0.400 3
+164.58.247.93 Up ge-1/2/1.71 1.200 0.400 3
+164.58.247.197 Up ge-1/2/0.70 1.200 0.400 3
-2 sessions, 2 clients
+2 sessions, 4 clients
Cumulative transmit rate 5.0 pps, cumulative receive rate 5.0 pps
-{master:0}
Index: configs/core.sem.onenet.net
===================================================================
--- configs/core.sem.onenet.net (revision 151171)
+++ configs/core.sem.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at SEMINOLE-MX480-RE0> show system commit
+# 2017-03-02 12:24:58 CST by andrew via cli commit synchronize
+# 2017-03-02 12:23:44 CST by andrew via cli commit synchronize
+# 2017-03-02 12:14:49 CST by andrew via cli commit synchronize
+# 2017-03-02 12:13:36 CST by andrew via cli commit synchronize
# 2017-03-02 11:43:28 CST by andrew via cli commit confirmed, rollback in 3mins synchronize
# 2017-02-24 23:38:17 CST by andrew via cli commit synchronize
-# 2017-02-07 10:28:01 CST by aberrios via cli commit synchronize
-# 2017-01-30 09:56:53 CST by joel via cli commit synchronize
-# 2017-01-29 02:07:41 CST by andrew via cli commit synchronize
-# 2017-01-20 08:36:52 CST by joel via cli commit synchronize
# grnoc-mon at SEMINOLE-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -248,14 +248,14 @@
# drwxr-xr-x 2 root field 512 Mar 21 2016 rtsdb/
# -rw-r----- 1 root field 356 Mar 21 2016 sampled.pkts
# drwxr-xr-x 3 root field 512 Jun 24 2012 sec-download/
-# drwxrwxrwt 2 root wheel 512 Jun 24 2012 vi.recover/
+# drwxrwxrwt 2 root wheel 512 Mar 2 12:15 vi.recover/
# total files: 4
#
# {master}
# grnoc-mon at SEMINOLE-MX480-RE0> show system uptime
# System booted: 2016-03-21 00:55 CDT
# Protocols started: 2016-03-21 01:06 CDT
-# Last configured: 2017-03-02 11:43 CST by andrew
+# Last configured: 2017-03-02 12:24 CST by andrew
#
# {master}
# grnoc-mon at SEMINOLE-MX480-RE0> show interface terse
@@ -284,7 +284,7 @@
#ge-0/2/1 up up
#ge-0/2/1.0 up up
#ge-0/2/2 up up
-#ge-0/2/2.70 up up
+#ge-0/2/2.71 up up
#ge-0/2/2.81 up up
#ge-0/2/2.3900 up up
#ge-0/2/2.32767 up up
@@ -371,7 +371,7 @@
#pp0 up up
#tap up up
# grnoc-mon at SEMINOLE-MX480-RE0> show configuration
-## Last commit: 2017-03-02 11:43:28 CST by andrew
+## Last commit: 2017-03-02 12:24:58 CST by andrew
version 13.3R8.7;
groups {
re0 {
@@ -680,16 +680,14 @@
vlan-tagging;
mtu 9192;
encapsulation flexible-ethernet-services;
- unit 70 {
- description OneNet-SEM-CAICLEET-GE-XXXX;
- vlan-id 70;
+ unit 71 {
+ vlan-id 71;
family inet {
mtu 9000;
- sampling {
- input;
- }
address 164.58.247.93/30;
}
+ family iso;
+ family mpls;
}
unit 81 {
description OneNet-CAICLEET-ADA128DOT-GE-XXXX;
@@ -1031,6 +1029,7 @@
interface xe-0/0/0.69;
interface lo0.0;
interface ge-0/2/0.42;
+ interface ge-0/2/2.71;
}
bgp {
group CORE-RR-OKC-V6 {
@@ -1110,6 +1109,7 @@
level 1 disable;
interface xe-0/0/0.69;
interface ge-0/2/0.42;
+ interface ge-0/2/2.71;
interface fxp0.0 {
apply-groups-except ISIS-L2-INTERFACE;
disable;
@@ -1137,7 +1137,7 @@
multiplier 3;
}
}
- interface ge-0/2/2.70 {
+ interface ge-0/2/0.42 {
link-protection;
authentication {
md5 7# key <removed>;
@@ -1147,7 +1147,7 @@
multiplier 3;
}
}
- interface ge-0/2/0.42 {
+ interface ge-0/2/2.71 {
link-protection;
authentication {
md5 7# key <removed>;
@@ -1186,6 +1186,7 @@
track-igp-metric;
interface xe-0/0/0.69;
interface ge-0/2/0.42;
+ interface ge-0/2/2.71;
interface lo0.0;
}
lldp {
@@ -1858,6 +1859,7 @@
# grnoc-mon at SEMINOLE-MX480-RE0> show ospf neighbor
# Address Interface State ID Pri Dead
# 164.58.244.3 ge-0/2/0.42 Full 164.58.199.46
+# 164.58.247.94 ge-0/2/2.71 Full 164.58.198.4
# 164.58.246.57 xe-0/0/0.69 Full 164.58.199.211
#
# {master}
@@ -1866,10 +1868,11 @@
Address State Interface Time Interval Multiplier
164.58.244.3 Up ge-0/2/0.42 1.200 0.400 3
164.58.246.57 Up xe-0/0/0.69 1.200 0.400 3
+164.58.247.94 Up ge-0/2/2.71 1.200 0.400 3
fe80::226:8800:2ab1:4fd Up ge-0/2/0.42 1.200 0.400 3
fe80::8618:8800:4528:3974 Down xe-0/0/0.69 0.000 2.000 3
-4 sessions, 6 clients
-Cumulative transmit rate 8.0 pps, cumulative receive rate 7.5 pps
+5 sessions, 8 clients
+Cumulative transmit rate 10.5 pps, cumulative receive rate 10.0 pps
{master}
Index: configs/core.ada.onenet.net
===================================================================
--- configs/core.ada.onenet.net (revision 151171)
+++ configs/core.ada.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at ADA-MX480-RE0> show system commit
+# 2017-03-02 12:23:13 CST by andrew via cli commit synchronize
+# 2017-03-02 12:18:38 CST by andrew via cli commit synchronize
+# 2017-03-02 12:05:40 CST by andrew via cli commit synchronize
# 2017-03-02 11:43:25 CST by andrew via cli commit confirmed, rollback in 3mins synchronize
# 2017-02-24 23:42:05 CST by andrew via cli commit synchronize
# 2017-01-29 02:13:05 CST by andrew via cli commit synchronize
-# 2017-01-25 21:14:54 CST by andrew via cli commit synchronize
-# 2017-01-25 12:12:42 CST by sky via cli commit synchronize
-# 2017-01-24 17:26:05 CST by andrew via cli commit synchronize
# grnoc-mon at ADA-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -261,7 +261,7 @@
# grnoc-mon at ADA-MX480-RE0> show system uptime
# System booted: 2016-03-17 01:08 CDT
# Protocols started: 2016-03-17 01:12 CDT
-# Last configured: 2017-03-02 11:43 CST by andrew
+# Last configured: 2017-03-02 12:23 CST by andrew
#
# {master}
# grnoc-mon at ADA-MX480-RE0> show interface terse
@@ -298,7 +298,7 @@
#ge-0/2/1.3900 up up
#ge-0/2/1.32767 up up
#ge-0/2/2 up up
-#ge-0/2/2.71 up up
+#ge-0/2/2.70 up up
#ge-0/2/2.80 up up
#ge-0/2/2.500 up up
#ge-0/2/2.501 up up
@@ -423,7 +423,7 @@
#pp0 up up
#tap up up
# grnoc-mon at ADA-MX480-RE0> show configuration
-## Last commit: 2017-03-02 11:43:25 CST by andrew
+## Last commit: 2017-03-02 12:23:13 CST by andrew
version 13.3R8.7;
groups {
re0 {
@@ -812,13 +812,14 @@
flexible-vlan-tagging;
mtu 9192;
encapsulation flexible-ethernet-services;
- unit 71 {
- vlan-id 71;
+ unit 70 {
+ vlan-id 70;
family inet {
- rpf-check;
mtu 9000;
address 164.58.247.197/30;
}
+ family iso;
+ family mpls;
}
unit 80 {
vlan-id 80;
@@ -1388,6 +1389,7 @@
level 1 disable;
interface xe-0/0/0.42;
interface ge-0/2/0.42;
+ interface ge-0/2/2.70;
interface fxp0.0 {
apply-groups-except ISIS-L2-INTERFACE;
disable;
@@ -1405,7 +1407,7 @@
interface fxp0.0 {
disable;
}
- interface ge-0/2/2.71 {
+ interface ge-0/2/0.42 {
link-protection;
authentication {
md5 7# key <removed>;
@@ -1415,7 +1417,7 @@
multiplier 3;
}
}
- interface ge-0/2/0.42 {
+ interface xe-0/0/0.42 {
link-protection;
authentication {
md5 7# key <removed>;
@@ -1425,7 +1427,7 @@
multiplier 3;
}
}
- interface xe-0/0/0.42 {
+ interface ge-0/2/2.70 {
link-protection;
authentication {
md5 7# key <removed>;
@@ -1464,6 +1466,7 @@
track-igp-metric;
interface xe-0/0/0.42;
interface ge-0/2/0.42;
+ interface ge-0/2/2.70;
interface lo0.0;
}
l2circuit {
@@ -2480,6 +2483,7 @@
# grnoc-mon at ADA-MX480-RE0> show ospf neighbor
# Address Interface State ID Pri Dead
# 164.58.244.5 ge-0/2/0.42 Full 164.58.199.22
+# 164.58.247.198 ge-0/2/2.70 Full 164.58.198.4
# 164.58.244.6 xe-0/0/0.42 Full 164.58.199.211
#
# {master}
@@ -2488,10 +2492,11 @@
Address State Interface Time Interval Multiplier
164.58.244.5 Up ge-0/2/0.42 1.200 0.400 3
164.58.244.6 Up xe-0/0/0.42 1.200 0.400 3
+164.58.247.198 Up ge-0/2/2.70 1.200 0.400 3
fe80::223:9c00:2ab3:16fb Up ge-0/2/0.42 1.200 0.400 3
fe80::8618:8800:2a28:3a18 Up xe-0/0/0.42 1.200 0.400 3
-4 sessions, 6 clients
-Cumulative transmit rate 10.0 pps, cumulative receive rate 10.0 pps
+5 sessions, 8 clients
+Cumulative transmit rate 12.5 pps, cumulative receive rate 12.5 pps
{master}
Index: configs/rpswi1.rp3f2.onenet.net
===================================================================
--- configs/rpswi1.rp3f2.onenet.net (revision 151171)
+++ configs/rpswi1.rp3f2.onenet.net (working copy)
@@ -70,7 +70,7 @@
!show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 0 0 0/0 -
-* 1 VTY - - - - - 5752 0 0/0 -
+* 1 VTY - - - - - 5753 0 0/0 -
2 VTY - - - - - 17 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
Index: configs/lavern-public-schools.client.onenet.net
===================================================================
--- configs/lavern-public-schools.client.onenet.net (revision 151170)
+++ configs/lavern-public-schools.client.onenet.net (working copy)
@@ -102,7 +102,7 @@
#
# grnoc-mon at LAVERN-PUBLIC-SCHOOLS-TAG-004351> show interface terse
#Interface Admin Link
-#ge-0/0/0 down down
+#ge-0/0/0 down up
#gr-0/0/0 up up
#ip-0/0/0 up up
#lsq-0/0/0 up up
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net (revision 151171)
+++ configs/stringtown-high-school.client.onenet.net (working copy)
@@ -675,7 +675,6 @@
# OSPF instance is not running
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show bfd session
-quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/sayre-public-library-ex.client.onenet.net
===================================================================
--- configs/sayre-public-library-ex.client.onenet.net (revision 151151)
+++ configs/sayre-public-library-ex.client.onenet.net (working copy)
@@ -188,8 +188,8 @@
#ge-0/0/11.0 up down
#ge-0/0/12 up up
#ge-0/0/12.0 up up
-#ge-0/0/13 up down
-#ge-0/0/13.0 up down
+#ge-0/0/13 up up
+#ge-0/0/13.0 up up
#ge-0/0/14 up up
#ge-0/0/14.0 up up
#ge-0/0/15 up up
Index: configs/swi1.odot.ada-hq.onenet.net
===================================================================
--- configs/swi1.odot.ada-hq.onenet.net (revision 151171)
+++ configs/swi1.odot.ada-hq.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at SWI1-ODOT-ADA-HQ-EX4200> show system commit
+# 2017-03-02 12:16:55 CST by admin via cli
# 2016-11-03 16:52:44 CDT by admin via cli commit confirmed, rollback in 3mins
# 2016-10-26 13:38:40 CDT by admin via cli
# 2016-10-25 10:07:46 CDT by admin via cli commit confirmed, rollback in 3mins
# 2016-10-19 15:00:35 CDT by andrew via cli commit confirmed, rollback in 3mins
# 2016-06-16 10:37:59 CDT by admin via cli commit confirmed, rollback in 3mins
-# 2015-02-12 07:50:33 CST by root via other
# grnoc-mon at SWI1-ODOT-ADA-HQ-EX4200> show chassis environment
# Class Item Status Measurement
# Power FPC 0 Power Supply 0 OK
@@ -161,7 +161,7 @@
# --------------------------------------------------------------------------
# System booted: 2016-10-02 18:25 CDT
# Protocols started: 2016-10-02 18:27 CDT
-# Last configured: 2016-11-03 16:52 CDT by admin
+# Last configured: 2017-03-02 12:16 CST by admin
#
# {master:0}
# grnoc-mon at SWI1-ODOT-ADA-HQ-EX4200> show interface terse
@@ -243,7 +243,7 @@
#vlan.81 up up
#vme up down
# grnoc-mon at SWI1-ODOT-ADA-HQ-EX4200> show configuration
-## Last commit: 2016-11-03 16:52:44 CDT by admin
+## Last commit: 2017-03-02 12:16:55 CST by admin
version 12.3R9.4;
system {
host-name SWI1-ODOT-ADA-HQ-EX4200;
@@ -413,7 +413,7 @@
family ethernet-switching {
port-mode trunk;
vlan {
- members [ 71 81 3900 ];
+ members [ 70-71 81 3900 ];
}
}
}
@@ -425,7 +425,7 @@
family ethernet-switching {
port-mode trunk;
vlan {
- members [ 71 80 301 316 500-501 3900 ];
+ members [ 70-71 80 301 316 500-501 3900 ];
}
}
}
@@ -613,6 +613,9 @@
VLAN-501 {
vlan-id 501;
}
+ VLAN-70 {
+ vlan-id 70;
+ }
VLAN-71 {
vlan-id 71;
}
Index: configs/swi1.cap.onenet.net
===================================================================
--- configs/swi1.cap.onenet.net (revision 151171)
+++ configs/swi1.cap.onenet.net (working copy)
@@ -207,7 +207,7 @@
!show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 0 0 0/0 -
-* 1 VTY - - - - - 2316 0 0/0 -
+* 1 VTY - - - - - 2317 0 0/0 -
2 VTY - - - - - 0 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
Index: configs/core5.okc.onenet.net
===================================================================
--- configs/core5.okc.onenet.net (revision 151171)
+++ configs/core5.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE5-MX480-RE0> show system commit
+# 2017-03-02 12:27:02 CST by sean via cli commit synchronize
+# 2017-03-02 12:16:52 CST by sean via cli commit synchronize
# 2017-03-02 11:34:16 CST by sean via cli commit synchronize
# 2017-03-02 11:23:45 CST by sean via cli commit synchronize
# 2017-03-02 10:46:37 CST by sean via cli commit synchronize
# 2017-03-02 10:44:32 CST by sean via cli commit synchronize
-# 2017-03-01 15:38:14 CST by sean via cli commit synchronize
-# 2017-03-01 13:27:10 CST by sean via cli commit synchronize
# grnoc-mon at OKC-CORE5-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -448,7 +448,7 @@
# grnoc-mon at OKC-CORE5-MX480-RE0> show system uptime
# System booted: 2016-10-12 08:16 CDT
# Protocols started: 2016-10-12 08:18 CDT
-# Last configured: 2017-03-02 11:34 CST by sean
+# Last configured: 2017-03-02 12:27 CST by sean
#
# {master}
# grnoc-mon at OKC-CORE5-MX480-RE0> show interface terse
@@ -1074,7 +1074,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE5-MX480-RE0> show configuration
-## Last commit: 2017-03-02 11:34:16 CST by sean
+## Last commit: 2017-03-02 12:27:02 CST by sean
version 13.3R9.13;
groups {
re0 {
Index: configs/maysville-hs.client.onenet.net
===================================================================
--- configs/maysville-hs.client.onenet.net (revision 151168)
+++ configs/maysville-hs.client.onenet.net (working copy)
@@ -598,6 +598,7 @@
# OSPF instance is not running
#
# grnoc-mon at MAYSVILLE-HS-LEASED-ASSET-TAG-004887> show bfd session
+quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/rpswi1.rp2f4.onenet.net
===================================================================
--- configs/rpswi1.rp2f4.onenet.net (revision 151171)
+++ configs/rpswi1.rp2f4.onenet.net (working copy)
@@ -412,7 +412,7 @@
!show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 0 1 0/0 -
-* 1 VTY - - - - - 66 0 0/0 -
+* 1 VTY - - - - - 67 0 0/0 -
2 VTY - - - - - 1 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
Index: configs/rpswi1.rp3f3.onenet.net
===================================================================
--- configs/rpswi1.rp3f3.onenet.net (revision 151171)
+++ configs/rpswi1.rp3f3.onenet.net (working copy)
@@ -273,7 +273,7 @@
!show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
0 CTY - - - - - 0 0 0/0 -
-* 1 VTY - - - - - 5199 0 0/0 -
+* 1 VTY - - - - - 5200 0 0/0 -
2 VTY - - - - - 6 0 0/0 -
3 VTY - - - - - 2 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
More information about the Nocrancid
mailing list