[Nocrancid] autopop-onenet.net router config diffs

Fri May 19 15:05:33 CDT 2017

Index: configs/kiamichi-fmc-battiest.client.onenet.net
===================================================================

--- configs/kiamichi-fmc-battiest.client.onenet.net	(revision 153374)
+++ configs/kiamichi-fmc-battiest.client.onenet.net	(working copy)
@@ -1,12 +1,12 @@
 # RANCID-CONTENT-TYPE: juniper
 #
 # grnoc-mon at KIAMICHI-FMC-BATTIEST-LR-5230> show system commit 
-#   2017-05-19 13:55:56 CDT by sean via cli
-#   2017-05-19 13:46:18 CDT by sean via cli
-#   2017-05-19 13:38:21 CDT by sean via cli
-#   2017-04-25 12:13:54 CDT by andrew via cli
-#   2017-04-25 11:41:23 CDT by sean via cli commit confirmed, rollback in 4mins
-#   2017-04-22 21:27:11 CDT by andrew via cli
+#   2017-05-19 14:22:20 CDT by sean via cli
+#   2017-05-19 14:21:20 CDT by sean via cli
+#   2017-05-19 14:17:14 CDT by sean via cli
+#   2017-05-19 14:15:33 CDT by sean via cli
+#   2017-05-19 14:14:33 CDT by sean via cli
+#   2017-05-19 14:10:58 CDT by sean via cli
 # grnoc-mon at KIAMICHI-FMC-BATTIEST-LR-5230> show chassis environment 
 # Class Item                           Status     Measurement
 # Temp  Routing Engine                 OK        
@@ -119,7 +119,7 @@
 # Time Source:  NTP CLOCK 
 # System booted: 2017-04-27 15:39 CDT 
 # Protocols started: 2017-04-27 15:39 CDT 
-# Last configured: 2017-05-19 13:55 CDT  by sean
+# Last configured: 2017-05-19 14:22 CDT  by sean
 # 
 # grnoc-mon at KIAMICHI-FMC-BATTIEST-LR-5230> show interface terse 
 #Interface Admin Link
@@ -178,7 +178,7 @@
 #vlan up down
 #vtep up up
 # grnoc-mon at KIAMICHI-FMC-BATTIEST-LR-5230> show configuration 
-## Last commit: 2017-05-19 13:55:56 CDT by sean
+## Last commit: 2017-05-19 14:22:20 CDT by sean
 version 15.1X49-D50.3;
 system {
     host-name KIAMICHI-FMC-BATTIEST-LR-5230;
@@ -337,7 +337,7 @@
             dh-group group2;
             authentication-algorithm sha1;
             encryption-algorithm aes-256-cbc;
-            lifetime-seconds 28800;
+            lifetime-seconds 86400;
         }
         policy IKE-HUGO-KFMC {
             mode aggressive;
@@ -390,11 +390,6 @@
         gateway IKE-GATE-KFMC-TO-MYHEALTH {
             ike-policy IKE-POLICY-KFMC-TO-MYHEALTH;
             address 70.246.162.130;
-            dead-peer-detection {
-                always-send;
-                interval 10;
-                threshold 3;
-            }
             external-interface ge-0/0/0.500;
         }
     }
@@ -417,8 +412,8 @@
             description group2;
             protocol esp;
             authentication-algorithm hmac-sha1-96;
-            encryption-algorithm 3des-cbc;
-            lifetime-seconds 3600;
+            encryption-algorithm aes-256-cbc;
+            lifetime-seconds 28800;
         }
         policy VPN-POLICY-HUGO-KFMC {
             proposals G2-ESP-AES128-SHA;
@@ -464,11 +459,14 @@
                 gateway IKE-GATE-KFMC-TO-MYHEALTH;
                 ipsec-policy IPSEC-POLICY-KFMC-TO-MYHEALTH;
             }
-            traffic-selector KFMC-TO-MYHEALTH {
+            traffic-selector TS-MYHEALTH-1 {
                 local-ip 192.168.0.2/32;
-                remote-ip 70.246.162.130/32;
+                remote-ip 70.246.162.133/32;
             }
-            establish-tunnels immediately;
+            traffic-selector TS-MYHEALTH-2 {
+                local-ip 192.168.0.2/32;
+                remote-ip 70.246.162.137/32;
+            }
         }
     }
     address-book {
@@ -709,6 +707,30 @@
                 }
             }
         }
+        from-zone VPN to-zone TRUST {
+            policy VPN-TO-TRUST {
+                match {
+                    source-address any;
+                    destination-address any;
+                    application any;
+                }
+                then {
+                    permit;
+                }
+            }
+        }
+        from-zone TRUST to-zone VPN {
+            policy TRUST-TO-VPN {
+                match {
+                    source-address any;
+                    destination-address any;
+                    application any;
+                }
+                then {
+                    permit;
+                }
+            }
+        }
     }
     zones {
         security-zone TRUST {
@@ -784,6 +806,18 @@
                 }
             }
         }
+        security-zone VPN {
+            interfaces {
+                st0.2 {
+                    host-inbound-traffic {
+                        system-services {
+                            ping;
+                            traceroute;
+                        }
+                    }
+                }
+            }
+        }
     }
 }
 interfaces {
Index: configs/core3.okc-m120.onenet.net
===================================================================
--- configs/core3.okc-m120.onenet.net	(revision 153374)
+++ configs/core3.okc-m120.onenet.net	(working copy)
@@ -582,9 +582,9 @@
 #t1-2/3/0:4:12.0 up up
 #t1-2/3/0:4:13 down down
 #t1-2/3/0:4:14 down down
-#t1-2/3/0:4:15 up up
-#t1-2/3/0:4:15.16 up up
-#t1-2/3/0:4:15.17 up up
+#t1-2/3/0:4:15 up down
+#t1-2/3/0:4:15.16 up down
+#t1-2/3/0:4:15.17 up down
 #t1-2/3/0:4:16 up up
 #t1-2/3/0:4:16.16 up up
 #t1-2/3/0:4:16.17 up up
@@ -697,10 +697,10 @@
 #t1-2/3/0:7:1.16 up up
 #t1-2/3/0:7:1.17 up up
 #t1-2/3/0:7:1.18 up up
-#t1-2/3/0:7:2 up up
-#t1-2/3/0:7:2.16 up up
-#t1-2/3/0:7:2.17 up up
-#t1-2/3/0:7:2.18 up up
+#t1-2/3/0:7:2 up down
+#t1-2/3/0:7:2.16 up down
+#t1-2/3/0:7:2.17 up down
+#t1-2/3/0:7:2.18 up down
 #t1-2/3/0:7:3 up up
 #t1-2/3/0:7:3.0 up up
 #t1-2/3/0:7:4 up up
@@ -918,8 +918,8 @@
 #t1-2/3/0:11:24 up up
 #t1-2/3/0:11:24.0 up up
 #t1-2/3/0:11:25 down down
-#t1-2/3/0:11:26 up up
-#t1-2/3/0:11:26.0 up up
+#t1-2/3/0:11:26 up down
+#t1-2/3/0:11:26.0 up down
 #t1-2/3/0:11:27 up up
 #t1-2/3/0:11:27.0 up up
 #t1-2/3/0:11:28 up up
@@ -957,8 +957,8 @@
 #t1-2/3/0:12:17.0 up up
 #t1-2/3/0:12:18 up up
 #t1-2/3/0:12:18.0 up up
-#t1-2/3/0:12:19 up up
-#t1-2/3/0:12:19.0 up up
+#t1-2/3/0:12:19 up down
+#t1-2/3/0:12:19.0 up down
 #t1-2/3/0:12:20 up up
 #t1-2/3/0:12:20.0 up up
 #t1-2/3/0:12:21 up up
Index: configs/swi1.comanche-ps.onenet.net
===================================================================
--- configs/swi1.comanche-ps.onenet.net	(revision 153346)
+++ configs/swi1.comanche-ps.onenet.net	(working copy)
@@ -199,8 +199,8 @@
 #ge-0/0/21 down down
 #ge-0/0/22 up down
 #ge-0/0/22.0 up down
-#ge-0/0/23 up up
-#ge-0/0/23.0 up up
+#ge-0/0/23 up down
+#ge-0/0/23.0 up down
 #xe-0/1/0 up up
 #xe-0/1/0.0 up up
 #xe-0/1/1 up up
Index: configs/hub.ard.onenet.net
===================================================================
--- configs/hub.ard.onenet.net	(revision 153342)
+++ configs/hub.ard.onenet.net	(working copy)
@@ -309,8 +309,8 @@
 #t1-2/0/2:1 down down
 #t1-2/0/2:2 down down
 #t1-2/0/2:3 down down
-#t1-2/0/2:4 up down
-#t1-2/0/2:4.0 up down
+#t1-2/0/2:4 up up
+#t1-2/0/2:4.0 up up
 #t1-2/0/2:5 down down
 #t1-2/0/2:6 up up
 #t1-2/0/2:6.0 up up
Index: configs/core.toward.onenet.net
===================================================================
--- configs/core.toward.onenet.net	(revision 153366)
+++ configs/core.toward.onenet.net	(working copy)
@@ -1,12 +1,12 @@
 # RANCID-CONTENT-TYPE: juniper
 #
 # grnoc-mon at ARDMORE-TOWER-MX40> show system commit 
+#   2017-05-19 14:54:22 CDT by sky via cli
+#   2017-05-19 14:51:48 CDT by sky via cli
+#   2017-05-19 14:47:02 CDT by sky via cli
+#   2017-05-19 14:39:09 CDT by sky via cli
 #   2017-05-19 09:18:13 CDT by andrew via cli
 #   2017-05-19 09:14:14 CDT by andrew via cli
-#   2017-05-18 20:22:02 CDT by andrew via cli
-#   2017-05-15 11:37:15 CDT by sean via cli
-#   2017-05-15 11:14:49 CDT by sean via cli
-#   2017-05-11 13:17:24 CDT by andrew via cli
 # grnoc-mon at ARDMORE-TOWER-MX40> show chassis environment 
 # Class Item                           Status     Measurement
 # Temp  PEM 0                          OK        
@@ -212,7 +212,9 @@
 # grnoc-mon at ARDMORE-TOWER-MX40> show version 
 # Hostname: ARDMORE-TOWER-MX40 # Model: mx40-t # Junos: 13.3R9.13 # JUNOS Base OS boot [13.3R9.13] # JUNOS Base OS Software Suite [13.3R9.13] # JUNOS Kernel Software Suite [13.3R9.13] # JUNOS Crypto Software Suite [13.3R9.13] # JUNOS Packet Forwarding Engine Support (MX80) [13.3R9.13] # JUNOS Online Documentation [13.3R9.13] # JUNOS Services Application Level Gateways [13.3R9.13] # JUNOS Services Jflow Container package [13.3R9.13] # JUNOS Services Stateful Firewall [13.3R9.13] # JUNOS Services NAT [13.3R9.13] # JUNOS Services RPM [13.3R9.13] # JUNOS Services Crypto [13.3R9.13] # JUNOS Services SSL [13.3R9.13] # JUNOS Services IPSec [13.3R9.13] # JUNOS Routing Software Suite [13.3R9.13] #  # grnoc-mon at ARDMORE-TOWER-MX40> file list /var/tmp detail # 
 # /var/tmp:
-# total blocks: 514276
+# total blocks: 517796
+# -rw-------  1 eng   field    1464670 May 19 14:37 LOGS-20170519-TOWARD.tgz
+# -rw-r--r--  1 eng   field     293889 May 19 14:35 RSI-20170519-TOWARD.txt
 # drwxr-xr-x  2 root  wheel        512 Apr 4  13:30 gres-tp/
 # drwxrwxrwx  2 root  wheel        512 Apr 4  13:27 install/
 # -rw-r--r--  1 eng   wheel  256753758 Apr 4  20:14 jinstall-ppc-13.3R9.13-domestic-signed.tgz
@@ -222,12 +224,12 @@
 # drwxr-xr-x  2 root  wheel        512 Apr 4  13:31 rtsdb/
 # -rw-r-----  1 root  wheel        534 May 19 09:25 sampled.pkts
 # drwxrwxrwt  2 root  wheel        512 Apr 4  13:27 vi.recover/
-# total files: 4
+# total files: 6
 # 
 # grnoc-mon at ARDMORE-TOWER-MX40> show system uptime 
 # System booted: 2017-05-19 09:22 CDT 
 # Protocols started: 2017-05-19 09:24 CDT 
-# Last configured: 2017-05-19 09:18 CDT  by andrew
+# Last configured: 2017-05-19 14:54 CDT  by sky
 # 
 # grnoc-mon at ARDMORE-TOWER-MX40> show interface terse 
 #Interface Admin Link
@@ -302,7 +304,7 @@
 #pp0 up up
 #tap up up
 # grnoc-mon at ARDMORE-TOWER-MX40> show configuration 
-## Last commit: 2017-05-19 09:18:13 CDT by andrew
+## Last commit: 2017-05-19 14:54:22 CDT by sky
 version 13.3R9.13;
 groups {
     ISIS-L2-INTERFACE {
Index: configs/hub.dur.onenet.net
===================================================================
--- configs/hub.dur.onenet.net	(revision 153374)
+++ configs/hub.dur.onenet.net	(working copy)
@@ -324,7 +324,7 @@
 #fe-2/1/1.0 up up
 #fe-2/1/2 up up
 #fe-2/1/2.0 up up
-#fe-2/1/3 down up
+#fe-2/1/3 down down
 #ge-2/2/0 up up
 #ge-2/2/0.0 up up
 #pc-2/2/0 up up
Index: configs/lavern-public-schools.client.onenet.net
===================================================================
--- configs/lavern-public-schools.client.onenet.net	(revision 153370)
+++ configs/lavern-public-schools.client.onenet.net	(working copy)
@@ -102,7 +102,7 @@
 # 
 # grnoc-mon at LAVERN-PUBLIC-SCHOOLS-TAG-004351> show interface terse 
 #Interface Admin Link
-#ge-0/0/0 down down
+#ge-0/0/0 down up
 #gr-0/0/0 up up
 #ip-0/0/0 up up
 #lsq-0/0/0 up up
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net	(revision 153366)
+++ configs/stringtown-high-school.client.onenet.net	(working copy)
@@ -675,7 +675,6 @@
 # OSPF instance is not running
 # 
 # grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show bfd session 
-quit
 
 0 sessions, 0 clients
 Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps

