[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Tue Sep 5 14:04:49 CDT 2017
Index: configs/core3.okc-m120.onenet.net
===================================================================
--- configs/core3.okc-m120.onenet.net (revision 156371)
+++ configs/core3.okc-m120.onenet.net (working copy)
@@ -758,8 +758,8 @@
#t1-2/3/0:6:9 down down
#t1-2/3/0:6:10 down down
#t1-2/3/0:6:11 down down
-#t1-2/3/0:6:12 up down
-#t1-2/3/0:6:12.0 up down
+#t1-2/3/0:6:12 up up
+#t1-2/3/0:6:12.0 up up
#t1-2/3/0:6:13 down down
#t1-2/3/0:6:14 up up
#t1-2/3/0:6:14.0 up up
Index: configs/core4.okc.onenet.net
===================================================================
--- configs/core4.okc.onenet.net (revision 156371)
+++ configs/core4.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE4-MX480-RE0> show system commit
+# 2017-09-05 13:55:53 CDT by andrew via cli commit synchronize
# 2017-09-05 12:31:00 CDT by andrew via cli commit synchronize
# 2017-09-05 12:28:06 CDT by andrew via cli commit synchronize
# 2017-09-02 12:49:39 CDT by andrew via cli commit synchronize
# 2017-09-02 12:41:28 CDT by andrew via cli commit synchronize
# 2017-09-02 12:34:25 CDT by andrew via cli commit synchronize
-# 2017-09-02 12:23:21 CDT by andrew via cli commit synchronize
# grnoc-mon at OKC-CORE4-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -551,7 +551,7 @@
# grnoc-mon at OKC-CORE4-MX480-RE0> show system uptime
# System booted: 2016-10-12 18:12 CDT
# Protocols started: 2016-10-12 18:14 CDT
-# Last configured: 2017-09-05 12:31 CDT by andrew
+# Last configured: 2017-09-05 13:55 CDT by andrew
#
# {master}
# grnoc-mon at OKC-CORE4-MX480-RE0> show interface terse
@@ -1495,7 +1495,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE4-MX480-RE0> show configuration
-## Last commit: 2017-09-05 12:31:00 CDT by andrew
+## Last commit: 2017-09-05 13:55:53 CDT by andrew
version 13.3R9.13;
groups {
re0 {
@@ -9218,6 +9218,7 @@
swap;
vlan-id 2;
}
+ output-vlan-map swap;
}
unit 3527 {
description "UNIVERSITY-OF-TULSA-VPLS-VLAN-0003 [ORDERED]";
@@ -9227,6 +9228,7 @@
swap;
vlan-id 3;
}
+ output-vlan-map swap;
}
unit 3528 {
description "UNIVERSITY-OF-TULSA-VPLS-VLAN-1110 [ORDERED]";
@@ -9236,6 +9238,7 @@
swap;
vlan-id 1110;
}
+ output-vlan-map swap;
}
unit 3624 {
description "HEI-OSU-VPLS [ORDERED]";
Index: configs/meeker-ps.client.onenet.net
===================================================================
--- configs/meeker-ps.client.onenet.net (revision 156371)
+++ configs/meeker-ps.client.onenet.net (working copy)
@@ -158,8 +158,8 @@
#ge-0/0/11 down down
#ge-0/0/12 down down
#ge-0/0/13 down down
-#ge-0/0/14 up up
-#ge-0/0/14.0 up up
+#ge-0/0/14 up down
+#ge-0/0/14.0 up down
#ge-0/0/15 up up
#ge-0/0/15.0 up up
#fxp2 up up
Index: configs/core.hut.wea.onenet.net
===================================================================
--- configs/core.hut.wea.onenet.net (revision 156371)
+++ configs/core.hut.wea.onenet.net (working copy)
@@ -26,6 +26,16 @@
# TFEB 0 TBB PFE Chip OK
# TFEB 0 TFEB PCIE TSen OK
# TFEB 0 TFEB PCIE Chip OK
+# TFEB 0 QX 0 TSen OK
+# TFEB 0 QX 0 Chip OK
+# TFEB 0 LU 0 TSen OK
+# TFEB 0 LU 0 Chip OK
+# TFEB 0 MQ 0 TSen OK
+# TFEB 0 MQ 0 Chip OK
+# TFEB 0 TBB PFE TSen OK
+# TFEB 0 TBB PFE Chip OK
+# TFEB 0 TFEB PCIE TSen OK
+# TFEB 0 TFEB PCIE Chip OK
# Fans Fan 1 OK
# Fan 2 OK
# Fan 3 OK
Index: configs/leflore-ps.nid.onenet.net
===================================================================
--- configs/leflore-ps.nid.onenet.net (revision 156371)
+++ configs/leflore-ps.nid.onenet.net (working copy)
@@ -1823,7 +1823,7 @@
target-addr ipv6 0000:0000:0000:0000:0000:0000:0000:0000
ip-precedence-mode none 0
use-port-src-mac enabled
-d
+#
#CLI:ECPA CONFIG-12 Edit
#
home
Index: configs/city-of-lawton.client.onenet.net
===================================================================
--- configs/city-of-lawton.client.onenet.net (revision 156371)
+++ configs/city-of-lawton.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at CITY-OF-LAWTON-005231> show system commit
+# 2017-09-05 13:55:45 CDT by joel via cli
+# 2017-09-05 13:41:39 CDT by joel via cli
# 2017-09-05 12:37:45 CDT by joel via cli
# 2017-09-05 12:21:43 CDT by joel via cli
# 2017-09-05 12:12:21 CDT by joel via cli commit confirmed, rollback in 5mins
# 2017-09-05 10:25:50 CDT by joel via cli
-# 2017-09-05 10:12:38 CDT by joel via cli
-# 2017-09-05 10:10:48 CDT by joel via cli
# grnoc-mon at CITY-OF-LAWTON-005231> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -135,7 +135,7 @@
# Time Source: NTP CLOCK
# System booted: 2017-08-25 14:03 CDT
# Protocols started: 2017-08-25 14:03 CDT
-# Last configured: 2017-09-05 12:37 CDT by joel
+# Last configured: 2017-09-05 13:55 CDT by joel
#
# grnoc-mon at CITY-OF-LAWTON-005231> show interface terse
#Interface Admin Link
@@ -218,7 +218,7 @@
#vlan up down
#vtep up up
# grnoc-mon at CITY-OF-LAWTON-005231> show configuration
-## Last commit: 2017-09-05 12:37:45 CDT by joel
+## Last commit: 2017-09-05 13:55:45 CDT by joel
version 15.1X49-D90.7;
groups {
SERVICES-TO-SERVERS {
@@ -229,7 +229,7 @@
match {
source-address <*>;
destination-address any;
- application [ junos-dns-udp junos-ssh UNISYS-PORTS SQL-PORTS EOM-PORTS junos-smb GEMS-PORTS junos-netbios-session SMTP VIPRE-ANTIVIRUS NETBIOS MS-RPC-TCP SMB LDAP RCP-OVER-HTTP junos-ntp WSUS KERBEROS junos-http junos-https junos-icmp-all ];
+ application [ junos-dns-udp UNISYS-PORTS SQL-PORTS EOM-PORTS junos-smb GEMS-PORTS junos-netbios-session SMTP VIPRE-ANTIVIRUS NETBIOS MS-RPC-TCP SMB LDAP RCP-OVER-HTTP junos-ntp WSUS KERBEROS junos-http junos-https junos-icmp-all MAINFRAME-EMULATION junos-dhcp-server ];
}
then {
permit;
@@ -245,7 +245,7 @@
match {
source-address <*>;
destination-address any;
- application [ junos-dns-udp junos-ssh UNISYS-PORTS SQL-PORTS EOM-PORTS junos-smb GEMS-PORTS junos-netbios-session SMTP VIPRE-ANTIVIRUS NETBIOS MS-RPC-TCP SMB LDAP RCP-OVER-HTTP junos-ntp WSUS KERBEROS junos-http junos-https junos-icmp-all ];
+ application [ junos-dns-udp UNISYS-PORTS SQL-PORTS EOM-PORTS junos-smb GEMS-PORTS junos-netbios-session SMTP VIPRE-ANTIVIRUS NETBIOS MS-RPC-TCP SMB LDAP RCP-OVER-HTTP junos-ntp WSUS KERBEROS junos-http junos-https junos-icmp-all MAINFRAME-EMULATION junos-dhcp-server ];
}
then {
permit;
@@ -2165,11 +2165,11 @@
source-address TR-0100-USERS-10.1.0.0/16;
}
}
- policy ALLOW-TELNET-TEMPORARY {
+ policy DELETE-ME-TEMP-ALLOW-UNTIL-BASTIONS {
match {
source-address CITY-HALL-ANNEX-10.1.0.0/23;
destination-address TRUST-172.16.0.0/12;
- application [ TELNET RDP ];
+ application [ TELNET RDP junos-ssh ];
}
then {
permit;
@@ -3120,6 +3120,9 @@
application RDP {
term tcp-3389 protocol tcp destination-port 3389;
}
+ application MAINFRAME-EMULATION {
+ term tcp-1570 protocol tcp destination-port 1570;
+ }
}
vlans {
DMZ-0400-HVAC {
Index: configs/hub.wil.onenet.net
===================================================================
--- configs/hub.wil.onenet.net (revision 156371)
+++ configs/hub.wil.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at WILBURTON-M120-RE0> show system commit
+# 2017-09-05 13:22:53 CDT by sky via cli commit synchronize
# 2017-09-04 15:49:16 CDT by andrew via cli commit synchronize
# 2017-09-02 22:38:55 CDT by andrew via cli commit synchronize
# 2017-07-29 21:11:10 CDT by andrew via cli commit synchronize
# 2017-07-26 23:44:21 CDT by andrew via cli commit synchronize
# 2017-07-26 19:49:57 CDT by andrew via cli commit synchronize
-# 2017-07-08 21:13:16 CDT by andrew via cli commit synchronize
# grnoc-mon at WILBURTON-M120-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -373,7 +373,7 @@
# grnoc-mon at WILBURTON-M120-RE0> show system uptime
# System booted: 2016-03-13 01:23 CST
# Protocols started: 2016-03-13 01:28 CST
-# Last configured: 2017-09-04 15:49 CDT by andrew
+# Last configured: 2017-09-05 13:22 CDT by sky
#
# {master}
# grnoc-mon at WILBURTON-M120-RE0> show interface terse
@@ -431,8 +431,6 @@
#t1-2/0/3:8 down down
#t1-2/0/3:9 down down
#t1-2/0/3:10 up down
-#t1-2/0/3:10.16 up down
-#t1-2/0/3:10.17 up down
#t1-2/0/3:11 down down
#t1-2/0/3:12 down down
#t1-2/0/3:13 down down
@@ -516,7 +514,7 @@
#pp0 up up
#tap up up
# grnoc-mon at WILBURTON-M120-RE0> show configuration
-## Last commit: 2017-09-04 15:49:16 CDT by andrew
+## Last commit: 2017-09-05 13:22:53 CDT by sky
version 13.3R8.7;
groups {
re0 {
@@ -1032,31 +1030,6 @@
t1-2/0/3:9 {
disable;
}
- t1-2/0/3:10 {
- description "DOH-CLAYTON-T1-CIR0000971-OCS [DECOM]";
- dce;
- encapsulation frame-relay;
- unit 16 {
- dlci 16;
- family inet {
- sampling {
- input;
- output;
- }
- address 10.119.78.160/31;
- }
- }
- unit 17 {
- dlci 17;
- family inet {
- sampling {
- input;
- output;
- }
- address 10.119.76.160/31;
- }
- }
- }
t1-2/0/3:11 {
disable;
}
@@ -2198,7 +2171,6 @@
description DOH-L3VPN;
instance-type vrf;
interface t1-2/0/2:7.17;
- interface t1-2/0/3:10.17;
route-distinguisher 164.58.199.98:3000;
vrf-import DOH-VRF-IMPORT;
vrf-export DOH-VRF-EXPORT;
@@ -2207,7 +2179,6 @@
routing-options {
static {
route 172.23.28.0/26 next-hop 10.119.76.99;
- route 172.23.28.128/26 next-hop 10.119.76.161;
}
}
}
@@ -2232,7 +2203,6 @@
instance-type vrf;
interface t1-2/0/2:7.16;
interface t1-2/0/2:15.16;
- interface t1-2/0/3:10.16;
route-distinguisher 164.58.199.98:2550;
vrf-import OMES-MGMT-VRF-IMPORT;
vrf-export OMES-MGMT-VRF-EXPORT;
Index: configs/core.owtccla.onenet.net
===================================================================
--- configs/core.owtccla.onenet.net (revision 156371)
+++ configs/core.owtccla.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OWTCCLA-MX40> show system commit
+# 2017-09-05 13:29:40 CDT by sky via cli
# 2017-09-05 11:33:02 CDT by sky via cli
# 2017-08-21 22:14:28 CDT by andrew via cli
# 2017-08-15 16:05:15 CDT by sky via cli
# 2017-07-29 21:45:14 CDT by andrew via cli
# 2017-07-29 21:13:58 CDT by andrew via cli
-# 2017-07-26 23:17:31 CDT by andrew via cli
# grnoc-mon at OWTCCLA-MX40> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -266,7 +266,7 @@
# grnoc-mon at OWTCCLA-MX40> show system uptime
# System booted: 2017-06-19 01:45 CDT
# Protocols started: 2017-06-19 01:48 CDT
-# Last configured: 2017-09-05 11:33 CDT by sky
+# Last configured: 2017-09-05 13:29 CDT by sky
#
# grnoc-mon at OWTCCLA-MX40> show interface terse
#Interface Admin Link
@@ -326,6 +326,8 @@
#ge-1/1/2 up down
#ge-1/1/3 up up
#ge-1/1/3.80 up up
+#ge-1/1/3.500 up up
+#ge-1/1/3.501 up up
#ge-1/1/3.32767 up up
#ge-1/1/4 up down
#ge-1/1/5 up down
@@ -352,6 +354,8 @@
#lo0.16385 up up
#lsi up up
#lsi.0 up up
+#lsi.1 up up
+#lsi.2 up up
#lsi.1048851 up up
#lsi.1048853 up up
#lsi.1048862 up up
@@ -364,7 +368,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OWTCCLA-MX40> show configuration
-## Last commit: 2017-09-05 11:33:02 CDT by sky
+## Last commit: 2017-09-05 13:29:40 CDT by sky
version 13.3R9.13;
groups {
ISIS-L2-INTERFACE {
@@ -794,6 +798,22 @@
address 10.199.193.209/30;
}
}
+ unit 500 {
+ description DOH-CLAYTON-MGMT-2M-CIR0020172-OCS;
+ bandwidth 2m;
+ vlan-id 500;
+ family inet {
+ address 10.119.78.160/31;
+ }
+ }
+ unit 501 {
+ description DOH-CLAYTON-DOH-DATA-2M-CIR0020172-OCS;
+ bandwidth 2m;
+ vlan-id 501;
+ family inet {
+ address 10.119.76.160/31;
+ }
+ }
}
ge-1/1/8 {
description OWTC-CLAYTON-TO-NEW-YORK-100M-CIR0019929;
@@ -1197,6 +1217,51 @@
then reject;
}
}
+ policy-statement DOH-VRF-EXPORT {
+ term 1 {
+ from protocol static;
+ then {
+ community add DOH-VPN;
+ accept;
+ }
+ }
+ term 2 {
+ from protocol direct;
+ then {
+ community add DOH-VPN;
+ accept;
+ }
+ }
+ term 3 {
+ from protocol ospf;
+ then {
+ community add DOH-VPN;
+ accept;
+ }
+ }
+ term 4 {
+ from protocol bgp;
+ then {
+ community add DOH-VPN;
+ accept;
+ }
+ }
+ term 5 {
+ then reject;
+ }
+ }
+ policy-statement DOH-VRF-IMPORT {
+ term 1 {
+ from {
+ protocol bgp;
+ community DOH-VPN;
+ }
+ then accept;
+ }
+ term 2 {
+ then reject;
+ }
+ }
policy-statement EBGP-OWTC-V4-EXPORT {
term EXPORT-INTERNAL {
from policy COMMODITY-PREFIXES-LIST;
@@ -1270,6 +1335,48 @@
load-balance per-packet;
}
}
+ policy-statement OMES-MGMT-VRF-EXPORT {
+ term 1 {
+ from protocol static;
+ then {
+ community add OMES-MGMT-VPN;
+ accept;
+ }
+ }
+ term 2 {
+ from protocol direct;
+ then {
+ community add OMES-MGMT-VPN;
+ accept;
+ }
+ }
+ term 3 {
+ from protocol ospf;
+ then {
+ community add OMES-MGMT-VPN;
+ accept;
+ }
+ }
+ term 4 {
+ from protocol bgp;
+ then {
+ community add OMES-MGMT-VPN;
+ accept;
+ }
+ }
+ }
+ policy-statement OMES-MGMT-VRF-IMPORT {
+ term 1 {
+ from {
+ protocol bgp;
+ community OMES-MGMT-VPN;
+ }
+ then accept;
+ }
+ term 2 {
+ then reject;
+ }
+ }
policy-statement ONENET-MGMT-VRF-EXPORT {
term 1 {
from protocol static;
@@ -1342,10 +1449,12 @@
}
}
}
+ community DOH-VPN members target:5078:3000;
community NON_ONENET {
invert-match;
members 5078:*;
}
+ community OMES-MGMT-VPN members target:5078:2550;
community ONENET-MGMT-VPN members target:5078:2543;
community ONENET_ADV_AKAMAI members 5078:5400;
community ONENET_ADV_FACEBOOK members 5078:5500;
@@ -1632,6 +1741,31 @@
}
}
routing-instances {
+ DOH-L3VPN {
+ description DOH-L3VPN;
+ instance-type vrf;
+ interface ge-1/1/3.501;
+ route-distinguisher 164.58.199.137:3000;
+ vrf-import DOH-VRF-IMPORT;
+ vrf-export DOH-VRF-EXPORT;
+ vrf-target target:5078:3000;
+ vrf-table-label;
+ routing-options {
+ static {
+ route 172.23.28.128/26 next-hop 10.119.76.161;
+ }
+ }
+ }
+ OMES-MGMT-L3VPN {
+ description OMES-MGMT-L3VPN;
+ instance-type vrf;
+ interface ge-1/1/3.500;
+ route-distinguisher 164.58.199.137:2550;
+ vrf-import OMES-MGMT-VRF-IMPORT;
+ vrf-export OMES-MGMT-VRF-EXPORT;
+ vrf-target target:5078:2550;
+ vrf-table-label;
+ }
ONENET-MGMT-L3VPN {
description ONENET-MGMT-L3VPN;
instance-type vrf;
Index: configs/doh-clayton.client.onenet.net
===================================================================
--- configs/doh-clayton.client.onenet.net (revision 155547)
+++ configs/doh-clayton.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at DOH-CLAYTON-SRX220> show system commit
+# 2017-09-05 13:33:26 CDT by admin via cli
+# 2017-09-05 13:30:09 CDT by admin via cli
# 2016-07-27 18:32:09 CDT by admin via cli commit confirmed, rollback in 10mins
# 2016-07-27 18:28:17 CDT by admin via cli commit confirmed, rollback in 5mins
# 2014-11-07 15:47:07 CST by admin via netconf
# 2014-09-04 23:16:00 CDT by root via other
-# 2014-09-02 21:21:55 CDT by andrew via cli
-# 2014-09-01 23:34:02 CDT by rnordmark via cli
# grnoc-mon at DOH-CLAYTON-SRX220> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -114,7 +114,7 @@
# grnoc-mon at DOH-CLAYTON-SRX220> show system uptime
# System booted: 2017-08-06 08:11 CDT
# Protocols started: 2017-08-06 08:13 CDT
-# Last configured: 2016-07-27 18:32 CDT by admin
+# Last configured: 2017-09-05 13:33 CDT by admin
#
# grnoc-mon at DOH-CLAYTON-SRX220> show interface terse
#Interface Admin Link
@@ -129,15 +129,16 @@
#sp-0/0/0.0 up up
#sp-0/0/0.16383 up up
#ge-0/0/1 down down
-#ge-0/0/2 down down
+#ge-0/0/2 up up
+#ge-0/0/2.500 up up
+#ge-0/0/2.501 up up
+#ge-0/0/2.32767 up up
#ge-0/0/3 down down
#ge-0/0/4 down down
#ge-0/0/5 down down
#ge-0/0/6 down down
#ge-0/0/7 down down
-#t1-1/0/0 up up
-#t1-1/0/0.16 up up
-#t1-1/0/0.17 up up
+#t1-1/0/0 up down
#fxp2 up up
#fxp2.0 up up
#gre up up
@@ -159,7 +160,7 @@
#tap up up
#vlan up up
# grnoc-mon at DOH-CLAYTON-SRX220> show configuration
-## Last commit: 2016-07-27 18:32:09 CDT by admin
+## Last commit: 2017-09-05 13:33:26 CDT by admin
version 12.1X46-D20.5;
system {
host-name DOH-CLAYTON-SRX220;
@@ -298,34 +299,11 @@
disable;
}
ge-0/0/2 {
- disable;
- }
- ge-0/0/3 {
- disable;
- }
- ge-0/0/4 {
- disable;
- }
- ge-0/0/5 {
- disable;
- }
- ge-0/0/6 {
- disable;
- }
- ge-0/0/7 {
- disable;
- }
- t1-1/0/0 {
description "Link to OneNet";
- per-unit-scheduler;
- clocking external;
- encapsulation frame-relay;
- t1-options {
- remote-loopback-respond;
- }
- unit 16 {
+ vlan-tagging;
+ unit 500 {
description "DATACOMM-MGMT to OneNet";
- dlci 16;
+ vlan-id 500;
family inet {
filter {
output DOH-COS;
@@ -333,9 +311,9 @@
address 10.119.78.161/31;
}
}
- unit 17 {
+ unit 501 {
description "DOH-DATA to OneNet";
- dlci 17;
+ vlan-id 501;
family inet {
filter {
output DOH-COS;
@@ -344,6 +322,21 @@
}
}
}
+ ge-0/0/3 {
+ disable;
+ }
+ ge-0/0/4 {
+ disable;
+ }
+ ge-0/0/5 {
+ disable;
+ }
+ ge-0/0/6 {
+ disable;
+ }
+ ge-0/0/7 {
+ disable;
+ }
t1-2/0/0 {
disable;
}
@@ -575,21 +568,21 @@
zones {
security-zone DOH-DATA {
interfaces {
- t1-1/0/0.17 {
+ ge-0/0/0.0 {
host-inbound-traffic {
system-services {
ping;
traceroute;
- ssh;
snmp;
}
}
}
- ge-0/0/0.0 {
+ ge-0/0/2.501 {
host-inbound-traffic {
system-services {
ping;
traceroute;
+ ssh;
snmp;
}
}
@@ -598,7 +591,7 @@
}
security-zone DATACOMM-MGMT {
interfaces {
- t1-1/0/0.16 {
+ ge-0/0/2.500 {
host-inbound-traffic {
system-services {
ping;
@@ -710,7 +703,7 @@
DOH-DATA {
instance-type virtual-router;
interface ge-0/0/0.0;
- interface t1-1/0/0.17;
+ interface ge-0/0/2.501;
routing-options {
static {
route 0.0.0.0/0 next-hop 10.119.76.160;
More information about the Nocrancid
mailing list