[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Sat Sep 16 01:04:59 CDT 2017
Index: configs/core.hut.law.onenet.net
===================================================================
--- configs/core.hut.law.onenet.net (revision 156631)
+++ configs/core.hut.law.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at LAWTON-HUT-MX40> show system commit
+# 2017-09-16 00:57:29 CDT by andrew via cli
# 2017-07-29 21:14:25 CDT by andrew via cli
# 2017-07-26 23:28:43 CDT by andrew via cli
# 2017-07-26 19:52:46 CDT by andrew via cli
# 2017-02-26 18:26:11 CST by andrew via cli
# 2017-01-28 21:22:16 CST by andrew via cli
-# 2016-07-20 13:59:10 CDT by andrew via cli
# grnoc-mon at LAWTON-HUT-MX40> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -263,7 +263,7 @@
# grnoc-mon at LAWTON-HUT-MX40> show system uptime
# System booted: 2016-03-16 00:58 CDT
# Protocols started: 2016-03-16 01:00 CDT
-# Last configured: 2017-07-29 21:14 CDT by andrew
+# Last configured: 2017-09-16 00:57 CDT by andrew
#
# grnoc-mon at LAWTON-HUT-MX40> show interface terse
#Interface Admin Link
@@ -356,7 +356,7 @@
#pp0 up up
#tap up up
# grnoc-mon at LAWTON-HUT-MX40> show configuration
-## Last commit: 2017-07-29 21:14:25 CDT by andrew
+## Last commit: 2017-09-16 00:57:29 CDT by andrew
version 13.3R8.7;
groups {
ISIS-L2-INTERFACE {
@@ -913,6 +913,158 @@
prefix-list PRE-L0-SOURCES {
apply-path "interfaces lo0 unit <*> family inet address <164.*>";
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -986,6 +1138,9 @@
}
community LAWTON-HUT members 5078:153;
community ONENET-POP-APPLIANCES members target:5078:2012;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
+ community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9148;
}
class-of-service {
classifiers {
Index: configs/kiamichi-fmc-battiest.client.onenet.net
===================================================================
--- configs/kiamichi-fmc-battiest.client.onenet.net (revision 156632)
+++ configs/kiamichi-fmc-battiest.client.onenet.net (working copy)
@@ -187,7 +187,7 @@
#ppd0 up up
#ppe0 up up
#st0 up up
-#st0.1 up down
+#st0.1 up up
#st0.2 up up
#tap up up
#vlan up down
Index: configs/core6.tul.onenet.net
===================================================================
--- configs/core6.tul.onenet.net (revision 156090)
+++ configs/core6.tul.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TULSA-ROUTE-REFLECTOR> show system commit
+# 2017-09-16 00:43:56 CDT by andrew via cli
# 2017-08-25 17:35:51 CDT by andrew via cli
# 2017-08-11 22:26:18 CDT by andrew via cli
# 2017-08-10 23:41:43 CDT by andrew via cli
# 2017-07-29 22:03:16 CDT by andrew via cli
# 2017-07-29 21:55:51 CDT by andrew via cli
-# 2017-07-29 21:53:52 CDT by andrew via cli
# grnoc-mon at TULSA-ROUTE-REFLECTOR> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -383,7 +383,7 @@
# Time Source: NTP CLOCK
# System booted: 2016-11-05 15:33 CDT
# Protocols started: 2016-11-05 15:33 CDT
-# Last configured: 2017-08-25 17:35 CDT by andrew
+# Last configured: 2017-09-16 00:43 CDT by andrew
#
# grnoc-mon at TULSA-ROUTE-REFLECTOR> show interface terse
#Interface Admin Link
@@ -447,7 +447,7 @@
#tap up up
#vtep up up
# grnoc-mon at TULSA-ROUTE-REFLECTOR> show configuration
-## Last commit: 2017-08-25 17:35:51 CDT by andrew
+## Last commit: 2017-09-16 00:43:56 CDT by andrew
version 15.1F6.9;
groups {
ISIS-L2-INTERFACE {
@@ -1103,9 +1103,6 @@
neighbor 164.58.199.10 {
description HUB.ARD;
}
- neighbor 164.58.199.82 {
- description "HUB.CHI [DECOM]";
- }
neighbor 164.58.199.142 {
description ACX.CLA;
}
@@ -1365,9 +1362,6 @@
neighbor 2610:1d8::164:58:199:74 {
description HUB.ALV;
}
- neighbor 2610:1d8::164:58:199:82 {
- description "HUB.CHI [DECOM]";
- }
neighbor 2610:1d8::164:58:199:86 {
description HUB.TIS;
}
Index: configs/core.wless.velm.onenet.net
===================================================================
--- configs/core.wless.velm.onenet.net (revision 156350)
+++ configs/core.wless.velm.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at VELMA-TOWER-SRX220> show system commit
+# 2017-09-16 00:52:05 CDT by andrew via cli
# 2017-08-06 16:46:39 CDT by root via other
# 2017-07-29 23:29:41 CDT by andrew via cli
# 2017-07-29 21:13:00 CDT by andrew via cli
# 2017-07-26 19:51:24 CDT by andrew via cli
# 2017-07-22 02:05:20 CDT by andrew via cli commit confirmed, rollback in 3mins
-# 2017-07-14 12:44:09 CDT by andrew via cli
# grnoc-mon at VELMA-TOWER-SRX220> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -106,7 +106,7 @@
# grnoc-mon at VELMA-TOWER-SRX220> show system uptime
# System booted: 2017-08-06 16:45 CDT
# Protocols started: 2017-08-06 16:47 CDT
-# Last configured: 2017-08-06 16:46 CDT by root
+# Last configured: 2017-09-16 00:52 CDT by andrew
#
# grnoc-mon at VELMA-TOWER-SRX220> show interface terse
#Interface Admin Link
@@ -154,7 +154,7 @@
#tap up up
#vlan up up
# grnoc-mon at VELMA-TOWER-SRX220> show configuration
-## Last commit: 2017-08-06 16:46:39 CDT by root
+## Last commit: 2017-09-16 00:52:05 CDT by andrew
version 12.1X46-D65.4;
groups {
ISIS-L2-INTERFACE {
@@ -586,6 +586,158 @@
prefix-list PRE-GRE-SOURCES {
apply-path "interfaces gr-<*> unit <*> tunnel destination <*>";
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -648,6 +800,9 @@
}
}
community ONENET-MGMT-VPN members target:5078:2543;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
+ community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9125;
community VELMA members 5078:9125;
}
security {
Index: configs/hub.tah.onenet.net
===================================================================
--- configs/hub.tah.onenet.net (revision 156095)
+++ configs/hub.tah.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TAHLEQUAH-M120-RE0> show system commit
+# 2017-09-16 00:52:20 CDT by andrew via cli commit synchronize
# 2017-07-29 21:13:22 CDT by andrew via cli commit synchronize
# 2017-07-26 19:51:44 CDT by andrew via cli commit synchronize
# 2017-07-24 08:58:43 CDT by andrew via cli commit confirmed, rollback in 3mins synchronize
# 2017-07-08 21:12:42 CDT by andrew via cli commit synchronize
# 2017-03-27 16:27:51 CDT by andrew via cli commit synchronize
-# 2017-03-17 11:42:42 CDT by andrew via cli commit synchronize
# grnoc-mon at TAHLEQUAH-M120-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -393,7 +393,7 @@
# grnoc-mon at TAHLEQUAH-M120-RE0> show system uptime
# System booted: 2016-03-20 00:48 CDT
# Protocols started: 2016-03-20 00:54 CDT
-# Last configured: 2017-07-29 21:13 CDT by andrew
+# Last configured: 2017-09-16 00:52 CDT by andrew
#
# {master}
# grnoc-mon at TAHLEQUAH-M120-RE0> show interface terse
@@ -511,7 +511,7 @@
#pp0 up up
#tap up up
# grnoc-mon at TAHLEQUAH-M120-RE0> show configuration
-## Last commit: 2017-07-29 21:13:22 CDT by andrew
+## Last commit: 2017-09-16 00:52:20 CDT by andrew
version 13.3R8.7;
groups {
re0 {
@@ -1408,6 +1408,158 @@
then reject;
}
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -1565,6 +1717,9 @@
}
community OMES-AGENCY-DATA-VPN members target:5078:2548;
community OMES-MGMT-VPN members target:5078:2550;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
+ community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9130;
community TAGNET-VPN members target:5078:2531;
community Tahlequah members 5078:130;
}
Index: configs/core6.okc.onenet.net
===================================================================
--- configs/core6.okc.onenet.net (revision 156090)
+++ configs/core6.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-ROUTE-REFLECTOR> show system commit
+# 2017-09-16 00:43:59 CDT by andrew via cli
# 2017-08-25 17:35:21 CDT by andrew via cli
# 2017-08-11 22:26:20 CDT by andrew via cli
# 2017-08-10 23:41:45 CDT by andrew via cli
# 2017-07-29 21:55:55 CDT by andrew via cli
# 2017-07-29 21:53:56 CDT by andrew via cli
-# 2017-07-29 21:38:42 CDT by andrew via cli
# grnoc-mon at OKC-ROUTE-REFLECTOR> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -383,7 +383,7 @@
# Time Source: NTP CLOCK
# System booted: 2016-10-12 08:17 CDT
# Protocols started: 2016-10-12 08:18 CDT
-# Last configured: 2017-08-25 17:35 CDT by andrew
+# Last configured: 2017-09-16 00:43 CDT by andrew
#
# grnoc-mon at OKC-ROUTE-REFLECTOR> show interface terse
#Interface Admin Link
@@ -447,7 +447,7 @@
#tap up up
#vtep up up
# grnoc-mon at OKC-ROUTE-REFLECTOR> show configuration
-## Last commit: 2017-08-25 17:35:21 CDT by andrew
+## Last commit: 2017-09-16 00:43:59 CDT by andrew
version 15.1F6.9;
groups {
ISIS-L2-INTERFACE {
@@ -1109,9 +1109,6 @@
neighbor 164.58.199.10 {
description HUB.ARD;
}
- neighbor 164.58.199.82 {
- description "HUB.CHI [DECOM]";
- }
neighbor 164.58.199.142 {
description ACX.CLA;
}
@@ -1371,9 +1368,6 @@
neighbor 2610:1d8::164:58:199:74 {
description HUB.ALV;
}
- neighbor 2610:1d8::164:58:199:82 {
- description "HUB.CHI [DECOM]";
- }
neighbor 2610:1d8::164:58:199:86 {
description HUB.TIS;
}
Index: configs/hub.bar.onenet.net
===================================================================
--- configs/hub.bar.onenet.net (revision 156210)
+++ configs/hub.bar.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at BARTLESVILLE-M120-RE0> show system commit
+# 2017-09-16 00:52:40 CDT by andrew via cli commit synchronize
# 2017-08-25 10:36:49 CDT by andrew via cli commit synchronize
# 2017-07-29 21:13:31 CDT by andrew via cli commit synchronize
# 2017-07-26 23:41:18 CDT by andrew via cli commit synchronize
# 2017-07-26 19:51:55 CDT by andrew via cli commit synchronize
# 2017-07-12 15:14:26 CDT by andrew via cli commit synchronize
-# 2017-07-08 21:08:57 CDT by andrew via cli commit synchronize
# grnoc-mon at BARTLESVILLE-M120-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -376,7 +376,7 @@
# grnoc-mon at BARTLESVILLE-M120-RE0> show system uptime
# System booted: 2016-03-14 01:19 CDT
# Protocols started: 2016-03-14 01:26 CDT
-# Last configured: 2017-08-25 10:36 CDT by andrew
+# Last configured: 2017-09-16 00:52 CDT by andrew
#
# {master}
# grnoc-mon at BARTLESVILLE-M120-RE0> show interface terse
@@ -533,7 +533,7 @@
#pp0 up up
#tap up up
# grnoc-mon at BARTLESVILLE-M120-RE0> show configuration
-## Last commit: 2017-08-25 10:36:49 CDT by andrew
+## Last commit: 2017-09-16 00:52:40 CDT by andrew
version 13.3R8.7;
groups {
re0 {
@@ -1571,6 +1571,158 @@
then reject;
}
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -1789,6 +1941,9 @@
community OMES-AGENCY-DATA-VPN members target:5078:2548;
community OMES-MGMT-VPN members target:5078:2550;
community ONENET-POP-APPLIANCES members target:5078:2012;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
+ community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9134;
community OSUOKC members 5078:50;
community Okmulgee members 5078:110;
community Ponca-City members 5078:186;
Index: configs/okc-vpn-cluster.okc.onenet.net
===================================================================
--- configs/okc-vpn-cluster.okc.onenet.net (revision 156547)
+++ configs/okc-vpn-cluster.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show system commit
+# 2017-09-16 00:32:01 CDT by andrew via cli
+# 2017-09-16 00:25:40 CDT by andrew via cli commit confirmed, rollback in 3mins
# 2017-09-12 11:25:57 CDT by sky via cli
# 2017-09-12 11:04:39 CDT by sky via cli
# 2017-09-12 11:02:35 CDT by sky via cli
# 2017-09-12 09:44:15 CDT by sky via cli
-# 2017-09-11 20:29:13 CDT by andrew via cli
-# 2017-09-11 17:40:04 CDT by sky via cli
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show chassis environment
# node0:
# --------------------------------------------------------------------------
@@ -266,12 +266,12 @@
# --------------------------------------------------------------------------
# System booted: 2016-10-12 08:16 CDT
# Protocols started: 2016-10-12 08:20 CDT
-# Last configured: 2017-09-12 11:25 CDT by sky
+# Last configured: 2017-09-16 00:32 CDT by andrew
#
# node1:
# --------------------------------------------------------------------------
# System booted: 2016-10-12 08:01 CDT
-# Last configured: 2017-09-12 11:09 CDT by root
+# Last configured: 2017-09-16 00:15 CDT by root
#
# {primary:node0}
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show interface terse
@@ -304,7 +304,6 @@
#ge-0/0/15.604 up up
#ge-0/0/15.605 up up
#ge-0/0/15.606 up up
-#ge-0/0/15.607 up up
#ge-0/0/15.32767 up up
#ge-5/0/0 up down
#ge-5/0/1 up up
@@ -332,7 +331,6 @@
#ge-5/0/15.604 up up
#ge-5/0/15.605 up up
#ge-5/0/15.606 up up
-#ge-5/0/15.607 up up
#ge-5/0/15.32767 up up
#fab0 up up
#fab0.0 up up
@@ -369,7 +367,6 @@
#reth1.604 up up
#reth1.605 up up
#reth1.606 up up
-#reth1.607 up up
#reth1.32767 up up
#st0 up up
#st0.0 up up
@@ -390,24 +387,14 @@
#st0.20 up down
#st0.21 up up
#st0.22 up up
-#st0.25 up down
-#st0.26 up down
#st0.27 up up
#st0.28 up down
-#st0.30 up down
-#st0.31 up down
-#st0.32 up down
-#st0.33 up down
-#st0.34 up down
-#st0.35 up down
-#st0.36 up down
-#st0.37 up down
#swfab0 up down
#swfab1 up down
#tap up up
#vlan up down
# grnoc-mon at OKC-VPN-CLUSTER-NODE0> show configuration
-## Last commit: 2017-09-12 11:25:57 CDT by sky
+## Last commit: 2017-09-16 00:32:01 CDT by andrew
version 12.1X46-D40.2;
groups {
node0 {
@@ -723,14 +710,6 @@
address 10.119.0.21/31;
}
}
- unit 607 {
- description "CORE5-OKC-MHSSO [NO-MONITOR]";
- vlan-id 607;
- family inet {
- mtu 1500;
- address 10.199.28.95/31;
- }
- }
}
st0 {
unit 0 {
@@ -857,16 +836,6 @@
address 10.199.14.6/30;
}
}
- unit 25 {
- description "OESC-GUYMON [NO-MONITOR]";
- family inet {
- mtu 1440;
- address 156.110.24.152/31;
- }
- }
- unit 26 {
- description "OKACTE [NO-MONITOR]";
- }
unit 27 {
description "ATOKA-FAM-HEALTH [NO-MONITOR]";
family inet {
@@ -880,60 +849,6 @@
mtu 1440;
}
}
- unit 30 {
- description "MHSSO-ARDMORE-ADMINISTRATION [NO-MONITOR]";
- family inet {
- mtu 1440;
- address 10.199.28.80/31;
- }
- }
- unit 31 {
- description "MHSSO-DURANT [NO-MONITOR]";
- family inet {
- mtu 1440;
- address 10.199.28.82/31;
- }
- }
- unit 32 {
- description "MHSSO-ADA [NO-MONITOR]";
- family inet {
- mtu 1440;
- address 10.199.28.84/31;
- }
- }
- unit 33 {
- description "MHSSO-ARDMORE-CRISIS [NO-MONITOR]";
- family inet {
- mtu 1440;
- address 10.199.28.86/31;
- }
- }
- unit 34 {
- description "MHSSO-PAULS-VALLEY [NO-MONITOR]";
- family inet {
- mtu 1440;
- address 10.199.28.88/31;
- }
- }
- unit 35 {
- description "MHSSO-SEMINOLE [NO-MONITOR]";
- family inet {
- mtu 1440;
- address 10.199.28.90/31;
- }
- }
- unit 36 {
- description "MHSSO-TISHOMINGO [NO-MONITOR]";
- family inet {
- mtu 1440;
- }
- }
- unit 37 {
- description "MHSSO-NORMAN [NO-MONITOR]";
- family inet {
- address 10.199.28.92/31;
- }
- }
}
}
snmp {
@@ -1218,16 +1133,6 @@
proposals PRE-G2-VERIZON-MD5;
# pre-shared-#key <removed>;
}
- policy IKE-OESC-GUYMON {
- mode aggressive;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
- policy IKE-OKACTE {
- mode aggressive;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
policy IKE-ATOKA-FAM-HEALTH {
mode aggressive;
proposals PRE-G2-AES128-SHA;
@@ -1268,46 +1173,6 @@
proposals PRE-G2-AES128-SHA;
# pre-shared-#key <removed>;
}
- policy IKE-MHSSO-ARDMORE-ADMIN {
- mode main;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
- policy IKE-MHSSO-DURANT {
- mode main;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
- policy IKE-MHSSO-ADA {
- mode main;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
- policy IKE-MHSSO-ARDMORE-CRISIS {
- mode main;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
- policy IKE-MHSSO-PAULS-VALLEY {
- mode main;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
- policy IKE-MHSSO-SEMINOLE {
- mode main;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
- policy IKE-MHSSO-TISHOMINGO {
- mode main;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
- policy IKE-MHSSO-NORMAN {
- mode main;
- proposals PRE-G2-AES128-SHA;
-# pre-shared-#key <removed>;
- }
gateway IKE-GATE-COMANCHE-PS {
ike-policy IKE-COMANCHE-PS;
address 166.141.5.145;
@@ -1381,18 +1246,6 @@
external-interface lo0.0;
local-address 164.58.22.70;
}
- gateway IKE-GATE-OESC-GUYMON {
- ike-policy IKE-OESC-GUYMON;
- dynamic user-at-hostname "oescguymon at ok.com";
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
- gateway IKE-GATE-OKACTE {
- ike-policy IKE-OKACTE;
- dynamic user-at-hostname "okacte at ok.edu";
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
gateway IKE-GATE-ATOKA-FAM-HEALTH {
ike-policy IKE-ATOKA-FAM-HEALTH;
dynamic user-at-hostname "atoka.family.health at ok.edu";
@@ -1441,62 +1294,6 @@
external-interface lo0.0;
local-address 164.58.0.253;
}
- gateway IKE-GATE-MHSSO-ARDMORE-ADMIN {
- ike-policy IKE-MHSSO-ARDMORE-ADMIN;
- address 12.246.241.50;
- dead-peer-detection;
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
- gateway IKE-GATE-MHSSO-DURANT {
- ike-policy IKE-MHSSO-DURANT;
- address 12.246.241.66;
- dead-peer-detection;
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
- gateway IKE-GATE-MHSSO-ADA {
- ike-policy IKE-MHSSO-ADA;
- address 12.246.241.98;
- dead-peer-detection;
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
- gateway IKE-GATE-MHSSO-ARDMORE-CRISIS {
- ike-policy IKE-MHSSO-ARDMORE-CRISIS;
- address 12.246.241.54;
- dead-peer-detection;
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
- gateway IKE-GATE-MHSSO-PAULS-VALLEY {
- ike-policy IKE-MHSSO-PAULS-VALLEY;
- address 12.246.241.90;
- dead-peer-detection;
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
- gateway IKE-GATE-MHSSO-SEMINOLE {
- ike-policy IKE-MHSSO-SEMINOLE;
- address 12.246.241.62;
- dead-peer-detection;
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
- gateway IKE-GATE-MHSSO-TISHOMINGO {
- ike-policy IKE-MHSSO-TISHOMINGO;
- address 12.246.241.58;
- dead-peer-detection;
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
- gateway IKE-GATE-MHSSO-NORMAN {
- ike-policy IKE-MHSSO-NORMAN;
- address 12.246.241.46;
- dead-peer-detection;
- external-interface lo0.0;
- local-address 164.58.0.252;
- }
}
ipsec {
proposal ESP-AES128-SHA {
@@ -1547,12 +1344,6 @@
policy VPN-POLICY-VERIZON-W-JORDAN-VPN {
proposals G2-ESP-VERIZON-SHA;
}
- policy VPN-POLICY-OESC-GUYMON {
- proposals ESP-AES128-SHA;
- }
- policy VPN-POLICY-OKACTE {
- proposals ESP-AES128-SHA;
- }
policy VPN-POLICY-ATOKA-FAM-HEALTH {
proposals ESP-AES128-SHA;
}
@@ -1577,30 +1368,6 @@
policy VPN-POLICY-ODOT-DATA-EDMOND-RES {
proposals ESP-AES128-SHA;
}
- policy VPN-POLICY-MHSSO-ARDMORE-ADMIN {
- proposals ESP-AES128-SHA;
- }
- policy VPN-POLICY-MHSSO-DURANT {
- proposals ESP-AES128-SHA;
- }
- policy VPN-POLICY-MHSSO-ADA {
- proposals ESP-AES128-SHA;
- }
- policy VPN-POLICY-MHSSO-ARDMORE-CRISIS {
- proposals ESP-AES128-SHA;
- }
- policy VPN-POLICY-MHSSO-PAULS-VALLEY {
- proposals ESP-AES128-SHA;
- }
- policy VPN-POLICY-MHSSO-SEMINOLE {
- proposals ESP-AES128-SHA;
- }
- policy VPN-POLICY-MHSSO-TISHOMINGO {
- proposals ESP-AES128-SHA;
- }
- policy VPN-POLICY-MHSSO-NORMAN {
- proposals ESP-AES128-SHA;
- }
vpn IPSEC-VPN-COMANCHE-PS {
bind-interface st0.0;
ike {
@@ -1697,22 +1464,6 @@
}
establish-tunnels immediately;
}
- vpn IPSEC-VPN-OESC-GUYMON {
- bind-interface st0.25;
- ike {
- gateway IKE-GATE-OESC-GUYMON;
- ipsec-policy VPN-POLICY-OESC-GUYMON;
- }
- establish-tunnels immediately;
- }
- vpn IPSEC-VPN-OKACTE {
- bind-interface st0.26;
- ike {
- gateway IKE-GATE-OKACTE;
- ipsec-policy VPN-POLICY-OKACTE;
- }
- establish-tunnels immediately;
- }
vpn IPSEC-VPN-ATOKA-FAM-HEALTH {
bind-interface st0.27;
ike {
@@ -1777,70 +1528,6 @@
}
establish-tunnels immediately;
}
- vpn IPSEC-VPN-MHSSO-ARDMORE-ADMIN {
- bind-interface st0.30;
- ike {
- gateway IKE-GATE-MHSSO-ARDMORE-ADMIN;
- ipsec-policy VPN-POLICY-MHSSO-ARDMORE-ADMIN;
- }
- establish-tunnels immediately;
- }
- vpn IPSEC-VPN-MHSSO-DURANT {
- bind-interface st0.31;
- ike {
- gateway IKE-GATE-MHSSO-DURANT;
- ipsec-policy VPN-POLICY-MHSSO-DURANT;
- }
- establish-tunnels immediately;
- }
- vpn IPSEC-VPN-MHSSO-ADA {
- bind-interface st0.32;
- ike {
- gateway IKE-GATE-MHSSO-ADA;
- ipsec-policy VPN-POLICY-MHSSO-ADA;
- }
- establish-tunnels immediately;
- }
- vpn IPSEC-VPN-MHSSO-ARDMORE-CRISIS {
- bind-interface st0.33;
- ike {
- gateway IKE-GATE-MHSSO-ARDMORE-CRISIS;
- ipsec-policy VPN-POLICY-MHSSO-ARDMORE-CRISIS;
- }
- establish-tunnels immediately;
- }
- vpn IPSEC-VPN-MHSSO-PAULS-VALLEY {
- bind-interface st0.34;
- ike {
- gateway IKE-GATE-MHSSO-PAULS-VALLEY;
- ipsec-policy VPN-POLICY-MHSSO-PAULS-VALLEY;
- }
- establish-tunnels immediately;
- }
- vpn IPSEC-VPN-MHSSO-SEMINOLE {
- bind-interface st0.35;
- ike {
- gateway IKE-GATE-MHSSO-SEMINOLE;
- ipsec-policy VPN-POLICY-MHSSO-SEMINOLE;
- }
- establish-tunnels immediately;
- }
- vpn IPSEC-VPN-MHSSO-TISHOMINGO {
- bind-interface st0.36;
- ike {
- gateway IKE-GATE-MHSSO-TISHOMINGO;
- ipsec-policy VPN-POLICY-MHSSO-TISHOMINGO;
- }
- establish-tunnels immediately;
- }
- vpn IPSEC-VPN-MHSSO-NORMAN {
- bind-interface st0.37;
- ike {
- gateway IKE-GATE-MHSSO-NORMAN;
- ipsec-policy VPN-POLICY-MHSSO-NORMAN;
- }
- establish-tunnels immediately;
- }
}
alg {
msrpc disable;
@@ -2000,18 +1687,6 @@
}
}
}
- from-zone MHSSO to-zone MHSSO {
- policy 201708091828 {
- match {
- source-address any;
- destination-address any;
- application any;
- }
- then {
- permit;
- }
- }
- }
}
zones {
security-zone UNTRUST {
@@ -2077,28 +1752,6 @@
}
}
}
- st0.25 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- protocols {
- bgp;
- }
- }
- }
- st0.26 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- protocols {
- bgp;
- }
- }
- }
st0.27 {
host-inbound-traffic {
system-services {
@@ -2414,82 +2067,6 @@
}
}
}
- security-zone MHSSO {
- interfaces {
- reth1.607 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- st0.30 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- st0.31 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- st0.32 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- st0.33 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- st0.34 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- st0.35 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- st0.36 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- st0.37 {
- host-inbound-traffic {
- system-services {
- ping;
- traceroute;
- }
- }
- }
- }
- }
}
}
firewall {
@@ -2564,23 +2141,6 @@
}
}
}
- MHSSO {
- instance-type virtual-router;
- interface reth1.607;
- interface st0.30;
- interface st0.31;
- interface st0.32;
- interface st0.33;
- interface st0.34;
- interface st0.35;
- interface st0.36;
- interface st0.37;
- routing-options {
- static {
- route 0.0.0.0/0 next-hop 10.199.28.94;
- }
- }
- }
OMES-AGENCY-DATA {
instance-type virtual-router;
interface reth1.601;
Index: configs/core.pot.onenet.net
===================================================================
--- configs/core.pot.onenet.net (revision 156616)
+++ configs/core.pot.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at POTEAU-MX480-RE0> show system commit
+# 2017-09-16 00:57:10 CDT by andrew via cli commit synchronize
# 2017-09-12 15:42:19 CDT by aberrios via cli commit synchronize
# 2017-09-12 12:39:08 CDT by aberrios via cli commit synchronize
# 2017-09-12 12:22:04 CDT by aberrios via cli commit synchronize
# 2017-09-12 12:17:51 CDT by aberrios via cli commit synchronize
# 2017-08-16 13:03:57 CDT by aberrios via cli commit synchronize
-# 2017-07-30 12:33:39 CDT by andrew via cli commit synchronize
# grnoc-mon at POTEAU-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -370,7 +370,7 @@
# grnoc-mon at POTEAU-MX480-RE0> show system uptime
# System booted: 2016-08-18 10:44 CDT
# Protocols started: 2016-08-18 10:48 CDT
-# Last configured: 2017-09-12 15:42 CDT by aberrios
+# Last configured: 2017-09-16 00:57 CDT by andrew
#
# {master}
# grnoc-mon at POTEAU-MX480-RE0> show interface terse
@@ -531,7 +531,7 @@
#pp0 up up
#tap up up
# grnoc-mon at POTEAU-MX480-RE0> show configuration
-## Last commit: 2017-09-12 15:42:19 CDT by aberrios
+## Last commit: 2017-09-16 00:57:10 CDT by andrew
version 13.3R8.7;
groups {
re0 {
@@ -1783,6 +1783,158 @@
then reject;
}
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -2129,6 +2281,9 @@
community OMES-MGMT-VPN members target:5078:2550;
community ONENET-MGMT-VPN members target:5078:2543;
community ONENET-POP-APPLIANCES members target:5078:2012;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
+ community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9147;
community OSUOKC members 5078:50;
community Okmulgee members 5078:110;
community Ponca-City members 5078:186;
Index: configs/core.owtcred.onenet.net
===================================================================
--- configs/core.owtcred.onenet.net (revision 156422)
+++ configs/core.owtcred.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at RED-OAK-MX80> show system commit
+# 2017-09-16 00:52:55 CDT by andrew via cli
# 2017-07-29 21:43:17 CDT by andrew via cli commit confirmed, rollback in 3mins
# 2017-07-29 21:13:40 CDT by andrew via cli
# 2017-07-27 17:01:59 CDT by aberrios via cli commit confirmed, rollback in 3mins
# 2017-07-26 19:52:02 CDT by andrew via cli
# 2017-07-10 14:48:47 CDT by sean via cli
-# 2017-07-10 14:09:06 CDT by sean via cli
# grnoc-mon at RED-OAK-MX80> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -265,7 +265,7 @@
# grnoc-mon at RED-OAK-MX80> show system uptime
# System booted: 2016-03-17 00:26 CDT
# Protocols started: 2016-03-17 00:28 CDT
-# Last configured: 2017-07-29 21:43 CDT by andrew
+# Last configured: 2017-09-16 00:52 CDT by andrew
#
# grnoc-mon at RED-OAK-MX80> show interface terse
#Interface Admin Link
@@ -357,7 +357,7 @@
#pp0 up up
#tap up up
# grnoc-mon at RED-OAK-MX80> show configuration
-## Last commit: 2017-07-29 21:43:17 CDT by andrew
+## Last commit: 2017-09-16 00:52:55 CDT by andrew
version 13.3R8.7;
groups {
ISIS-L2-INTERFACE {
@@ -1141,6 +1141,158 @@
prefix-list PRE-L0-SOURCES {
apply-path "interfaces lo0 unit <*> family inet address <164.*>";
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -1203,6 +1355,9 @@
}
}
community ONENET-MGMT-VPN members target:5078:2543;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
+ community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9135;
community REDOAK members 5078:9135;
}
class-of-service {
Index: configs/core.hut.wea.onenet.net
===================================================================
--- configs/core.hut.wea.onenet.net (revision 156616)
+++ configs/core.hut.wea.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at WEATHERFORD-MX40> show system commit
+# 2017-09-16 00:57:47 CDT by andrew via cli
# 2017-07-29 21:14:31 CDT by andrew via cli
# 2017-07-26 23:22:13 CDT by andrew via cli
# 2017-07-26 19:52:52 CDT by andrew via cli
# 2017-02-26 18:11:35 CST by andrew via cli
# 2017-01-29 01:08:46 CST by andrew via cli
-# 2016-12-09 21:24:38 CST by andrew via cli
# grnoc-mon at WEATHERFORD-MX40> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -265,7 +265,7 @@
# grnoc-mon at WEATHERFORD-MX40> show system uptime
# System booted: 2016-03-13 01:59 CST
# Protocols started: 2016-03-13 03:02 CDT
-# Last configured: 2017-07-29 21:14 CDT by andrew
+# Last configured: 2017-09-16 00:57 CDT by andrew
#
# grnoc-mon at WEATHERFORD-MX40> show interface terse
#Interface Admin Link
@@ -367,7 +367,7 @@
#pp0 up up
#tap up up
# grnoc-mon at WEATHERFORD-MX40> show configuration
-## Last commit: 2017-07-29 21:14:31 CDT by andrew
+## Last commit: 2017-09-16 00:57:47 CDT by andrew
version 13.3R8.7;
groups {
ISIS-L2-INTERFACE {
@@ -1038,6 +1038,158 @@
then reject;
}
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -1250,6 +1402,9 @@
community OMES-MGMT-VPN members target:5078:2550;
community ONENET-MGMT-VPN members target:5078:2543;
community ONENET-POP-APPLIANCES members target:5078:2012;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
+ community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9149;
community Wford members 5078:149;
}
class-of-service {
Index: configs/acx.cla.onenet.net
===================================================================
--- configs/acx.cla.onenet.net (revision 156402)
+++ configs/acx.cla.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at CLAREMORE-ACX4000> show system commit
+# 2017-09-16 00:56:48 CDT by andrew via cli
# 2017-09-06 16:39:23 CDT by sean via cli
# 2017-07-30 12:35:53 CDT by andrew via cli
# 2017-07-29 21:14:13 CDT by andrew via cli
# 2017-07-26 23:20:58 CDT by andrew via cli
# 2017-07-26 19:52:34 CDT by andrew via cli
-# 2017-06-07 00:25:42 CDT by andrew via cli
# grnoc-mon at CLAREMORE-ACX4000> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -189,7 +189,7 @@
# grnoc-mon at CLAREMORE-ACX4000> show system uptime
# System booted: 2017-06-06 23:09 CDT
# Protocols started: 2017-06-06 23:10 CDT
-# Last configured: 2017-09-06 16:39 CDT by sean
+# Last configured: 2017-09-16 00:56 CDT by andrew
#
# grnoc-mon at CLAREMORE-ACX4000> show interface terse
#Interface Admin Link
@@ -227,7 +227,7 @@
#pime up up
#tap up up
# grnoc-mon at CLAREMORE-ACX4000> show configuration
-## Last commit: 2017-09-06 16:39:23 CDT by sean
+## Last commit: 2017-09-16 00:56:48 CDT by andrew
version 12.3X54-D27.1;
groups {
ISIS-L2-INTERFACE {
@@ -642,6 +642,158 @@
}
}
policy-options {
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -683,7 +835,9 @@
}
}
community CLAREMORE members 5078:9142;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9142;
}
firewall {
family inet {
Index: configs/core.tah.onenet.net
===================================================================
--- configs/core.tah.onenet.net (revision 156626)
+++ configs/core.tah.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TAHLEQUAH-MX80> show system commit
+# 2017-09-16 00:51:55 CDT by andrew via cli
# 2017-07-29 21:13:10 CDT by andrew via cli
# 2017-07-26 19:51:33 CDT by andrew via cli
# 2017-07-24 09:01:47 CDT by andrew via cli commit confirmed, rollback in 3mins
# 2017-02-10 14:08:19 CST by admin via netconf
# 2017-01-29 00:12:01 CST by andrew via cli
-# 2016-11-08 08:28:56 CST by andrew via cli
# grnoc-mon at TAHLEQUAH-MX80> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -264,7 +264,7 @@
# grnoc-mon at TAHLEQUAH-MX80> show system uptime
# System booted: 2016-11-02 13:30 CDT
# Protocols started: 2016-11-02 13:32 CDT
-# Last configured: 2017-07-29 21:13 CDT by andrew
+# Last configured: 2017-09-16 00:51 CDT by andrew
#
# grnoc-mon at TAHLEQUAH-MX80> show interface terse
#Interface Admin Link
@@ -334,7 +334,7 @@
#pp0 up up
#tap up up
# grnoc-mon at TAHLEQUAH-MX80> show configuration
-## Last commit: 2017-07-29 21:13:10 CDT by andrew
+## Last commit: 2017-09-16 00:51:55 CDT by andrew
version 13.3R9.13;
groups {
ISIS-L2-INTERFACE {
@@ -1084,6 +1084,158 @@
then reject;
}
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -1194,6 +1346,7 @@
community ONENET_E_NO_PEER members 5078:10929;
community ONENET_E_NO_RESEARCH members 5078:10919;
community ONENET_INTERNAL members 5078:10000;
+ community ONENET_LO0 members 5078:9129;
community ONENET_SRC_COMMODITY members 5078:4000;
community ONENET_SRC_CUSTOMER members 5078:4300;
community ONENET_SRC_PEER members 5078:4200;
Index: configs/odmhsas-tmhc-lawton-main.client.onenet.net
===================================================================
--- configs/odmhsas-tmhc-lawton-main.client.onenet.net (revision 156633)
+++ configs/odmhsas-tmhc-lawton-main.client.onenet.net (working copy)
@@ -972,6 +972,5 @@
10.119.20.130 Up vlan.3 6.000 2.000 3
1 sessions, 1 clients
-quit
Cumulative transmit rate 0.5 pps, cumulative receive rate 0.5 pps
Index: configs/hub.dur.onenet.net
===================================================================
--- configs/hub.dur.onenet.net (revision 156631)
+++ configs/hub.dur.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at DURANT-M120-RE0> show system commit
+# 2017-09-16 00:56:34 CDT by andrew via cli commit synchronize
# 2017-09-15 12:40:37 CDT by aberrios via cli commit synchronize
# 2017-08-15 22:48:46 CDT by andrew via cli commit synchronize
# 2017-07-29 21:05:42 CDT by andrew via cli commit synchronize
# 2017-07-26 19:44:41 CDT by andrew via cli commit synchronize
# 2017-07-26 19:08:49 CDT by andrew via cli commit synchronize
-# 2017-07-22 10:59:09 CDT by andrew via cli commit synchronize
# grnoc-mon at DURANT-M120-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -371,7 +371,7 @@
# grnoc-mon at DURANT-M120-RE0> show system uptime
# System booted: 2017-01-18 14:42 CST
# Protocols started: 2017-01-18 14:45 CST
-# Last configured: 2017-09-15 12:40 CDT by aberrios
+# Last configured: 2017-09-16 00:56 CDT by andrew
#
# {master}
# grnoc-mon at DURANT-M120-RE0> show interface terse
@@ -500,7 +500,7 @@
#pp0 up up
#tap up up
# grnoc-mon at DURANT-M120-RE0> show configuration
-## Last commit: 2017-09-15 12:40:37 CDT by aberrios
+## Last commit: 2017-09-16 00:56:34 CDT by andrew
version 13.3R8.7;
groups {
re0 {
@@ -1609,6 +1609,158 @@
then reject;
}
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -1779,6 +1931,9 @@
community Muskogee members 5078:94;
community ODMHSAS-VPN members target:5078:2559;
community OMES-MGMT-VPN members target:5078:2550;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
+ community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9014;
community OSUOKC members 5078:50;
community Okmulgee members 5078:110;
community Ponca-City members 5078:186;
Index: configs/core5.okc.onenet.net
===================================================================
--- configs/core5.okc.onenet.net (revision 156623)
+++ configs/core5.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE5-MX480-RE0> show system commit
+# 2017-09-16 00:36:47 CDT by andrew via cli commit synchronize
+# 2017-09-16 00:24:15 CDT by andrew via cli commit synchronize
# 2017-09-15 13:33:00 CDT by sky via cli commit synchronize
# 2017-09-15 13:10:39 CDT by sky via cli commit synchronize
# 2017-09-15 13:07:49 CDT by sky via cli commit synchronize
# 2017-09-15 12:46:42 CDT by sky via cli commit synchronize
-# 2017-09-15 09:37:35 CDT by andrew via cli commit synchronize
-# 2017-09-14 12:16:34 CDT by aberrios via cli commit synchronize
# grnoc-mon at OKC-CORE5-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -562,7 +562,7 @@
# grnoc-mon at OKC-CORE5-MX480-RE0> show system uptime
# System booted: 2016-10-12 08:16 CDT
# Protocols started: 2016-10-12 08:18 CDT
-# Last configured: 2017-09-15 13:33 CDT by sky
+# Last configured: 2017-09-16 00:36 CDT by andrew
#
# {master}
# grnoc-mon at OKC-CORE5-MX480-RE0> show interface terse
@@ -1422,7 +1422,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE5-MX480-RE0> show configuration
-## Last commit: 2017-09-15 13:33:00 CDT by sky
+## Last commit: 2017-09-16 00:36:47 CDT by andrew
version 13.3R9.13;
groups {
re0 {
@@ -10677,7 +10677,7 @@
}
}
unit 602 {
- description OKC-VPN-CLUSTER-DHS-AGENCY-DATA;
+ description "OKC-VPN-CLUSTER-DHS-AGENCY-DATA [DECOM]";
family inet {
mtu 1500;
sampling {
@@ -10687,7 +10687,7 @@
}
}
unit 603 {
- description OKC-VPN-CLUSTER-DHS-GUEST;
+ description "OKC-VPN-CLUSTER-DHS-GUEST [DECOM]";
family inet {
mtu 1500;
sampling {
@@ -10727,7 +10727,7 @@
}
}
unit 607 {
- description OKC-VPN-CLUSTER-MHSSO;
+ description "OKC-VPN-CLUSTER-MHSSO [DECOM]";
family inet {
address 10.199.28.94/31;
}
Index: configs/core.owtccla.onenet.net
===================================================================
--- configs/core.owtccla.onenet.net (revision 156491)
+++ configs/core.owtccla.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OWTCCLA-MX40> show system commit
+# 2017-09-16 00:56:13 CDT by andrew via cli
# 2017-09-10 13:26:02 CDT by andrew via cli
# 2017-09-10 13:24:01 CDT by andrew via cli
# 2017-09-07 17:46:22 CDT by andrew via cli
# 2017-09-05 13:29:40 CDT by sky via cli
# 2017-09-05 11:33:02 CDT by sky via cli
-# 2017-08-21 22:14:28 CDT by andrew via cli
# grnoc-mon at OWTCCLA-MX40> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -266,7 +266,7 @@
# grnoc-mon at OWTCCLA-MX40> show system uptime
# System booted: 2017-06-19 01:45 CDT
# Protocols started: 2017-06-19 01:48 CDT
-# Last configured: 2017-09-10 13:26 CDT by andrew
+# Last configured: 2017-09-16 00:56 CDT by andrew
#
# grnoc-mon at OWTCCLA-MX40> show interface terse
#Interface Admin Link
@@ -368,7 +368,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OWTCCLA-MX40> show configuration
-## Last commit: 2017-09-10 13:26:02 CDT by andrew
+## Last commit: 2017-09-16 00:56:13 CDT by andrew
version 13.3R9.13;
groups {
ISIS-L2-INTERFACE {
@@ -1328,6 +1328,158 @@
then reject;
}
}
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -1471,6 +1623,7 @@
community ONENET_E_NO_PEER members 5078:10929;
community ONENET_E_NO_RESEARCH members 5078:10919;
community ONENET_INTERNAL members 5078:10000;
+ community ONENET_LO0 members 5078:9137;
community ONENET_SRC_COMMODITY members 5078:4000;
community ONENET_SRC_CUSTOMER members 5078:4300;
community ONENET_SRC_PEER members 5078:4200;
Index: configs/acx.owtcalb.onenet.net
===================================================================
--- configs/acx.owtcalb.onenet.net (revision 155632)
+++ configs/acx.owtcalb.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OWTCALB-ACX4000> show system commit
+# 2017-09-16 00:53:13 CDT by andrew via cli
# 2017-08-09 15:20:47 CDT by joel via cli
# 2017-07-29 21:44:47 CDT by andrew via cli
# 2017-07-29 21:13:51 CDT by andrew via cli
# 2017-07-26 23:18:07 CDT by andrew via cli
# 2017-07-26 19:52:14 CDT by andrew via cli
-# 2017-07-13 11:33:32 CDT by aberrios via cli
# grnoc-mon at OWTCALB-ACX4000> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -198,7 +198,7 @@
# grnoc-mon at OWTCALB-ACX4000> show system uptime
# System booted: 2017-06-18 23:53 CDT
# Protocols started: 2017-06-18 23:55 CDT
-# Last configured: 2017-08-09 15:20 CDT by joel
+# Last configured: 2017-09-16 00:53 CDT by andrew
#
# grnoc-mon at OWTCALB-ACX4000> show interface terse
#Interface Admin Link
@@ -245,7 +245,7 @@
#pime up up
#tap up up
# grnoc-mon at OWTCALB-ACX4000> show configuration
-## Last commit: 2017-08-09 15:20:47 CDT by joel
+## Last commit: 2017-09-16 00:53:13 CDT by andrew
version 12.3X54-D27.1;
groups {
ISIS-L2-INTERFACE {
@@ -731,6 +731,158 @@
}
}
policy-options {
+ policy-statement IBGP-CORE-RR-V4-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
+ policy-statement IBGP-CORE-RR-V6-EXPORT {
+ term UPSTREAM-AGGREGATES {
+ from {
+ protocol aggregate;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERAL-ONLY-AGGREGATES {
+ from protocol aggregate;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term UPSTREAM-STATICS {
+ from {
+ protocol static;
+ tag 5000;
+ }
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ community add ONENET_ADV_UPSTREAM;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-STATICS {
+ from protocol static;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ term INTERNAL-ONLY-DIRECTS {
+ from protocol direct;
+ then {
+ local-preference 200;
+ community add ONENET_LO0;
+ next-hop self;
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ term BLACKHOLE-BGP {
+ from {
+ protocol bgp;
+ community ONENET_BLACKHOLE;
+ }
+ then {
+ community add ONENET_LO0;
+ accept;
+ }
+ }
+ term REDISTRIBUTE-BGP {
+ from protocol bgp;
+ then {
+ community add ONENET_LO0;
+ next-hop self;
+ accept;
+ }
+ }
+ }
policy-statement LOAD-BALANCE {
then {
load-balance per-packet;
@@ -807,7 +959,9 @@
}
}
community ONENET-MGMT-VPN members target:5078:2543;
+ community ONENET_ADV_UPSTREAM members 5078:5000;
community ONENET_BLACKHOLE members 5078:911;
+ community ONENET_LO0 members 5078:9136;
community OWTCALB members 5078:9136;
}
firewall {
More information about the Nocrancid
mailing list