[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Wed Sep 20 15:05:04 CDT 2017
Index: configs/core3.okc-m120.onenet.net
===================================================================
--- configs/core3.okc-m120.onenet.net (revision 156754)
+++ configs/core3.okc-m120.onenet.net (working copy)
@@ -721,8 +721,8 @@
#t1-2/3/0:5:11 down down
#t1-2/3/0:5:12 down down
#t1-2/3/0:5:13 down down
-#t1-2/3/0:5:14 up up
-#t1-2/3/0:5:14.0 up up
+#t1-2/3/0:5:14 up down
+#t1-2/3/0:5:14.0 up down
#t1-2/3/0:5:15 up up
#t1-2/3/0:5:15.0 up up
#t1-2/3/0:5:16 down down
Index: configs/core4.tul.onenet.net
===================================================================
--- configs/core4.tul.onenet.net (revision 156696)
+++ configs/core4.tul.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TULSA-CORE4-MX480-RE0> show system commit
+# 2017-09-20 14:45:12 CDT by andrew via cli commit synchronize
# 2017-09-13 14:13:49 CDT by andrew via cli commit synchronize
# 2017-09-13 14:13:04 CDT by andrew via cli commit synchronize
# 2017-09-12 23:19:16 CDT by joel via cli commit confirmed, rollback in 5mins synchronize
# 2017-09-12 10:50:56 CDT by joel via cli commit synchronize
# 2017-09-12 10:48:19 CDT by joel via cli commit synchronize
-# 2017-09-07 18:27:23 CDT by andrew via cli commit synchronize
# grnoc-mon at TULSA-CORE4-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -507,7 +507,7 @@
# grnoc-mon at TULSA-CORE4-MX480-RE0> show system uptime
# System booted: 2016-08-15 04:31 CDT
# Protocols started: 2016-08-15 04:34 CDT
-# Last configured: 2017-09-13 14:13 CDT by andrew
+# Last configured: 2017-09-20 14:45 CDT by andrew
#
# {master}
# grnoc-mon at TULSA-CORE4-MX480-RE0> show interface terse
@@ -852,7 +852,7 @@
#pp0 up up
#tap up up
# grnoc-mon at TULSA-CORE4-MX480-RE0> show configuration
-## Last commit: 2017-09-13 14:13:49 CDT by andrew
+## Last commit: 2017-09-20 14:45:12 CDT by andrew
version 13.3R9.13;
groups {
re0 {
@@ -4281,7 +4281,7 @@
then reject;
}
term ONENET-COMMUNITIES-SEND {
- from community [ ONENET_ADV_FACEBOOK ONENET_E_ADV_FACEBOOK ];
+ from community [ ONENET_ADV_FACEBOOK ONENET_E_ADV_FACEBOOK ONENET_ADV_UPSTREAM ];
then accept;
}
term ONENET-ROUTES {
Index: configs/quapaw-ps.client.onenet.net
===================================================================
--- configs/quapaw-ps.client.onenet.net (revision 155989)
+++ configs/quapaw-ps.client.onenet.net (working copy)
@@ -1,6 +1,7 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at QUAPAW-PS-LR-004903> show system commit
+# 2017-09-20 15:02:13 CDT by joel via cli commit confirmed, rollback in 3mins
# 2017-08-22 10:46:20 CDT by andrew via cli
# rescue 2017-08-22 10:46:39 CDT by andrew via cli
#
@@ -122,7 +123,7 @@
# grnoc-mon at QUAPAW-PS-LR-004903> show system uptime
# System booted: 2017-08-05 01:21 CDT
# Protocols started: 2017-08-05 01:24 CDT
-# Last configured: 2017-08-22 10:46 CDT by andrew
+# Last configured: 2017-09-20 15:02 CDT by joel
#
# grnoc-mon at QUAPAW-PS-LR-004903> show interface terse
#Interface Admin Link
@@ -178,7 +179,7 @@
#vlan.200 up up
#vlan.500 up up
# grnoc-mon at QUAPAW-PS-LR-004903> show configuration
-## Last commit: 2017-08-22 10:46:20 CDT by andrew
+## Last commit: 2017-09-20 15:02:13 CDT by joel
version 12.1X44-D35.5;
system {
host-name QUAPAW-PS-LR-004903;
@@ -492,9 +493,9 @@
security {
address-book {
global {
- address ONENET-164.58.69.122/32 {
+ address ONENET-164.58.58.101/32 {
description "OneNet DC NAT Address for allowing Static NAT";
- wildcard-address 164.58.69.122/32;
+ 164.58.58.101/32;
}
address ESXI-172.16.0.9/32 {
description "CLI-User: root Pass: w!ld at dm!n321 / HTTPS-User: onenet Pass: ONENET-ADMIN-PASS";
@@ -633,6 +634,34 @@
}
}
}
+ rule NAT-UNTRUST-TO-DESTINY-80 {
+ match {
+ destination-address 164.58.58.101/32;
+ destination-port 80;
+ }
+ then {
+ static-nat {
+ prefix {
+ 172.16.0.13/32;
+ mapped-port 80;
+ }
+ }
+ }
+ }
+ rule NAT-UNTRUST-TO-DESTINY-443 {
+ match {
+ destination-address 164.58.58.101/32;
+ destination-port 443;
+ }
+ then {
+ static-nat {
+ prefix {
+ 172.16.0.13/32;
+ mapped-port 443;
+ }
+ }
+ }
+ }
}
}
}
@@ -650,9 +679,22 @@
}
}
from-zone UNTRUST to-zone TR-0100-QPS-Staff {
+ policy STATIC-NAT-DESTINY {
+ match {
+ source-address any;
+ destination-address HOST-DESTINY-SERVER-172.16.0.13/32;
+ application [ junos-http junos-https ];
+ }
+ then {
+ permit;
+ log {
+ session-init;
+ }
+ }
+ }
policy STATIC-NAT-QUAPAW-STORAGE-SVR {
match {
- source-address ONENET-164.58.69.122/32;
+ source-address ONENET-164.58.58.101/32;
destination-address HOST-QUAPAW-STORAGE-SVR-172.16.0.11/32;
application any;
}
@@ -672,7 +714,7 @@
}
policy STATIC-NAT-UNIFI {
match {
- source-address ONENET-164.58.69.122/32;
+ source-address ONENET-164.58.58.101/32;
destination-address HOST-UNIFI-CONTROLLER-172.16.0.12/32;
application any;
}
@@ -685,7 +727,7 @@
}
policy STATIC-NAT-ESXI {
match {
- source-address ONENET-164.58.69.122/32;
+ source-address ONENET-164.58.58.101/32;
destination-address ESXI-172.16.0.9/32;
application any;
}
Index: configs/core4.okc.onenet.net
===================================================================
--- configs/core4.okc.onenet.net (revision 156756)
+++ configs/core4.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE4-MX480-RE0> show system commit
+# 2017-09-20 14:58:09 CDT by sean via cli commit synchronize
+# 2017-09-20 14:45:49 CDT by andrew via cli commit synchronize
+# 2017-09-20 14:38:23 CDT by sean via cli commit synchronize
+# 2017-09-20 14:13:54 CDT by andrew via cli commit synchronize
+# 2017-09-20 14:08:52 CDT by andrew via cli commit synchronize
# 2017-09-20 13:17:01 CDT by andrew via cli commit synchronize
-# 2017-09-20 11:08:11 CDT by sean via cli commit synchronize
-# 2017-09-20 10:43:09 CDT by joel via cli commit synchronize
-# 2017-09-20 10:38:10 CDT by joel via cli commit synchronize
-# 2017-09-19 13:00:12 CDT by andrew via cli commit synchronize
-# 2017-09-18 16:31:03 CDT by andrew via cli commit synchronize
# grnoc-mon at OKC-CORE4-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -556,7 +556,7 @@
# grnoc-mon at OKC-CORE4-MX480-RE0> show system uptime
# System booted: 2016-10-12 18:12 CDT
# Protocols started: 2016-10-12 18:14 CDT
-# Last configured: 2017-09-20 13:17 CDT by andrew
+# Last configured: 2017-09-20 14:58 CDT by sean
#
# {master}
# grnoc-mon at OKC-CORE4-MX480-RE0> show interface terse
@@ -1241,6 +1241,7 @@
#xe-3/1/0.42 up up
#xe-3/1/0.32767 up up
#xe-3/1/1 up up
+#xe-3/1/1.709 up up
#xe-3/1/1.32767 up up
#xe-3/1/2 up up
#xe-3/1/2.501 up up
@@ -1519,7 +1520,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE4-MX480-RE0> show configuration
-## Last commit: 2017-09-20 13:17:01 CDT by andrew
+## Last commit: 2017-09-20 14:58:09 CDT by sean
version 13.3R9.13;
groups {
re0 {
@@ -7986,6 +7987,21 @@
flexible-vlan-tagging;
mtu 9192;
encapsulation flexible-ethernet-services;
+ unit 709 {
+ description ROBIN-HILL-ELEMENTARY-500M-CIR0020300;
+ vlan-id 709;
+ family inet {
+ rpf-check;
+ policer {
+ input 500M-POL;
+ output 500M-POL;
+ }
+ sampling {
+ input;
+ }
+ address 164.58.2.53/30;
+ }
+ }
}
xe-3/1/2 {
description 360-COMMUNICATIONS-BOK-OKC-DARK-FIBER-CIR000XXXX;
@@ -11494,6 +11510,10 @@
}
}
policy-statement EBGP-COX-EXPORT {
+ term STEP-0 {
+ from community ONENET_ADV_UPSTREAM;
+ then accept;
+ }
term STEP-1 {
from policy COMMODITY-PREFIXES-LIST;
then accept;
@@ -11745,7 +11765,7 @@
then reject;
}
term SEND-COMMUNITIES {
- from community ONENET_ADV_GGC;
+ from community [ ONENET_ADV_GGC ONENET_ADV_UPSTREAM ];
then accept;
}
term PREFIXES {
@@ -12766,6 +12786,15 @@
accept;
}
}
+ term STEP-0 {
+ from community ONENET_ADV_UPSTREAM;
+ then {
+ community add Global-Prepend;
+ community add Qwest-Timezone;
+ as-path-prepend "5078 5078 5078 5078";
+ accept;
+ }
+ }
term STEP-1 {
from policy COMMODITY-PREFIXES-LIST;
then {
Index: configs/core.rack59.onenet.net
===================================================================
--- configs/core.rack59.onenet.net (revision 156751)
+++ configs/core.rack59.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at RACK59-MX480-RE0> show system commit
+# 2017-09-20 14:46:17 CDT by andrew via cli commit synchronize
+# 2017-09-20 14:12:24 CDT by andrew via cli commit synchronize
# 2017-09-20 09:49:09 CDT by andrew via cli commit synchronize
# 2017-09-19 20:58:34 CDT by andrew via cli commit synchronize
# 2017-09-19 20:41:33 CDT by andrew via cli commit synchronize
# 2017-09-15 09:37:53 CDT by andrew via cli commit synchronize
-# 2017-09-12 20:24:12 CDT by andrew via cli commit synchronize
-# 2017-09-12 20:22:23 CDT by andrew via cli commit synchronize
# grnoc-mon at RACK59-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -446,7 +446,7 @@
# grnoc-mon at RACK59-MX480-RE0> show system uptime
# System booted: 2016-03-30 08:27 CDT
# Protocols started: 2016-03-30 08:30 CDT
-# Last configured: 2017-09-20 09:49 CDT by andrew
+# Last configured: 2017-09-20 14:46 CDT by andrew
#
# {master}
# grnoc-mon at RACK59-MX480-RE0> show interface terse
@@ -591,7 +591,7 @@
#pp0 up up
#tap up up
# grnoc-mon at RACK59-MX480-RE0> show configuration
-## Last commit: 2017-09-20 09:49:09 CDT by andrew
+## Last commit: 2017-09-20 14:46:17 CDT by andrew
version 13.3R9.13;
groups {
re0 {
@@ -2134,6 +2134,14 @@
next term;
}
}
+ term STEP-0 {
+ from community ONENET_ADV_UPSTREAM;
+ then {
+ metric 100;
+ as-path-prepend "5078 5078 5078";
+ accept;
+ }
+ }
term STEP-1 {
from policy COMMODITY-PREFIXES-LIST;
then {
@@ -2211,7 +2219,7 @@
then reject;
}
term SEND-COMMUNITIES {
- from community ONENET_ADV_GGC;
+ from community [ ONENET_ADV_GGC ONENET_ADV_UPSTREAM ];
then accept;
}
term PREFIXES {
@@ -2287,6 +2295,14 @@
}
then reject;
}
+ term STEP-0 {
+ from community ONENET_ADV_UPSTREAM;
+ then {
+ community add 65003:0;
+ as-path-prepend "5078 5078 5078 5078";
+ accept;
+ }
+ }
term STEP-1 {
from policy COMMODITY-PREFIXES-LIST;
then {
@@ -2324,7 +2340,7 @@
then reject;
}
term ONENET-COMMUNITIES-SEND {
- from community ONENET_NETFLIX;
+ from community [ ONENET_NETFLIX ONENET_ADV_UPSTREAM ];
then {
metric 10;
accept;
@@ -2516,7 +2532,7 @@
}
policy-statement EBGP-VALVE-CORP-V4-EXPORT {
term SEND-COMMUNITIES {
- from community ONENET_ADV_VALVE;
+ from community [ ONENET_ADV_VALVE ONENET_ADV_UPSTREAM ];
then accept;
}
term PREFIXES {
Index: configs/dhs-guymon-ne-4th.nid.onenet.net
===================================================================
--- configs/dhs-guymon-ne-4th.nid.onenet.net (revision 156637)
+++ configs/dhs-guymon-ne-4th.nid.onenet.net (working copy)
@@ -1617,7 +1617,7 @@
t392 15
async-status enabled
min-async-status-interval 1
-#
+d
#CLI:ELMI NETWORK-1-1-1-2 Edit
#
home
Index: configs/opt.nrm.onenet.net
===================================================================
--- configs/opt.nrm.onenet.net (revision 156756)
+++ configs/opt.nrm.onenet.net (working copy)
@@ -16,6 +16,7 @@
<interface name="CHAN-1-3-2-RX" abbr_name="CHAN-1-3-2-RX" admin_state="up" spanning_tree_metric="" description="" type="MUX" monitoring_state="monitor"></interface>
<interface name="CHAN-1-3-3-RX" abbr_name="CHAN-1-3-3-RX" admin_state="down" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
<interface name="CHAN-1-3-4-RX" abbr_name="CHAN-1-3-4-RX" admin_state="up" spanning_tree_metric="" description="" type="MUX" monitoring_state="monitor"></interface>
+ <interface name="CHAN-1-3-5-RX" abbr_name="CHAN-1-3-5-RX" admin_state="down" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
<interface name="CHAN-1-3-6-RX" abbr_name="CHAN-1-3-6-RX" admin_state="down" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
<interface name="CHAN-1-3-7-RX" abbr_name="CHAN-1-3-7-RX" admin_state="down" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
<interface name="CHAN-1-3-8-RX" abbr_name="CHAN-1-3-8-RX" admin_state="down" spanning_tree_metric="" description="" type="MUX" monitoring_state="no-monitor"></interface>
@@ -101,6 +102,7 @@
<part name="SLOT-1-7" description="15454-TCC2P" hw_version="E0" part_id="15454-TCC2P" part_num="800-24766-10" serial_number="CAT1424A17R" slot="SLOT-1-7" vendor_id="Cisco"></part>
<part name="SLOT-1-8" description="OSCM" hw_version="B0" part_id="OSCM" part_num="800-22341-03" serial_number="CAT10425B52" slot="SLOT-1-8" vendor_id="Cisco">
<interface name="LINE-1-8-1" abbr_name="LINE-1-8-1" admin_state="up" spanning_tree_metric="" description="Unknown" type="OSC" monitoring_state="monitor"></interface>
+ <interface name="FAC-1-8-1" abbr_name="FAC-1-8-1" admin_state="up" spanning_tree_metric="" description="" type="FAC" monitoring_state="monitor"></interface>
</part>
<part name="SLOT-1-9" description="AIC-I" hw_version="G0" part_id="AIC-I" part_num="800-24891-04" serial_number="CAT1210A06V" slot="SLOT-1-9" vendor_id="Cisco"></part>
<part name="SLOT-1-11" description="15454-TCC2P" hw_version="E0" part_id="15454-TCC2P" part_num="800-24766-10" serial_number="CAT1507B0HN" slot="SLOT-1-11" vendor_id="Cisco"></part>
@@ -108,6 +110,8 @@
<part name="PPM-1-16-1" description="ONS-XC-10G-S1" hw_version="B" part_id="ONS-XC-10G-S1" part_num="10-2012-03" serial_number="FNS15200HX4" slot="PPM-1-16-1" vendor_id="Cisco"></part>
<part name="PPM-1-16-2" description="ONS-XC-10G-S1" hw_version="B" part_id="ONS-XC-10G-S1" part_num="10-2012-03" serial_number="FNS15200HZ6" slot="PPM-1-16-2" vendor_id="Cisco"></part>
<interface name="CHAN-1-16-2-1" abbr_name="CHAN-1-16-2-1" admin_state="down" spanning_tree_metric="" description="OU 3.7" type="TXP" monitoring_state="no-monitor"></interface>
+ <interface name="VFAC-1-16-1-1" abbr_name="VFAC-1-16-1-1" admin_state="down" spanning_tree_metric="" description="OU 3.9" type="VFAC" monitoring_state="no-monitor"></interface>
+ <interface name="VFAC-1-16-2-1" abbr_name="VFAC-1-16-2-1" admin_state="down" spanning_tree_metric="" description="OU 3.7" type="VFAC" monitoring_state="no-monitor"></interface>
</part>
<part name="AIP-1" description="AIP" hw_version="B1" part_id="AIP" part_num="73-7665-05" serial_number="NWG141708G6" slot="AIP-1" vendor_id="Cisco"></part>
<part name="FAN-1-1" description="FTA" hw_version="B0" part_id="FTA" part_num="800-27558-02" serial_number="FOX1424GEDN" slot="FAN-1-1" vendor_id="Cisco"></part>
@@ -218,10 +222,15 @@
<interface name="CHAN-2-6-2-1" abbr_name="CHAN-2-6-2-1" admin_state="maintenance" spanning_tree_metric="" description="C2 B" type="TXP" monitoring_state="monitor"></interface>
<interface name="CHAN-2-6-3-1" abbr_name="CHAN-2-6-3-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
<interface name="CHAN-2-6-4-1" abbr_name="CHAN-2-6-4-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-6-1-1" abbr_name="VFAC-2-6-1-1" admin_state="maintenance" spanning_tree_metric="" description="C2 A" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-6-2-1" abbr_name="VFAC-2-6-2-1" admin_state="maintenance" spanning_tree_metric="" description="C2 B" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-6-3-1" abbr_name="VFAC-2-6-3-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-6-4-1" abbr_name="VFAC-2-6-4-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
</part>
<part name="SLOT-2-7" description="15454-TCC2P" hw_version="B0" part_id="15454-TCC2P" part_num="800-24766-09" serial_number="CAT1424A1GC" slot="SLOT-2-7" vendor_id="Cisco"></part>
<part name="SLOT-2-8" description="OSCM" hw_version="B0" part_id="OSCM" part_num="800-22341-03" serial_number="CAT1239B0M7" slot="SLOT-2-8" vendor_id="Cisco">
<interface name="LINE-2-8-1" abbr_name="LINE-2-8-1" admin_state="up" spanning_tree_metric="" description="Unknown" type="OSC" monitoring_state="monitor"></interface>
+ <interface name="FAC-2-8-1" abbr_name="FAC-2-8-1" admin_state="up" spanning_tree_metric="" description="" type="FAC" monitoring_state="monitor"></interface>
</part>
<part name="SLOT-2-11" description="15454-TCC2P" hw_version="B0" part_id="15454-TCC2P" part_num="800-24766-09" serial_number="CAT1424A1G5" slot="SLOT-2-11" vendor_id="Cisco"></part>
<part name="SLOT-2-14" description="15454-OTU2-XP=" hw_version="B0" part_id="15454-OTU2-XP=" part_num="800-29414-05" serial_number="CA61627B09L" slot="SLOT-2-14" vendor_id="Cisco" temp_channel="1547.72">
@@ -232,6 +241,10 @@
<interface name="CHAN-2-14-2-1" abbr_name="CHAN-2-14-2-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
<interface name="CHAN-2-14-3-1" abbr_name="CHAN-2-14-3-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
<interface name="CHAN-2-14-4-1" abbr_name="CHAN-2-14-4-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-14-1-1" abbr_name="VFAC-2-14-1-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-14-2-1" abbr_name="VFAC-2-14-2-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-14-3-1" abbr_name="VFAC-2-14-3-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-14-4-1" abbr_name="VFAC-2-14-4-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
</part>
<part name="SLOT-2-15" description="15454-OTU2-XP=" hw_version="B0" part_id="15454-OTU2-XP=" part_num="800-29414-05" serial_number="CA61627B0EL" slot="SLOT-2-15" vendor_id="Cisco" temp_channel="1544.53">
<part name="PPM-2-15-1" description="ONS-XC-10G-S1" hw_version="B" part_id="ONS-XC-10G-S1" part_num="10-2012-03" serial_number="FNS162116FZ" slot="PPM-2-15-1" vendor_id="Cisco"></part>
@@ -241,6 +254,10 @@
<interface name="CHAN-2-15-2-1" abbr_name="CHAN-2-15-2-1" admin_state="down" spanning_tree_metric="" description="" type="TXP" monitoring_state="no-monitor"></interface>
<interface name="CHAN-2-15-3-1" abbr_name="CHAN-2-15-3-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
<interface name="CHAN-2-15-4-1" abbr_name="CHAN-2-15-4-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-15-1-1" abbr_name="VFAC-2-15-1-1" admin_state="maintenance" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-15-2-1" abbr_name="VFAC-2-15-2-1" admin_state="down" spanning_tree_metric="" description="" type="VFAC" monitoring_state="no-monitor"></interface>
+ <interface name="VFAC-2-15-3-1" abbr_name="VFAC-2-15-3-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-15-4-1" abbr_name="VFAC-2-15-4-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
</part>
<part name="SLOT-2-17" description="15454-OTU2-XP=" hw_version="B0" part_id="15454-OTU2-XP=" part_num="800-29414-05" serial_number="CA61628B0DL" slot="SLOT-2-17" vendor_id="Cisco" temp_channel="1546.12">
<part name="PPM-2-17-1" description="ONS-XC-10G-S1" hw_version="B" part_id="ONS-XC-10G-S1" part_num="10-2012-03" serial_number="FNS16211CJJ" slot="PPM-2-17-1" vendor_id="Cisco"></part>
@@ -250,6 +267,10 @@
<interface name="CHAN-2-17-2-1" abbr_name="CHAN-2-17-2-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
<interface name="CHAN-2-17-3-1" abbr_name="CHAN-2-17-3-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
<interface name="CHAN-2-17-4-1" abbr_name="CHAN-2-17-4-1" admin_state="up" spanning_tree_metric="" description="" type="TXP" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-17-1-1" abbr_name="VFAC-2-17-1-1" admin_state="up" spanning_tree_metric="" description="3.8" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-17-2-1" abbr_name="VFAC-2-17-2-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-17-3-1" abbr_name="VFAC-2-17-3-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
+ <interface name="VFAC-2-17-4-1" abbr_name="VFAC-2-17-4-1" admin_state="up" spanning_tree_metric="" description="" type="VFAC" monitoring_state="monitor"></interface>
</part>
<part name="AIP-2" description="AIP" hw_version="B1" part_id="AIP" part_num="73-7665-05" serial_number="NWG141801SE" slot="AIP-2" vendor_id="Cisco"></part>
<part name="FAN-2-1" description="FTA" hw_version="B0" part_id="FTA" part_num="800-27558-02" serial_number="SMG1425F03B" slot="FAN-2-1" vendor_id="Cisco"></part>
Index: configs/perkins-tryon-ps.client.onenet.net
===================================================================
--- configs/perkins-tryon-ps.client.onenet.net (revision 156756)
+++ configs/perkins-tryon-ps.client.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at PERKINS-TYRON-PS-LR-005436> show system commit
-# 2017-09-20 13:57:47 CDT by sky via cli
-# 2017-09-20 13:50:10 CDT by sky via cli
-# 2017-09-13 10:17:25 CDT by sky via cli
-# 2017-09-13 10:16:43 CDT by sky via cli
-# 2017-09-13 10:14:57 CDT by sky via cli
-# 2017-09-13 10:13:54 CDT by sky via cli commit confirmed, rollback in 10mins
+# 2017-09-20 14:46:12 CDT by sky via cli
+# 2017-09-20 14:44:29 CDT by sky via cli
+# 2017-09-20 14:25:29 CDT by sky via cli
+# 2017-09-20 14:22:51 CDT by sky via cli
+# 2017-09-20 14:21:10 CDT by sky via cli
+# 2017-09-20 14:19:17 CDT by sky via cli
# grnoc-mon at PERKINS-TYRON-PS-LR-005436> show chassis environment
# Class Item Status Measurement
# Temp Routing Engine OK
@@ -133,7 +133,7 @@
# Time Source: NTP CLOCK
# System booted: 2017-09-08 10:57 CDT
# Protocols started: 2017-09-08 10:57 CDT
-# Last configured: 2017-09-20 13:57 CDT by sky
+# Last configured: 2017-09-20 14:46 CDT by sky
#
# grnoc-mon at PERKINS-TYRON-PS-LR-005436> show interface terse
#Interface Admin Link
@@ -192,7 +192,7 @@
#vlan up down
#vtep up up
# grnoc-mon at PERKINS-TYRON-PS-LR-005436> show configuration
-## Last commit: 2017-09-20 13:57:47 CDT by sky
+## Last commit: 2017-09-20 14:46:12 CDT by sky
version 15.1X49-D90.7;
system {
host-name PERKINS-TYRON-PS-LR-005436;
@@ -294,7 +294,7 @@
group TRUST-DHCP {
interface ge-0/0/7.0;
}
- group TRUST-WIRELESS-DHCP {
+ group WIRELESS-DHCP {
interface ge-0/0/5.0;
}
}
@@ -390,6 +390,20 @@
}
}
}
+ rule-set WIRELESS-TO-UNTRUST-NAT {
+ from zone WIRELESS;
+ to zone UNTRUST;
+ rule NAT-WIRELESS-TO-UNTRUST {
+ match {
+ source-address 0.0.0.0/0;
+ }
+ then {
+ source-nat {
+ interface;
+ }
+ }
+ }
+ }
}
static {
rule-set UNTRUST-TO-TRUST {
@@ -458,6 +472,18 @@
}
}
}
+ from-zone WIRELESS to-zone UNTRUST {
+ policy WIRELESS-TO-UNTRUST {
+ match {
+ source-address any;
+ destination-address any;
+ application any;
+ }
+ then {
+ permit;
+ }
+ }
+ }
}
zones {
security-zone TRUST {
@@ -471,15 +497,6 @@
}
}
}
- ge-0/0/5.0 {
- host-inbound-traffic {
- system-services {
- dhcp;
- ping;
- traceroute;
- }
- }
- }
}
}
security-zone TEST {
@@ -520,6 +537,19 @@
}
}
}
+ security-zone WIRELESS {
+ interfaces {
+ ge-0/0/5.0 {
+ host-inbound-traffic {
+ system-services {
+ dhcp;
+ ping;
+ traceroute;
+ }
+ }
+ }
+ }
+ }
}
}
interfaces {
@@ -723,6 +753,25 @@
}
}
}
+ pool WIRELESS-POOL {
+ family inet {
+ network 10.119.0.0/22;
+ range WIRELESS-RANGE {
+ low 10.119.0.11;
+ high 10.119.3.250;
+ }
+ dhcp-attributes {
+ domain-name wireless.net;
+ name-server {
+ 208.67.222.222;
+ 208.67.220.220;
+ }
+ router {
+ 10.119.0.1;
+ }
+ }
+ }
+ }
pool TRUST-POOL {
family inet {
network 10.10.0.0/16;
Index: configs/core5.tul.onenet.net
===================================================================
--- configs/core5.tul.onenet.net (revision 156754)
+++ configs/core5.tul.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TULSA-CORE5-MX480-RE0> show system commit
+# 2017-09-20 14:46:53 CDT by andrew via cli commit synchronize
+# 2017-09-20 14:18:14 CDT by andrew via cli commit synchronize
+# 2017-09-20 14:14:25 CDT by andrew via cli commit synchronize
# 2017-09-20 11:05:41 CDT by sean via cli commit synchronize
# 2017-09-20 10:53:19 CDT by sean via cli commit synchronize
# 2017-09-18 13:31:25 CDT by andrew via cli commit synchronize
-# 2017-09-15 09:21:37 CDT by sean via cli commit synchronize
-# 2017-09-13 13:50:41 CDT by andrew via cli commit synchronize
-# 2017-09-13 00:50:00 CDT by joel via cli commit synchronize
# grnoc-mon at TULSA-CORE5-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -502,7 +502,7 @@
# grnoc-mon at TULSA-CORE5-MX480-RE0> show system uptime
# System booted: 2016-08-15 04:47 CDT
# Protocols started: 2016-08-15 04:53 CDT
-# Last configured: 2017-09-20 11:05 CDT by sean
+# Last configured: 2017-09-20 14:46 CDT by andrew
#
# {master}
# grnoc-mon at TULSA-CORE5-MX480-RE0> show interface terse
@@ -992,7 +992,7 @@
#pp0 up up
#tap up up
# grnoc-mon at TULSA-CORE5-MX480-RE0> show configuration
-## Last commit: 2017-09-20 11:05:41 CDT by sean
+## Last commit: 2017-09-20 14:46:53 CDT by andrew
version 13.3R9.13;
groups {
re0 {
@@ -6595,7 +6595,7 @@
family inet {
any;
}
- export NETFLIX-EXPORT;
+ export EBGP-NETFLIX-V4-EXPORT;
neighbor 156.110.3.250 {
description "NETFLIX [NO-MONITOR]";
passive;
@@ -6607,7 +6607,7 @@
family inet6 {
any;
}
- export NETFLIX-EXPORT;
+ export EBGP-NETFLIX-V4-EXPORT;
neighbor 2610:1d8:1400::2 {
description "NETFLIX [NO-MONITOR]";
passive;
@@ -7541,6 +7541,10 @@
}
}
policy-statement EBGP-COX-EXPORT {
+ term STEP-0 {
+ from community ONENET_ADV_UPSTREAM;
+ then accept;
+ }
term STEP-1 {
from policy COMMODITY-PREFIXES-LIST;
then accept;
@@ -7691,7 +7695,7 @@
then reject;
}
term ONENET-COMMUNITIES-SEND {
- from community ONENET_NETFLIX;
+ from community [ ONENET_NETFLIX ONENET_ADV_UPSTREAM ];
then {
metric 10;
accept;
@@ -8002,56 +8006,6 @@
load-balance per-packet;
}
}
- policy-statement NETFLIX-EXPORT {
- term DONT-SEND {
- from community NETFLIX-REJECT;
- then reject;
- }
- term NO-EXPORT {
- from community [ ONENET_NO_NETFLIX ONENET_NO_CACHE ];
- then reject;
- }
- term ONENET-COMMUNITIES-SEND {
- from community ONENET_NETFLIX;
- then {
- metric 10;
- accept;
- }
- }
- term ONENET {
- from policy COMMODITY-PREFIXES-LIST;
- then {
- metric 10;
- accept;
- }
- }
- term ONENET-V6 {
- from {
- route-filter 2610:1d8::/32 exact;
- }
- then {
- metric 10;
- accept;
- }
- }
- term AERON {
- from community AERON-NETFLIX;
- then {
- metric 10;
- accept;
- }
- }
- term GPN {
- from community GPN-NETFLIX;
- then {
- metric 50;
- accept;
- }
- }
- term REJECT-ALL-ELSE {
- then reject;
- }
- }
policy-statement NEXT-HOP-SELF {
term BLACKHOLE {
from community ONENET_BLACKHOLE;
Index: configs/stringtown-high-school.client.onenet.net
===================================================================
--- configs/stringtown-high-school.client.onenet.net (revision 156756)
+++ configs/stringtown-high-school.client.onenet.net (working copy)
@@ -691,7 +691,6 @@
# OSPF instance is not running
#
# grnoc-mon at STRINGTOWN-HIGH-SCHOOL-TAG-004909> show bfd session
-quit
0 sessions, 0 clients
Cumulative transmit rate 0.0 pps, cumulative receive rate 0.0 pps
Index: configs/core1.ptc.onenet.net
===================================================================
--- configs/core1.ptc.onenet.net (revision 156756)
+++ configs/core1.ptc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TULSA-PTC1-MX480-RE0> show system commit
+# 2017-09-20 14:12:21 CDT by andrew via cli commit synchronize
# 2017-09-20 13:51:15 CDT by andrew via cli commit synchronize
# 2017-09-19 14:58:44 CDT by joel via cli commit synchronize
# 2017-09-18 10:46:25 CDT by sean via cli commit synchronize
# 2017-09-14 10:38:36 CDT by joel via cli commit synchronize
# 2017-09-13 14:22:20 CDT by sean via cli commit synchronize
-# 2017-09-12 20:24:03 CDT by andrew via cli commit synchronize
# grnoc-mon at TULSA-PTC1-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -421,7 +421,7 @@
# grnoc-mon at TULSA-PTC1-MX480-RE0> show system uptime
# System booted: 2016-03-17 00:52 CDT
# Protocols started: 2016-03-17 01:01 CDT
-# Last configured: 2017-09-20 13:51 CDT by andrew
+# Last configured: 2017-09-20 14:12 CDT by andrew
#
# {master}
# grnoc-mon at TULSA-PTC1-MX480-RE0> show interface terse
@@ -613,7 +613,7 @@
#pp0 up up
#tap up up
# grnoc-mon at TULSA-PTC1-MX480-RE0> show configuration
-## Last commit: 2017-09-20 13:51:15 CDT by andrew
+## Last commit: 2017-09-20 14:12:21 CDT by andrew
version 13.3R8.7;
groups {
re0 {
@@ -3114,6 +3114,14 @@
next term;
}
}
+ term STEP-0 {
+ from community ONENET_ADV_UPSTREAM;
+ then {
+ metric 100;
+ as-path-prepend "5078 5078 5078";
+ accept;
+ }
+ }
term STEP-1 {
from policy COMMODITY-PREFIXES-LIST;
then {
Index: configs/odmhsas-ncbh-guymon.client.onenet.net
===================================================================
--- configs/odmhsas-ncbh-guymon.client.onenet.net (revision 156741)
+++ configs/odmhsas-ncbh-guymon.client.onenet.net (working copy)
@@ -159,7 +159,7 @@
#ppe0 up up
#st0 up up
#st0.1 up up
-#st0.2 up up
+#st0.2 up down
#tap up up
#vlan up up
#vlan.4 up up
Index: configs/core5.okc.onenet.net
===================================================================
--- configs/core5.okc.onenet.net (revision 156754)
+++ configs/core5.okc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKC-CORE5-MX480-RE0> show system commit
-# 2017-09-20 11:22:44 CDT by sean via cli commit synchronize
-# 2017-09-20 11:16:23 CDT by joel via cli commit synchronize
-# 2017-09-20 11:07:34 CDT by sky via cli commit synchronize
-# 2017-09-20 10:46:43 CDT by joel via cli commit synchronize
-# 2017-09-19 13:20:50 CDT by sky via cli commit synchronize
-# 2017-09-19 13:18:40 CDT by sky via cli commit synchronize
+# 2017-09-20 14:47:30 CDT by andrew via cli commit synchronize
+# 2017-09-20 14:30:28 CDT by sean via cli commit synchronize
+# 2017-09-20 14:28:40 CDT by sean via cli commit synchronize
+# 2017-09-20 14:27:53 CDT by sean via cli commit synchronize
+# 2017-09-20 14:25:43 CDT by sean via cli commit synchronize
+# 2017-09-20 14:22:58 CDT by sean via cli commit synchronize
# grnoc-mon at OKC-CORE5-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -561,7 +561,7 @@
# grnoc-mon at OKC-CORE5-MX480-RE0> show system uptime
# System booted: 2016-10-12 08:16 CDT
# Protocols started: 2016-10-12 08:18 CDT
-# Last configured: 2017-09-20 11:22 CDT by sean
+# Last configured: 2017-09-20 14:47 CDT by andrew
#
# {master}
# grnoc-mon at OKC-CORE5-MX480-RE0> show interface terse
@@ -1424,7 +1424,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKC-CORE5-MX480-RE0> show configuration
-## Last commit: 2017-09-20 11:22:44 CDT by sean
+## Last commit: 2017-09-20 14:47:30 CDT by andrew
version 13.3R9.13;
groups {
re0 {
@@ -12247,7 +12247,7 @@
then reject;
}
term ONENET-COMMUNITIES-SEND {
- from community ONENET_ADV_AKAMAI;
+ from community [ ONENET_ADV_AKAMAI ONENET_ADV_UPSTREAM ];
then accept;
}
term ONENET-ROUTES {
Index: configs/core1.dc.onenet.net
===================================================================
--- configs/core1.dc.onenet.net (revision 156558)
+++ configs/core1.dc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at MX480_DC_01_RE0> show system commit
+# 2017-09-20 14:22:58 CDT by andrew via cli commit synchronize
# 2017-09-13 00:47:12 CDT by joel via cli commit synchronize
# 2017-09-13 00:42:41 CDT by joel via cli commit synchronize
# 2017-09-13 00:40:14 CDT by joel via cli commit confirmed, rollback in 3mins synchronize
# 2017-09-12 09:39:16 CDT by joel via cli commit synchronize
# 2017-09-12 09:37:48 CDT by root via other
-# 2017-09-12 09:32:02 CDT by joel via cli commit confirmed, rollback in 5mins synchronize
# grnoc-mon at MX480_DC_01_RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -435,7 +435,7 @@
# grnoc-mon at MX480_DC_01_RE0> show system uptime
# System booted: 2014-08-25 20:38 CDT
# Protocols started: 2014-08-25 20:39 CDT
-# Last configured: 2017-09-13 00:47 CDT by joel
+# Last configured: 2017-09-20 14:22 CDT by andrew
#
# {master}
# grnoc-mon at MX480_DC_01_RE0> show interface terse
@@ -729,7 +729,7 @@
#pp0 up up
#tap up up
# grnoc-mon at MX480_DC_01_RE0> show configuration
-## Last commit: 2017-09-13 00:47:12 CDT by joel
+## Last commit: 2017-09-20 14:22:58 CDT by andrew
version 12.3R7.7;
groups {
re0 {
@@ -3727,6 +3727,7 @@
routing-options {
static {
route 10.0.252.0/22 next-hop 10.199.5.34;
+ route 10.199.5.32/31 next-hop 10.199.5.34;
}
router-id 10.197.8.249;
}
More information about the Nocrancid
mailing list