[Nocrancid] autopop-onenet.net router config diffs
rancid at rancid.noc.onenet.net
rancid at rancid.noc.onenet.net
Fri Sep 22 23:05:06 CDT 2017
Index: configs/core.okcbok.onenet.net
===================================================================
--- configs/core.okcbok.onenet.net (revision 156807)
+++ configs/core.okcbok.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OKCBOK-MX80> show system commit
+# 2017-09-22 22:19:19 CDT by andrew via cli
# 2017-09-22 10:14:28 CDT by andrew via cli
# 2017-09-21 10:53:15 CDT by andrew via cli
# 2017-09-12 16:15:16 CDT by sky via cli
# 2017-09-12 16:14:08 CDT by sky via cli
# 2017-09-12 16:12:36 CDT by sky via cli
-# 2017-09-12 16:09:31 CDT by sky via cli
# grnoc-mon at OKCBOK-MX80> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -261,7 +261,7 @@
# grnoc-mon at OKCBOK-MX80> show system uptime
# System booted: 2016-03-17 01:22 CDT
# Protocols started: 2016-03-17 01:25 CDT
-# Last configured: 2017-09-22 10:14 CDT by andrew
+# Last configured: 2017-09-22 22:19 CDT by andrew
#
# grnoc-mon at OKCBOK-MX80> show interface terse
#Interface Admin Link
@@ -367,7 +367,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OKCBOK-MX80> show configuration
-## Last commit: 2017-09-22 10:14:28 CDT by andrew
+## Last commit: 2017-09-22 22:19:19 CDT by andrew
version 13.3R8.7;
groups {
ISIS-L2-INTERFACE {
@@ -1248,9 +1248,9 @@
}
neighbor 164.58.9.26 {
description EBGP-PEER-DOBSON-10G-CIR0019095;
- import EBGP-DOBSON-IMPORT;
+ import EBGP-DOBSON-V4-IMPORT;
# authentication-#key <removed>;
- export EBGP-DOBSON-EXPORT;
+ export EBGP-DOBSON-V4-EXPORT;
remove-private;
peer-as 30029;
}
@@ -1433,7 +1433,7 @@
prefix-list PRE-L0-SOURCES {
apply-path "interfaces lo0 unit <*> family inet address <164.*>";
}
- prefix-list EBGP-DOBSON-PREFIXES {
+ prefix-list EBGP-DOBSON-V4-PREFIXES {
23.236.16.0/20;
64.19.96.0/19;
74.113.168.0/21;
@@ -1451,6 +1451,22 @@
prefix-list PRE-BGP-RI-ALLOW {
apply-path "routing-instances <*> protocols bgp group <*> neighbor <*>";
}
+ prefix-list BOGONS-V4-PREFIXES {
+ 0.0.0.0/8;
+ 10.0.0.0/8;
+ 100.64.0.0/10;
+ 127.0.0.0/8;
+ 169.254.0.0/16;
+ 172.16.0.0/12;
+ 192.0.0.0/24;
+ 192.0.2.0/24;
+ 192.168.0.0/16;
+ 198.18.0.0/15;
+ 198.51.100.0/24;
+ 203.0.113.0/24;
+ 224.0.0.0/4;
+ 240.0.0.0/4;
+ }
policy-statement COMMODITY-PREFIXES-LIST {
term PREFIXES {
from {
@@ -1682,13 +1698,19 @@
then reject;
}
}
- policy-statement EBGP-DOBSON-EXPORT {
+ policy-statement EBGP-DOBSON-V4-EXPORT {
term REJECT-DEFAULT {
from {
route-filter 0.0.0.0/0 exact;
}
then reject;
}
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
term REJECT-25-ORLONGER {
from {
route-filter 0.0.0.0/0 prefix-length-range /25-/32;
@@ -1696,11 +1718,11 @@
then reject;
}
term REJECT-NO-ADVERTISE-COMMUNITY {
- from community ONENET_NO_ADVERTISE;
+ from community ONENET_E_NO_ADVERTISE;
then reject;
}
term REJECT-NO-PEER-COMMUNITY {
- from community ONENET_NO_PEER;
+ from community ONENET_E_NO_PEER;
then reject;
}
term SEND-UPSTREAM-COMMUNITY {
@@ -1719,17 +1741,23 @@
then reject;
}
}
- policy-statement EBGP-DOBSON-IMPORT {
+ policy-statement EBGP-DOBSON-V4-IMPORT {
term REJECT-DEFAULT {
from {
route-filter 0.0.0.0/0 exact;
}
then reject;
}
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
term CHECK-BLACKHOLE-LENGTH {
from {
community ONENET_BLACKHOLE;
- route-filter 0.0.0.0/0 prefix-length-range /24-/32;
+ route-filter 0.0.0.0/0 prefix-length-range /32-/32;
}
then next term;
}
@@ -1737,11 +1765,11 @@
from {
as-path-group EBGP-DOBSON-AS-PATHS;
community ONENET_BLACKHOLE;
- prefix-list-filter EBGP-DOBSON-PREFIXES orlonger;
+ prefix-list-filter EBGP-DOBSON-V4-PREFIXES orlonger;
}
then {
community set ONENET_BLACKHOLE;
- community add ONENET_PEER_DOBSON;
+ community add ONENET_SRC_PEER;
next-hop 192.0.2.1;
accept;
}
@@ -1755,7 +1783,7 @@
term DELETE-PROHIBITED-COMMUNITIES {
from {
as-path-group EBGP-DOBSON-AS-PATHS;
- prefix-list-filter EBGP-DOBSON-PREFIXES orlonger;
+ prefix-list-filter EBGP-DOBSON-V4-PREFIXES orlonger;
}
then {
community delete NON_ONENET;
@@ -1766,12 +1794,11 @@
term ACCEPT-ROUTES {
from {
as-path-group EBGP-DOBSON-AS-PATHS;
- prefix-list-filter EBGP-DOBSON-PREFIXES orlonger;
+ prefix-list-filter EBGP-DOBSON-V4-PREFIXES orlonger;
}
then {
community add ONENET_SRC_PEER;
- community add ONENET_NETFLIX;
- community add ONENET_PEER_DOBSON;
+ community add ONENET_ADV_NETFLIX;
community add ONENET_ADV_AKAMAI;
community add ONENET_ADV_FACEBOOK;
community add ONENET_ADV_GGC;
@@ -2020,11 +2047,19 @@
community ONENET_ADV_AKAMAI members 5078:5400;
community ONENET_ADV_FACEBOOK members 5078:5500;
community ONENET_ADV_GGC members 5078:5600;
+ community ONENET_ADV_NETFLIX members 5078:5300;
community ONENET_ADV_PEER members 5078:5200;
+ community ONENET_ADV_RESEARCH members 5078:5100;
community ONENET_ADV_UPSTREAM members 5078:5000;
community ONENET_ADV_VALVE members 5078:5700;
community ONENET_BLACKHOLE members 5078:911;
community ONENET_ENGINEERING members "5078:[023456789].*";
+ community ONENET_E_NO_ADVERTISE members 5078:10999;
+ community ONENET_E_NO_CACHE members 5078:10989;
+ community ONENET_E_NO_COMMODITY members 5078:10909;
+ community ONENET_E_NO_CUSTOMER members 5078:10939;
+ community ONENET_E_NO_PEER members 5078:10929;
+ community ONENET_E_NO_RESEARCH members 5078:10919;
community ONENET_NETFLIX members 5078:5300;
community ONENET_NO_ADVERTISE members 5078:10991;
community ONENET_NO_PEER members 5078:10921;
Index: configs/core1.nor.onenet.net
===================================================================
--- configs/core1.nor.onenet.net (revision 156717)
+++ configs/core1.nor.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at NORMAN1-MX480-RE0> show system commit
+# 2017-09-22 22:47:52 CDT by andrew via cli commit synchronize
# 2017-09-13 14:09:48 CDT by sean via cli commit synchronize
# 2017-09-11 11:43:37 CDT by andrew via cli commit synchronize
# 2017-09-11 11:42:18 CDT by andrew via cli commit synchronize
# 2017-08-21 22:16:25 CDT by andrew via cli commit synchronize
# 2017-07-30 12:30:12 CDT by andrew via cli commit synchronize
-# 2017-07-29 21:19:43 CDT by andrew via cli commit synchronize
# grnoc-mon at NORMAN1-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -538,7 +538,7 @@
# grnoc-mon at NORMAN1-MX480-RE0> show system uptime
# System booted: 2016-04-03 01:22 CDT
# Protocols started: 2016-04-03 01:28 CDT
-# Last configured: 2017-09-13 14:09 CDT by sean
+# Last configured: 2017-09-22 22:47 CDT by andrew
#
# {master}
# grnoc-mon at NORMAN1-MX480-RE0> show interface terse
@@ -829,7 +829,7 @@
#pp0 up up
#tap up up
# grnoc-mon at NORMAN1-MX480-RE0> show configuration
-## Last commit: 2017-09-13 14:09:48 CDT by sean
+## Last commit: 2017-09-22 22:47:52 CDT by andrew
version 13.3R9.13;
groups {
re0 {
@@ -3099,7 +3099,7 @@
}
then {
community add ONENET_SRC_PEER;
- community add ONENET_NETFLIX;
+ community add ONENET_ADV_NETFLIX;
community add ONENET_ADV_AKAMAI;
community add ONENET_ADV_FACEBOOK;
community add ONENET_ADV_GGC;
@@ -3446,7 +3446,6 @@
community ONENET_E_NO_CUSTOMER members 5078:10939;
community ONENET_E_NO_PEER members 5078:10929;
community ONENET_E_NO_RESEARCH members 5078:10919;
- community ONENET_NETFLIX members 5078:5300;
community ONENET_PEER_ATLINK members 5078:22898;
community ONENET_SRC_COMMODITY members 5078:4000;
community ONENET_SRC_CUSTOMER members 5078:4300;
Index: configs/core4.tul.onenet.net
===================================================================
--- configs/core4.tul.onenet.net (revision 156811)
+++ configs/core4.tul.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TULSA-CORE4-MX480-RE0> show system commit
+# 2017-09-22 22:59:16 CDT by andrew via cli commit synchronize
+# 2017-09-22 22:58:50 CDT by andrew via cli commit synchronize
# 2017-09-22 14:43:39 CDT by sean via cli commit synchronize
# 2017-09-22 10:09:34 CDT by sean via cli commit synchronize
# 2017-09-20 14:45:12 CDT by andrew via cli commit synchronize
# 2017-09-13 14:13:49 CDT by andrew via cli commit synchronize
-# 2017-09-13 14:13:04 CDT by andrew via cli commit synchronize
-# 2017-09-12 23:19:16 CDT by joel via cli commit confirmed, rollback in 5mins synchronize
# grnoc-mon at TULSA-CORE4-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -507,7 +507,7 @@
# grnoc-mon at TULSA-CORE4-MX480-RE0> show system uptime
# System booted: 2016-08-15 04:31 CDT
# Protocols started: 2016-08-15 04:34 CDT
-# Last configured: 2017-09-22 14:43 CDT by sean
+# Last configured: 2017-09-22 22:59 CDT by andrew
#
# {master}
# grnoc-mon at TULSA-CORE4-MX480-RE0> show interface terse
@@ -851,7 +851,7 @@
#pp0 up up
#tap up up
# grnoc-mon at TULSA-CORE4-MX480-RE0> show configuration
-## Last commit: 2017-09-22 14:43:39 CDT by sean
+## Last commit: 2017-09-22 22:59:16 CDT by andrew
version 13.3R9.13;
groups {
re0 {
@@ -4303,6 +4303,40 @@
}
}
policy-statement EBGP-MBO-V4-EXPORT {
+ term REJECT-DEFAULT {
+ from {
+ route-filter 0.0.0.0/0 exact;
+ }
+ then reject;
+ }
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
+ term REJECT-25-ORLONGER {
+ from {
+ route-filter 0.0.0.0/0 prefix-length-range /25-/32;
+ }
+ then reject;
+ }
+ term REJECT-NO-ADVERTISE-COMMUNITY {
+ from community ONENET_E_NO_ADVERTISE;
+ then reject;
+ }
+ term REJECT-NO-PEER-COMMUNITY {
+ from community ONENET_E_NO_PEER;
+ then reject;
+ }
+ term SEND-UPSTREAM-COMMUNITY {
+ from community ONENET_ADV_UPSTREAM;
+ then accept;
+ }
+ term SEND-PEER-COMMUNITY {
+ from community ONENET_ADV_PEER;
+ then accept;
+ }
term EXPORT-INTERNAL {
from policy COMMODITY-PREFIXES-LIST;
then accept;
@@ -4318,10 +4352,16 @@
}
then reject;
}
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
term CHECK-BLACKHOLE-LENGTH {
from {
community ONENET_BLACKHOLE;
- route-filter 0.0.0.0/0 prefix-length-range /24-/32;
+ route-filter 0.0.0.0/0 prefix-length-range /32-/32;
}
then next term;
}
@@ -4332,7 +4372,7 @@
}
then {
community set ONENET_BLACKHOLE;
- community add ONENET_PEER_MBO;
+ community add ONENET_SRC_PEER;
next-hop 192.0.2.1;
accept;
}
@@ -4359,12 +4399,12 @@
}
then {
community add ONENET_SRC_PEER;
- community add ONENET_NETFLIX;
- community add ONENET_PEER_MBO;
+ community add ONENET_ADV_NETFLIX;
community add ONENET_ADV_AKAMAI;
+ community add ONENET_ADV_GGC;
+ community add ONENET_ADV_VALVE;
community add ONENET_ADV_FACEBOOK;
- community add ONENET_ADV_VALVE;
- community add ONENET_ADV_GGC;
+ next-hop peer-address;
accept;
}
}
@@ -5047,7 +5087,6 @@
community ONENET_E_NO_CUSTOMER members 5078:10939;
community ONENET_E_NO_PEER members 5078:10929;
community ONENET_E_NO_RESEARCH members 5078:10919;
- community ONENET_NETFLIX members 5078:5300;
community ONENET_NOFACEBOOK members 5078:10621;
community ONENET_NO_CACHE members 5078:10691;
community ONENET_NO_NETFLIX members 5078:10601;
Index: configs/core.rack59.onenet.net
===================================================================
--- configs/core.rack59.onenet.net (revision 156757)
+++ configs/core.rack59.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at RACK59-MX480-RE0> show system commit
+# 2017-09-22 22:41:31 CDT by andrew via cli commit synchronize
# 2017-09-20 14:46:17 CDT by andrew via cli commit synchronize
# 2017-09-20 14:12:24 CDT by andrew via cli commit synchronize
# 2017-09-20 09:49:09 CDT by andrew via cli commit synchronize
# 2017-09-19 20:58:34 CDT by andrew via cli commit synchronize
# 2017-09-19 20:41:33 CDT by andrew via cli commit synchronize
-# 2017-09-15 09:37:53 CDT by andrew via cli commit synchronize
# grnoc-mon at RACK59-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -446,7 +446,7 @@
# grnoc-mon at RACK59-MX480-RE0> show system uptime
# System booted: 2016-03-30 08:27 CDT
# Protocols started: 2016-03-30 08:30 CDT
-# Last configured: 2017-09-20 14:46 CDT by andrew
+# Last configured: 2017-09-22 22:41 CDT by andrew
#
# {master}
# grnoc-mon at RACK59-MX480-RE0> show interface terse
@@ -591,7 +591,7 @@
#pp0 up up
#tap up up
# grnoc-mon at RACK59-MX480-RE0> show configuration
-## Last commit: 2017-09-20 14:46:17 CDT by andrew
+## Last commit: 2017-09-22 22:41:31 CDT by andrew
version 13.3R9.13;
groups {
re0 {
@@ -2053,6 +2053,40 @@
}
}
policy-statement EBGP-ATLINK-V4-EXPORT {
+ term REJECT-DEFAULT {
+ from {
+ route-filter 0.0.0.0/0 exact;
+ }
+ then reject;
+ }
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
+ term REJECT-25-ORLONGER {
+ from {
+ route-filter 0.0.0.0/0 prefix-length-range /25-/32;
+ }
+ then reject;
+ }
+ term REJECT-NO-ADVERTISE-COMMUNITY {
+ from community ONENET_E_NO_ADVERTISE;
+ then reject;
+ }
+ term REJECT-NO-PEER-COMMUNITY {
+ from community ONENET_E_NO_PEER;
+ then reject;
+ }
+ term SEND-UPSTREAM-COMMUNITY {
+ from community ONENET_ADV_UPSTREAM;
+ then accept;
+ }
+ term SEND-PEER-COMMUNITY {
+ from community ONENET_ADV_PEER;
+ then accept;
+ }
term EXPORT-INTERNAL {
from policy COMMODITY-PREFIXES-LIST;
then accept;
@@ -2068,10 +2102,16 @@
}
then reject;
}
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
term CHECK-BLACKHOLE-LENGTH {
from {
community ONENET_BLACKHOLE;
- route-filter 0.0.0.0/0 prefix-length-range /24-/32;
+ route-filter 0.0.0.0/0 prefix-length-range /32-/32;
}
then next term;
}
@@ -2082,7 +2122,7 @@
}
then {
community set ONENET_BLACKHOLE;
- community add ONENET_PEER_ATLINK;
+ community add ONENET_SRC_PEER;
next-hop 192.0.2.1;
accept;
}
@@ -2109,10 +2149,10 @@
}
then {
community add ONENET_SRC_PEER;
- community add ONENET_NETFLIX;
- community add ONENET_PEER_ATLINK;
+ community add ONENET_ADV_NETFLIX;
community add ONENET_ADV_AKAMAI;
community add ONENET_ADV_FACEBOOK;
+ next-hop peer-address;
accept;
}
}
@@ -2340,7 +2380,7 @@
then reject;
}
term ONENET-COMMUNITIES-SEND {
- from community [ ONENET_NETFLIX ONENET_ADV_UPSTREAM ];
+ from community [ ONENET_ADV_NETFLIX ONENET_ADV_UPSTREAM ];
then {
metric 10;
accept;
@@ -2518,7 +2558,7 @@
}
then {
community add ONENET_SRC_PEER;
- community add ONENET_NETFLIX;
+ community add ONENET_ADV_NETFLIX;
community add ONENET_ADV_AKAMAI;
community add ONENET_ADV_FACEBOOK;
community add ONENET_ADV_GGC;
@@ -2832,7 +2872,6 @@
community ONENET_E_NO_CUSTOMER members 5078:10939;
community ONENET_E_NO_PEER members 5078:10929;
community ONENET_E_NO_RESEARCH members 5078:10919;
- community ONENET_NETFLIX members 5078:5300;
community ONENET_PEER_ATLINK members 5078:22898;
community ONENET_SRC_COMMODITY members 5078:4000;
community ONENET_SRC_CUSTOMER members 5078:4300;
Index: configs/core1.ptc.onenet.net
===================================================================
--- configs/core1.ptc.onenet.net (revision 156793)
+++ configs/core1.ptc.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at TULSA-PTC1-MX480-RE0> show system commit
+# 2017-09-22 22:52:43 CDT by andrew via cli commit synchronize
# 2017-09-21 06:48:38 CDT by andrew via cli commit synchronize
# 2017-09-21 06:43:02 CDT by andrew via cli commit synchronize
# 2017-09-21 06:40:33 CDT by andrew via cli commit synchronize
# 2017-09-21 06:30:49 CDT by andrew via cli commit synchronize
# 2017-09-20 14:12:21 CDT by andrew via cli commit synchronize
-# 2017-09-20 13:51:15 CDT by andrew via cli commit synchronize
# grnoc-mon at TULSA-PTC1-MX480-RE0> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -421,7 +421,7 @@
# grnoc-mon at TULSA-PTC1-MX480-RE0> show system uptime
# System booted: 2016-03-17 00:52 CDT
# Protocols started: 2016-03-17 01:01 CDT
-# Last configured: 2017-09-21 06:48 CDT by andrew
+# Last configured: 2017-09-22 22:52 CDT by andrew
#
# {master}
# grnoc-mon at TULSA-PTC1-MX480-RE0> show interface terse
@@ -613,7 +613,7 @@
#pp0 up up
#tap up up
# grnoc-mon at TULSA-PTC1-MX480-RE0> show configuration
-## Last commit: 2017-09-21 06:48:38 CDT by andrew
+## Last commit: 2017-09-22 22:52:43 CDT by andrew
version 13.3R8.7;
groups {
re0 {
@@ -2307,8 +2307,8 @@
}
neighbor 164.58.9.34 {
description EBGP-PEER-BTC-10G-CIR0019097;
- import EBGP-BTC-IMPORT;
- export EBGP-BTC-EXPORT;
+ import EBGP-BTC-V4-IMPORT;
+ export EBGP-BTC-V4-EXPORT;
remove-private;
peer-as 19021;
}
@@ -2680,7 +2680,7 @@
prefix-list PRE-L0-SOURCES {
apply-path "interfaces lo0 unit <*> family inet address <164.*>";
}
- prefix-list EBGP-BTC-PREFIXES {
+ prefix-list EBGP-BTC-V4-PREFIXES {
12.53.46.0/24;
67.217.144.0/20;
76.225.46.0/25;
@@ -2999,7 +2999,41 @@
then reject;
}
}
- policy-statement EBGP-BTC-EXPORT {
+ policy-statement EBGP-BTC-V4-EXPORT {
+ term REJECT-DEFAULT {
+ from {
+ route-filter 0.0.0.0/0 exact;
+ }
+ then reject;
+ }
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
+ term REJECT-25-ORLONGER {
+ from {
+ route-filter 0.0.0.0/0 prefix-length-range /25-/32;
+ }
+ then reject;
+ }
+ term REJECT-NO-ADVERTISE-COMMUNITY {
+ from community ONENET_E_NO_ADVERTISE;
+ then reject;
+ }
+ term REJECT-NO-PEER-COMMUNITY {
+ from community ONENET_E_NO_PEER;
+ then reject;
+ }
+ term SEND-UPSTREAM-COMMUNITY {
+ from community ONENET_ADV_UPSTREAM;
+ then accept;
+ }
+ term SEND-PEER-COMMUNITY {
+ from community ONENET_ADV_PEER;
+ then accept;
+ }
term EXPORT-INTERNAL {
from policy COMMODITY-PREFIXES-LIST;
then accept;
@@ -3008,28 +3042,34 @@
then reject;
}
}
- policy-statement EBGP-BTC-IMPORT {
+ policy-statement EBGP-BTC-V4-IMPORT {
term REJECT-DEFAULT {
from {
route-filter 0.0.0.0/0 exact;
}
then reject;
}
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
term CHECK-BLACKHOLE-LENGTH {
from {
community ONENET_BLACKHOLE;
- route-filter 0.0.0.0/0 prefix-length-range /24-/32;
+ route-filter 0.0.0.0/0 prefix-length-range /32-/32;
}
then next term;
}
term ACCEPT-BLACKHOLE {
from {
community ONENET_BLACKHOLE;
- prefix-list-filter EBGP-BTC-PREFIXES orlonger;
+ prefix-list-filter EBGP-BTC-V4-PREFIXES orlonger;
}
then {
community set ONENET_BLACKHOLE;
- community add ONENET_PEER_BTC;
+ community add ONENET_SRC_PEER;
next-hop 192.0.2.1;
accept;
}
@@ -3042,7 +3082,7 @@
}
term DELETE-PROHIBITED-COMMUNITIES {
from {
- prefix-list-filter EBGP-BTC-PREFIXES orlonger;
+ prefix-list-filter EBGP-BTC-V4-PREFIXES orlonger;
}
then {
community delete NON_ONENET;
@@ -3052,16 +3092,16 @@
}
term ACCEPT-ROUTES {
from {
- prefix-list-filter EBGP-BTC-PREFIXES orlonger;
+ prefix-list-filter EBGP-BTC-V4-PREFIXES orlonger;
}
then {
community add ONENET_SRC_PEER;
- community add ONENET_NETFLIX;
- community add ONENET_PEER_BTC;
+ community add ONENET_ADV_NETFLIX;
community add ONENET_ADV_AKAMAI;
community add ONENET_ADV_GGC;
community add ONENET_ADV_VALVE;
community add ONENET_ADV_FACEBOOK;
+ next-hop peer-address;
accept;
}
}
@@ -3718,7 +3758,6 @@
community ONENET_E_NO_CUSTOMER members 5078:10939;
community ONENET_E_NO_PEER members 5078:10929;
community ONENET_E_NO_RESEARCH members 5078:10919;
- community ONENET_NETFLIX members 5078:5300;
community ONENET_PEER_BTC members 5078:11650;
community ONENET_SRC_COMMODITY members 5078:4000;
community ONENET_SRC_CUSTOMER members 5078:4300;
Index: configs/core.owtccla.onenet.net
===================================================================
--- configs/core.owtccla.onenet.net (revision 156764)
+++ configs/core.owtccla.onenet.net (working copy)
@@ -1,12 +1,12 @@
# RANCID-CONTENT-TYPE: juniper
#
# grnoc-mon at OWTCCLA-MX40> show system commit
+# 2017-09-22 22:30:46 CDT by andrew via cli
+# 2017-09-22 22:21:42 CDT by andrew via cli
# 2017-09-16 00:56:13 CDT by andrew via cli
# 2017-09-10 13:26:02 CDT by andrew via cli
# 2017-09-10 13:24:01 CDT by andrew via cli
# 2017-09-07 17:46:22 CDT by andrew via cli
-# 2017-09-05 13:29:40 CDT by sky via cli
-# 2017-09-05 11:33:02 CDT by sky via cli
# grnoc-mon at OWTCCLA-MX40> show chassis environment
# Class Item Status Measurement
# Temp PEM 0 OK
@@ -266,7 +266,7 @@
# grnoc-mon at OWTCCLA-MX40> show system uptime
# System booted: 2017-06-19 01:45 CDT
# Protocols started: 2017-06-19 01:48 CDT
-# Last configured: 2017-09-16 00:56 CDT by andrew
+# Last configured: 2017-09-22 22:30 CDT by andrew
#
# grnoc-mon at OWTCCLA-MX40> show interface terse
#Interface Admin Link
@@ -368,7 +368,7 @@
#pp0 up up
#tap up up
# grnoc-mon at OWTCCLA-MX40> show configuration
-## Last commit: 2017-09-16 00:56:13 CDT by andrew
+## Last commit: 2017-09-22 22:30:46 CDT by andrew
version 13.3R9.13;
groups {
ISIS-L2-INTERFACE {
@@ -1261,6 +1261,40 @@
}
}
policy-statement EBGP-OWTC-V4-EXPORT {
+ term REJECT-DEFAULT {
+ from {
+ route-filter 0.0.0.0/0 exact;
+ }
+ then reject;
+ }
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
+ term REJECT-25-ORLONGER {
+ from {
+ route-filter 0.0.0.0/0 prefix-length-range /25-/32;
+ }
+ then reject;
+ }
+ term REJECT-NO-ADVERTISE-COMMUNITY {
+ from community ONENET_E_NO_ADVERTISE;
+ then reject;
+ }
+ term REJECT-NO-PEER-COMMUNITY {
+ from community ONENET_E_NO_PEER;
+ then reject;
+ }
+ term SEND-UPSTREAM-COMMUNITY {
+ from community ONENET_ADV_UPSTREAM;
+ then accept;
+ }
+ term SEND-PEER-COMMUNITY {
+ from community ONENET_ADV_PEER;
+ then accept;
+ }
term EXPORT-INTERNAL {
from policy COMMODITY-PREFIXES-LIST;
then accept;
@@ -1276,10 +1310,16 @@
}
then reject;
}
+ term REJECT-BOGONS {
+ from {
+ prefix-list-filter BOGONS-V4-PREFIXES orlonger;
+ }
+ then reject;
+ }
term CHECK-BLACKHOLE-LENGTH {
from {
community ONENET_BLACKHOLE;
- route-filter 0.0.0.0/0 prefix-length-range /24-/32;
+ route-filter 0.0.0.0/0 prefix-length-range /32-/32;
}
then next term;
}
@@ -1290,6 +1330,7 @@
}
then {
community set ONENET_BLACKHOLE;
+ community add ONENET_SRC_PEER;
next-hop 192.0.2.1;
accept;
}
@@ -1321,6 +1362,7 @@
community add ONENET_ADV_AKAMAI;
community add ONENET_ADV_GGC;
community add ONENET_ADV_VALVE;
+ next-hop peer-address;
accept;
}
}
Index: configs/hub.mwc.onenet.net
===================================================================
--- configs/hub.mwc.onenet.net (revision 156819)
+++ configs/hub.mwc.onenet.net (working copy)
@@ -26,6 +26,16 @@
# TFEB 0 TBB PFE Chip OK
# TFEB 0 TFEB PCIE TSen OK
# TFEB 0 TFEB PCIE Chip OK
+# TFEB 0 QX 0 TSen OK
+# TFEB 0 QX 0 Chip OK
+# TFEB 0 LU 0 TSen OK
+# TFEB 0 LU 0 Chip OK
+# TFEB 0 MQ 0 TSen OK
+# TFEB 0 MQ 0 Chip OK
+# TFEB 0 TBB PFE TSen OK
+# TFEB 0 TBB PFE Chip OK
+# TFEB 0 TFEB PCIE TSen OK
+# TFEB 0 TFEB PCIE Chip OK
# Fans Fan 1 OK
# Fan 2 OK
# Fan 3 OK
More information about the Nocrancid
mailing list