diff options
Diffstat (limited to 'examples/tg15/netconf/sw1.south.cfg')
| -rw-r--r-- | examples/tg15/netconf/sw1.south.cfg | 263 |
1 files changed, 263 insertions, 0 deletions
diff --git a/examples/tg15/netconf/sw1.south.cfg b/examples/tg15/netconf/sw1.south.cfg new file mode 100644 index 0000000..c81b991 --- /dev/null +++ b/examples/tg15/netconf/sw1.south.cfg @@ -0,0 +1,263 @@ +## Last commit: 2015-04-02 09:04:25 CEST by technet +version 14.1X53-D15.2; +system { + host-name sw1-south; + auto-snapshot; + time-zone Europe/Oslo; + authentication-order [ tacplus password ]; + root-authentication { + } + name-server { + 2a02:ed02:1ee7::66; + 2a02:ed02:1337::2; + } + login { + user technet { + uid 2000; + class super-user; + authentication { + } + } + } + services { + ssh { + root-login deny; + } + netconf { + ssh; + } + } + syslog { + user * { + any emergency; + } + file messages { + any notice; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } + ntp { + server 2001:700:100:2::6; + } +} +chassis { + aggregated-devices { + ethernet { + device-count 1; + } + } + alarm { + management-ethernet { + link-down ignore; + } + } +} +interfaces { + interface-range edge-ports { + member-range ge-0/0/0 to ge-0/0/43; + description Clients; + unit 0 { + family ethernet-switching { + port-mode access; + vlan { + members clients; + } + } + } + } + interface-range core-ports { + member-range ge-0/0/44 to ge-0/0/47; + description "rs1.south ge-0/0/45"; + ether-options { + 802.3ad ae0; + } + } + ae0 { + description "rs1.south ge-0/0/45"; + aggregated-ether-options { + lacp { + active; + } + } + unit 0 { + family ethernet-switching { + port-mode trunk; + vlan { + members [ clients mgmt ]; + } + } + } + } + vlan { + unit 666 { + description "MGMT L3 interface"; + family inet { + filter { + input v4-mgmt; + } + address 151.216.183.98/27; + } + family inet6 { + filter { + input v6-mgmt; + } + address 2a02:ed02:1836::98/64; + } + } + } +} +snmp { + view ifpoll { + oid 1.3.6.1.2.1.1 include; + oid 1.3.6.1.2.1.2 include; + oid 1.3.6.1.4.1.2636.3.1.13.1.5 include; + } + community <removed> { + client-list-name mgmt; + } + community <removed> { + view ifpoll; + authorization read-only; + client-list-name mgmt; + } + community <removed> { + authorization read-write; + client-list-name mgmt; + } + community <removed> { + authorization read-write; + clients { + 151.216.254.32/24; + } + } +} +routing-options { + rib inet.0 { + static { + route 0.0.0.0/0 next-hop 151.216.183.97; + } + } + rib inet6.0 { + static { + route ::/0 next-hop 2a02:ed02:1836::1; + } + } +} +protocols { + sflow { + sample-rate { + ingress 10000; + egress 10000; + } + collector <removed>; + interfaces core-ports; + interfaces edge-ports; + } + igmp-snooping { + vlan all { + version 3; + immediate-leave; + } + } + mld-snooping { + vlan all { + version 2; + immediate-leave; + } + } + rstp { + bridge-priority 8k; + interface edge-ports { + edge; + no-root-port; + } + } + lldp { + interface ae0.0; + } +} +policy-options { + prefix-list v4-mgmt { + /* NOC clients */ + 151.216.254.0/24; + /* Servers */ + 185.12.59.0/26; + } + prefix-list v6-mgmt { + /* NOC clients */ + 2a02:ed02:254::/64; + /* Servers */ + 2a02:ed02:1337::/64; + } + prefix-list mgmt { + /* NOC clients */ + 151.216.254.0/24; + /* Servers */ + 185.12.59.0/26; + /* NOC clients */ + 2a02:ed02:254::/64; + /* Servers */ + 2a02:ed02:1337::/64; + } + +} +firewall { + family inet { + filter v4-mgmt { + term accept-ssh { + from { + source-prefix-list { + v4-mgmt; + } + destination-port 22; + } + then accept; + } + term discard-ssh { + from { + destination-port 22; + } + then { + discard; + } + } + term accept-all { + then accept; + } + } + } + family inet6 { + filter v6-mgmt { + term accept-ssh { + from { + source-prefix-list { + v6-mgmt; + } + destination-port 22; + } + then accept; + } + term discard-ssh { + from { + destination-port 22; + } + then discard; + } + term accept-all { + then accept; + } + } + } +} +vlans { + clients { + vlan-id 234; + } + mgmt { + vlan-id 666; + l3-interface vlan.666; + } +} |