aboutsummaryrefslogtreecommitdiffstats
path: root/examples/tg19/netconf/r1.tele.conf
diff options
context:
space:
mode:
Diffstat (limited to 'examples/tg19/netconf/r1.tele.conf')
-rw-r--r--examples/tg19/netconf/r1.tele.conf1035
1 files changed, 1035 insertions, 0 deletions
diff --git a/examples/tg19/netconf/r1.tele.conf b/examples/tg19/netconf/r1.tele.conf
new file mode 100644
index 0000000..c1edcf1
--- /dev/null
+++ b/examples/tg19/netconf/r1.tele.conf
@@ -0,0 +1,1035 @@
+## Last changed: 2019-04-18 15:01:18 CEST
+## Image name: jinstall-host-qfx-5-17.3R3.10-signed.tgz
+
+version 17.3R3.10;
+system {
+ host-name r1.tele;
+ # Tar snapshot fra backup til primærpartisjon dersom primær ikke kommer
+ # opp ved boot. Etter dette er gjort, rebooter switchen.
+ auto-snapshot;
+ domain-name tg19.gathering.org;
+ time-zone Europe/Oslo;
+ authentication-order tacplus;
+ root-authentication {
+ encrypted-password "<removed>";
+ }
+ name-server {
+ 2a06:5841:a:103::62;
+ 2a06:5841:a:104::126;
+ }
+ tacplus-server {
+ 134.90.150.164 secret "<removed>";
+ 2a02:20c8:1930::164 secret "<removed>";
+ }
+ login {
+ user technet {
+ uid 2000;
+ class super-user;
+ authentication {
+ encrypted-password "<removed>";
+ }
+ }
+ }
+ services {
+ ssh {
+ root-login deny;
+ no-tcp-forwarding;
+ protocol-version v2;
+ client-alive-count-max 2;
+ client-alive-interval 300;
+ connection-limit 50;
+ rate-limit 5;
+ }
+ netconf {
+ ssh {
+ port 830;
+ }
+ }
+ dhcp-local-server {
+ traceoptions {
+ file log-dhcp size 10000000;
+ flag all;
+ }
+ dhcpv6 {
+ group tele-v6 {
+ interface irb.103;
+ }
+ }
+ group tele-v4 {
+ interface irb.103;
+ }
+ }
+ }
+ syslog {
+ user * {
+ any emergency;
+ }
+ host log.tg19.gathering.org {
+ any warning;
+ authorization info;
+ daemon warning;
+ user warning;
+ change-log any;
+ interactive-commands any;
+ match "!(.*License.*)";
+ allow-duplicates;
+ facility-override local7;
+ explicit-priority;
+ }
+ /* Local logging of syslog message */
+ file messages {
+ any notice;
+ authorization info;
+ match "!(.*License.*)";
+ }
+ /* Local logging of all user-commands typed in the CLI */
+ file interactive-commands {
+ interactive-commands any;
+ match "UI_CMDLINE_READ_LINE|UI_COMMIT_COMPLETED";
+ }
+ }
+ /* Save changes to central site */
+ archival {
+ configuration {
+ transfer-on-commit;
+ archive-sites {
+ "scp://user@host/some/folder/" password "<removed>";
+ }
+ }
+ }
+ commit synchronize;
+ ntp {
+ /* ntp.uio.no */
+ server 2001:700:100:2::6;
+ }
+}
+chassis {
+ redundancy {
+ graceful-switchover;
+ }
+ aggregated-devices {
+ ethernet {
+ device-count 50;
+ }
+ }
+ alarm {
+ management-ethernet {
+ link-down ignore;
+ }
+ }
+}
+services {
+ analytics {
+ resource {
+ system {
+ polling-interval {
+ traffic-monitoring 10;
+ }
+ }
+ }
+ streaming-server telemetry_server {
+ remote-address 185.110.149.4;
+ remote-port 5015;
+ }
+ export-profile export_20302 {
+ local-address 185.110.148.64;
+ local-port 20302;
+ reporting-rate 60;
+ format gpb;
+ transport udp;
+ }
+ sensor junos_system_linecard_interface {
+ server-name telemetry_server;
+ export-name export_20302;
+ resource /junos/system/linecard/interface/;
+ }
+ sensor junos_system_linecard_interface_logical_usage {
+ server-name telemetry_server;
+ export-name export_20302;
+ resource /junos/system/linecard/interface/logical/usage/;
+ }
+ sensor optics {
+ server-name telemetry_server;
+ export-name export_20302;
+ resource /junos/system/linecard/optics/;
+ }
+ }
+}
+security {
+ ssh-known-hosts {
+ host <removed> {
+ ecdsa-sha2-nistp256-key <removed>;
+ }
+ }
+}
+interfaces {
+ interface-range all-ports {
+ member ge-*/*/*;
+ member xe-*/*/*;
+ member et-*/*/*;
+ }
+ ge-0/0/0 {
+ description "C: Taempnett Tele";
+ unit 0 {
+ family ethernet-switching {
+ interface-mode access;
+ vlan {
+ members testnett;
+ }
+ }
+ }
+ }
+ ge-0/0/1 {
+ description "C: Tempnett Tele";
+ unit 0 {
+ family ethernet-switching {
+ interface-mode access;
+ vlan {
+ members testnett;
+ }
+ }
+ }
+ }
+ ge-0/0/10 {
+ description TeleCam;
+ unit 0 {
+ family ethernet-switching {
+ vlan {
+ members testnett;
+ }
+ }
+ }
+ }
+ xe-0/0/24 {
+ ether-options {
+ 802.3ad ae5;
+ }
+ }
+ xe-0/0/25 {
+ ether-options {
+ 802.3ad ae8;
+ }
+ }
+ ge-0/0/34 {
+ description "C: ME IPME";
+ unit 0 {
+ family ethernet-switching {
+ vlan {
+ members vlan100;
+ }
+ }
+ }
+ }
+ xe-0/0/41 {
+ description "G: r1.tele (xe-0/0/42) loop-kabel for redundans";
+ ether-options {
+ 802.3ad ae7;
+ }
+ }
+ xe-0/0/42 {
+ description "G: r1.tele (xe-0/0/41) loop-kabel for redundans";
+ ether-options {
+ 802.3ad ae6;
+ }
+ }
+ xe-0/0/43 {
+ description "G: r1.tele (xe-0/0/44) loop-kabel for redundans";
+ ether-options {
+ 802.3ad ae7;
+ }
+ }
+ xe-0/0/44 {
+ description "G: r1.tele (xe-0/0/43) loop-kabel for redundans";
+ ether-options {
+ 802.3ad ae6;
+ }
+ }
+ xe-0/0/45 {
+ description "G: Telenor (ae0)";
+ ether-options {
+ 802.3ad ae0;
+ }
+ }
+ xe-0/0/46 {
+ description "G: Telenor (ae0)";
+ ether-options {
+ 802.3ad ae0;
+ }
+ }
+ xe-0/0/47 {
+ description "G: Telenor (ae0)";
+ ether-options {
+ 802.3ad ae0;
+ }
+ }
+ et-0/0/50 {
+ description "G: r1.ring (ae3)";
+ ether-options {
+ 802.3ad ae3;
+ }
+ }
+ et-0/0/51 {
+ description "G: r1.noc (ae0)";
+ ether-options {
+ 802.3ad ae2;
+ }
+ }
+ et-0/0/52 {
+ description "G: fw.tele (X)";
+ ether-options {
+ 802.3ad ae1;
+ }
+ }
+ et-0/0/53 {
+ description "G: r1.stand (ae4)";
+ ether-options {
+ 802.3ad ae4;
+ }
+ }
+ ge-1/0/0 {
+ description "C: Taempnett Tele";
+ unit 0 {
+ family ethernet-switching {
+ interface-mode access;
+ vlan {
+ members testnett;
+ }
+ }
+ }
+ }
+ ge-1/0/1 {
+ description "C: Tempnett Tele";
+ unit 0 {
+ family ethernet-switching {
+ interface-mode access;
+ vlan {
+ members testnett;
+ }
+ }
+ }
+ }
+ xe-1/0/24 {
+ ether-options {
+ 802.3ad ae5;
+ }
+ }
+ xe-1/0/25 {
+ ether-options {
+ 802.3ad ae8;
+ }
+ }
+ ge-1/0/34 {
+ description "C: GREATGIVING IPME";
+ unit 0 {
+ family ethernet-switching {
+ vlan {
+ members vlan100;
+ }
+ }
+ }
+ }
+ xe-1/0/41 {
+ description "G: r1.tele (xe-1/0/42) loop-kabel for redundans";
+ ether-options {
+ 802.3ad ae7;
+ }
+ }
+ xe-1/0/42 {
+ description "G: r1.tele (xe-1/0/41) loop-kabel for redundans";
+ ether-options {
+ 802.3ad ae6;
+ }
+ }
+ xe-1/0/43 {
+ description "G: r1.tele (xe-1/0/44) loop-kabel for redundans";
+ ether-options {
+ 802.3ad ae7;
+ }
+ }
+ xe-1/0/44 {
+ description "G: r1.tele (xe-1/0/43) loop-kabel for redundans";
+ ether-options {
+ 802.3ad ae6;
+ }
+ }
+ xe-1/0/45 {
+ description "G: Telenor (ae0)";
+ disable;
+ ether-options {
+ 802.3ad ae0;
+ }
+ }
+ xe-1/0/46 {
+ description "G: Telenor (ae0)";
+ ether-options {
+ 802.3ad ae0;
+ }
+ }
+ xe-1/0/47 {
+ description "G: Telenor (ae0)";
+ ether-options {
+ 802.3ad ae0;
+ }
+ }
+ et-1/0/50 {
+ description "G: r1.ring (ae3)";
+ ether-options {
+ 802.3ad ae3;
+ }
+ }
+ et-1/0/51 {
+ description "G: r1.noc (ae0)";
+ ether-options {
+ 802.3ad ae2;
+ }
+ }
+ et-1/0/52 {
+ description "G: fw1.tele (X)";
+ ether-options {
+ 802.3ad ae1;
+ }
+ }
+ et-1/0/53 {
+ description "G: r1.stand (ae4)";
+ ether-options {
+ 802.3ad ae4;
+ }
+ }
+ ae0 {
+ description "P: Telenor";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family inet {
+ filter {
+ input internet-ingress-v4;
+ output internet-egress-v4;
+ }
+ address 193.212.22.2/30;
+ }
+ family inet6 {
+ filter {
+ input internet-ingress-v6;
+ output internet-egress-v6;
+ }
+ address 2001:4600:9:300::292/126;
+ }
+ }
+ }
+ ae1 {
+ description "B: fw1.tele";
+ vlan-tagging;
+ encapsulation flexible-ethernet-services;
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 11 {
+ description "B: fw1.tele outside";
+ vlan-id 11;
+ family inet {
+ address 185.110.148.128/31;
+ }
+ family inet6 {
+ address 2a06:5841:f:f01::/127;
+ }
+ }
+ unit 12 {
+ description "B: fw1.tele inside";
+ vlan-id 12;
+ family inet {
+ address 185.110.148.130/31;
+ }
+ family inet6 {
+ address 2a06:5841:f:f02::/127;
+ }
+ }
+ }
+ ae2 {
+ description "B: r1.noc ae0";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family inet {
+ address 185.110.148.134/31;
+ }
+ family inet6 {
+ address 2a06:5841:f:f04::/127;
+ }
+ }
+ }
+ ae3 {
+ description "B: r1.ring ae3";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family inet {
+ address 185.110.148.132/31;
+ }
+ family inet6 {
+ address 2a06:5841:f:f03::/127;
+ }
+ }
+ }
+ ae4 {
+ description "B: r1.stand ae1";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family inet {
+ address 185.110.148.138/31;
+ }
+ family inet6 {
+ address 2a06:5841:f:f06::/127;
+ }
+ }
+ }
+ ae5 {
+ description "C: me bond0";
+ vlan-tagging;
+ encapsulation flexible-ethernet-services;
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ interface-mode trunk;
+ vlan {
+ members [ vlan100 vlan101 vlan102 ];
+ }
+ }
+ }
+ }
+ ae6 {
+ description "G: r1.tele (ae7) loop-kabel for redundans";
+ unit 0 {
+ family inet {
+ address 185.110.148.162/31;
+ }
+ family inet6 {
+ address 2a06:5841:f:f12::/127;
+ }
+ }
+ }
+ ae7 {
+ description "G: r1.tele (ae6) loop-kabel for redundans";
+ unit 0 {
+ family inet {
+ address 185.110.148.163/31;
+ }
+ family inet6 {
+ address 2a06:5841:f:f12::1/127;
+ }
+ }
+ }
+ ae8 {
+ description "C: greatgiving.tele";
+ vlan-tagging;
+ encapsulation flexible-ethernet-services;
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ interface-mode trunk;
+ vlan {
+ members [ vlan100 vlan101 vlan102 ];
+ }
+ }
+ }
+ }
+ em0 {
+ unit 0 {
+ family inet {
+ dhcp;
+ }
+ }
+ }
+ em1 {
+ unit 0 {
+ family inet {
+ address 169.254.0.2/24;
+ }
+ }
+ }
+ irb {
+ unit 100 {
+ description "C: Tele VM hosts vlan 100";
+ family inet {
+ address 185.110.149.129/27;
+ }
+ family inet6 {
+ address 2a06:5841:a:101::1/64;
+ }
+ }
+ unit 101 {
+ description "C: Tele tech-vm vlan 101";
+ family inet {
+ address 185.110.149.1/26;
+ }
+ family inet6 {
+ address 2a06:5841:a:103::1/64;
+ }
+ }
+ unit 102 {
+ description "C: Tele misc-vm vlan 102";
+ family inet {
+ address 88.92.16.1/24;
+ }
+ family inet6 {
+ address 2a06:5841:a:201::1/64;
+ }
+ }
+ unit 103 {
+ family inet {
+ address 185.110.148.33/27;
+ }
+ family inet6 {
+ address 2a06:5841:a:301::1/64;
+ }
+ }
+ }
+ lo0 {
+ unit 0 {
+ family inet {
+ filter {
+ input mgmt-v4;
+ }
+ address 127.0.0.1/32;
+ address 185.110.148.64/32;
+ }
+ family inet6 {
+ filter {
+ input mgmt-v6;
+ }
+ address ::1/128;
+ address 2a06:5841:f:e::64/128;
+ }
+ }
+ }
+}
+snmp {
+ contact NOC;
+ community <removed> {
+ authorization read-only;
+ client-list-name mgmt;
+ }
+ community <removed> {
+ authorization read-only;
+ client-list-name mgmt;
+ }
+}
+forwarding-options {
+ storm-control-profiles default {
+ all;
+ }
+}
+routing-options {
+ nonstop-routing;
+ rib inet6.0 {
+ static {
+ route 2a06:5840::/29 discard;
+ }
+ }
+ rib inet.0 {
+ static {
+ route 185.110.148.0/22 discard;
+ route 88.92.0.0/17 discard;
+ }
+ }
+ autonomous-system 21067;
+}
+protocols {
+ igmp {
+ interface irb.100 {
+ version 2;
+ }
+ }
+ router-advertisement {
+ interface irb.103 {
+ managed-configuration;
+ other-stateful-configuration;
+ }
+ }
+ ospf {
+ export [ direct-to-ospf static-to-ospf ];
+ reference-bandwidth 1000g;
+ area 0.0.0.0 {
+ interface ae1.12;
+ interface ae2.0;
+ interface ae4.0;
+ interface ae3.0;
+ interface ae6.0;
+ }
+ }
+ ospf3 {
+ export [ direct-to-ospf static-to-ospf ];
+ reference-bandwidth 1000g;
+ area 0.0.0.0 {
+ interface ae1.12;
+ interface ae2.0;
+ interface ae4.0;
+ interface ae3.0;
+ interface ae6.0;
+ }
+ }
+ lldp {
+ interface all;
+ }
+ lldp-med {
+ interface all;
+ }
+ igmp-snooping {
+ vlan default;
+ }
+ sflow {
+ agent-id 185.110.148.64;
+ sample-rate {
+ ingress 10000;
+ egress 10000;
+ }
+ collector <removed>;
+ collector 185.110.149.139 {
+ udp-port 6343;
+ }
+ interfaces all-ports;
+ }
+}
+policy-options {
+ prefix-list mgmt-v4 {
+ }
+ prefix-list mgmt-v6 {
+ }
+ /* Merged separate v4- og v6-lister */
+ prefix-list mgmt {
+ apply-path "policy-options prefix-list <mgmt-v*> <*>";
+ }
+ policy-statement default-v4 {
+ term default-only {
+ from {
+ route-filter 0.0.0.0/0 exact;
+ }
+ then accept;
+ }
+ term reject-all {
+ then reject;
+ }
+ }
+ policy-statement default-v6 {
+ term default-only {
+ from {
+ route-filter ::/0 exact;
+ }
+ then accept;
+ }
+ term reject-all {
+ then reject;
+ }
+ }
+ policy-statement direct-to-ospf {
+ from protocol direct;
+ then {
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ policy-statement static-to-ospf {
+ from protocol static;
+ then {
+ external {
+ type 1;
+ }
+ accept;
+ }
+ }
+ policy-statement telenor-in-v4 {
+ term accept-default {
+ from {
+ route-filter 0.0.0.0/0 exact;
+ }
+ then accept;
+ }
+ term reject-all {
+ then reject;
+ }
+ }
+ policy-statement telenor-in-v6 {
+ term accept-default {
+ from {
+ route-filter ::/0 exact;
+ }
+ then accept;
+ }
+ term reject-all {
+ then reject;
+ }
+ }
+ policy-statement telenor-out-v4 {
+ term accept-our-routes {
+ from {
+ route-filter 88.92.0.0/17 exact;
+ route-filter 194.143.120.0/21 upto /24;
+ route-filter 185.110.148.0/22 upto /24;
+ }
+ then accept;
+ }
+ term reject-all {
+ then reject;
+ }
+ }
+ policy-statement telenor-out-v6 {
+ term accept-our-routes {
+ from {
+ route-filter 2a06:5840::/29 exact;
+ route-filter 2001:4610:7617::/48 exact;
+ }
+ then accept;
+ }
+ term reject-all {
+ then reject;
+ }
+ }
+}
+firewall {
+ family inet {
+ filter mgmt-v4 {
+ term accept-ssh {
+ from {
+ source-prefix-list {
+ mgmt-v4;
+ }
+ destination-port 22;
+ }
+ then accept;
+ }
+ term discard-ssh {
+ from {
+ destination-port 22;
+ }
+ then {
+ discard;
+ }
+ }
+ term accept-all {
+ then accept;
+ }
+ }
+ filter internet-ingress-v4 {
+ interface-specific;
+ term count-our {
+ from {
+ source-address {
+ 88.92.0.0/17;
+ 185.110.148.0/22;
+ }
+ }
+ then {
+ count count-our;
+ accept;
+ }
+ }
+ term accept-all {
+ then {
+ count accept-all;
+ accept;
+ }
+ }
+ }
+ filter internet-egress-v4 {
+ interface-specific;
+ term accept-all {
+ then {
+ count accept-all;
+ accept;
+ }
+ }
+ }
+ }
+ family inet6 {
+ filter mgmt-v6 {
+ term accept-ssh {
+ from {
+ source-prefix-list {
+ mgmt-v6;
+ }
+ destination-port 22;
+ }
+ then accept;
+ }
+ term discard-ssh {
+ from {
+ destination-port 22;
+ }
+ then discard;
+ }
+ term accept-all {
+ then accept;
+ }
+ }
+ filter internet-ingress-v6 {
+ interface-specific;
+ term accept-all {
+ then {
+ count accept-all;
+ accept;
+ }
+ }
+ }
+ filter internet-egress-v6 {
+ interface-specific;
+ term accept-all {
+ then {
+ count accept-all;
+ accept;
+ }
+ }
+ }
+ }
+}
+access {
+ address-assignment {
+ pool tele-v4 {
+ family inet {
+ network 185.110.148.32/27;
+ range tele-v4 {
+ low 185.110.148.34;
+ high 185.110.148.63;
+ }
+ dhcp-attributes {
+ name-server {
+ 1.1.1.1;
+ }
+ router {
+ 185.110.148.33;
+ }
+ }
+ }
+ }
+ pool tele-v6 {
+ family inet6 {
+ prefix 2a06:5841:a:301::0/64;
+ range tele-v6 {
+ low 2a06:5841:a:301::1337:1337:1/128;
+ high 2a06:5841:a:301::1337:1337:ffff/128;
+ }
+ dhcp-attributes {
+ dns-server {
+ 2001:4860:4860::8888;
+ 2001:4860:4860::8844;
+ }
+ }
+ }
+ }
+ }
+}
+routing-instances {
+ internet {
+ instance-type vrf;
+ interface ae0.0;
+ interface ae1.11;
+ interface ae7.0;
+ interface lo0.0;
+ route-distinguisher 21067:2;
+ vrf-target target:21067:2;
+ routing-options {
+ rib internet.inet.0 {
+ static {
+ route 88.92.58.128/25 next-hop 88.92.58.1;
+ route 88.92.0.0/17 discard;
+ route 185.110.148.0/22 discard;
+ route 194.143.120.0/21 discard;
+ }
+ }
+ rib internet.inet6.0 {
+ static {
+ route 2a06:5840::/29 discard;
+ route 2001:4610:7617::/48 discard;
+ route 2001:4610:7618::/48 discard;
+ }
+ }
+ router-id 185.110.148.64;
+ }
+ protocols {
+ bgp {
+ group telenor {
+ authentication-key "<removed>";;
+ peer-as 2119;
+ neighbor 193.212.22.1 {
+ import telenor-in-v4;
+ export telenor-out-v4;
+ }
+ neighbor 2001:4600:9:300::291 {
+ import telenor-in-v6;
+ export telenor-out-v6;
+ }
+ }
+ }
+ ospf {
+ export [ direct-to-ospf static-to-ospf default-v4 ];
+ reference-bandwidth 1000g;
+ area 0.0.0.0 {
+ interface ae1.11;
+ interface ae7.0;
+ }
+ }
+ ospf3 {
+ export [ direct-to-ospf static-to-ospf default-v6 ];
+ reference-bandwidth 1000g;
+ area 0.0.0.0 {
+ interface ae1.11;
+ interface ae7.0;
+ }
+ }
+ }
+ }
+}
+virtual-chassis {
+ preprovisioned;
+ no-split-detection;
+ member 0 {
+ role routing-engine;
+ serial-number <removed>;
+ }
+ member 1 {
+ role routing-engine;
+ serial-number <removed>;
+ }
+}
+vlans {
+ testnett {
+ description testnett-tele;
+ vlan-id 103;
+ l3-interface irb.103;
+ }
+ vlan100 {
+ vlan-id 100;
+ l3-interface irb.100;
+ }
+ vlan101 {
+ vlan-id 101;
+ l3-interface irb.101;
+ }
+ vlan102 {
+ vlan-id 102;
+ l3-interface irb.102;
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-26 17:27:38 +0000