aboutsummaryrefslogtreecommitdiffstats
path: root/examples/tg25/netconf/d1-bird.tg25.tg.no.conf
diff options
context:
space:
mode:
Diffstat (limited to 'examples/tg25/netconf/d1-bird.tg25.tg.no.conf')
-rw-r--r--examples/tg25/netconf/d1-bird.tg25.tg.no.conf927
1 files changed, 927 insertions, 0 deletions
diff --git a/examples/tg25/netconf/d1-bird.tg25.tg.no.conf b/examples/tg25/netconf/d1-bird.tg25.tg.no.conf
new file mode 100644
index 0000000..52e3868
--- /dev/null
+++ b/examples/tg25/netconf/d1-bird.tg25.tg.no.conf
@@ -0,0 +1,927 @@
+system {
+ host-name d1-bird;
+ auto-snapshot;
+ domain-name tg25.tg.no;
+ time-zone Europe/Oslo;
+ /* tacacs primary, failbacks to local users */
+ authentication-order tacplus;
+ ports {
+ console log-out-on-disconnect;
+ }
+ root-authentication {
+ encrypted-password "<removed>";
+ }
+ name-server {
+ 1.1.1.1;
+ 8.8.8.8;
+ 2001:4860:4860::8888;
+ 2001:4860:4860::8844;
+ }
+ tacplus-server {
+ <removed> {
+ secret "<removed>";
+ }
+ }
+ login {
+ user admin {
+ uid 2000;
+ class super-user;
+ authentication {
+ encrypted-password "<removed>";
+ }
+ }
+ user tech {
+ uid 2001;
+ class super-user;
+ authentication {
+ encrypted-password "<removed>";
+ }
+ }
+ }
+ services {
+ ssh {
+ root-login deny;
+ protocol-version v2;
+ client-alive-count-max 2;
+ client-alive-interval 300;
+ connection-limit 50;
+ rate-limit 5;
+ }
+ netconf {
+ ssh {
+ port 830;
+ }
+ }
+ }
+ syslog {
+ user * {
+ any emergency;
+ }
+ host log.tg25.tg.no {
+ any warning;
+ authorization info;
+ daemon warning;
+ user warning;
+ change-log any;
+ interactive-commands any;
+ match "!(.*License.*)";
+ allow-duplicates;
+ facility-override local7;
+ explicit-priority;
+ }
+ /* Oxidized syslog */
+ host <removed> {
+ interactive-commands notice;
+ match UI_COMMIT_COMPLETED;
+ }
+ /* Local logging of syslog messages */
+ file messages {
+ any notice;
+ authorization info;
+ /* Fjerner mye graps i loggene */
+ match "!(.*License.*|.*EX-BCM PIC.*|.*mojito_i2c_read.*|.*qsfp_tk_read_mem_page.*)";
+ }
+ /* Local logging of all user-commands typed in the CLI */
+ file interactive-commands {
+ interactive-commands any;
+ match "UI_CMDLINE_READ_LINE|UI_COMMIT_COMPLETED";
+ }
+ }
+ commit synchronize;
+ ntp {
+ server 129.240.2.6;
+ server 129.240.2.42;
+ server 2001:700:100:425::42;
+ server 2001:700:100:2::6;
+ }
+}
+chassis {
+ redundancy {
+ graceful-switchover;
+ }
+ aggregated-devices {
+ ethernet {
+ device-count 32;
+ }
+ }
+ alarm {
+ management-ethernet {
+ link-down ignore;
+ }
+ }
+}
+snmp {
+ contact "<removed>";
+ location "LEGGETIIID!";
+ community <removed> {
+ authorization read-only;
+ client-list-name mgmt;
+ }
+}
+policy-options {
+ prefix-list mgmt-v4 {
+ }
+ prefix-list mgmt-v6 {
+ }
+ /* Merged separate v4- og v6-lister */
+ prefix-list mgmt {
+ apply-path "policy-options prefix-list <mgmt-v*> <*>";
+ }
+}
+firewall {
+ family inet {
+ filter mgmt-v4 {
+ term accept-ssh {
+ from {
+ source-prefix-list {
+ mgmt-v4;
+ }
+ destination-port 22;
+ }
+ then accept;
+ }
+ term discard-ssh {
+ from {
+ destination-port 22;
+ }
+ then {
+ discard;
+ }
+ }
+ term accept-all {
+ then accept;
+ }
+ }
+ }
+ family inet6 {
+ filter mgmt-v6 {
+ term accept-ssh {
+ from {
+ source-prefix-list {
+ mgmt-v6;
+ }
+ destination-port 22;
+ }
+ then accept;
+ }
+ term discard-ssh {
+ from {
+ destination-port 22;
+ }
+ then discard;
+ }
+ term accept-all {
+ then accept;
+ }
+ }
+ }
+}
+protocols {
+ igmp-snooping {
+ vlan all {
+ immediate-leave;
+ }
+ }
+ mld-snooping {
+ vlan all {
+ immediate-leave;
+ }
+ }
+}
+
+protocols {
+ rstp {
+ bridge-priority 8k;
+
+ }
+ lldp {
+ port-id-subtype interface-name;
+ port-description-type interface-description;
+ interface all;
+ }
+}
+
+
+poe {
+ interface all;
+}
+
+routing-options {
+ rib inet.0 {
+ static {
+ route 0.0.0.0/0 next-hop 185.110.149.1;
+ }
+ }
+ rib inet6.0 {
+ static {
+ route ::/0 next-hop 2a06:5841:f:0::1;
+ }
+ }
+ nonstop-routing;
+}
+
+
+
+
+interfaces {
+ ge-0/0/0 {
+ description "G: e1-bird ge-0/0/44 (ae10)";
+ ether-options {
+ 802.3ad ae10;
+ }
+ }
+ ge-0/0/1 {
+ description "G: e1-bird ge-0/0/45 (ae10)";
+ ether-options {
+ 802.3ad ae10;
+ }
+ }
+ ge-0/0/2 {
+ description "G: e2-bird ge-0/0/44 (ae11)";
+ ether-options {
+ 802.3ad ae11;
+ }
+ inactive: unit 0 {
+ family ethernet-switching {
+ port-mode access;
+ vlan {
+ members juniper-mgmt;
+ }
+ }
+ }
+ }
+ ge-0/0/3 {
+ description "G: e2-bird ge-0/0/45 (ae11)";
+ ether-options {
+ 802.3ad ae11;
+ }
+ }
+ ge-0/0/4 {
+ description "G: e1-bula ge-0/0/44 (ae12)";
+ ether-options {
+ 802.3ad ae12;
+ }
+ inactive: unit 0 {
+ family ethernet-switching {
+ port-mode access;
+ vlan {
+ members juniper-mgmt;
+ }
+ }
+ }
+ }
+ ge-0/0/5 {
+ description "G: e1-bula ge-0/0/45 (ae12)";
+ ether-options {
+ 802.3ad ae12;
+ }
+ }
+ ge-0/0/6 {
+ description "G: e1-taakeheimen ge-0/0/44 (ae13)";
+ ether-options {
+ 802.3ad ae13;
+ }
+ inactive: unit 0 {
+ family ethernet-switching {
+ port-mode access;
+ vlan {
+ members juniper-mgmt;
+ }
+ }
+ }
+ }
+ ge-0/0/7 {
+ description "G: e1-taakeheimen ge-0/0/45 (ae13)";
+ ether-options {
+ 802.3ad ae13;
+ }
+ }
+ ge-0/0/8 {
+ description "G: e1-systemstotte ge-0/0/44 (ae14)";
+ ether-options {
+ 802.3ad ae14;
+ }
+ }
+ ge-0/0/9 {
+ description "G: e1-systemstotte ge-0/0/45 (ae14)";
+ ether-options {
+ 802.3ad ae14;
+ }
+ }
+ ge-0/0/10 {
+ description "G: e2-systemstotte ge-0/0/44 (ae15)";
+ ether-options {
+ 802.3ad ae15;
+ }
+ }
+ ge-0/0/11 {
+ description "G: e2-systemstotte ge-0/0/45 (ae15)";
+ ether-options {
+ 802.3ad ae15;
+ }
+ }
+ ge-0/0/12 {
+ unit 0 {
+ }
+ }
+ ge-0/0/13 {
+ unit 0 {
+ }
+ }
+ ge-0/0/14 {
+ unit 0 {
+ }
+ }
+ ge-0/0/15 {
+ unit 0 {
+ }
+ }
+ ge-0/0/16 {
+ unit 0 {
+ }
+ }
+ ge-0/0/17 {
+ unit 0 {
+ }
+ }
+ ge-0/0/18 {
+ unit 0 {
+ }
+ }
+ ge-0/0/19 {
+ unit 0 {
+ }
+ }
+ ge-0/0/20 {
+ unit 0 {
+ }
+ }
+ ge-0/0/21 {
+ unit 0 {
+ }
+ }
+ ge-0/0/22 {
+ unit 0 {
+ }
+ }
+ ge-0/0/23 {
+ unit 0 {
+ }
+ }
+ ge-0/0/24 {
+ unit 0 {
+ }
+ }
+ ge-0/0/25 {
+ unit 0 {
+ }
+ }
+ ge-0/0/26 {
+ unit 0 {
+ }
+ }
+ ge-0/0/27 {
+ unit 0 {
+ }
+ }
+ ge-0/0/28 {
+ unit 0 {
+ }
+ }
+ ge-0/0/29 {
+ unit 0 {
+ }
+ }
+ ge-0/0/30 {
+ unit 0 {
+ }
+ }
+ ge-0/0/31 {
+ unit 0 {
+ }
+ }
+ ge-0/0/32 {
+ unit 0 {
+ }
+ }
+ ge-0/0/33 {
+ unit 0 {
+ }
+ }
+ ge-0/0/34 {
+ unit 0 {
+ }
+ }
+ ge-0/0/35 {
+ unit 0 {
+ }
+ }
+ ge-0/0/36 {
+ unit 0 {
+ }
+ }
+ ge-0/0/37 {
+ unit 0 {
+ }
+ }
+ ge-0/0/38 {
+ unit 0 {
+ }
+ }
+ ge-0/0/39 {
+ unit 0 {
+ }
+ }
+ ge-0/0/40 {
+ unit 0 {
+ }
+ }
+ ge-0/0/41 {
+ unit 0 {
+ }
+ }
+ ge-0/0/42 {
+ unit 0 {
+ }
+ }
+ ge-0/0/43 {
+ unit 0 {
+ }
+ }
+ ge-0/0/44 {
+ unit 0 {
+ }
+ }
+ ge-0/0/45 {
+ unit 0 {
+ }
+ }
+ ge-0/0/46 {
+ unit 0 {
+ }
+ }
+ ge-0/0/47 {
+ description "AP";
+ unit 0 {
+ family ethernet-switching {
+ port-mode trunk;
+ vlan {
+ members [ wifi-tg-legacy wifi-thegathering ];
+ }
+ native-vlan-id 667;
+ }
+ }
+ }
+ xe-0/1/0 {
+ description "G: d1-ring-noc xe-4/0/2 (ae0)";
+ ether-options {
+ 802.3ad ae0;
+ }
+ }
+ xe-0/1/1 {
+ description "G: d1-ring-noc xe-4/0/3 (ae0)";
+ ether-options {
+ 802.3ad ae0;
+ }
+ }
+ xe-0/1/2 {
+ unit 0 {
+ }
+ }
+ xe-0/1/3 {
+ unit 0 {
+ }
+ }
+ ae0 {
+ description "B: d1-ring-noc ae11";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ port-mode trunk;
+ vlan {
+ members all;
+ }
+ native-vlan-id 10;
+ }
+ }
+ }
+ ae10 {
+ description "B: e1-bird ae0";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ port-mode trunk;
+ vlan {
+ members [ e1-bird juniper-mgmt ];
+ }
+ }
+ }
+ }
+ ae11 {
+ description "B: e2-bird ae0";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ port-mode trunk;
+ vlan {
+ members [ e2-bird juniper-mgmt ];
+ }
+ }
+ }
+ }
+ ae12 {
+ description "B: e1-bula ae0";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ port-mode trunk;
+ vlan {
+ members [ e1-bula wifi-tg-legacy wifi-thegathering juniper-mgmt ap-mgmt ];
+ }
+ }
+ }
+ }
+ ae13 {
+ description "B: e1-taakeheimen ae0";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ port-mode trunk;
+ vlan {
+ members [ e1-taakeheimen juniper-mgmt ];
+ }
+ }
+ }
+ }
+ ae14 {
+ description "B: e1-systemstotte ae0";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ port-mode trunk;
+ vlan {
+ members [ e1-systemstotte juniper-mgmt ];
+ }
+ }
+ }
+ }
+ ae15 {
+ description "B: e2-systemstotte ae0";
+ aggregated-ether-options {
+ lacp {
+ active;
+ }
+ }
+ unit 0 {
+ family ethernet-switching {
+ port-mode trunk;
+ vlan {
+ members [ e2-systemstotte wifi-tg-legacy wifi-thegathering juniper-mgmt ap-mgmt ];
+ }
+ }
+ }
+ }
+ vlan {
+ unit 10 {
+ description "X: Mgmt";
+ family inet {
+ filter {
+ input mgmt-v4;
+ }
+ address 185.110.149.3/25;
+ }
+ family inet6 {
+ filter {
+ input mgmt-v6;
+ }
+ address 2a06:5841:f::10/64;
+ }
+ }
+ }
+}
+
+ethernet-switching-options {
+ secure-access-port {
+ vlan juniper-mgmt {
+ dhcp-option82 {
+ circuit-id {
+ prefix hostname;
+ use-vlan-id;
+ }
+ }
+ }
+ }
+}
+
+ethernet-switching-options {
+ secure-access-port {
+ vlan juniper-mgmt {
+ dhcp-option82 {
+ circuit-id {
+ prefix hostname;
+ use-vlan-id;
+ }
+ }
+ }
+ }
+ port-error-disable {
+ /* 30 minutes in seconds */
+ disable-timeout 1800;
+ }
+ storm-control {
+ interface ae10.0;
+ interface ae11.0;
+ interface ae12.0;
+ interface ae13.0;
+ interface ae14.0;
+ interface ae15.0;
+ }
+}
+vlans {
+ wifi-tg-legacy {
+ vlan-id 670;
+ }
+ wifi-thegathering {
+ vlan-id 1337;
+ }
+ ap-mgmt {
+ vlan-id 667;
+ }
+ juniper-mgmt {
+ vlan-id 10;
+ l3-interface vlan.10;
+ }
+ e1-bird {
+ vlan-id 201;
+ }
+ e2-bird {
+ vlan-id 202;
+ }
+ e1-bula {
+ vlan-id 203;
+ }
+ e1-taakeheimen {
+ vlan-id 204;
+ }
+ e1-systemstotte {
+ vlan-id 205;
+ }
+ e2-systemstotte {
+ vlan-id 206;
+ }
+}
+
+event-options {
+ policy ae10down {
+ events snmp_trap_link_down;
+ attributes-match {
+ snmp_trap_link_down.interface-name matches "ae10$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "activate interfaces ge-0/0/0 unit 0";
+ "deactivate interfaces ge-0/0/0 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae10went down so removed ge-0/0/0 from bundle";
+ }
+ }
+ }
+ }
+ policy ae10up {
+ events snmp_trap_link_up;
+ attributes-match {
+ snmp_trap_link_up.interface-name matches "ae10$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "deactivate interfaces ge-0/0/0 unit 0";
+ "activate interfaces ge-0/0/0 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae10 came up so added ge-0/0/0 to bundle";
+ }
+ }
+ }
+ }
+ policy ae11down {
+ events snmp_trap_link_down;
+ attributes-match {
+ snmp_trap_link_down.interface-name matches "ae11$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "activate interfaces ge-0/0/2 unit 0";
+ "deactivate interfaces ge-0/0/2 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae11went down so removed ge-0/0/2 from bundle";
+ }
+ }
+ }
+ }
+ policy ae11up {
+ events snmp_trap_link_up;
+ attributes-match {
+ snmp_trap_link_up.interface-name matches "ae11$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "deactivate interfaces ge-0/0/2 unit 0";
+ "activate interfaces ge-0/0/2 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae11 came up so added ge-0/0/2 to bundle";
+ }
+ }
+ }
+ }
+ policy ae12down {
+ events snmp_trap_link_down;
+ attributes-match {
+ snmp_trap_link_down.interface-name matches "ae12$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "activate interfaces ge-0/0/4 unit 0";
+ "deactivate interfaces ge-0/0/4 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae12went down so removed ge-0/0/4 from bundle";
+ }
+ }
+ }
+ }
+ policy ae12up {
+ events snmp_trap_link_up;
+ attributes-match {
+ snmp_trap_link_up.interface-name matches "ae12$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "deactivate interfaces ge-0/0/4 unit 0";
+ "activate interfaces ge-0/0/4 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae12 came up so added ge-0/0/4 to bundle";
+ }
+ }
+ }
+ }
+ policy ae13down {
+ events snmp_trap_link_down;
+ attributes-match {
+ snmp_trap_link_down.interface-name matches "ae13$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "activate interfaces ge-0/0/6 unit 0";
+ "deactivate interfaces ge-0/0/6 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae13went down so removed ge-0/0/6 from bundle";
+ }
+ }
+ }
+ }
+ policy ae13up {
+ events snmp_trap_link_up;
+ attributes-match {
+ snmp_trap_link_up.interface-name matches "ae13$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "deactivate interfaces ge-0/0/6 unit 0";
+ "activate interfaces ge-0/0/6 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae13 came up so added ge-0/0/6 to bundle";
+ }
+ }
+ }
+ }
+ policy ae14down {
+ events snmp_trap_link_down;
+ attributes-match {
+ snmp_trap_link_down.interface-name matches "ae14$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "activate interfaces ge-0/0/8 unit 0";
+ "deactivate interfaces ge-0/0/8 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae14went down so removed ge-0/0/8 from bundle";
+ }
+ }
+ }
+ }
+ policy ae14up {
+ events snmp_trap_link_up;
+ attributes-match {
+ snmp_trap_link_up.interface-name matches "ae14$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "deactivate interfaces ge-0/0/8 unit 0";
+ "activate interfaces ge-0/0/8 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae14 came up so added ge-0/0/8 to bundle";
+ }
+ }
+ }
+ }
+ policy ae15down {
+ events snmp_trap_link_down;
+ attributes-match {
+ snmp_trap_link_down.interface-name matches "ae15$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "activate interfaces ge-0/0/10 unit 0";
+ "deactivate interfaces ge-0/0/10 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae15went down so removed ge-0/0/10 from bundle";
+ }
+ }
+ }
+ }
+ policy ae15up {
+ events snmp_trap_link_up;
+ attributes-match {
+ snmp_trap_link_up.interface-name matches "ae15$";
+ }
+ then {
+ change-configuration {
+ retry count 10 interval 10;
+ commands {
+ "deactivate interfaces ge-0/0/10 unit 0";
+ "activate interfaces ge-0/0/10 ether-options";
+ }
+ user-name tech;
+ commit-options {
+ log "Autoconfig-script: ae15 came up so added ge-0/0/10 to bundle";
+ }
+ }
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-26 10:25:05 +0000