## Last commit: 2014-12-25 06:27:20 CET by technet version 14.1X53-D15.2; system { host-name rs1.gamehq; auto-snapshot; time-zone Europe/Oslo; authentication-order [ tacplus password ]; root-authentication { } name-server { 2a02:ed02:1ee7::66; 2a02:ed02:1337::2; } login { user technet { uid 2000; class super-user; authentication { } } } services { ssh; } syslog { user * { any emergency; } host 185.12.59.18 { any info; authorization info; port 515; } file messages { any notice; authorization info; } file interactive-commands { interactive-commands any; } } commit synchronize; ntp; } chassis { aggregated-devices { ethernet { device-count 32; } } } interfaces { interface-range sflow { member-range ge-0/0/0 to ge-0/0/47; member-range xe-0/1/0 to xe-0/1/3; } interface-range klientnett_game { member-range ge-0/0/12 to ge-0/0/23; description "KlientNett GameHQ"; unit 0 { family ethernet-switching { port-mode access; vlan { members klientnett_game; } } } } ge-0/0/0 { unit 0 { family ethernet-switching { vlan { members klientnett_game; } } } } ge-0/0/1 { unit 0 { family ethernet-switching { vlan { members klientnett_game; } } } } ge-0/0/2 { unit 0 { family ethernet-switching; } } ge-0/0/3 { unit 0 { family ethernet-switching; } } ge-0/0/4 { unit 0 { family ethernet-switching; } } ge-0/0/5 { unit 0 { family ethernet-switching; } } ge-0/0/6 { unit 0 { family ethernet-switching; } } ge-0/0/7 { unit 0 { family ethernet-switching; } } ge-0/0/8 { unit 0 { family ethernet-switching; } } ge-0/0/9 { unit 0 { family ethernet-switching; } } ge-0/0/10 { unit 0 { family ethernet-switching; } } ge-0/0/11 { unit 0 { family ethernet-switching; } } ge-0/0/12 { unit 0 { family ethernet-switching; } } ge-0/0/13 { unit 0 { family ethernet-switching; } } ge-0/0/14 { unit 0 { family ethernet-switching; } } ge-0/0/15 { unit 0 { family ethernet-switching; } } ge-0/0/16 { unit 0 { family ethernet-switching; } } ge-0/0/17 { unit 0 { family ethernet-switching; } } ge-0/0/18 { unit 0 { family ethernet-switching; } } ge-0/0/19 { unit 0 { family ethernet-switching; } } ge-0/0/20 { unit 0 { family ethernet-switching; } } ge-0/0/21 { unit 0 { family ethernet-switching; } } ge-0/0/22 { unit 0 { family ethernet-switching; } } ge-0/0/23 { unit 0 { family ethernet-switching; } } ge-0/0/24 { unit 0 { family ethernet-switching; } } ge-0/0/25 { unit 0 { family ethernet-switching; } } ge-0/0/26 { unit 0 { family ethernet-switching; } } ge-0/0/27 { unit 0 { family ethernet-switching; } } ge-0/0/28 { unit 0 { family ethernet-switching; } } ge-0/0/29 { unit 0 { family ethernet-switching; } } ge-0/0/30 { unit 0 { family ethernet-switching; } } ge-0/0/31 { unit 0 { family ethernet-switching; } } ge-0/0/32 { unit 0 { family ethernet-switching; } } ge-0/0/33 { unit 0 { family ethernet-switching; } } ge-0/0/34 { unit 0 { family ethernet-switching; } } ge-0/0/35 { unit 0 { family ethernet-switching; } } ge-0/0/36 { unit 0 { family ethernet-switching; } } ge-0/0/37 { unit 0 { family ethernet-switching; } } ge-0/0/38 { unit 0 { family ethernet-switching; } } ge-0/0/39 { unit 0 { family ethernet-switching; } } ge-0/0/40 { unit 0 { family ethernet-switching; } } ge-0/0/41 { unit 0 { family ethernet-switching; } } ge-0/0/42 { unit 0 { family ethernet-switching; } } ge-0/0/43 { unit 0 { family ethernet-switching; } } ge-0/0/44 { unit 0 { family ethernet-switching; } } ge-0/0/45 { unit 0 { family ethernet-switching; } } ge-0/0/46 { description "klientnett_game access / ae0"; inactive: ether-options { 802.3ad ae0; } unit 0 { family ethernet-switching { port-mode trunk; vlan { members [ mgmt klientnett_game ]; } } } } ge-0/0/47 { description "klientnett_game access / ae1"; inactive: ether-options { 802.3ad ae1; } unit 0 { family ethernet-switching { port-mode trunk; vlan { members [ mgmt klientnett_game ]; } } } } ge-0/1/0 { unit 0 { family ethernet-switching; } } xe-0/1/0 { description "rs1.log xe-0/1/1"; unit 0 { family inet { address 151.216.128.15/31; } family inet6 { address 2a02:ed02:fffe::15/127; } } } ge-0/1/1 { unit 0 { family ethernet-switching; } } xe-0/1/1 { description "rs1.north xe-0/1/0"; unit 0 { family inet { address 151.216.128.16/31; } family inet6 { address 2a02:ed02:fffe::16/127; } } } ge-0/1/2 { unit 0 { family ethernet-switching; } } xe-0/1/2 { unit 0 { family ethernet-switching; } } ge-0/1/3 { unit 0 { family ethernet-switching; } } xe-0/1/3 { unit 0 { family ethernet-switching; } } ae0 { description "klientnett_game ae0"; aggregated-ether-options { lacp { active; } } unit 0 { family ethernet-switching { port-mode trunk; vlan { members [ mgmt klientnett_game ]; } } } } ae1 { description "klientnett_game ae1"; aggregated-ether-options { lacp { active; } } unit 0 { family ethernet-switching { port-mode trunk; vlan { members [ mgmt klientnett_game ]; } } } } lo0 { unit 0 { family inet { filter { input v4-mgmt; } address 151.216.255.14/32; } family inet6 { filter { input v6-mgmt; } address 2a02:ed02:ffff::14/128; } } } vlan { unit 237 { family inet { address 151.216.237.1/24; } family inet6 { address 2a02:ed02:237::1/64; } } unit 666 { family inet { address 151.216.183.193/27; } family inet6 { address 2a02:ed02:1836::193/64; } } } } snmp { community { client-list-name mgmt; } } forwarding-options { helpers { bootp { source-address-giaddr; interface { vlan.237 { server 185.12.59.66; server 185.12.59.2; } vlan.666 { server 185.12.59.11; dhcp-option82 { circuit-id { prefix hostname; } } } } } } inactive: dhcp-relay { dhcpv6 { group all { interface vlan.65; interface vlan.229; } server-group { v6-dhcp { 2a02:ed02:1ee7::66; } } active-server-group v6-dhcp; } server-group { v4-dhcp { 185.12.59.66; } } active-server-group v4-dhcp; group all { overrides { trust-option-82; } interface vlan.65; } } } event-options { policy ae0down { events snmp_trap_link_down; attributes-match { snmp_trap_link_down.interface-name matches "ae0$"; } then { change-configuration { retry count 10 interval 10; commands { "activate interfaces ge-0/0/46 unit 0"; "deactivate interfaces ge-0/0/46 ether-options"; } user-name technet; commit-options { log "Autoconfig-script: ae0 went down so removed ge-0/0/46 from bundle"; } } } } policy ae0up { events snmp_trap_link_up; attributes-match { snmp_trap_link_up.interface-name matches "ae0$"; } then { change-configuration { retry count 10 interval 10; commands { "deactivate interfaces ge-0/0/46 unit 0"; "activate interfaces ge-0/0/46 ether-options"; } user-name technet; commit-options { log "Autoconfig-script: ae0 came up so added ge-0/0/46 to bundle"; } } } } policy ae1down { events snmp_trap_link_down; attributes-match { snmp_trap_link_down.interface-name matches "ae1$"; } then { change-configuration { retry count 10 interval 10; commands { "activate interfaces ge-0/0/47 unit 0"; "deactivate interfaces ge-0/0/47 ether-options"; } user-name technet; commit-options { log "Autoconfig-script: ae1 went down so removed ge-0/0/47 from bundle"; } } } } policy ae1up { events snmp_trap_link_up; attributes-match { snmp_trap_link_up.interface-name matches "ae1$"; } then { change-configuration { retry count 10 interval 10; commands { "deactivate interfaces ge-0/0/47 unit 0"; "activate interfaces ge-0/0/47 ether-options"; } user-name technet; commit-options { log "Autoconfig-script: ae1 came up so added ge-0/0/47 to bundle"; } } } } } protocols { igmp { interface vlan.65 { group-policy v4-multicast; } } mld { interface vlan.65 { group-policy v6-multicast; } } router-advertisement { interface vlan.65 { max-advertisement-interval 30; managed-configuration; } interface vlan.229 { min-advertisement-interval 15; managed-configuration; } } ospf { export [ redistribute-direct redistribute-static ]; reference-bandwidth 1000g; area 0.0.0.0 { interface xe-0/1/0.0; interface xe-0/1/1.0; } } ospf3 { export [ redistribute-direct redistribute-static ]; reference-bandwidth 1000g; area 0.0.0.0 { interface xe-0/1/0.0; interface xe-0/1/1.0; } } pim { rp { static { address 2a02:ed02:ffff::11; address 151.216.255.11; } } interface xe-0/1/0.0 { family inet; family inet6; } interface xe-0/1/1.0 { family inet; family inet6; } } sflow { agent-id 151.216.255.14; polling-interval 3600; sample-rate { ingress 10000; egress 10000; } source-ip 151.216.255.14; collector ; interfaces sflow; } igmp-snooping { vlan all; } rstp; lldp { interface all; } lldp-med { interface all; } } policy-options { prefix-list v4-mgmt { /* NOC clients */ 151.216.254.0/24; /* Servers */ 185.12.59.0/26; } prefix-list v6-mgmt { /* NOC clients */ 2a02:ed02:254::/64; /* Servers */ 2a02:ed02:1337::/64; } prefix-list mgmt { /* NOC clients */ 151.216.254.0/24; /* Servers */ 185.12.59.0/26; /* NOC clients */ 2a02:ed02:254::/64; /* Servers */ 2a02:ed02:1337::/64; } policy-statement redistribute-direct { from protocol direct; then { external { type 1; } accept; } } policy-statement redistribute-static { from protocol static; then { external { type 1; } accept; } } policy-statement v4-multicast { term accept-our { from { route-filter 233.139.58.0/24 orlonger; source-address-filter 185.12.59.0/26 orlonger; source-address-filter 151.216.254.0/24 orlonger; } then accept; } term reject-all { then reject; } } policy-statement v6-multicast { term accept-our { from { route-filter ff35:2001:67c:2e44::/120 orlonger; source-address-filter 2a02:ed02:1337::/64 orlonger; source-address-filter 2a02:ed02:252::/64 orlonger; } } term reject-all { then reject; } } } firewall { family inet { filter v4-mgmt { term accept-ssh { from { source-prefix-list { v4-mgmt; } destination-port 22; } then accept; } term discard-ssh { from { destination-port 22; } then { discard; } } term accept-all { then accept; } } } family inet6 { filter v6-mgmt { term accept-ssh { from { source-prefix-list { v6-mgmt; } destination-port 22; } then accept; } term discard-ssh { from { destination-port 22; } then discard; } term accept-all { then accept; } } } } ethernet-switching-options { storm-control { interface all; } } vlans { klientnett_game { vlan-id 237; l3-interface vlan.237; } mgmt { vlan-id 666; l3-interface vlan.666; } } poe { interface all; }