{# Query parameters: ?switch=e1-1 #} {% include "global.conf" %} {% set poe_interface_port_numbers = [40, 41, 42, 43] %} protocols { rstp { bridge-priority 32k; interface edge-ports { edge; no-root-port; } } lldp { port-id-subtype interface-name; port-description-type interface-description; interface uplink-ports; {% if "wifi" in v.switch_tags and "ex4300-48mp" in v.switch_tags %} interface mge-0/0/40; interface mge-0/0/41; interface mge-0/0/42; interface mge-0/0/43; {% elif "wifi" in v.switch_tags %} interface ge-0/0/40; interface ge-0/0/41; interface ge-0/0/42; interface ge-0/0/43; {% endif %} } } interfaces { interface-range edge-ports { {% if 'multirate' in v.switch_tags %} member-range ge-0/0/0 to ge-0/0/23; member-range mge-0/0/24 to mge-0/0/43; {% elif 'net-event-activites' in v.switch_tags and 'net-event-artnet' in v.switch_tags %} member-range ge-0/0/0 to ge-0/0/27; member-range ge-0/0/36 to ge-0/0/43; {% elif 'net-event-arena' in v.switch_tags and 'net-event-artnet' in v.switch_tags %} member-range ge-0/0/0 to ge-0/0/31; member-range ge-0/0/40 to ge-0/0/43; {% elif 'net-event-activites' in v.switch_tags and 'net-event-arena' in v.switch_tags %} member-range ge-0/0/0 to ge-0/0/27; member-range ge-0/0/32 to ge-0/0/35; member-range ge-0/0/40 to ge-0/0/43; {% elif 'net-event-activites' in v.switch_tags and 'net-event-artnet' in v.switch_tags and 'net-event-arena' in v.switch_tags %} member-range ge-0/0/0 to ge-0/0/27; member-range ge-0/0/40 to ge-0/0/43; {% elif 'net-location-beredskap' in v.switch_tags %} member-range ge-0/0/0 to ge-0/0/23; member-range ge-0/0/28 to ge-0/0/43; {% elif 'net-event-activites' in v.switch_tags %} member-range ge-0/0/0 to ge-0/0/27; member-range ge-0/0/32 to ge-0/0/43; {% elif 'net-event-artnet' in v.switch_tags %} member-range ge-0/0/0 to ge-0/0/31; member-range ge-0/0/36 to ge-0/0/43; {% elif 'net-event-arena' in v.switch_tags %} member-range ge-0/0/0 to ge-0/0/35; member-range ge-0/0/40 to ge-0/0/43; {% else %} member-range ge-0/0/0 to ge-0/0/43; {% endif %} {% if 'wifi-switch' in v.switch_tags %} description "C: AP - VLAN 777 untagged (mgmt) - VLAN 778 tagged"; {% if "els-software" in v.switch_tags %} native-vlan-id 777; {% endif %} {% else %} description "C: {{ v.network.name }} - VLAN {{ v.network.vlan }}"; {% endif %} unit 0 { family ethernet-switching { {% if 'wifi-switch' in v.switch_tags %} {% if "els-software" in v.switch_tags %} interface-mode trunk; {% else %} port-mode trunk; native-vlan-id 777; {% endif %} vlan { members [ ssid-the-gathering ]; } {% else %} {% if "els-software" in v.switch_tags %} interface-mode access; {% else %} port-mode access; {% endif %} vlan { members {{ v.network.name }}; } {% endif %} } } } {% for ifindex in range(24, 44) %} {% if "net-event-arena" in v.switch_tags and "crew" in v.switch_tags and ifindex in (36,37,38,39) %} ge-0/0/{{ ifindex }} { description "C: event-arena - VLAN 3000"; unit 0 { family ethernet-switching { {% if "els-software" in v.switch_tags %} interface-mode access; {% else %} port-mode access; {% endif %} vlan { members event-arena; } } } } {% endif %} {% if "net-event-artnet" in v.switch_tags and "crew" in v.switch_tags and ifindex in (32,33,34,35) %} ge-0/0/{{ ifindex }} { description "C: event-artnet - VLAN 3001"; unit 0 { family ethernet-switching { {% if "els-software" in v.switch_tags %} interface-mode access; {% else %} port-mode access; {% endif %} vlan { members event-artnet; } } } } {% endif %} {% if "net-event-activites" in v.switch_tags and "crew" in v.switch_tags and ifindex in (28,29,30,31) %} ge-0/0/{{ ifindex }} { description "C: event-activites - VLAN 3002"; unit 0 { family ethernet-switching { {% if "els-software" in v.switch_tags %} interface-mode access; {% else %} port-mode access; {% endif %} vlan { members event-activites; } } } } {% endif %} {% if "net-location-beredskap" in v.switch_tags and "crew" in v.switch_tags and ifindex in (24,25,26,27) %} ge-0/0/{{ ifindex }} { description "C: location-beredskap - VLAN 3003"; unit 0 { family ethernet-switching { {% if "els-software" in v.switch_tags %} interface-mode access; {% else %} port-mode access; {% endif %} vlan { members location-beredskap; } } } } {% endif %} {% if ("wifi" in v.switch_tags and "crew" in v.switch_tags and ifindex in (40,41,42,43)) or (switch_name == "e1.crew" and ifindex in (40,41,42,43)) %} {% set wifi_vlan_list = ["ssid-the-gathering"] %} {% if "els-software" in v.switch_tags %} {% do wifi_vlan_list.append("aps-mgmt") %} {% endif %} {% if "ex4300-48mp" in v.switch_tags %} mge-0/0/{{ ifindex }} { {% else %} ge-0/0/{{ ifindex }} { {% endif %} description "C: AP - VLAN 777 untagged (mgmt) - VLAN 778 tagged"; {% if "els-software" in v.switch_tags %} native-vlan-id 777; {% endif %} unit 0 { family ethernet-switching { {% if "els-software" in v.switch_tags %} interface-mode trunk; {% else %} port-mode trunk; native-vlan-id 777; {% endif %} vlan { members [ {% for vlan_name in wifi_vlan_list %}{{ vlan_name }} {% endfor %}]; } } } } {% endif %} {% endfor %} interface-range uplink-ports { description "G: {{ v.switch_management.distro_name }} (ae0)"; {% for port in v.uplink_ns.uplink_ports %} member {{ port }}; {% endfor %} ether-options { 802.3ad ae0; } } {% if not "multirate" in v.switch_tags %} interface-range unused-ports { description "not-in-use"; disable; {% for port in v.uplink_ns.all_ports %} {% if port not in v.uplink_ns.uplink_ports %} member {{ port }}; {% endif %} {% endfor %} } {% endif %} ae0 { description "B: {{ v.switch_management.distro_name }}"; aggregated-ether-options { lacp { active; } } unit 0 { family ethernet-switching { {% if "els-software" in v.switch_tags %} interface-mode trunk; {% else %} port-mode trunk; {% endif %} vlan { {% set vlan_list = [] %} {% if "net-event-arena" in v.switch_tags and "crew" in v.switch_tags %} {% do vlan_list.append("event-arena") %} {% endif %} {% if "net-event-artnet" in v.switch_tags and "crew" in v.switch_tags %} {% do vlan_list.append("event-artnet") %} {% endif %} {% if "net-event-activites" in v.switch_tags and "crew" in v.switch_tags %} {% do vlan_list.append("event-activites") %} {% endif %} {% if "net-location-beredskap" in v.switch_tags and "crew" in v.switch_tags %} {% do vlan_list.append("location-beredskap") %} {% endif %} {% if "wifi" in v.switch_tags and "crew" in v.switch_tags %} {% do vlan_list.append("aps-mgmt") %} {% do vlan_list.append("ssid-the-gathering") %} {% endif %} {% if "wifi-switch" in v.switch_tags %} members [ aps-mgmt ssid-the-gathering edge-mgmt ]; {% else %} members [ {{ v.network.name }} edge-mgmt {% for vlan in vlan_list %}{{ vlan }} {% endfor %}]; {% endif %} } } } } {% if "els-software" in v.switch_tags %} irb { {% else %} vlan { {% endif %} unit 666 { description "switch management"; family inet { filter { input mgmt-v4; } address {{ v.switch_management.mgmt_v4_addr }}/{{ v.switch_management_network.subnet4|cidr }}; } family inet6 { filter { input mgmt-v6; } address {{ v.switch_management.mgmt_v6_addr }}/{{ v.switch_management_network.subnet6|cidr }}; } } } } routing-options { rib inet.0 { static { route 0.0.0.0/0 next-hop {{ v.switch_management_network.gw4 }}; } } rib inet6.0 { static { route ::/0 next-hop {{ v.switch_management_network.gw6 }}; } } } {% if not "els-software" in v.switch_tags %} ethernet-switching-options { port-error-disable { /* 30 minutes in seconds */ disable-timeout 1800; } secure-access-port { interface edge-ports { no-dhcp-trusted; } {% if "wifi-switch" in v.switch_tags %} vlan aps-mgmt { {% else %} vlan {{ v.network.name }} { {% endif %} arp-inspection; examine-dhcp; examine-dhcpv6; neighbor-discovery-inspection; ip-source-guard; ipv6-source-guard; dhcp-option82 { circuit-id { use-vlan-id; } } no-option-37; /* inactive due to DHCP drops on MX platform */ inactive: dhcpv6-option18 { use-option-82; } } ipv6-source-guard-sessions { max-number 128; } } storm-control { action-shutdown; interface edge-ports { bandwidth 20000; multicast; } } } {% endif %} protocols { {% if "els-software" in v.switch_tags %} {% else %} igmp-snooping { vlan all { version 3; immediate-leave; } {% if "wifi" in v.switch_tags %} vlan aps-mgmt { disable; } vlan ssid-the-gathering { disable; } {% endif %} } mld-snooping { vlan all { version 2; immediate-leave; } {% if "wifi" in v.switch_tags %} vlan aps-mgmt { disable; } vlan ssid-the-gathering { disable; } {% endif %} } {% endif %} {% if "wifi" in v.switch_tags and "multirate" in v.switch_tags %} lldp-med { {% for poe_interface_port_number in poe_interface_port_numbers %} interface mge-0/0/{{ poe_interface_port_number }}; {% endfor %} } {% endif %} } vlans { edge-mgmt { vlan-id 666; {% if "els-software" in v.switch_tags %} l3-interface irb.666; {% else %} l3-interface vlan.666; {% endif %} } {# special nets for crew #} {% if "net-event-arena" in v.switch_tags and "crew" in v.switch_tags %} event-arena { vlan-id 3000; } {% endif %} {% if "net-event-artnet" in v.switch_tags and "crew" in v.switch_tags %} event-artnet { vlan-id 3001; } {% endif %} {% if "net-event-activities" in v.switch_tags and "crew" in v.switch_tags %} event-activites { vlan-id 3002; } {% endif %} {% if "net-location-beredskap" in v.switch_tags and "crew" in v.switch_tags %} location-beredskap { vlan-id 3003; } {% endif %} {% if "wifi" in v.switch_tags or "wifi-switch" in v.switch_tags %} aps-mgmt { vlan-id 777; } ssid-the-gathering { vlan-id 778; } {% endif %} {% if "wifi-switch" not in v.switch_tags %} {{ v.network.name }} { vlan-id {{ v.network.vlan }}; } {% endif %} } {% if "wifi" in v.switch_tags and "multirate" in v.switch_tags %} poe { {% if "ex4300-48mp" in v.switch_tags %} interface all { high-power; } {% else %} interface all; {% endif %} } {% endif %}