diff --git a/.gitignore b/.gitignore index 5471ccc..47a4e1d 100644 --- a/.gitignore +++ b/.gitignore @@ -104,3 +104,6 @@ pip-selfcheck.json *.swp .retry +diff +backup +core_config diff --git a/backup/ansible-veos5_config.2018-08-14@17:27:35 b/backup/ansible-veos5_config.2018-08-14@17:27:35 deleted file mode 100644 index 5f99981..0000000 --- a/backup/ansible-veos5_config.2018-08-14@17:27:35 +++ /dev/null @@ -1,29 +0,0 @@ -! Command: show running-config -! device: ansible-veos5 (vEOS, EOS-4.20.1F) -! -! boot system flash:/vEOS-lab.swi -! -transceiver qsfp default-mode 4x10G -! -hostname ansible-veos5 -! -spanning-tree mode mstp -! -no aaa root -! -username admin privilege 15 role network-admin secret sha512 $6$QooVHYszFBY655A/$WnVBzmLe2LsWQ2kF01jtWff4L9xlxIfCpB0/rS7nWB70dFEoIbIYPRf1LHGg/jSGcR6VdecKvweJxry2vttCR1 -username salt privilege 15 role network-admin secret sha512 $6$gNfDGxuNqAufb7SS$XuBAZwDyHEX6Bt6zgDBA0zkJLhOm.5aJ8cwy2wd21DVr9yWr.gqwYBx7NUntbvSjTlKDQBg.XsMIIYRwqU10u1 -username salt sshkey ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt knewell@ubuntu -! -interface Ethernet1 -! -interface Ethernet2 -! -interface Management1 - ip address 10.39.0.55/20 -! -ip route 0.0.0.0/0 10.39.0.1 -! -ip routing -! -end \ No newline at end of file diff --git a/backup/ansible-veos6_config.2018-08-14@17:27:35 b/backup/ansible-veos6_config.2018-08-14@17:27:35 deleted file mode 100644 index 2c7e042..0000000 --- a/backup/ansible-veos6_config.2018-08-14@17:27:35 +++ /dev/null @@ -1,29 +0,0 @@ -! Command: show running-config -! device: ansible-veos6 (vEOS, EOS-4.20.1F) -! -! boot system flash:/vEOS-lab.swi -! -transceiver qsfp default-mode 4x10G -! -hostname ansible-veos6 -! -spanning-tree mode mstp -! -no aaa root -! -username admin privilege 15 role network-admin secret sha512 $6$/7bApigLDgtwdZn4$8zr7AxxO2Lj2CXoV.fFWzmjrsusPfN453qwG/y76NCT7TNokv7XAZhJtgH6m82hwO14Y3W/zqyN4pHKitK1kO1 -username salt privilege 15 role network-admin secret sha512 $6$dUVSZEiQz8f5/ZTP$SMN1MWMaOLpyyUuBNjex/rVJL5WLw0SHi1MfOpdDAgPz1Fu7MMrHmJZ8.jU4kUjqC8xY.9VSp47m9MdqZl2Ck/ -username salt sshkey ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt knewell@ubuntu -! -interface Ethernet1 -! -interface Ethernet2 -! -interface Management1 - ip address 10.39.0.56/20 -! -ip route 0.0.0.0/0 10.39.0.1 -! -ip routing -! -end \ No newline at end of file diff --git a/backup/vmx1_config.2018-04-18@13:54:21 b/backup/vmx1_config.2018-04-18@13:54:21 deleted file mode 100644 index e9b251f..0000000 --- a/backup/vmx1_config.2018-04-18@13:54:21 +++ /dev/null @@ -1,102 +0,0 @@ -set version 15.1F6.9 -set system host-name nslab-vmx1 -set system root-authentication encrypted-password "$5$CRmQ12uP$4jBHGU7gqS7LxxQNBW7bnBdex2sZhzhV6UUprQIRZf1" -set system login user rancid uid 2000 -set system login user rancid class super-user -set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" -set system login user salt uid 2001 -set system login user salt class super-user -set system login user salt authentication encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293" -set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" -set system services ssh protocol-version v2 -set system services netconf ssh -set system syslog user * any emergency -set system syslog file messages any notice -set system syslog file messages authorization info -set system syslog file interactive-commands interactive-commands any -set system ntp boot-server 192.241.206.171 -set system ntp server 10.39.8.14 -deactivate system ntp server 10.39.8.14 -set system ntp server 129.6.15.29 -set system ntp source-address 10.39.8.10 -set chassis fpc 0 lite-mode -set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx2 ge-0/0/0 test" -set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.21/31 -set interfaces ge-0/0/0 unit 0 family iso -set interfaces ge-0/0/1 description "1000BaseT to nsdev-vmx6 ge-0/0/1" -set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.34/31 -set interfaces ge-0/0/1 unit 0 family iso -set interfaces ge-0/0/1 unit 0 family mpls -set interfaces ge-0/0/2 description "1000BaseT to nslab-mx240-1 ge-1/0/9 via vmx1-p2p2" -set interfaces ge-0/0/2 unit 0 family inet address 10.39.9.23/31 -set interfaces ge-0/0/2 unit 0 family iso -set interfaces ge-0/0/3 description "1000BaseT to nslab-vmx7-cust1-ce1 ge-0/0/0" -set interfaces ge-0/0/3 unit 0 -set interfaces ge-0/0/4 unit 0 family inet -set interfaces fxp0 unit 0 family inet address 10.39.0.22/20 -set interfaces lo0 unit 0 family inet address 10.39.8.10/32 -set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8010.00 -set interfaces lo0 unit 4 family inet address 1.1.1.1/32 -set snmp community public authorization read-only -set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 -set routing-options static route 0.0.0.0/0 no-readvertise -set routing-options static route 0.0.0.0/0 preference 255 -set routing-options flow route test_discard then discard -set routing-options flow route test_discard match source 2.2.2.1/32 -deactivate routing-options flow route test_discard -set routing-options flow term-order standard -set routing-options router-id 10.39.8.10 -set routing-options autonomous-system 65150 -set routing-options validation group rpki-validator session 163.253.39.165 port 8282 -set protocols rsvp interface ge-0/0/1.0 -set protocols mpls label-switched-path vmx1-to-vmx3 to 10.39.8.12 -set protocols mpls label-switched-path vmx1-to-vmx6 to 10.39.8.15 -set protocols mpls interface lo0.0 -set protocols mpls interface ge-0/0/1.0 -set protocols bgp group CONNECTOR neighbor 10.39.10.1 description "vmx7-cust1-ce1 R&E Peering" -set protocols bgp group CONNECTOR neighbor 10.39.10.1 import vmx7-cust1-ce1-BGP-IN -set protocols bgp group CONNECTOR neighbor 10.39.10.1 export vmx7-cust1-ce1-BGP-OUT -set protocols bgp group CONNECTOR neighbor 10.39.10.1 peer-as 65151 -set protocols bgp group INTERNET2 type internal -set protocols bgp group INTERNET2 local-address 10.39.8.10 -set protocols bgp group INTERNET2 family inet flow -set protocols bgp group INTERNET2 family inet any -set protocols bgp group INTERNET2 family inet-vpn unicast -set protocols bgp group INTERNET2 family inet-vpn flow -set protocols bgp group INTERNET2 family inet6-vpn unicast -set protocols bgp group INTERNET2 peer-as 65150 -set protocols bgp group INTERNET2 neighbor 10.39.8.15 -set protocols bgp group INTERNET2 neighbor 10.39.8.14 -set protocols bgp group INTERNET2 neighbor 10.39.8.13 -set protocols bgp group INTERNET2 neighbor 10.39.8.12 -set protocols isis reference-bandwidth 1000g -set protocols isis level 1 disable -set protocols isis level 2 wide-metrics-only -set protocols isis interface ge-0/0/0.0 -set protocols isis interface ge-0/0/1.0 -set protocols isis interface ge-0/0/2.0 -set protocols isis interface ge-0/0/3.0 -set protocols isis interface lo0.0 -set protocols lldp port-id-subtype interface-name -set protocols lldp port-description-type interface-alias -set protocols lldp interface all -deactivate policy-options policy-statement nslab-tsg-bgp-in term 10 from route-filter 0.0.0.0/32 exact -set policy-options policy-statement nslab-tsg-bgp-in term 10 from route-filter 163.253.39.160/27 exact -set policy-options policy-statement nslab-tsg-bgp-in term 10 then accept -set policy-options policy-statement nslab-tsg-bgp-in then reject -set policy-options policy-statement nslab-tsg-bgp-out term 10 from protocol aggregate -set policy-options policy-statement nslab-tsg-bgp-out term 10 then accept -set policy-options policy-statement nslab-tsg-bgp-out term 20 then reject -set policy-options policy-statement nslab-tsg-bgp-out then reject -set policy-options policy-statement vmx7-cust1-ce1-BGP-IN term 10 from route-filter 172.168.8.0/24 exact -set policy-options policy-statement vmx7-cust1-ce1-BGP-IN term 10 then accept -set policy-options policy-statement vmx7-cust1-ce1-BGP-IN then reject -set policy-options policy-statement vmx7-cust1-ce1-BGP-OUT then accept -set routing-instances NTP instance-type vrf -set routing-instances NTP interface lo0.4 -set routing-instances NTP route-distinguisher 10.39.8.10:123 -set routing-instances NTP vrf-target target:123:123 -set routing-instances NTP vrf-table-label -set routing-instances NTP routing-options flow route test_vrf then discard -set routing-instances NTP routing-options flow route test_vrf match source 2.2.2.1/32 -set routing-instances NTP routing-options flow term-order standard \ No newline at end of file diff --git a/backup/vmx2_config.2018-04-18@13:54:20 b/backup/vmx2_config.2018-04-18@13:54:20 deleted file mode 100644 index 7670d06..0000000 --- a/backup/vmx2_config.2018-04-18@13:54:20 +++ /dev/null @@ -1,44 +0,0 @@ -set version 15.1F6.9 -set system host-name nslab-vmx2 -set system root-authentication encrypted-password "$5$7Z4KJmOq$Gfcu80MW1h04eXYAT08jw6FY3YJ4qUFK.nH.OeQBjH9" -set system login user rancid uid 2000 -set system login user rancid class super-user -set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" -set system login user salt uid 2001 -set system login user salt class super-user -set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" -set system services ssh protocol-version v2 -set system services netconf ssh -set system syslog user * any emergency -set system syslog user * match "!(.*Scheduler Oinker*.|.*Frame *.|.*ms without yielding*.);" -set system syslog file messages any notice -set system syslog file messages authorization info -set system syslog file interactive-commands interactive-commands any -set system ntp boot-server 192.241.206.171 -set system ntp server 10.39.8.14 -set system ntp source-address 10.39.8.11 -set chassis fpc 0 lite-mode -set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx1 ge-0/0/0" -set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.20/31 -set interfaces ge-0/0/0 unit 0 family iso -set interfaces ge-0/0/1 description "1000BaseT to nslab-vmx4 ge-0/0/0" -set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.26/31 -set interfaces ge-0/0/1 unit 0 family iso -set interfaces ge-0/0/2 description "1000BaseT to nslab-vmx5:ge-0/0/2" -set interfaces ge-0/0/2 unit 0 family inet address 10.39.9.36/31 -set interfaces ge-0/0/2 unit 0 family iso -set interfaces fxp0 unit 0 family inet address 10.39.0.23/20 -set interfaces lo0 unit 0 family inet address 10.39.8.11/32 -set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8011.00 -set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 -set routing-options static route 0.0.0.0/0 no-readvertise -set routing-options static route 0.0.0.0/0 preference 255 -set protocols isis reference-bandwidth 1000g -set protocols isis level 1 disable -set protocols isis level 2 wide-metrics-only -set protocols isis interface ge-0/0/0.0 -set protocols isis interface ge-0/0/1.0 -set protocols isis interface ge-0/0/2.0 -set protocols isis interface lo0.0 -set protocols lldp port-id-subtype interface-name -set protocols lldp interface all \ No newline at end of file diff --git a/backup/vmx3_config.2018-04-18@13:54:23 b/backup/vmx3_config.2018-04-18@13:54:23 deleted file mode 100644 index c79ecfe..0000000 --- a/backup/vmx3_config.2018-04-18@13:54:23 +++ /dev/null @@ -1,72 +0,0 @@ -set version 15.1F6.9 -set system host-name nslab-vmx3 -set system root-authentication encrypted-password "$5$T4cqYSkh$kzSdkdnZGussQSb/c3MoJmKCyVVUjEN1KfObDwfhNoC" -set system login user rancid uid 2000 -set system login user rancid class super-user -set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" -set system login user salt uid 2001 -set system login user salt class super-user -set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" -set system services ssh protocol-version v2 -set system services netconf ssh -set system services netconf rfc-compliant -set system syslog user * any emergency -set system syslog file messages any notice -set system syslog file messages authorization info -set system syslog file interactive-commands interactive-commands any -set system ntp server 10.39.8.14 -set chassis fpc 0 lite-mode -set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx4 ge-0/0/0" -set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.28/31 -set interfaces ge-0/0/0 unit 0 family iso -set interfaces ge-0/0/0 unit 0 family mpls -set interfaces ge-0/0/1 description "1000BaseT to nslab-vmx2 ge-0/0/1" -set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.27/31 -set interfaces ge-0/0/1 unit 0 family iso -set interfaces ge-0/0/2 description "1000BaseT to nslab-vmx8 ge-0/0/0" -set interfaces ge-0/0/2 unit 0 -set interfaces ge-0/0/3 description trex-port1 -set interfaces ge-0/0/3 unit 0 family inet address 2.2.2.2/24 -set interfaces fxp0 unit 0 family inet address 10.39.0.24/20 -set interfaces lo0 unit 0 family inet address 10.39.8.12/32 -set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8012.00 -set interfaces lo0 unit 4 family inet address 3.3.3.3/32 -set snmp community public authorization read-only -set snmp community public routing-instance NTP -set snmp routing-instance-access access-list * -set snmp traceoptions file snmp -set snmp traceoptions flag all -set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 -set routing-options static route 0.0.0.0/0 no-readvertise -set routing-options static route 0.0.0.0/0 preference 255 -set routing-options flow term-order standard -set routing-options router-id 10.39.8.12 -set routing-options autonomous-system 65150 -set protocols rsvp interface ge-0/0/0.0 -set protocols mpls label-switched-path vmx3-to-vmx1 to 10.39.8.10 -set protocols mpls interface ge-0/0/0.0 -set protocols bgp group INTERNET2 type internal -set protocols bgp group INTERNET2 local-address 10.39.8.12 -set protocols bgp group INTERNET2 family inet flow -set protocols bgp group INTERNET2 family inet any -set protocols bgp group INTERNET2 family inet-vpn unicast -set protocols bgp group INTERNET2 family inet-vpn flow -set protocols bgp group INTERNET2 family inet6-vpn unicast -set protocols bgp group INTERNET2 peer-as 65150 -set protocols bgp group INTERNET2 neighbor 10.39.8.15 -set protocols bgp group INTERNET2 neighbor 10.39.8.14 -set protocols bgp group INTERNET2 neighbor 10.39.8.13 -set protocols bgp group INTERNET2 neighbor 10.39.8.10 -set protocols isis level 1 disable -set protocols isis level 2 wide-metrics-only -set protocols isis interface ge-0/0/0.0 -set protocols isis interface ge-0/0/1.0 -set protocols isis interface lo0.0 -set protocols lldp port-id-subtype interface-name -set protocols lldp interface all -set routing-instances NTP instance-type vrf -set routing-instances NTP interface lo0.4 -set routing-instances NTP route-distinguisher 10.39.8.12:123 -set routing-instances NTP vrf-target target:123:123 -set routing-instances NTP vrf-table-label -set routing-instances NTP routing-options flow term-order standard \ No newline at end of file diff --git a/backup/vmx4_config.2018-04-18@13:54:21 b/backup/vmx4_config.2018-04-18@13:54:21 deleted file mode 100644 index ca23b0e..0000000 --- a/backup/vmx4_config.2018-04-18@13:54:21 +++ /dev/null @@ -1,64 +0,0 @@ -set version 15.1F6.9 -set system host-name nslab-vmx4 -set system root-authentication encrypted-password "$5$B6X5NhtH$wGQuvhwZRwdG9q1p3vvzgcFAmpjGhcVJSOC0RWbBxBB" -set system login user rancid uid 2000 -set system login user rancid class super-user -set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" -set system login user salt uid 2001 -set system login user salt class super-user -set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" -set system services ssh protocol-version v2 -set system services netconf ssh -set system syslog user * any emergency -set system syslog file messages any notice -set system syslog file messages authorization info -set system syslog file interactive-commands interactive-commands any -set system ntp server 10.39.8.14 -set chassis fpc 0 lite-mode -set chassis network-services enhanced-ip -set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx3 ge-0/0/0" -set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.29/31 -set interfaces ge-0/0/0 unit 0 family iso -set interfaces ge-0/0/0 unit 0 family mpls -set interfaces ge-0/0/1 description "1000BaseT to nsdev-vmx5 ge-0/0/0" -set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.30/31 -set interfaces ge-0/0/1 unit 0 family iso -set interfaces ge-0/0/1 unit 0 family mpls -set interfaces fxp0 unit 0 family inet address 10.39.0.25/20 -set interfaces lo0 unit 0 family inet address 10.39.8.13/32 -set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8013.00 -set interfaces lo0 unit 4 family inet address 4.4.4.4/32 -set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 -set routing-options static route 0.0.0.0/0 no-readvertise -set routing-options static route 0.0.0.0/0 preference 255 -set routing-options router-id 10.39.8.13 -set routing-options autonomous-system 65150 -set protocols rsvp interface ge-0/0/1.0 -set protocols rsvp interface ge-0/0/0.0 -set protocols mpls label-switched-path vmx4-vmx6 to 10.39.8.15 -set protocols mpls label-switched-path vmx4-to-vmx-5 to 10.39.8.14 -set protocols mpls interface all -set protocols bgp local-address 10.39.8.13 -set protocols bgp log-updown -set protocols bgp group INTERNET2 type internal -set protocols bgp group INTERNET2 local-address 10.39.8.13 -set protocols bgp group INTERNET2 family inet any -set protocols bgp group INTERNET2 family inet-vpn unicast -set protocols bgp group INTERNET2 family inet6-vpn unicast -set protocols bgp group INTERNET2 peer-as 65150 -set protocols bgp group INTERNET2 neighbor 10.39.8.15 -set protocols bgp group INTERNET2 neighbor 10.39.8.14 -set protocols bgp group INTERNET2 neighbor 10.39.8.10 -set protocols bgp group INTERNET2 neighbor 10.39.8.12 -set protocols isis level 1 disable -set protocols isis level 2 wide-metrics-only -set protocols isis interface ge-0/0/0.0 -set protocols isis interface ge-0/0/1.0 -set protocols isis interface lo0.0 -set protocols lldp port-id-subtype interface-name -set protocols lldp interface all -set routing-instances NTP instance-type vrf -set routing-instances NTP interface lo0.4 -set routing-instances NTP route-distinguisher 10.39.8.13:123 -set routing-instances NTP vrf-target target:123:123 -set routing-instances NTP vrf-table-label \ No newline at end of file diff --git a/backup/vmx5_config.2018-04-18@13:54:23 b/backup/vmx5_config.2018-04-18@13:54:23 deleted file mode 100644 index 5fbccf7..0000000 --- a/backup/vmx5_config.2018-04-18@13:54:23 +++ /dev/null @@ -1,86 +0,0 @@ -set version 15.1F6.9 -set system host-name nslab-vmx5 -set system root-authentication encrypted-password "$5$dtzjbbOB$kRjqCbWTMGPGR182yFSH/yD1dUEt7uKn1DHEaQUWgt6" -set system login user rancid uid 2000 -set system login user rancid class super-user -set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" -set system login user salt uid 2001 -set system login user salt class super-user -set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" -set system services ssh protocol-version v2 -set system services netconf ssh -set system syslog user * any emergency -set system syslog user * match "!(.*Scheduler Oinker*.|.*Frame *.|.*ms without yielding*.);" -set system syslog file messages any any -set system syslog file messages authorization info -set system syslog file messages match "!(.*Scheduler Oinker*.|.*Frame *.|.*ms without yielding*.);" -set system syslog file interactive-commands interactive-commands any -set system ntp server 132.163.97.4 -deactivate system ntp server 132.163.97.4 -set system ntp server 10.39.8.14 -deactivate system ntp server 10.39.8.14 -set system ntp server 129.6.15.29 -deactivate system ntp server 129.6.15.29 -set system ntp server 10.39.8.10 -deactivate system ntp server 10.39.8.10 -set system ntp server 163.253.39.173 -set chassis fpc 0 lite-mode -set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx4 ge-0/0/1" -set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.31/31 -set interfaces ge-0/0/0 unit 0 family iso -set interfaces ge-0/0/0 unit 0 family mpls -set interfaces ge-0/0/1 description "1000BaseT to nslab-vmx6 ge-0/0/0" -set interfaces ge-0/0/1 unit 0 family inet address 10.39.9.32/31 -set interfaces ge-0/0/1 unit 0 family iso -set interfaces ge-0/0/1 unit 0 family mpls -set interfaces ge-0/0/2 description "1000BaseT to nslab-vmx2:ge-0/0/2" -set interfaces ge-0/0/2 unit 0 family inet address 10.39.9.37/31 -set interfaces ge-0/0/2 unit 0 family iso -set interfaces fxp0 unit 0 family inet address 10.39.0.26/20 -set interfaces lo0 unit 0 family inet address 10.39.8.14/32 -set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8014.00 -set interfaces lo0 unit 4 family inet filter input loopback-strict-in -set interfaces lo0 unit 4 family inet address 5.5.5.5/32 -set snmp community public authorization read-only -set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 -set routing-options static route 0.0.0.0/0 no-readvertise -set routing-options static route 0.0.0.0/0 preference 255 -set routing-options autonomous-system 65150 -set protocols rsvp interface ge-0/0/0.0 -set protocols rsvp interface ge-0/0/1.0 -set protocols mpls label-switched-path vmx5-to-vmx4 to 10.39.8.13 -set protocols mpls label-switched-path vmx5-to-vmx6 to 10.39.8.15 -set protocols mpls interface all -set protocols bgp log-updown -set protocols bgp group INTERNET2 type internal -set protocols bgp group INTERNET2 local-address 10.39.8.14 -set protocols bgp group INTERNET2 family inet any -set protocols bgp group INTERNET2 family inet-vpn unicast -set protocols bgp group INTERNET2 family inet6-vpn unicast -set protocols bgp group INTERNET2 peer-as 65150 -set protocols bgp group INTERNET2 neighbor 10.39.8.15 -set protocols bgp group INTERNET2 neighbor 10.39.8.13 -set protocols bgp group INTERNET2 neighbor 10.39.8.10 -set protocols bgp group INTERNET2 neighbor 10.39.8.12 -set protocols isis reference-bandwidth 1000g -set protocols isis level 1 disable -set protocols isis level 2 wide-metrics-only -set protocols isis interface ge-0/0/0.0 -set protocols isis interface ge-0/0/1.0 -set protocols isis interface ge-0/0/2.0 -set protocols isis interface lo0.0 -set protocols lldp port-id-subtype interface-name -set protocols lldp interface all -set firewall family inet filter loopback-strict-in term lsp-ping-discard from port 3503 -set firewall family inet filter loopback-strict-in term lsp-ping-discard then count lsp-ping-discard -set firewall family inet filter loopback-strict-in term lsp-ping-discard then log -set firewall family inet filter loopback-strict-in term lsp-ping-discard then discard -set firewall family inet filter loopback-strict-out term block-nist from address 129.6.15.29/32 -set firewall family inet filter loopback-strict-out term block-nist then count nist -set firewall family inet filter loopback-strict-out term block-nist then discard -set firewall family inet filter loopback-strict-out term accept then accept -set routing-instances NTP instance-type vrf -set routing-instances NTP interface lo0.4 -set routing-instances NTP route-distinguisher 10.39.8.14:123 -set routing-instances NTP vrf-target target:123:123 -set routing-instances NTP vrf-table-label \ No newline at end of file diff --git a/backup/vmx6_config.2018-04-18@13:54:22 b/backup/vmx6_config.2018-04-18@13:54:22 deleted file mode 100644 index 2143a71..0000000 --- a/backup/vmx6_config.2018-04-18@13:54:22 +++ /dev/null @@ -1,70 +0,0 @@ -set version 15.1F6.9 -set system host-name nsdev-vmx6 -set system root-authentication encrypted-password "$5$qRd0mli.$29xCBLe2nBf4MX2awxZA7wf6yD4kx5OTHyge.b9iGmA" -set system login user rancid uid 2000 -set system login user rancid class super-user -set system login user rancid authentication encrypted-password "$1$l62TnvVE$VWpKyk9XfHOP1FqIqFn2L1" -set system login user salt uid 2001 -set system login user salt class super-user -set system login user salt authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt" -set system services ssh protocol-version v2 -set system services netconf ssh -set system syslog user * any emergency -set system syslog file messages any notice -set system syslog file messages authorization info -set system syslog file interactive-commands interactive-commands any -set system ntp server 10.39.8.14 -set chassis fpc 0 lite-mode -set chassis network-services enhanced-ip -set interfaces ge-0/0/0 description "1000BaseT to nslab-vmx5 ge-0/0/1" -set interfaces ge-0/0/0 unit 0 family inet address 10.39.9.33/31 -set interfaces ge-0/0/0 unit 0 family iso -set interfaces ge-0/0/0 unit 0 family mpls -set interfaces ge-0/0/1 description "1000BaseT to nslab-vmx10-cust4-ce1 ge-0/0/0" -set interfaces ge-0/0/1 unit 0 -set interfaces ge-0/0/2 description "1000BaseT to nslab-vmx1 ge-0/0/3" -set interfaces ge-0/0/2 unit 0 family inet address 10.39.9.35/31 -set interfaces ge-0/0/2 unit 0 family iso -set interfaces ge-0/0/2 unit 0 family mpls -set interfaces ge-0/0/3 description unused -set interfaces ge-0/0/4 unit 0 -set interfaces fxp0 unit 0 family inet address 10.39.0.27/20 -set interfaces lo0 unit 0 family inet address 10.39.8.15/32 -set interfaces lo0 unit 0 family iso address 49.0000.0100.3900.8015.00 -set interfaces lo0 unit 4 family inet address 6.6.6.6/32 -set routing-options static route 0.0.0.0/0 next-hop 10.39.0.1 -set routing-options static route 0.0.0.0/0 no-readvertise -set routing-options static route 0.0.0.0/0 preference 255 -set routing-options static route 16.0.0.0/8 next-hop 1.1.1.1 -set routing-options static route 48.0.0.0/8 next-hop 2.2.2.1 -set routing-options router-id 10.39.8.15 -set routing-options autonomous-system 65150 -set protocols rsvp interface ge-0/0/0.0 -set protocols rsvp interface ge-0/0/2.0 -set protocols mpls label-switched-path vmx6-vmx4 to 10.39.8.13 -set protocols mpls label-switched-path vmx6-to-vmx5 to 10.39.8.14 -set protocols mpls label-switched-path vmx6-to-vmx1 to 10.39.8.10 -set protocols mpls interface all -set protocols bgp log-updown -set protocols bgp group INTERNET2 type internal -set protocols bgp group INTERNET2 local-address 10.39.8.15 -set protocols bgp group INTERNET2 family inet any -set protocols bgp group INTERNET2 family inet-vpn unicast -set protocols bgp group INTERNET2 family inet6-vpn unicast -set protocols bgp group INTERNET2 peer-as 65150 -set protocols bgp group INTERNET2 neighbor 10.39.8.14 -set protocols bgp group INTERNET2 neighbor 10.39.8.13 -set protocols bgp group INTERNET2 neighbor 10.39.8.10 -set protocols bgp group INTERNET2 neighbor 10.39.8.12 -set protocols isis level 2 wide-metrics-only -set protocols isis level 1 disable -set protocols isis interface ge-0/0/0.0 -set protocols isis interface ge-0/0/2.0 -set protocols isis interface lo0.0 -set protocols lldp port-id-subtype interface-name -set protocols lldp interface all -set routing-instances NTP instance-type vrf -set routing-instances NTP interface lo0.4 -set routing-instances NTP route-distinguisher 10.39.8.15:123 -set routing-instances NTP vrf-target target:123:123 -set routing-instances NTP vrf-table-label \ No newline at end of file diff --git a/core-deploy.yml b/core-deploy.yml index 803a0b0..334e738 100644 --- a/core-deploy.yml +++ b/core-deploy.yml @@ -1,5 +1,4 @@ --- -## First Play - hosts: localhost name: Create per node data model gather_facts: no @@ -10,10 +9,8 @@ - name: Create per-node data model from fabric data model template: src=core/core-to-nodes.j2 dest=./nodes.yml -## Second Play - name: Generate Configuration for all routers gather_facts: no -# connection: local hosts: all tags: [ template ] tasks: @@ -33,13 +30,20 @@ - name: Generate Configuration template: src={{ansible_network_os}}/core.j2 dest=core_config/{{inventory_hostname}}-config.txt -## Third Play -# commit variable is used to control the play -# if commit=0 then we will not commit the changes we will only generate diff -# if commit=1 then we will commit the changes and generate diff +# - name: check the running-config against intended config +# gather_facts: no +# hosts: all +# tags: [ diff ] +# tasks: +# - name: Diff config (ios) +# ios_config: +# backup: yes +# diff_against: intended +# intended_config: "{{ lookup('file', 'core_config/{{inventory_hostname}}-config.txt') }}" +# when: ansible_network_os == 'ios' + - name: push the configuration to the devices gather_facts: no -# connection: local hosts: all tags: [ deploy ] tasks: @@ -49,6 +53,7 @@ - name: Load config (junos) junos_config: + backup: yes src: core_config/{{inventory_hostname}}-config.txt update: override comment: Ansible config update @@ -56,11 +61,13 @@ - name: Load config (eos) eos_config: + backup: yes src: core_config/{{inventory_hostname}}-config.txt when: ansible_network_os == 'eos' - name: Load config (ios) ios_config: + backup: yes src: core_config/{{inventory_hostname}}-config.txt when: ansible_network_os == 'ios' diff --git a/core/core-model-ntc.yml b/core/core-model-ntc.yml new file mode 100644 index 0000000..37a7be1 --- /dev/null +++ b/core/core-model-ntc.yml @@ -0,0 +1,72 @@ +--- + +common: + bgp_asn: 65000 + +nodes: + - name: ntc-csr1 + mgmt: 10.0.0.51 + rid: 1.1.1.1 + + - name: ntc-csr2 + mgmt: 10.0.0.52 + rid: 2.2.2.2 + + - name: ntc-csr3 + mgmt: 10.0.0.53 + rid: 3.3.3.3 + + - name: ntc-vmx7 + mgmt: 10.0.0.37 + rid: 7.7.7.7 + + - name: ntc-vmx8 + mgmt: 10.0.0.38 + rid: 8.8.8.8 + + - name: ntc-vmx9 + mgmt: 10.0.0.39 + rid: 9.9.9.9 + +links: + - {left: ntc-csr1, left_port: GigabitEthernet4, left_ip: 172.10.12.1, + right: ntc-csr2, right_port: GigabitEthernet4, right_ip: 172.10.12.2, + mpls: True } + + - {left: ntc-csr1, left_port: GigabitEthernet2, left_ip: 172.10.13.1, + right: ntc-csr3, right_port: GigabitEthernet2, right_ip: 172.10.13.3, + mpls: True } + + - {left: ntc-csr1, left_port: GigabitEthernet3, left_ip: 172.10.17.1, + right: ntc-vmx7, right_port: ge-0/0/3, right_ip: 172.10.17.7, + mpls: True } + + - {left: ntc-csr2, left_port: GigabitEthernet3, left_ip: 172.10.23.2, + right: ntc-csr3, right_port: GigabitEthernet3, right_ip: 172.10.23.3, + mpls: True } + + - {left: ntc-csr2, left_port: GigabitEthernet2, left_ip: 172.10.29.2, + right: ntc-vmx9, right_port: ge-0/0/3, right_ip: 172.10.29.9, + mpls: True } + + - {left: ntc-vmx7, left_port: ge-0/0/1, left_ip: 172.10.79.7, + right: ntc-vmx9, right_port: ge-0/0/1, right_ip: 172.10.79.9, + mpls: True } + + - {left: ntc-vmx7, left_port: ge-0/0/0, left_ip: 172.10.78.7, + right: ntc-vmx8, right_port: ge-0/0/0, right_ip: 172.10.78.8, + mpls: True } + + - {left: ntc-vmx8, left_port: ge-0/0/2, left_ip: 172.10.89.8, + right: ntc-vmx9, right_port: ge-0/0/2, right_ip: 172.10.89.9, + mpls: True } + +bgp: + rr: [1.1.1.1] + clients: [2.2.2.2, 3.3.3.3, 7.7.7.7, 8.8.8.8, 9.9.9.9] + af: + - inet + - inet-vpn + +ospf: + area: 0 diff --git a/core/core-to-nodes.j2 b/core/core-to-nodes.j2 index 2111327..dc62664 100644 --- a/core/core-to-nodes.j2 +++ b/core/core-to-nodes.j2 @@ -58,7 +58,6 @@ nodes: {% if ospf is defined %} ospf: area: {{ospf.area}} - network: {{ospf.network}} {% endif %} {% if isis is defined %} isis: diff --git a/core_config/ansible-csr1-config.txt b/core_config/ansible-csr1-config.txt deleted file mode 100644 index 6f3254d..0000000 --- a/core_config/ansible-csr1-config.txt +++ /dev/null @@ -1,148 +0,0 @@ -! -service timestamps debug datetime msec -service timestamps log datetime msec -no platform punt-keepalive disable-kernel-core -platform console auto -! -hostname ansible-csr1 -! -vrf definition MANAGEMENT - ! - address-family ipv4 - exit-address-family - ! - address-family ipv6 - exit-address-family -! -! -no aaa new-model -! -no ip domain lookup -ip domain name ntc.com -! -subscriber templating -! -multilink bundle-name authenticated -! -! -license udi pid CSR1000V sn 9KXI0D7TVFI -diagnostic bootup level minimal -archive - path bootflash:archive -! -spanning-tree extend system-id -netconf-yang cisco-odm on-demand-enable -netconf-yang cisco-odm polling-enable -netconf-yang -restconf -! -username ntc privilege 15 password 0 ntc123 -! -redundancy -! -lldp run -cdp run -! -interface Loopback0 - ip address 1.1.1.1 255.255.255.255 - ip ospf 1 area 0 - ! -interface GigabitEthernet1 - vrf forwarding MANAGEMENT - ip address 10.0.0.51 255.255.255.0 - negotiation auto -! -interface GigabitEthernet4 - no shutdown - ip address 172.10.12.1 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet3 - no shutdown - ip address 172.10.14.1 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet2 - no shutdown - ip address 172.10.13.1 255.255.255.0 - negotiation auto - mpls ip -! -! -! -router ospf 1 - router-id 1.1.1.1 - network 172.10.12.1 0.0.0.255 area 0 - network 172.10.14.1 0.0.0.255 area 0 - network 172.10.13.1 0.0.0.255 area 0 - ! -router bgp 65000 - neighbor 2.2.2.2 remote-as 65000 - neighbor 2.2.2.2 update-source Loopback0 - neighbor 3.3.3.3 remote-as 65000 - neighbor 3.3.3.3 update-source Loopback0 - neighbor 4.4.4.4 remote-as 65000 - neighbor 4.4.4.4 update-source Loopback0 - neighbor 5.5.5.5 remote-as 65000 - neighbor 5.5.5.5 update-source Loopback0 - neighbor 6.6.6.6 remote-as 65000 - neighbor 6.6.6.6 update-source Loopback0 - ! - address-family ipv4 - neighbor 2.2.2.2 activate - neighbor 2.2.2.2 route-reflector-client - neighbor 3.3.3.3 activate - neighbor 3.3.3.3 route-reflector-client - neighbor 4.4.4.4 activate - neighbor 4.4.4.4 route-reflector-client - neighbor 5.5.5.5 activate - neighbor 5.5.5.5 route-reflector-client - neighbor 6.6.6.6 activate - neighbor 6.6.6.6 route-reflector-client - exit-address-family - ! - address-family vpnv4 - neighbor 2.2.2.2 activate - neighbor 2.2.2.2 route-reflector-client - neighbor 3.3.3.3 activate - neighbor 3.3.3.3 route-reflector-client - neighbor 4.4.4.4 activate - neighbor 4.4.4.4 route-reflector-client - neighbor 5.5.5.5 activate - neighbor 5.5.5.5 route-reflector-client - neighbor 6.6.6.6 activate - neighbor 6.6.6.6 route-reflector-client - exit-address-family - ! -! -mpls label protocol ldp -! -virtual-service csr_mgmt -! -ip forward-protocol nd -ip http server -ip http authentication local -ip http secure-server -! -ip route vrf MANAGEMENT 0.0.0.0 0.0.0.0 10.0.0.2 -ip scp server enable -! -control-plane -! -alias exec ntcclear clear platform software vnic-if nv -! -line con 0 - stopbits 1 -line vty 0 4 - privilege level 15 - login local - transport preferred ssh -line vty 5 30 - privilege level 15 - login local - transport preferred ssh -! diff --git a/core_config/ansible-csr2-config.txt b/core_config/ansible-csr2-config.txt deleted file mode 100644 index 4fe44e2..0000000 --- a/core_config/ansible-csr2-config.txt +++ /dev/null @@ -1,122 +0,0 @@ -! -service timestamps debug datetime msec -service timestamps log datetime msec -no platform punt-keepalive disable-kernel-core -platform console auto -! -hostname ansible-csr2 -! -vrf definition MANAGEMENT - ! - address-family ipv4 - exit-address-family - ! - address-family ipv6 - exit-address-family -! -! -no aaa new-model -! -no ip domain lookup -ip domain name ntc.com -! -subscriber templating -! -multilink bundle-name authenticated -! -! -license udi pid CSR1000V sn 9KXI0D7TVFI -diagnostic bootup level minimal -archive - path bootflash:archive -! -spanning-tree extend system-id -netconf-yang cisco-odm on-demand-enable -netconf-yang cisco-odm polling-enable -netconf-yang -restconf -! -username ntc privilege 15 password 0 ntc123 -! -redundancy -! -lldp run -cdp run -! -interface Loopback0 - ip address 2.2.2.2 255.255.255.255 - ip ospf 1 area 0 - ! -interface GigabitEthernet1 - vrf forwarding MANAGEMENT - ip address 10.0.0.52 255.255.255.0 - negotiation auto -! -interface GigabitEthernet4 - no shutdown - ip address 172.10.12.2 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet3 - no shutdown - ip address 172.10.23.2 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet2 - no shutdown - ip address 172.10.25.2 255.255.255.0 - negotiation auto - mpls ip -! -! -! -router ospf 1 - router-id 2.2.2.2 - network 172.10.12.2 0.0.0.255 area 0 - network 172.10.23.2 0.0.0.255 area 0 - network 172.10.25.2 0.0.0.255 area 0 - ! -router bgp 65000 - neighbor 1.1.1.1 remote-as 65000 - neighbor 1.1.1.1 update-source Loopback0 - ! - address-family ipv4 - neighbor 1.1.1.1 activate - exit-address-family - ! - address-family vpnv4 - neighbor 1.1.1.1 activate - exit-address-family - ! -! -mpls label protocol ldp -! -virtual-service csr_mgmt -! -ip forward-protocol nd -ip http server -ip http authentication local -ip http secure-server -! -ip route vrf MANAGEMENT 0.0.0.0 0.0.0.0 10.0.0.2 -ip scp server enable -! -control-plane -! -alias exec ntcclear clear platform software vnic-if nv -! -line con 0 - stopbits 1 -line vty 0 4 - privilege level 15 - login local - transport preferred ssh -line vty 5 30 - privilege level 15 - login local - transport preferred ssh -! diff --git a/core_config/ansible-csr3-config.txt b/core_config/ansible-csr3-config.txt deleted file mode 100644 index 60b6bed..0000000 --- a/core_config/ansible-csr3-config.txt +++ /dev/null @@ -1,114 +0,0 @@ -! -service timestamps debug datetime msec -service timestamps log datetime msec -no platform punt-keepalive disable-kernel-core -platform console auto -! -hostname ansible-csr3 -! -vrf definition MANAGEMENT - ! - address-family ipv4 - exit-address-family - ! - address-family ipv6 - exit-address-family -! -! -no aaa new-model -! -no ip domain lookup -ip domain name ntc.com -! -subscriber templating -! -multilink bundle-name authenticated -! -! -license udi pid CSR1000V sn 9KXI0D7TVFI -diagnostic bootup level minimal -archive - path bootflash:archive -! -spanning-tree extend system-id -netconf-yang cisco-odm on-demand-enable -netconf-yang cisco-odm polling-enable -netconf-yang -restconf -! -username ntc privilege 15 password 0 ntc123 -! -redundancy -! -lldp run -cdp run -! -interface Loopback0 - ip address 3.3.3.3 255.255.255.255 - ip ospf 1 area 0 - ! -interface GigabitEthernet1 - vrf forwarding MANAGEMENT - ip address 10.0.0.53 255.255.255.0 - negotiation auto -! -interface GigabitEthernet3 - no shutdown - ip address 172.10.23.3 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet2 - no shutdown - ip address 172.10.13.3 255.255.255.0 - negotiation auto - mpls ip -! -! -! -router ospf 1 - router-id 3.3.3.3 - network 172.10.23.3 0.0.0.255 area 0 - network 172.10.13.3 0.0.0.255 area 0 - ! -router bgp 65000 - neighbor 1.1.1.1 remote-as 65000 - neighbor 1.1.1.1 update-source Loopback0 - ! - address-family ipv4 - neighbor 1.1.1.1 activate - exit-address-family - ! - address-family vpnv4 - neighbor 1.1.1.1 activate - exit-address-family - ! -! -mpls label protocol ldp -! -virtual-service csr_mgmt -! -ip forward-protocol nd -ip http server -ip http authentication local -ip http secure-server -! -ip route vrf MANAGEMENT 0.0.0.0 0.0.0.0 10.0.0.2 -ip scp server enable -! -control-plane -! -alias exec ntcclear clear platform software vnic-if nv -! -line con 0 - stopbits 1 -line vty 0 4 - privilege level 15 - login local - transport preferred ssh -line vty 5 30 - privilege level 15 - login local - transport preferred ssh -! diff --git a/core_config/ansible-csr4-config.txt b/core_config/ansible-csr4-config.txt deleted file mode 100644 index fcdba7d..0000000 --- a/core_config/ansible-csr4-config.txt +++ /dev/null @@ -1,122 +0,0 @@ -! -service timestamps debug datetime msec -service timestamps log datetime msec -no platform punt-keepalive disable-kernel-core -platform console auto -! -hostname ansible-csr4 -! -vrf definition MANAGEMENT - ! - address-family ipv4 - exit-address-family - ! - address-family ipv6 - exit-address-family -! -! -no aaa new-model -! -no ip domain lookup -ip domain name ntc.com -! -subscriber templating -! -multilink bundle-name authenticated -! -! -license udi pid CSR1000V sn 9KXI0D7TVFI -diagnostic bootup level minimal -archive - path bootflash:archive -! -spanning-tree extend system-id -netconf-yang cisco-odm on-demand-enable -netconf-yang cisco-odm polling-enable -netconf-yang -restconf -! -username ntc privilege 15 password 0 ntc123 -! -redundancy -! -lldp run -cdp run -! -interface Loopback0 - ip address 4.4.4.4 255.255.255.255 - ip ospf 1 area 0 - ! -interface GigabitEthernet1 - vrf forwarding MANAGEMENT - ip address 10.0.0.54 255.255.255.0 - negotiation auto -! -interface GigabitEthernet4 - no shutdown - ip address 172.10.45.4 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet3 - no shutdown - ip address 172.10.14.4 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet2 - no shutdown - ip address 172.10.46.4 255.255.255.0 - negotiation auto - mpls ip -! -! -! -router ospf 1 - router-id 4.4.4.4 - network 172.10.45.4 0.0.0.255 area 0 - network 172.10.14.4 0.0.0.255 area 0 - network 172.10.46.4 0.0.0.255 area 0 - ! -router bgp 65000 - neighbor 1.1.1.1 remote-as 65000 - neighbor 1.1.1.1 update-source Loopback0 - ! - address-family ipv4 - neighbor 1.1.1.1 activate - exit-address-family - ! - address-family vpnv4 - neighbor 1.1.1.1 activate - exit-address-family - ! -! -mpls label protocol ldp -! -virtual-service csr_mgmt -! -ip forward-protocol nd -ip http server -ip http authentication local -ip http secure-server -! -ip route vrf MANAGEMENT 0.0.0.0 0.0.0.0 10.0.0.2 -ip scp server enable -! -control-plane -! -alias exec ntcclear clear platform software vnic-if nv -! -line con 0 - stopbits 1 -line vty 0 4 - privilege level 15 - login local - transport preferred ssh -line vty 5 30 - privilege level 15 - login local - transport preferred ssh -! diff --git a/core_config/ansible-csr5-config.txt b/core_config/ansible-csr5-config.txt deleted file mode 100644 index 5999157..0000000 --- a/core_config/ansible-csr5-config.txt +++ /dev/null @@ -1,122 +0,0 @@ -! -service timestamps debug datetime msec -service timestamps log datetime msec -no platform punt-keepalive disable-kernel-core -platform console auto -! -hostname ansible-csr5 -! -vrf definition MANAGEMENT - ! - address-family ipv4 - exit-address-family - ! - address-family ipv6 - exit-address-family -! -! -no aaa new-model -! -no ip domain lookup -ip domain name ntc.com -! -subscriber templating -! -multilink bundle-name authenticated -! -! -license udi pid CSR1000V sn 9KXI0D7TVFI -diagnostic bootup level minimal -archive - path bootflash:archive -! -spanning-tree extend system-id -netconf-yang cisco-odm on-demand-enable -netconf-yang cisco-odm polling-enable -netconf-yang -restconf -! -username ntc privilege 15 password 0 ntc123 -! -redundancy -! -lldp run -cdp run -! -interface Loopback0 - ip address 5.5.5.5 255.255.255.255 - ip ospf 1 area 0 - ! -interface GigabitEthernet1 - vrf forwarding MANAGEMENT - ip address 10.0.0.55 255.255.255.0 - negotiation auto -! -interface GigabitEthernet4 - no shutdown - ip address 172.10.45.5 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet3 - no shutdown - ip address 172.10.56.5 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet2 - no shutdown - ip address 172.10.25.5 255.255.255.0 - negotiation auto - mpls ip -! -! -! -router ospf 1 - router-id 5.5.5.5 - network 172.10.45.5 0.0.0.255 area 0 - network 172.10.56.5 0.0.0.255 area 0 - network 172.10.25.5 0.0.0.255 area 0 - ! -router bgp 65000 - neighbor 1.1.1.1 remote-as 65000 - neighbor 1.1.1.1 update-source Loopback0 - ! - address-family ipv4 - neighbor 1.1.1.1 activate - exit-address-family - ! - address-family vpnv4 - neighbor 1.1.1.1 activate - exit-address-family - ! -! -mpls label protocol ldp -! -virtual-service csr_mgmt -! -ip forward-protocol nd -ip http server -ip http authentication local -ip http secure-server -! -ip route vrf MANAGEMENT 0.0.0.0 0.0.0.0 10.0.0.2 -ip scp server enable -! -control-plane -! -alias exec ntcclear clear platform software vnic-if nv -! -line con 0 - stopbits 1 -line vty 0 4 - privilege level 15 - login local - transport preferred ssh -line vty 5 30 - privilege level 15 - login local - transport preferred ssh -! diff --git a/core_config/ansible-csr6-config.txt b/core_config/ansible-csr6-config.txt deleted file mode 100644 index e9d500f..0000000 --- a/core_config/ansible-csr6-config.txt +++ /dev/null @@ -1,114 +0,0 @@ -! -service timestamps debug datetime msec -service timestamps log datetime msec -no platform punt-keepalive disable-kernel-core -platform console auto -! -hostname ansible-csr6 -! -vrf definition MANAGEMENT - ! - address-family ipv4 - exit-address-family - ! - address-family ipv6 - exit-address-family -! -! -no aaa new-model -! -no ip domain lookup -ip domain name ntc.com -! -subscriber templating -! -multilink bundle-name authenticated -! -! -license udi pid CSR1000V sn 9KXI0D7TVFI -diagnostic bootup level minimal -archive - path bootflash:archive -! -spanning-tree extend system-id -netconf-yang cisco-odm on-demand-enable -netconf-yang cisco-odm polling-enable -netconf-yang -restconf -! -username ntc privilege 15 password 0 ntc123 -! -redundancy -! -lldp run -cdp run -! -interface Loopback0 - ip address 6.6.6.6 255.255.255.255 - ip ospf 1 area 0 - ! -interface GigabitEthernet1 - vrf forwarding MANAGEMENT - ip address 10.0.0.56 255.255.255.0 - negotiation auto -! -interface GigabitEthernet3 - no shutdown - ip address 172.10.56.6 255.255.255.0 - negotiation auto - mpls ip -! -! -interface GigabitEthernet2 - no shutdown - ip address 172.10.46.6 255.255.255.0 - negotiation auto - mpls ip -! -! -! -router ospf 1 - router-id 6.6.6.6 - network 172.10.56.6 0.0.0.255 area 0 - network 172.10.46.6 0.0.0.255 area 0 - ! -router bgp 65000 - neighbor 1.1.1.1 remote-as 65000 - neighbor 1.1.1.1 update-source Loopback0 - ! - address-family ipv4 - neighbor 1.1.1.1 activate - exit-address-family - ! - address-family vpnv4 - neighbor 1.1.1.1 activate - exit-address-family - ! -! -mpls label protocol ldp -! -virtual-service csr_mgmt -! -ip forward-protocol nd -ip http server -ip http authentication local -ip http secure-server -! -ip route vrf MANAGEMENT 0.0.0.0 0.0.0.0 10.0.0.2 -ip scp server enable -! -control-plane -! -alias exec ntcclear clear platform software vnic-if nv -! -line con 0 - stopbits 1 -line vty 0 4 - privilege level 15 - login local - transport preferred ssh -line vty 5 30 - privilege level 15 - login local - transport preferred ssh -! diff --git a/diff/ansible-vmx1-diff.txt b/diff/ansible-vmx1-diff.txt deleted file mode 100644 index e69de29..0000000 diff --git a/diff/ansible-vmx2-diff.txt b/diff/ansible-vmx2-diff.txt deleted file mode 100644 index e69de29..0000000 diff --git a/diff/ansible-vmx3-diff.txt b/diff/ansible-vmx3-diff.txt deleted file mode 100644 index e69de29..0000000 diff --git a/diff/ansible-vmx4-diff.txt b/diff/ansible-vmx4-diff.txt deleted file mode 100644 index e69de29..0000000 diff --git a/group_vars/junos b/group_vars/junos index 8d6ff1f..7ec2f1c 100644 --- a/group_vars/junos +++ b/group_vars/junos @@ -2,5 +2,7 @@ #ansible_connection: network_cli ansible_connection: netconf ansible_network_os: junos -ansible_user: salt -ansible_ssh_private_key_file: /srv/salt/ssh/id_rsa +ansible_user: ntc +ansible_ssh_pass: ntc123 +#ansible_user: salt +#ansible_ssh_private_key_file: /srv/salt/ssh/id_rsa diff --git a/hosts_ntc b/hosts_ntc new file mode 100644 index 0000000..376c073 --- /dev/null +++ b/hosts_ntc @@ -0,0 +1,25 @@ +--- +all: + children: + junos: + children: + vmx: + hosts: + ntc-vmx7: + ansible_host: 18.235.232.152 + ntc-vmx8: + ansible_host: 34.239.98.235 + ntc-vmx9: + ansible_host: 18.215.215.54 + cisco: + children: + ios: + hosts: + ntc-csr1: + ansible_host: 18.235.163.52 + ntc-csr2: + ansible_host: 54.158.24.79 + ntc-csr3: + ansible_host: 54.242.37.150 + vars: + model: core-model-ntc.yml diff --git a/ios/core.j2 b/ios/core.j2 index a0a004d..80bf690 100644 --- a/ios/core.j2 +++ b/ios/core.j2 @@ -2,8 +2,9 @@ ! service timestamps debug datetime msec service timestamps log datetime msec +platform qfp utilization monitor load 80 no platform punt-keepalive disable-kernel-core -platform console auto +platform console virtual ! hostname {{inventory_hostname}} ! @@ -26,17 +27,27 @@ subscriber templating multilink bundle-name authenticated ! ! -license udi pid CSR1000V sn 9KXI0D7TVFI +license udi pid CSR1000V sn 9KIBQAQ3OPE diagnostic bootup level minimal archive path bootflash:archive ! -spanning-tree extend system-id +netconf-yang cisco-odm actions OSPF +netconf-yang cisco-odm actions IPRoute +netconf-yang cisco-odm actions Diffserv +netconf-yang cisco-odm actions BFDNeighbors +netconf-yang cisco-odm actions BridgeDomain +netconf-yang cisco-odm actions VirtualService +netconf-yang cisco-odm actions EthernetCFMStats +netconf-yang cisco-odm actions MPLSLDPNeighbors +netconf-yang cisco-odm actions MPLSStaticBinding +netconf-yang cisco-odm actions MPLSForwardingTable netconf-yang cisco-odm on-demand-enable netconf-yang cisco-odm polling-enable netconf-yang -restconf ! +restconf +!! username ntc privilege 15 password 0 ntc123 ! redundancy @@ -118,6 +129,7 @@ ip http server ip http authentication local ip http secure-server ! +ip route 0.0.0.0 0.0.0.0 10.0.0.2 ip route vrf MANAGEMENT 0.0.0.0 0.0.0.0 10.0.0.2 ip scp server enable ! @@ -127,12 +139,27 @@ alias exec ntcclear clear platform software vnic-if nv ! line con 0 stopbits 1 -line vty 0 4 +line vty 0 privilege level 15 login local transport preferred ssh -line vty 5 30 +line vty 1 + login local + length 0 + transport preferred ssh +line vty 2 4 privilege level 15 login local transport preferred ssh +line vty 5 30 + login local + transport preferred ssh +! +wsma agent exec +! +wsma agent config +! +wsma agent filesys +! +wsma agent notify ! diff --git a/junos/core.j2 b/junos/core.j2 index ef28eb7..1a9d535 100644 --- a/junos/core.j2 +++ b/junos/core.j2 @@ -6,20 +6,35 @@ ************************************************** #} version {{ansible_net_version}} +groups { + global { + system { + login { + user ntc { + uid 2000; + class super-user; + authentication { + encrypted-password "$5$9dE0bRr9$.VvWkJKa3J7HW95.G3KxW9x01nUoVi0PnXuZBlpOUH9"; ## SECRET-DATA + } + } + } + } + } +} +apply-groups global; system { host-name {{inventory_hostname}}; no-redirects; root-authentication { - encrypted-password "$5$mcE0Hfiq$JfBeC3QSAvnd1tjqlOhlYXDgVrwvd6S4G3oVj5wiMO7"; ## SECRET-DATA + encrypted-password "$5$1FR588oW$dWnmaj9S4t/GHEYL/gn8tOz3.yXoIMYHrCDyn.4hIo0"; ## SECRET-DATA } login { - user salt { - uid 2001; - class super-user; - authentication { - encrypted-password "$5$yp7ziGTI$F5F.6AUlR8hDK2JIsw5WRrTLex/yTCWH3iSR1Auk293"; ## SECRET-DATA - ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCjxY2hLZ+ju5wdK4GYNhKGgnS8EWLBoEVpo+xQkhDzkTiBx3HGAnmARcVV0B9MqrHZl1omdnirJeygWzVbVY4yPUqGgEcUsTTq9fvK4AjTwtaoB5txAosaOnZq0zewmuZ6EMi6E3RND6A3FGXkf1Il2jg3I8k/dGqdyFI80B7sWy90fk+EqsGMPxVc+l5vAtY2jm84ellxxzBsulxfCSKPH86hZ1GqZ8A1ZBWITu15NjQw0aGssSYGMMTa1T8eFyY4hHWqqdwgOlODg9mZwwP1JdJH79SRoTOjqGGixuAFDGAgH3fNX6u8wTmYya/z7WXH6B2XwiiaZYdcyEbMLPZt"; ## SECRET-DATA - } + class super-user-local { + idle-timeout 3600; + permissions all; + } + user ntc { + class super-user-local; } } services { @@ -104,6 +119,14 @@ interfaces { } } } +snmp { + community public { + authorization read-only; + } + community networktocode { + authorization read-only; + } +} {# ************************************************** ### Global Variables ###### @@ -114,7 +137,7 @@ routing-options { autonomous-system {{ common.bgp_asn }}; static { route 0.0.0.0/0 { - next-hop 10.39.0.1; + next-hop 10.0.0.2; no-readvertise; preference 255; } @@ -172,7 +195,6 @@ protocols { area 0 { {% for intf, intf_attr in node.links.items()|sort %} interface {{ intf }} { - interface-type p2p; {% if intf_attr.cost is defined %} metric {{intf_attr.cost }}; {% endif %} @@ -231,7 +253,7 @@ protocols { ### RSVP Variables ###### ************************************************** #} -{% if node.rsvp is not defined %} +{% if node.rsvp is defined %} rsvp { {% for intf, intf_attr in node.links.items()|sort %} interface {{intf}}; @@ -249,9 +271,15 @@ protocols { {% endfor %} } lldp { +{#} {% for intf, intf_attr in node.links.items()|sort %} interface {{intf.split('.')[0]}}; {% endfor %} +#} + interface all; + interface fxp0 { + disable; + } } } {# diff --git a/nodes.yml b/nodes.yml index 4c285bf..b015df7 100644 --- a/nodes.yml +++ b/nodes.yml @@ -9,40 +9,35 @@ common: nodes: - ansible-csr1: + ntc-csr1: mgmt: 10.0.0.51 rid: 1.1.1.1 - sid: 10 - iso: 49.0001.0010.0100.1001.00 links: - GigabitEthernet4.0: { ip: 172.10.12.1, remote: ansible-csr2 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet2.0: { ip: 172.10.13.1, remote: ansible-csr3 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet3.0: { ip: 172.10.14.1, remote: ansible-csr4 , cost: 10 , vlan: 0 , mpls: True , iso: True} + GigabitEthernet4.0: { ip: 172.10.12.1, remote: ntc-csr2 , vlan: 0 , mpls: True } + GigabitEthernet2.0: { ip: 172.10.13.1, remote: ntc-csr3 , vlan: 0 , mpls: True } + GigabitEthernet3.0: { ip: 172.10.17.1, remote: ntc-vmx7 , vlan: 0 , mpls: True } bgp: ibgp: rr: true peers: - 2.2.2.2 - 3.3.3.3 - - 4.4.4.4 - - 5.5.5.5 - - 6.6.6.6 + - 7.7.7.7 + - 8.8.8.8 + - 9.9.9.9 af: - inet - inet-vpn ospf: area: 0 - network: p2p - ansible-csr2: + ntc-csr2: mgmt: 10.0.0.52 rid: 2.2.2.2 - sid: 20 - iso: 49.0001.0010.0100.1002.00 links: - GigabitEthernet4.0: { ip: 172.10.12.2, remote: ansible-csr1 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet3.0: { ip: 172.10.23.2, remote: ansible-csr3 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet2.0: { ip: 172.10.25.2, remote: ansible-csr5 , cost: 10 , vlan: 0 , mpls: True , iso: True} + GigabitEthernet4.0: { ip: 172.10.12.2, remote: ntc-csr1 , vlan: 0 , mpls: True } + GigabitEthernet3.0: { ip: 172.10.23.2, remote: ntc-csr3 , vlan: 0 , mpls: True } + GigabitEthernet2.0: { ip: 172.10.29.2, remote: ntc-vmx9 , vlan: 0 , mpls: True } bgp: ibgp: peers: @@ -52,16 +47,13 @@ nodes: - inet-vpn ospf: area: 0 - network: p2p - ansible-csr3: + ntc-csr3: mgmt: 10.0.0.53 rid: 3.3.3.3 - sid: 30 - iso: 49.0001.0010.0100.1003.00 links: - GigabitEthernet2.0: { ip: 172.10.13.3, remote: ansible-csr1 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet3.0: { ip: 172.10.23.3, remote: ansible-csr2 , cost: 10 , vlan: 0 , mpls: True , iso: True} + GigabitEthernet2.0: { ip: 172.10.13.3, remote: ntc-csr1 , vlan: 0 , mpls: True } + GigabitEthernet3.0: { ip: 172.10.23.3, remote: ntc-csr2 , vlan: 0 , mpls: True } bgp: ibgp: peers: @@ -71,17 +63,14 @@ nodes: - inet-vpn ospf: area: 0 - network: p2p - ansible-csr4: - mgmt: 10.0.0.54 - rid: 4.4.4.4 - sid: 40 - iso: 49.0001.0010.0100.1004.00 + ntc-vmx7: + mgmt: 10.0.0.37 + rid: 7.7.7.7 links: - GigabitEthernet3.0: { ip: 172.10.14.4, remote: ansible-csr1 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet4.0: { ip: 172.10.45.4, remote: ansible-csr5 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet2.0: { ip: 172.10.46.4, remote: ansible-csr6 , cost: 10 , vlan: 0 , mpls: True , iso: True} + ge-0/0/3.0: { ip: 172.10.17.7, remote: ntc-csr1 , vlan: 0 , mpls: True } + ge-0/0/1.0: { ip: 172.10.79.7, remote: ntc-vmx9 , vlan: 0 , mpls: True } + ge-0/0/0.0: { ip: 172.10.78.7, remote: ntc-vmx8 , vlan: 0 , mpls: True } bgp: ibgp: peers: @@ -91,17 +80,13 @@ nodes: - inet-vpn ospf: area: 0 - network: p2p - ansible-csr5: - mgmt: 10.0.0.55 - rid: 5.5.5.5 - sid: 50 - iso: 49.0001.0010.0100.1005.00 + ntc-vmx8: + mgmt: 10.0.0.38 + rid: 8.8.8.8 links: - GigabitEthernet2.0: { ip: 172.10.25.5, remote: ansible-csr2 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet4.0: { ip: 172.10.45.5, remote: ansible-csr4 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet3.0: { ip: 172.10.56.5, remote: ansible-csr6 , cost: 10 , vlan: 0 , mpls: True , iso: True} + ge-0/0/0.0: { ip: 172.10.78.8, remote: ntc-vmx7 , vlan: 0 , mpls: True } + ge-0/0/2.0: { ip: 172.10.89.8, remote: ntc-vmx9 , vlan: 0 , mpls: True } bgp: ibgp: peers: @@ -111,16 +96,14 @@ nodes: - inet-vpn ospf: area: 0 - network: p2p - ansible-csr6: - mgmt: 10.0.0.56 - rid: 6.6.6.6 - sid: 60 - iso: 49.0001.0010.0100.1006.00 + ntc-vmx9: + mgmt: 10.0.0.39 + rid: 9.9.9.9 links: - GigabitEthernet2.0: { ip: 172.10.46.6, remote: ansible-csr4 , cost: 10 , vlan: 0 , mpls: True , iso: True} - GigabitEthernet3.0: { ip: 172.10.56.6, remote: ansible-csr5 , cost: 10 , vlan: 0 , mpls: True , iso: True} + ge-0/0/3.0: { ip: 172.10.29.9, remote: ntc-csr2 , vlan: 0 , mpls: True } + ge-0/0/1.0: { ip: 172.10.79.9, remote: ntc-vmx7 , vlan: 0 , mpls: True } + ge-0/0/2.0: { ip: 172.10.89.9, remote: ntc-vmx8 , vlan: 0 , mpls: True } bgp: ibgp: peers: @@ -130,4 +113,3 @@ nodes: - inet-vpn ospf: area: 0 - network: p2p diff --git a/ntc_base b/ntc_base new file mode 100644 index 0000000..5ac03b9 --- /dev/null +++ b/ntc_base @@ -0,0 +1,105 @@ +ntc@vmx7> show configuration +## Last commit: 2017-06-29 16:39:22 UTC by ntc +version 15.1F4.15; +groups { + global { + system { + login { + user ntc { + uid 2000; + class super-user; + authentication { + encrypted-password "$5$9dE0bRr9$.VvWkJKa3J7HW95.G3KxW9x01nUoVi0PnXuZBlpOUH9"; ## SECRET-DATA + } + } + } + } + } +} +apply-groups global; +system { + host-name vmx7; + domain-name ntc.com; + root-authentication { + encrypted-password "$5$1FR588oW$dWnmaj9S4t/GHEYL/gn8tOz3.yXoIMYHrCDyn.4hIo0"; ## SECRET-DATA + } + login { + class super-user-local { + idle-timeout 3600; + permissions all; + } + user ntc { + class super-user-local; + } + } + services { + ssh; + netconf { + ssh; + } + } + syslog { + user * { + any emergency; + } + file messages { + any notice; + authorization info; + } + file interactive-commands { + interactive-commands any; + } + } +} +interfaces { + ge-0/0/0 { + unit 0 { + family inet { + address 10.1.254.2/30; + } + } + } + ge-0/0/1 { + unit 0 { + family inet { + address 10.1.254.6/30; + } + } + } + ge-0/0/2 { + unit 0 { + family inet; + } + } + ge-0/0/3 { + unit 0 { + family inet; + } + } + fxp0 { + unit 0 { + family inet { + address 10.0.0.37/24; + } + } + } +} +snmp { + community public { + authorization read-only; + } + community networktocode { + authorization read-only; + } +} +routing-options { + static { + route 0.0.0.0/0 next-hop 10.0.0.2; + } +} +protocols { + lldp { + port-id-subtype interface-name; + interface all; + } +}