Quantcast
Channel: All SRX Services Gateway posts
Viewing all articles
Browse latest Browse all 17645

Re: Routing-Instance and ISIS Routing

$
0
0

No Physical loop

 

Just placed the interfaces into the VRs.

Here is the full config..

 

Clive@THW-SRX-01# run show configuration | display set
set version 15.1X49-D110.4
set system host-name THW-SRX-01
set system root-authentication encrypted-password "$5$z0x/bUE1$7a0.XL.aD8Tj4HrTCLYWvinpjKFmI79nFjbCJF8HXj4"
set system name-server 8.8.8.8
set system name-server 8.8.4.4
set system login user Clive uid 2000
set system login user Clive class super-user
set system login user Clive authentication encrypted-password "$5$Qx1BnOI.$haJ9bhIUBcROyvUpibcE4UkYuYSuB8qTIMufMaaA7q9"
set system login user Jim uid 2003
set system login user Jim class super-user
set system login user Jim authentication encrypted-password "$5$2jd10ZcZ$WH.lj5bRlh7P4qV3tEDJnM2hwkAiT3OAADRi3j5Wqb8"
set system login user Lee uid 2002
set system login user Lee class super-user
set system login user Lee authentication encrypted-password "$5$EGzUTmfP$9ySV5xu4jyoPAno2qfRCjjDsAg1r9hreOFSu7luLXE/"
set system login user Oliver uid 2004
set system login user Oliver class super-user
set system login user Oliver authentication encrypted-password "$5$nHRTwAfF$O.7LJxttsI8Rgb8Qd/n0oEszEKk4CsE3GyLpyVcl5y/"
set system login user Stephen uid 2001
set system login user Stephen class super-user
set system login user Stephen authentication encrypted-password "$5$okr6bMjJ$bRThHm0wAqEB6T.QmSlbv.VRx31GvaNPhlC4K.0tHmD"
set system services ssh
set system services xnm-clear-text
set system services netconf ssh
set system services dhcp-local-server group jdhcp-group interface ge-0/0/1.0
set system services web-management https system-generated-certificate
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system max-configurations-on-flash 5
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set system phone-home server https://redirect.juniper.net
set system phone-home rfc-complaint
set chassis aggregated-devices ethernet device-count 2
set security log mode stream
set security log report
set security forwarding-options family inet6 mode flow-based
set security forwarding-options family iso mode packet-based
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
set security screen ids-option untrust-screen tcp syn-flood timeout 20
set security screen ids-option untrust-screen tcp land
set security nat source rule-set trust-to-untrust from zone trust
set security nat source rule-set trust-to-untrust to zone untrust
set security nat source rule-set trust-to-untrust rule source-nat-rule match source-address 0.0.0.0/0
set security nat source rule-set trust-to-untrust rule source-nat-rule then source-nat interface
set security policies from-zone trust to-zone trust policy default-permit match source-address any
set security policies from-zone trust to-zone trust policy default-permit match destination-address any
set security policies from-zone trust to-zone trust policy default-permit match application any
set security policies from-zone trust to-zone trust policy default-permit then permit
set security policies from-zone trust to-zone untrust policy default-permit match source-address any
set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
set security policies from-zone trust to-zone untrust policy default-permit match application any
set security policies from-zone trust to-zone untrust policy default-permit then permit
set security policies from-zone Customer-Network to-zone NineGroup-DMZ policy CliveTest match source-address any
set security policies from-zone Customer-Network to-zone NineGroup-DMZ policy CliveTest match destination-address any
set security policies from-zone Customer-Network to-zone NineGroup-DMZ policy CliveTest match application any
set security policies from-zone Customer-Network to-zone NineGroup-DMZ policy CliveTest then permit
set security policies from-zone NineGroup-DMZ to-zone Customer-Network policy CliveTest1 match source-address any
set security policies from-zone NineGroup-DMZ to-zone Customer-Network policy CliveTest1 match destination-address any
set security policies from-zone NineGroup-DMZ to-zone Customer-Network policy CliveTest1 match application any
set security policies from-zone NineGroup-DMZ to-zone Customer-Network policy CliveTest1 then permit
set security zones security-zone trust host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
set security zones security-zone trust interfaces ge-0/0/1.0
set security zones security-zone trust interfaces ge-0/0/3.0
set security zones security-zone untrust screen untrust-screen
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services tftp
set security zones security-zone untrust interfaces ge-0/0/0.0 host-inbound-traffic system-services https
set security zones security-zone NineGroup-DMZ
set security zones security-zone Customer-Network host-inbound-traffic system-services all
set security zones security-zone Customer-Network host-inbound-traffic protocols all
set security zones security-zone Customer-Network interfaces ae2.0
set interfaces ge-0/0/0 unit 0 family inet dhcp-client update-server
set interfaces ge-0/0/1 unit 0 family inet
set interfaces ge-0/0/2 unit 0 family inet address 195.80.0.37/30
set interfaces ge-0/0/2 unit 0 family iso
set interfaces ge-0/0/2 unit 0 family inet6 address 2a05:d840:0030:ffff:ffff:ffff:0000:0001/127
set interfaces ge-0/0/3 unit 0 family inet
set interfaces ge-0/0/4 unit 0 family inet address 192.168.1.2/24
set interfaces ge-0/0/4 unit 0 family iso
set interfaces xe-0/0/16 description Group-ae2
set interfaces xe-0/0/16 gigether-options 802.3ad ae2
set interfaces xe-0/0/17 unit 0 family inet
set interfaces xe-0/0/18 description Group-ae2
set interfaces xe-0/0/18 gigether-options 802.3ad ae2
set interfaces ae2 unit 0 description TO-THW-CORE-01-ae2
set interfaces ae2 unit 0 family inet address 195.80.0.18/30
set interfaces ae2 unit 0 family iso
set interfaces ae2 unit 0 family inet6 address 2a05:d840:002b:ffff:ffff:ffff:0000:0002/127
set interfaces fxp0 unit 0 family inet address 185.89.120.8/24
set interfaces lo0 unit 0 family inet address 195.80.0.3/32
set interfaces lo0 unit 0 family iso address 49.0001.1950.0080.0004.00
set interfaces lo0 unit 0 family inet6 address 2a05:d840:000e:ffff:ffff:ffff:0000:0001/128
set routing-options static route 172.16.16.0/24 next-hop 172.16.16.39
set protocols isis export export_statics
set protocols isis level 1 authentication-key "$9$zyOuFCuREyKWxSrxdwgUDP5QF9AuO1hyl"
set protocols isis level 1 authentication-type md5
set protocols isis level 2 authentication-key "$9$Xqsxb2ZGi.fzjHz6CuEhvWLxVw24aUik"
set protocols isis level 2 authentication-type md5
set protocols isis interface lo0.0
set policy-options policy-statement export_statics term 1 from protocol static
set policy-options policy-statement export_statics term 1 then accept
set access address-assignment pool junosDHCPPool family inet network 192.168.2.0/24
set access address-assignment pool junosDHCPPool family inet range junosRange low 192.168.2.2
set access address-assignment pool junosDHCPPool family inet range junosRange high 192.168.2.254
set access address-assignment pool junosDHCPPool family inet dhcp-attributes router 192.168.2.1
set access address-assignment pool junosDHCPPool family inet dhcp-attributes propagate-settings ge-0/0/0.0
set routing-instances Customer-VR instance-type virtual-router
set routing-instances Customer-VR interface ae2.0
set routing-instances Customer-VR protocols isis level 1 authentication-key "$9$29gGiPfz6CuQFu1EyW8VwYgZUik.5z3"
set routing-instances Customer-VR protocols isis level 1 authentication-type md5
set routing-instances Customer-VR protocols isis level 2 authentication-key "$9$lOzeLNsYoGjq4aqfQnpuhSre8XNdb2oJ"
set routing-instances Customer-VR protocols isis level 2 authentication-type md5
set routing-instances Customer-VR protocols isis interface ae2.0
set routing-instances NineGroup-VR instance-type virtual-router
set routing-instances NineGroup-VR interface ge-0/0/2.0
set routing-instances NineGroup-VR protocols isis interface ge-0/0/2.0

 

Thank you


Viewing all articles
Browse latest Browse all 17645

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>