Realisations/2006-2007/Projet/Entreprise2/Switch: config_X450E_2007-01-18.cfg

File config_X450E_2007-01-18.cfg, 18.7 KB (added by alladoum, 18 years ago)
Line 
1#
2# Module devmgr configuration.
3#
4configure snmp sysName "X450e-24p"
5configure snmp sysContact "support@extremenetworks.com, +1 888 257 3000"
6configure slot 1 module X450e-24p
7
8#
9# Module vlan configuration.
10#
11configure vr VR-Default add ports 1-26
12configure vlan Default tag 1
13create vlan "vlan0"
14create vlan "vlan11"
15create vlan "vlan21"
16disable port 6
17disable port 7
18disable port 8
19disable port 9
20disable port 10
21disable port 12
22disable port 18
23disable port 19
24disable port 20
25disable port 22
26disable port 23
27disable port 24
28disable port 25
29configure ports 25 auto off speed 10000 duplex full
30disable port 26
31configure ports 26 auto off speed 10000 duplex full
32configure vlan vlan0 add ports 3, 11, 21 untagged
33configure vlan vlan11 add ports 4-5 untagged
34configure vlan vlan21 add ports 16-17 untagged
35configure vlan Default ipaddress 192.168.0.254 255.255.255.0
36configure vlan Mgmt ipaddress 192.168.0.254 255.255.255.0
37configure qosscheduler strict-priority
38
39#
40# Module fdb configuration.
41#
42configure fdb agingtime 300
43configure iparp vr VR-Control max_entries 4096
44configure iparp vr VR-Control max_pending_entries 256
45configure iparp vr VR-Control max_proxy_entries 256
46configure iparp vr VR-Control timeout 20
47enable iparp vr VR-Control checking
48enable iparp vr VR-Control refresh
49configure iparp vr VR-Default max_entries 4096
50configure iparp vr VR-Default max_pending_entries 256
51configure iparp vr VR-Default max_proxy_entries 256
52configure iparp vr VR-Default timeout 20
53enable iparp vr VR-Default checking
54enable iparp vr VR-Default refresh
55configure iparp vr VR-Mgmt max_entries 4096
56configure iparp vr VR-Mgmt max_pending_entries 256
57configure iparp vr VR-Mgmt max_proxy_entries 256
58configure iparp vr VR-Mgmt timeout 20
59enable iparp vr VR-Mgmt checking
60enable iparp vr VR-Mgmt refresh
61
62#
63# Module rtmgr configuration.
64#
65disable iproute sharing
66configure iproute priority blackhole 50
67configure iproute priority static 1100
68configure iproute priority icmp 1200
69configure iproute priority ebgp 1700
70configure iproute priority ibgp 1900
71configure iproute priority ospf-intra 2200
72configure iproute priority ospf-inter 2300
73configure iproute priority rip 2400
74configure iproute priority ospf-as-external 3100
75configure iproute priority ospf-extern1 3200
76configure iproute priority ospf-extern2 3300
77configure iproute priority bootp 5000
78configure iproute ipv6 priority blackhole 50
79configure iproute ipv6 priority static 1100
80configure iproute ipv6 priority icmp 1200
81configure iproute ipv6 priority ospfv3-intra 2200
82configure iproute ipv6 priority ospfv3-inter 2300
83configure iproute ipv6 priority RIPng 2400
84configure iproute ipv6 priority ospfv3-as-external 3100
85configure iproute ipv6 priority ospfv3-extern1 3200
86configure iproute ipv6 priority ospfv3-extern2 3300
87configure irdp broadcast
88configure irdp 450 600 1800 0
89disable irdp "Default"
90disable irdp "Mgmt"
91disable icmp address-mask vlan "Default"
92enable icmp parameter-problem vlan "Default"
93enable icmp port-unreachables vlan "Default"
94enable icmp unreachables vlan "Default"
95enable icmp redirects vlan "Default"
96enable icmp time-exceeded vlan "Default"
97disable icmp timestamp vlan "Default"
98disable icmp address-mask vlan "Mgmt"
99enable icmp parameter-problem vlan "Mgmt"
100enable icmp port-unreachables vlan "Mgmt"
101enable icmp unreachables vlan "Mgmt"
102enable icmp redirects vlan "Mgmt"
103enable icmp time-exceeded vlan "Mgmt"
104disable icmp timestamp vlan "Mgmt"
105enable ip-option loose-source-route
106enable ip-option strict-source-route
107enable ip-option record-timestamp
108enable ip-option router-alert
109enable ip-option record-route
110disable ipforwarding broadcast vlan "Default"
111disable ipforwarding broadcast vlan "Mgmt"
112disable icmp useredirects
113
114#
115# Module mcmgr configuration.
116#
117configure igmp snooping cache 32 64
118configure igmp snooping timer 260 260 vr VR-Default
119configure igmp snooping leave-timeout 1000 vr VR-Default
120configure MLD snooping timer 260 260 vr VR-Default
121configure MLD snooping leave-timeout 1000 vr VR-Default
122disable igmp snooping forward-mcrouter-only vr VR-Default
123disable MLD snooping forward-mcrouter-only vr VR-Default
124configure igmp 125 10 1 2 vr VR-Default
125configure MLD 125 10 1 2 vr VR-Default
126enable igmp snooping with-proxy vr VR-Default
127enable MLD snooping with-proxy vr VR-Default
128configure igmp snooping flood-list none vr VR-Default
129configure MLD snooping flood-list none vr VR-Default
130disable mvr
131configure mvr vlan Default mvr-address none
132configure mvr vlan Default static group none
133configure mvr vlan vlan0 mvr-address none
134configure mvr vlan vlan0 static group none
135configure mvr vlan vlan11 mvr-address none
136configure mvr vlan vlan11 static group none
137configure mvr vlan vlan21 mvr-address none
138configure mvr vlan vlan21 static group none
139
140#
141# Module aaa configuration.
142#
143disable radius mgmt-access
144configure radius mgmt-access timeout 3
145disable radius-accounting mgmt-access
146configure radius-accounting mgmt-access timeout 3
147disable radius netlogin
148configure radius netlogin timeout 3
149disable radius-accounting netlogin
150configure radius-accounting netlogin timeout 3
151 disable tacacs
152configure tacacs timeout 3
153disable tacacs-accounting
154configure tacacs-accounting timeout 3
155disable tacacs-authorization
156configure account admin encrypted xJLi2a$As89cP1wHfZWnBK4Hc7ct0
157configure account user encrypted sOSi2a$fEKW8rKI0Etk6Cj6QTz3O/
158
159#
160# Module acl configuration.
161#
162enable access-list refresh blackhole
163enable access-list permit to-cpu
164
165#
166# Module cfgmgr configuration.
167#
168disable cli-config-logging
169configure cli max-sessions 8
170configure cli max-failed-logins 3
171configure banner
172
173
174configure idletimeout 20
175enable idletimeout
176
177#
178# Module dosprotect configuration.
179#
180disable dos-protect
181configure dos-protect interval 1
182configure dos-protect trusted-ports ports
183configure dos-protect type l3-protect alert-threshold 4000
184configure dos-protect type l3-protect notify-threshold 3500
185
186#
187# Module eaps configuration.
188#
189configure eaps fast-convergence off
190configure eaps config-warnings on
191disable eaps
192
193#
194# Module edp configuration.
195#
196configure edp advertisement-interval 60 holddown-interval 180
197enable edp ports 1
198enable edp ports 2
199enable edp ports 3
200enable edp ports 4
201enable edp ports 5
202enable edp ports 6
203enable edp ports 7
204enable edp ports 8
205enable edp ports 9
206enable edp ports 10
207enable edp ports 11
208enable edp ports 12
209enable edp ports 13
210enable edp ports 14
211enable edp ports 15
212enable edp ports 16
213enable edp ports 17
214enable edp ports 18
215enable edp ports 19
216enable edp ports 20
217enable edp ports 21
218enable edp ports 22
219enable edp ports 23
220enable edp ports 24
221enable edp ports 25
222enable edp ports 26
223
224#
225# Module elrp configuration.
226#
227disable elrp-client
228
229#
230# Module ems configuration.
231#
232disable log debug-mode
233create log filter DefaultFilter
234configure log filter DefaultFilter add event All
235enable log target memory-buffer
236configure log target memory-buffer filter DefaultFilter severity Debug-Data
237configure log target memory-buffer match Any
238configure log target memory-buffer format timestamp hundredths date mm-dd-yyyy event-name condition severity
239configure log target memory-buffer number-of-messages 1000
240enable log target nvram
241configure log target nvram filter DefaultFilter severity Warning
242configure log target nvram match Any
243configure log target nvram format timestamp hundredths date mm-dd-yyyy event-name condition severity
244disable log target console
245configure log target console filter DefaultFilter severity Info
246configure log target console match Any
247configure log target console format timestamp hundredths date mm-dd-yyyy event-name condition severity
248
249#
250# Module epm configuration.
251#
252configure sys-recovery-level All
253enable watchdog
254configure firmware install-on-demand
255enable cpu-monitoring interval 20 threshold 60
256
257#
258# Module esrp configuration.
259#
260configure esrp mode extended
261
262#
263# Module etmon configuration.
264#
265configure sflow sample-rate 8192
266configure sflow max-cpu-sample-limit 2000
267configure sflow poll-interval 20
268disable sflow
269disable rmon
270
271#
272# Module hal configuration.
273#
274configure iproute sharing max-gateways 4
275
276#
277# Module lldp configuration.
278#
279configure lldp transmit-interval 30
280configure lldp transmit-hold 4
281configure lldp reinitialize-delay 2
282configure lldp transmit-delay 2
283configure lldp snmp-notification-interval 5
284configure lldp med fast-start repeat-count 3
285
286#
287# Module netLogin configuration.
288#
289configure netlogin dot1x timers server-timeout 30 quiet-period 60 reauth-period 3600 supp-resp-timeout 30
290configure netlogin dot1x eapol-transmit-version v1
291enable netlogin logout-privilege
292enable netlogin session-refresh 3
293configure netlogin base-url "network-access.com"
294configure netlogin redirect-page "http://www.extremenetworks.com"
295configure netlogin banner ""
296
297#
298# Module netTools configuration.
299#
300configure sntp-client update-interval 64
301disable sntp-client
302
303#
304# Module ospf configuration.
305#
306configure ospf routerid automatic
307configure ospf spf-hold-time 3
308configure ospf metric-table 10M 10 100M 5 1G 4 10G 2
309configure ospf lsa-batch-interval 30
310configure ospf import-policy none
311configure ospf ase-limit 0
312disable ospf originate-default
313disable ospf use-ip-router-alert
314disable ospf
315configure ospf restart none
316configure ospf restart grace-period 120
317disable ospf export direct
318disable ospf export static
319disable ospf export rip
320disable ospf export e-bgp
321disable ospf export i-bgp
322configure ospf area 0.0.0.0 external-filter none
323configure ospf area 0.0.0.0 interarea-filter none
324configure ospf area 0.0.0.0 normal
325configure ospf vlan Default area 0.0.0.0
326configure ospf vlan Default cost automatic
327configure ospf vlan Default priority 0
328configure ospf vlan Default authentication none
329configure ospf vlan Default timer 5 1 10 40
330configure ospf vlan Default restart-helper none
331enable ospf vlan Default restart-helper-lsa-check
332
333#
334# Module pim configuration.
335#
336disable pim
337configure pim crp timer 60
338configure pim register-suppress-interval 60 register-probe-interval 5
339configure pim register-checksum-to include-data
340
341#
342# Module poe configuration.
343#
344enable inline-power
345configure inline-power usage-threshold 70
346configure inline-power disconnect-precedence deny-port
347disable inline-power legacy slot 1
348enable inline-power ports 1
349configure inline-power operator-limit 15400 ports 1
350configure inline-power label "" ports 1
351configure inline-power priority low ports 1
352enable inline-power ports 2
353configure inline-power operator-limit 15400 ports 2
354configure inline-power label "" ports 2
355configure inline-power priority low ports 2
356enable inline-power ports 3
357configure inline-power operator-limit 15400 ports 3
358configure inline-power label "" ports 3
359configure inline-power priority low ports 3
360enable inline-power ports 4
361configure inline-power operator-limit 15400 ports 4
362configure inline-power label "" ports 4
363configure inline-power priority low ports 4
364enable inline-power ports 5
365configure inline-power operator-limit 15400 ports 5
366configure inline-power label "" ports 5
367configure inline-power priority low ports 5
368enable inline-power ports 6
369configure inline-power operator-limit 15400 ports 6
370configure inline-power label "" ports 6
371configure inline-power priority low ports 6
372enable inline-power ports 7
373configure inline-power operator-limit 15400 ports 7
374configure inline-power label "" ports 7
375configure inline-power priority low ports 7
376enable inline-power ports 8
377configure inline-power operator-limit 15400 ports 8
378configure inline-power label "" ports 8
379configure inline-power priority low ports 8
380enable inline-power ports 9
381configure inline-power operator-limit 15400 ports 9
382configure inline-power label "" ports 9
383configure inline-power priority low ports 9
384enable inline-power ports 10
385configure inline-power operator-limit 15400 ports 10
386configure inline-power label "" ports 10
387configure inline-power priority low ports 10
388enable inline-power ports 11
389configure inline-power operator-limit 15400 ports 11
390configure inline-power label "" ports 11
391configure inline-power priority low ports 11
392enable inline-power ports 12
393configure inline-power operator-limit 15400 ports 12
394configure inline-power label "" ports 12
395configure inline-power priority low ports 12
396enable inline-power ports 13
397configure inline-power operator-limit 15400 ports 13
398configure inline-power label "" ports 13
399configure inline-power priority low ports 13
400enable inline-power ports 14
401configure inline-power operator-limit 15400 ports 14
402configure inline-power label "" ports 14
403configure inline-power priority low ports 14
404enable inline-power ports 15
405configure inline-power operator-limit 15400 ports 15
406configure inline-power label "" ports 15
407configure inline-power priority low ports 15
408enable inline-power ports 16
409configure inline-power operator-limit 15400 ports 16
410configure inline-power label "" ports 16
411configure inline-power priority low ports 16
412enable inline-power ports 17
413configure inline-power operator-limit 15400 ports 17
414configure inline-power label "" ports 17
415configure inline-power priority low ports 17
416enable inline-power ports 18
417configure inline-power operator-limit 15400 ports 18
418configure inline-power label "" ports 18
419configure inline-power priority low ports 18
420enable inline-power ports 19
421configure inline-power operator-limit 15400 ports 19
422configure inline-power label "" ports 19
423configure inline-power priority low ports 19
424enable inline-power ports 20
425configure inline-power operator-limit 15400 ports 20
426configure inline-power label "" ports 20
427configure inline-power priority low ports 20
428enable inline-power ports 21
429configure inline-power operator-limit 15400 ports 21
430configure inline-power label "" ports 21
431configure inline-power priority low ports 21
432enable inline-power ports 22
433configure inline-power operator-limit 15400 ports 22
434configure inline-power label "" ports 22
435configure inline-power priority low ports 22
436enable inline-power ports 23
437configure inline-power operator-limit 15400 ports 23
438configure inline-power label "" ports 23
439configure inline-power priority low ports 23
440enable inline-power ports 24
441configure inline-power operator-limit 15400 ports 24
442configure inline-power label "" ports 24
443configure inline-power priority low ports 24
444
445#
446# Module rip configuration.
447#
448configure rip garbagetime 120
449configure rip import-policy none
450configure rip routetimeout 180
451configure rip updatetime 30
452disable rip originate-default
453enable rip use-ip-router-alert
454disable rip aggregation
455enable rip poisonreverse
456enable rip splithorizon
457enable rip triggerupdates
458disable rip
459disable rip export direct
460disable rip export static
461disable rip export ospf-intra
462disable rip export ospf-inter
463disable rip export ospf-extern1
464disable rip export ospf-extern2
465disable rip export e-bgp
466disable rip export i-bgp
467
468#
469# Module ripng configuration.
470#
471disable ripng
472configure ripng garbagetime 120
473configure ripng updatetime 30
474configure ripng routetimeout 180
475
476#
477# Module snmpMaster configuration.
478#
479configure snmpv3 engine-id 03:00:04:96:27:c8:3a
480configure snmpv3 add user admin authentication md5 hex 93:0a:71:2b:6a:a8:0b:0f:eb:20:e8:a0:d8:29:9d:5d privacy hex 93:0a:71:2b:6a:a8:0b:0f:eb:20:e8:a0:d8:29:9d:5d
481configure snmpv3 add user initial
482configure snmpv3 add user initialmd5 authentication md5 hex 4f:3b:90:c0:25:86:be:60:c6:97:14:83:5c:2d:44:c5
483 configure snmpv3 add user initialsha authentication sha hex b4:ab:24:92:9d:d8:31:ba:b1:e2:6e:f3:46:17:02:55:8b:fe:d1:98
484configure snmpv3 add user initialmd5Priv authentication md5 hex 33:0b:ff:c2:51:07:ee:32:9f:ca:2e:b2:55:82:64:cd privacy hex 33:0b:ff:c2:51:07:ee:32:9f:ca:2e:b2:55:82:64:cd
485configure snmpv3 add user initialshaPriv authentication sha hex 80:61:f8:6d:d8:0f:1b:f7:2d:b6:cf:a0:95:4c:f8:75:f3:ee:c8:f1 privacy hex 80:61:f8:6d:d8:0f:1b:f7:2d:b6:cf:a0:95:4c:f8:75:f3:ee:c8:f1
486 configure snmpv3 add group v1v2c_ro user v1v2c_ro sec-model snmpv1
487configure snmpv3 add group v1v2c_rw user v1v2c_rw sec-model snmpv1
488configure snmpv3 add group v1v2c_ro user v1v2c_ro sec-model snmpv2c
489configure snmpv3 add group v1v2c_rw user v1v2c_rw sec-model snmpv2c
490configure snmpv3 add group admin user admin sec-model usm
491configure snmpv3 add group initial user initial sec-model usm
492 configure snmpv3 add group initial user initialmd5 sec-model usm
493configure snmpv3 add group initial user initialsha sec-model usm
494configure snmpv3 add group initial user initialmd5Priv sec-model usm
495  configure snmpv3 add group initial user initialshaPriv sec-model usm
496configure snmpv3 add access admin sec-model usm sec-level priv read-view defaultAdminView write-view defaultAdminView notify-view defaultNotifyView
497  configure snmpv3 add access initial sec-model usm sec-level noauth read-view defaultUserView notify-view defaultNotifyView
498configure snmpv3 add access initial sec-model usm sec-level authnopriv read-view defaultUserView write-view defaultUserView notify-view defaultNotifyView
499  configure snmpv3 add access v1v2c_ro sec-model snmpv1 sec-level noauth read-view defaultUserView notify-view defaultNotifyView
500configure snmpv3 add access v1v2c_ro sec-model snmpv2c sec-level noauth read-view defaultUserView notify-view defaultNotifyView
501configure snmpv3 add access v1v2c_rw sec-model snmpv1 sec-level noauth read-view defaultUserView write-view defaultUserView notify-view defaultNotifyView
502configure snmpv3 add access v1v2c_rw sec-model snmpv2c sec-level noauth read-view defaultUserView write-view defaultUserView notify-view defaultNotifyView
503  configure snmpv3 add access v1v2cNotifyGroup sec-model snmpv1 sec-level noauth notify-view defaultNotifyView
504configure snmpv3 add access v1v2cNotifyGroup sec-model snmpv2c sec-level noauth notify-view defaultNotifyView
505configure snmpv3 add mib-view defaultUserView subtree 1 type included
506configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.16 type excluded
507configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.18 type excluded
508   configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.4 type excluded
509configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.6 type excluded
510configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.9 type excluded
511configure snmpv3 add mib-view defaultAdminView subtree 1 type included
512configure snmpv3 add mib-view defaultNotifyView subtree 1 type included
513configure snmpv3 add community private name private user v1v2c_rw
514configure snmpv3 add community public name public user v1v2c_ro
515configure snmpv3 add notify defaultNotify tag defaultNotify
516enable snmp access
517enable snmp traps
518
519#
520# Module stp configuration.
521#
522configure mstp region 00049627c83a
523configure mstp revision 3
524configure mstp format 0
525create stpd s0
526configure stpd s0 tag 0
527configure stpd s0 mode dot1d
528configure stpd s0 forwarddelay 15
529configure stpd s0 hellotime 2
530configure stpd s0 maxage 20
531configure stpd s0 priority 32768
532disable stpd s0 rapid-root-failover
533configure stpd s0 default-encapsulation dot1d
534enable stpd s0 auto-bind vlan Default
535disable stpd s0
536
537#
538# Module telnetd configuration.
539#
540configure telnet vr all
541
542#
543# Module tftpd configuration.
544#
545
546#
547# Module thttpd configuration.
548#
549
550#
551# Module vrrp configuration.
552#