Realisations/2011-2012/Projet/Entreprise2: summit-ent2-cfg.txt

File summit-ent2-cfg.txt, 20.7 KB (added by bbaron, 13 years ago)
Line 
1#
2# Module devmgr configuration.
3#
4configure snmp sysName "Switch-AS4"
5configure snmp sysLocation "Paris"
6configure snmp sysContact "Olivier Fourmaux"
7configure slot 1 module X450e-24p
8
9#
10# Module vlan configuration.
11#
12configure vr VR-Default add ports 1-26
13create qosprofile "QP7"
14configure vlan Default tag 1
15create vlan "vlan400"
16configure vlan vlan400 tag 400
17create vlan "vlan420"
18configure vlan vlan420 tag 420
19create vlan "vlan421"
20configure vlan vlan421 tag 421
21create vlan "vlan430"
22configure vlan vlan430 tag 430
23create vlan "vlan431"
24configure vlan vlan431 tag 431
25create vlan "vlan441"
26configure vlan vlan441 tag 441
27create vlan "vlan442"
28configure vlan vlan442 tag 442
29create vlan "vlan443"
30create vlan "vlan444"
31configure vlan vlan444 tag 444
32create vlan "vlan999"
33configure vlan vlan999 tag 999
34create vlan "voice"
35configure vlan voice tag 10
36enable diffserv examination port 3
37enable diffserv examination port 16
38disable dot1p examination port 16
39configure ports 25 auto off speed 10000 duplex full
40configure ports 26 auto off speed 10000 duplex full
41configure vlan vlan400 add ports 7, 19, 21 tagged 
42configure vlan vlan400 add ports 1, 4, 10, 13 untagged 
43configure vlan vlan420 add ports 19 tagged 
44configure vlan vlan420 add ports 11 untagged 
45configure vlan vlan421 add ports 12, 23 untagged 
46configure vlan vlan430 add ports 21 tagged 
47configure vlan vlan430 add ports 14 untagged 
48configure vlan vlan431 add ports 15, 24 untagged 
49configure vlan vlan441 add ports 7, 20, 22 tagged 
50configure vlan vlan442 add ports 20, 22 tagged 
51configure vlan vlan442 add ports 8 untagged 
52configure vlan vlan443 add ports 3, 6, 9 untagged 
53configure vlan vlan444 add ports 3, 20 tagged 
54configure vlan vlan444 add ports 16 untagged 
55configure vlan vlan999 add ports 8, 24 tagged 
56configure vlan vlan999 add ports 2, 5, 17-18 untagged 
57configure vlan vlan400 ipaddress 4.11.100.33 255.255.255.240
58configure qosscheduler strict-priority
59configure qosprofile QP7 maxbuffer 100 weight 1
60configure qosprofile QP7 minbw 0 maxbw 100 ports 1
61configure qosprofile QP7 minbw 0 maxbw 100 ports 2
62configure qosprofile QP7 minbw 0 maxbw 100 ports 3
63configure qosprofile QP7 minbw 0 maxbw 100 ports 4
64configure qosprofile QP7 minbw 0 maxbw 100 ports 5
65configure qosprofile QP7 minbw 0 maxbw 100 ports 6
66configure qosprofile QP7 minbw 0 maxbw 100 ports 7
67configure qosprofile QP7 minbw 0 maxbw 100 ports 8
68configure qosprofile QP7 minbw 0 maxbw 100 ports 9
69configure qosprofile QP7 minbw 0 maxbw 100 ports 10
70configure qosprofile QP7 minbw 0 maxbw 100 ports 11
71configure qosprofile QP7 minbw 0 maxbw 100 ports 12
72configure qosprofile QP7 minbw 0 maxbw 100 ports 13
73configure qosprofile QP7 minbw 0 maxbw 100 ports 14
74configure qosprofile QP7 minbw 0 maxbw 100 ports 15
75configure qosprofile QP7 minbw 0 maxbw 100 ports 16
76configure qosprofile QP7 minbw 0 maxbw 100 ports 17
77configure qosprofile QP7 minbw 0 maxbw 100 ports 18
78configure qosprofile QP7 minbw 0 maxbw 100 ports 19
79configure qosprofile QP7 minbw 0 maxbw 100 ports 20
80configure qosprofile QP7 minbw 0 maxbw 100 ports 21
81configure qosprofile QP7 minbw 0 maxbw 100 ports 22
82configure qosprofile QP7 minbw 0 maxbw 100 ports 23
83configure qosprofile QP7 minbw 0 maxbw 100 ports 24
84configure qosprofile QP7 minbw 0 maxbw 100 ports 25
85configure qosprofile QP7 minbw 0 maxbw 100 ports 26
86configure dot1p type 6 qosprofile QP7
87configure diffserv examination code-point 46 qosprofile QP7
88
89#
90# Module fdb configuration.
91#
92configure fdb agingtime 300
93configure iparp vr VR-Control max_entries 4096
94configure iparp vr VR-Control max_pending_entries 256
95configure iparp vr VR-Control max_proxy_entries 256
96configure iparp vr VR-Control timeout 20
97enable iparp vr VR-Control checking
98enable iparp vr VR-Control refresh
99configure iparp vr VR-Default max_entries 4096
100configure iparp vr VR-Default max_pending_entries 256
101configure iparp vr VR-Default max_proxy_entries 256
102configure iparp vr VR-Default timeout 20
103enable iparp vr VR-Default checking
104enable iparp vr VR-Default refresh
105configure iparp vr VR-Mgmt max_entries 4096
106configure iparp vr VR-Mgmt max_pending_entries 256
107configure iparp vr VR-Mgmt max_proxy_entries 256
108configure iparp vr VR-Mgmt timeout 20
109enable iparp vr VR-Mgmt checking
110enable iparp vr VR-Mgmt refresh
111
112#
113# Module rtmgr configuration.
114#
115disable iproute sharing
116configure iproute priority blackhole 50
117configure iproute priority static 1100
118configure iproute priority icmp 1200
119configure iproute priority ebgp 1700
120configure iproute priority ibgp 1900
121configure iproute priority ospf-intra 2200
122configure iproute priority ospf-inter 2300
123configure iproute priority rip 2400
124configure iproute priority ospf-as-external 3100
125configure iproute priority ospf-extern1 3200
126configure iproute priority ospf-extern2 3300
127configure iproute priority bootp 5000
128configure iproute ipv6 priority blackhole 50
129configure iproute ipv6 priority static 1100
130configure iproute ipv6 priority icmp 1200
131configure iproute ipv6 priority ospfv3-intra 2200
132configure iproute ipv6 priority ospfv3-inter 2300
133configure iproute ipv6 priority RIPng 2400
134configure iproute ipv6 priority ospfv3-as-external 3100
135configure iproute ipv6 priority ospfv3-extern1 3200
136configure iproute ipv6 priority ospfv3-extern2 3300
137configure irdp broadcast
138configure irdp 450 600 1800 0
139disable irdp "vlan400"
140disable icmp address-mask vlan "vlan400"
141enable icmp parameter-problem vlan "vlan400"
142enable icmp port-unreachables vlan "vlan400"
143enable icmp unreachables vlan "vlan400"
144enable icmp redirects vlan "vlan400"
145enable icmp time-exceeded vlan "vlan400"
146disable icmp timestamp vlan "vlan400"
147enable ip-option loose-source-route
148enable ip-option strict-source-route
149enable ip-option record-timestamp
150enable ip-option router-alert
151enable ip-option record-route
152disable ipforwarding broadcast vlan "vlan400"
153disable icmp useredirects
154
155#
156# Module mcmgr configuration.
157#
158configure igmp snooping cache 32 64
159configure igmp snooping timer 260 260 vr VR-Default
160configure igmp snooping leave-timeout 1000 vr VR-Default
161configure MLD snooping timer 260 260 vr VR-Default
162configure MLD snooping leave-timeout 1000 vr VR-Default
163disable igmp snooping forward-mcrouter-only vr VR-Default
164disable MLD snooping forward-mcrouter-only vr VR-Default
165configure igmp 125 10 1 2 vr VR-Default
166configure MLD 125 10 1 2 vr VR-Default
167enable igmp snooping with-proxy vr VR-Default
168enable MLD snooping with-proxy vr VR-Default
169configure igmp snooping flood-list none vr VR-Default
170configure MLD snooping flood-list none vr VR-Default
171disable mvr
172configure mvr vlan Default mvr-address none
173configure mvr vlan Default static group none
174configure mvr vlan vlan400 mvr-address none
175configure mvr vlan vlan400 static group none
176configure mvr vlan vlan420 mvr-address none
177configure mvr vlan vlan420 static group none
178configure mvr vlan vlan421 mvr-address none
179configure mvr vlan vlan421 static group none
180configure mvr vlan vlan430 mvr-address none
181configure mvr vlan vlan430 static group none
182configure mvr vlan vlan431 mvr-address none
183configure mvr vlan vlan431 static group none
184configure mvr vlan vlan441 mvr-address none
185configure mvr vlan vlan441 static group none
186configure mvr vlan vlan442 mvr-address none
187configure mvr vlan vlan442 static group none
188configure mvr vlan vlan443 mvr-address none
189configure mvr vlan vlan443 static group none
190configure mvr vlan vlan444 mvr-address none
191configure mvr vlan vlan444 static group none
192configure mvr vlan vlan999 mvr-address none
193configure mvr vlan vlan999 static group none
194configure mvr vlan voice mvr-address none
195configure mvr vlan voice static group none
196
197#
198# Module aaa configuration.
199#
200disable radius mgmt-access
201configure radius mgmt-access timeout 3
202disable radius-accounting mgmt-access
203configure radius-accounting mgmt-access timeout 3
204disable radius netlogin
205configure radius netlogin timeout 3
206disable radius-accounting netlogin
207configure radius-accounting netlogin timeout 3
208disable tacacs
209configure tacacs timeout 3
210disable tacacs-accounting
211configure tacacs-accounting timeout 3
212disable tacacs-authorization
213configure account admin encrypted xJLkKm$qRospHGgtUkQoIFzLGo/71
214configure account user encrypted sOSkKm$XnEo7jntuXnMf49rOiJmA1
215
216#
217# Module acl configuration.
218#
219enable access-list refresh blackhole
220enable access-list permit to-cpu
221
222#
223# Module cfgmgr configuration.
224#
225disable cli-config-logging
226configure cli max-sessions 8
227configure cli max-failed-logins 3
228configure banner
229
230
231configure idletimeout 20
232enable idletimeout
233
234#
235# Module dosprotect configuration.
236#
237disable dos-protect
238configure dos-protect interval 1
239configure dos-protect trusted-ports ports
240configure dos-protect type l3-protect alert-threshold 4000
241configure dos-protect type l3-protect notify-threshold 3500
242
243#
244# Module eaps configuration.
245#
246configure eaps fast-convergence off
247configure eaps config-warnings on
248disable eaps
249
250#
251# Module edp configuration.
252#
253configure edp advertisement-interval 60 holddown-interval 180
254enable edp ports 1
255enable edp ports 2
256enable edp ports 3
257enable edp ports 4
258enable edp ports 5
259enable edp ports 6
260enable edp ports 7
261enable edp ports 8
262enable edp ports 9
263enable edp ports 10
264enable edp ports 11
265enable edp ports 12
266enable edp ports 13
267enable edp ports 14
268enable edp ports 15
269enable edp ports 16
270enable edp ports 17
271enable edp ports 18
272enable edp ports 19
273enable edp ports 20
274enable edp ports 21
275enable edp ports 22
276enable edp ports 23
277enable edp ports 24
278enable edp ports 25
279enable edp ports 26
280
281#
282# Module elrp configuration.
283#
284disable elrp-client
285
286#
287# Module ems configuration.
288#
289disable log debug-mode
290create log filter DefaultFilter
291configure log filter DefaultFilter add event All
292enable log target memory-buffer
293configure log target memory-buffer filter DefaultFilter severity Debug-Data
294configure log target memory-buffer match Any
295configure log target memory-buffer format timestamp hundredths date mm-dd-yyyy e
296configure log target memory-buffer number-of-messages 1000
297enable log target nvram
298configure log target nvram filter DefaultFilter severity Warning
299configure log target nvram match Any
300configure log target nvram format timestamp hundredths date mm-dd-yyyy event-nam
301disable log target console
302configure log target console filter DefaultFilter severity Info
303configure log target console match Any
304configure log target console format timestamp hundredths date mm-dd-yyyy event-n
305
306#
307# Module epm configuration.
308#
309configure sys-recovery-level All
310enable watchdog
311configure firmware install-on-demand
312enable cpu-monitoring interval 20 threshold 60
313
314#
315# Module esrp configuration.
316#
317configure esrp mode extended
318
319#
320# Module etmon configuration.
321#
322configure sflow sample-rate 8192
323configure sflow max-cpu-sample-limit 2000
324configure sflow poll-interval 20
325disable sflow
326disable rmon
327
328#
329# Module hal configuration.
330#
331configure iproute sharing max-gateways 4
332
333#
334# Module lldp configuration.
335#
336configure lldp transmit-interval 30
337configure lldp transmit-hold 4
338configure lldp reinitialize-delay 2
339configure lldp transmit-delay 2
340configure lldp snmp-notification-interval 5
341configure lldp med fast-start repeat-count 3
342
343#
344# Module netLogin configuration.
345#
346configure netlogin dot1x timers server-timeout 30 quiet-period 60 reauth-period
347configure netlogin dot1x eapol-transmit-version v1
348enable netlogin logout-privilege
349enable netlogin session-refresh 3
350configure netlogin base-url "network-access.com"
351configure netlogin redirect-page "http://www.extremenetworks.com"
352configure netlogin banner ""
353
354#
355# Module netTools configuration.
356#
357configure sntp-client update-interval 64
358disable sntp-client
359
360#
361# Module ospf configuration.
362#
363configure ospf routerid automatic
364configure ospf spf-hold-time 3
365configure ospf metric-table 10M 10 100M 5 1G 4 10G 2
366configure ospf lsa-batch-interval 30
367configure ospf import-policy none
368configure ospf ase-limit 0
369disable ospf originate-default
370disable ospf use-ip-router-alert
371disable ospf
372configure ospf restart none
373configure ospf restart grace-period 120
374disable ospf export direct
375disable ospf export static
376disable ospf export rip
377disable ospf export e-bgp
378disable ospf export i-bgp
379configure ospf area 0.0.0.0 external-filter none
380configure ospf area 0.0.0.0 interarea-filter none
381configure ospf area 0.0.0.0 normal
382configure ospf vlan vlan400 area 0.0.0.0
383configure ospf vlan vlan400 cost automatic
384configure ospf vlan vlan400 priority 0
385configure ospf vlan vlan400 authentication none
386configure ospf vlan vlan400 timer 5 1 10 40
387configure ospf vlan vlan400 restart-helper none
388enable ospf vlan vlan400 restart-helper-lsa-check
389
390#
391# Module pim configuration.
392#
393disable pim
394configure pim crp timer 60
395configure pim register-suppress-interval 60 register-probe-interval 5
396configure pim register-checksum-to include-data
397
398#
399# Module poe configuration.
400#
401enable inline-power
402configure inline-power usage-threshold 70
403configure inline-power disconnect-precedence deny-port
404disable inline-power legacy slot 1
405enable inline-power ports 1
406configure inline-power operator-limit 15400 ports 1
407configure inline-power label "" ports 1
408configure inline-power priority low ports 1
409enable inline-power ports 2
410configure inline-power operator-limit 15400 ports 2
411configure inline-power label "" ports 2
412configure inline-power priority low ports 2
413enable inline-power ports 3
414configure inline-power operator-limit 15400 ports 3
415configure inline-power label "" ports 3
416configure inline-power priority low ports 3
417enable inline-power ports 4
418configure inline-power operator-limit 15400 ports 4
419configure inline-power label "" ports 4
420configure inline-power priority low ports 4
421enable inline-power ports 5
422configure inline-power operator-limit 15400 ports 5
423configure inline-power label "" ports 5
424configure inline-power priority low ports 5
425enable inline-power ports 6
426configure inline-power operator-limit 15400 ports 6
427configure inline-power label "" ports 6
428configure inline-power priority low ports 6
429enable inline-power ports 7
430configure inline-power operator-limit 15400 ports 7
431configure inline-power label "" ports 7
432configure inline-power priority low ports 7
433enable inline-power ports 8
434configure inline-power operator-limit 15400 ports 8
435configure inline-power label "" ports 8
436configure inline-power priority low ports 8
437enable inline-power ports 9
438configure inline-power operator-limit 15400 ports 9
439configure inline-power label "" ports 9
440configure inline-power priority low ports 9
441enable inline-power ports 10
442configure inline-power operator-limit 15400 ports 10
443configure inline-power label "" ports 10
444configure inline-power priority low ports 10
445enable inline-power ports 11
446configure inline-power operator-limit 15400 ports 11
447configure inline-power label "" ports 11
448configure inline-power priority low ports 11
449enable inline-power ports 12
450configure inline-power operator-limit 15400 ports 12
451configure inline-power label "" ports 12
452configure inline-power priority low ports 12
453enable inline-power ports 13
454configure inline-power operator-limit 15400 ports 13
455configure inline-power label "" ports 13
456configure inline-power priority low ports 13
457enable inline-power ports 14
458configure inline-power operator-limit 15400 ports 14
459configure inline-power label "" ports 14
460configure inline-power priority low ports 14
461enable inline-power ports 15
462configure inline-power operator-limit 15400 ports 15
463configure inline-power label "" ports 15
464configure inline-power priority low ports 15
465enable inline-power ports 16
466configure inline-power operator-limit 15400 ports 16
467configure inline-power label "" ports 16
468configure inline-power priority low ports 16
469enable inline-power ports 17
470configure inline-power operator-limit 15400 ports 17
471configure inline-power label "" ports 17
472configure inline-power priority low ports 17
473enable inline-power ports 18
474configure inline-power operator-limit 15400 ports 18
475configure inline-power label "" ports 18
476configure inline-power priority low ports 18
477enable inline-power ports 19
478configure inline-power operator-limit 15400 ports 19
479configure inline-power label "" ports 19
480configure inline-power priority low ports 19
481enable inline-power ports 20
482configure inline-power operator-limit 15400 ports 20
483configure inline-power label "" ports 20
484configure inline-power priority low ports 20
485enable inline-power ports 21
486configure inline-power operator-limit 15400 ports 21
487configure inline-power label "" ports 21
488configure inline-power priority low ports 21
489enable inline-power ports 22
490configure inline-power operator-limit 15400 ports 22
491configure inline-power label "" ports 22
492configure inline-power priority low ports 22
493enable inline-power ports 23
494configure inline-power operator-limit 15400 ports 23
495configure inline-power label "" ports 23
496configure inline-power priority low ports 23
497enable inline-power ports 24
498configure inline-power operator-limit 15400 ports 24
499configure inline-power label "" ports 24
500configure inline-power priority low ports 24
501
502#
503# Module rip configuration.
504#
505configure rip garbagetime 120
506configure rip import-policy none
507Press <SPACE> to continue or <Q> to quit:   
508configure rip routetimeout 180
509configure rip updatetime 30
510disable rip originate-default
511enable rip use-ip-router-alert
512disable rip aggregation
513enable rip poisonreverse
514enable rip splithorizon
515enable rip triggerupdates
516disable rip
517disable rip export direct
518disable rip export static
519disable rip export ospf-intra
520disable rip export ospf-inter
521disable rip export ospf-extern1
522disable rip export ospf-extern2
523disable rip export e-bgp
524disable rip export i-bgp
525
526#
527# Module ripng configuration.
528#
529disable ripng
530configure ripng garbagetime 120
531configure ripng updatetime 30
532configure ripng routetimeout 180
533
534#
535# Module snmpMaster configuration.
536#
537configure snmpv3 engine-id 03:00:04:96:27:c8:3a
538configure snmpv3 add user admin authentication md5 hex 93:0a:71:2b:6a:a8:0b:0f:e
539configure snmpv3 add user initial
540configure snmpv3 add user initialmd5 authentication md5 hex 4f:3b:90:c0:25:86:be
541configure snmpv3 add user initialsha authentication sha hex b4:ab:24:92:9d:d8:31
542configure snmpv3 add user initialmd5Priv authentication md5 hex 33:0b:ff:c2:51:0
543configure snmpv3 add user initialshaPriv authentication sha hex 80:61:f8:6d:d8:0
544configure snmpv3 add group v1v2c_ro user v1v2c_ro sec-model snmpv1
545configure snmpv3 add group v1v2c_rw user v1v2c_rw sec-model snmpv1
546configure snmpv3 add group v1v2c_ro user v1v2c_ro sec-model snmpv2c
547configure snmpv3 add group v1v2c_rw user v1v2c_rw sec-model snmpv2c
548configure snmpv3 add group admin user admin sec-model usm
549configure snmpv3 add group initial user initial sec-model usm
550configure snmpv3 add group initial user initialmd5 sec-model usm
551configure snmpv3 add group initial user initialsha sec-model usm
552configure snmpv3 add group initial user initialmd5Priv sec-model usm
553configure snmpv3 add group initial user initialshaPriv sec-model usm
554configure snmpv3 add access admin sec-model usm sec-level priv read-view defauli
555configure snmpv3 add access initial sec-model usm sec-level noauth read-view dee
556configure snmpv3 add access initial sec-model usm sec-level authnopriv read-view
557configure snmpv3 add access v1v2c_ro sec-model snmpv1 sec-level noauth read-view
558configure snmpv3 add access v1v2c_ro sec-model snmpv2c sec-level noauth read-vie
559configure snmpv3 add access v1v2c_rw sec-model snmpv1 sec-level noauth read-view
560configure snmpv3 add access v1v2c_rw sec-model snmpv2c sec-level noauth read-vie
561configure snmpv3 add access v1v2cNotifyGroup sec-model snmpv1 sec-level noauth n
562configure snmpv3 add access v1v2cNotifyGroup sec-model snmpv2c sec-level noauth
563configure snmpv3 add mib-view defaultUserView subtree 1 type included
564configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.16 type exclud
565configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.18 type exclud
566configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.4 t
567configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.6 t
568configure snmpv3 add mib-view defaultUserView subtree 1.3.6.1.6.3.15.1.2.2.1.9 t
569configure snmpv3 add mib-view defaultAdminView subtree 1 type included
570configure snmpv3 add mib-view defaultNotifyView subtree 1 type included
571configure snmpv3 add community as4 name as4 user v1v2c_ro
572configure snmpv3 add community private name private user v1v2c_rw
573configure snmpv3 add community public name public user v1v2c_ro
574configure snmpv3 add notify defaultNotify tag defaultNotify
575enable snmp access
576enable snmp traps
577
578#
579# Module stp configuration.
580#
581configure mstp region 00049627c83a
582configure mstp revision 3
583configure mstp format 0
584create stpd s0
585configure stpd s0 tag 0
586configure stpd s0 mode dot1d
587configure stpd s0 forwarddelay 15
588configure stpd s0 hellotime 2
589configure stpd s0 maxage 20
590configure stpd s0 priority 32768
591disable stpd s0 rapid-root-failover
592configure stpd s0 default-encapsulation dot1d
593enable stpd s0 auto-bind vlan Default
594disable stpd s0
595
596#
597# Module telnetd configuration.
598#
599configure telnet vr all
600
601#
602# Module tftpd configuration.
603#
604
605#
606# Module thttpd configuration.
607#
608
609#
610# Module vrrp configuration.
611#