| Version 2 (modified by oriol, 17 years ago) (diff) |
|---|
Configuration Routeur Juniper1 (version simplifiée)
version 8.2R2.4;
system {
host-name juniper1;
domain-name AS3;
time-zone CET;
root-authentication {
encrypted-password "$1$EFu46VG8$TCmKtr6x2UFvvh2O5c30V/"; ## SECRET-DATA
}
login {
user david {
full-name "David Oriol";
uid 777;
class super-user;
authentication {
encrypted-password "$1$AadwKnmW$3xjsir/SfmSyRXmxxPNtZ/"; ## SECRET-DATA
}
}
user fama {
full-name "Fama Diagne";
uid 555;
class super-user;
authentication {
encrypted-password "$1$tg4Lp.wq$nlJcPT0gBN0TYuZjKMQ6H0"; ## SECRET-DATA
}
}
user flok {
full-name "Florent Signorello";
uid 666;
class super-user;
authentication {
encrypted-password "$1$I.dKkx.t$CbxgTsDy8jNrzkiwVIGi00"; ## SECRET-DATA
}
}
}
services {
ftp;
ssh {
root-login deny;
connection-limit 4;
}
telnet;
web-management {
http {
interface [ ge-0/0/0.0 ge-0/0/1.0 ge-0/0/2.0 ge-0/0/3.0 ];
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
description toMIR;
family inet {
address 10.20.2.2/30;
}
family inet6 {
address 2001:db8:8000:1::2/64;
}
}
}
ge-0/0/1 {
unit 0 {
description toR2;
family inet {
address 10.30.254.1/30;
}
family inet6 {
address 2001:db8:0:2000::1/64;
}
}
}
ge-0/0/2 {
unit 0 {
description toR4;
family inet {
address 10.30.254.14/30;
}
family inet6 {
address 2001:db8:0:2003::2/64;
}
}
}
ge-0/0/3 {
unit 0 {
description toPC1;
family inet {
address 10.30.1.254/24;
}
family inet6 {
address 2001:db8:0:4001::ffff/64;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.1/32;
}
family inet6 {
address ::1/128;
}
}
}
}
snmp {
description Juniper1;
location "AS3 / salle 747 / LIP6";
contact "David / Florent";
community public {
authorization read-only;
}
}
routing-options {
router-id 192.168.0.1;
autonomous-system 65003;
}
protocols {
bgp {
group toAS2 {
type external;
import community-add;
peer-as 65002;
neighbor 10.20.2.1;
}
group ibgp-AS3 {
type internal;
local-address 192.168.0.1;
export next-hop-self;
neighbor 192.168.0.2;
neighbor 192.168.0.4;
neighbor 192.168.0.3;
}
}
ospf {
area 0.0.0.0 {
authentication-type md5;
interface ge-0/0/1.0 {
authentication {
md5 1 key "$9$QEn9z369Ap0IEu08Xx7Y2mfTQ6CApO1RS"; ## SECRET-DATA
}
}
interface ge-0/0/2.0 {
authentication {
md5 1 key "$9$F5HI369Ap0BEcOBX7N-g4fTzF9tp01Rhr"; ## SECRET-DATA
}
}
interface lo0.0 {
passive;
}
}
area 1.1.1.1 {
interface ge-0/0/0.0 {
passive;
}
}
area 5.5.5.5 {
stub;
interface ge-0/0/3.0 {
passive;
}
}
}
}
policy-options {
policy-statement community-add {
term match-route {
from {
protocol bgp;
as-path AS2-path;
}
}
then {
community add peer;
accept;
}
}
policy-statement next-hop-self {
term set-nh {
then {
next-hop self;
}
}
}
community peer members 65003:2222;
as-path AS2-path 65002.*;
}
class-of-service {
classifiers {
dscp pfres {
import default;
forwarding-class best-effort {
loss-priority medium-high code-points be;
}
forwarding-class assured-forwarding {
loss-priority low code-points af41;
}
forwarding-class expedited-forwarding {
loss-priority medium-low code-points ef;
}
}
}
forwarding-classes {
queue 0 expedited-forwarding;
queue 1 assured-forwarding;
queue 2 best-effort;
}
interfaces {
ge-0/0/0 {
unit 0 {
classifiers {
dscp pfres;
}
}
}
ge-0/0/1 {
unit 0 {
classifiers {
dscp pfres;
}
}
}
ge-0/0/2 {
unit 0 {
classifiers {
dscp pfres;
}
}
}
ge-0/0/3 {
unit 0 {
classifiers {
dscp pfres;
}
}
}
}
scheduler-maps {
pfres {
forwarding-class best-effort scheduler best-effort-scheduler;
forwarding-class expedited-forwarding scheduler expedited-forwarding-scheduler;
forwarding-class assured-forwarding scheduler assured-forwarding-scheduler;
}
}
schedulers {
best-effort-scheduler {
priority low;
}
expedited-forwarding-scheduler {
priority medium-high;
}
assured-forwarding-scheduler {
priority high;
}
}
}
