| Version 1 (modified by oriol, 17 years ago) (diff) |
|---|
Configuration Routeur Juniper 2 (version simplifiée)
version 8.0R2.8; system {
host-name juniper2; domain-name AS3; time-zone CET; root-authentication {
encrypted-password "$1$m66ZNjKi$9c.QqPkEtQ8REN3koNFc81"; ## SECRET-DATA
} login {
user david {
full-name "David Oriol"; uid 777; class super-user; authentication {
encrypted-password "$1$l6YNRl2j$Nq9ybuWU11zEb8DsOM.qy/"; ## SECRET-DATA
}
} user fama {
full-name "Fama Diagne"; uid 555; class super-user; authentication {
encrypted-password "$1$esd4mZU6$ViieNs8g6I7ZY0Km12nAc0"; ## SECRET-DATA
}
} user flok {
full-name "Florent Signorello"; uid 666; class super-user; authentication {
encrypted-password "$1$5/gCyoAv$RwhSiNZAV3.UNQS9S2rGV1"; ## SECRET-DATA
}
}
} services {
ftp; ssh {
root-login deny; connection-limit 4;
} telnet; web-management {
http {
interface ge-0/0/3.0;
}
}
} syslog {
user * {
any emergency;
} file messages {
any any; authorization info;
} file interactive-commands {
interactive-commands any;
}
} ntp {
server 10.30.253.3;
}
} interfaces {
ge-0/0/0 {
unit 0 {
description toAS4; family inet {
address 10.30.252.1/30;
} family inet6 {
address 2001:db8:0:1001::1/64;
}
}
} ge-0/0/1 {
unit 0 {
description toR1; family inet {
address 10.30.254.2/30;
} family inet6 {
address 2001:db8:0:2000::2/64;
}
}
} ge-0/0/2 {
unit 0 {
description toR3; family inet {
address 10.30.254.5/30;
} family inet6 {
address 2001:db8:0:2001::1/64;
}
}
} ge-0/0/3 {
unit 0 {
description admin; family inet {
address 10.30.253.20/24;
} family inet6 {
address 2001:db8:0:3000::20/64;
}
}
} lo0 {
unit 0 {
family inet {
address 192.168.0.2/32;
} family inet6 {
address ::1/128;
}
}
}
} snmp {
description Juniper2; location "AS3 / salle 747 / LIP6"; contact "David / Florent"; community public {
authorization read-only;
}
} routing-options {
router-id 192.168.0.2; autonomous-system 65003;
} protocols {
bgp {
group toAS4 {
type external; import community-add; peer-as 65004; neighbor 10.30.252.2;
} group ibgp-AS3 {
type internal; local-address 192.168.0.2; neighbor 192.168.0.1; neighbor 192.168.0.3; neighbor 192.168.0.4;
}
} ospf {
area 0.0.0.0 {
authentication-type md5; interface ge-0/0/1.0 {
authentication {
md5 1 key "$9$BdR1RhSrevLxKv4aJZq.tuOBhyreM8X-"; ## SECRET-DATA
}
} interface ge-0/0/2.0 {
authentication {
md5 1 key "$9$9bgwCtuO1RhreEhdbwsZGFn/9uB1RcylM"; ## SECRET-DATA
}
} interface lo0.0 {
passive;
}
} area 2.2.2.2 {
interface ge-0/0/0.0 {
passive;
}
}
}
} policy-options {
policy-statement community-add {
term match-route {
from {
protocol bgp; as-path AS4-path;
}
} then {
community add customer; accept;
}
} policy-statement next-hop-self {
term set-nh {
then accept;
}
} community customer members 65003:4444; as-path AS4-path 65004.*;
} class-of-service {
classifiers {
dscp pfres {
import default; forwarding-class best-effort {
loss-priority medium-high code-points be;
} forwarding-class assured-forwarding {
loss-priority low code-points af41;
} forwarding-class expedited-forwarding {
loss-priority medium-low code-points ef;
}
}
} forwarding-classes {
queue 0 expedited-forwarding; queue 1 assured-forwarding; queue 2 best-effort;
} interfaces {
ge-0/0/0 {
unit 0 {
classifiers {
dscp pfres;
}
}
} ge-0/0/1 {
unit 0 {
classifiers {
dscp pfres;
}
}
} ge-0/0/2 {
unit 0 {
classifiers {
dscp pfres;
}
}
}
} scheduler-maps {
pfres {
forwarding-class best-effort scheduler best-effort-scheduler; forwarding-class assured-forwarding scheduler assured-forwarding-scheduler; forwarding-class expedited-forwarding scheduler expedited-forwarding-scheduler;
}
} schedulers {
best-effort-scheduler {
priority low;
} assured-forwarding-scheduler {
priority high;
} expedited-forwarding-scheduler {
priority medium-high;
}
}
}
