Configuration Routeur Juniper 2 (version simplifiée)
version 8.0R2.8;
system {
host-name juniper2;
domain-name AS3;
time-zone CET;
root-authentication {
encrypted-password "$1$m66ZNjKi$9c.QqPkEtQ8REN3koNFc81"; ## SECRET-DATA
}
login {
user david {
full-name "David Oriol";
uid 777;
class super-user;
authentication {
encrypted-password "$1$l6YNRl2j$Nq9ybuWU11zEb8DsOM.qy/"; ## SECRET-DATA
}
}
user fama {
full-name "Fama Diagne";
uid 555;
class super-user;
authentication {
encrypted-password "$1$esd4mZU6$ViieNs8g6I7ZY0Km12nAc0"; ## SECRET-DATA
}
}
user flok {
full-name "Florent Signorello";
uid 666;
class super-user;
authentication {
encrypted-password "$1$5/gCyoAv$RwhSiNZAV3.UNQS9S2rGV1"; ## SECRET-DATA
}
}
}
services {
ftp;
ssh {
root-login deny;
connection-limit 4;
}
telnet;
web-management {
http {
interface ge-0/0/3.0;
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
ntp {
server 10.30.253.3;
}
}
interfaces {
ge-0/0/0 {
unit 0 {
description toAS4;
family inet {
address 10.30.252.1/30;
}
family inet6 {
address 2001:db8:0:1001::1/64;
}
}
}
ge-0/0/1 {
unit 0 {
description toR1;
family inet {
address 10.30.254.2/30;
}
family inet6 {
address 2001:db8:0:2000::2/64;
}
}
}
ge-0/0/2 {
unit 0 {
description toR3;
family inet {
address 10.30.254.5/30;
}
family inet6 {
address 2001:db8:0:2001::1/64;
}
}
}
ge-0/0/3 {
unit 0 {
description admin;
family inet {
address 10.30.253.20/24;
}
family inet6 {
address 2001:db8:0:3000::20/64;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.2/32;
}
family inet6 {
address ::1/128;
}
}
}
}
snmp {
description Juniper2;
location "AS3 / salle 747 / LIP6";
contact "David / Florent";
community public {
authorization read-only;
}
}
routing-options {
router-id 192.168.0.2;
autonomous-system 65003;
}
protocols {
bgp {
group toAS4 {
type external;
import community-add;
peer-as 65004;
neighbor 10.30.252.2;
}
group ibgp-AS3 {
type internal;
local-address 192.168.0.2;
neighbor 192.168.0.1;
neighbor 192.168.0.3;
neighbor 192.168.0.4;
}
}
ospf {
area 0.0.0.0 {
authentication-type md5;
interface ge-0/0/1.0 {
authentication {
md5 1 key "$9$BdR1RhSrevLxKv4aJZq.tuOBhyreM8X-"; ## SECRET-DATA
}
}
interface ge-0/0/2.0 {
authentication {
md5 1 key "$9$9bgwCtuO1RhreEhdbwsZGFn/9uB1RcylM"; ## SECRET-DATA
}
}
interface lo0.0 {
passive;
}
}
area 2.2.2.2 {
interface ge-0/0/0.0 {
passive;
}
}
}
}
policy-options {
policy-statement community-add {
term match-route {
from {
protocol bgp;
as-path AS4-path;
}
}
then {
community add customer;
accept;
}
}
policy-statement next-hop-self {
term set-nh {
then accept;
}
}
community customer members 65003:4444;
as-path AS4-path 65004.*;
}
class-of-service {
classifiers {
dscp pfres {
import default;
forwarding-class best-effort {
loss-priority medium-high code-points be;
}
forwarding-class assured-forwarding {
loss-priority low code-points af41;
}
forwarding-class expedited-forwarding {
loss-priority medium-low code-points ef;
}
}
}
forwarding-classes {
queue 0 expedited-forwarding;
queue 1 assured-forwarding;
queue 2 best-effort;
}
interfaces {
ge-0/0/0 {
unit 0 {
classifiers {
dscp pfres;
}
}
}
ge-0/0/1 {
unit 0 {
classifiers {
dscp pfres;
}
}
}
ge-0/0/2 {
unit 0 {
classifiers {
dscp pfres;
}
}
}
}
scheduler-maps {
pfres {
forwarding-class best-effort scheduler best-effort-scheduler;
forwarding-class assured-forwarding scheduler assured-forwarding-scheduler;
forwarding-class expedited-forwarding scheduler expedited-forwarding-scheduler;
}
}
schedulers {
best-effort-scheduler {
priority low;
}
assured-forwarding-scheduler {
priority high;
}
expedited-forwarding-scheduler {
priority medium-high;
}
}
}
