Border

<border>dis cu
#
version 7.1.070, Feature 2607
#
memory-threshold slot 5 minor 122 severe 61 critical 41 normal 143 early-warning
164 secure 184
#
sysname border
#
ip vpn-instance 1111
route-distinguisher 4:3300
description SDN_VRF_321fdc53-c616-4fb2-8206-e82d169061a3
#
address-family ipv4
vpn-target 0:3300 1:3300 import-extcommunity
vpn-target 1:3300 export-extcommunity
#
address-family evpn
#
description SDN_VRF_272f5b96-10c4-4378-895e-1e511c04201c
#
address-family ipv4
#
address-family evpn
#
description SDN_VRF_fb349ad6-ede9-48f8-bbe9-f8b0c74888f3
#
address-family ipv4
#
address-family evpn
#
ip vpn-instance 1ocrsdffba9uk8nbrtjo195odd
description SDN_VRF_3866f8d7-bd6a-4fa8-8baf-7d9e0292e1ad
#
ip vpn-instance 202cv7371f8bmajf4m181mst6s
description SDN_VRF_40133e71-9c2f-42ec-a9bc-960a036e74dc
#
address-family ipv4
#
address-family evpn
#
ip vpn-instance 2k1aur6ide8itor1f64nof1fvb
description SDN_VRF_540abdb3-49ae-44bb-8d85-e625f0f0bfeb
#
ip vpn-instance 2or6cusln38pdb9kksa2v81c0e
description SDN_VRF_58d999ee-56e3-465a-b4d2-9c50be80b00e
#
description SDN_VRF_88a5d093-82d9-4ebd-a773-c6ec1e6fefae
#
address-family ipv4
#
address-family evpn
#
ip vpn-instance 5npi08negm8o3r7hfo0vlsjlkn
description SDN_VRF_b7cc808b-ba16-4607-b3c5-f807ebc9d697
#
address-family ipv4
#
address-family evpn
#
telnet server enable
#
irf mac-address persistent timer
irf auto-update enable
undo irf link-delay
irf member 5 priority 1
#
vxlan tunnel mac-learning disable
#
ospf 1
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 10.30.42.4 0.0.0.3
#
lldp global enable
#
system-working-mode standard
hardware-resource switch-mode 4
hardware-resource routing-mode ipv6-64
hardware-resource vxlan border40k
fan prefer-direction slot 5 port-to-power
password-recovery enable
#
vlan 1
#
vlan 2 to 999
#
vlan 1000
description SDN_VLAN_1000
#
vlan 1001
#
vlan 1002
#
vlan 1003
#
vlan 1004
#
vlan 1005
#
vlan 1006
#
vlan 1007
#
vlan 1008
#
vlan 1009
#
vlan 1011
#
vlan 1015 to 4094
#
openflow instance 1
default table-miss permit
description SDN_INSTANCE_85d1fb4a-5275-43f3-a2de-4e885e1d80a9
flow-table mac-ip 0 extensibility 1
classification global
controller 1 address ip 10.30.40.2 local address ip 10.30.41.5
controller 2 address ip 10.30.40.3 local address ip 10.30.41.5
active instance
#
stp global enable
#
policy-based-route SDN_1000 permit node 100
if-match acl name SDN_ACL_FW_202cv7371f8bmajf4m181mst6s
apply next-hop vpn-instance 202cv7371f8bmajf4m181mst6s 10.30.44.2
#
if-match acl name SDN_ACL_FW_5npi08negm8o3r7hfo0vlsjlkn
apply next-hop vpn-instance 5npi08negm8o3r7hfo0vlsjlkn 10.30.44.4
#
if-match acl name SDN_ACL_LB_1111
apply next-hop vpn-instance 1111 10.30.44.13
#
if-match acl name SDN_ACL_FW_1111
#
if-match acl name SDN_ACL_FW_1112
#
if-match acl name SDN_ACL_FW_2k1aur6ide8itor1f64nof1fvb
apply next-hop vpn-instance 2k1aur6ide8itor1f64nof1fvb 10.30.44.9
#
l2vpn enable
vxlan tunnel arp-learning disable
#
vsi SDN_VSI_2006
gateway vsi-interface 5
statistics enable
arp suppression enable
vxlan 2006
evpn encapsulation vxlan
route-distinguisher auto
vpn-target auto export-extcommunity
vpn-target auto import-extcommunity
#
vsi SDN_VSI_2008
gateway vsi-interface 4
statistics enable
arp suppression enable
vxlan 2008
evpn encapsulation vxlan
route-distinguisher auto
vpn-target auto export-extcommunity
vpn-target auto import-extcommunity
#
interface NULL0
#
interface LoopBack0
ip address 5.5.5.5 255.255.255.255
#
interface Vlan-interface1000
description SDN_VLAN_Interface_1000
ip binding vpn-instance 202cv7371f8bmajf4m181mst6s
ip address 10.30.44.1 255.255.255.0 sub
#
ip binding vpn-instance 5npi08negm8o3r7hfo0vlsjlkn
ip address 10.30.44.3 255.255.255.0 sub
#
ip binding vpn-instance 1234
ip address 10.30.44.5 255.255.255.0 sub
#
ip address 10.30.44.7 255.255.255.0 sub
#
ip binding vpn-instance 2or6cusln38pdb9kksa2v81c0e
ip address 10.30.44.10 255.255.255.0 sub
#
ip binding vpn-instance 1ocrsdffba9uk8nbrtjo195odd
ip address 10.30.44.17 255.255.255.0 sub
#
ip address 10.30.44.11 255.255.255.0 sub
#
ip address 10.30.44.14 255.255.255.0 sub
#
ip binding vpn-instance 2k1aur6ide8itor1f64nof1fvb
ip address 10.30.44.18 255.255.255.0 sub
#
ip address 10.30.43.254 255.255.255.0
#
interface FortyGigE5/0/49
port link-mode bridge
#
#
#
#
#
#
interface M-GigabitEthernet0/0/0
#
interface M-GigabitEthernet0/0/1
#
interface Ten-GigabitEthernet5/0/1
port link-mode route
description TO_spine_XG1/0/4
ip address 10.30.42.5 255.255.255.252
#
port link-mode route
ip address 10.30.41.5 255.255.255.0
#
description to_F5020_G1/0/12
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 1000 to 1999 3000
port trunk pvid vlan 3000
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
#
port trunk permit vlan all
#
port trunk permit vlan all
#
interface Vsi-interface0
description SDN_VRF_VSI_Interface_2089
ip binding vpn-instance 202cv7371f8bmajf4m181mst6s
ip policy-based-route SDN_1000
l3-vni 2089
#
l3-vni 2501
#
ip binding vpn-instance 5npi08negm8o3r7hfo0vlsjlkn
l3-vni 2200
#
l3-vni 2504
#
description SDN_VSI_Interface_2008
ip address 192.168.80.1 255.255.255.0 sub
mac-address 3c8c-404e-dd46
#
description SDN_VSI_Interface_2006
ip address 192.168.70.1 255.255.255.0 sub
mac-address 3c8c-404e-dd46
#
l3-vni 3300
#
l3-vni 3301
#
interface Tunnel257 mode vxlan
#
#
#
#
#
#
#
#
#
#
bgp 100
router-id 5.5.5.5
peer 1.1.1.1 as-number 100
peer 1.1.1.1 connect-interface LoopBack0
#
address-family l2vpn evpn
undo policy vpn-target
peer 1.1.1.1 enable
#
#
address-family ipv4 unicast
default-route imported
balance 4
import-route static
#
#
balance 4
import-route static
#
#
balance 4
import-route static
#
ip vpn-instance 202cv7371f8bmajf4m181mst6s
#
balance 4
import-route static
#
#
balance 4
import-route static
#
ip vpn-instance 5npi08negm8o3r7hfo0vlsjlkn
#
balance 4
import-route static
#
scheduler logfile size 16
#
line class aux
user-role network-admin
#
line class vty
user-role network-operator
#
line aux 4
#
line vty 0 63
authentication-mode scheme
user-role network-operator
#
ip route-static 0.0.0.0 0 10.30.41.254
ip route-static 10.30.40.0 24 10.30.41.254
ip route-static vpn-instance 202cv7371f8bmajf4m181mst6s 0.0.0.0 0 10.30.44.2
description SDN_ROUTE
ip route-static vpn-instance 5npi08negm8o3r7hfo0vlsjlkn 0.0.0.0 0 10.30.44.4
ip route-static vpn-instance 1234 0.0.0.0 0 10.30.44.6 description SDN_ROUTE
ip route-static vpn-instance 1111 192.168.1.10 32 10.30.44.13 description
SDN_ROUTE
ip route-static vpn-instance 2k1aur6ide8itor1f64nof1fvb 0.0.0.0 0 10.30.44.9
#
vtep enable
#
ssh server enable
#
acl basic name SDN_ACL_LB_1111
description SDN_ACL_DEC_LB_1111
rule 10000 permit vpn-instance 1111 source 192.168.1.2 0
#
acl advanced name SDN_ACL_FW_1111
description SDN_ACL_DEC_FW_1111
rule 10000 permit ip vpn-instance 1111 source 192.168.2.0 0.0.0.255
#
acl advanced name SDN_ACL_FW_1112
description SDN_ACL_DEC_FW_1112
#
acl advanced name SDN_ACL_FW_202cv7371f8bmajf4m181mst6s
description SDN_ACL_DEC_FW_202cv7371f8bmajf4m181mst6s
rule 10000 permit ip vpn-instance 202cv7371f8bmajf4m181mst6s source 10.0.2.0
0.0.0.255
rule 10001 permit ip vpn-instance 202cv7371f8bmajf4m181mst6s source 10.0.1.0
0.0.0.255
#
acl advanced name SDN_ACL_FW_2k1aur6ide8itor1f64nof1fvb
description SDN_ACL_DEC_FW_2k1aur6ide8itor1f64nof1fvb
rule 10000 permit ip vpn-instance 2k1aur6ide8itor1f64nof1fvb source 192.168.80.0
0.0.0.255
rule 10001 permit ip vpn-instance 2k1aur6ide8itor1f64nof1fvb source 192.168.70.0
0.0.0.255
#
acl advanced name SDN_ACL_FW_5npi08negm8o3r7hfo0vlsjlkn
description SDN_ACL_DEC_FW_5npi08negm8o3r7hfo0vlsjlkn
rule 10000 permit ip vpn-instance 5npi08negm8o3r7hfo0vlsjlkn source 10.0.9.0
0.0.0.255
rule 10001 permit ip vpn-instance 5npi08negm8o3r7hfo0vlsjlkn source 10.0.8.0
0.0.0.255
#
radius scheme system
user-name-format without-domain
#
domain system
#
domain default enable system
#
role name level-0
description Predefined level-0 role
#
role name level-1
#
role name level-2
#
role name level-3
#
role name level-4
#
role name level-5
#
role name level-6
#
role name level-7
#
role name level-8
#
role name level-9
#
role name level-10
#
role name level-11
#
role name level-12
#
role name level-13
#
role name level-14
#
user-group system
#
local-user admin class manage
password hash
$h$6$l+wAM6gT/C8APHSL$edF5To6gBCkqWRh0kiB9K4ehpDnSNjtVON8FpczvJePiSpGW2CPJk/
7w12PPM5GyBQd+1Ki54AOIMl6efPwh2g==
service-type ftp
service-type telnet http https pad ssh
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
netconf soap http enable
netconf soap https enable
netconf ssh server enable
#
ovsdb server ptcp port 6632
ovsdb server enable
#
return

Border

Uploaded by

Copyright:

Available Formats

Border

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Border

Uploaded by

Copyright:

Available Formats

<border>dis cu

You might also like