Skip to content

ISP-A-PE2

Table of Contents

Management

Login Banner

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!                                                                        !!
!! IF THE COMPANY HAS NOT AUTHORISED YOUR ACCESS TO THIS SYSTEM YOU       !!
!! WILL COMMIT A CRIMINAL OFFENCE IF YOU DO NOT IMMEDIATELY DISCONNECT.   !!
!!                                                                        !!
!! UNAUTHORISED ACCESS IS STRICTLY FORBIDDEN AND A DISCIPLINARY OFFENCE.  !!
!!                                                                        !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

EOF

Management Interfaces

Management Interfaces Summary

IPv4
Management Interface Description Type VRF IP Address Gateway
Management1 OOB_MANAGEMENT oob MGMT 192.168.0.101/24 192.168.0.5
IPv6
Management Interface Description Type VRF IPv6 Address IPv6 Gateway
Management1 OOB_MANAGEMENT oob MGMT - -

Management Interfaces Device Configuration

!
interface Management1
   description OOB_MANAGEMENT
   no shutdown
   vrf MGMT
   ip address 192.168.0.101/24

IP Name Servers

IP Name Servers Summary

Name Server VRF Priority
10.255.0.2 default -

IP Name Servers Device Configuration

ip name-server vrf default 10.255.0.2

Clock Settings

Clock Timezone Settings

Clock Timezone is set to US/Central.

Clock Device Configuration

!
clock timezone US/Central

NTP

NTP Summary

NTP Servers

NTP servers VRF: default

Server Preferred Burst iBurst Version Min Poll Max Poll Local-interface Key
10.41.194.20 True - - - - - - -

NTP Device Configuration

!
ntp server 10.41.194.20 prefer

Management SSH

VRFs

VRF Enabled IPv4 ACL IPv6 ACL
MGMT True SSH-ACL -
default False - -

Other SSH Settings

Idle Timeout Connection Limit Max from a single Host Ciphers Key-exchange methods MAC algorithms Hostkey server algorithms
60 - - default default default default

Management SSH Device Configuration

!
management ssh
   ip access-group SSH-ACL vrf MGMT in
   idle-timeout 60
   !
   vrf MGMT
      no shutdown

Management Console

Management Console Timeout

Management Console Timeout is set to 60 minutes.

Management Console Device Configuration

!
management console
   idle-timeout 60

Management API HTTP

Management API HTTP Summary

HTTP HTTPS UNIX-Socket Default Services
False True - -

Management API VRF Access

VRF Name IPv4 ACL IPv6 ACL
MGMT EAPI-ACL -

Management API HTTP Device Configuration

!
management api http-commands
   protocol https
   no protocol http
   no shutdown
   !
   vrf MGMT
      no shutdown
      ip access-group EAPI-ACL

Authentication

Local Users

Local Users Summary

User Privilege Role Disabled Shell
admin 15 network-admin False -
ansible 15 network-admin False -
cvpadmin 15 network-admin False -

Local Users Device Configuration

!
username admin privilege 15 role network-admin secret sha512 <removed>
username ansible privilege 15 role network-admin secret sha512 <removed>
username cvpadmin privilege 15 role network-admin secret sha512 <removed>

Enable Password

sha512 encrypted enable password is configured

Enable Password Device Configuration

!
enable password sha512 <removed>
!

AAA Authentication

AAA Authentication Summary

Type Sub-type User Stores
Login default local
Login console local

AAA Authentication on-failure log has been enabled

AAA Authentication on-success log has been enabled

AAA Authentication Device Configuration

aaa authentication login default local
aaa authentication login console local
aaa authentication enable default local
aaa authentication policy on-success log
aaa authentication policy on-failure log
!

AAA Authorization

AAA Authorization Summary

Type User Stores
Exec local
Default Role default

Authorization for configuration commands is enabled.

Authorization for serial console is enabled.

AAA Authorization Privilege Levels Summary

Privilege Level User Stores
all local

AAA Authorization Device Configuration

aaa authorization policy local default-role default
aaa authorization serial-console
aaa authorization exec default local
aaa authorization commands all default local
!

Monitoring

TerminAttr Daemon

TerminAttr Daemon Summary

CV Compression CloudVision Servers VRF Authentication Smash Excludes Ingest Exclude Bypass AAA
gzip 192.168.0.5:9910 MGMT token,/tmp/token ale,flexCounter,hardware,kni,pulse,strata - True

TerminAttr Daemon Device Configuration

!
daemon TerminAttr
   exec /usr/bin/TerminAttr -cvaddr=192.168.0.5:9910 -cvauth=token,/tmp/token -cvvrf=MGMT -disableaaa -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -taillogs -cvsourceintf=Management1
   no shutdown

Monitor Layer 1 Logging

Layer 1 Event Logging
Logging Transceiver True

Monitor Layer 1 Device Configuration

!
monitor layer1
   logging transceiver

Spanning Tree

Spanning Tree Summary

STP mode: none

Global Spanning-Tree Settings

  • Global BPDU Guard for Edge ports is enabled.

Spanning Tree Device Configuration

!
spanning-tree mode none
spanning-tree edge-port bpduguard default

Internal VLAN Allocation Policy

Internal VLAN Allocation Policy Summary

Policy Allocation Range Beginning Range Ending
ascending 3500 4000

Internal VLAN Allocation Policy Device Configuration

!
vlan internal order ascending range 3500 4000

MAC Address Table

MAC Address Table Summary

  • MAC address table entry maximum age: 1800 seconds

MAC Address Table Device Configuration

!
mac address-table aging-time 1800

Interfaces

Switchport Default

Switchport Defaults Summary

  • Default Switchport Mode: routed

Switchport Default Device Configuration

!
switchport default mode routed

Interface Defaults

Interface Defaults Summary

  • Default Ethernet Interface Shutdown: True

  • Default Routed Interface MTU: 1500

Interface Defaults Device Configuration

!
interface defaults
   mtu 1500
   ethernet
      shutdown

Ethernet Interfaces

Ethernet Interfaces Summary

L2
Interface Description Mode VLANs Native VLAN Trunk Group Channel-Group

*Inherited from Port-Channel Interface

IPv4
Interface Description Channel Group IP Address VRF MTU Shutdown ACL In ACL Out
Ethernet3 P2P_ISP-A-P2_Ethernet1 - 192.168.1.6/31 default 1500 False - -
Ethernet4 P2P_ISP-A-P1_Ethernet2 - 192.168.1.4/31 default 1500 False - -

Ethernet Interfaces Device Configuration

!
interface Ethernet3
   description P2P_ISP-A-P2_Ethernet1
   no shutdown
   mtu 1500
   no switchport
   ip address 192.168.1.6/31
   mpls ldp igp sync
   mpls ldp interface
   mpls ip
   ip ospf network point-to-point
   ip ospf area 0.0.0.0
!
interface Ethernet4
   description P2P_ISP-A-P1_Ethernet2
   no shutdown
   mtu 1500
   no switchport
   ip address 192.168.1.4/31
   mpls ldp igp sync
   mpls ldp interface
   mpls ip
   ip ospf network point-to-point
   ip ospf area 0.0.0.0

Loopback Interfaces

Loopback Interfaces Summary

IPv4
Interface Description VRF IP Address
Loopback0 ROUTER_ID default 192.168.101.2/32
IPv6
Interface Description VRF IPv6 Address
Loopback0 ROUTER_ID default -

Loopback Interfaces Device Configuration

!
interface Loopback0
   description ROUTER_ID
   no shutdown
   ip address 192.168.101.2/32
   mpls ldp interface
   ip ospf area 0.0.0.0

Routing

Service Routing Protocols Model

Multi agent routing protocol model enabled

!
service routing protocols model multi-agent

Virtual Router MAC Address

Virtual Router MAC Address Summary

Virtual Router MAC Address: 00:1c:73:00:dc:01

Virtual Router MAC Address Device Configuration

!
ip virtual-router mac-address 00:1c:73:00:dc:01

IP Routing

IP Routing Summary

VRF Routing Enabled
default True
MGMT False

IP Routing Device Configuration

!
ip routing
no ip icmp redirect
no ip routing vrf MGMT

IPv6 Routing

IPv6 Routing Summary

VRF Routing Enabled
default False
MGMT false

Static Routes

Static Routes Summary

VRF Destination Prefix Next Hop IP Exit interface Administrative Distance Tag Route Name Metric
MGMT 0.0.0.0/0 192.168.0.5 - 1 - - -

Static Routes Device Configuration

!
ip route vrf MGMT 0.0.0.0/0 192.168.0.5

ARP

Global ARP timeout: 1500

ARP Device Configuration

!
arp aging timeout default 1500

Router OSPF

Router OSPF Summary

Process ID Router ID Default Passive Interface No Passive Interface BFD Max LSA Default Information Originate Log Adjacency Changes Detail Auto Cost Reference Bandwidth Maximum Paths MPLS LDP Sync Default Distribute List In
100 192.168.101.2 enabled Ethernet4
Ethernet3		 disabled 12000 disabled disabled - - - -

OSPF Interfaces

Interface Area Cost Point To Point
Ethernet3 0.0.0.0 - True
Ethernet4 0.0.0.0 - True
Loopback0 0.0.0.0 - -

Router OSPF Device Configuration

!
router ospf 100
   router-id 192.168.101.2
   passive-interface default
   no passive-interface Ethernet3
   no passive-interface Ethernet4
   max-lsa 12000
   graceful-restart

Router BGP

ASN Notation: asdot

Router BGP Summary

BGP AS Router ID
65000.0 192.168.101.2
BGP Tuning
timers bgp 5 15
neighbor default send-community
graceful-restart restart-time 300
graceful-restart
no bgp default ipv4-unicast
distance bgp 20 200 200
maximum-paths 128 ecmp 128

Router BGP Peer Groups

MPLS-OVERLAY-PEERS
Settings Value
Address Family mpls
Remote AS 65000.0
Source Loopback0
BFD True
Send community all
Maximum routes 0 (no limit)

BGP Neighbors

Neighbor Remote AS VRF Shutdown Send-community Maximum-routes Allowas-in BFD RIB Pre-Policy Retain Route-Reflector Client Passive TTL Max Hops
192.168.100.249 Inherited from peer group MPLS-OVERLAY-PEERS default - Inherited from peer group MPLS-OVERLAY-PEERS Inherited from peer group MPLS-OVERLAY-PEERS - Inherited from peer group MPLS-OVERLAY-PEERS - - - -
192.168.100.250 Inherited from peer group MPLS-OVERLAY-PEERS default - Inherited from peer group MPLS-OVERLAY-PEERS Inherited from peer group MPLS-OVERLAY-PEERS - Inherited from peer group MPLS-OVERLAY-PEERS - - - -
192.168.100.251 Inherited from peer group MPLS-OVERLAY-PEERS default - Inherited from peer group MPLS-OVERLAY-PEERS Inherited from peer group MPLS-OVERLAY-PEERS - Inherited from peer group MPLS-OVERLAY-PEERS - - - -
192.168.100.252 Inherited from peer group MPLS-OVERLAY-PEERS default - Inherited from peer group MPLS-OVERLAY-PEERS Inherited from peer group MPLS-OVERLAY-PEERS - Inherited from peer group MPLS-OVERLAY-PEERS - - - -

Router BGP EVPN Address Family

EVPN Peer Groups
Peer Group Activate Route-map In Route-map Out Peer-tag In Peer-tag Out Encapsulation Next-hop-self Source Interface
MPLS-OVERLAY-PEERS True - - - - default -
EVPN Neighbor Default Encapsulation
Neighbor Default Encapsulation Next-hop-self Source Interface
mpls Loopback0

Router BGP VPN-IPv4 Address Family

VPN-IPv4 Peer Groups
Peer Group Activate Route-map In Route-map Out RCF In RCF Out Peer-tag In Peer-tag Out
MPLS-OVERLAY-PEERS True - - - - - -

Router BGP Device Configuration

!
router bgp 65000.0
   bgp asn notation asdot
   router-id 192.168.101.2
   no bgp default ipv4-unicast
   distance bgp 20 200 200
   graceful-restart restart-time 300
   graceful-restart
   maximum-paths 128 ecmp 128
   timers bgp 5 15
   neighbor default send-community
   neighbor MPLS-OVERLAY-PEERS peer group
   neighbor MPLS-OVERLAY-PEERS remote-as 65000.0
   neighbor MPLS-OVERLAY-PEERS update-source Loopback0
   neighbor MPLS-OVERLAY-PEERS bfd
   neighbor MPLS-OVERLAY-PEERS password 7 <removed>
   neighbor MPLS-OVERLAY-PEERS send-community
   neighbor MPLS-OVERLAY-PEERS maximum-routes 0
   neighbor 192.168.100.249 peer group MPLS-OVERLAY-PEERS
   neighbor 192.168.100.249 description ISP-A-P3_Loopback0
   neighbor 192.168.100.250 peer group MPLS-OVERLAY-PEERS
   neighbor 192.168.100.250 description ISP-A-P4_Loopback0
   neighbor 192.168.100.251 peer group MPLS-OVERLAY-PEERS
   neighbor 192.168.100.251 description ISP-A-P5_Loopback0
   neighbor 192.168.100.252 peer group MPLS-OVERLAY-PEERS
   neighbor 192.168.100.252 description ISP-A-P6_Loopback0
   !
   address-family evpn
      neighbor default encapsulation mpls next-hop-self source-interface Loopback0
      neighbor MPLS-OVERLAY-PEERS activate
   !
   address-family ipv4
      no neighbor MPLS-OVERLAY-PEERS activate
   !
   address-family vpn-ipv4
      neighbor MPLS-OVERLAY-PEERS activate
      neighbor default encapsulation mpls next-hop-self source-interface Loopback0

BFD

Router BFD

Router BFD Multihop Summary

Interval Minimum RX Multiplier
300 300 3

Router BFD Device Configuration

!
router bfd
   multihop interval 300 min-rx 300 multiplier 3

MPLS

MPLS and LDP

MPLS and LDP Summary

Setting Value
MPLS IP Enabled True
LDP Enabled True
LDP Router ID 192.168.101.2
LDP Interface Disabled Default True
LDP Transport-Address Interface Loopback0
ICMP Fragmentation-Needed Tunneling Enabled True
ICMP TTL-Exceeded Tunneling Enabled True

MPLS Interfaces

Interface MPLS IP Enabled LDP Enabled IGP Sync
Ethernet3 True True True
Ethernet4 True True True
Loopback0 - True -

MPLS Device Configuration

!
mpls ip
!
mpls ldp
   router-id 192.168.101.2
   transport-address interface Loopback0
   interface disabled default
   no shutdown
!
mpls icmp fragmentation-needed tunneling
mpls icmp ttl-exceeded tunneling

Multicast

IP IGMP Snooping

IP IGMP Snooping Summary

IGMP Snooping Fast Leave Interface Restart Query Proxy Restart Query Interval Robustness Variable
Enabled - - - - -

IP IGMP Snooping Device Configuration

ACL

Standard Access-lists

Standard Access-lists Summary

EAPI-ACL
Sequence Action
10 permit 0.0.0.0/0
SNMP-ACL
Sequence Action
10 permit 0.0.0.0/0
SSH-ACL
Sequence Action
10 permit 0.0.0.0/0

Standard Access-lists Device Configuration

!
ip access-list standard EAPI-ACL
   10 permit 0.0.0.0/0
!
ip access-list standard SNMP-ACL
   10 permit 0.0.0.0/0
!
ip access-list standard SSH-ACL
   10 permit 0.0.0.0/0

VRF Instances

VRF Instances Summary

VRF Name IP Routing
MGMT disabled

VRF Instances Device Configuration

!
vrf instance MGMT

Errdisable

Errdisable Summary

Errdisable recovery timer interval: 30 seconds

!
errdisable recovery interval 30