# Huawei Versatile Routing Platform Software # VRP (R) software, Version 5.170 (S5720 V200R011C10SPC600) # Copyright (C) 2000-2018 HUAWEI TECH Co., Ltd. # # DDR Memory Size : 2048 M bytes # FLASH Total Memory Size : 512 M bytes # FLASH Available Memory Size : 344 M bytes # Pcb Version : VER.A # BootROM Version : 020b.0a05 # BootLoad Version : 020b.0a05 # CPLD Version : 0107 # Software Version : VRP (R) Software, Version 5.170 (V200R011C10SPC600) # S5720-32X-EI-24S-AC's Device status: # Slot Sub Type Online Power Register Status Role # ------------------------------------------------------------------------------- # 0 - S5720-32X-EI-24S Present PowerOn Registered Normal Master !Software Version V200R011C10SPC600 # sysname PR-GUAMIRANGA-ONNET # vlan batch 30 95 to 96 424 496 526 625 905 907 919 924 vlan batch 960 977 989 2199 to 2200 3245 to 3247 3800 3802 to 3803 3814 to 3816 3825 # lnp disable # stp disable # authentication-profile name default_authen_profile authentication-profile name dot1x_authen_profile authentication-profile name mac_authen_profile authentication-profile name portal_authen_profile authentication-profile name dot1xmac_authen_profile authentication-profile name multi_authen_profile # set save-configuration interval 1440 delay 30 # telnet server enable # diffserv domain default # radius-server template default # bfd # mpls lsr-id 172.16.30.22 mpls mpls te mpls te signaling-delay-trigger enable label advertise non-null mpls rsvp-te mpls rsvp-te hello mpls rsvp-te srefresh mpls rsvp-te timer refresh 45 mpls rsvp-te hello full-gr mpls rsvp-te send-message suggest-label mpls rsvp-te send-message extend-class-type value-length-type mpls rsvp-te send-message session-attribute without-affinity mpls rsvp-te fast-reroute-bandwidth compatible mpls rsvp-te send-message down-reason mpls te cspf mpls te cspf preferred-igp ospf 1 # mpls l2vpn # mpls ldp # # mpls ldp remote-peer 172.16.30.8 remote-ip 172.16.30.8 # mpls ldp remote-peer 172.16.30.17 remote-ip 172.16.30.17 # mpls ldp remote-peer 172.16.30.31 remote-ip 172.16.30.31 # mpls ldp remote-peer 172.16.30.34 remote-ip 172.16.30.34 # ecc peer-public-key 172.16.30.31 encoding-type der public-key-code begin 04AC064C 9D124224 35817FDD 7F1144F7 B0F9E175 A7951015 EBCBF9D3 4EC6E258 44DEC6FF 1087BCF7 82650D64 743610D3 D21FBD84 2DA32ABD 33BE4AD9 E3BBE1EE 3C public-key-code end peer-public-key end # pki realm default # acl name EVO_IMB_TO_GUAMIRANGA 4999 description TRANSPORTE: EVO_IMB_TO_GUAMIRANGA [1Gbps] rule 5 permit vlan-id 924 # free-rule-template name default_free_rule # portal-access-profile name portal_access_profile # drop-profile default # vlan 424 description Sicredi_Guamiranga-via-Boavistanet vlan 977 description LINKIP: BOAVISTANET-AS268945 # aaa authentication-scheme default authentication-scheme radius authentication-mode radius authorization-scheme default accounting-scheme default domain default authentication-scheme radius radius-server default domain default_admin authentication-scheme default local-user admin password irreversible-cipher $1a$k'TS>cmok>$'N1P66<370^}^37/+.DNb5_!#CSUG)nhizMjFPAU$ local-user admin privilege level 15 local-user admin service-type telnet terminal ssh local-user rancid password irreversible-cipher $1a$chur11tdL6$qjZ]!xe.;EeM*uJ~nuDDo-J`ASm=IK]^cFCn@p/4$ local-user rancid privilege level 15 local-user rancid service-type telnet terminal ssh local-user dbugadmin password irreversible-cipher $1a$^.yI/4(pSY$b9gAUH9}/"q@%M)h)ay-om$UGyno>&1hz.X4{!|Q$ local-user dbugadmin privilege level 15 local-user dbugadmin service-type telnet terminal ssh local-user masterdbug password irreversible-cipher $1a$nGATL|-0t0$!7{57lOV~S7_@8RZUM;Ow-XJV+DJ8URX]B"=/2S>$ local-user masterdbug privilege level 15 local-user masterdbug service-type telnet terminal ssh local-user backup@onnet password irreversible-cipher $1a$v}lJSSlZ,P$/V2.,iWR3QP`W{C:$syKWs",6|!2nEAsxkS}x_eJ$ local-user backup@onnet privilege level 15 local-user backup@onnet service-type ssh # interface Vlanif1 # interface Vlanif30 # interface Vlanif95 # interface Vlanif96 ip address 10.10.96.3 255.255.255.0 # interface Vlanif424 description LINKIP: SICREDI_GUAMIRANGA mtu 1600 mpls l2vc 172.16.30.8 424 # interface Vlanif496 # interface Vlanif526 # interface Vlanif625 mtu 1600 # interface Vlanif905 description TRASNPORTE: WAW_GUAMIRANGA_IRATI mtu 2000 mpls l2vc 172.16.30.8 905 # interface Vlanif906 description TRASNPORTE: WAW_GUAMIRANGA_IRATI2 mtu 2000 # interface Vlanif907 description TRASNPORTE: WAW_GUAMIRANGA_IRATI2 mtu 2000 mpls l2vc 172.16.30.8 907 # interface Vlanif909 description TRASNPORTE: WAW_GUAMIRANGA_IRATI2 mtu 2000 mpls l2vc 172.16.30.8 909 # interface Vlanif919 description TRASNPORTE: WAW_GUAMIRANGA_IRATI mtu 2000 mpls l2vc 172.16.30.8 919 # interface Vlanif924 description TRANSPORTE: EVO_IMB_TO_GUAMIRANGA [1Gbps] bandwidth 600 mtu 1600 mpls l2vc 172.16.30.8 924 statistic enable both # interface Vlanif960 description Transporte: Dbug: Intermais: Guamiranga<>Irati bandwidth 2000 mpls l2vc 172.16.30.8 906 mtu 2000 statistic enable both # interface Vlanif2199 description TRANSPORTE: NOVAG1-WEB # interface Vlanif2200 # interface Vlanif3245 description UPLINK: PR-PRUD-A001 mtu 9100 ip address 172.16.20.69 255.255.255.252 ospf cost 20 ospf network-type p2p mpls mpls te mpls te bandwidth max-reservable-bandwidth 1410066 mpls rsvp-te mpls rsvp-te hello mpls ldp # interface Vlanif3246 # interface Vlanif3247 mtu 9000 ip address 172.16.20.137 255.255.255.252 ospf cost 2 ospf network-type p2p mpls mpls te mpls te bandwidth max-reservable-bandwidth 1410066 mpls rsvp-te mpls rsvp-te hello mpls ldp # interface Vlanif3813 # interface Vlanif3814 description UPLINK: PR-IRATI mtu 2000 ip address 172.16.20.66 255.255.255.252 ospf cost 10 mpls mpls te mpls te bandwidth max-reservable-bandwidth 1410066 mpls rsvp-te mpls rsvp-te hello mpls ldp statistic enable both # interface Vlanif3815 description UPLINK: PR-PRUDENTOPOLIS mtu 9100 ospf cost 1 ospf network-type p2p mpls mpls te mpls te bandwidth max-reservable-bandwidth 1410066 mpls rsvp-te mpls rsvp-te hello mpls ldp statistic enable both # interface Vlanif3816 description UPLINK: PR-IVAI-VIA-IMB mtu 9100 ip address 172.16.20.73 255.255.255.252 ospf cost 1 ospf network-type p2p mpls mpls te mpls te bandwidth max-reservable-bandwidth 1410066 mpls rsvp-te mpls rsvp-te hello mpls ldp statistic enable both # interface MEth0/0/1 # interface Eth-Trunk0 description TRANSPORTE: EVO_IMB_TO_GUAMIRANGA [1000Mbps] bandwidth 1000 port link-type dot1q-tunnel port default vlan 924 mode lacp # interface GigabitEthernet0/0/1 description TRANSPORTE: EVO_IMB_TO_GUAMIRANGA [1000Mbps] eth-trunk 0 # interface GigabitEthernet0/0/2 shutdown # interface GigabitEthernet0/0/3 shutdown # interface GigabitEthernet0/0/4 # interface GigabitEthernet0/0/5 # interface GigabitEthernet0/0/6 # interface GigabitEthernet0/0/7 # interface GigabitEthernet0/0/8 # interface GigabitEthernet0/0/9 # interface GigabitEthernet0/0/10 # interface GigabitEthernet0/0/11 # interface GigabitEthernet0/0/12 # interface GigabitEthernet0/0/13 # interface GigabitEthernet0/0/14 # interface GigabitEthernet0/0/15 # interface GigabitEthernet0/0/16 # interface GigabitEthernet0/0/17 # interface GigabitEthernet0/0/18 # interface GigabitEthernet0/0/19 # interface GigabitEthernet0/0/20 # interface GigabitEthernet0/0/21 # interface GigabitEthernet0/0/22 # interface GigabitEthernet0/0/23 # interface GigabitEthernet0/0/24 # interface GigabitEthernet0/0/25 shutdown # interface GigabitEthernet0/0/26 shutdown # interface GigabitEthernet0/0/27 # interface GigabitEthernet0/0/28 shutdown # interface XGigabitEthernet0/0/1 description UPLINk: PR-IMB-A001-BKB-DBUG P:12 port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 96 977 3814 3816 3825 # interface XGigabitEthernet0/0/2 description UPLINK: PRUDENT port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 977 989 3245 to 3247 3825 # interface XGigabitEthernet0/0/3 shutdown # interface XGigabitEthernet0/0/4 description UPLINK: BOAVISTA-GUAMIRANGA port link-type trunk undo port trunk allow-pass vlan 1 port trunk allow-pass vlan 424 989 # interface NULL0 # interface LoopBack0 ip address 172.16.30.22 255.255.255.255 # bgp 267018 router-id 172.16.30.12 undo default ipv4-unicast graceful-restart undo check-first-as peer 172.16.30.253 as-number 267018 peer 172.16.30.253 description RR-02 peer 172.16.30.254 as-number 267018 peer 172.16.30.254 description RR-01 # ipv4-family unicast undo synchronization ext-community-change enable preference 20 200 200 import-route direct route-policy OUT-DEFAULT import-route static route-policy OUT-DEFAULT peer 172.16.30.253 enable peer 172.16.30.253 route-policy OUT-IPV4-RR export peer 172.16.30.253 next-hop-local peer 172.16.30.253 advertise-community peer 172.16.30.254 enable peer 172.16.30.254 route-policy OUT-IPV4-RR export peer 172.16.30.254 next-hop-local peer 172.16.30.254 advertise-community # ipv6-family unicast undo synchronization preference 20 200 200 import-route direct route-policy OUT-DEFAULT-V6 import-route static route-policy OUT-DEFAULT-V6 peer 172.16.30.253 enable peer 172.16.30.253 route-policy OUT-IPV6-RR export peer 172.16.30.253 next-hop-local peer 172.16.30.253 label-route-capability peer 172.16.30.253 advertise-community peer 172.16.30.254 enable peer 172.16.30.254 route-policy OUT-IPV6-RR export peer 172.16.30.254 next-hop-local peer 172.16.30.254 label-route-capability peer 172.16.30.254 advertise-community # ipv4-family vpnv4 policy vpn-target peer 172.16.30.253 enable peer 172.16.30.253 route-policy IN-VPNV4-RR import peer 172.16.30.253 route-policy OUT-VPNV4-RR export peer 172.16.30.253 next-hop-local peer 172.16.30.253 advertise-community peer 172.16.30.254 enable peer 172.16.30.254 route-policy IN-VPNV4-RR import peer 172.16.30.254 route-policy OUT-VPNV4-RR export peer 172.16.30.254 next-hop-local peer 172.16.30.254 advertise-community # ipv6-family vpnv6 policy vpn-target peer 172.16.30.253 enable peer 172.16.30.253 route-policy IN-VPNV6-RR import peer 172.16.30.253 route-policy OUT-VPNV6-RR export peer 172.16.30.253 next-hop-local peer 172.16.30.253 advertise-community peer 172.16.30.254 enable peer 172.16.30.254 route-policy IN-VPNV6-RR import peer 172.16.30.254 route-policy OUT-VPNV6-RR export peer 172.16.30.254 next-hop-local peer 172.16.30.254 advertise-community # ospf 1 router-id 172.16.30.22 bfd all-interfaces enable bfd all-interfaces min-tx-interval 300 min-rx-interval 300 import-route direct cost 2 type 1 import-route static cost 2 type 1 opaque-capability enable enable log config enable log state enable log error enable log snmp-trap enable traffic-adjustment advertise frr area 0.0.0.0 network 172.16.20.64 0.0.0.3 network 172.16.20.68 0.0.0.3 network 172.16.20.72 0.0.0.3 network 172.16.20.136 0.0.0.3 network 172.16.30.22 0.0.0.0 mpls-te enable # route-policy OUT-DEFAULT permit node 50 apply local-preference 1000 apply community 65534:1010 # route-policy OUT-DEFAULT permit node 100 apply local-preference 1000 apply community 65534:1019 # route-policy OUT-DEFAULT-V6 permit node 50 if-match ipv6 address prefix-list AS267018_48 apply local-preference 1000 apply community 65534:1010 # route-policy OUT-DEFAULT-V6 permit node 100 if-match ipv6 address prefix-list AS267018_128 apply local-preference 1000 apply community 65534:1019 # route-policy OUT-IPV6-RR permit node 70 if-match ipv6 address prefix-list le_48 apply community 65534:1620 additive apply mpls-label # route-policy OUT-IPV6-RR permit node 100 apply mpls-label # route-policy OUT-IPV4-RR permit node 90 apply community 65534:1620 additive # route-policy OUT-IPV4-RR permit node 100 # route-policy OUT-VPNV4-RR permit node 100 # route-policy IN-VPNV4-RR permit node 100 # route-policy OUT-VPNV6-RR permit node 100 apply mpls-label # route-policy IN-VPNV6-RR permit node 100 # route-policy OUT-IPV6-CDN permit node 50 # route-policy OUT-IPV6-CDN deny node 1000 # route-policy OUT-IPV4-CDN permit node 50 # route-policy OUT-IPV4-CDN deny node 1000 # ip ip-prefix AS267018_24 index 5 permit 45.225.64.0 22 greater-equal 22 less-equal 24 ip ip-prefix DEFAULT index 10 permit 0.0.0.0 0 ip ip-prefix FILTRO-LSP index 10 permit 172.16.20.0 24 greater-equal 30 less-equal 32 ip ip-prefix FILTRO-LSP index 15 permit 172.16.30.0 24 greater-equal 30 less-equal 32 ip ip-prefix le_24 index 10 permit 0.0.0.0 0 less-equal 24 # ip as-path-filter 32 permit .* # ip community-filter basic CLIENTES permit 65534:1010 ip community-filter basic GERENCIA permit 65534:1019 ip community-filter basic NO_PTT permit 65534:7880 ip community-filter basic NO_BRT permit 65534:2780 ip community-filter basic NO_INT permit 65534:4680 ip community-filter basic PREPEND_1 permit 65534:6001 ip community-filter basic PREPEND_2 permit 65534:6002 ip community-filter basic PREPEND_3 permit 65534:6003 ip community-filter basic BLACKHOLE permit 65534:666 ip community-filter basic NO-EXPORT permit no-export ip community-filter basic BLOCOS_CDN permit 65534:1017 # ip ipv6-prefix AS267018_48 index 5 permit 2804:46E4:: 32 greater-equal 32 less-equal 48 ip ipv6-prefix AS267018_128 index 5 permit 2804:46E4:: 32 greater-equal 49 less-equal 128 ip ipv6-prefix DEFAUL-v6 index 10 permit :: 0 ip ipv6-prefix le_48 index 10 permit :: 0 less-equal 48 # snmp-agent snmp-agent local-engineid 800007DB03E0CC7A928DB0 snmp-agent community read cipher %^%#Op&#Pe}V_Vm@][6yON<,p64o<8H|'*3l{%I,D+b@e#rBJvs6D7Sx8H86{y>\9`%F$GQSno2%^%# snmp-agent sys-info contact noc@dbug.com.br snmp-agent sys-info location Castr-PR snmp-agent sys-info version v2c v3 # stelnet ipv4 server enable stelnet ipv6 server enable ssh user admin ssh user admin authentication-type password ssh user admin service-type all ssh user backup@onnet ssh user backup@onnet authentication-type password ssh user backup@onnet service-type all ssh user dbugadmin ssh user dbugadmin authentication-type all ssh user dbugadmin service-type all ssh user masterdbug ssh user masterdbug authentication-type all ssh user masterdbug service-type all ssh user rancid ssh user rancid authentication-type all ssh user rancid service-type all ssh client first-time enable ssh client 172.16.30.31 assign ecc-key 172.16.30.31 # user-interface con 0 authentication-mode aaa user-interface vty 0 4 authentication-mode aaa protocol inbound all user-interface vty 16 20 # dot1x-access-profile name dot1x_access_profile # mac-access-profile name mac_access_profile # return