-
Notifications
You must be signed in to change notification settings - Fork 50
Expand file tree
/
Copy pathZL-R6
More file actions
207 lines (181 loc) · 5.35 KB
/
ZL-R6
File metadata and controls
207 lines (181 loc) · 5.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
conf t
hostname "ZL-R6"
ipv6 unicast-routing
interface Loopback64500
description "loopback"
ip address 10.0.0.6 255.255.255.255
ip ospf authentication message-digest
ip ospf message-digest-key 100 md5 ospfpassarea0
ipv6 enable
ipv6 address FD00:CCFF:200A::6/128
ipv6 address FE80::6 link-local
ipv6 ospf authentication ipsec spi 500 md5 1234567890abcdef1234567890abcdef
ipv6 ospf 64500 area 42
no shutdown
exit
interface Ethernet0/0
description "to ZL-R6"
ip address 35.10.64.2 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 100 md5 ospfpassarea42
ip ospf hello-interval 3
ip ospf dead-interval 12
ipv6 enable
ipv6 address FE80::2 link-local
ipv6 address 20FF:CCFF:200A:B1::2/64
ipv6 ospf authentication ipsec spi 510 md5 1234567890abcdef1234567890abcded
ipv6 ospf hello-interval 3
ipv6 ospf dead-interval 12
ipv6 ospf 64500 area 42
no shutdown
exit
interface Ethernet0/1
description "not used"
no ip address
shutdown
exit
interface Ethernet0/2
description "not used"
no ip address
shutdown
exit
interface Ethernet0/3
description "to ZL-R6"
ip address 35.10.65.130 255.255.255.128
ip ospf authentication message-digest
ip ospf message-digest-key 100 md5 ospfpassarea42
ip ospf hello-interval 3
ip ospf dead-interval 12
!--- NOTE --- increased parameter OSPF COST -- see the documentation
ip ospf cost 201
ipv6 enable
ipv6 address FE80::2 link-local
ipv6 address 20FF:CCFF:200A:B3::2/64
ipv6 ospf authentication ipsec spi 508 md5 1234567890abcdef1234567890abcded
ipv6 ospf hello-interval 3
ipv6 ospf dead-interval 12
ipv6 ospf 64500 area 42
!--- NOTE --- increased parameter OSPF COST -- see the documentation
ipv6 ospf cost 201
no shutdown
exit
router ospf 64500
router-id 10.0.0.6
auto-cost reference-bandwidth 1000
area 42 authentication message-digest
passive-interface Ethernet0/1
passive-interface Ethernet0/2
network 10.0.0.6 255.255.255.255 area 42
network 35.10.64.0 0.0.0.255 area 42
network 35.10.65.128 0.0.0.127 area 42
area 42 stub
exit
ipv6 router ospf 64500
router-id 6.0.0.6
auto-cost reference-bandwidth 1000
passive-interface Ethernet0/1
passive-interface Ethernet0/2
area 42 stub
exit
router bgp 64500
bgp router-id 10.0.0.6
neighbor 10.0.0.1 remote-as 64500
neighbor 10.0.0.1 update-source Loopback64500
neighbor 10.0.0.1 password bgppass
neighbor FD00:CCFF:200A::1 remote-as 64500
neighbor FD00:CCFF:200A::1 update-source Loopback64500
neighbor FD00:CCFF:200A::1 password bgppass
address-family ipv4
network 35.10.65.128 mask 255.255.255.128
network 35.10.64.0 mask 255.255.255.0
no neighbor FD00:CCFF:200A::1 activate
neighbor 10.0.0.1 activate
exit-address-family
address-family ipv6
network 20FF:CCFF:200A:B3::/64
network 20FF:CCFF:200A:B1::/64
neighbor FD00:CCFF:200A::1 activate
exit-address-family
exit
exit
ip access-list standard 1
remark "permit to NTP server access"
10 permit 35.10.0.1 0.0.0.0
20 permit 35.10.8.1 0.0.0.0
500 deny any
exit
ntp access-group ipv4 peer 1
ipv6 access-list NTPSERVER_IPV6_ACL
remark "permit to NTP server access"
permit ipv6 host 20FF:CCFF:200A:A1::1 any sequence 10
permit ipv6 host 20FF:CCFF:200A:A2::1 any sequence 20
deny ipv6 any any sequence 500
exit
ntp access-group ipv6 peer NTPSERVER_IPV6_ACL
ntp authenticate
ntp authentication-key 1 md5 ntpkey
ntp trusted-key 1
ntp update-calendar
ntp server 35.10.8.1 prefer key 1
ntp server 20FF:CCFF:200A:A2::1 prefer key 1
ntp server 35.10.0.1 key 1
ntp server 20FF:CCFF:200A:A1::1 key 1
ip dns server
ip domain-lookup
ip domain name zl.com
ip name-server 35.10.0.1 35.10.8.1 20FF:CCFF:200A:A1::1 20FF:CCFF:200A:A2::1
ip dhcp excluded-address 0.0.0.0 35.10.65.130
ip dhcp excluded-address 35.10.65.255 255.255.255.255
service dhcp
ip dhcp pool DHCP_POOL_1
network 35.10.65.128 255.255.255.128
default-router 35.10.65.129 35.10.65.130
domain-name zl.com
dns-server 35.10.8.1 35.10.0.1
lease 8
exit
ipv6 dhcp pool DHCP_POOL_IPV6_1
address prefix 20FF:CCFF:200A:B3::/64 lifetime 2073600 691200
domain-name zl.com
dns-server 20FF:CCFF:200A:A2::1
exit
interface Ethernet0/3
ipv6 dhcp server DHCP_POOL_IPV6_1
ipv6 nd managed-config-flag
exit
interface Ethernet0/0
ip helper-address 35.10.64.1
ipv6 dhcp relay destination FE80::1
exit
crypto key generate rsa usage-keys label SSH modulus 2048
service password-encryption
password encryption aes
password logging
aaa new-model
aaa authentication login default local
aaa authorization console
aaa authorization exec default local
username admin privilege 15 algorithm-type scrypt secret adminpassword
username support privilege 1 algorithm-type scrypt secret supppass
enable algorithm-type scrypt secret level 15 adminpassword
enable algorithm-type scrypt secret level 1 supportassword
enable algorithm-type scrypt secret level 2 editdesc
privilege exec level 2 configure terminal
privilege configure level 2 interface
privilege interface level 2 description
line vty 0 4
transport input ssh
login authentication default
logging synchronous
exit
line console 0
logging synchronous
exit
logging on
logging console 3
logging buffered 3
logging buffered 32000
logging trap 6
logging facility local1
logging host 35.10.0.3
logging host ipv6 20FF:CCFF:200A:A1::3