Appendix A - Device Configuration Details
This appendix includes the following topics:
Educational Network Device Configuration
The Example: Configuring Virtual Routers for Educational Networks example uses a J2350 Services Router as the Educational Network (New University) device.
Use the show command to display the configuration of this device.
user@J2350-2-R2> show | no-more## Last changed: 2010-04-05 09:29:36 EDT
version 9.3R3.8;
system {
host-name J2350-2-R2;
time-zone America/New_York;
root-authentication {
encrypted-password "$1 "; ## SECRET-DATA
}
name-server {
68.87.68.162;
68.87.74.162;
}
login {
user user {
uid 2000;
class super-user;
authentication {
encrypted-password "$1"; ## SECRET-DATA
}
}
user trusteduser {
uid 2002;
class super-user;
authentication {
encrypted-password "$1"; ## SECRET-DATA
}
}
}
services {
ftp;
ssh;
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
ntp {
server 18.26.4.105;
}
}
interfaces {
ge-0/0/0 {
vlan-tagging;
unit 10 {
vlan-id 10;
family inet {
address 10.0.4.14/30;
}
}
unit 20 {
vlan-id 20;
family inet {
address 10.0.4.10/30;
}
}
unit 30 {
vlan-id 30;
family inet {
address 10.0.4.6/30;
}
}
unit 40 {
vlan-id 40;
family inet {
address 10.0.2.6/30;
}
}
unit 60 {
vlan-id 60;
family inet {
address 10.0.4.2/30;
}
}
unit 200 {
vlan-id 200;
family inet {
address 10.0.5.2/24;
}
}
unit 210 {
vlan-id 210;
family inet {
address 172.16.0.13/30;
}
}
unit 230 {
vlan-id 230;
family inet {
address 172.16.0.5/30;
}
}
unit 270 {
vlan-id 270;
family inet {
address 172.16.0.25/30;
}
}
unit 280 {
vlan-id 280;
family inet {
address 172.16.0.17/30;
}
}
unit 300 {
vlan-id 300;
family inet {
address 192.168.255.20/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.0.6.2/32;
}
}
unit 1 {
family inet {
address 1.1.1.1/32;
}
}
unit 2 {
family inet {
address 1.1.1.2/32;
}
}
unit 3 {
family inet {
address 1.1.1.3/32;
}
}
}
}
routing-options {
static {
route 192.168.200.0/24 next-hop 192.168.255.254;
}
rib-groups {
static-cust-inet {
import-rib [ static-cust-inet.inet.0 internet.inet.0 ];
import-policy non-bgp-cust-ribgroup-policy;
}
static-cust-inet-interfaces {
import-rib [ static-cust-inet.inet.0 internet.inet.0 ];
}
static-cust-i2 {
import-rib [ static-cust-i2.inet.0 i2.inet.0 ];
import-policy non-bgp-cust-ribgroup-policy;
}
static-cust-i2-interfaces {
import-rib [ static-cust-i2.inet.0 i2.inet.0 ];
}
static-cust-all-feeds {
import-rib [ static-cust-all-feeds.inet.0 internet.inet.0
i2.inet.0 nlr.inet.0 ];
import-policy static-all-feeds-cust-ribgroup-policy;
}
static-cust-all-feeds-interfaces {
import-rib [ static-cust-all-feeds.inet.0 internet.inet.0
i2.inet.0 nlr.inet.0 ];
}
bgp-customers-rg {
import-rib [ bgp-customer.inet.0 internet.inet.0 i2.inet.0
nlr.inet.0 ];
import-policy static-all-feeds-cust-ribgroup-policy;
}
bgp-customer-rg-interfaces {
import-rib [ bgp-customer.inet.0 internet.inet.0 i2.inet.0
nlr.inet.0 ];
}
bgp-cust2-inet-interfaces {
import-rib [ internet.inet.0 bgp-cust-2.inet.0 ];
}
bgp-cust2-i2-interfaces {
import-rib [ i2.inet.0 bgp-cust-2.inet.0 ];
}
bgp-cust2-nlr-interfaces {
import-rib [ nlr.inet.0 bgp-cust-2.inet.0 ];
}
bgp-cust2-interfaces {
import-rib [ bgp-cust-2.inet.0 internet.inet.0 i2.inet.0
nlr.inet.0 ];
}
}
router-id 10.0.6.2;
autonomous-system 65000;
}
policy-options {
policy-statement bgp-cust-instance-import {
term nlr {
from {
instance nlr;
community nlr-vr;
}
then {
local-preference 105;
accept;
}
}
term internet {
from {
instance internet;
community internet-vr;
}
then accept;
}
term i2 {
from {
instance i2;
community i2-vr;
}
then {
local-preference 110;
accept;
}
}
term reject-all {
then reject;
}
}
policy-statement cust-d-export {
term adv-providers {
from community [ internet-vr i2-vr nlr-vr ];
then accept;
}
}
policy-statement cust-routes-import {
term add-comm {
then {
community add cust-routes;
}
}
}
policy-statement i2-export-policy {
term no-leaking {
from {
route-filter 0.0.0.0/0 through 0.0.0.0/32 reject;
}
}
term adv-cust-routes {
from community cust-routes;
then accept;
}
term no-transit {
from as-path null;
then accept;
}
term reject-all {
then reject;
}
}
policy-statement i2-import-policy {
term tag-i2-vr-community {
then {
community add i2-vr;
}
}
}
policy-statement i2-nlr-bgp-instance-import {
term accept-i2 {
from {
instance i2;
community i2-vr;
}
then {
local-preference 110;
accept;
}
}
term accept-nlr {
from {
instance nlr;
community nlr-vr;
}
then accept;
}
term reject-all {
then reject;
}
}
policy-statement internet-export-policy {
term no-leaking {
from {
route-filter 0.0.0.0/0 through 0.0.0.0/32 reject;
}
}
term prepend {
from community prepend-twice;
then as-path-prepend "65000 65000";
}
term adv-cust-routes {
from community cust-routes;
then accept;
}
term no-transit {
from as-path null;
then accept;
}
term reject-all {
then reject;
}
}
policy-statement internet-import-policy {
term tag-vr-community {
then {
community add internet-vr;
}
}
}
policy-statement nlr-export-policy {
term no-leaking {
from {
route-filter 0.0.0.0/0 through 0.0.0.0/32 reject;
}
}
term adv-cust-routes {
from community cust-routes;
then accept;
}
term no-transit {
from as-path null;
then accept;
}
term reject-all {
then reject;
}
}
policy-statement nlr-import-policy {
term tag-nlr-vr-community {
then {
community add nlr-vr;
}
}
}
policy-statement non-bgp-cust-ribgroup-policy {
term reject-default {
from {
route-filter 0.0.0.0/0 exact reject;
}
}
term cust-statics {
from protocol static;
then {
community add cust-routes;
accept;
}
}
term reject-all {
then reject;
}
}
policy-statement static-all-feeds-cust-ribgroup-policy
{
term reject-default {
from {
route-filter 0.0.0.0/0 exact reject;
}
}
term cust-statics {
from protocol static;
then {
community add cust-routes;
community add prepend-twice;
accept;
}
}
term cust-bgp {
from protocol bgp;
then {
community add cust-routes;
community add prepend-twice;
accept;
}
}
term reject-all {
then reject;
}
}
community cust-routes members 65000:1000;
community i2-vr members 65000:222;
community internet-vr members 65000:111;
community nlr-vr members 65000:333;
community prepend-twice members 65000:500;
as-path null "()";
}
routing-instances {
bgp-cust-2 {
instance-type virtual-router;
interface ge-0/0/0.40;
routing-options {
interface-routes {
rib-group inet bgp-cust2-interfaces;
}
}
}
bgp-customer {
instance-type virtual-router;
interface ge-0/0/0.30;
routing-options {
interface-routes {
rib-group inet bgp-customer-rg-interfaces;
}
static {
rib-group bgp-customers-rg;
}
instance-import bgp-cust-instance-import;
}
protocols {
bgp {
family inet {
unicast {
rib-group bgp-customers-rg;
}
}
group customers {
type external;
advertise-inactive;
neighbor 10.0.4.5 {
export cust-d-export;
peer-as 65100;
}
}
}
}
}
i2 {
instance-type virtual-router;
interface ge-0/0/0.210;
interface ge-0/0/0.280;
interface lo0.2;
routing-options {
interface-routes {
rib-group inet bgp-cust2-i2-interfaces;
}
}
protocols {
bgp {
group i2 {
type external;
traceoptions {
file i2-bgp-trace;
flag all detail;
}
advertise-inactive;
import i2-import-policy;
export i2-export-policy;
peer-as 65222;
multipath multiple-as;
neighbor 172.16.0.14;
neighbor 172.16.0.18;
}
group customers {
type external;
multihop {
ttl 2;
}
local-address 1.1.1.2;
advertise-inactive;
import cust-routes-import;
neighbor 10.0.2.5 {
peer-as 65200;
}
}
}
}
}
internet {
instance-type virtual-router;
interface ge-0/0/0.230;
interface ge-0/0/0.270;
interface lo0.1;
routing-options {
interface-routes {
rib-group inet bgp-cust2-inet-interfaces;
}
}
protocols {
bgp {
group peer-1 {
type external;
advertise-inactive;
import internet-import-policy;
export internet-export-policy;
peer-as 65010;
multipath multiple-as;
neighbor 172.16.0.6;
}
group peer-2 {
type external;
advertise-inactive;
import internet-import-policy;
export internet-export-policy;
peer-as 65020;
multipath multiple-as;
neighbor 172.16.0.26;
}
group customers {
type external;
traceoptions {
file bgp-trace;
flag open detail;
flag state detail;
flag general;
}
multihop {
ttl 3;
}
local-address 1.1.1.1;
advertise-inactive;
import cust-routes-import;
neighbor 10.0.2.5 {
peer-as 65200;
}
}
}
}
}
nlr {
instance-type virtual-router;
interface ge-0/0/0.200;
interface lo0.3;
routing-options {
interface-routes {
rib-group inet bgp-cust2-nlr-interfaces;
}
}
protocols {
bgp {
group nlr {
type external;
advertise-inactive;
import nlr-import-policy;
export nlr-export-policy;
peer-as 65050;
multipath multiple-as;
neighbor 10.0.5.254;
}
group customers {
type external;
multihop {
ttl 2;
}
local-address 1.1.1.3;
advertise-inactive;
import cust-routes-import;
neighbor 10.0.2.5 {
peer-as 65200;
}
}
}
}
}
static-cust-all-feeds {
instance-type virtual-router;
interface ge-0/0/0.10;
routing-options {
interface-routes {
rib-group inet static-cust-all-feeds-interfaces;
}
static {
rib-group static-cust-all-feeds;
route 0.0.0.0/0 next-table internet.inet.0;
route 192.168.50.0/24 next-hop 10.0.4.13;
}
instance-import i2-nlr-bgp-instance-import;
}
}
static-cust-i2 {
instance-type virtual-router;
interface ge-0/0/0.20;
routing-options {
interface-routes {
rib-group inet static-cust-i2-interfaces;
}
static {
rib-group static-cust-i2;
route 0.0.0.0/0 next-table i2.inet.0;
route 192.168.40.0/24 next-hop 10.0.4.9;
}
}
}
static-cust-inet {
instance-type virtual-router;
interface ge-0/0/0.60;
routing-options {
interface-routes {
rib-group inet static-cust-inet-interfaces;
}
static {
rib-group static-cust-inet;
route 0.0.0.0/0 next-table internet.inet.0;
route 192.168.30.0/24 next-hop 10.0.4.1;
}
}
}
}
Customer Device Configuration
This example uses the SRX210 Services Gateway as the customer device.
Use the show command to display the configuration of this device.
user@SRX210-A-R3> show | no-more## Last changed: 2010-04-05 21:29:15 UTC
version 10.0R2.10;
system {
host-name SRX210-A-R3;
root-authentication {
encrypted-password "$1"; ## SECRET-DATA
}
name-server {
68.87.68.162;
68.87.74.162;
}
login {
user user {
uid 2000;
class super-user;
authentication {
encrypted-password "$1"; ## SECRET-DATA
}
}
}
services {
ftp;
ssh;
telnet;
web-management {
http {
interface fe-0/0/0.0;
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any critical;
authorization info;
}
file interactive-commands {
interactive-commands error;
}
}
max-configurations-on-flash 5;
max-configuration-rollbacks 5;
license {
autoupdate {
url https://ae1.juniper.net/junos/key_retrieval;
}
}
}
interfaces {
fe-0/0/0 {
vlan-tagging;
unit 10 {
vlan-id 10;
family inet {
address 10.0.4.13/30;
}
}
unit 20 {
vlan-id 20;
family inet {
address 10.0.4.9/30;
}
}
unit 30 {
vlan-id 30;
family inet {
address 10.0.4.5/30;
}
}
unit 40 {
vlan-id 40;
family inet {
address 10.0.2.5/30;
}
}
unit 60 {
vlan-id 60;
family inet {
address 10.0.4.1/30;
}
}
unit 110 {
vlan-id 110;
family inet {
address 10.0.2.2/30;
}
}
unit 210 {
disable;
vlan-id 210;
family inet {
address 172.16.0.13/30;
}
}
unit 280 {
disable;
vlan-id 280;
family inet {
address 172.16.0.17/30;
}
}
unit 300 {
vlan-id 300;
family inet {
address 192.168.255.30/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 10.0.3.3/32;
address 192.168.30.1/32;
}
family iso {
address 49.0002.0100.0000.3003.00;
}
}
unit 10 {
family inet {
address 192.168.50.1/32;
}
}
unit 20 {
family inet {
address 192.168.40.1/32;
}
}
unit 30 {
family inet {
address 192.168.60.1/32;
}
}
}
}
routing-options {
static {
route 192.168.200.0/24 {
next-hop 192.168.255.254;
no-readvertise;
}
route 192.168.30.0/24 discard;
route 0.0.0.0/0 next-hop 10.0.4.2;
}
router-id 10.0.3.3;
autonomous-system 65000;
}
policy-options {
policy-statement adv-static-to-bgp {
term 1 {
from {
protocol static;
route-filter 192.168.0.0/16 prefix-length-range /24-/24;
}
then accept;
}
}
policy-statement cust-d-export {
term 1 {
from {
route-filter 192.168.60.0/24 exact accept;
}
}
}
policy-statement cust-e-export {
term 1 {
from {
route-filter 192.168.90.0/24 exact accept;
}
}
}
policy-statement isis-summ {
term 3 {
from {
route-filter 10.0.5.0/24 exact;
}
to level 2;
then accept;
}
term 1 {
from {
protocol aggregate;
route-filter 10.0.4.0/22 exact;
}
to level 2;
then accept;
}
term 2 {
from {
route-filter 10.0.4.0/22 longer;
}
to level 2;
then reject;
}
term 4 {
from {
level 2;
route-filter 10.0.3.0/29 longer;
}
to level 1;
then accept;
}
}
policy-statement nhs {
term 1 {
from community t-routes;
then {
next-hop self;
}
}
}
policy-statement t-export {
term send-agg {
from {
route-filter 10.0.0.0/8 longer reject;
route-filter 172.16.40.0/29 longer reject;
route-filter 192.168.0.0/22 longer reject;
}
then as-path-prepend "65412 65412";
}
}
policy-statement transit-import {
term rfc1918 {
from {
route-filter 10.0.0.0/8 orlonger reject;
route-filter 172.16.0.0/12 orlonger reject;
route-filter 192.168.0.0/16 orlonger reject;
route-filter 0.0.0.0/0 through 0.0.0.0/32 reject;
}
}
term no-27+ {
from {
route-filter 0.0.0.0/0 prefix-length-range /27-/32 reject;
}
}
term transit-comm {
then {
community add t-routes;
}
}
}
community all members *:*;
community c1-routes members 65412:65010;
community c2-routes members 65412:65020;
community p1-routes members 65412:65050;
community t-routes members 65412:65222;
}
security {
inactive: screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
queue-size 2000;
timeout 20;
}
land;
}
}
}
zones {
security-zone trust {
tcp-rst;
interfaces {
all {
host-inbound-traffic {
system-services {
all;
}
protocols {
all;
}
}
}
}
}
security-zone untrust;
}
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
}
routing-instances {
cust-b {
instance-type virtual-router;
interface fe-0/0/0.20;
interface lo0.20;
routing-options {
static {
route 0.0.0.0/0 next-hop 10.0.4.10;
}
}
}
cust-c {
instance-type virtual-router;
interface fe-0/0/0.10;
interface lo0.10;
routing-options {
static {
route 0.0.0.0/0 next-hop 10.0.4.14;
}
}
}
cust-d {
instance-type virtual-router;
interface fe-0/0/0.30;
interface lo0.30;
routing-options {
static {
route 192.168.60.0/24 discard;
}
autonomous-system 65100;
}
protocols {
bgp {
group provider-ebgp {
type external;
export cust-d-export;
peer-as 65000;
neighbor 10.0.4.6;
}
}
}
}
cust-e {
instance-type virtual-router;
interface fe-0/0/0.40;
routing-options {
static {
route 1.1.1.0/29 next-hop 10.0.2.6;
route 192.168.90.0/24 discard;
}
autonomous-system 65200;
}
protocols {
bgp {
traceoptions {
file cust-e-trace;
flag open detail;
flag keepalive;
flag state detail;
}
group provider-ebgp {
type external;
multihop {
ttl 3;
}
export cust-e-export;
peer-as 65000;
neighbor 1.1.1.1;
neighbor 1.1.1.2;
neighbor 1.1.1.3;
}
}
}
}
}
Service Provider Device Configuration
This example uses the EX3200 Ethernet Switch as the service provider device.
Use the show configuration command to display the configuration of this device.
user@EX-3200-1> show configuration | no-moresystem {
host-name EX-3200-1;
time-zone America/New_York;
root-authentication {
encrypted-password "$1"; ## SECRET-DATA
}
name-server {
68.87.68.162;
68.87.74.162;
}
login {
user user {
uid 2000;
class super-user;
authentication {
encrypted-password "$1"; ## SECRET-DATA
}
}
user trusteduser {
uid 2002;
class super-user;
authentication {
encrypted-password "$1"; ## SECRET-DATA
}
}
}
services {
ftp;
ssh;
telnet;
web-management {
http;
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
chassis {
aggregated-devices {
ethernet {
device-count 5;
}
}
}
interfaces {
ge-0/0/1 {
description J2350-1;
disable;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 10 200 30 50 300 ];
}
}
}
}
ge-0/0/2 {
description J2350-2;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 20 30 60 200 300 230 210 280 270 10 40 ];
}
}
}
}
ge-0/0/3 {
description SRX210-A;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 10 210 40 60 70 110 300 280 30 20 ];
}
}
}
}
ge-0/0/4 {
description SRX210-B;
disable;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 20 50 40 130 80 300 230 240 ];
}
}
}
}
ge-0/0/5 {
description J4300;
disable;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 110 130 120 140 300 ];
}
}
}
}
ge-0/0/6 {
description SRX100-1;
disable;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 220 70 120 90 250 300 ];
}
}
}
}
ge-0/0/7 {
description SRX100-2;
disable;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 240 80 140 90 260 300 270 ];
}
}
}
}
ge-0/0/14 {
vlan-tagging;
unit 800 {
vlan-id 800;
family inet {
address 8.8.8.1/30;
}
}
unit 900 {
vlan-id 900;
family inet {
address 9.9.9.1/30;
}
}
}
ge-0/0/15 {
vlan-tagging;
unit 801 {
vlan-id 800;
family inet {
address 8.8.8.2/30;
}
}
unit 901 {
vlan-id 900;
family inet {
address 9.9.9.2/30;
}
}
}
ge-0/0/23 {
description J2300-headend;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members 300;
}
}
}
}
lo0 {
unit 1 {
family inet {
address 192.168.0.1/32;
address 192.168.1.1/32;
address 192.168.2.1/32;
address 192.168.3.1/32;
address 192.168.4.1/32;
}
}
unit 10 {
family inet {
address 200.200.1.1/32;
}
}
unit 11 {
family inet {
address 201.201.1.1/32;
}
}
unit 500 {
family inet {
address 120.120.1.1/32;
}
}
unit 800 {
family inet {
address 130.130.1.1/32;
}
}
unit 801 {
family inet {
address 130.130.2.2/32;
}
}
}
vlan {
unit 200 {
family inet {
address 10.0.5.254/24;
}
}
unit 210 {
family inet {
address 172.16.0.14/30;
}
}
unit 220 {
family inet {
address 172.16.0.22/30;
}
}
unit 230 {
family inet {
address 172.16.0.6/30;
}
}
unit 240 {
family inet {
address 172.16.0.10/30;
}
}
unit 250 {
family inet {
address 172.16.40.1/30;
}
}
unit 260 {
family inet {
address 172.16.40.5/30;
}
}
unit 270 {
family inet {
address 172.16.0.26/30;
}
}
unit 280 {
family inet {
address 172.16.0.18/30;
}
}
unit 300 {
family inet {
address 192.168.255.100/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 {
next-hop 192.168.255.254;
no-readvertise;
}
}
autonomous-system 1;
}
protocols {
rstp;
}
policy-options {
policy-statement C1-export {
term 1 {
from {
protocol static;
route-filter 200.200.0.0/16 exact accept;
route-filter 10.0.0.0/8 longer accept;
}
}
term 2 {
from protocol bgp;
then accept;
}
}
policy-statement C2-export {
term 1 {
from {
protocol static;
route-filter 201.201.0.0/16 exact accept;
route-filter 10.0.0.0/8 longer accept;
}
}
}
policy-statement P1-export {
term 1 {
from {
protocol static;
route-filter 120.120.0.0/16 exact accept;
route-filter 10.0.0.0/8 longer accept;
}
}
}
policy-statement TX-export {
term 1 {
from {
protocol static;
route-filter 130.130.0.0/16 exact accept;
route-filter 10.0.0.0/8 longer accept;
}
}
}
policy-statement ospf-out {
term 1 {
from {
route-filter 192.168.0.0/22 orlonger;
}
then accept;
}
term default {
then reject;
}
}
policy-statement rip-routes {
term 1 {
from protocol [ static rip ];
then accept;
}
}
}
routing-instances {
C1 {
instance-type virtual-router;
interface ge-0/0/14.800;
interface lo0.10;
interface vlan.230;
routing-options {
static {
route 200.200.0.0/16 discard;
route 10.0.3.4/32 next-hop [ 172.16.0.5 172.16.0.9 ];
route 10.10.1.0/24 discard;
route 10.10.2.0/24 discard;
route 10.10.3.0/24 discard;
route 10.10.4.0/24 discard;
route 10.10.5.0/24 discard;
route 10.10.6.0/24 discard;
route 10.10.7.0/24 discard;
route 10.10.8.0/24 discard;
route 10.10.9.0/24 discard;
route 10.10.10.0/24 discard;
route 10.10.11.0/24 discard;
route 10.10.12.0/24 discard;
route 10.10.13.0/24 discard;
route 10.10.14.0/24 discard;
route 10.10.15.0/24 discard;
route 10.10.16.0/24 discard;
route 10.10.17.0/24 discard;
route 10.10.18.0/24 discard;
route 10.10.19.0/24 discard;
route 10.10.20.0/24 discard;
}
autonomous-system 65010;
}
protocols {
bgp {
group as65010 {
type external;
advertise-inactive;
export C1-export;
peer-as 65000;
local-as 65010;
neighbor 8.8.8.2 {
peer-as 65020;
}
neighbor 172.16.0.5;
}
}
}
}
C2 {
instance-type virtual-router;
interface ge-0/0/15.801;
interface lo0.11;
interface vlan.270;
routing-options {
static {
route 201.201.0.0/16 discard;
route 0.0.0.0/0 discard;
route 201.201.0.64/26 discard;
route 201.201.1.0/24 discard;
route 201.201.2.0/24 discard;
route 201.201.3.0/24 discard;
route 201.201.4.0/24 discard;
route 201.201.5.0/24 discard;
route 201.201.6.0/24 discard;
route 201.201.7.0/24 discard;
route 10.10.1.0/24 discard;
route 10.10.2.0/24 discard;
route 10.10.3.0/24 discard;
route 10.10.4.0/24 discard;
route 10.10.5.0/24 discard;
route 10.10.6.0/24 discard;
route 10.10.7.0/24 discard;
route 10.10.8.0/24 discard;
route 10.10.9.0/24 discard;
route 10.10.10.0/24 discard;
route 10.10.11.0/24 discard;
route 10.10.12.0/24 discard;
route 10.10.13.0/24 discard;
route 10.10.14.0/24 discard;
route 10.10.15.0/24 discard;
route 10.10.16.0/24 discard;
route 10.10.17.0/24 discard;
route 10.10.18.0/24 discard;
route 10.10.19.0/24 discard;
route 10.10.20.0/24 discard;
}
autonomous-system 65020;
}
protocols {
bgp {
group as65020 {
type external;
advertise-inactive;
export C2-export;
local-as 65020;
neighbor 172.16.0.25 {
peer-as 65000;
}
neighbor 8.8.8.1 {
peer-as 65010;
}
}
}
}
}
DC1 {
instance-type virtual-router;
interface lo0.1;
interface vlan.250;
interface vlan.260;
routing-options {
static {
route 192.168.0.0/24 receive;
route 192.168.1.0/24 receive;
route 192.168.2.0/24 receive;
route 192.168.3.0/24 receive;
}
}
protocols {
ospf {
export ospf-out;
area 0.0.0.0 {
interface vlan.250;
interface vlan.260;
}
}
inactive: rip {
group rip {
export rip-routes;
neighbor vlan.250;
neighbor vlan.260;
}
}
}
}
P1 {
instance-type virtual-router;
interface lo0.500;
interface vlan.200;
routing-options {
static {
route 120.120.0.0/16 discard;
route 10.10.11.0/24 discard;
route 10.10.12.0/24 discard;
route 10.10.13.0/24 discard;
route 10.10.14.0/24 discard;
}
autonomous-system 65050;
}
protocols {
bgp {
group as65050 {
type external;
advertise-inactive;
export P1-export;
peer-as 65000;
local-as 65050;
neighbor 10.0.5.1;
neighbor 10.0.5.2;
}
}
}
}
T1 {
instance-type virtual-router;
interface ge-0/0/14.900;
interface lo0.800;
interface vlan.210;
routing-options {
static {
route 130.130.0.0/16 discard;
route 130.130.2.2/32 next-hop 9.9.9.2;
route 10.10.1.0/24 discard;
route 10.10.2.0/24 discard;
route 10.10.3.0/24 discard;
route 10.10.4.0/24 discard;
route 10.10.5.0/24 discard;
}
autonomous-system 65222;
}
protocols {
bgp {
export TX-export;
group as65222 {
type external;
advertise-inactive;
peer-as 65000;
local-as 65222;
neighbor 172.16.0.13;
}
group ibgp {
type internal;
local-address 130.130.1.1;
local-as 65222;
neighbor 130.130.2.2;
}
}
}
}
T2 {
instance-type virtual-router;
interface ge-0/0/15.901;
interface lo0.801;
interface vlan.220;
interface vlan.280;
routing-options {
static {
route 130.130.0.0/16 discard;
route 130.130.1.1/32 next-hop 9.9.9.1;
route 10.10.1.0/24 discard;
route 10.10.2.0/24 discard;
route 10.10.3.0/24 discard;
route 10.10.4.0/24 discard;
route 10.10.5.0/24 discard;
}
autonomous-system 65222;
}
protocols {
bgp {
export TX-export;
group ibgp {
type internal;
local-address 130.130.2.2;
local-as 65222;
neighbor 130.130.1.1;
}
group as65222 {
type external;
advertise-inactive;
peer-as 65000;
local-as 65222;
neighbor 172.16.0.17;
neighbor 172.16.0.21;
}
}
}
}
}
vlans {
vlan10 {
vlan-id 10;
}
vlan110 {
vlan-id 110;
}
vlan120 {
vlan-id 120;
}
vlan130 {
vlan-id 130;
}
vlan140 {
vlan-id 140;
}
vlan20 {
vlan-id 20;
}
vlan200 {
vlan-id 200;
l3-interface vlan.200;
}
vlan210 {
vlan-id 210;
l3-interface vlan.210;
}
vlan220 {
vlan-id 220;
l3-interface vlan.220;
}
vlan230 {
vlan-id 230;
l3-interface vlan.230;
}
vlan240 {
vlan-id 240;
l3-interface vlan.240;
}
vlan250 {
vlan-id 250;
l3-interface vlan.250;
}
vlan260 {
vlan-id 260;
l3-interface vlan.260;
}
vlan270 {
vlan-id 270;
l3-interface vlan.270;
}
vlan280 {
vlan-id 280;
l3-interface vlan.280;
}
vlan30 {
vlan-id 30;
}
vlan300 {
vlan-id 300;
l3-interface vlan.300;
}
vlan40 {
vlan-id 40;
}
vlan50 {
vlan-id 50;
}
vlan60 {
vlan-id 60;
}
vlan70 {
vlan-id 70;
}
vlan80 {
vlan-id 80;
}
vlan90 {
vlan-id 90;
}
}
Complete Routing Table
Following is the complete routing table view of the Educational Network (New University):
user@J2350-2-R2# run show routei2.inet.0: 23 destinations, 29 routes (23 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1.1.1.2/32 *[Direct/0] 04:43:57 > via lo0.2 10.0.2.4/30 *[Direct/0] 03:38:59 > via ge-0/0/0.40 10.0.2.6/32 *[Local/0] 03:32:36 Local via ge-0/0/0.40 10.0.4.4/30 *[Direct/0] 03:38:59 > via ge-0/0/0.30 10.0.4.6/32 *[Local/0] 03:32:36 Local via ge-0/0/0.30 10.0.4.8/30 *[Direct/0] 04:31:48 > via ge-0/0/0.20 10.0.4.10/32 *[Local/0] 03:32:36 Local via ge-0/0/0.20 10.0.4.12/30 *[Direct/0] 03:38:59 > via ge-0/0/0.10 10.0.4.14/32 *[Local/0] 03:32:36 Local via ge-0/0/0.10 10.10.1.0/24 *[BGP/170] 2d 23:53:44, localpref 100, from 172.16.0.14 AS path: 65222 I to 172.16.0.14 via ge-0/0/0.210 > to 172.16.0.18 via ge-0/0/0.280 [BGP/170] 2d 23:40:26, localpref 100 AS path: 65222 I > to 172.16.0.18 via ge-0/0/0.280 10.10.2.0/24 *[BGP/170] 2d 23:53:44, localpref 100, from 172.16.0.14 AS path: 65222 I to 172.16.0.14 via ge-0/0/0.210 > to 172.16.0.18 via ge-0/0/0.280 [BGP/170] 2d 23:40:26, localpref 100 AS path: 65222 I > to 172.16.0.18 via ge-0/0/0.280 10.10.3.0/24 *[BGP/170] 2d 23:53:44, localpref 100, from 172.16.0.14 AS path: 65222 I to 172.16.0.14 via ge-0/0/0.210 > to 172.16.0.18 via ge-0/0/0.280 [BGP/170] 2d 23:40:26, localpref 100 AS path: 65222 I > to 172.16.0.18 via ge-0/0/0.280 10.10.4.0/24 *[BGP/170] 2d 23:53:44, localpref 100, from 172.16.0.14 AS path: 65222 I to 172.16.0.14 via ge-0/0/0.210 > to 172.16.0.18 via ge-0/0/0.280 [BGP/170] 2d 23:40:26, localpref 100 AS path: 65222 I > to 172.16.0.18 via ge-0/0/0.280 10.10.5.0/24 *[BGP/170] 2d 23:53:44, localpref 100 AS path: 65222 I > to 172.16.0.14 via ge-0/0/0.210 to 172.16.0.18 via ge-0/0/0.280 [BGP/170] 2d 23:40:26, localpref 100 AS path: 65222 I > to 172.16.0.18 via ge-0/0/0.280 130.130.0.0/16 *[BGP/170] 2d 23:53:44, localpref 100 AS path: 65222 I > to 172.16.0.14 via ge-0/0/0.210 to 172.16.0.18 via ge-0/0/0.280 [BGP/170] 2d 23:40:26, localpref 100 AS path: 65222 I > to 172.16.0.18 via ge-0/0/0.280 172.16.0.12/30 *[Direct/0] 3d 03:19:15 > via ge-0/0/0.210 172.16.0.13/32 *[Local/0] 3d 03:19:15 Local via ge-0/0/0.210 172.16.0.16/30 *[Direct/0] 3d 03:19:15 > via ge-0/0/0.280 172.16.0.17/32 *[Local/0] 3d 03:19:15 Local via ge-0/0/0.280 192.168.40.0/24 *[Static/5] 03:32:36 > to 10.0.4.9 via ge-0/0/0.20 192.168.50.0/24 *[Static/5] 03:32:36 > to 10.0.4.13 via ge-0/0/0.10 192.168.60.0/24 *[BGP/170] 03:32:36, localpref 100 AS path: 65100 I > to 10.0.4.5 via ge-0/0/0.30 192.168.90.0/24 *[BGP/170] 03:33:42, localpref 100 AS path: 65200 I > to 10.0.2.5 via ge-0/0/0.40 internet.inet.0: 40 destinations, 63 routes (40 active, 0 holddown, 1 hidden) + = Active Route, - = Last Active, * = Both 1.1.1.1/32 *[Direct/0] 04:43:57 > via lo0.1 10.0.2.4/30 *[Direct/0] 03:38:59 > via ge-0/0/0.40 10.0.2.6/32 *[Local/0] 03:32:36 Local via ge-0/0/0.40 10.0.3.4/32 *[BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 65010 I > to 172.16.0.26 via ge-0/0/0.270 10.0.4.0/30 *[Direct/0] 04:31:48 > via ge-0/0/0.60 10.0.4.2/32 *[Local/0] 03:32:36 Local via ge-0/0/0.60 10.0.4.4/30 *[Direct/0] 03:38:59 > via ge-0/0/0.30 10.0.4.6/32 *[Local/0] 03:32:36 Local via ge-0/0/0.30 10.0.4.12/30 *[Direct/0] 03:38:59 > via ge-0/0/0.10 10.0.4.14/32 *[Local/0] 03:32:36 Local via ge-0/0/0.10 10.10.1.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.2.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.3.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.4.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.5.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.6.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.7.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.8.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.9.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.10.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.11.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.12.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.13.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.14.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.15.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.16.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.17.0/24 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.18.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.19.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 10.10.20.0/24 *[BGP/170] 3d 02:58:05, localpref 100, from 172.16.0.6 AS path: 65010 I to 172.16.0.6 via ge-0/0/0.230 > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 172.16.0.4/30 *[Direct/0] 3d 03:19:15 > via ge-0/0/0.230 172.16.0.5/32 *[Local/0] 3d 03:19:15 Local via ge-0/0/0.230 172.16.0.24/30 *[Direct/0] 3d 03:19:15 > via ge-0/0/0.270 172.16.0.25/32 *[Local/0] 3d 03:19:15 Local via ge-0/0/0.270 192.168.30.0/24 *[Static/5] 03:32:36 > to 10.0.4.1 via ge-0/0/0.60 192.168.50.0/24 *[Static/5] 03:32:36 > to 10.0.4.13 via ge-0/0/0.10 192.168.60.0/24 *[BGP/170] 03:32:36, localpref 100 AS path: 65100 I > to 10.0.4.5 via ge-0/0/0.30 192.168.90.0/24 *[BGP/170] 03:33:46, localpref 100 AS path: 65200 I > to 10.0.2.5 via ge-0/0/0.40 200.200.0.0/16 *[BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 I > to 172.16.0.6 via ge-0/0/0.230 [BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 65010 I > to 172.16.0.26 via ge-0/0/0.270 201.201.0.0/16 *[BGP/170] 3d 02:58:01, localpref 100 AS path: 65020 I > to 172.16.0.26 via ge-0/0/0.270 [BGP/170] 3d 02:58:05, localpref 100 AS path: 65010 65020 I > to 172.16.0.6 via ge-0/0/0.230 nlr.inet.0: 17 destinations, 17 routes (17 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 1.1.1.3/32 *[Direct/0] 03:38:59 > via lo0.3 10.0.2.4/30 *[Direct/0] 03:38:59 > via ge-0/0/0.40 10.0.2.6/32 *[Local/0] 03:32:36 Local via ge-0/0/0.40 10.0.4.4/30 *[Direct/0] 03:38:59 > via ge-0/0/0.30 10.0.4.6/32 *[Local/0] 03:32:36 Local via ge-0/0/0.30 10.0.4.12/30 *[Direct/0] 03:38:59 > via ge-0/0/0.10 10.0.4.14/32 *[Local/0] 03:32:36 Local via ge-0/0/0.10 10.0.5.0/24 *[Direct/0] 03:38:59 > via ge-0/0/0.200 10.0.5.2/32 *[Local/0] 03:38:59 Local via ge-0/0/0.200 10.10.11.0/24 *[BGP/170] 03:38:51, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 10.10.12.0/24 *[BGP/170] 03:38:51, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 10.10.13.0/24 *[BGP/170] 03:38:51, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 10.10.14.0/24 *[BGP/170] 03:38:51, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 120.120.0.0/16 *[BGP/170] 03:38:51, localpref 100 AS path: 65050 I > to 10.0.5.254 via ge-0/0/0.200 192.168.50.0/24 *[Static/5] 03:32:36 > to 10.0.4.13 via ge-0/0/0.10 192.168.60.0/24 *[BGP/170] 03:32:36, localpref 100 AS path: 65100 I > to 10.0.4.5 via ge-0/0/0.30 192.168.90.0/24 *[BGP/170] 03:33:38, localpref 100 AS path: 65200 I > to 10.0.2.5 via ge-0/0/0.40