clerie/vcp-bula-nixfiles
1
0
Fork 0
Code Releases Activity

Compare commits

base: clerie:325422a0463d041808616e0a3aefa54a37346ffe
Branches Tags
clerie:main
...
compare: clerie:main
Branches Tags
clerie:main

45 Commits
325422a046 ... main

Author SHA1 Message Date
Frank Waßmuth
e8d4a82581 Add temperature metrics 2022-08-04 10:27:59 +02:00
Frank Waßmuth
6765bdf0c2 Add moonbeam and sunbread to prometheus 2022-08-04 10:27:37 +02:00
clerie
aece0896cf dns: fix typo in ip address 2022-08-01 11:59:02 +02:00
clerie
5e3c65b2b3 router, dns: fix IP to MAC assignment and add dns records for programmtresen signage 2022-08-01 11:54:24 +02:00
Garionion
5eb12ec443 dns: add more lama stuff 2022-08-01 09:31:42 +02:00
Ember 'n0emis' Keske
87367833a2 add static dhcp lease for simens logo stechuhr 2022-07-31 21:31:58 +02:00
Ember 'n0emis' Keske
d10376aaff scrape energy exporter 2022-07-31 19:38:16 +02:00
Frank Waßmuth
6facda326c Switch config field changes 2022-07-31 16:31:07 +02:00
Frank Waßmuth
7e37d9639e Add YATE and wifi monitoring 2022-07-31 16:30:17 +02:00
Garionion
b6647f9d5f dns: add proxmox dns names 2022-07-31 12:22:50 +02:00
Ember 'n0emis' Keske
e115148551 switch v6 for lama-vms 2022-07-30 21:01:10 +02:00
Ember 'n0emis' Keske
08794fa4f2 add dhcp-reservations for signage-pis at programmtresen 2022-07-30 16:16:45 +02:00
Ember 'n0emis' Keske
d93cf6545e monitor sw-post 2022-07-30 09:41:18 +02:00
Frank Waßmuth
d29e9eb897 Add sw-post and sw-international 2022-07-30 08:31:04 +02:00
Garionion
1473916e4a router: set mtu for uplink 2022-07-28 20:28:50 +02:00
clerie
a8bf30238b router: add net-audio and net-trabantenst 2022-07-28 20:00:50 +02:00
Jannik
b2676162e7 feat(sipgate-balance-exporter): add script 2022-07-28 14:25:00 +02:00
Frank Waßmuth
3966204fce Remove duplicate DNS targets 2022-07-28 10:03:30 +02:00
clerie
c3ddfd015f monitoring: remove sw-zoll-container 2022-07-27 22:26:43 +02:00
Frank Waßmuth
eaba415941 Add BLL and Finanzen switches 2022-07-27 20:51:05 +02:00
clerie
dae6c3d80f router: Allow monitoring to access iot network to check webcam 2022-07-27 17:59:20 +02:00
Jannik
516954f6b2 feat(dns): add karte.bula 2022-07-27 17:09:54 +02:00
Garionion
570f393692 router: use QinQ for uplink b 2022-07-27 15:25:12 +02:00
Garionion
2d092ea970 router: use QinQ for uplink 2022-07-27 12:32:34 +02:00
Frank Waßmuth
635de06441 Add switch config backups 2022-07-27 11:27:28 +02:00
clerie
8a9a9f92e0 router: restart dhcpcd on ppp interface creation 2022-07-27 10:08:50 +02:00
Garionion
36e16a4c7b dns: allow more prometheus ports 2022-07-27 10:02:24 +02:00
Frank Waßmuth
c1ab152393 Add sw-finanzen to DNS 2022-07-27 09:32:53 +02:00
clerie
70761b0962 router: add net-fuf and net-mav 2022-07-26 21:48:33 +02:00
clerie
6021663fde router: open firewall for drucker 2022-07-26 16:26:00 +02:00
Garionion
5c7a8e1f51 kea: add reservation for mkay 2022-07-26 15:12:44 +02:00
Garionion
377e493d0b dns: add pbs entry 2022-07-26 15:12:22 +02:00
clerie
86b45bae8e router, pre-router: move wireguard tunnel and change default route for router 2022-07-26 14:40:07 +02:00
Jannik
30cd7a9f39 fix(radius): fix vlan assignment and export to csv 2022-07-26 11:30:06 +02:00
Jannik
54794f2611 feat(radius): add password generation script 2022-07-25 23:02:46 +02:00
Garionion
29b52957db dns: fix lama zonefiles 2022-07-25 21:38:06 +02:00
Garionion
d1f516f663 dhcp,dns: add drucker 2022-07-25 21:34:20 +02:00
Garionion
b47fd3e452 monitoring: add lama zones to dns scraper 2022-07-25 21:28:53 +02:00
Garionion
65d0ae87d4 dns: fix lama records 2022-07-25 21:28:17 +02:00
Frank Waßmuth
131f076dac Extend scrape_timeout for waldbrandgefahr 2022-07-25 19:59:06 +02:00
Garionion
a8a3b00786 dns: remove query logging 2022-07-25 19:52:23 +02:00
Garionion
6f7d943321 dns: add reverse dns for sw-bll 2022-07-25 19:22:16 +02:00
Frank Waßmuth
8b5d4493e6 Add sw-bll to DNS zone 2022-07-25 19:18:09 +02:00
Garionion
d96fd92ec9 monitoring: fix snmp exporter scraper config 2022-07-25 19:13:38 +02:00
Garionion
dfe76ccf37 dns: add lama zone configs 2022-07-25 19:13:17 +02:00
40 changed files with 6091 additions and 1494 deletions
Expand all files Collapse all files

28
hosts/dns/dns.nix
View File

@@ -2,13 +2,12 @@
{
networking.firewall.interfaces.ens18.allowedUDPPorts = [ 53 ];
networking.firewall.interfaces.ens18.allowedTCPPorts = [ 9253 9353];
networking.firewall.interfaces.ens18.allowedTCPPorts = [ 9253 9353 9453 9553 ];
services.coredns = {
enable = true;
config = ''
.:53 {
errors
log
cache {
success 1000000
denial 50000
@@ -16,19 +15,27 @@
serve_stale
}
prometheus 10.42.10.8:9253
forward . tls://2620:fe::fe tls://9.9.9.9 tls://2620:fe::9 tls://149.112.112.112 {
tls_servername dns.quad9.net
health_check 5s
}
forward . 2620:fe::fe 9.9.9.9 2620:fe::9 149.112.112.112
}
bula22.de {
errors
log
prometheus 10.42.10.8:9353
file /etc/zones/db.bula22.de
}
oncamp.lama.vcp.de {
errors
prometheus 10.42.10.8:9453
file /etc/zones/db.oncamp.lama.vcp.de
}
oncamp.m2yk8s.de {
errors
prometheus 10.42.10.8:9553
file /etc/zones/db.oncamp.m2yk8s.de
}
42.10.in-addr.arpa {
file /etc/zones/db.42.10.in-addr.arpa.
}
@@ -42,6 +49,8 @@
};
systemd.services.coredns.restartTriggers = [
config.environment.etc."zones/db.bula22.de".source
config.environment.etc."zones/db.oncamp.lama.vcp.de".source
config.environment.etc."zones/db.oncamp.m2yk8s.de".source
config.environment.etc."zones/db.42.10.in-addr.arpa.".source
config.environment.etc."zones/db.2.4.0.0.0.1.0.0.0.0.d.f.ip6.arpa.".source
config.environment.etc."zones/db.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa.".source
@@ -49,9 +58,12 @@
environment = {
etc = {
"zones/db.bula22.de".source = ./zones/db.bula22.de;
"zones/db.oncamp.lama.vcp.de".source = ./zones/db.oncamp.lama.vcp.de;
"zones/db.oncamp.m2yk8s.de".source = ./zones/db.oncamp.m2yk8s.de;
"zones/db.42.10.in-addr.arpa.".source = ./zones/db.42.10.in-addr.arpa.;
"zones/db.2.4.0.0.0.1.0.0.0.0.d.f.ip6.arpa.".source = ./zones/db.2.4.0.0.0.1.0.0.0.0.d.f.ip6.arpa.;
"zones/db.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa.".source = ./zones/db.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa.;
};
};
}
}
#

4
hosts/dns/zones/db.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa.
View File

@@ -18,8 +18,8 @@ $TTL 3600
7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR rmonitoring.bula22.de.
8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR rdns.bula22.de.
9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR ryate-dialup.bula22.de.
0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR rlama-1.bula22.de.
1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR rlama-2.bula22.de.
0.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR rlama-2.bula22.de.
1.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR rlama-1.bula22.de.
2.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR rzoll-1.bula22.de.
3.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR rprogramm-1.bula22.de.
4.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.2.2.8.c.0.c.1.8.f.4.0.1.0.a.2.ip6.arpa. IN PTR rnerd.bula22.de.

21
hosts/dns/zones/db.42.10.in-addr.arpa.
View File

@@ -18,8 +18,8 @@ $TTL 3600
10.42.10.7.in-addr.arpa. IN PTR monitoring.bula22.de.
10.42.10.8.in-addr.arpa. IN PTR dns.bula22.de.
10.42.10.9.in-addr.arpa. IN PTR yate-dialup.bula22.de.
10.42.10.20.in-addr.arpa. IN PTR lama-1.bula22.de.
10.42.10.21.in-addr.arpa. IN PTR lama-2.bula22.de.
10.42.10.21.in-addr.arpa. IN PTR lama-1.bula22.de.
10.42.10.20.in-addr.arpa. IN PTR lama-2.bula22.de.
10.42.10.22.in-addr.arpa. IN PTR zoll-1.bula22.de.
10.42.10.23.in-addr.arpa. IN PTR programm-1.bula22.de.
10.42.10.24.in-addr.arpa. IN PTR nerd.bula22.de.
@@ -35,7 +35,7 @@ $TTL 3600
10.42.42.14.in-addr.arpa. IN PTR sw-zoll-container.bula22.de.
10.42.42.15.in-addr.arpa. IN PTR sw-zoll-zelt.bula22.de.
10.42.42.16.in-addr.arpa. IN PTR sw-programmtresen.bula22.de.
10.42.42.17.in-addr.arpa. IN PTR sw-international.bula22.de.
10.42.42.17.in-addr.arpa. IN PTR sw-post.bula22.de.
10.42.42.18.in-addr.arpa. IN PTR sw-leitstelle.bula22.de.
10.42.42.19.in-addr.arpa. IN PTR sw-infojurte.bula22.de.
10.42.42.20.in-addr.arpa. IN PTR sw-technik-zelt.bula22.de.
@@ -45,6 +45,12 @@ $TTL 3600
10.42.42.24.in-addr.arpa. IN PTR sw-waschhaus.bula22.de.
10.42.42.25.in-addr.arpa. IN PTR sw-buehne.bula22.de.
10.42.42.26.in-addr.arpa. IN PTR sw-trabantenstadt.bula22.de.
10.42.42.27.in-addr.arpa. IN PTR sw-bll.bula22.de.
10.42.42.28.in-addr.arpa. IN PTR sw-finanzen.bula22.de.
10.42.42.29.in-addr.arpa. IN PTR sw-finanzen.bula22.de.
10.42.42.123.in-addr.arpa. IN PTR mooncake.bula22.de.
10.42.42.124.in-addr.arpa. IN PTR sunbread.bula22.de.
10.42.42.125.in-addr.arpa. IN PTR pbs.bula22.de.
; Network Gateways
10.42.10.1.in-addr.arpa. IN PTR gw.services.net.bula22.de.
@@ -61,3 +67,12 @@ $TTL 3600
10.42.210.1.in-addr.arpa. IN PTR gw.international.net.bula22.de.
10.42.211.1.in-addr.arpa. IN PTR gw.programmtresen.net.bula22.de.
10.42.212.1.in-addr.arpa. IN PTR gw.open-office.net.bula22.de.
#other
10.42.132.2.in-addr.arpa. IN PTR omm.bula22.de.
10.42.151.2.in-addr.arpa. IN PTR webcam.bula22.de.
<<<<<<< Updated upstream
10.42.212.2.in-addr.arpa. IN PTR drucker.bula22.de.
=======
>>>>>>> Stashed changes

30
hosts/dns/zones/db.bula22.de
View File

@@ -2,7 +2,7 @@ $ORIGIN bula22.de.
$TTL 3600
bula22.de. IN SOA dns.bula22.de. hostmaster.bula22.de. (
2022072101
2022080101
10800
3600
604800
@@ -33,9 +33,9 @@ dns.bula22.de. IN A 10.42.10.8
IN AAAA 2a01:4f8:1c0c:8221::8
yate-dialup.bula22.de. IN A 10.42.10.9
IN AAAA 2a01:4f8:1c0c:8221::9
lama-1.bula22.de. IN A 10.42.10.20
lama-1.bula22.de. IN A 10.42.10.21
IN AAAA 2a01:4f8:1c0c:8221::20
lama-2.bula22.de. IN A 10.42.10.21
lama-2.bula22.de. IN A 10.42.10.20
IN AAAA 2a01:4f8:1c0c:8221::21
zoll-1.bula22.de. IN A 10.42.10.22
IN AAAA 2a01:4f8:1c0c:8221::22
@@ -47,10 +47,14 @@ pre-router.bula22.de. IN A 10.42.10.25
IN AAAA 2a01:4f8:1c0c:8221::25
map.bula22.de. IN A 10.42.10.26
IN AAAA 2a01:4f8:1c0c:8221::26
karte.bula22.de. IN A 10.42.10.26
IN AAAA 2a01:4f8:1c0c:8221::26
nixdeploy.bula22.de. IN A 10.42.10.245
IN AAAA 2a01:4f8:1c0c:8221::245
omm.bula22.de. IN A 10.42.132.2
webcam.bula22.de. IN A 10.42.151.2
drucker.bula22.de. IN A 10.42.212.2
; External Services
vcp-bula-mon.bula22.de. IN AAAA 2a01:4f8:c0c:15f1::8105
@@ -64,7 +68,7 @@ sw-verwaltung.bula22.de. IN A 10.42.42.13
sw-zoll-container.bula22.de. IN A 10.42.42.14
sw-zoll-zelt.bula22.de. IN A 10.42.42.15
sw-programmtresen.bula22.de. IN A 10.42.42.16
sw-international.bula22.de. IN A 10.42.42.17
sw-post.bula22.de. IN A 10.42.42.17
sw-leitstelle.bula22.de. IN A 10.42.42.18
sw-infojurte.bula22.de. IN A 10.42.42.19
sw-technik-zelt.bula22.de. IN A 10.42.42.20
@@ -74,6 +78,12 @@ sw-fuf.bula22.de. IN A 10.42.42.23
sw-waschhaus.bula22.de. IN A 10.42.42.24
sw-buehne.bula22.de. IN A 10.42.42.25
sw-trabantenstadt.bula22.de. IN A 10.42.42.26
sw-bll.bula22.de. IN A 10.42.42.27
sw-finanzen.bula22.de. IN A 10.42.42.28
sw-international.bula22.de. IN A 10.42.42.29
mooncake.bula22.de. IN A 10.42.42.123
sunbread.bula22.de. IN A 10.42.42.124
pbs.bula22.de. IN A 10.42.42.125
; Network Gateways
gw.services.net.bula22.de. IN A 10.42.10.1
@@ -105,3 +115,15 @@ gw.programmtresen.net.bula22.de. IN A 10.42.211.1
IN AAAA fd00:10:42:211::1
gw.open-office.net.bula22.de. IN A 10.42.212.1
IN AAAA fd00:10:42:212::1
; Programmtresen
signage-11.bula22.de. IN A 10.42.211.11
signage-12.bula22.de. IN A 10.42.211.12
signage-13.bula22.de. IN A 10.42.211.13
signage-21.bula22.de. IN A 10.42.211.21
signage-22.bula22.de. IN A 10.42.211.22
signage-23.bula22.de. IN A 10.42.211.23
signage-24.bula22.de. IN A 10.42.211.24
signage-25.bula22.de. IN A 10.42.211.25
signage-31.bula22.de. IN A 10.42.211.31
signage-32.bula22.de. IN A 10.42.211.32

20
hosts/dns/zones/db.oncamp.lama.vcp.de Normal file
View File

@@ -0,0 +1,20 @@
$ORIGIN oncamp.lama.vcp.de.
$TTL 3600
oncamp.lama.vcp.de. IN SOA dns.bula22.de. hostmaster.bula22.de. (
2022072101
10800
3600
604800
3600
)
oncamp.lama.vcp.de. IN NS dns.bula22.de.
oncamp.lama.vcp.de. IN CNAME lama-2.bula22.de.
id.oncamp.lama.vcp.de. IN CNAME lama-2.bula22.de.
reports.oncamp.lama.vcp.de. IN CNAME lama-2.bula22.de.
member.oncamp.lama.vcp.de. IN CNAME lama-2.bula22.de.
signage.oncamp.lama.vcp.de. IN CNAME lama-2.bula22.de.
dashboard.oncamp.lama.vcp.de. IN CNAME lama-2.bula22.de.

20
hosts/dns/zones/db.oncamp.m2yk8s.de Normal file
View File

@@ -0,0 +1,20 @@
$ORIGIN oncamp.m2yk8s.de.
$TTL 3600
oncamp.m2yk8s.de. IN SOA dns.bula22.de. hostmaster.bula22.de. (
2022072101
10800
3600
604800
3600
)
oncamp.m2yk8s.de. IN NS dns.bula22.de.
rancher.oncamp.m2yk8s.de. IN CNAME lama-2.bula22.de.
minio.oncamp.m2yk8s.de. IN CNAME lama-2.bula22.de.
s3.oncamp.m2yk8s.de. IN CNAME lama-2.bula22.de.
registry.oncamp.m2yk8s.de. IN CNAME lama-1.bula22.de.
dashboard.oncamp.m2yk8s.de. IN CNAME lama-2.bula22.de.
_acme-challenge.dashboard.oncamp.m2yk8s.de. TXT ZDba8ibIumMhHmCqGsddGTkjLK-yinWNiSXar38sN8c

164
hosts/monitoring/configuration.nix
View File

@@ -56,6 +56,18 @@ with lib;
script = "${pkgs.python3}/bin/python ${./waldbrandgefahrenstufen-exporter.py}";
};
systemd.services.sipgate-balance-exporter = {
description = "Sipgate Balance Exporter";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
DynamicUser = "yes";
Environment = "SIPGATE_TOKEN_PATH=/var/src/secrets/sipgate-balance/apitoken";
};
script = "${pkgs.python3}/bin/python ${./sipgate-balance-exporter.py}";
};
services.prometheus.alertmanager = {
enable = true;
listenAddress = "[::1]";
@@ -98,6 +110,8 @@ with lib;
"[::1]:9100"
"radius.bula22.de:9100"
"router.bula22.de:9100"
"mooncake.bula22.de:9100"
"sunbread.bula22.de:9100"
];
}
];
@@ -200,8 +214,9 @@ with lib;
"sw-zentral-2.bula22.de"
"sw-verwaltung.bula22.de"
"sw-zoll-container.bula22.de"
"sw-zoll-zelt.bula22.de"
# "sw-zoll-zelt.bula22.de" # Wird doch nicht benötigt
"sw-programmtresen.bula22.de"
"sw-post.bula22.de"
"sw-international.bula22.de"
"sw-leitstelle.bula22.de"
"sw-infojurte.bula22.de"
@@ -212,6 +227,8 @@ with lib;
"sw-waschhaus.bula22.de"
"sw-buehne.bula22.de"
"sw-trabantenstadt.bula22.de"
"sw-bll.bula22.de"
"sw-finanzen.bula22.de"
# Service Probes
"router.bula22.de"
@@ -253,7 +270,6 @@ with lib;
{
targets = [
"dns.bula22.de:9253"
"dns.bula22.de:9353"
];
}
];
@@ -261,6 +277,7 @@ with lib;
{
job_name = "waldbrandgefahrenstufen";
scrape_interval = "1h";
scrape_timeout = "60s";
static_configs = [
{
targets = [
@@ -270,12 +287,151 @@ with lib;
];
}
{
job_name = "snmp";
job_name = "sipgate-balance";
scrape_interval = "120s";
scrape_timeout = "20s";
static_configs = [
{
targets = [
"[::1]:9116"
"[::1]:9243"
];
}
];
}
{
job_name = "snmp";
scrape_interval = "120s";
scrape_timeout = "40s";
metrics_path = "/snmp";
params = {
module = [
"if_mib"
];
};
static_configs = [
{
targets = [
"sw-zentral-1.bula22.de"
"sw-zentral-2.bula22.de"
"sw-verwaltung.bula22.de"
"sw-zoll-container.bula22.de"
# "sw-zoll-zelt.bula22.de" # Wird doch nicht benötigt
"sw-programmtresen.bula22.de"
"sw-international.bula22.de"
"sw-post.bula22.de"
"sw-leitstelle.bula22.de"
"sw-infojurte.bula22.de"
"sw-technik-zelt.bula22.de"
"sw-technik-container.bula22.de"
"sw-hospital.bula22.de"
"sw-fuf.bula22.de"
"sw-waschhaus.bula22.de"
"sw-buehne.bula22.de"
"sw-trabantenstadt.bula22.de"
"sw-bll.bula22.de"
"sw-finanzen.bula22.de"
"wlan-controller.bula22.de"
];
}
];
relabel_configs = [
{
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
target_label = "__address__";
replacement = "[::1]:9116";
}
];
}
{
job_name = "aruba";
scrape_interval = "120s";
scrape_timeout = "40s";
metrics_path = "/snmp";
params = {
module = [
"aruba"
];
};
static_configs = [
{
targets = [
"wlan-controller.bula22.de"
];
}
];
relabel_configs = [
{
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
target_label = "__address__";
replacement = "[::1]:9116";
}
];
}
{
job_name = "yate";
scrape_interval = "30s";
scrape_timeout = "20s";
metrics_path = "/snmp";
params = {
module = [
"yate"
];
};
static_configs = [
{
targets = [
"10.42.10.6"
];
labels = {
instance = "yate.bula22.de";
};
}
{
targets = [
"10.42.10.9"
];
labels = {
instance = "yate-dialup.bula22.de";
};
}
];
relabel_configs = [
{
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
target_label = "__address__";
replacement = "[::1]:9116";
}
];
}
{
job_name = "energy";
scrape_interval = "1s";
scrape_timeout = "1s";
static_configs = [
{
targets = [
"pbs.bula22.de:9555"
];
}
];

70
hosts/monitoring/sipgate-balance-exporter.py Executable file
View File

@@ -0,0 +1,70 @@
#!/usr/bin/env python3
from http.server import HTTPServer, BaseHTTPRequestHandler, HTTPStatus
import os
import socket
import json
from urllib.request import Request, urlopen
import xml.etree.ElementTree as ET
from pathlib import Path
class HTTPServerV6(HTTPServer):
address_family = socket.AF_INET6
TOKEN = Path(os.environ.get("SIPGATE_TOKEN_PATH", "apitoken")).read_text().strip()
class ExporterRequestHandler(BaseHTTPRequestHandler):
def do_GET(self):
if self.path == "/":
self.make_response("sipgate Guthaben für den Trunk")
elif self.path == "/metrics":
self.export()
else:
self.send_error(HTTPStatus.NOT_FOUND, "File not found")
return
def do_HEAD(self):
if self.path == "/":
self.make_response("sipgate Guthaben für den Trunk", head_only=True)
elif self.path == "/metrics":
self.export(head_only=True)
else:
self.send_error(HTTPStatus.NOT_FOUND, "File not found")
return
def export(self, head_only=False):
req = Request("https://api.sipgate.com/v2/balance")
req.add_header("accept", "application/json")
req.add_header("authorization", "Basic " + TOKEN)
webURL = urlopen(req)
data = webURL.read()
encoding = webURL.info().get_content_charset('utf-8')
d = json.loads(data.decode(encoding))
print(d)
balance = d["amount"] / 10000
currency = d["currency"]
res = "sipgate_balance{{currency=\"{}\"}} {}".format(currency, balance)
self.make_response(res, head_only=head_only)
def make_response(self, content, head_only=False):
encoded = content.encode("utf-8")
self.send_response(HTTPStatus.OK)
self.send_header("Content-Type", "text/plain; charset=utf-8")
self.send_header("Conten-Length", str(len(encoded)))
self.end_headers()
if not head_only:
self.wfile.write(encoded)
def run():
with HTTPServerV6(("::1", 9243), ExporterRequestHandler) as httpd:
print("Starting sipgate Balance Exporter on http://[{}]:{}".format(*httpd.socket.getsockname()[:2]))
httpd.serve_forever()
if __name__ == "__main__":
run()

3019
hosts/monitoring/snmp.yml
View File

File diff suppressed because it is too large Load Diff

28
hosts/pre-router/configuration.nix
View File

@@ -55,34 +55,6 @@
{ address = "10.42.0.0"; prefixLength = 16; via = "10.42.10.1"; }
];
networking.wireguard = {
enable = true;
interfaces = {
wg0 = {
ips = [ "fe80::42:10:1/64" ];
privateKeyFile = "/var/src/secrets/wireguard/wg0";
allowedIPsAsRoutes = false;
peers = [{
publicKey = "Y++eB9SfU17zB4mJ/6AaN761tngXAyTNoVaPNKmuvls=";
allowedIPs = [ "::/0" ];
endpoint = "78.47.183.82:51876";
#endpoint = "gatekeeper.net.clerie.de:51876";
persistentKeepalive = 25;
}];
};
};
};
networking.localCommands = ''
ip -6 route add default dev wg0 table 100
'';
clerie.policyrouting.enable = true;
clerie.policyrouting.rules6 = [
{ rule = "lookup main suppress_prefixlength 0"; prio = 10000; }
{ rule = "from 2a01:4f8:1c0c:8221::/64 lookup 100"; prio = 19000; }
];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave

87
hosts/radius/generate_passwords.py Normal file
View File

@@ -0,0 +1,87 @@
###
# Hier werden die Passwörter generiert und sie VLANs zugeordnet. Diese Datei
# kann nach `radius.bula22.de:/etc/raddb/mods-config/files/authorize` geschoben
# werden.
#
# ACHTUNG! Die Passwörter sind nicht idempotent, sondern werden neu generiert.
# Das Skript also nur ausführen, solange die User noch nicht online sind.
# Danach muss wieder manuell gefrickelt werden. Das Passwort für leitstelle01
# ist bereits publik, darum wird es hier überschrieben.
#
# Anpassbar:
# - Welcher Userprefix kommt in welches VLAN.
# - Wie viele User gehen pro Prefix online?
#
# Fragen? Fragen! DECT664 oder über Signal / Matrix / rfc1149.
###
import secrets
import string
USERS_PER_PREFIX = 20
LEITSTELLE01_PW = "Findest du in der existierenden authorize file"
### LEITSTELLE
# DEFAULT
# Tunnel-Private-Group-Id = "205",
# Fall-Through = Yes
#
# leitstelle01 Cleartext-Password := "oofahcul3aiV4ri8"
prefixes = [
(201, "ikt"),
(202, "buehne"),
(202, "technik"),
(203, "hospital"),
(204, "zoll"),
(205, "leitstelle"),
(206, "bll"),
(206, "finanzen"),
(208, "bayern"),
(208, "elydipark"),
(208, "hessen"),
(208, "trabantenstadt"),
(208, "waltara"),
(208, "zeche"),
(209, "infojurte"),
(210, "intfairground"),
(210, "intinfocenter"),
(211, "programmtre"),
(212, "openoffice")
]
def gen_password():
alphabet = string.ascii_letters + string.digits
return ''.join(secrets.choice(alphabet) for i in range(10))
print("DEFAULT")
print("\tTunnel-Type = \"VLAN\",")
print("\tTunnel-Medium-Type = IEEE-802,")
print("\tFall-Through = Yes")
print()
csv_file = "Username,password\n"
for (vlan, prefix) in prefixes:
print(f"## {prefix.upper()}")
print(f"DEFAULT")
print(f"\tTunnel-Private-Group-Id := \"{vlan}\",")
print(f"\tFall-Through = Yes")
print()
for i in range(1, USERS_PER_PREFIX + 1):
username = f"{prefix}{i:02d}"
pw = gen_password()
if username == "leitstelle01":
pw = LEITSTELLE01_PW
print(f"{username}\tCleartext-Password := \"{pw}\"")
csv_file += username + "," + pw + "\n"
print()
f = open("accounts.csv", "w")
f.write(csv_file)
f.close()

26
hosts/router/10-net-services.nix
View File

@@ -6,6 +6,32 @@
interface = "ens18";
};
networking.wireguard = {
enable = true;
interfaces = {
wg-services = {
ips = [ "fe80::42:10:1/64" ];
privateKeyFile = "/var/src/secrets/wireguard/wg-services";
allowedIPsAsRoutes = false;
peers = [{
publicKey = "Y++eB9SfU17zB4mJ/6AaN761tngXAyTNoVaPNKmuvls=";
allowedIPs = [ "::/0" ];
endpoint = "78.47.183.82:51876";
#endpoint = "gatekeeper.net.clerie.de:51876";
persistentKeepalive = 25;
}];
};
};
};
networking.localCommands = ''
ip -6 route add default dev wg-services table 20003
'';
clerie.policyrouting.rules6 = [
{ rule = "from 2a01:4f8:1c0c:8221::/64 lookup 20003"; prio = 19000; }
];
networking.interfaces.net-services.ipv4.addresses = [
{ address = "10.42.10.1"; prefixLength = 24; }
{ address = "10.42.10.2"; prefixLength = 24; }

8
hosts/router/101-net-uplink-a.nix
View File

@@ -5,11 +5,17 @@
id = 101;
interface = "ens18";
};
networking.interfaces."net-uplink-a".mtu = 1600;
networking.vlans."net-uplink-a.7" = {
id = 7;
interface = "net-uplink-a";
};
services.pppd = {
peers.uplink-a = {
config = ''
plugin rp-pppoe.so net-uplink-a
plugin rp-pppoe.so net-uplink-a.7
user "002742928961551138009163#0001@t-online.de"
ifname ppp-uplink-a
persist

8
hosts/router/102-net-uplink-b.nix
View File

@@ -5,11 +5,17 @@
id = 102;
interface = "ens18";
};
networking.interfaces."net-uplink-a".mtu = 1600;
networking.vlans."net-uplink-b.7" = {
id = 7;
interface = "net-uplink-b";
};
services.pppd = {
peers.uplink-b = {
config = ''
plugin rp-pppoe.so net-uplink-b
plugin rp-pppoe.so net-uplink-b.7
user "002269158219551138009162#0001@t-online.de"
ifname ppp-uplink-b
persist

7
hosts/router/151-net-technik-iot.nix
View File

@@ -52,6 +52,10 @@
hw-address = "00:03:c5:01:13:2b";
ip-address = "10.42.151.2";
}
{ # siemens logo stechuhr
hw-address = "bc:f3:19:30:d2:1b";
ip-address = "10.42.151.3";
}
];
}
];
@@ -62,6 +66,9 @@
{ incomingInterface = "net-ikt"; }
# Give technik access to their toys
{ incomingInterface = "net-technik"; }
# Allow monitoring
{ incomingInterface = "net-services"; sourceAddress = "10.42.10.7"; }
{ incomingInterface = "net-services"; sourceAddress6 = "2a01:4f8:1c0c:8221::7"; }
];
clerie.uplink-selector.interfaces.net-technik-iot.uplink = "uplink-b";

6
hosts/router/206-net-verwaltung.nix
View File

@@ -47,6 +47,12 @@
data = "10.42.206.1";
}
];
reservations = [
{ # mkay.bula22.de
hw-address = "ac:87:a3:0c:70:04";
ip-address = "10.42.206.2";
}
];
}
];
};

52
hosts/router/211-net-programmtre.nix
View File

@@ -47,6 +47,58 @@
data = "10.42.211.1";
}
];
reservations = [
{
# signage-11
hw-address = "e4:5f:01:91:f7:fe";
ip-address = "10.42.211.11";
}
{
# signage-12
hw-address = "e4:5f:01:92:08:13";
ip-address = "10.42.211.12";
}
{
# signage-13
hw-address = "e4:5f:01:91:f5:59";
ip-address = "10.42.211.13";
}
{
# signage-21
hw-address = "e4:5f:01:93:70:86";
ip-address = "10.42.211.21";
}
{
# signage-22
hw-address = "e4:5f:01:93:5b:53";
ip-address = "10.42.211.22";
}
{
# signage-23
hw-address = "e4:5f:01:93:5c:39";
ip-address = "10.42.211.23";
}
{
# signage-24
hw-address = "e4:5f:01:93:58:ad";
ip-address = "10.42.211.24";
}
{
# signage-25
hw-address = "e4:5f:01:93:5b:e9";
ip-address = "10.42.211.25";
}
{
# signage-31
hw-address = "b8:27:eb:cd:f7:ef";
ip-address = "10.42.211.31";
}
{
# signage-32
hw-address = "b8:27:eb:1b:5c:f1";
ip-address = "10.42.211.32";
}
];
}
];
};

7
hosts/router/212-net-open-office.nix
View File

@@ -47,6 +47,12 @@
data = "10.42.212.1";
}
];
reservations = [
{ # drucker.bula22.de
hw-address = "00:21:b7:87:50:2c";
ip-address = "10.42.212.2";
}
];
}
];
};
@@ -54,6 +60,7 @@
clerie.forward-filter.interfaces.net-open-office.rules = [
{ incomingInterface = "net-ikt"; }
{ destinationAddress = "10.42.212.2/32"; }
];
clerie.uplink-selector.interfaces.net-open-office.uplink = "uplink-b";

60
hosts/router/213-net-fuf.nix Normal file
View File

@@ -0,0 +1,60 @@
{ config, pkgs, ...}:
{
networking.vlans."net-fuf" = {
id = 213;
interface = "ens18";
};
networking.interfaces.net-fuf.ipv6.addresses = [
{ address = "fe80::1"; prefixLength = 64; }
{ address = "fd00:10:42:213::1"; prefixLength = 64; }
];
networking.interfaces.net-fuf.ipv4.addresses = [
{ address = "10.42.213.1"; prefixLength = 24; }
];
services.radvd.config = ''
interface net-fuf {
AdvSendAdvert on;
MaxRtrAdvInterval 30;
prefix ::/64 {
AdvValidLifetime 60;
AdvPreferredLifetime 30;
};
RDNSS 2a01:4f8:1c0c:8221::8 {};
DNSSL bula22.de {};
};
'';
services.kea.dhcp4 = {
settings = {
interfaces-config = {
interfaces = [ "net-fuf" ];
};
subnet4 = [
{
id = 213;
subnet = "10.42.213.1/24";
pools = [
{
pool = "10.42.213.100 - 10.42.213.240";
}
];
option-data = [
{
name = "routers";
data = "10.42.213.1";
}
];
}
];
};
};
clerie.forward-filter.interfaces.net-fuf.rules = [
{ incomingInterface = "net-ikt"; }
];
clerie.uplink-selector.interfaces.net-fuf.uplink = "uplink-b";
}

60
hosts/router/214-net-mav.nix Normal file
View File

@@ -0,0 +1,60 @@
{ config, pkgs, ...}:
{
networking.vlans."net-mav" = {
id = 214;
interface = "ens18";
};
networking.interfaces.net-mav.ipv6.addresses = [
{ address = "fe80::1"; prefixLength = 64; }
{ address = "fd00:10:42:214::1"; prefixLength = 64; }
];
networking.interfaces.net-mav.ipv4.addresses = [
{ address = "10.42.214.1"; prefixLength = 24; }
];
services.radvd.config = ''
interface net-mav {
AdvSendAdvert on;
MaxRtrAdvInterval 30;
prefix ::/64 {
AdvValidLifetime 60;
AdvPreferredLifetime 30;
};
RDNSS 2a01:4f8:1c0c:8221::8 {};
DNSSL bula22.de {};
};
'';
services.kea.dhcp4 = {
settings = {
interfaces-config = {
interfaces = [ "net-mav" ];
};
subnet4 = [
{
id = 214;
subnet = "10.42.214.1/24";
pools = [
{
pool = "10.42.214.100 - 10.42.214.240";
}
];
option-data = [
{
name = "routers";
data = "10.42.214.1";
}
];
}
];
};
};
clerie.forward-filter.interfaces.net-mav.rules = [
{ incomingInterface = "net-ikt"; }
];
clerie.uplink-selector.interfaces.net-mav.uplink = "uplink-b";
}

60
hosts/router/215-net-audio.nix Normal file
View File

@@ -0,0 +1,60 @@
{ config, pkgs, ...}:
{
networking.vlans."net-audio" = {
id = 215;
interface = "ens18";
};
networking.interfaces.net-audio.ipv6.addresses = [
{ address = "fe80::1"; prefixLength = 64; }
{ address = "fd00:10:42:215::1"; prefixLength = 64; }
];
networking.interfaces.net-audio.ipv4.addresses = [
{ address = "10.42.215.1"; prefixLength = 24; }
];
services.radvd.config = ''
interface net-audio {
AdvSendAdvert on;
MaxRtrAdvInterval 30;
prefix ::/64 {
AdvValidLifetime 60;
AdvPreferredLifetime 30;
};
RDNSS 2a01:4f8:1c0c:8221::8 {};
DNSSL bula22.de {};
};
'';
services.kea.dhcp4 = {
settings = {
interfaces-config = {
interfaces = [ "net-audio" ];
};
subnet4 = [
{
id = 215;
subnet = "10.42.215.1/24";
pools = [
{
pool = "10.42.215.100 - 10.42.215.240";
}
];
option-data = [
{
name = "routers";
data = "10.42.215.1";
}
];
}
];
};
};
clerie.forward-filter.interfaces.net-audio.rules = [
{ incomingInterface = "net-ikt"; }
];
clerie.uplink-selector.interfaces.net-audio.uplink = "uplink-b";
}

60
hosts/router/216-net-trabantenst.nix Normal file
View File

@@ -0,0 +1,60 @@
{ config, pkgs, ...}:
{
networking.vlans."net-trabantenst" = {
id = 216;
interface = "ens18";
};
networking.interfaces.net-trabantenst.ipv6.addresses = [
{ address = "fe80::1"; prefixLength = 64; }
{ address = "fd00:10:42:216::1"; prefixLength = 64; }
];
networking.interfaces.net-trabantenst.ipv4.addresses = [
{ address = "10.42.216.1"; prefixLength = 24; }
];
services.radvd.config = ''
interface net-trabantenst {
AdvSendAdvert on;
MaxRtrAdvInterval 30;
prefix ::/64 {
AdvValidLifetime 60;
AdvPreferredLifetime 30;
};
RDNSS 2a01:4f8:1c0c:8221::8 {};
DNSSL bula22.de {};
};
'';
services.kea.dhcp4 = {
settings = {
interfaces-config = {
interfaces = [ "net-trabantenst" ];
};
subnet4 = [
{
id = 216;
subnet = "10.42.216.1/24";
pools = [
{
pool = "10.42.216.100 - 10.42.216.240";
}
];
option-data = [
{
name = "routers";
data = "10.42.216.1";
}
];
}
];
};
};
clerie.forward-filter.interfaces.net-trabantenst.rules = [
{ incomingInterface = "net-ikt"; }
];
clerie.uplink-selector.interfaces.net-trabantenst.uplink = "uplink-b";
}

9
hosts/router/configuration.nix
View File

@@ -27,6 +27,10 @@
./210-net-internation.nix
./211-net-programmtre.nix
./212-net-open-office.nix
./213-net-fuf.nix
./214-net-mav.nix
./215-net-audio.nix
./216-net-trabantenst.nix
];
boot.loader.systemd-boot.enable = true;
@@ -34,9 +38,6 @@
networking.hostName = "router";
networking.defaultGateway = { address = "10.42.10.25"; interface = "net-services"; };
networking.defaultGateway6 = { address = "2a01:4f8:1c0c:8221::25"; interface = "net-services"; };
networking.firewall.checkReversePath = false;
services.prometheus.exporters.node = {
@@ -85,6 +86,8 @@
clerie.forward-filter.enable = true;
networking.interfaces."ens18".mtu = 9000;
services.pppd.enable = true;
# This value determines the NixOS release from which the default

11
hosts/router/ppp.nix
View File

@@ -5,6 +5,7 @@
path = "/etc/ppp/pap-secrets";
mode = "0440";
};
# Setting default routes based on interfaces in different tables
environment.etc."ppp/ip-up" = {
text = ''
@@ -14,10 +15,12 @@
ppp-uplink-a)
${pkgs.iproute2}/bin/ip route flush table 20001 || true
${pkgs.iproute2}/bin/ip route add default dev ppp-uplink-a table 20001
${pkgs.iproute2}/bin/ip route replace default dev ppp-uplink-a metric 2000
;;
ppp-uplink-b)
${pkgs.iproute2}/bin/ip route flush table 20002 || true
${pkgs.iproute2}/bin/ip route add default dev ppp-uplink-b table 20002
${pkgs.iproute2}/bin/ip route replace default dev ppp-uplink-b metric 1000
;;
esac
'';
@@ -30,9 +33,11 @@
case $1 in
ppp-uplink-a)
${pkgs.iproute2}/bin/ip route flush table 20001 || true
${pkgs.iproute2}/bin/ip route delete default dev ppp-uplink-a || true
;;
ppp-uplink-b)
${pkgs.iproute2}/bin/ip route flush table 20002 || true
${pkgs.iproute2}/bin/ip route delete default dev ppp-uplink-b || true
;;
esac
'';
@@ -46,12 +51,16 @@
ppp-uplink-a)
${pkgs.iproute2}/bin/ip -6 route flush table 20001 || true
${pkgs.iproute2}/bin/ip -6 route add default dev ppp-uplink-a table 20001
${pkgs.iproute2}/bin/ip -6 route replace default dev ppp-uplink-a metric 2000
;;
ppp-uplink-b)
${pkgs.iproute2}/bin/ip -6 route flush table 20002 || true
${pkgs.iproute2}/bin/ip -6 route add default dev ppp-uplink-b table 20002
${pkgs.iproute2}/bin/ip -6 route replace default dev ppp-uplink-b metric 1000
;;
esac
${pkgs.systemd}/bin/systemctl restart dhcpcd.service
'';
mode = "555";
};
@@ -62,9 +71,11 @@
case $1 in
ppp-uplink-a)
${pkgs.iproute2}/bin/ip -6 route flush table 20001 || true
${pkgs.iproute2}/bin/ip -6 route delete default dev ppp-uplink-a || true
;;
ppp-uplink-b)
${pkgs.iproute2}/bin/ip -6 route flush table 20002 || true
${pkgs.iproute2}/bin/ip -6 route delete default dev ppp-uplink-b || true
;;
esac
'';

2
hosts/router/prefix-delegation.nix
View File

@@ -28,7 +28,7 @@
ia_pd 1/::/56 net-hospital/203/64 net-zoll/204/64 net-leitstelle/205/64 net-verwaltung/206/64
interface ppp-uplink-b
ipv6rs
ia_pd 1/::/56 net-technik-iot/151/64 net-technik-iot/152/64 net-ikt/201/64 net-technik/202/64 net-yolo/208/64 net-infojurte/209/64 net-internation/210/64 net-programmtre/211/64 net-open-office/212/64
ia_pd 1/::/56 net-technik-iot/151/64 net-technik-iot/152/64 net-ikt/201/64 net-technik/202/64 net-yolo/208/64 net-infojurte/209/64 net-internation/210/64 net-programmtre/211/64 net-open-office/212/64 net-fuf/213/64 net-mav/214/64 net-audio/215/64 net-trabantenst/216/64
'';
};
}

7
hosts/router/uplink-selector.nix
View File

@@ -1,14 +1,7 @@
{ config, pkgs, ... }:
{
networking.localCommands = ''
ip -6 route add default via 2a01:4f8:1c0c:8221::25 dev net-services table 20003
'';
clerie.policyrouting.enable = true;
clerie.policyrouting.rules6 = [
{ rule = "from 2a01:4f8:1c0c:8221::/64 lookup 20003"; prio = 19000; }
];
clerie.uplink-selector.enable = true;
clerie.uplink-selector.uplinks = {

36
switchconfig/sw-bll Normal file
View File

@@ -0,0 +1,36 @@
; J9298A Configuration Editor; Created on release #J.15.09.0028
; Ver #06:04.08.00.01.14.05:1a
hostname "sw-bll"
time timezone 60
ip default-gateway 10.42.42.1
ip dns domain-name "bula22.de"
ip dns server-address priority 1 10.42.10.8
ip ssh filetransfer
interface 10
name "UPLINK sw-verwaltung"
exit
snmp-server community "tellme" operator
vlan 1
name "DEFAULT_VLAN"
no untagged 1-9
untagged 10
no ip address
exit
vlan 42
name "VL_MGMT"
tagged 10
ip address 10.42.42.27 255.255.255.0
exit
vlan 206
name "VL_VERWALTUNG"
untagged 1-9
tagged 10
no ip address
exit
management-vlan 42
no tftp client
no tftp server
loop-protect 1-10
no dhcp config-file-update
password manager

154
switchconfig/sw-buehne
View File

@@ -1,32 +1,89 @@
version 12.3R3.4;
## Last changed: 2016-01-24 12:14:48 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_MAV VL_AUDIO ];
}
}
}
}
}
}
}
system {
host-name sw-buehne;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members VL_MGMT;
members VL_AUDIO;
}
native-vlan-id VL_WLAN;
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members VL_AUDIO;
}
}
}
}
ge-0/0/23 {
description DECT-Buehne;
unit 0 {
family ethernet-switching {
vlan {
members VL_DECT;
}
}
}
}
ge-0/1/3 {
apply-groups backbone_vlans;
description "UPLINK sw-hospital";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_TECHNIK ];
}
}
}
}
@@ -67,48 +124,21 @@ ethernet-switching-options {
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
VL_AUDIO {
description "Buehne Ton";
vlan-id 215;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
VL_HOSPITAL {
vlan-id 203;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -116,10 +146,48 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}
poe {
interface ge-0/0/0;
interface ge-0/0/23;
}

36
switchconfig/sw-finanzen Normal file
View File

@@ -0,0 +1,36 @@
; J9298A Configuration Editor; Created on release #J.15.09.0028
; Ver #06:04.08.00.01.14.05:1a
hostname "sw-bll"
time timezone 60
ip default-gateway 10.42.42.1
ip dns domain-name "bula22.de"
ip dns server-address priority 1 10.42.10.8
ip ssh filetransfer
interface 10
name "UPLINK sw-verwaltung"
exit
snmp-server community "tellme" operator
vlan 1
name "DEFAULT_VLAN"
no untagged 1-9
untagged 10
no ip address
exit
vlan 42
name "VL_MGMT"
tagged 10
ip address 10.42.42.27 255.255.255.0
exit
vlan 206
name "VL_VERWALTUNG"
untagged 1-9
tagged 10
no ip address
exit
management-vlan 42
no tftp client
no tftp server
loop-protect 1-10
no dhcp config-file-update
password manager

402
switchconfig/sw-fuf
View File

@@ -1,32 +1,266 @@
version 15.1R6.7;
## Last changed: 2016-01-20 15:48:15 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_FUF VL_MAV ];
}
}
}
}
}
}
}
system {
host-name sw-fuf;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
apply-groups backbone_vlans;
description "UPLINK sw-hospital";
unit 0 {
family ethernet-switching {
port-mode trunk;
}
}
}
ge-0/0/1 {
description AP;
unit 0 {
family ethernet-switching {
vlan {
members VL_MGMT;
members VL_WLAN;
}
}
}
}
ge-0/1/3 {
ge-0/0/2 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_SIP VL_YOLO ];
members VL_FUF;
}
}
}
}
ge-0/0/3 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/4 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/13 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/14 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/15 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/16 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/17 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/18 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/19 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/20 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/21 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/22 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
}
ge-0/0/23 {
unit 0 {
family ethernet-switching {
vlan {
members VL_FUF;
}
}
}
@@ -63,53 +297,96 @@ protocols {
}
}
ethernet-switching-options {
secure-access-port {
interface ge-0/0/1.0 {
no-dhcp-trusted;
}
interface ge-0/0/2.0 {
no-dhcp-trusted;
}
interface ge-0/0/3.0 {
no-dhcp-trusted;
}
interface ge-0/0/4.0 {
no-dhcp-trusted;
}
interface ge-0/0/5.0 {
no-dhcp-trusted;
}
interface ge-0/0/6.0 {
no-dhcp-trusted;
}
interface ge-0/0/7.0 {
no-dhcp-trusted;
}
interface ge-0/0/8.0 {
no-dhcp-trusted;
}
interface ge-0/0/9.0 {
no-dhcp-trusted;
}
interface ge-0/0/10.0 {
no-dhcp-trusted;
}
interface ge-0/0/11.0 {
no-dhcp-trusted;
}
interface ge-0/0/12.0 {
no-dhcp-trusted;
}
interface ge-0/0/13.0 {
no-dhcp-trusted;
}
interface ge-0/0/14.0 {
no-dhcp-trusted;
}
interface ge-0/0/15.0 {
no-dhcp-trusted;
}
interface ge-0/0/16.0 {
no-dhcp-trusted;
}
interface ge-0/0/17.0 {
no-dhcp-trusted;
}
interface ge-0/0/18.0 {
no-dhcp-trusted;
}
interface ge-0/0/19.0 {
no-dhcp-trusted;
}
interface ge-0/0/20.0 {
no-dhcp-trusted;
}
interface ge-0/0/21.0 {
no-dhcp-trusted;
}
interface ge-0/0/22.0 {
no-dhcp-trusted;
}
interface ge-0/0/23.0 {
no-dhcp-trusted;
}
}
storm-control {
interface all;
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
VL_FUF {
vlan-id 213;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -117,10 +394,47 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}
poe {
interface ge-0/0/1;
}

414
switchconfig/sw-hospital
View File

@@ -1,26 +1,253 @@
version 12.3R12.4
## Last changed: 2022-07-26 20:11:37 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_FUF VL_MAV ];
}
}
}
}
}
}
}
system {
host-name sw-hospital;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
description "UPLINK sw-fuf";
unit 0 {
apply-groups backbone_vlans;
family ethernet-switching {
port-mode trunk;
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members VL_MGMT;
members VL_HOSPITAL;
}
}
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/3 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/4 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/13 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/14 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/15 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/16 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/17 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/18 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/19 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/20 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/21 {
unit 0 {
family ethernet-switching {
vlan {
members VL_HOSPITAL;
}
}
}
}
ge-0/0/22 {
description AP;
unit 0 {
family ethernet-switching {
vlan {
@@ -30,6 +257,7 @@ interfaces {
}
}
ge-0/0/23 {
description DECT;
unit 0 {
family ethernet-switching {
vlan {
@@ -38,47 +266,30 @@ interfaces {
}
}
}
ge-0/1/0 {
description "zu sw-fuf";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_SIP VL_YOLO ];
}
}
}
}
ge-0/1/1 {
description "zu sw-buehne";
apply-groups backbone_vlans;
description "UPLINK sw-waschhaus";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_TECHNIK ];
}
}
}
}
ge-0/1/2 {
description "zu sw-waschhaus";
apply-groups backbone_vlans;
description "UPLINK sw-buehne";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_IOT VL_YOLO ];
}
}
}
}
ge-0/1/3 {
description "uplink: sw-zentral-1";
apply-groups backbone_vlans;
description "UPLINK sw-zentral-1";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_IOT VL_IKT_TOYS VL_TECHNIK VL_HOSPITAL VL_YOLO ];
}
}
}
}
@@ -114,53 +325,96 @@ protocols {
}
}
ethernet-switching-options {
secure-access-port {
interface ge-0/0/1.0 {
no-dhcp-trusted;
}
interface ge-0/0/2.0 {
no-dhcp-trusted;
}
interface ge-0/0/3.0 {
no-dhcp-trusted;
}
interface ge-0/0/4.0 {
no-dhcp-trusted;
}
interface ge-0/0/5.0 {
no-dhcp-trusted;
}
interface ge-0/0/6.0 {
no-dhcp-trusted;
}
interface ge-0/0/7.0 {
no-dhcp-trusted;
}
interface ge-0/0/8.0 {
no-dhcp-trusted;
}
interface ge-0/0/9.0 {
no-dhcp-trusted;
}
interface ge-0/0/10.0 {
no-dhcp-trusted;
}
interface ge-0/0/11.0 {
no-dhcp-trusted;
}
interface ge-0/0/12.0 {
no-dhcp-trusted;
}
interface ge-0/0/13.0 {
no-dhcp-trusted;
}
interface ge-0/0/14.0 {
no-dhcp-trusted;
}
interface ge-0/0/15.0 {
no-dhcp-trusted;
}
interface ge-0/0/16.0 {
no-dhcp-trusted;
}
interface ge-0/0/17.0 {
no-dhcp-trusted;
}
interface ge-0/0/18.0 {
no-dhcp-trusted;
}
interface ge-0/0/19.0 {
no-dhcp-trusted;
}
interface ge-0/0/20.0 {
no-dhcp-trusted;
}
interface ge-0/0/21.0 {
no-dhcp-trusted;
}
interface ge-0/0/22.0 {
no-dhcp-trusted;
}
interface ge-0/0/23.0 {
no-dhcp-trusted;
}
}
storm-control {
interface all;
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
VL_FUF {
vlan-id 213;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -168,12 +422,46 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}
poe {
interface all;

414
switchconfig/sw-leitstelle
View File

@@ -1,34 +1,275 @@
version 15.1R7-S10;
## Last changed: 2016-01-20 09:15:52 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_FUF VL_MAV ];
}
}
}
}
}
}
}
system {
host-name sw-leitstelle;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family ethernet-switching {
vlan {
members VL_MGMT;
members VL_WLAN;
}
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/3 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/4 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/13 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/14 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/15 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/16 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/17 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/18 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/19 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/20 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/21 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/22 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/0/23 {
unit 0 {
family ethernet-switching {
vlan {
members VL_LEITSTELLE;
}
}
}
}
ge-0/1/3 {
description "uplink: sw-programmtresen";
apply-groups backbone_vlans;
description "UPLINK sw-programmtresen";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_SIP VL_LEITSTELLE ];
}
}
}
}
@@ -64,53 +305,99 @@ protocols {
}
}
ethernet-switching-options {
secure-access-port {
interface ge-0/0/0.0 {
no-dhcp-trusted;
}
interface ge-0/0/1.0 {
no-dhcp-trusted;
}
interface ge-0/0/2.0 {
no-dhcp-trusted;
}
interface ge-0/0/3.0 {
no-dhcp-trusted;
}
interface ge-0/0/4.0 {
no-dhcp-trusted;
}
interface ge-0/0/5.0 {
no-dhcp-trusted;
}
interface ge-0/0/6.0 {
no-dhcp-trusted;
}
interface ge-0/0/7.0 {
no-dhcp-trusted;
}
interface ge-0/0/8.0 {
no-dhcp-trusted;
}
interface ge-0/0/9.0 {
no-dhcp-trusted;
}
interface ge-0/0/10.0 {
no-dhcp-trusted;
}
interface ge-0/0/11.0 {
no-dhcp-trusted;
}
interface ge-0/0/12.0 {
no-dhcp-trusted;
}
interface ge-0/0/13.0 {
no-dhcp-trusted;
}
interface ge-0/0/14.0 {
no-dhcp-trusted;
}
interface ge-0/0/15.0 {
no-dhcp-trusted;
}
interface ge-0/0/16.0 {
no-dhcp-trusted;
}
interface ge-0/0/17.0 {
no-dhcp-trusted;
}
interface ge-0/0/18.0 {
no-dhcp-trusted;
}
interface ge-0/0/19.0 {
no-dhcp-trusted;
}
interface ge-0/0/20.0 {
no-dhcp-trusted;
}
interface ge-0/0/21.0 {
no-dhcp-trusted;
}
interface ge-0/0/22.0 {
no-dhcp-trusted;
}
interface ge-0/0/23.0 {
no-dhcp-trusted;
}
}
storm-control {
interface all;
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
VL_FUF {
vlan-id 213;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -118,10 +405,47 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}
poe {
interface ge-0/0/0;
}

711
switchconfig/sw-programmtresen
View File

@@ -1,56 +1,509 @@
version 15.1R7-S13;
## Last changed: 2016-01-22 09:03:18 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_FUF VL_MAV ];
}
}
}
}
}
}
}
system {
host-name sw-programmtresen;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family ethernet-switching {
vlan {
members VL_MGMT;
members VL_PROGRAMM;
}
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/3 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/4 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/13 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/14 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/15 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/16 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/17 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/18 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/19 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/20 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/21 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/22 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/23 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/24 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/25 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/26 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/27 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/28 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/29 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/30 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/31 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/32 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/33 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/34 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/35 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/36 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/37 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/38 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/39 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/40 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/41 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/42 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/43 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/44 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/45 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/46 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/0/47 {
unit 0 {
family ethernet-switching {
vlan {
members VL_PROGRAMM;
}
}
}
}
ge-0/1/0 {
description "zu sw-leitstelle";
apply-groups backbone_vlans;
description "UPLINK sw-international";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_SIP VL_LEITSTELLE ];
}
}
}
}
ge-0/1/1 {
description "zu sw-international";
apply-groups backbone_vlans;
description "UPLINK sw-leitstelle";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_SIP VL_INTERNATIONAL ];
}
}
}
}
ge-0/1/3 {
description "uplink: sw-zentral-2";
apply-groups backbone_vlans;
description "UPLINK sw-zentral-2";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_LEITSTELLE VL_INTERNATIONAL VL_PROGRAMM ];
}
}
}
}
@@ -86,53 +539,171 @@ protocols {
}
}
ethernet-switching-options {
secure-access-port {
interface ge-0/0/0.0 {
no-dhcp-trusted;
}
interface ge-0/0/1.0 {
no-dhcp-trusted;
}
interface ge-0/0/2.0 {
no-dhcp-trusted;
}
interface ge-0/0/3.0 {
no-dhcp-trusted;
}
interface ge-0/0/4.0 {
no-dhcp-trusted;
}
interface ge-0/0/5.0 {
no-dhcp-trusted;
}
interface ge-0/0/6.0 {
no-dhcp-trusted;
}
interface ge-0/0/7.0 {
no-dhcp-trusted;
}
interface ge-0/0/8.0 {
no-dhcp-trusted;
}
interface ge-0/0/9.0 {
no-dhcp-trusted;
}
interface ge-0/0/10.0 {
no-dhcp-trusted;
}
interface ge-0/0/11.0 {
no-dhcp-trusted;
}
interface ge-0/0/12.0 {
no-dhcp-trusted;
}
interface ge-0/0/13.0 {
no-dhcp-trusted;
}
interface ge-0/0/14.0 {
no-dhcp-trusted;
}
interface ge-0/0/15.0 {
no-dhcp-trusted;
}
interface ge-0/0/16.0 {
no-dhcp-trusted;
}
interface ge-0/0/17.0 {
no-dhcp-trusted;
}
interface ge-0/0/18.0 {
no-dhcp-trusted;
}
interface ge-0/0/19.0 {
no-dhcp-trusted;
}
interface ge-0/0/20.0 {
no-dhcp-trusted;
}
interface ge-0/0/21.0 {
no-dhcp-trusted;
}
interface ge-0/0/22.0 {
no-dhcp-trusted;
}
interface ge-0/0/23.0 {
no-dhcp-trusted;
}
interface ge-0/0/24.0 {
no-dhcp-trusted;
}
interface ge-0/0/25.0 {
no-dhcp-trusted;
}
interface ge-0/0/26.0 {
no-dhcp-trusted;
}
interface ge-0/0/27.0 {
no-dhcp-trusted;
}
interface ge-0/0/28.0 {
no-dhcp-trusted;
}
interface ge-0/0/29.0 {
no-dhcp-trusted;
}
interface ge-0/0/30.0 {
no-dhcp-trusted;
}
interface ge-0/0/31.0 {
no-dhcp-trusted;
}
interface ge-0/0/32.0 {
no-dhcp-trusted;
}
interface ge-0/0/33.0 {
no-dhcp-trusted;
}
interface ge-0/0/34.0 {
no-dhcp-trusted;
}
interface ge-0/0/35.0 {
no-dhcp-trusted;
}
interface ge-0/0/36.0 {
no-dhcp-trusted;
}
interface ge-0/0/37.0 {
no-dhcp-trusted;
}
interface ge-0/0/38.0 {
no-dhcp-trusted;
}
interface ge-0/0/39.0 {
no-dhcp-trusted;
}
interface ge-0/0/40.0 {
no-dhcp-trusted;
}
interface ge-0/0/41.0 {
no-dhcp-trusted;
}
interface ge-0/0/42.0 {
no-dhcp-trusted;
}
interface ge-0/0/43.0 {
no-dhcp-trusted;
}
interface ge-0/0/44.0 {
no-dhcp-trusted;
}
interface ge-0/0/45.0 {
no-dhcp-trusted;
}
interface ge-0/0/46.0 {
no-dhcp-trusted;
}
interface ge-0/0/47.0 {
no-dhcp-trusted;
}
}
storm-control {
interface all;
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
VL_FUF {
vlan-id 213;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -140,10 +711,44 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}

167
switchconfig/sw-technik-container
View File

@@ -1,16 +1,53 @@
version 15.1R7-S6.3
## Last changed: 2022-03-02 21:05:33 UTC
version 12.3R12-S21;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL ];
}
}
}
}
}
}
}
system {
host-name sw-technik-container;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
@@ -121,22 +158,20 @@ interfaces {
}
}
ge-0/1/0 {
apply-groups backbone_vlans;
description "UPLINK sw-technik-zelt";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_IOT VL_IKT_TOYS VL_IKT VL_TECHNIK ];
}
}
}
}
ge-0/1/1 {
apply-groups backbone_vlans;
description "UPLINK sw-zentral-1";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_IOT VL_IKT_TOYS VL_IKT VL_TECHNIK ];
}
}
}
}
@@ -172,53 +207,60 @@ protocols {
}
}
ethernet-switching-options {
secure-access-port {
interface ge-0/0/0.0 {
no-dhcp-trusted;
}
interface ge-0/0/1.0 {
no-dhcp-trusted;
}
interface ge-0/0/2.0 {
no-dhcp-trusted;
}
interface ge-0/0/3.0 {
no-dhcp-trusted;
}
interface ge-0/0/4.0 {
no-dhcp-trusted;
}
interface ge-0/0/5.0 {
no-dhcp-trusted;
}
interface ge-0/0/6.0 {
no-dhcp-trusted;
}
interface ge-0/0/7.0 {
no-dhcp-trusted;
}
interface ge-0/0/8.0 {
no-dhcp-trusted;
}
interface ge-0/0/9.0 {
no-dhcp-trusted;
}
interface ge-0/0/10.0 {
no-dhcp-trusted;
}
interface ge-0/0/11.0 {
no-dhcp-trusted;
}
}
storm-control {
interface all;
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -226,10 +268,41 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}

172
switchconfig/sw-technik-zelt
View File

@@ -1,16 +1,38 @@
version 15.1R7-S10
## Last changed: 2022-03-03 07:32:51 UTC
version 12.3R12-S21;
system {
host-name sw-technik-zelt;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
@@ -75,6 +97,23 @@ interfaces {
}
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_TECHNIK VL_MGMT ];
}
}
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching {
port-mode access;
}
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching {
@@ -129,6 +168,42 @@ interfaces {
}
}
}
ge-0/0/18 {
unit 0 {
family ethernet-switching {
vlan {
members VL_SIP;
}
}
}
}
ge-0/0/19 {
unit 0 {
family ethernet-switching {
vlan {
members VL_SIP;
}
}
}
}
ge-0/0/20 {
unit 0 {
family ethernet-switching {
vlan {
members VL_SIP;
}
}
}
}
ge-0/0/21 {
unit 0 {
family ethernet-switching {
vlan {
members VL_SIP;
}
}
}
}
ge-0/0/22 {
unit 0 {
family ethernet-switching {
@@ -192,53 +267,37 @@ protocols {
}
}
ethernet-switching-options {
analyzer hp {
input {
ingress {
interface ge-0/0/10.0;
}
egress {
interface ge-0/0/10.0;
}
}
output {
interface {
ge-0/0/11.0;
}
}
}
storm-control {
interface all;
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -246,12 +305,43 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}
poe {
interface all;

435
switchconfig/sw-verwaltung
View File

@@ -1,33 +1,286 @@
version 15.1R7-S13;
## Last changed: 2022-07-26 20:48:41 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_MAV ];
}
}
}
}
}
}
}
system {
host-name sw-verwaltung;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
description BLL;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_VERWALTUNG ];
}
native-vlan-id VL_VERWALTUNG;
}
}
}
ge-0/0/1 {
description Finanzen;
unit 0 {
family ethernet-switching {
port-mode access;
vlan {
members VL_VERWALTUNG;
}
}
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching {
vlan {
members VL_MGMT;
members VL_OFFICE;
}
}
}
}
ge-0/0/3 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/4 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/13 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/14 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/15 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/16 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/17 {
unit 0 {
family ethernet-switching {
vlan {
members VL_OFFICE;
}
}
}
}
ge-0/0/18 {
description sw-finanzen;
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_OFFICE VL_MGMT ];
}
native-vlan-id 206;
}
}
}
ge-0/0/19 {
description "AP BLL";
unit 0 {
family ethernet-switching {
vlan {
members VL_WLAN;
}
}
}
}
ge-0/0/20 {
unit 0 {
family ethernet-switching {
vlan {
members VL_SIP;
}
}
}
}
ge-0/0/21 {
unit 0 {
family ethernet-switching {
vlan {
members VL_SIP;
}
}
}
}
ge-0/0/22 {
description AP;
unit 0 {
family ethernet-switching {
vlan {
members VL_WLAN;
}
}
}
}
ge-0/0/23 {
description DECT;
unit 0 {
family ethernet-switching {
vlan {
members VL_DECT;
}
}
}
}
ge-0/1/3 {
apply-groups backbone_vlans;
description "UPLINK sw-zentral-1";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_VERWALTUNG VL_OFFICE ];
}
}
}
}
@@ -63,53 +316,104 @@ protocols {
}
}
ethernet-switching-options {
secure-access-port {
interface ge-0/0/0.0 {
no-dhcp-trusted;
}
interface ge-0/0/1.0 {
no-dhcp-trusted;
}
interface ge-0/0/2.0 {
no-dhcp-trusted;
}
interface ge-0/0/3.0 {
no-dhcp-trusted;
}
interface ge-0/0/4.0 {
no-dhcp-trusted;
}
interface ge-0/0/5.0 {
no-dhcp-trusted;
}
interface ge-0/0/6.0 {
no-dhcp-trusted;
}
interface ge-0/0/7.0 {
no-dhcp-trusted;
}
interface ge-0/0/8.0 {
no-dhcp-trusted;
}
interface ge-0/0/9.0 {
no-dhcp-trusted;
}
interface ge-0/0/10.0 {
no-dhcp-trusted;
}
interface ge-0/0/11.0 {
no-dhcp-trusted;
}
interface ge-0/0/12.0 {
no-dhcp-trusted;
}
interface ge-0/0/13.0 {
no-dhcp-trusted;
}
interface ge-0/0/14.0 {
no-dhcp-trusted;
}
interface ge-0/0/15.0 {
no-dhcp-trusted;
}
interface ge-0/0/16.0 {
no-dhcp-trusted;
}
interface ge-0/0/17.0 {
no-dhcp-trusted;
}
interface ge-0/0/18.0 {
no-dhcp-trusted;
}
interface ge-0/0/19.0 {
allowed-mac 94:b4:0f:c2:79:f4;
no-dhcp-trusted;
}
interface ge-0/0/20.0 {
allowed-mac 00:04:13:34:84:4b;
no-dhcp-trusted;
}
interface ge-0/0/21.0 {
allowed-mac c8:9c:1d:6e:49:de;
no-dhcp-trusted;
}
interface ge-0/0/22.0 {
allowed-mac 18:64:72:c6:ce:40;
no-dhcp-trusted;
}
interface ge-0/0/23.0 {
allowed-mac 00:30:42:1b:8c:7a;
no-dhcp-trusted;
}
interface ge-0/1/3.0 {
dhcp-trusted;
}
}
storm-control {
interface all;
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -117,10 +421,51 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}
poe {
interface ge-0/0/22;
interface ge-0/0/23;
interface ge-0/0/21;
interface ge-0/0/20;
interface ge-0/0/19;
}

134
switchconfig/sw-waschhaus
View File

@@ -1,15 +1,52 @@
## Last changed: 2016-01-22 09:35:42 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_MAV ];
}
}
}
}
}
}
}
system {
host-name sw-waschhaus;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
@@ -20,24 +57,12 @@ interfaces {
}
}
}
ge-0/0/47 {
description "zu sw-trabantenstadr dsl";
unit 0 {
family ethernet-switching {
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_YOLO ];
}
}
}
}
ge-0/1/3 {
description "uplink: sw-zentral-1";
apply-groups backbone_vlans;
description "UPLINK sw-hospital";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_IOT VL_YOLO ];
}
}
}
}
@@ -78,48 +103,17 @@ ethernet-switching-options {
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -127,10 +121,44 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}

177
switchconfig/sw-zentral-1
View File

@@ -1,15 +1,52 @@
version 12.3R12.4
## Last changed: 2020-02-26 04:52:18 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_SERVICES VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_FUF VL_MAV ];
}
}
}
}
}
}
}
system {
host-name sw-zentral-1;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
@@ -30,7 +67,7 @@ interfaces {
}
}
ge-0/0/24 {
description "zu mooncake";
description mooncake;
unit 0 {
family ethernet-switching {
port-mode trunk;
@@ -41,7 +78,7 @@ interfaces {
}
}
ge-0/0/26 {
description "zu sunbread";
description sunbread;
unit 0 {
family ethernet-switching {
port-mode trunk;
@@ -52,13 +89,11 @@ interfaces {
}
}
ge-0/0/28 {
description "zu wlan-controller";
apply-groups backbone_vlans;
description "WLAN Controller";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_IOT VL_IKT_TOYS VL_IKT VL_TECHNIK VL_HOSPITAL VL_ZOLL VL_LEITSTELLE VL_VERWALTUNG VL_ZENTRAL VL_YOLO VL_INFOJURTE VL_INTERNATIONAL VL_PROGRAMM VL_OFFICE ];
}
}
}
}
@@ -81,18 +116,19 @@ interfaces {
}
}
ge-0/0/47 {
description "zu sw-zentral-2";
apply-groups backbone_vlans;
description "UPLINK sw-zentral-2";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_UPLINK_B VL_WLAN VL_DECT VL_SIP VL_IOT VL_IKT_TOYS VL_IKT VL_TECHNIK VL_HOSPITAL VL_ZOLL VL_LEITSTELLE VL_VERWALTUNG VL_ZENTRAL VL_YOLO VL_INFOJURTE VL_INTERNATIONAL VL_PROGRAMM VL_OFFICE ];
members VL_UPLINK_B;
}
}
}
}
ge-0/1/0 {
description "Uplink A";
description "T-COM - A";
unit 0 {
family ethernet-switching {
port-mode trunk;
@@ -103,35 +139,29 @@ interfaces {
}
}
ge-0/1/1 {
description "zu sw-verwaltung";
apply-groups backbone_vlans;
description "UPLINK sw-verwaltung";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_VERWALTUNG VL_OFFICE ];
}
}
}
}
ge-0/1/2 {
description "zu sw-hospital";
apply-groups backbone_vlans;
description "UPLINK sw-hospital";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_IOT VL_IKT_TOYS VL_TECHNIK VL_HOSPITAL VL_YOLO ];
}
}
}
}
ge-0/1/3 {
description "zu sw-technik-zelt";
apply-groups backbone_vlans;
description "UPLINK sw-technik-container";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_IOT VL_IKT_TOYS VL_IKT VL_TECHNIK ];
}
}
}
}
@@ -172,57 +202,20 @@ ethernet-switching-options {
}
}
vlans {
VL_TELEKOM {
vlan-id 7;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_UPLINK_A {
vlan-id 101;
}
VL_UPLINK_B {
vlan-id 102;
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
VL_FUF {
vlan-id 213;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -230,10 +223,56 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SERVICES {
vlan-id 10;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_TELEKOM {
vlan-id 7;
}
VL_UPLINK_A {
vlan-id 101;
}
VL_UPLINK_B {
vlan-id 102;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}

180
switchconfig/sw-zentral-2
View File

@@ -1,16 +1,52 @@
version 15.1R7-S13
## Last changed: 2016-01-22 06:05:26 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_FUF VL_MAV ];
}
}
}
}
}
}
}
system {
host-name sw-zentral-2;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
@@ -21,6 +57,27 @@ interfaces {
}
}
}
ge-0/0/34 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members VL_TELEKOM;
}
}
}
}
ge-0/0/43 {
description "Uplink B alt";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members VL_TELEKOM;
}
}
}
}
ge-0/0/44 {
unit 0 {
family ethernet-switching {
@@ -40,18 +97,19 @@ interfaces {
}
}
ge-0/0/47 {
description "zu sw-zentral-1";
apply-groups backbone_vlans;
description "UPLINK sw-zentral-1";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_UPLINK_B VL_WLAN VL_DECT VL_SIP VL_IOT VL_IKT_TOYS VL_IKT VL_TECHNIK VL_HOSPITAL VL_ZOLL VL_LEITSTELLE VL_VERWALTUNG VL_ZENTRAL VL_YOLO VL_INFOJURTE VL_INTERNATIONAL VL_PROGRAMM VL_OFFICE ];
members VL_UPLINK_B;
}
}
}
}
ge-0/1/0 {
description "Uplink B";
description "T-COM - B";
unit 0 {
family ethernet-switching {
port-mode trunk;
@@ -62,35 +120,29 @@ interfaces {
}
}
ge-0/1/1 {
description "zu sw-zoll-container";
apply-groups backbone_vlans;
description "UPLINK sw-zoll-container";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_ZOLL ];
}
}
}
}
ge-0/1/2 {
description "zu sw-programmtresen";
apply-groups backbone_vlans;
description "UPLINK sw-programmtresen";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_LEITSTELLE VL_INTERNATIONAL VL_PROGRAMM ];
}
}
}
}
ge-0/1/3 {
description "zu sw-infojurte";
apply-groups backbone_vlans;
description "UPLINK sw-infojurte";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_INFOJURTE ];
}
}
}
}
@@ -131,54 +183,20 @@ ethernet-switching-options {
}
}
vlans {
VL_TELEKOM {
vlan-id 7;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_UPLINK_B {
vlan-id 102;
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
VL_FUF {
vlan-id 213;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -186,10 +204,50 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_TELEKOM {
vlan-id 7;
}
VL_UPLINK_B {
vlan-id 102;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}

279
switchconfig/sw-zoll-container
View File

@@ -1,43 +1,180 @@
version 15.1R7-S6.3
## Last changed: 2016-01-21 06:45:26 UTC
version 12.3R12.4;
groups {
backbone_vlans {
interfaces {
<*> {
unit 0 {
family ethernet-switching {
vlan {
members [ VL_SIP VL_DECT VL_HOSPITAL VL_IKT VL_IKT_TOYS VL_INFOJURTE VL_INTERNATIONAL VL_IOT VL_LEITSTELLE VL_MGMT VL_OFFICE VL_PROGRAMM VL_TECHNIK VL_VERWALTUNG VL_WLAN VL_YOLO VL_ZENTRAL VL_MAV ];
}
}
}
}
}
}
}
system {
host-name sw-zoll-container;
auto-snapshot;
domain-name bula22.de;
domain-search bula22.de;
root-authentication {
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20"; ## SECRET-DATA
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)"; ## SECRET-DATA
ssh-ed25519 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcOPtW5FWNIdlMQFoqeyA1vHw+cA8ft8oXSbXPzQNL9 n0emis@n0emis.eu"; ## SECRET-DATA
encrypted-password "$1$DAjLGZX7$sHIjgeZhXhq/IcgRKOWy20";
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8xqVakxJ+AwcIrS/wyL03N++pE09epwMFlIMXWvlpwwEp1J/0H7nygwxk/9LIZdabs/ETWn0s8oHAkc7YR1c6ajSTCDiZEYATAWt7t8t4Gw/80c8u8T50lIqmiDEEVbOVv3Vta/pAN4hAUp9U5DpYCkQbvF+NKKcK3Yp8d9usNC6ohqgTK+IGAEdMhvpbbNppDMXoWHuynBzUX7TS6ST6yEr0tD+CBbCpbfcMuwTI3lNtfywEVpuFaeHqDZx2QDrEX4bg0dRKgQstbXYdqmBfnOiBpUr8Wyl8U1J24rN+E07pBw/8KDGWbVg19/Ex8o4ht/p5voUfKVjD/DwWXTLntBirjfAgQAm4GH/qP4x3zNiTtlYlQFbXSk6VEVrTrxCB5rTWvGnhg31tk5P3YwvagDmGABazY5s/8tlttSc1yWBctWQJCjxSqcCLekxG4D1rVuGKCKOZgflQ9QFdQlKycInPBek3zi0i3GYkE1YnNFye5ggOnxT8qGuKjfdtZI9qvMJQO8lbEDzbYQvNns1V/k4ZobiihYwrG5TJUzZFEpMYetDK6tI8BRU11d+ja0jWzguj5/7wc0nrr/BiZ8FkAr2fZ60j2aI5kG0s3qjbrQbB/RXaGP9hRU0+480+IokNJJIcjv5iwH5ophdrjC8GH4So2kPPt0NXob1yNysdjw== n0emis@noemis.me (OLD)";
}
name-server {
10.42.10.8;
}
login {
user fw {
uid 2000;
class super-user;
authentication {
ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMTsFE90WT+fvRnIuIBbjLJA2Hyne6duD306+Yg3z9yVTSCQxpFcolEwRQi5X4hsb3WdlW+YtvShXcFVNi7gtgSyIsgT1+YqpR+qIC+/r2h6NeA92dztigpbznOm9oL8vOP45S9fHedJ57E/UosYW2/du4W+6U+xH1ItyQx6AiJAj/RPpLWJz9FhP99Qwp6YiPAkxujgXtOMwX0xFmiQPv9QzBaD9jOKK0vE26IFX5RYAqontVgWGn6EdceR70vTQBcAsFYMS0sc9311H2wBfOptznyIZNInAsppaGNDMdOx9SdMVDZ6GDlOCsLvHq6+ra1jGdlwtgduVQeEpHmmjD";
}
}
}
services {
ssh;
}
}
chassis {
alarm {
management-ethernet {
link-down ignore;
}
}
}
interfaces {
ge-0/0/0 {
description Webcam;
unit 0 {
family ethernet-switching {
vlan {
members VL_MGMT;
members VL_IOT;
}
}
}
}
ge-0/0/1 {
description "AP Zoll Container";
unit 0 {
family ethernet-switching {
vlan {
members VL_WLAN;
}
}
}
}
ge-0/0/2 {
description "DECT Zoll";
unit 0 {
family ethernet-switching {
vlan {
members VL_DECT;
}
}
}
}
ge-0/0/3 {
description "WLAN AP Zoll";
unit 0 {
family ethernet-switching {
vlan {
members VL_WLAN;
}
}
}
}
ge-0/0/4 {
unit 0 {
family ethernet-switching {
vlan {
members VL_ZOLL;
}
}
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching {
vlan {
members VL_ZOLL;
}
}
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching {
vlan {
members VL_ZOLL;
}
}
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching {
vlan {
members VL_ZOLL;
}
}
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching {
vlan {
members VL_ZOLL;
}
}
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching {
vlan {
members VL_ZOLL;
}
}
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching {
vlan {
members VL_ZOLL;
}
}
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching {
vlan {
members VL_ZOLL;
}
}
}
}
ge-0/1/0 {
apply-groups backbone_vlans;
description "UPLINK sw-zentral-2";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_ZOLL ];
}
}
}
}
ge-0/1/1 {
apply-groups backbone_vlans;
description "UPLINK sw-zoll-zelt";
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ VL_MGMT VL_WLAN VL_DECT VL_SIP VL_ZOLL ];
}
}
}
}
@@ -73,53 +210,60 @@ protocols {
}
}
ethernet-switching-options {
secure-access-port {
interface ge-0/0/0.0 {
no-dhcp-trusted;
}
interface ge-0/0/1.0 {
no-dhcp-trusted;
}
interface ge-0/0/2.0 {
no-dhcp-trusted;
}
interface ge-0/0/3.0 {
no-dhcp-trusted;
}
interface ge-0/0/4.0 {
no-dhcp-trusted;
}
interface ge-0/0/5.0 {
no-dhcp-trusted;
}
interface ge-0/0/6.0 {
no-dhcp-trusted;
}
interface ge-0/0/7.0 {
no-dhcp-trusted;
}
interface ge-0/0/8.0 {
no-dhcp-trusted;
}
interface ge-0/0/9.0 {
no-dhcp-trusted;
}
interface ge-0/0/10.0 {
no-dhcp-trusted;
}
interface ge-0/0/11.0 {
no-dhcp-trusted;
}
}
storm-control {
interface all;
}
}
vlans {
VL_MGMT {
vlan-id 42;
l3-interface vlan.42
}
VL_WLAN {
vlan-id 131;
}
VL_DECT {
vlan-id 132;
}
VL_SIP {
vlan-id 133;
}
VL_IOT {
vlan-id 151;
}
VL_IKT_TOYS {
vlan-id 152;
}
VL_IKT {
vlan-id 201;
}
VL_TECHNIK {
vlan-id 202;
}
VL_HOSPITAL {
vlan-id 203;
}
VL_ZOLL {
vlan-id 204;
VL_IKT {
vlan-id 201;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_YOLO {
vlan-id 208;
VL_IKT_TOYS {
vlan-id 152;
}
VL_INFOJURTE {
vlan-id 209;
@@ -127,10 +271,49 @@ vlans {
VL_INTERNATIONAL {
vlan-id 210;
}
VL_PROGRAMM {
vlan-id 211;
VL_IOT {
vlan-id 151;
}
VL_LEITSTELLE {
vlan-id 205;
}
VL_MAV {
vlan-id 214;
}
VL_MGMT {
vlan-id 42;
l3-interface vlan.42;
}
VL_OFFICE {
vlan-id 212;
}
VL_PROGRAMM {
vlan-id 211;
}
VL_SIP {
vlan-id 133;
}
VL_TECHNIK {
vlan-id 202;
}
VL_VERWALTUNG {
vlan-id 206;
}
VL_WLAN {
vlan-id 131;
}
VL_YOLO {
vlan-id 208;
}
VL_ZENTRAL {
vlan-id 207;
}
VL_ZOLL {
vlan-id 204;
}
}
poe {
interface ge-0/0/1;
interface ge-0/0/2;
interface ge-0/0/3;
}