system { host-name ; root-authentication { encrypted-password "$6$i7eRinbg$xu5dIoQqbrGtS1NHp5gMM0z9j85q8fDs.y8Psj7ij14xsTiqNe6i6B7q1XaIxemy7GcYmGnJAdPiatF33foo.."; ## Client Higher } login { class sysadmin { permissions [ admin clear configure control firewall-control interface interface-control network reset rollback routing routing-control snmp snmp-control trace-control view view-configuration ]; } user admin { uid 2001; class super-user; authentication { encrypted-password "$6$rounds=656000$XVfZXO9yn5j3bKx/$fHSTXI.LRWtIRUHlMZ3VPduBVNu9WZh.sn3r3R6kgqnpEp16hQpKUKiO24869c8cxXHeQrlytI7/u95FhPYf30"; ## SECRET-DATA } } user d0micilium { uid 2002; class super-user; authentication { encrypted-password "$6$iPvA1pyL$ZY3781EMZrhLO.fm3Msqm12NSb6Cm4AnNh4Jc73uAMqYeoRZOoEuO806Wjd3mOQCop0am8DiFahvPxR6mrDt5/"; ## SECRET-DATA } } user h0barton { uid 2003; class super-user; authentication { encrypted-password "$6$rounds=656000$j52X8PoXRueVJyfV$oRjcRKT49MfPSuZ5NCPy0fLwGLCcbTO5Hzzk.sIg0YWtCXqc/Cx09PFYVroF6C5BvvHPuIjDeM5wR499ifT8W0"; ## SECRET-DATA } } user hobadmin { uid 2004; class super-user; authentication { encrypted-password "$6$rounds=656000$Faes5cVxNkOha.dT$wS5mkeugsPVLgliXaJGPRY16uM1P4oaXSKshy28M5VwzWNSxbaQxBUqb23Ywvl1o79/BjBE5LD1KoW94Xe9g5."; ## SECRET-DATA } } } services { ssh; } syslog { host 10.44.37.26 { any notice; authorization info; } host 172.16.136.33 { any notice; authorization info; } file interactive-commands { interactive-commands any; } file linkupdown { any info; match "LINK_DOWN|LINK_UP"; } file messages { any notice; authorization info; } } ntp { server 10.44.37.24; } } chassis { aggregated-devices { ethernet { device-count 33; } } fpc 0 { pic 0 { port 50 { channel-speed 10g; } } } } interfaces { xe-0/0/0 { ether-options { 802.3ad ae0; } } xe-0/0/1 { ether-options { 802.3ad ae1; } } xe-0/0/2 { ether-options { 802.3ad ae2; } } xe-0/0/3 { ether-options { 802.3ad ae3; } } xe-0/0/4 { ether-options { 802.3ad ae4; } } xe-0/0/5 { ether-options { 802.3ad ae5; } } xe-0/0/6 { ether-options { 802.3ad ae6; } } xe-0/0/7 { ether-options { 802.3ad ae7; } } xe-0/0/8 { ether-options { 802.3ad ae8; } } xe-0/0/9 { ether-options { 802.3ad ae9; } } xe-0/0/10 { ether-options { 802.3ad ae10; } } xe-0/0/11 { ether-options { 802.3ad ae11; } } xe-0/0/12 { ether-options { 802.3ad ae12; } } xe-0/0/13 { ether-options { 802.3ad ae13; } } xe-0/0/14 { ether-options { 802.3ad ae14; } } xe-0/0/15 { ether-options { 802.3ad ae15; } } xe-0/0/16 { ether-options { 802.3ad ae16; } } xe-0/0/17 { ether-options { 802.3ad ae17; } } xe-0/0/18 { ether-options { 802.3ad ae18; } } xe-0/0/19 { ether-options { 802.3ad ae19; } } xe-0/0/20 { ether-options { 802.3ad ae20; } } xe-0/0/21 { ether-options { 802.3ad ae21; } } xe-0/0/22 { ether-options { 802.3ad ae22; } } xe-0/0/23 { ether-options { 802.3ad ae23; } } xe-0/0/24 { ether-options { 802.3ad ae24; } } xe-0/0/25 { ether-options { 802.3ad ae25; } } xe-0/0/26 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/27 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/28 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/29 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/30 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/31 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/32 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 10; } storm-control default; } } } xe-0/0/33 { ether-options { 802.3ad ae34; } } xe-0/0/34 { description "Cato Socket 1 WAN2 Port2"; unit 0 { family ethernet-switching { interface-mode access; vlan { members 194; } storm-control default; } } } xe-0/0/35 { description "Cato Socket 2 WAN2 Port2"; unit 0 { family ethernet-switching { interface-mode access; vlan { members 194; } storm-control default; } } } xe-0/0/36 { description "Managed WAN link to Clarendon House"; ether-options { 802.3ad ae126; } } xe-0/0/37 { description "10M Link to PGI"; unit 0 { family ethernet-switching { interface-mode access; vlan { members 211; } storm-control default; } } } xe-0/0/38 { description "Cato socket 2 LAN port 3"; unit 0 { family ethernet-switching { interface-mode access; vlan { members 166; } storm-control default; } } } xe-0/0/39 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/40 { description "Incoming connection from Domicilium Transit for 2nd Internet Connection"; unit 0 { family ethernet-switching { interface-mode access; vlan { members 11; } storm-control default; } } } xe-0/0/41 { description "SRX-HB02 P0/5 in vlan 11 Domicilium Transit 2nd Internet link"; ether-options { 802.3ad ae48; } } xe-0/0/42 { description "4G Link to Old Comms on IOM-DC-3750-1"; ether-options { 802.3ad ae44; } } xe-0/0/43 { description "4G Link to Old Comms on IOM-DC-3750-1"; ether-options { 802.3ad ae44; } } xe-0/0/44 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/45 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 128; } storm-control default; } } } xe-0/0/46 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/47 { unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } xe-0/0/50:0 { description "LAN Connection to Node 0 P0/2(xe-0/0/2) of SRX-HB01 cluster"; ether-options { 802.3ad ae60; } } xe-0/0/50:1 { description "LAN Connection to Node 0 P0/3(xe-0/0/3) of SRX-HB01 cluster"; ether-options { 802.3ad ae60; } } xe-0/0/50:2 { description "LAN Connection to Node 1 P0/2(xe-7/0/2) of SRX-HB01 cluster"; ether-options { 802.3ad ae61; } } xe-0/0/50:3 { description "LAN Connection to Node 1 P0/2(xe-7/0/3) of SRX-HB01 cluster"; ether-options { 802.3ad ae61; } } et-0/0/48 { } et-0/0/49 { } et-0/0/50 { } et-0/0/51 { description "Temporary link to Dell S2-C1-S4K-SW1"; ether-options { 802.3ad ae51; } } et-0/0/52 { description "Link to SPINE-C7-SW1 et-0/0/13"; mtu 9216; unit 0 { family inet { address 172.31.0.53/31; } } } et-0/0/53 { description "Link to SPINE-C7-SW2 et-0/0/13"; mtu 9216; unit 0 { family inet { address 172.31.0.55/31; } } } ae0 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:00:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae1 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:01:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae10 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:10:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae11 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:11:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae12 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:12:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae126 { description "Managed WAN link to Clarendon House"; mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:7e:00:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members [ 48 126 211 ]; } storm-control default; } } } ae13 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:13:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae14 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:14:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae15 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:15:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae16 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:16:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae17 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:17:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae18 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:18:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae19 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:19:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae2 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:02:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae20 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:20:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae21 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:21:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae22 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:22:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae23 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:23:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae24 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:24:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae25 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:25:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae3 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:03:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae34 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:34:00:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members [ 10 ]; } storm-control default; } } } ae4 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:04:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae44 { description "4G Link to Old Comms on IOM-DC-3750-1"; mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:44:00:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members [ 28 ]; } storm-control default; } } } ae48 { description "Domicilium transit 2nd Internet Link SW2 to SRX-HB2 Port 0/5"; mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:48:00:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members [ 11 ]; } storm-control default; } } } ae5 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:05:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae51 { description "Temporary LAG to Dell S2-C1-S4K-SWx"; mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:68:51:00:01; } } unit 0 { family ethernet-switching { storm-control default; } } } ae6 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:06:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae60 { description "LAN Connection to Node 0 of SRX-HB01 cluster"; mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:68:60:00:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members [ 28 44 47 48 126 127 128 166 193 194 211 2526 2527 2528 2529 ]; } storm-control default; } } } ae61 { description "LAN Connection to Node 1 of SRX-HB01 cluster"; mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:68:61:00:01; } } unit 0 { family ethernet-switching { interface-mode trunk; vlan { members [ 28 44 47 48 126 127 128 166 193 194 211 2526 2527 2528 2529 ]; } storm-control default; } } } ae7 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:07:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae8 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:08:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } ae9 { mtu 9216; esi { auto-derive { lacp; } all-active; } aggregated-ether-options { lacp { periodic fast; system-id 00:00:08:09:00:01; } } unit 0 { family ethernet-switching { interface-mode access; vlan { members 44; } storm-control default; } } } em0 { unit 0 { family inet { address 192.168.44.116/24; } } } irb { unit 28 { description "New vlan for the 4G link to old network"; family inet { inactive: address 192.168.28.3/28; } } unit 44 { description "Main Data Vlan"; family inet { address 10.44.250.116/16; } } unit 48 { description "DMZ VLAN"; family inet { inactive: address 192.168.48.244/24; } } unit 166 { description "LAN connection vlan for X1700 Cato sockets"; family inet { inactive: address 10.166.0.16/16; } } unit 193 { description "Cato connection for WAN 1 via Hurricane Networks"; family inet { inactive: address 192.168.193.16/24; } } unit 194 { description "Cato connection for WAN 2 via Domicilium Transit Internet"; family inet { inactive: address 192.168.194.16/24; } } } lo0 { unit 0 { family inet { address 172.31.255.16/32; } } } } snmp { location "Domicilium Datacentre RS2 C8"; contact "isg@dataprocessors.com.au"; community sbr1t1s0k { authorization read-only; clients { 10.44.37.25/32; 10.16.15.14/32; 10.44.37.39/32; 10.16.15.19/32; } } } forwarding-options { storm-control-profiles default { all; } } policy-options { policy-statement BGP_LOOPBACK0 { term TERM1 { from { protocol direct; route-filter 172.31.255.16/32 exact; } then accept; } } policy-statement PFE-ECMP { then { load-balance per-packet; } } } routing-options { router-id 172.31.255.16; autonomous-system 4200000000; static { route 0.0.0.0/0 next-hop 10.44.255.254; } forwarding-table { export PFE-ECMP; chained-composite-next-hop { ingress { evpn; } } } } protocols { bgp { group OVERLAY { type internal; local-address 172.31.255.16; family evpn { signaling; } bfd-liveness-detection { minimum-interval 350; multiplier 3; session-mode automatic; } neighbor 172.31.255.1; neighbor 172.31.255.2; } group UNDERLAY { type external; hold-time 10; family inet { unicast; } export BGP_LOOPBACK0; local-as 4200000016; multipath { multiple-as; } neighbor 172.31.0.52 { peer-as 4200000001; } neighbor 172.31.0.54 { peer-as 4200000002; } } log-updown; } evpn { encapsulation vxlan; extended-vni-list all; } lldp { interface all; } } switch-options { vtep-source-interface lo0.0; route-distinguisher 172.31.255.16:1; vrf-target { target:64512:1111; auto; } } vlans { vl193 { description "Cato connection for WAN 1 via Hurricane Networks"; vlan-id 193; l3-interface irb.193; vxlan { vni 193; } } vl194 { description "Cato connection for WAN 2 via Domicilium Transit Internet"; vlan-id 194; l3-interface irb.194; vxlan { vni 194; } } vl48 { description "DMZ VLAN"; vlan-id 48; l3-interface irb.48; vxlan { vni 48; } } vl166 { description "LAN connection vlan for X1700 Cato sockets"; vlan-id 166; l3-interface irb.166; vxlan { vni 166; } } vl44 { description "Main Data Vlan"; vlan-id 44; l3-interface irb.44; vxlan { vni 44; } } vl28 { description "New vlan for the 4G link to old network"; vlan-id 28; l3-interface irb.28; vxlan { vni 28; } } }