th2-ar2.router.fr.clara.net spawn ssh -c 3des -x -l rancid_user th2-ar2.router.fr.clara.net rancid_user@th2-ar2.router.fr.clara.net's password: ####################################### ### Unauthorised access prohibited ### ####################################### ### Disconnect now if you are not ### ### an authorised user. ### ####################################### ### All connection attempts are ### ### logged. ### ####################################### th2-ar2>enable Password: th2-ar2# th2-ar2#term length 0 th2-ar2#sh run Building configuration... Current configuration : 19493 bytes ! ! Last configuration change at 23:12:14 CET Wed Jan 7 2009 by karim ! NVRAM config last updated at 23:12:19 CET Wed Jan 7 2009 by karim ! version 12.2 service nagle no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service compress-config no service dhcp ! hostname th2-ar2 ! boot-start-marker boot system disk2:c7200-a3jk91s-mz.122-28.SB6.bin boot system disk2:c7200-advipservicesk9-mz.124-11.T.bin boot system disk2: boot-end-marker ! no logging exception logging snmp-authfail logging queue-limit 500 logging buffered errors logging rate-limit all 200 no logging console enable secret 5 $1$f5n1$bn9BrOZkQU25pGlGGx40U/ ! aaa new-model ! ! aaa authentication login default group tacacs+ enable aaa authentication enable default group tacacs+ enable aaa authentication ppp default if-needed group radius aaa authorization exec default if-authenticated aaa authorization network default group radius aaa accounting suppress null-username aaa accounting exec default start-stop group radius aaa accounting commands 15 default start-stop group tacacs+ aaa accounting network default start-stop group radius ! ! ! aaa session-id common clock timezone CET 1 ip subnet-zero no ip source-route no ip icmp rate-limit unreachable ! ! ip tftp source-interface Loopback0 ip domain name fr.clara.net ip name-server 212.43.250.5 ip name-server 212.43.194.2 ip name-server 212.43.194.3 no ip dhcp use vrf connected ! ! no ip bootp server ip vrf 8975-mgmt rd 8975:1000 import map vrf-8975-mgmt-import-map route-target export 8975:1000 route-target import 8975:1000 route-target import 8426:10031 route-target import 8426:10125 route-target import 8426:10223 ! ip vrf 8975-test rd 8975:100 route-target export 8975:100 route-target export 8426:1 route-target import 8975:100 route-target import 8426:1 ! ip vrf CLFR10006 description iBrowse / NetQuarks rd 8975:10006 vpn id 8975:10006 route-target export 8975:10006 route-target import 8975:10006 ! ip vrf CLUK10106 description GlobalSwitch rd 8426:10106 export map cluk_exports route-target export 8426:10106 route-target import 8426:10106 route-target import 8426:9998 ! ip vrf CLUK10125 description Whitehead rd 8426:10125 export map cluk_exports route-target export 8426:10125 route-target import 8426:10125 route-target import 8426:9998 route-target import 8975:1000 ! ip vrf CLUK10223 description Colas Ltd rd 8426:10223 export map cluk_exports route-target export 8426:10223 route-target import 8426:10223 route-target import 8426:9998 route-target import 8975:1000 ! ip vrf CLUK10230 rd 8426:10230 vpn id 8426:10230 export map cluk_exports route-target export 8426:10230 route-target import 8426:10230 route-target import 8426:9998 route-target import 8975:1000 ! ip multicast-routing ip cef ! ! vpdn enable vpdn multihop vpdn source-ip 212.43.193.132 ! vpdn-group klassmann-nets accept-dialin protocol l2tp virtual-template 1 terminate-from hostname mod-rk-20 source-ip 212.43.193.132 lcp renegotiation on-mismatch l2tp tunnel password 7 094D4B3A1152041A0A ! ipv6 unicast-routing mpls traffic-eng tunnels mpls ldp router-id Loopback0 force call rsvp-sync ! key chain is-is-key-chain key 1 key-string 7 1043080B0B12435F ! ! ! ! ! ! controller E1 2/0 channel-group 0 unframed description LL INTEROUTE for WAVEX ! controller E1 2/1 framing no-crc4 channel-group 0 timeslots 1-30 description WHITEHEAD ! controller E1 2/2 framing no-crc4 channel-group 0 timeslots 1-30 description Colas ! controller E1 2/3 framing no-crc4 channel-group 0 timeslots 1-30 description LL INVESCO ! controller E1 2/4 framing no-crc4 channel-group 0 timeslots 1-30 description LL INTEGRALIS ! controller E1 2/5 shutdown channel-group 0 unframed ! controller E1 2/6 shutdown channel-group 0 unframed ! controller E1 2/7 shutdown channel-group 0 unframed ! ! ! interface Null0 no ip unreachables ! interface Loopback0 description IPv4 loopback ip address 212.43.193.132 255.255.255.255 ! interface Loopback1 description VPNv4 Loopback ip address 212.43.193.136 255.255.255.255 ! interface Loopback5 description Jess ip vrf forwarding CLFR10006 ip address 1.2.3.4 255.255.255.255 ! interface Loopback6 ip vrf forwarding CLUK10230 ip address 66.66.66.66 255.255.255.255 ! interface Loopback100 ip vrf forwarding 8975-test ip address 62.240.233.27 255.255.255.255 ! interface GigabitEthernet0/1 description TH2-CR1 dampening mtu 4470 ip address 212.43.193.234 255.255.255.252 no ip redirects no ip proxy-arp ip pim sparse-mode ip router isis duplex auto speed auto media-type gbic negotiation auto mpls traffic-eng tunnels mpls label protocol ldp mpls ip no cdp enable isis network point-to-point isis hello-interval minimal ! interface GigabitEthernet0/2 description TH2-CR2 dampening mtu 4470 ip address 212.43.193.214 255.255.255.252 no ip redirects no ip proxy-arp ip pim sparse-mode ip router isis duplex auto speed auto media-type gbic negotiation auto mpls traffic-eng tunnels mpls label protocol ldp mpls ip no cdp enable isis network point-to-point ! interface GigabitEthernet0/3 description Interlan NETQUARKS iBrowse trunk -- Circuit-Ref:9069 no ip address duplex full speed auto media-type gbic negotiation auto no cdp enable ! interface GigabitEthernet0/3.907 description description Netquarks / iBrowse link (2008/05/27) encapsulation dot1Q 907 ip vrf forwarding CLFR10006 ip address 10.6.68.222 255.255.255.240 no snmp trap link-status no cdp enable ! interface GigabitEthernet0/3.908 description description De Vere / Vanco / iBrowse link (2008/05/27) encapsulation dot1Q 908 ip vrf forwarding CLUK10230 ip address 172.25.255.49 255.255.255.240 no snmp trap link-status no cdp enable ! interface FastEthernet1/0 no ip address shutdown duplex auto speed auto no cdp enable ! interface FastEthernet1/1 no ip address shutdown duplex auto speed auto no cdp enable ! interface Serial2/0:0 description LL GLOBAL SWITCH INTEROUTE for WAVEX CLAR1_E1_20789 ip vrf forwarding CLUK10106 ip address 10.44.77.193 255.255.255.252 no ip proxy-arp no cdp enable ! interface Serial2/1:0 description WHITEHEAD (LL Neuf CLARLL0007 L4323567) ip vrf forwarding CLUK10125 ip address 10.44.79.117 255.255.255.252 no ip proxy-arp fair-queue 200 256 0 no cdp enable hold-queue 1000 in ! interface Serial2/2:0 description (CLT: COLAS - Ref 9C: L6992926 / CLARLL0013) ip vrf forwarding CLUK10223 ip address 10.44.87.109 255.255.255.252 no ip proxy-arp fair-queue 200 256 0 no cdp enable hold-queue 1000 in ! interface Serial2/3:0 description LL INVESCO-NETS-2 (tslots 1-30, ref. LDCOM CLARALL0006) ip address 212.43.250.165 255.255.255.252 no cdp enable ! interface Serial2/4:0 description LL INTEGRALIS-NETS-2 ip address 212.43.250.177 255.255.255.252 no cdp enable ! interface Serial2/5:0 no ip address shutdown no cdp enable ! interface Serial2/6:0 no ip address shutdown no cdp enable ! interface Serial2/7:0 no ip address shutdown no cdp enable ! interface Virtual-Template1 description used by vpdn-group klassmann-nets ip unnumbered Loopback0 ip verify unicast reverse-path no logging event link-status ppp authentication pap ! ! router isis net 49.8975.0000.2120.4319.3132.00 is-type level-2-only authentication mode md5 authentication key-chain is-is-key-chain ispf level-1-2 metric-style wide fast-flood set-overload-bit on-startup wait-for-bgp spf-interval 5 5 50 prc-interval 5 5 50 lsp-gen-interval 5 5 50 no hello padding log-adjacency-changes all passive-interface Loopback0 passive-interface Loopback1 mpls traffic-eng router-id Loopback0 mpls traffic-eng level-2 ! router bgp 8975 bgp router-id 212.43.193.132 no bgp fast-external-fallover no bgp default ipv4-unicast no bgp log-neighbor-changes bgp confederation identifier 8426 bgp confederation peers 8426 bgp deterministic-med bgp bestpath compare-routerid timers bgp 30 90 neighbor RR-IPv4 peer-group neighbor RR-IPv4 remote-as 8975 neighbor RR-IPv4 password 7 020B054905035E74 neighbor RR-IPv4 update-source Loopback0 neighbor RR-VPNv4 peer-group neighbor RR-VPNv4 remote-as 8975 neighbor RR-VPNv4 password 7 020B054905035E74 neighbor RR-VPNv4 update-source Loopback1 neighbor 212.43.193.49 peer-group RR-IPv4 neighbor 212.43.193.51 peer-group RR-IPv4 neighbor 212.43.193.59 peer-group RR-VPNv4 neighbor 212.43.193.65 peer-group RR-VPNv4 ! address-family ipv4 redistribute connected route-map connected-routes-bgp redistribute static route-map static-routes-bgp neighbor RR-IPv4 send-community neighbor RR-IPv4 prefix-list bogons in neighbor RR-IPv4 prefix-list bogons out neighbor RR-IPv4 route-map REFLECTOR_in in neighbor RR-IPv4 route-map REFLECTOR_out out neighbor 212.43.193.49 activate neighbor 212.43.193.51 activate no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor RR-VPNv4 send-community extended neighbor 212.43.193.59 activate neighbor 212.43.193.65 activate exit-address-family ! address-family ipv4 vrf CLUK10230 redistribute connected redistribute static no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf CLUK10223 redistribute connected redistribute static default-information originate no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf CLUK10125 redistribute connected redistribute static no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf CLUK10106 redistribute connected redistribute static neighbor 10.44.77.194 remote-as 65489 neighbor 10.44.77.194 local-as 8975 no-prepend replace-as dual-as neighbor 10.44.77.194 version 4 neighbor 10.44.77.194 activate neighbor 10.44.77.194 send-community neighbor 10.44.77.194 soft-reconfiguration inbound neighbor 10.44.77.194 prefix-list CLUK10106 in neighbor 10.44.77.194 prefix-list Default-Route out neighbor 10.44.77.194 route-map MPLS_CLUK10106_IN in no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf CLFR10006 redistribute connected redistribute static no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf 8975-test redistribute connected no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf 8975-mgmt redistribute connected redistribute static no auto-summary no synchronization exit-address-family ! ip classless ip route 0.0.0.0 0.0.0.0 212.43.193.213 ip route 10.66.66.66 255.255.255.255 Null0 ip route 62.240.224.0 255.255.224.0 Null0 ip route 212.43.192.0 255.255.192.0 Null0 ip route 212.43.250.168 255.255.255.248 212.43.250.178 ip route vrf CLFR10006 10.31.0.0 255.255.0.0 10.6.68.209 ip route vrf CLFR10006 10.64.0.0 255.255.0.0 10.6.68.209 ip route vrf CLFR10006 192.168.60.0 255.255.255.0 10.6.68.209 ip route vrf CLFR10006 192.168.64.0 255.255.255.0 10.6.68.209 ip route vrf CLFR10006 192.168.252.0 255.255.255.0 10.6.68.209 ip route vrf CLUK10125 10.0.5.0 255.255.255.0 10.44.79.118 ip route vrf CLUK10125 10.0.6.0 255.255.255.0 10.44.79.118 ip route vrf CLUK10125 62.240.233.24 255.255.255.255 10.44.79.118 ip route vrf CLUK10125 172.17.90.0 255.255.255.0 10.44.79.118 ip route vrf CLUK10223 0.0.0.0 0.0.0.0 10.44.87.110 ip route vrf CLUK10223 10.24.3.0 255.255.255.0 10.44.87.110 ip route vrf CLUK10223 62.240.233.46 255.255.255.255 10.44.87.110 ip route vrf CLUK10230 10.31.38.0 255.255.255.128 172.25.255.56 ip route vrf CLUK10230 10.31.38.128 255.255.255.128 172.25.255.56 ip route vrf CLUK10230 10.31.39.0 255.255.255.128 172.25.255.56 ip route vrf CLUK10230 10.31.39.128 255.255.255.128 172.25.255.56 ip route vrf CLUK10230 10.31.138.0 255.255.255.128 172.25.255.56 ip route vrf CLUK10230 10.31.138.128 255.255.255.128 172.25.255.56 ip route vrf CLUK10230 10.80.106.0 255.255.255.0 172.25.255.56 ip route vrf CLUK10230 192.168.252.0 255.255.255.0 172.25.255.56 ! no ip http server ip tacacs source-interface Loopback0 ! ip bgp-community new-format ! ! ip prefix-list CLUK10106 seq 5 permit 10.9.12.0/22 ip prefix-list CLUK10106 seq 10 deny 0.0.0.0/0 le 32 ! ip prefix-list Default-Route seq 5 permit 0.0.0.0/0 ip prefix-list Default-Route seq 10 deny 0.0.0.0/0 le 32 ! ip prefix-list Default-Route-CLUK10106 seq 5 permit 0.0.0.0/0 ip prefix-list Default-Route-CLUK10106 seq 10 deny 0.0.0.0/0 le 32 ! ip prefix-list backbone seq 20 permit 212.43.193.0/24 ge 25 ip prefix-list backbone seq 25 permit 62.240.250.0/24 ge 25 ! ip prefix-list bogons description Bogus routes ip prefix-list bogons seq 5 deny 0.0.0.0/8 le 32 ip prefix-list bogons seq 10 deny 10.0.0.0/8 le 32 ip prefix-list bogons seq 15 deny 127.0.0.0/8 le 32 ip prefix-list bogons seq 20 deny 172.16.0.0/12 le 32 ip prefix-list bogons seq 25 deny 169.254.0.0/16 le 32 ip prefix-list bogons seq 30 deny 192.168.0.0/16 le 32 ip prefix-list bogons seq 35 deny 192.0.2.0/24 le 32 ip prefix-list bogons seq 40 deny 224.0.0.0/3 le 32 ip prefix-list bogons seq 45 permit 0.0.0.0/0 le 32 ! ip prefix-list cluk_exports seq 5 permit 10.44.64.0/19 le 32 ip prefix-list cluk_exports seq 10 permit 10.44.0.0/19 le 32 ! ip prefix-list default seq 20 permit 0.0.0.0/0 ! ip prefix-list superblocks-more-specific seq 20 permit 212.43.192.0/18 ge 19 ip prefix-list superblocks-more-specific seq 40 permit 62.240.224.0/19 ge 20 ip prefix-list superblocks-more-specific seq 60 permit 89.185.32.0/19 ge 20 ! ip prefix-list vrf-8975-mgmt-prefixes seq 5 permit 62.240.233.0/24 le 32 ip prefix-list vrf-8975-mgmt-prefixes seq 15 permit 212.43.234.0/24 le 32 ! ip prefix-list vrf-CLUK10223-exports seq 5 permit 10.44.64.0/19 le 32 ip prefix-list vrf-CLUK10223-exports seq 10 permit 10.44.0.0/19 le 32 ! ip access-list standard clara-mpls-pe-snmp-access permit 212.43.194.17 permit 80.168.103.28 permit 195.8.71.57 permit 195.8.71.66 permit 212.43.195.0 0.0.0.31 ip access-list standard multicast-filter deny 224.0.1.39 deny 224.0.1.40 deny 239.0.0.0 0.255.255.255 permit any ip access-list standard nat_mpls permit 192.168.0.0 0.0.0.255 ip access-list standard noc permit 212.43.194.17 permit 80.67.96.64 0.0.0.31 permit 195.8.68.0 0.0.0.255 permit 195.8.69.0 0.0.0.255 permit 195.8.70.0 0.0.0.255 permit 212.43.193.0 0.0.0.255 permit 212.43.195.0 0.0.0.31 permit 212.82.224.0 0.0.1.255 deny any log ip access-list standard noc-access permit 212.43.194.38 permit 212.43.194.17 permit 213.253.16.104 permit 212.43.194.108 permit 195.157.6.1 permit 62.193.206.162 permit 62.193.206.153 permit 212.43.195.0 0.0.0.31 permit 212.43.232.64 0.0.0.31 permit 212.43.232.96 0.0.0.7 permit 212.43.232.32 0.0.0.31 permit 212.43.232.104 0.0.0.7 permit 212.43.193.0 0.0.0.255 permit 212.43.247.0 0.0.0.255 permit 212.43.225.0 0.0.0.3 permit 212.43.225.4 0.0.0.3 permit 212.43.225.8 0.0.0.3 permit 212.43.225.12 0.0.0.3 permit 195.8.68.0 0.0.0.255 permit 195.8.69.0 0.0.0.255 permit 195.8.70.0 0.0.0.255 permit 195.157.3.0 0.0.0.255 permit 212.82.224.0 0.0.1.255 permit 80.67.96.64 0.0.0.31 permit 62.193.207.192 0.0.0.31 permit 62.193.223.0 0.0.0.255 deny any log ip access-list standard snmp-access permit 212.43.194.38 permit 212.43.194.17 permit 212.43.194.117 permit 213.253.16.104 permit 212.43.194.108 permit 195.8.69.211 permit 89.185.48.165 permit 195.8.71.57 permit 212.43.195.0 0.0.0.31 deny any log ip radius source-interface Loopback0 ! ! ! ! ! ! ! ! logging history informational logging facility local3 logging source-interface Loopback0 logging 212.43.194.17 access-list 2 permit 212.43.194.38 access-list 2 permit 212.43.194.17 access-list 2 permit 212.43.194.117 access-list 2 permit 213.253.16.104 access-list 2 permit 195.8.69.211 access-list 2 permit 89.185.48.165 access-list 2 permit 195.8.71.57 access-list 2 permit 212.43.195.0 0.0.0.31 access-list 2 deny any log access-list 3 permit 212.43.194.38 access-list 3 permit 212.43.194.17 access-list 3 permit 195.8.69.211 access-list 3 permit 212.43.195.0 0.0.0.31 access-list 3 deny any log no cdp run ! route-map connected-routes-bgp deny 20 match ip address prefix-list backbone ! route-map connected-routes-bgp permit 40 match ip address prefix-list superblocks-more-specific set ip next-hop 212.43.193.132 set community no-export local-AS ! route-map REFLECTOR_in permit 20 match ip address prefix-list superblocks-more-specific ! route-map REFLECTOR_in permit 40 match ip address prefix-list default ! route-map vrf-8975-mgmt-import-map permit 10 match ip address prefix-list vrf-8975-mgmt-prefixes ! route-map MPLS_CLUK10106_IN permit 10 description prefer routes learnt from Ethernet over E1 set local-preference 50 ! route-map vrf-CLUK10223-exports permit 10 match ip address prefix-list vrf-CLUK10223-exports set extcommunity rt 8426:9999 additive ! route-map cluk_exports permit 10 match ip address prefix-list cluk_exports set extcommunity rt 8426:9999 additive ! route-map cluk_exports permit 20 ! route-map REFLECTOR_out deny 20 match ip address prefix-list backbone ! route-map REFLECTOR_out permit 40 match ip address prefix-list superblocks-more-specific set ip next-hop 212.43.193.132 set community no-export local-AS ! route-map static-routes-bgp deny 20 match ip address prefix-list backbone ! route-map static-routes-bgp permit 40 match ip address prefix-list superblocks-more-specific set ip next-hop 212.43.193.132 set community 8975:3452 no-export local-AS additive ! snmp-server engineID local 00000009020000B0C2159800 snmp-server group clara-mpls-pe-snmp-group v3 auth read clara-mpls-pe-snmp-view snmp-server view clara-mpls-pe-snmp-view internet included snmp-server community passwordsnmp RO snmp-access snmp-server community ieYee9oa RO clara-mpls-pe-snmp-access snmp-server trap-source Loopback0 snmp-server enable traps tty snmp-server host 212.43.194.17 passwordsnmp tty bgp config envmon tacacs-server host 212.43.194.17 tacacs-server directed-request tacacs-server key 7 070C2D4D5C08175603 ! radius-server dead-criteria tries 5 radius-server host 212.43.250.4 auth-port 1812 acct-port 0 radius-server host 212.43.194.69 auth-port 1812 acct-port 0 radius-server host 212.43.194.60 auth-port 1812 acct-port 0 radius-server host 212.43.194.68 auth-port 0 acct-port 1813 radius-server deadtime 5 radius-server key 7 01100A05490A085C35 ! control-plane ! ! dial-peer cor custom ! ! ! ! gatekeeper shutdown ! banner motd ^C ####################################### ### Unauthorised access prohibited ### ####################################### ### Disconnect now if you are not ### ### an authorised user. ### ####################################### ### All connection attempts are ### ### logged. ### ####################################### ^C privilege exec level 1 ping ! line con 0 logging synchronous stopbits 1 line aux 0 stopbits 1 line vty 0 4 session-timeout 300 access-class noc-access in exec-timeout 2000 0 password 7 03540819045F71475D logging synchronous transport input telnet ssh line vty 5 9 session-timeout 300 access-class noc-access in exec-timeout 2000 0 password 7 03540819045F71475D logging synchronous transport input telnet ssh line vty 10 access-class noc-access in ! ntp clock-period 17179936 ntp server 212.43.194.2 ! end th2-ar2#exit Connection to th2-ar2.router.fr.clara.net closed.