From 23304fcb6314332b6b94001308c689ac8d83394f Mon Sep 17 00:00:00 2001 From: Sean Corrigan Date: Sun, 13 Dec 2020 20:38:02 -0500 Subject: [PATCH] Vlans & Addressing Done --- Addressing.csv | 152 +++++++++++++++ Vlans.csv | 24 +++ configs/ALS1.txt | 310 ++++++++++++++++++++++++++++++ configs/DLS1.txt | 469 +++++++++++++++++++++++++++++++++++++++++++++ configs/DLS2.txt | 490 +++++++++++++++++++++++++++++++++++++++++++++++ configs/R1.txt | 323 +++++++++++++++++++++++++++++++ configs/R2.txt | 388 +++++++++++++++++++++++++++++++++++++ configs/R3.txt | 406 +++++++++++++++++++++++++++++++++++++++ main.py | 126 ++++++++++++ 9 files changed, 2688 insertions(+) create mode 100644 Addressing.csv create mode 100644 Vlans.csv create mode 100644 configs/ALS1.txt create mode 100644 configs/DLS1.txt create mode 100644 configs/DLS2.txt create mode 100644 configs/R1.txt create mode 100644 configs/R2.txt create mode 100644 configs/R3.txt create mode 100644 main.py diff --git a/Addressing.csv b/Addressing.csv new file mode 100644 index 0000000..8d7d6b9 --- /dev/null +++ b/Addressing.csv @@ -0,0 +1,152 @@ +configs/R1 +,Loopback0,192.168.1.1,255.255.255.255,2001:DB8:CAFE:201::1/128, ,iBGP Peer + +,GigabitEthernet0/0,209.165.200.225,255.255.255.252,2001:DB8:FEED:10::1/126, ,WAN link to R2 + +,GigabitEthernet0/1,10.1.2.2,255.255.255.252,2001:DB8:CAFE:20::1/64, ,FE to DLS1 + +,GigabitEthernet0/2,SHUTDOWN + +,GigabitEthernet0/3,SHUTDOWN + +configs/R2 +,Loopback0,2.2.2.2,255.255.255.255,2001:DB8:FEED:222::2/128, ,VPN_A + +,Loopback1,2.2.2.2,255.255.255.255,2001:DB8:FEED:222::2/128, ,VPN_B + +,Loopback2,20.20.20.20,255.255.255.255,2001:DB8:CAFE:2020::2/128, ,EIGRP + +,Loopback3,22.22.22.22,255.0.0.0,2001:DB8:EFAC::2/48, ,Internet + +,Loopback4,22.22.22.22,255.0.0.0,2001:DB8:EFAC::2/48, ,Internet + +,Loopback5,22.22.22.22,255.0.0.0,2001:DB8:EFAC::2/48, ,Internet + +,GigabitEthernet0/0,209.165.200.226,255.255.255.252,2001:DB8:FEED:10::2/126, ,WAN link to R1 + +,GigabitEthernet0/1,209.165.200.222,255.255.255.252,2001:DB8:FEED:14::2/126, ,WAN link to R3 + +,GigabitEthernet0/2,10.1.90.2,255.255.255.254,2001:DB8:CAFE:90::2/126, ,EIGRP Link to R3 + +,GigabitEthernet0/3,SHUTDOWN + +configs/R3 +,Loopback0,192.168.3.1,255.255.255.255,2001:DB8:CAFE:203::1/128, ,iBGP Peer + +,Loopback1,pool,Simulatedv4LAN,2001:DB8:CAFE:801::1/64, ,Branch Office Simulated LAN + +,GigabitEthernet0/0,209.165.200.221,255.255.255.252,2001:DB8:FEED:14::3/126, ,- - - - - - + +,GigabitEthernet0/1,10.1.2.14,255.255.255.252,2001:DB8:CAFE:212::3/64, ,GE to DLS1 + +,GigabitEthernet0/2,10.1.90.3,255.255.255.254,2001:DB8:CAFE:90::3/126, ,- - - - - - + +,GigabitEthernet0/3,10.1.80.1,255.255.255.128,2001:DB8:CAFE:800::1/64, ,Collocated Office LAN + +configs/DLS1 +,Loopback0,10.1.211.1,255.255.255.255,2001:DB8:CAFE:2110::D1/128, ,Anchor + +,Port-channel1,-,-,-, ,- - - - - - + +,Port-channel10,-,-,-, ,Channel to DLS2 + +,GigabitEthernet0/0,-,-,-, ,Channel to DLS2 + +,GigabitEthernet0/1,-,-,-, ,Channel to DLS2 + +,GigabitEthernet0/2,-,-,-, ,Channel to ALS1 + +,GigabitEthernet0/3,-,-,-, ,Channel to ALS1 + +,GigabitEthernet1/0,-,-,-, ,FE to SRV1 + +,GigabitEthernet1/1,SHUTDOWN + +,GigabitEthernet1/2,SHUTDOWN + +,GigabitEthernet1/3,SHUTDOWN + +,GigabitEthernet2/0,10.1.2.1,255.255.255.252,2001:DB8:CAFE:20::D1/64, ,GE to R1 + +,Vlan1,SHUTDOWN + +,Vlan99,10.1.99.252,255.255.255.0,2001:DB8:CAFE:99::D1/64, ,- - - - - - + +,Vlan100,10.1.100.252,255.255.255.0,2001:DB8:CAFE:100::D1/64, ,- - - - - - + +,Vlan110,10.1.110.252,255.255.255.0,2001:DB8:CAFE:110::D1/64, ,- - - - - - + +,Vlan120,10.1.120.252,255.255.255.0,2001:DB8:CAFE:120::D1/64, ,- - - - - - + +,Vlan200,10.1.200.252,255.255.255.0,2001:DB8:CAFE:200::D1/64, ,- - - - - - + +,Vlan300,10.1.30.252,255.255.255.0,2001:DB8:CAFE:300::D1/64, ,- - - - - - + +configs/DLS2 +,Loopback0,10.1.212.1,255.255.255.255,2001:DB8:CAFE:2120::D2/128, ,Anchor + +,Port-channel2,-,-,-, ,Channel to ALS1 + +,Port-channel10,-,-,-, ,Channel to DLS1 + +,GigabitEthernet0/0,-,-,-, ,Channel to DLS1 + +,GigabitEthernet0/1,-,-,-, ,Channel to DLS1 + +,GigabitEthernet0/2,-,-,-, ,Channel to ALS1 + +,GigabitEthernet0/3,-,-,-, ,Channel to ALS1 + +,GigabitEthernet1/0,SHUTDOWN + +,GigabitEthernet1/1,SHUTDOWN + +,GigabitEthernet1/2,SHUTDOWN + +,GigabitEthernet1/3,SHUTDOWN + +,GigabitEthernet2/0,10.1.2.13,255.255.255.252,2001:DB8:CAFE:212::D2/64, ,GE to R3 + +,Vlan1,SHUTDOWN + +,Vlan99,10.1.99.253,255.255.255.0,2001:DB8:CAFE:99::D2/64, ,- - - - - - + +,Vlan100,10.1.100.253,255.255.255.0,2001:DB8:CAFE:100::D2/64, ,- - - - - - + +,Vlan110,10.1.110.253,255.255.255.0,2001:DB8:CAFE:110::D2/64, ,- - - - - - + +,Vlan120,10.1.120.253,255.255.255.0,2001:DB8:CAFE:120::D2/64, ,- - - - - - + +,Vlan200,10.1.200.253,255.255.255.0,2001:DB8:CAFE:200::D2/64, ,- - - - - - + +,Vlan300,10.1.30.253,255.255.255.0,2001:DB8:CAFE:300::D2/64, ,- - - - - - + +configs/ALS1 +,Port-channel1,-,-,-, ,Channel to DLS1 + +,Port-channel2,-,-,-, ,Channel to DLS2 + +,GigabitEthernet0/0,-,-,-, ,Channel to DLS1 + +,GigabitEthernet0/1,-,-,-, ,Channel to DLS1 + +,GigabitEthernet0/2,-,-,-, ,Channel to DLS2 + +,GigabitEthernet0/3,-,-,-, ,Channel to DLS2 + +,GigabitEthernet1/0,-,-,-, ,To PC-B + +,Vlan1,SHUTDOWN + +,Vlan99,10.1.99.251,255.255.255.0,2001:DB8:CAFE:99::A1/64, ,- - - - - - + +,Vlan100,10.1.100.251,255.255.255.0,2001:DB8:CAFE:100::A1/64, ,- - - - - - + +,Vlan110,10.1.110.251,255.255.255.0,2001:DB8:CAFE:110::A1/64, ,- - - - - - + +,Vlan120,10.1.120.251,255.255.255.0,2001:DB8:CAFE:120::A1/64, ,- - - - - - + +,Vlan200,10.1.200.251,255.255.255.0,2001:DB8:CAFE:200::A1/64, ,- - - - - - + +,Vlan300,10.1.30.251,255.255.255.0,2001:DB8:CAFE:300::A1/64, ,- - - - - - + diff --git a/Vlans.csv b/Vlans.csv new file mode 100644 index 0000000..febb2e0 --- /dev/null +++ b/Vlans.csv @@ -0,0 +1,24 @@ +configs/DLS1 +,Vlan1,SHUTDOWN +,Vlan99,10.1.99.252,255.255.255.0,2001:DB8:CAFE:99::D1/64, ,110,ACTIVE,YES +,Vlan100,10.1.100.252,255.255.255.0,2001:DB8:CAFE:100::D1/64, ,100,STANDBY,NO +,Vlan110,10.1.110.252,255.255.255.0,2001:DB8:CAFE:110::D1/64, ,110,ACTIVE,YES +,Vlan120,10.1.120.252,255.255.255.0,2001:DB8:CAFE:120::D1/64, ,110,ACTIVE,YES +,Vlan200,10.1.200.252,255.255.255.0,2001:DB8:CAFE:200::D1/64, ,100,STANDBY,NO +,Vlan300,10.1.30.252,255.255.255.0,2001:DB8:CAFE:300::D1/64, ,100,STANDBY,NO +configs/DLS2 +,Vlan1,SHUTDOWN +,Vlan99,10.1.99.253,255.255.255.0,2001:DB8:CAFE:99::D2/64, ,100,STANDBY,NO +,Vlan100,10.1.100.253,255.255.255.0,2001:DB8:CAFE:100::D2/64, ,110,ACTIVE,YES +,Vlan110,10.1.110.253,255.255.255.0,2001:DB8:CAFE:110::D2/64, ,100,STANDBY,NO +,Vlan120,10.1.120.253,255.255.255.0,2001:DB8:CAFE:120::D2/64, ,100,STANDBY,NO +,Vlan200,10.1.200.253,255.255.255.0,2001:DB8:CAFE:200::D2/64, ,110,ACTIVE,YES +,Vlan300,10.1.30.253,255.255.255.0,2001:DB8:CAFE:300::D2/64, ,110,ACTIVE,YES +configs/ALS1 +,Vlan1,SHUTDOWN +,Vlan99,10.1.99.251,255.255.255.0,2001:DB8:CAFE:99::A1/64, ,100,STANDBY,NO +,Vlan100,10.1.100.251,255.255.255.0,2001:DB8:CAFE:100::A1/64, ,100,STANDBY,NO +,Vlan110,10.1.110.251,255.255.255.0,2001:DB8:CAFE:110::A1/64, ,100,STANDBY,NO +,Vlan120,10.1.120.251,255.255.255.0,2001:DB8:CAFE:120::A1/64, ,100,STANDBY,NO +,Vlan200,10.1.200.251,255.255.255.0,2001:DB8:CAFE:200::A1/64, ,100,STANDBY,NO +,Vlan300,10.1.30.251,255.255.255.0,2001:DB8:CAFE:300::A1/64, ,100,STANDBY,NO diff --git a/configs/ALS1.txt b/configs/ALS1.txt new file mode 100644 index 0000000..9421f9d --- /dev/null +++ b/configs/ALS1.txt @@ -0,0 +1,310 @@ +! +! Last configuration change at 10:31:26 EST Wed Dec 9 2020 by cisco +! NVRAM config last updated at 10:31:03 EST Wed Dec 9 2020 by cisco +! +version 15.2 +service timestamps debug datetime msec +service timestamps log datetime msec +service password-encryption +service compress-config +! +hostname ALS1 +! +boot-start-marker +boot-end-marker +! +! +logging buffered 16384 +no logging console +enable secret 5 $1$oRs9$UDeTGbe25sN2khyCfKQ7o0 +! +username cisco secret 5 $1$a7nh$nDAad/5Hjq16ZVuI7PJKU0 +aaa new-model +! +! +aaa authentication login default local +aaa authentication login CONSOLE none +aaa authorization exec default local +! +! +! +! +! +! +aaa session-id common +clock timezone EST -5 0 +clock summer-time EDT recurring +! +! +! +! +! +vtp mode transparent +! +! +! +no ip domain-lookup +ip domain-name tshoot.net +crypto key generate rsa modulus 1024 +ip cef +ipv6 unicast-routing +ipv6 cef +! +! +errdisable recovery cause psecure-violation +errdisable recovery interval 120 +! +spanning-tree mode mst +spanning-tree portfast edge default +spanning-tree portfast edge bpduguard default +spanning-tree extend system-id +! +spanning-tree mst configuration + name TSHOOT + revision 25 + instance 1 vlan 99, 110, 120 + instance 2 vlan 100, 200, 300 +! +! +! +vlan 99 + name MANAGEMENT +! +vlan 100 + name SERVERS +! +vlan 110 + name GUEST +! +vlan 120 + name OFFICE +! +vlan 200 + name VOICE +! +vlan 300 + name O-PEER +! +vlan 666 + name NATIVE +! +vlan 999 + name PARKING_LOT +lldp run +! +! +! +! +! +! +! +! +! +! +! +! +! +! +interface Port-channel1 + description Channel to DLS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate +! +interface Port-channel2 + description Channel to DLS2 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate +! +interface GigabitEthernet0/0 + description Channel to DLS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 1 mode on +! +interface GigabitEthernet0/1 + description Channel to DLS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 1 mode on + no shutdown +! +interface GigabitEthernet0/2 + description Channel to DLS2 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 2 mode on + no shutdown +! +interface GigabitEthernet0/3 + description Channel to DLS2 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 2 mode on + no shutdown +! +interface GigabitEthernet1/0 + description To PC-B + switchport access vlan 120 + switchport mode access + switchport voice vlan 200 + switchport port-security maximum 10 + switchport port-security + negotiation auto + spanning-tree portfast edge + no shutdown +! +interface Vlan1 + no ip address + shutdown +! +interface Vlan99 + ip address 10.1.99.251 255.255.255.0 + no ip proxy-arp + ipv6 address FE80::A1 link-local + ipv6 address 2001:DB8:CAFE:99::A1/64 + no shutdown +! +interface Vlan100 + ip address 10.1.100.251 255.255.255.0 + no ip proxy-arp + ipv6 address FE80::A1 link-local + ipv6 address 2001:DB8:CAFE:100::A1/64 + no shutdown +! +interface Vlan110 + ip address 10.1.110.251 255.255.255.0 + no ip proxy-arp + ipv6 address FE80::A1 link-local + ipv6 address 2001:DB8:CAFE:110::A1/64 + ipv6 nd prefix 2001:DB8:CAFE:110::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + no shutdown +! +interface Vlan120 + ip address 10.1.120.251 255.255.255.0 + no ip proxy-arp + ipv6 address FE80::A1 link-local + ipv6 address 2001:DB8:CAFE:120::A1/64 + ipv6 nd prefix 2001:DB8:CAFE:120::/64 + ipv6 nd other-config-flag + no shutdown +! +interface Vlan200 + ip address 10.1.200.251 255.255.255.0 + no ip proxy-arp + ipv6 address FE80::A1 link-local + ipv6 address 2001:DB8:CAFE:200::A1/64 + ipv6 nd prefix 2001:DB8:CAFE:200::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + no shutdown +! +interface Vlan300 + ip address 10.1.30.251 255.255.255.0 + no ip proxy-arp + ipv6 address FE80::A1 link-local + ipv6 address 2001:DB8:CAFE:300::A1/64 + no shutdown +! +ip forward-protocol nd +! +no ip http server +no ip http secure-server +! +ip route 0.0.0.0 0.0.0.0 10.1.99.254 +ip ssh source-interface Vlan99 +ip ssh dh min size 2048 +ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr +ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr +! +! +logging source-interface Vlan99 +logging host 10.1.100.1 +ipv6 route ::/0 2001:DB8:CAFE:99::D2 5 +ipv6 route ::/0 2001:DB8:CAFE:99::D1 +! +! +! +snmp-server community cisco RO +snmp-server community san-fran RW +snmp-server trap-source Vlan99 +snmp-server location TSHOOT Lab Facility +snmp-server contact support@tshoot.net +snmp-server enable traps vtp +snmp-server enable traps vlancreate +snmp-server enable traps vlandelete +snmp-server host 10.1.100.1 version 2c cisco +! +! +! +ipv6 access-list REMOTEv6 + deny ipv6 any any +! +control-plane +! +banner exec ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner incoming ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner login ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner motd ^C*** Switch ALS1 Skills Assessment BASE Config ***^C +! +line con 0 + exec-timeout 0 0 + logging synchronous + login authentication local +line aux 0 +line vty 0 4 + exec-timeout 0 0 + ipv6 access-class REMOTEv6 in + logging synchronous + length 0 + transport input ssh +! +ntp source Vlan99 +ntp server 2.2.2.2 +! +end \ No newline at end of file diff --git a/configs/DLS1.txt b/configs/DLS1.txt new file mode 100644 index 0000000..8ab3131 --- /dev/null +++ b/configs/DLS1.txt @@ -0,0 +1,469 @@ +! +! Last configuration change at 10:34:16 EST Wed Dec 9 2020 by cisco +! NVRAM config last updated at 10:30:40 EST Wed Dec 9 2020 by cisco +! +version 15.2 +no service pad +service timestamps debug datetime msec +service timestamps log datetime msec +service password-encryption +service compress-config +! +hostname DLS1 +! +boot-start-marker +boot-end-marker +! +! +no logging console +enable secret 5 $1$GiqI$9Gp7YJpL9c7W7nbZsTV.J1 +! +username cisco secret 5 $1$ILIL$y.ljetG8NpeZ4uWSXMVZt. +aaa new-model +! +! +aaa authentication login default local +aaa authentication login CONSOLE none +aaa authorization exec default local +! +! +! +! +! +! +aaa session-id common +clock timezone EST -5 0 +clock summer-time EDT recurring +! +! +! +! +! +vtp mode transparent +! +ip dhcp excluded-address 10.1.110.1 10.1.110.5 +ip dhcp excluded-address 10.1.120.1 10.1.120.5 +ip dhcp excluded-address 10.1.200.1 10.1.200.5 +ip dhcp excluded-address 10.1.120.129 10.1.120.254 +ip dhcp excluded-address 10.1.110.129 10.1.110.254 +ip dhcp excluded-address 10.1.200.129 10.1.200.254 +! +ip dhcp pool GUEST + network 10.1.110.0 255.255.255.0 + default-router 10.1.110.254 +! +ip dhcp pool OFFICE + network 10.1.120.0 255.255.255.0 + default-router 10.1.120.254 + domain-name tshoot.net +! +ip dhcp pool VOICE + network 10.1.200.0 255.255.255.0 + default-router 10.1.200.254 +! +! +no ip domain-lookup +ip domain-name tshoot.net +crypto key generate rsa modulus 1024 +ip cef +ipv6 unicast-routing +ipv6 dhcp pool DHCPv6GUEST + address prefix 2001:DB8:CAFE:110:ABCD::/80 + domain-name tshoot.net +! +ipv6 dhcp pool DHCPv6OFFICE + address prefix 2001:DB8:CAFE:120:ABCD::/80 + domain-name tshoot.net +! +ipv6 dhcp pool DHCPv6VOICE + address prefix 2001:DB8:CAFE:200:ABCD::/80 + domain-name tshoot.net +! +ipv6 cef +! +! +errdisable recovery cause bpduguard +! +spanning-tree mode mst +spanning-tree portfast edge default +spanning-tree portfast edge bpduguard default +spanning-tree extend system-id +! +spanning-tree mst configuration + name TSHOOT + revision 25 + instance 1 vlan 99, 110, 120 + instance 2 vlan 100, 200, 300 +! +spanning-tree mst 1 priority 24576 +spanning-tree mst 2 priority 28672 +! +! +vlan 99-100,110,120,200,300,666,999 +lldp run +! +track 7 ip sla 2 + delay down 30 up 30 +! +track 23 list boolean and + object 7 + object 31 +! +track 31 interface GigabitEthernet2/0 line-protocol + delay down 30 up 30 +! +! +class-map match-any non-client-nrt-class +! +policy-map port_child_policy + class non-client-nrt-class +! +! +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + description Anchor + ip address 10.1.211.1 255.255.255.255 + ip ospf network point-to-point + ipv6 address FE80::D1 link-local + ipv6 address 2001:DB8:CAFE:2110::D1/128 +! +interface Port-channel1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate +! +interface Port-channel10 + description Channel to DLS2 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate +! +interface GigabitEthernet0/0 + description Channel to DLS2 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 10 mode on +! +interface GigabitEthernet0/1 + description Channel to DLS2 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 10 mode on + no shutdown +! +interface GigabitEthernet0/2 + description Channel to ALS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 1 mode on + no shutdown +! +interface GigabitEthernet0/3 + description Channel to ALS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 1 mode on + no shutdown +! +interface GigabitEthernet1/0 + description FE to SRV1 + switchport access vlan 100 + switchport mode access + switchport nonegotiate + negotiation auto + spanning-tree portfast edge + spanning-tree bpduguard enable + no shutdown +! +interface GigabitEthernet1/1 + description PARKING_LOT + switchport access vlan 999 + switchport mode access + switchport nonegotiate + shutdown + negotiation auto +! +interface GigabitEthernet1/2 + description PARKING_LOT + switchport access vlan 999 + switchport mode access + switchport nonegotiate + shutdown + negotiation auto +! +interface GigabitEthernet1/3 + description PARKING_LOT + switchport access vlan 999 + switchport mode access + switchport nonegotiate + shutdown + negotiation auto +! +interface GigabitEthernet2/0 + description GE to R1 + no switchport + ip address 10.1.2.1 255.255.255.252 + ip access-group 101 in + negotiation auto + ipv6 address FE80::D1 link-local + ipv6 address 2001:DB8:CAFE:20::D1/64 + no shutdown +! +interface Vlan1 + no ip address + shutdown +! +interface Vlan99 + ip address 10.1.99.252 255.255.255.0 + no ip proxy-arp + standby 99 ip 10.1.99.254 + standby 99 priority 110 + standby 99 preempt + standby 99 track 23 decrement 20 + ipv6 address FE80::D1 link-local + ipv6 address 2001:DB8:CAFE:99::D1/64 + no shutdown +! +interface Vlan100 + ip address 10.1.100.252 255.255.255.0 + no ip proxy-arp + standby 100 ip 10.1.100.254 + standby 100 preempt + ipv6 address FE80::D1 link-local + ipv6 address 2001:DB8:CAFE:100::D1/64 + no shutdown +! +interface Vlan110 + ip address 10.1.110.252 255.255.255.0 + no ip proxy-arp + standby 110 ip 10.1.110.254 + standby 110 priority 110 + standby 110 preempt + standby 110 track 23 decrement 20 + ipv6 address FE80::D1 link-local + ipv6 address 2001:DB8:CAFE:110::D1/64 + ipv6 nd prefix 2001:DB8:CAFE:110::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + ipv6 dhcp server DHCPv6GUEST + no shutdown +! +interface Vlan120 + ip address 10.1.120.252 255.255.255.0 + no ip proxy-arp + standby 120 ip 10.1.120.254 + standby 120 priority 110 + standby 120 preempt + standby 120 track 23 decrement 20 + ipv6 address FE80::D1 link-local + ipv6 address 2001:DB8:CAFE:120::D1/64 + ipv6 nd prefix 2001:DB8:CAFE:120::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + ipv6 dhcp server DHCPv6OFFICE + no shutdown +! +interface Vlan200 + ip address 10.1.200.252 255.255.255.0 + no ip proxy-arp + standby 200 ip 10.1.200.254 + standby 200 preempt + ipv6 address FE80::D1 link-local + ipv6 address 2001:DB8:CAFE:200::D1/64 + ipv6 nd prefix 2001:DB8:CAFE:200::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + ipv6 dhcp server DHCPv6VOICE + no shutdown +! +interface Vlan300 + ip address 10.1.30.252 255.255.255.0 + no ip proxy-arp + standby 30 ip 10.1.30.254 + standby 30 preempt + ip ospf authentication message-digest + ip ospf message-digest-key 1 md5 7 0832444B081F + ipv6 address FE80::D1 link-local + ipv6 address 2001:DB8:CAFE:300::D1/64 + no shutdown +! +! +router eigrp BRANCH + ! + address-family ipv6 unicast autonomous-system 2 + ! + af-interface default + shutdown + passive-interface + exit-af-interface + ! + af-interface Vlan300 + no shutdown + no passive-interface + exit-af-interface + ! + af-interface GigabitEthernet2/0 + no shutdown + no passive-interface + exit-af-interface + ! + af-interface Vlan99 + no shutdown + exit-af-interface + ! + af-interface Vlan100 + no shutdown + exit-af-interface + ! + af-interface Vlan110 + no shutdown + exit-af-interface + ! + af-interface Vlan120 + no shutdown + exit-af-interface + ! + af-interface Vlan200 + no shutdown + exit-af-interface + ! + topology base + exit-af-topology + eigrp router-id 1.1.1.1 + exit-address-family +! +router ospf 1 + router-id 1.1.1.1 + passive-interface default + no passive-interface GigabitEthernet2/0 + no passive-interface Vlan300 + network 10.1.2.0 0.0.0.3 area 0 + network 10.1.30.0 0.0.0.255 area 0 + network 10.1.99.0 0.0.0.255 area 1 + network 10.1.100.0 0.0.0.255 area 1 + network 10.1.110.0 0.0.0.255 area 1 + network 10.1.120.0 0.0.0.255 area 1 + network 10.1.200.0 0.0.0.255 area 1 + network 10.1.211.1 0.0.0.0 area 0 +! +ip forward-protocol nd +! +no ip http server +ip http authentication local +no ip http secure-server +! +ip ssh source-interface Vlan99 +ip ssh dh min size 2048 +ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr +ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr +! +! +ip sla 2 + tcp-connect 2001:DB8:FEED:10::1 22 control disable + threshold 100 + timeout 200 + frequency 6 +ip sla schedule 2 life forever start-time now +logging source-interface Vlan99 +logging host 10.1.100.1 +access-list 101 permit tcp host 192.168.1.1 host 192.168.3.1 eq bgp +access-list 101 permit tcp host 192.168.1.1 eq bgp host 192.168.3.1 +access-list 101 permit ospf any any +access-list 101 permit icmp any any +access-list 101 permit udp any any +access-list 101 permit ip host 10.1.2.2 any +access-list 101 permit ip host 192.168.1.1 any +access-list 101 permit gre any any +access-list 101 permit tcp any eq 22 any +! +! +! +snmp-server community cisco RO +snmp-server community san-fran RW +snmp-server trap-source Vlan99 +snmp-server location TSHOOT Lab Facility +snmp-server contact support@tshoot.net +snmp-server enable traps eigrp +snmp-server enable traps vtp +snmp-server enable traps vlancreate +snmp-server enable traps vlandelete +snmp-server enable traps hsrp +snmp-server host 10.1.100.1 version 2c cisco +! +! +! +control-plane +! +banner exec ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner incoming ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner login ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner motd ^C^C +! +line con 0 + exec-timeout 0 0 + logging synchronous + login authentication local + stopbits 1 +line aux 0 +line vty 0 4 + exec-timeout 0 0 + logging synchronous + transport input ssh +line vty 5 15 +! +ntp source Vlan99 +ntp server 2.2.2.2 +! +end \ No newline at end of file diff --git a/configs/DLS2.txt b/configs/DLS2.txt new file mode 100644 index 0000000..edc55be --- /dev/null +++ b/configs/DLS2.txt @@ -0,0 +1,490 @@ +! +! Last configuration change at 10:34:24 EST Wed Dec 9 2020 by cisco +! NVRAM config last updated at 10:30:57 EST Wed Dec 9 2020 by cisco +! +version 15.2 +no service pad +service timestamps debug datetime msec +service timestamps log datetime +service password-encryption +service compress-config +! +hostname DLS2 +! +boot-start-marker +boot-end-marker +! +! +no logging console +enable secret 5 $1$Q808$PU/EH2k0cNDlzRo1CsqvQ0 +! +username cisco secret 5 $1$Wxk6$Rm6bIBAIkK81C93afqKIJ1 +aaa new-model +! +! +aaa authentication login default local +aaa authentication login CONSOLE none +aaa authorization exec default local +! +! +! +! +! +! +aaa session-id common +clock timezone EST -5 0 +clock summer-time EDT recurring +! +! +! +! +! +vtp mode transparent +! +ip dhcp excluded-address 10.1.80.1 10.1.80.3 +ip dhcp excluded-address 10.1.120.251 10.1.120.254 +ip dhcp excluded-address 10.1.200.251 10.1.200.254 +ip dhcp excluded-address 10.1.110.251 10.1.110.254 +ip dhcp excluded-address 10.1.110.1 10.1.110.128 +ip dhcp excluded-address 10.1.120.1 10.1.120.128 +ip dhcp excluded-address 10.1.200.1 10.1.200.128 +! +ip dhcp pool VOICE + network 10.1.200.0 255.255.255.0 + default-router 10.1.200.254 +! +ip dhcp pool GUEST + network 10.1.110.0 255.255.255.0 + default-router 10.1.110.254 +! +ip dhcp pool OFFICE + network 10.1.120.0 255.255.255.0 + default-router 10.1.120.254 + domain-name tshoot.net +! +ip dhcp pool v4_BranchLAN + network 10.1.80.0 255.255.255.128 + default-router 10.1.80.1 +! +! +no ip domain-lookup +ip domain-name tshoot.net +crypto key generate rsa modulus 1024 +ip cef +ipv6 unicast-routing +ipv6 dhcp pool v6_BranchLAN + address prefix 2001:DB8:CAFE:800:ABCD::/80 + domain-name tshoot.net +! +ipv6 dhcp pool DHCPv6OFFICE + address prefix 2001:DB8:CAFE:120:ABCD::/80 + domain-name tshoot.net +! +ipv6 dhcp pool DHCPv6VOICE + address prefix 2001:DB8:CAFE:200:ABCD::/80 + domain-name tshoot.net +! +ipv6 dhcp pool DHCPv6GUEST + address prefix 2001:DB8:CAFE:110:ABCD::/80 + domain-name tshoot.net +! +ipv6 cef +! +! +errdisable recovery cause bpduguard +! +spanning-tree mode mst +spanning-tree portfast edge default +spanning-tree portfast edge bpduguard default +spanning-tree extend system-id +! +spanning-tree mst configuration + name TSHOOT + revision 25 + instance 1 vlan 99, 110, 120 + instance 2 vlan 100, 200, 300 +! +spanning-tree mst 1 priority 28672 +spanning-tree mst 2 priority 24576 +! +! +vlan 99-100,110,120,200,300,666,999 +lldp run +! +track 7 ip sla 2 + delay down 30 up 30 +! +track 23 list boolean and + object 7 + object 31 +! +track 31 interface GigabitEthernet2/0 line-protocol + delay down 30 up 30 +! +! +class-map match-any non-client-nrt-class +! +policy-map port_child_policy + class non-client-nrt-class +! +! +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + description Anchor + ip address 10.1.212.1 255.255.255.255 + ip ospf network point-to-point + ipv6 address FE80::D2 link-local + ipv6 address 2001:DB8:CAFE:2120::D2/128 +! +interface Port-channel2 + description Channel to ALS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate +! +interface Port-channel10 + description Channel to DLS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate +! +interface GigabitEthernet0/0 + description Channel to DLS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 10 mode on + no shutdown +! +interface GigabitEthernet0/1 + description Channel to DLS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 10 mode on + no shutdown +! +interface GigabitEthernet0/2 + description Channel to ALS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 2 mode on + no shutdown +! +interface GigabitEthernet0/3 + description Channel to ALS1 + switchport trunk allowed vlan 99,100,110,120,200,300 + switchport trunk encapsulation dot1q + switchport trunk native vlan 666 + switchport mode trunk + switchport nonegotiate + negotiation auto + channel-group 2 mode on + no shutdown +! +interface GigabitEthernet1/0 + switchport access vlan 110 + switchport mode access + switchport nonegotiate + shutdown + negotiation auto + spanning-tree portfast edge + spanning-tree bpduguard enable +! +interface GigabitEthernet1/1 + description PARKING_LOT + switchport access vlan 999 + switchport mode access + switchport nonegotiate + shutdown + negotiation auto +! +interface GigabitEthernet1/2 + description PARKING_LOT + switchport access vlan 999 + switchport mode access + switchport nonegotiate + shutdown + negotiation auto +! +interface GigabitEthernet1/3 + description PARKING_LOT + switchport access vlan 999 + switchport mode access + switchport nonegotiate + shutdown + negotiation auto +! +interface GigabitEthernet2/0 + description GE to R3 + no switchport + ip address 10.1.2.13 255.255.255.252 + ip access-group 101 in + negotiation auto + ipv6 address FE80::D2 link-local + ipv6 address 2001:DB8:CAFE:212::D2/64 + ipv6 dhcp server v6_BranchLAN + spanning-tree bpduguard enable + no shutdown +! +interface Vlan1 + no ip address + shutdown +! +interface Vlan99 + ip address 10.1.99.253 255.255.255.0 + no ip proxy-arp + standby 99 ip 10.1.99.254 + standby 99 preempt + ipv6 address FE80::D2 link-local + ipv6 address 2001:DB8:CAFE:99::D2/64 + no shutdown +! +interface Vlan100 + ip address 10.1.100.253 255.255.255.0 + no ip proxy-arp + standby 100 ip 10.1.100.254 + standby 100 priority 110 + standby 100 preempt + standby 100 track 23 decrement 20 + ipv6 address FE80::D2 link-local + ipv6 address 2001:DB8:CAFE:100::D2/64 + ipv6 nd prefix 2001:DB8:CAFE:100::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + no shutdown +! +interface Vlan110 + ip address 10.1.110.253 255.255.255.0 + no ip proxy-arp + standby 110 ip 10.1.110.254 + standby 110 preempt + ipv6 address FE80::D2 link-local + ipv6 address 2001:DB8:CAFE:110::D2/64 + ipv6 nd prefix 2001:DB8:CAFE:110::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + ipv6 dhcp server DHCPv6GUEST + no shutdown +! +interface Vlan120 + ip address 10.1.120.253 255.255.255.0 + no ip proxy-arp + standby 120 ip 10.1.120.254 + standby 120 preempt + ipv6 address FE80::D2 link-local + ipv6 address 2001:DB8:CAFE:120::D2/64 + ipv6 nd prefix 2001:DB8:CAFE:120::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + ipv6 dhcp server DHCPv6OFFICE + no shutdown +! +interface Vlan200 + ip address 10.1.200.253 255.255.255.0 + no ip proxy-arp + standby 200 ip 10.1.200.254 + standby 200 priority 110 + standby 200 preempt + standby 200 track 23 decrement 20 + ipv6 address FE80::D2 link-local + ipv6 address 2001:DB8:CAFE:200::D2/64 + ipv6 nd prefix 2001:DB8:CAFE:200::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + ipv6 dhcp server DHCPv6VOICE + no shutdown +! +interface Vlan300 + ip address 10.1.30.253 255.255.255.0 + no ip proxy-arp + standby 30 ip 10.1.30.254 + standby 30 priority 110 + standby 30 preempt + standby 30 track 23 decrement 20 + ip ospf authentication message-digest + ip ospf message-digest-key 1 md5 7 01000E015A0D + ipv6 address FE80::D2 link-local + ipv6 address 2001:DB8:CAFE:300::D2/64 + no shutdown +! +! +router eigrp BRANCH + ! + address-family ipv6 unicast autonomous-system 2 + ! + af-interface default + shutdown + passive-interface + exit-af-interface + ! + af-interface GigabitEthernet2/0 + no shutdown + no passive-interface + exit-af-interface + ! + af-interface Vlan300 + no shutdown + no passive-interface + exit-af-interface + ! + af-interface Vlan99 + no shutdown + exit-af-interface + ! + af-interface Vlan100 + no shutdown + exit-af-interface + ! + af-interface Vlan110 + no shutdown + exit-af-interface + ! + af-interface Vlan120 + no shutdown + exit-af-interface + ! + af-interface Vlan200 + no shutdown + exit-af-interface + ! + topology base + exit-af-topology + eigrp router-id 2.2.2.2 + exit-address-family +! +router ospf 1 + router-id 2.2.2.2 + passive-interface default + no passive-interface GigabitEthernet2/0 + no passive-interface Vlan300 + network 10.1.2.12 0.0.0.3 area 0 + network 10.1.30.0 0.0.0.255 area 0 + network 10.1.99.0 0.0.0.255 area 1 + network 10.1.100.0 0.0.0.255 area 1 + network 10.1.110.0 0.0.0.255 area 1 + network 10.1.120.0 0.0.0.255 area 1 + network 10.1.200.0 0.0.0.255 area 1 + network 10.1.212.1 0.0.0.0 area 0 +! +ip forward-protocol nd +! +no ip http server +ip http authentication local +no ip http secure-server +! +ip ssh source-interface Vlan99 +ip ssh dh min size 2048 +ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr +ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr +! +! +ip sla 2 + tcp-connect 2001:DB8:FEED:14::3 22 control disable + threshold 100 + timeout 200 + frequency 6 +ip sla schedule 2 life forever start-time now +logging source-interface Vlan99 +logging host 10.1.100.1 +access-list 100 permit ip host 20.20.20.20 any +access-list 100 permit ip any host 20.20.20.20 +access-list 100 permit icmp any any +access-list 101 permit tcp host 192.168.3.1 host 192.168.1.1 eq bgp +access-list 101 permit tcp host 192.168.3.1 eq bgp host 192.168.1.1 +access-list 101 permit ip 10.1.80.0 0.0.0.255 any +access-list 101 permit ospf any any +access-list 101 permit icmp any any +access-list 101 permit udp any any +access-list 101 permit ip host 10.1.2.14 any +access-list 101 permit ip host 192.168.3.1 any +access-list 101 permit tcp any eq 22 any +access-list 101 permit eigrp any any +! +! +ipv6 prefix-list R2PrimeG0/0 seq 10 deny 2001:DB8:CAFE:120:ABCD::/80 ge 81 +ipv6 prefix-list R2PrimeG0/0 seq 20 permit ::/0 le 128 +! +! +snmp-server community cisco RO +snmp-server community san-fran RW +snmp-server trap-source Vlan99 +snmp-server location TSHOOT Lab Facility +snmp-server contact support@tshoot.net +snmp-server enable traps eigrp +snmp-server enable traps vtp +snmp-server enable traps vlancreate +snmp-server enable traps vlandelete +snmp-server enable traps hsrp +snmp-server host 10.1.100.1 version 2c cisco +! +! +! +control-plane +! +banner exec ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner incoming ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner login ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner motd ^C^C +! +line con 0 + exec-timeout 0 0 + logging synchronous + login authentication local + stopbits 1 +line aux 0 +line vty 0 4 + exec-timeout 0 0 + logging synchronous + transport input ssh +line vty 5 15 +! +ntp source Vlan99 +ntp server 2.2.2.2 +! +end \ No newline at end of file diff --git a/configs/R1.txt b/configs/R1.txt new file mode 100644 index 0000000..fe6ebea --- /dev/null +++ b/configs/R1.txt @@ -0,0 +1,323 @@ +! +! Last configuration change at 10:34:24 EST Wed Dec 9 2020 by cisco +! NVRAM config last updated at 10:30:32 EST Wed Dec 9 2020 by cisco +! +version 15.8 +service timestamps debug datetime msec +service timestamps log datetime msec +service password-encryption +! +hostname R1 +! +boot-start-marker +boot-end-marker +! +! +logging buffered 16384 +no logging console +enable secret 5 $1$Sx.7$/sGeJMk4CaAzFqBG3Eafe. +! +aaa new-model +! +! +aaa authentication login default local +aaa authentication login CONSOLE none +aaa authorization exec default local +! +! +! +! +! +aaa session-id common +! +! +! +clock timezone EST -5 0 +clock summer-time EDT recurring +mmi polling-interval 60 +no mmi auto-configure +no mmi pvc +mmi snmp-timeout 180 +! +! +! +! +! +! +! +! +! +! +! +no ip domain lookup +ip domain name tshoot.net +crypto key generate rsa modulus 1024 +ip cef +ipv6 unicast-routing +ipv6 cef +! +multilink bundle-name authenticated +! +! +! +crypto pki trustpoint TP-self-signed-4294967295 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-4294967295 + revocation-check none + rsakeypair TP-self-signed-4294967295 +! +! +crypto pki certificate chain TP-self-signed-4294967295 +username cisco secret 5 $1$I0qI$Pc89EOShw/klcqTDjI08g. +! +redundancy +! +lldp run +! +track 2 interface GigabitEthernet0/0 line-protocol + delay down 30 up 30 +! +track 4 list boolean and + object 2 + object 17 + object 19 +! +track 17 ip sla 3 + delay down 30 up 30 +! +track 19 ip sla 5 + delay down 30 up 30 +! +track 23 list boolean and + object 19 not + delay down 30 up 30 +! +track 37 list boolean or + object 17 + object 23 + delay down 30 up 30 +! +! +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + description iBGP Peer + ip address 192.168.1.1 255.255.255.255 + ip ospf network point-to-point + ipv6 address FE80::1 link-local + ipv6 address 2001:DB8:CAFE:201::1/128 +! +interface GigabitEthernet0/0 + description WAN link to R2 + ip address 209.165.200.225 255.255.255.252 + duplex full + speed 1000 + media-type rj45 + ipv6 address FE80::1 link-local + ipv6 address 2001:DB8:FEED:10::1/126 + no shutdown +! +interface GigabitEthernet0/1 + description FE to DLS1 + ip address 10.1.2.2 255.255.255.252 + ip flow ingress + duplex full + speed 1000 + media-type rj45 + ipv6 address FE80::1 link-local + ipv6 address 2001:DB8:CAFE:20::1/64 + no shutdown +! +interface GigabitEthernet0/2 + no ip address + shutdown + duplex auto + speed auto + media-type rj45 +! +interface GigabitEthernet0/3 + no ip address + shutdown + duplex auto + speed auto + media-type rj45 +! +! +router eigrp BRANCH + ! + address-family ipv6 unicast autonomous-system 2 + ! + af-interface default + shutdown + passive-interface + exit-af-interface + ! + af-interface GigabitEthernet0/1 + no shutdown + no passive-interface + exit-af-interface + ! + af-interface Loopback0 + no shutdown + exit-af-interface + ! + topology base + redistribute connected metric 2000 100 255 1 1500 + redistribute bgp 65501 metric 2000 100 255 1 1500 route-map IPv6METRIC + exit-af-topology + eigrp router-id 11.0.0.11 + exit-address-family +! +router ospf 1 + router-id 1.0.0.1 + redistribute bgp 65501 metric 100 metric-type 1 subnets + passive-interface default + no passive-interface GigabitEthernet0/1 + network 10.1.2.0 0.0.0.3 area 0 + network 192.168.1.1 0.0.0.0 area 0 + default-information originate metric 100 metric-type 1 +! +router bgp 65501 + bgp router-id 1.0.0.1 + bgp log-neighbor-changes + neighbor 192.168.3.1 remote-as 65501 + neighbor 192.168.3.1 password 7 02050D480809 + neighbor 192.168.3.1 update-source Loopback0 + neighbor 209.165.200.226 remote-as 65502 + neighbor 209.165.200.226 password 7 110A1016141D + ! + address-family ipv4 + network 10.1.0.0 mask 255.255.0.0 + network 192.168.1.1 mask 255.255.255.255 + network 209.165.200.224 mask 255.255.255.252 + neighbor 192.168.3.1 activate + neighbor 192.168.3.1 next-hop-self + neighbor 209.165.200.226 activate + exit-address-family + ! + address-family ipv6 + network 2001:DB8:CAFE::/48 + network 2001:DB8:CAFE:201::1/128 + network 2001:DB8:FEED:10::/126 + network ABCD::/16 + neighbor 192.168.3.1 activate + neighbor 192.168.3.1 next-hop-self + neighbor 192.168.3.1 route-map IPv4TransportIPv6RouteFromR3 in + neighbor 209.165.200.226 activate + neighbor 209.165.200.226 route-map IPv4TransportIPv6RouteFromR2 in + exit-address-family +! +ip forward-protocol nd +! +ip flow-top-talkers + top 3 + sort-by bytes + cache-timeout 600000 +! +ip http server +ip http secure-server +ip route 10.1.0.0 255.255.0.0 Null0 +ip ssh source-interface Loopback0 +! +ip sla 3 + icmp-echo 209.165.200.221 + frequency 10 +ip sla schedule 3 life forever start-time now +ip sla 5 + icmp-echo 10.1.2.14 + frequency 10 +ip sla schedule 5 life forever start-time now +logging source-interface Loopback0 +logging host 10.1.100.1 +ipv6 route 2001:DB8:CAFE::/48 Null0 +ipv6 ioam timestamp +! +route-map IPv6g0/0 permit 10 + match interface GigabitEthernet0/0 +! +route-map IPv4TransportIPv6RouteFromR2 permit 10 + set ipv6 next-hop 2001:DB8:FEED:10::2 +! +route-map IPv4TransportIPv6RouteFromR3 permit 10 + set ipv6 next-hop 2001:DB8:CAFE:203::1 +! +route-map IPv6METRIC permit 10 + set metric 2000 100 255 1 1500 +! +snmp-server community cisco RO +snmp-server community san-fran RW +snmp-server trap-source Loopback0 +snmp-server location TSHOOT Lab Facility +snmp-server contact support@tshoot.net +snmp-server chassis-id +snmp-server enable traps eigrp +snmp-server enable traps config +snmp-server enable traps cpu threshold +snmp-server host 10.1.100.1 version 2c cisco +! +access-list 20 permit 20.0.0.0 0.255.255.255 +access-list 30 permit 10.1.99.0 0.0.0.255 +access-list 30 permit 10.1.100.0 0.0.0.255 +access-list 30 permit 10.1.110.0 0.0.0.255 +access-list 30 permit 10.1.200.0 0.0.0.255 +access-list 30 permit 10.1.30.0 0.0.0.255 +! +! +! +control-plane +! +banner exec ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner incoming ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner login ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner motd ^C*** Router R1 Skills Assessment BASE Config ***^C +! +line con 0 + exec-timeout 0 0 + logging synchronous + login authentication local +line aux 0 +line vty 0 4 + exec-timeout 0 0 + logging synchronous + transport input ssh +! +no scheduler allocate +ntp source Loopback0 +ntp update-calendar +ntp server 2.2.2.2 +! +end \ No newline at end of file diff --git a/configs/R2.txt b/configs/R2.txt new file mode 100644 index 0000000..bc72099 --- /dev/null +++ b/configs/R2.txt @@ -0,0 +1,388 @@ +! +! Last configuration change at 10:34:28 EST Wed Dec 9 2020 by cisco +! NVRAM config last updated at 10:30:19 EST Wed Dec 9 2020 by cisco +! +version 15.8 +service timestamps debug datetime msec +service timestamps log datetime msec +service password-encryption +! +hostname R2 +! +boot-start-marker +boot-end-marker +! +! +vrf definition VPN_A + rd 100:1 + route-target export 100:1 + route-target import 100:1 + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +vrf definition VPN_B + rd 200:1 + route-target export 200:1 + route-target import 200:1 + ! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +no logging console +enable secret 5 $1$uT.s$3pBZI88g6udTYuHpvt9lI/ +! +aaa new-model +! +! +aaa authentication login default local +aaa authentication login CONSOLE none +aaa authorization exec default local +! +! +! +! +! +aaa session-id common +! +! +! +memory-size iomem 10 +clock timezone EST -5 0 +clock summer-time EDT recurring +mmi polling-interval 60 +no mmi auto-configure +no mmi pvc +mmi snmp-timeout 180 +! +! +! +! +! +! +! +! +! +! +! +no ip domain lookup +ip domain name tshoot.net +crypto key generate rsa modulus 1024 +ip cef +ipv6 unicast-routing +ipv6 cef +! +multilink bundle-name authenticated +! +! +cts logging verbose +! +crypto pki trustpoint TP-self-signed-4294967295 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-4294967295 + revocation-check none + rsakeypair TP-self-signed-4294967295 +! +! +crypto pki certificate chain TP-self-signed-4294967295 +username cisco secret 5 $1$NrYE$nzkXIBUvZA/yj55JaJr/l. +! +redundancy +! +lldp run +! +track 1 interface GigabitEthernet0/0 line-protocol + delay down 30 up 30 +! +track 2 interface GigabitEthernet0/1 line-protocol + delay down 30 up 30 +! +track 3 list boolean or + object 1 + object 2 +! +! +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + description VPN_A + vrf forwarding VPN_A + ip address 2.2.2.2 255.255.255.255 + ipv6 address FE80::2 link-local + ipv6 address 2001:DB8:FEED:222::2/128 +! +interface Loopback1 + description VPN_B + vrf forwarding VPN_B + ip address 2.2.2.2 255.255.255.255 + ipv6 address FE80::2 link-local + ipv6 address 2001:DB8:FEED:222::2/128 +! +interface Loopback2 + description EIGRP + ip address 20.20.20.20 255.255.255.255 + ipv6 address FE80::2 link-local + ipv6 address 2001:DB8:CAFE:2020::2/128 +! +interface Loopback3 + description Internet + ip address 22.22.22.22 255.0.0.0 + ipv6 address FE80::2 link-local + ipv6 address 2001:DB8:EFAC::2/48 +! +interface Loopback4 + description Internet + vrf forwarding VPN_A + ip address 22.22.22.22 255.0.0.0 + ipv6 address FE80::2 link-local + ipv6 address 2001:DB8:EFAC::2/48 +! +interface Loopback5 + description Internet + vrf forwarding VPN_B + ip address 22.22.22.22 255.0.0.0 + ipv6 address FE80::2 link-local + ipv6 address 2001:DB8:EFAC::2/48 +! +interface GigabitEthernet0/0 + description WAN link to R1 + vrf forwarding VPN_A + ip address 209.165.200.226 255.255.255.252 + duplex auto + speed auto + media-type rj45 + ipv6 address FE80::2 link-local + ipv6 address 2001:DB8:FEED:10::2/126 + no shutdown +! +interface GigabitEthernet0/1 + description WAN link to R3 + vrf forwarding VPN_B + ip address 209.165.200.222 255.255.255.252 + duplex auto + speed auto + media-type rj45 + ipv6 address FE80::2 link-local + ipv6 address 2001:DB8:FEED:14::2/126 + no shutdown +! +interface GigabitEthernet0/2 + description EIGRP Link to R3 + ip address 10.1.90.2 255.255.255.254 + duplex auto + speed auto + media-type rj45 + ipv6 address FE80::2 link-local + ipv6 address 2001:DB8:CAFE:90::2/126 + no shutdown +! +interface GigabitEthernet0/3 + no ip address + shutdown + duplex auto + speed auto + media-type rj45 +! +! +router eigrp HQ + ! + address-family ipv4 unicast autonomous-system 1 + ! + af-interface default + shutdown + passive-interface + exit-af-interface + ! + af-interface Loopback2 + no shutdown + exit-af-interface + ! + af-interface GigabitEthernet0/2 + no shutdown + no passive-interface + exit-af-interface + ! + topology base + exit-af-topology + network 10.1.90.2 0.0.0.1 + network 20.20.20.20 0.0.0.0 + eigrp stub connected + exit-address-family + ! + address-family ipv6 unicast autonomous-system 1 + ! + af-interface default + shutdown + passive-interface + exit-af-interface + ! + af-interface Loopback2 + no shutdown + exit-af-interface + ! + af-interface GigabitEthernet0/2 + no shutdown + no passive-interface + exit-af-interface + ! + topology base + exit-af-topology + eigrp stub connected + exit-address-family +! +router bgp 65502 + bgp router-id 2.0.0.2 + bgp log-neighbor-changes + no bgp default ipv4-unicast + ! + address-family ipv4 vrf VPN_A + bgp router-id 2.2.0.2 + network 0.0.0.0 + network 2.2.2.2 mask 255.255.255.255 + neighbor 209.165.200.225 remote-as 65501 + neighbor 209.165.200.225 password 7 14141B180F0B + neighbor 209.165.200.225 activate + exit-address-family + ! + address-family ipv6 vrf VPN_A + bgp router-id 2.2.0.2 + network ::/0 + network 2001:DB8:FEED:222::2/128 + neighbor 209.165.200.225 remote-as 65501 + neighbor 209.165.200.225 password 7 14141B180F0B + neighbor 209.165.200.225 activate + neighbor 209.165.200.225 route-map IPv4TransportIPv6RouteA in + exit-address-family + ! + address-family ipv4 vrf VPN_B + bgp router-id 2.0.2.2 + network 0.0.0.0 + network 2.2.2.2 mask 255.255.255.255 + neighbor 209.165.200.221 remote-as 65501 + neighbor 209.165.200.221 local-as 65503 no-prepend replace-as + neighbor 209.165.200.221 password 7 0822455D0A16 + neighbor 209.165.200.221 activate + neighbor 209.165.200.221 allowas-in + exit-address-family + ! + address-family ipv6 vrf VPN_B + bgp router-id 2.0.2.2 + network ::/0 + network 2001:DB8:FEED:222::2/128 + neighbor 209.165.200.221 remote-as 65501 + neighbor 209.165.200.221 local-as 65503 no-prepend replace-as + neighbor 209.165.200.221 password 7 0822455D0A16 + neighbor 209.165.200.221 activate + neighbor 209.165.200.221 allowas-in + neighbor 209.165.200.221 route-map IPv4TransportIPv6RouteB in + exit-address-family +! +ip forward-protocol nd +! +ip flow-top-talkers + top 3 + sort-by bytes + cache-timeout 600000 +! +ip http server +ip http secure-server +ip route 0.0.0.0 0.0.0.0 10.1.90.3 +ip route vrf VPN_A 0.0.0.0 0.0.0.0 Null0 +ip route vrf VPN_B 0.0.0.0 0.0.0.0 Null0 +ip ssh source-interface Loopback0 +! +ip sla 3 + icmp-echo 10.1.2.2 + frequency 10 +ip sla schedule 3 life forever start-time now +ip sla 5 + icmp-echo 10.1.2.14 + frequency 10 +ip sla schedule 5 life forever start-time now +logging host 10.1.100.1 +ipv6 route ::/0 2001:DB8:CAFE:90::3 +ipv6 route vrf VPN_A ::/0 Null0 +ipv6 route vrf VPN_B ::/0 Null0 +ipv6 ioam timestamp +! +route-map IPv4TransportIPv6RouteA permit 10 + set ipv6 next-hop 2001:DB8:FEED:10::1 +! +route-map IPv4TransportIPv6RouteB permit 10 + set ipv6 next-hop 2001:DB8:FEED:14::3 +! +snmp-server community cisco RO +snmp-server community san-fran RW +snmp-server trap-source Loopback0 +snmp-server location TSHOOT Lab Facility +snmp-server contact support@tshoot.net +snmp-server chassis-id +snmp-server enable traps eigrp +snmp-server enable traps config +snmp-server enable traps cpu threshold +snmp-server host 10.1.100.1 version 2c cisco +! +! +! +! +control-plane +! +banner exec ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner incoming ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner login ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner motd ^C*** Router R2 Skills Assessment BASE Config ***^C +! +line con 0 + exec-timeout 0 0 + logging synchronous + login authentication local +line aux 0 +line vty 0 4 + exec-timeout 0 0 + logging synchronous + transport input ssh +! +scheduler allocate 20000 1000 +ntp master 3 +! +end \ No newline at end of file diff --git a/configs/R3.txt b/configs/R3.txt new file mode 100644 index 0000000..a134d46 --- /dev/null +++ b/configs/R3.txt @@ -0,0 +1,406 @@ +! +! Last configuration change at 10:34:27 EST Wed Dec 9 2020 by cisco +! NVRAM config last updated at 10:30:35 EST Wed Dec 9 2020 by cisco +! +version 15.8 +service timestamps debug datetime msec +service timestamps log datetime msec +service password-encryption +! +hostname R3 +! +boot-start-marker +boot-end-marker +! +! +no logging console +enable secret 5 $1$FzJw$gcmddiSeZ5OBDPnYjSXLH. +! +aaa new-model +! +! +aaa authentication login default local +aaa authentication login CONSOLE none +aaa authorization exec default local +! +! +! +! +! +aaa session-id common +! +! +! +clock timezone EST -5 0 +clock summer-time EDT recurring +mmi polling-interval 60 +no mmi auto-configure +no mmi pvc +mmi snmp-timeout 180 +! +! +! +! +! +! +! +! +ip dhcp excluded-address 10.1.80.129 10.1.80.131 +! +ip dhcp pool Simulatedv4LAN + network 10.1.80.128 255.255.255.128 + default-router 10.1.80.129 +! +! +! +no ip domain lookup +ip domain name tshoot.net +crypto key generate rsa modulus 1024 +ip cef +ipv6 unicast-routing +ipv6 cef +! +multilink bundle-name authenticated +! +! +! +crypto pki trustpoint TP-self-signed-4294967295 + enrollment selfsigned + subject-name cn=IOS-Self-Signed-Certificate-4294967295 + revocation-check none + rsakeypair TP-self-signed-4294967295 +! +! +crypto pki certificate chain TP-self-signed-4294967295 +file prompt quiet +username cisco secret 5 $1$aYBI$ywJtxuOaUtMfkkfrpeqIg0 +! +redundancy +! +lldp run +! +track 4 interface GigabitEthernet0/0 line-protocol + delay down 30 up 30 +! +track 5 list boolean or + object 4 + object 31 +! +track 31 ip sla 3 + delay down 30 up 30 +! +! +! +! +! +! +! +! +! +! +! +! +! +! +interface Loopback0 + description iBGP Peer + ip address 192.168.3.1 255.255.255.255 + ip ospf network point-to-point + ipv6 address FE80::3 link-local + ipv6 address 2001:DB8:CAFE:203::1/128 +! +interface Loopback1 + description Branch Office Simulated LAN + ip address pool Simulatedv4LAN + ipv6 address FE80::3 link-local + ipv6 address 2001:DB8:CAFE:801::1/64 +! +interface GigabitEthernet0/0 + ip address 209.165.200.221 255.255.255.252 + duplex auto + speed auto + media-type rj45 + ipv6 address FE80::3 link-local + ipv6 address 2001:DB8:FEED:14::3/126 + no shutdown +! +interface GigabitEthernet0/1 + description GE to DLS1 + ip address 10.1.2.14 255.255.255.252 + ip flow ingress + duplex full + speed 1000 + media-type rj45 + ipv6 address FE80::3 link-local + ipv6 address 2001:DB8:CAFE:212::3/64 + no shutdown +! +interface GigabitEthernet0/2 + ip address 10.1.90.3 255.255.255.254 + duplex auto + speed auto + media-type rj45 + ipv6 address FE80::3 link-local + ipv6 address 2001:DB8:CAFE:90::3/126 + no shutdown +! +interface GigabitEthernet0/3 + description Collocated Office LAN + ip address 10.1.80.1 255.255.255.128 + ip helper-address 10.1.2.13 + duplex full + speed 100 + media-type rj45 + ipv6 address FE80::3 link-local + ipv6 address 2001:DB8:CAFE:800::1/64 + ipv6 nd prefix 2001:DB8:CAFE:800::/64 2592000 604800 no-autoconfig + ipv6 nd managed-config-flag + ipv6 dhcp relay destination 2001:DB8:CAFE:212::D2 + ipv6 traffic-filter ALLOW-TCP-ICMP in + no shutdown +! +! +router eigrp HQ + ! + address-family ipv4 unicast autonomous-system 1 + ! + af-interface default + shutdown + passive-interface + exit-af-interface + ! + af-interface Loopback1 + no shutdown + exit-af-interface + ! + af-interface GigabitEthernet0/3 + no shutdown + exit-af-interface + ! + af-interface GigabitEthernet0/2 + no shutdown + no passive-interface + exit-af-interface + ! + topology base + exit-af-topology + network 10.1.80.0 0.0.0.255 + network 10.1.90.2 0.0.0.1 + exit-address-family + ! + address-family ipv6 unicast autonomous-system 1 + ! + af-interface default + shutdown + passive-interface + exit-af-interface + ! + af-interface Loopback1 + no shutdown + exit-af-interface + ! + af-interface GigabitEthernet0/3 + no shutdown + exit-af-interface + ! + af-interface GigabitEthernet0/2 + no shutdown + no passive-interface + exit-af-interface + ! + af-interface GigabitEthernet0/0 + no shutdown + exit-af-interface + ! + topology base + exit-af-topology + exit-address-family +! +! +router eigrp BRANCH + ! + address-family ipv6 unicast autonomous-system 2 + ! + af-interface default + shutdown + passive-interface + exit-af-interface + ! + af-interface Loopback0 + no shutdown + exit-af-interface + ! + af-interface GigabitEthernet0/1 + no shutdown + no passive-interface + exit-af-interface + ! + topology base + redistribute connected metric 2000 100 255 1 1500 route-map IPv6EIGRP&g0/0 + redistribute bgp 65501 route-map IPv6METRIC + redistribute eigrp 1 metric 2000 100 255 1 1500 + exit-af-topology + eigrp router-id 3.0.0.3 + exit-address-family +! +router ospf 1 + router-id 3.0.0.3 + redistribute eigrp 1 metric 100 metric-type 1 subnets route-map EIGRP + redistribute bgp 65501 metric 100 metric-type 1 subnets + passive-interface default + no passive-interface GigabitEthernet0/1 + network 10.1.2.12 0.0.0.3 area 0 + network 192.168.3.1 0.0.0.0 area 0 + default-information originate metric 100 metric-type 1 +! +router bgp 65501 + bgp router-id 3.0.0.3 + bgp log-neighbor-changes + neighbor 192.168.1.1 remote-as 65501 + neighbor 192.168.1.1 password 7 045802150C2E + neighbor 192.168.1.1 update-source Loopback0 + neighbor 209.165.200.222 remote-as 65503 + neighbor 209.165.200.222 password 7 110A1016141D + ! + address-family ipv4 + network 10.1.0.0 mask 255.255.0.0 + network 192.168.3.1 mask 255.255.255.255 + network 209.165.200.220 mask 255.255.255.252 + neighbor 192.168.1.1 activate + neighbor 192.168.1.1 next-hop-self + neighbor 209.165.200.222 activate + exit-address-family + ! + address-family ipv6 + network 2001:DB8:CAFE::/48 + network 2001:DB8:CAFE:203::1/128 + network 2001:DB8:FEED:14::/126 + network ABCD::/16 + neighbor 192.168.1.1 activate + neighbor 192.168.1.1 next-hop-self + neighbor 192.168.1.1 route-map IPv4TransportIPv6RouteFromR1 in + neighbor 209.165.200.222 activate + neighbor 209.165.200.222 route-map IPv4TransportIPv6RouteFromR2 in + exit-address-family +! +ip forward-protocol nd +! +ip flow-top-talkers + top 3 + sort-by bytes + cache-timeout 600000 +! +ip http server +ip http secure-server +ip route 10.1.0.0 255.255.0.0 Null0 +ip ssh source-interface Loopback0 +! +! +ip prefix-list 20 seq 10 permit 10.1.90.2/31 +ip prefix-list 20 seq 20 permit 10.1.80.0/25 +ip prefix-list 20 seq 30 permit 10.1.80.128/25 +ip prefix-list 20 seq 40 permit 20.20.20.20/32 +ip sla 3 + icmp-echo 209.165.200.225 + frequency 10 +ip sla schedule 3 life forever start-time now +logging source-interface Loopback0 +logging host 10.1.100.1 +ipv6 route 2001:DB8:CAFE::/48 Null0 +ipv6 ioam timestamp +! +! +ipv6 prefix-list EIGRP seq 10 permit 2001:DB8:CAFE:90::/126 +ipv6 prefix-list EIGRP seq 20 permit 2001:DB8:CAFE:801::/64 +ipv6 prefix-list EIGRP seq 30 permit 2001:DB8:CAFE:800::/64 +route-map IPv6g0/0 permit 10 + match interface GigabitEthernet0/0 +! +route-map EIGRP permit 10 + match ip address prefix-list 20 +! +route-map IPv4TransportIPv6RouteFromR1 permit 10 + set ipv6 next-hop 2001:DB8:CAFE:201::1 +! +route-map IPv4TransportIPv6RouteFromR2 permit 10 + set ipv6 next-hop 2001:DB8:FEED:14::2 +! +route-map IPv6METRIC permit 10 + set metric 2000 100 255 1 1500 +! +route-map IPv6EIGRP&g0/0 permit 10 + match ipv6 address prefix-list EIGRP + set metric 2000 100 255 1 1500 +! +snmp-server community cisco RO +snmp-server community san-fran RW +snmp-server trap-source Loopback0 +snmp-server location TSHOOT Lab Facility +snmp-server contact support@tshoot.net +snmp-server chassis-id +snmp-server enable traps eigrp +snmp-server enable traps config +snmp-server enable traps cpu threshold +snmp-server host 10.1.100.1 version 2c cisco +! +! +! +! +control-plane +! +alias exec srb show run | begin router bgp +alias exec sro show run | begin router ospf +alias exec sre show run | begin router eigrp +alias exec sra show run | section event manager +alias exec srig show run inter g0/0 +alias exec sira show ip route vrf VPN_A +alias exec sirb show ip route vrf VPN_B +alias exec sir show ip route +alias exec six show ipv6 route +alias exec sixa show ipv6 route vrf VPN_A +alias exec sixb show ipv6 route vrf VPN_B +banner exec ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner incoming ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner login ^C +************************************************************************** +* IOSv is strictly limited to use for evaluation, demonstration and IOS * +* education. IOSv is provided as-is and is not supported by Cisco's * +* Technical Advisory Center. Any use or disclosure, in whole or in part, * +* of the IOSv Software or Documentation to any third party for any * +* purposes is expressly prohibited except as otherwise authorized by * +* Cisco in writing. * +**************************************************************************^C +banner motd ^C*** Router R3 Skills Assessment BASE Config ***^C +! +line con 0 + exec-timeout 0 0 + logging synchronous + login authentication local +line aux 0 +line vty 0 4 + exec-timeout 0 0 + logging synchronous + transport input ssh +! +no scheduler allocate +ntp source Loopback0 +ntp update-calendar +ntp server 2.2.2.2 +! +end \ No newline at end of file diff --git a/main.py b/main.py new file mode 100644 index 0000000..3663802 --- /dev/null +++ b/main.py @@ -0,0 +1,126 @@ +## Stuff for streamlining + +def splitInterfaces(filename, searchterms = ['interface GigabitEthernet', 'interface Loopback','interface Port-channel', 'interface Vlan']): + ## + deviceDic = {} # All interfaces + interfaceDic = [] # Single interface + ## + device = open(filename, 'r') + bit = 0 + for line in device: # Read each line + if len(line.split(" ")) != 2 and bit == 0: # If another type of Gigabit ethernet config + continue # ignore + ## Actual Logic + if '!' in line and bit != 0: # Comment or end of interface + # input(interfaceDic) + if " shutdown\n" in interfaceDic: + # input(bit) + interfaceDic = 'shutdown' + deviceDic[bit] = interfaceDic # push to the main dict + interfaceDic = [] # Clear the interfaces + bit = 0 + continue + if bit != 0: # If we are traversing an interface record the info + interfaceDic.append(line) + for term in searchterms: # each of the terms we are looking for in 'searchterms' list + if term in line: # If we find a term line + bit = str(line.split(" ")[1]) # Set the traversing bit to the name + return deviceDic + +def searchList(item, attributeList): + for x in attributeList: + if 'link-local' in x: + continue + if 'no' in x: + continue + if item in x: + return x + return '- - - - - - description \n' + + +def generateVlanCSV(filenamesList): # Records the VLAN SVIs to a file + output = open("Vlans.csv", "w+") + for filename in filenamesList: + searchterms = ['interface Vlan', 'vlan '] + vlans = splitInterfaces(filename, searchterms) + + # for x in vlans: + # print('*********') + # print(x) + # print('--') + # print(vlans[x]) + # print('*********') + + output.write(filename.replace(".txt", "\n")) + + # Write the ports out to csv + for port in vlans: + if vlans[port] == 'shutdown': # If port is shutdown + # input("Here") + output.write(",{},SHUTDOWN\n".format(port.replace("\n", ""))) + continue + if 'Vlan' not in port: # Only Deal with the SVIs right now + continue + + # Other catchs + +# Vlan99 +# [' ip address 10.1.99.252 255.255.255.0\n', ' no ip proxy-arp\n', ' standby 99 ip 10.1.99.254\n', ' standby +# 99 priority 110\n', ' standby 99 preempt\n', ' standby 99 track 23 decrement 20\n', ' ipv6 address FE80::D1 +# link-local\n', ' ipv6 address 2001:DB8:CAFE:99::D1/64\n', ' no shutdown\n'] + + # Write normal VLAN output + try: + ipv4 = searchList("ip address", vlans[port]).replace("\n", "").split(" ") + ipv6 = searchList("ipv6 address", vlans[port]).split(" ")[3].replace("\n", "") + hsrpType = searchList("priority", vlans[port]).split(" ") + if 'priority' in hsrpType: + priority = 'ACTIVE' + else: + hsrpType = ['','','','','100'] + priority = 'STANDBY' + tracked = searchList("track", vlans[port]).split(" ") + if 'track' in tracked: + tracked = "YES" + else: + tracked = "NO" + output.write(",{},{},{},{}, ,{},{},{}\n".format(port.replace("\n", ""),ipv4[3],ipv4[4],ipv6,hsrpType[4].replace("\n",""),priority,tracked)) + except: + pass + + output.close() + +def generateAddressCSV(filenamesList): + output = open("Addressing.csv", "w+") + for filename in filenamesList: + interfaces = splitInterfaces(filename) + output.write(filename.replace(".txt", "\n")) + + # Write the ports out to csv + for port in interfaces: + if interfaces[port] == 'shutdown': + # input("Here") + output.write(",{},SHUTDOWN\n\n".format(port.replace("\n", ""))) + continue + + try: + ipv4 = searchList("ip address", interfaces[port]).replace("\n", "").split(" ") + ipv6 = searchList("ipv6 address", interfaces[port]).split(" ")[3].replace("\n", "") + desc = searchList("description", interfaces[port]).replace(" description ", "") + output.write(",{},{},{},{}, ,{}\n".format(port.replace("\n", ""),ipv4[3],ipv4[4],ipv6,desc)) + except: + pass + + output.close() +## Location of the configs +# Sorted by device type just incase +RouterConfigs = ['configs/R1.txt','configs/R2.txt','configs/R3.txt'] +SwitchConfigs = ['configs/DLS1.txt', 'configs/DLS2.txt', 'configs/ALS1.txt'] +# MasterList +AllDevices = RouterConfigs + SwitchConfigs + +# Output Addressing Table +# generateAddressCSV(AllDevices) + +# Output Vlan Table +generateVlanCSV(SwitchConfigs) \ No newline at end of file