They aren't in the books... I do not think I can attach something here... I could mail it to you... If Aldur agrees and if there is no violation of any publishing rights.. Then I could mail it to Aldur so that it can be posted in the Juniper forum...
I understood the output from the books and created my own configuration for these routers... I do have both my configs and the actual book configs for this...
IS-IS Sleeps.
BGP peers are quiet.
Something must be wrong.
They are on the Book CD -- but I don't see the PDF with the Listings (or the individual text files) anywhere on the Juniper website. Not sure what people who download the PDF Guide from the Juniper web site are supposed to do -- other than piece them together from the case study.
There's also configs for c1-c2 and OSPF, in addition to P1, T1, and T2, if we're looking at the Chapter 6 EBGP Case Study.
:mike: Cisco Certifications -- Collect the Entire Set!
They aren't in the books... I do not think I can attach something here... I could mail it to you... If Aldur agrees and if there is no violation of any publishing rights.. Then I could mail it to Aldur so that it can be posted in the Juniper forum...
I understood the output from the books and created my own configuration for these routers... I do have both my configs and the actual book configs for this...
so basically everyone has been creating their own configs for these routers unless you have the CD??
i would appreciate it if you can e-mail me those
They aren't in the books... I do not think I can attach something here... I could mail it to you... If Aldur agrees and if there is no violation of any publishing rights.. Then I could mail it to Aldur so that it can be posted in the Juniper forum...
I understood the output from the books and created my own configuration for these routers... I do have both my configs and the actual book configs for this...
Hi Hoogen,
I appreciate if you can mail it to me at MODERATED as I am unable to get/loan any hardcover books for JNCIP/JNCIE now. Thanks!
It looks like you selected to receive email from TE members -- so there is no need to post your email address and attract more SPAMBOT eMail Harvesters to our forums.
Members who are logged in can click on your user name and should see the option to send you an email.
:mike: Cisco Certifications -- Collect the Entire Set!
If Aldur agrees and if there is no violation of any publishing rights.. Then I could mail it to Aldur so that it can be posted in the Juniper forum...
I don't see a copyright notice in the initial configs..... but if there is an issue, one of the Moderators or Admins can whack this post. A registered and logged in TE member can use the icon over to the left to report this post (if they feel it's necessary) to "The Man."
This is the Chapter 6 case study, right?
p1 case 6
system {
host-name P1;
ports {
console type vt100;
}
login {
user lab {
uid 2000;
class superuser;
authentication {
encrypted-password "$1$Dip2.$/AJDENDjOEgoEXJc3Dsf3."; # SECRET-DATA
}
}
}
services {
ftp;
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
}
}
interfaces {
fe-0/0/0 {
vlan-tagging;
unit 0 {
vlan-id 150;
family inet {
address 10.0.5.254/24;
}
}
}
fxp0 {
unit 0 {
family inet {
address 10.0.1.70/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 120.120.0.1/32;
}
}
}
}
routing-options {
static {
route 120.120.0.0/24 discard;
route 120.120.1.0/24 discard;
route 120.120.2.0/24 discard;
route 120.120.3.0/24 discard;
route 120.120.4.0/24 discard;
route 120.120.5.0/24 discard;
route 120.120.6.0/24 discard;
route 120.120.7.0/24 discard;
route 120.120.69.128/25 discard;
route 172.17.0.0/24 discard;
route 192.168.4.0/24 discard;
route 0.0.0.0/4 discard;
route 0.0.0.0/0 discard;
route 3.4.0.0/20 discard;
route 6.0.0.0/7 discard;
route 120.120.69.0/24 {
discard;
as-path {
path 65412;
}
}
}
autonomous-system 1492;
}
protocols {
bgp {
group r1-r2 {
type external;
export r1-r2;
peer-as 65412;
neighbor 10.0.5.1;
neighbor 10.0.5.2;
}
}
}
policy-options {
policy-statement r1-r2 {
term 1 {
from {
route-filter 120.120.7.0/24 exact;
}
then {
community add prefer;
accept;
}
}
term 2 {
from protocol static;
then accept;
}
}
community prefer members 65050:100;
}
t1 case 6
system {
host-name T1;
time-zone America/Los_Angeles;
ports {
console type vt100;
}
root-authentication {
encrypted-password "$1$RTyGDGYG$ukqr37VGRgtohedSlruOk/"; # SECRET-DATA
}
login {
class test {
permissions all;
deny-commands "^configure$";
}
user lab {
uid 2000;
class superuser;
authentication {
encrypted-password "$1$L6ZKKWYI$GxEI/7YzXes2JXDcHJvz7/"; # SECRET-DATA
}
}
user test {
uid 2001;
class test;
authentication {
encrypted-password "$1$/Ow9PYrF$xaXmUZ9LNQac4YEN32h7e1"; # SECRET-DATA
}
}
}
services {
ssh;
telnet;
}
syslog {
archive size 10m files 5;
user * {
any emergency;
}
file messages {
any notice;
authorization info;
archive size 128m files 10;
}
file r1-cli {
interactive-commands any;
archive files 5;
}
}
ntp {
boot-server 10.0.1.201;
authentication-key 10 type md5 value "$9$2XoJDn6AIEy"; # SECRET-DATA
server 10.0.1.201 key 10 version 3; # SECRET-DATA
trusted-key 10;
}
}
interfaces {
fe-0/0/0 {
unit 0 {
family inet {
address 172.16.0.14/30;
}
}
}
fxp0 {
unit 0 {
family inet {
address 10.0.1.65/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 130.130.0.1/32;
}
}
}
}
routing-options {
static {
route 207.17.136.192/32 next-hop 10.0.1.201;
route 172.17.0.0/16 discard;
route 0.0.0.0/16 discard;
route 130.130.0.0/16 discard;
}
generate {
route 200.0.0.0/16;
}
autonomous-system 65222;
}
protocols {
bgp {
group test {
type internal;
cluster 130.130.1.1;
neighbor 10.0.1.201 {
export null;
}
neighbor 10.0.1.66 {
export nhs;
}
}
group ext {
type external;
export static;
neighbor 172.16.0.13 {
peer-as 65412;
}
}
}
ospf {
area 0.0.0.0 {
interface fe-0/0/0.0;
}
}
}
policy-options {
policy-statement null {
then reject;
}
policy-statement nhs {
term 1 {
from protocol [ bgp static ];
then {
next-hop self;
}
}
}
policy-statement static {
term 1 {
from {
protocol static;
route-filter 120.120.0.0/16 orlonger reject;
route-filter 200.200.0.0/16 orlonger reject;
}
}
term 2 {
from protocol static;
then accept;
}
}
}
t2 case 6
system {
host-name T2;
ports {
console type vt100;
auxiliary {
speed 9600;
type vt100;
}
}
root-authentication {
encrypted-password "$1$Nhc7.$EEXzeb9FRNOlt6BhS7LlG."; # SECRET-DATA
}
login {
class view-only {
permissions view;
}
user lab {
uid 2000;
class superuser;
authentication {
encrypted-password "$1$eWG2a$Riuk4HWITtSNMeTWrDshx1"; # SECRET-DATA
}
}
}
services {
ftp;
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
kernel info;
}
file kernel {
kernel warning;
}
}
}
interfaces {
fe-0/0/0 {
unit 0 {
family inet {
address 172.16.0.22/30;
}
}
}
fe-0/0/1 {
unit 0 {
family inet {
address 172.16.0.18/30;
}
}
}
fxp0 {
unit 0 {
family inet {
address 10.0.1.66/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 130.130.0.2/32;
}
}
}
}
routing-options {
static {
route 220.0.0.0/28 discard;
route 120.120.6.0/24 {
discard;
community 65050:100;
}
route 128.128.128.0/17 discard;
route 130.130.0.0/16 discard;
route 192.0.2.0/24 discard;
}
autonomous-system 65222;
}
protocols {
bgp {
group internal {
type internal;
export nhs;
neighbor 10.0.1.65;
}
group ext {
type external;
export static;
neighbor 172.16.0.21 {
peer-as 65412;
}
neighbor 172.16.0.17 {
peer-as 65412;
}
}
}
ospf {
area 0.0.0.0 {
interface fe-0/0/0.0;
}
}
}
policy-options {
policy-statement nhs {
term 1 {
from protocol [ bgp static ];
then {
next-hop self;
}
}
}
policy-statement static {
term 1 {
from {
route-filter 120.120.0.0/16 orlonger reject;
route-filter 200.200.0.0/16 orlonger reject;
}
}
from protocol static;
then accept;
}
}
OSPF case 6
system {
host-name ospf;
time-zone America/Los_Angeles;
ports {
console type vt100;
}
root-authentication {
encrypted-password "$1$RTyGDGYG$ukqr37VGRgtohedSlruOk/"; # SECRET-DATA
}
login {
class noc {
permissions view;
}
user lab {
uid 2000;
class superuser;
authentication {
encrypted-password "$1$L6ZKKWYI$GxEI/7YzXes2JXDcHJvz7/"; # SECRET-DATA
}
}
user noc {
uid 2001;
class noc;
authentication {
encrypted-password "$1$Z5Sb1eVg$R8.iZMCAMAOTdEeS2svvd0"; # SECRET-DATA
}
}
}
services {
ssh;
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file r4-cli {
interactive-commands any;
archive files 5;
}
}
ntp {
boot-server 10.0.1.102;
authentication-key 200 type md5 value "$9$KoAWX-YgJHqfVwqfTzCAvWL"; # SECRET-DATA
broadcast-client;
trusted-key 200;
}
}
interfaces {
fe-0/0/0 {
unit 0 {
family inet {
address 172.16.40.1/30;
}
}
}
fe-0/0/1 {
unit 0 {
family inet {
address 172.16.40.5/30;
}
}
}
fxp0 {
unit 0 {
family inet {
address 10.0.1.69/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.1/32;
address 192.168.1.1/32;
address 192.168.2.1/32;
address 192.168.3.1/32;
address 192.168.4.1/32;
}
}
}
}
routing-options {
static {
route 192.168.0.0/24 receive;
route 192.168.1.0/24 receive;
route 192.168.2.0/24 receive;
route 192.168.3.0/24 receive;
}
}
protocols {
ospf {
export ospf;
area 0.0.0.2 {
nssa;
authentication-type simple; # SECRET-DATA
interface fe-0/0/0.0 {
authentication-key "$9$naPU6tO1IclvLEc"; # SECRET-DATA
}
interface fe-0/0/1.0 {
authentication-key "$9$.mQn/9pBRSAp"; # SECRET-DATA
}
}
}
}
policy-options {
policy-statement ospf {
term 1 {
from protocol static;
then accept;
}
}
}
Thanks Mike, I really appreciate your efforts. I had indeed miss out a few routes from the external peering routers. I will try it out on my testbed and I believe this will be helpful to all of us.
Comments
I understood the output from the books and created my own configuration for these routers... I do have both my configs and the actual book configs for this...
BGP peers are quiet.
Something must be wrong.
There's also configs for c1-c2 and OSPF, in addition to P1, T1, and T2, if we're looking at the Chapter 6 EBGP Case Study.
so basically everyone has been creating their own configs for these routers unless you have the CD??
i would appreciate it if you can e-mail me those
Hi Hoogen,
I appreciate if you can mail it to me at MODERATED as I am unable to get/loan any hardcover books for JNCIP/JNCIE now. Thanks!
cheers
darry
Members who are logged in can click on your user name and should see the option to send you an email.
This is the Chapter 6 case study, right?
p1 case 6
system { host-name P1; ports { console type vt100; } login { user lab { uid 2000; class superuser; authentication { encrypted-password "$1$Dip2.$/AJDENDjOEgoEXJc3Dsf3."; # SECRET-DATA } } } services { ftp; telnet; } syslog { user * { any emergency; } file messages { any notice; authorization info; } } } interfaces { fe-0/0/0 { vlan-tagging; unit 0 { vlan-id 150; family inet { address 10.0.5.254/24; } } } fxp0 { unit 0 { family inet { address 10.0.1.70/24; } } } lo0 { unit 0 { family inet { address 120.120.0.1/32; } } } } routing-options { static { route 120.120.0.0/24 discard; route 120.120.1.0/24 discard; route 120.120.2.0/24 discard; route 120.120.3.0/24 discard; route 120.120.4.0/24 discard; route 120.120.5.0/24 discard; route 120.120.6.0/24 discard; route 120.120.7.0/24 discard; route 120.120.69.128/25 discard; route 172.17.0.0/24 discard; route 192.168.4.0/24 discard; route 0.0.0.0/4 discard; route 0.0.0.0/0 discard; route 3.4.0.0/20 discard; route 6.0.0.0/7 discard; route 120.120.69.0/24 { discard; as-path { path 65412; } } } autonomous-system 1492; } protocols { bgp { group r1-r2 { type external; export r1-r2; peer-as 65412; neighbor 10.0.5.1; neighbor 10.0.5.2; } } } policy-options { policy-statement r1-r2 { term 1 { from { route-filter 120.120.7.0/24 exact; } then { community add prefer; accept; } } term 2 { from protocol static; then accept; } } community prefer members 65050:100; }t1 case 6system { host-name T1; time-zone America/Los_Angeles; ports { console type vt100; } root-authentication { encrypted-password "$1$RTyGDGYG$ukqr37VGRgtohedSlruOk/"; # SECRET-DATA } login { class test { permissions all; deny-commands "^configure$"; } user lab { uid 2000; class superuser; authentication { encrypted-password "$1$L6ZKKWYI$GxEI/7YzXes2JXDcHJvz7/"; # SECRET-DATA } } user test { uid 2001; class test; authentication { encrypted-password "$1$/Ow9PYrF$xaXmUZ9LNQac4YEN32h7e1"; # SECRET-DATA } } } services { ssh; telnet; } syslog { archive size 10m files 5; user * { any emergency; } file messages { any notice; authorization info; archive size 128m files 10; } file r1-cli { interactive-commands any; archive files 5; } } ntp { boot-server 10.0.1.201; authentication-key 10 type md5 value "$9$2XoJDn6AIEy"; # SECRET-DATA server 10.0.1.201 key 10 version 3; # SECRET-DATA trusted-key 10; } } interfaces { fe-0/0/0 { unit 0 { family inet { address 172.16.0.14/30; } } } fxp0 { unit 0 { family inet { address 10.0.1.65/24; } } } lo0 { unit 0 { family inet { address 130.130.0.1/32; } } } } routing-options { static { route 207.17.136.192/32 next-hop 10.0.1.201; route 172.17.0.0/16 discard; route 0.0.0.0/16 discard; route 130.130.0.0/16 discard; } generate { route 200.0.0.0/16; } autonomous-system 65222; } protocols { bgp { group test { type internal; cluster 130.130.1.1; neighbor 10.0.1.201 { export null; } neighbor 10.0.1.66 { export nhs; } } group ext { type external; export static; neighbor 172.16.0.13 { peer-as 65412; } } } ospf { area 0.0.0.0 { interface fe-0/0/0.0; } } } policy-options { policy-statement null { then reject; } policy-statement nhs { term 1 { from protocol [ bgp static ]; then { next-hop self; } } } policy-statement static { term 1 { from { protocol static; route-filter 120.120.0.0/16 orlonger reject; route-filter 200.200.0.0/16 orlonger reject; } } term 2 { from protocol static; then accept; } } }t2 case 6system { host-name T2; ports { console type vt100; auxiliary { speed 9600; type vt100; } } root-authentication { encrypted-password "$1$Nhc7.$EEXzeb9FRNOlt6BhS7LlG."; # SECRET-DATA } login { class view-only { permissions view; } user lab { uid 2000; class superuser; authentication { encrypted-password "$1$eWG2a$Riuk4HWITtSNMeTWrDshx1"; # SECRET-DATA } } } services { ftp; telnet; } syslog { user * { any emergency; } file messages { any notice; authorization info; kernel info; } file kernel { kernel warning; } } } interfaces { fe-0/0/0 { unit 0 { family inet { address 172.16.0.22/30; } } } fe-0/0/1 { unit 0 { family inet { address 172.16.0.18/30; } } } fxp0 { unit 0 { family inet { address 10.0.1.66/24; } } } lo0 { unit 0 { family inet { address 130.130.0.2/32; } } } } routing-options { static { route 220.0.0.0/28 discard; route 120.120.6.0/24 { discard; community 65050:100; } route 128.128.128.0/17 discard; route 130.130.0.0/16 discard; route 192.0.2.0/24 discard; } autonomous-system 65222; } protocols { bgp { group internal { type internal; export nhs; neighbor 10.0.1.65; } group ext { type external; export static; neighbor 172.16.0.21 { peer-as 65412; } neighbor 172.16.0.17 { peer-as 65412; } } } ospf { area 0.0.0.0 { interface fe-0/0/0.0; } } } policy-options { policy-statement nhs { term 1 { from protocol [ bgp static ]; then { next-hop self; } } } policy-statement static { term 1 { from { route-filter 120.120.0.0/16 orlonger reject; route-filter 200.200.0.0/16 orlonger reject; } } from protocol static; then accept; } }OSPF case 6system { host-name ospf; time-zone America/Los_Angeles; ports { console type vt100; } root-authentication { encrypted-password "$1$RTyGDGYG$ukqr37VGRgtohedSlruOk/"; # SECRET-DATA } login { class noc { permissions view; } user lab { uid 2000; class superuser; authentication { encrypted-password "$1$L6ZKKWYI$GxEI/7YzXes2JXDcHJvz7/"; # SECRET-DATA } } user noc { uid 2001; class noc; authentication { encrypted-password "$1$Z5Sb1eVg$R8.iZMCAMAOTdEeS2svvd0"; # SECRET-DATA } } } services { ssh; telnet; } syslog { user * { any emergency; } file messages { any notice; authorization info; } file r4-cli { interactive-commands any; archive files 5; } } ntp { boot-server 10.0.1.102; authentication-key 200 type md5 value "$9$KoAWX-YgJHqfVwqfTzCAvWL"; # SECRET-DATA broadcast-client; trusted-key 200; } } interfaces { fe-0/0/0 { unit 0 { family inet { address 172.16.40.1/30; } } } fe-0/0/1 { unit 0 { family inet { address 172.16.40.5/30; } } } fxp0 { unit 0 { family inet { address 10.0.1.69/24; } } } lo0 { unit 0 { family inet { address 192.168.0.1/32; address 192.168.1.1/32; address 192.168.2.1/32; address 192.168.3.1/32; address 192.168.4.1/32; } } } } routing-options { static { route 192.168.0.0/24 receive; route 192.168.1.0/24 receive; route 192.168.2.0/24 receive; route 192.168.3.0/24 receive; } } protocols { ospf { export ospf; area 0.0.0.2 { nssa; authentication-type simple; # SECRET-DATA interface fe-0/0/0.0 { authentication-key "$9$naPU6tO1IclvLEc"; # SECRET-DATA } interface fe-0/0/1.0 { authentication-key "$9$.mQn/9pBRSAp"; # SECRET-DATA } } } } policy-options { policy-statement ospf { term 1 { from protocol static; then accept; } } }c1-c2 case 6system { host-name c1-c2; time-zone America/Los_Angeles; ports { console type vt100; } root-authentication { encrypted-password "$1$RTyGDGYG$ukqr37VGRgtohedSlruOk/"; # SECRET-DATA } login { class noc { permissions view; } user lab { uid 2000; class superuser; authentication { encrypted-password "$1$L6ZKKWYI$GxEI/7YzXes2JXDcHJvz7/"; # SECRET-DATA } } user noc { uid 2001; class noc; authentication { encrypted-password "$1$Z5Sb1eVg$R8.iZMCAMAOTdEeS2svvd0"; # SECRET-DATA } } } services { ftp; ssh; telnet; } syslog { user * { any emergency; } file messages { any notice; authorization info; } file r2-cli { interactive-commands any; archive files 5; } } ntp { boot-server 10.0.1.102; authentication-key 200 type md5 value "$9$KoAWX-YgJHqfVwqfTzCAvWL"; # SECRET-DATA broadcast-client; trusted-key 200; } } interfaces { fe-0/0/0 { unit 0 { family inet { address 172.16.0.10/30; } } } fe-0/0/1 { unit 0 { family inet { address 172.16.0.26/30; address 201.201.0.1/24; } family mpls; } } fxp0 { unit 0 { family inet { address 172.16.0.6/30; } } } lo0 { unit 0 { family inet { address 200.200.0.1/32; } } } } routing-options { static { route 200.200.0.0/24 discard; route 200.200.1.0/24 discard; route 200.200.2.0/24 discard; route 200.200.3.0/24 discard; route 200.200.4.0/24 discard; route 200.200.5.0/24 discard; route 200.200.6.0/24 discard; route 200.200.7.0/24 discard; route 32.0.0.0/16 { discard; as-path { path 420; } } route 200.200.0.0/28 discard; route 10.0.1.0/24 discard; route 200.200.5.128/25 discard; route 10.0.3.4/32 next-hop [ 172.16.0.5 172.16.0.9 ]; route 201.201.0.0/16 { discard; as-path { path 65020; } } } autonomous-system 65010; } protocols { mpls { interface fe-0/0/1.0; } bgp { group r4 { type external; multihop; export r4; peer-as 65412; neighbor 10.0.3.4 { authentication-key "$9$9S8-t0ILX-ds4"; # SECRET-DATA } } } } policy-options { policy-statement null { then reject; } policy-statement r7 { term 1 { from protocol static; then { as-path-prepend 65020; accept; } } term 2 { from { protocol direct; route-filter 201.201.0.0/24 exact; } then accept; } } policy-statement r4 { term 1 { from { protocol static; route-filter 200.0.0.0/8 orlonger; route-filter 32.0.0.0/8 longer; route-filter 172.16.0.0/16 orlonger; route-filter 201.0.0.0/8 orlonger; } then accept; } } } routing-instances { c2 { instance-type vrf; interface fe-0/0/1.0; route-distinguisher 65010:1; vrf-import null; vrf-export null; routing-options { static { route 201.201.0.0/24 discard; route 201.201.1.0/24 discard; route 201.201.2.0/24 discard; route 201.201.3.0/24 discard; route 201.201.4.0/24 discard; route 201.201.5.0/24 discard; route 201.201.6.0/24 discard; route 201.201.7.0/24 discard; route 0.0.0.0/0 { discard; as-path { path "62 39"; } } route 64.0.0.0/7 discard; route 201.201.0.7/32 discard; route 210.210.16.128/26 { discard; as-path { path 65010; } } route 200.200.0.0/16 { discard; as-path { path 65010; } } } router-id 201.201.0.1; autonomous-system 65020; } protocols { bgp { export r7; group r7 { type external; neighbor 172.16.0.25 { peer-as 65413; } } } } } }