1552 lines
34 KiB
Plaintext
1552 lines
34 KiB
Plaintext
|
Building configuration...
|
||
|
|
|
||
|
|
Current configuration : 34685 bytes
|
||
|
|
!
|
||
|
|
! Last configuration change at 13:13:24 MSK Wed Jul 20 2022 by akhmetzyanovrr_adm
|
||
|
|
! NVRAM config last updated at 13:13:26 MSK Wed Jul 20 2022 by akhmetzyanovrr_adm
|
||
|
|
!
|
||
|
|
version 16.3
|
||
|
|
no service pad
|
||
|
|
service timestamps debug datetime msec localtime show-timezone year
|
||
|
|
service timestamps log datetime msec localtime show-timezone year
|
||
|
|
no platform punt-keepalive disable-kernel-core
|
||
|
|
!
|
||
|
|
hostname IZH-MLK-IZM-SW-1-4
|
||
|
|
!
|
||
|
|
!
|
||
|
|
vrf definition Mgmt-vrf
|
||
|
|
!
|
||
|
|
address-family ipv4
|
||
|
|
exit-address-family
|
||
|
|
!
|
||
|
|
address-family ipv6
|
||
|
|
exit-address-family
|
||
|
|
!
|
||
|
|
logging userinfo
|
||
|
|
logging buffered 128000
|
||
|
|
enable secret 5 $1$8Ye.$2052cyes0PP1QlT7T0Qcu0
|
||
|
|
!
|
||
|
|
aaa new-model
|
||
|
|
!
|
||
|
|
!
|
||
|
|
aaa group server radius NPS
|
||
|
|
server name IZH-RDS002
|
||
|
|
server name P11-RDS003
|
||
|
|
ip radius source-interface Vlan300
|
||
|
|
load-balance method least-outstanding
|
||
|
|
!
|
||
|
|
aaa authentication login default group NPS local enable
|
||
|
|
aaa authentication login CONSOLE local group NPS
|
||
|
|
aaa authorization exec default group NPS local if-authenticated
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
aaa session-id common
|
||
|
|
clock timezone MSK 4 0
|
||
|
|
switch 1 provision ws-c3850-48t
|
||
|
|
switch 2 provision ws-c3850-48t
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
no ip source-route
|
||
|
|
no ip gratuitous-arps
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
ip host tftp 10.4.0.214
|
||
|
|
ip name-server 192.168.8.200 192.168.8.201
|
||
|
|
no ip domain lookup
|
||
|
|
ip domain name milkom-komos.ru
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
login on-failure log
|
||
|
|
login on-success log
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
qos queue-softmax-multiplier 1200
|
||
|
|
!
|
||
|
|
!
|
||
|
|
vtp mode off
|
||
|
|
!
|
||
|
|
flow record NETFLOW_IN
|
||
|
|
match flow direction
|
||
|
|
match interface input
|
||
|
|
match ipv4 destination address
|
||
|
|
match ipv4 protocol
|
||
|
|
match ipv4 source address
|
||
|
|
match ipv4 tos
|
||
|
|
match transport destination-port
|
||
|
|
match transport source-port
|
||
|
|
collect counter bytes long
|
||
|
|
collect counter packets long
|
||
|
|
collect interface output
|
||
|
|
!
|
||
|
|
!
|
||
|
|
flow record NETFLOW_OUT
|
||
|
|
match flow direction
|
||
|
|
match interface output
|
||
|
|
match ipv4 destination address
|
||
|
|
match ipv4 protocol
|
||
|
|
match ipv4 source address
|
||
|
|
match ipv4 tos
|
||
|
|
match transport destination-port
|
||
|
|
match transport source-port
|
||
|
|
collect interface input
|
||
|
|
collect counter bytes long
|
||
|
|
collect counter packets long
|
||
|
|
!
|
||
|
|
!
|
||
|
|
flow record FLOW-RECORD-INPUT
|
||
|
|
description IPv4 NetFlow IN
|
||
|
|
match ipv4 source address
|
||
|
|
match ipv4 destination address
|
||
|
|
match transport source-port
|
||
|
|
match transport destination-port
|
||
|
|
match ipv4 protocol
|
||
|
|
match interface input
|
||
|
|
match ipv4 tos
|
||
|
|
match flow direction
|
||
|
|
collect interface output
|
||
|
|
collect counter bytes long
|
||
|
|
collect counter packets long
|
||
|
|
collect transport tcp flags
|
||
|
|
!
|
||
|
|
!
|
||
|
|
flow record FLOW-RECORD-OUTPUT
|
||
|
|
description IPv4 NetFlow OUT
|
||
|
|
match ipv4 source address
|
||
|
|
match ipv4 destination address
|
||
|
|
match transport source-port
|
||
|
|
match transport destination-port
|
||
|
|
match ipv4 protocol
|
||
|
|
match interface output
|
||
|
|
match ipv4 tos
|
||
|
|
match flow direction
|
||
|
|
collect interface input
|
||
|
|
collect counter bytes long
|
||
|
|
collect counter packets long
|
||
|
|
collect transport tcp flags
|
||
|
|
!
|
||
|
|
!
|
||
|
|
flow monitor NETFLOW_MONITOR_IN
|
||
|
|
cache timeout inactive 10
|
||
|
|
cache timeout active 60
|
||
|
|
record NETFLOW_IN
|
||
|
|
!
|
||
|
|
!
|
||
|
|
flow monitor NETFLOW_MONITOR_OUT
|
||
|
|
cache timeout inactive 10
|
||
|
|
cache timeout active 60
|
||
|
|
record NETFLOW_OUT
|
||
|
|
!
|
||
|
|
!
|
||
|
|
flow monitor FLOW-MONITOR-INPUT
|
||
|
|
description ingress
|
||
|
|
cache timeout inactive 10
|
||
|
|
cache timeout active 60
|
||
|
|
record FLOW-RECORD-INPUT
|
||
|
|
!
|
||
|
|
!
|
||
|
|
flow monitor FLOW-MONITOR-OUTPUT
|
||
|
|
description egress
|
||
|
|
cache timeout inactive 10
|
||
|
|
cache timeout active 60
|
||
|
|
record FLOW-RECORD-OUTPUT
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
port-channel load-balance src-dst-mixed-ip-port
|
||
|
|
errdisable recovery cause udld
|
||
|
|
errdisable recovery cause bpduguard
|
||
|
|
errdisable recovery cause security-violation
|
||
|
|
errdisable recovery cause channel-misconfig
|
||
|
|
errdisable recovery cause pagp-flap
|
||
|
|
errdisable recovery cause dtp-flap
|
||
|
|
errdisable recovery cause link-flap
|
||
|
|
errdisable recovery cause sfp-config-mismatch
|
||
|
|
errdisable recovery cause l2ptguard
|
||
|
|
errdisable recovery cause psecure-violation
|
||
|
|
errdisable recovery cause port-mode-failure
|
||
|
|
errdisable recovery cause dhcp-rate-limit
|
||
|
|
errdisable recovery cause pppoe-ia-rate-limit
|
||
|
|
errdisable recovery cause mac-limit
|
||
|
|
errdisable recovery cause vmps
|
||
|
|
errdisable recovery cause storm-control
|
||
|
|
errdisable recovery cause inline-power
|
||
|
|
errdisable recovery cause arp-inspection
|
||
|
|
errdisable recovery cause link-monitor-failure
|
||
|
|
errdisable recovery cause oam-remote-failure
|
||
|
|
errdisable recovery cause loopback
|
||
|
|
errdisable recovery cause psp
|
||
|
|
errdisable recovery interval 600
|
||
|
|
license boot level ipservicesk9
|
||
|
|
diagnostic bootup level minimal
|
||
|
|
!
|
||
|
|
spanning-tree mode pvst
|
||
|
|
spanning-tree logging
|
||
|
|
spanning-tree extend system-id
|
||
|
|
spanning-tree vlan 1-4094 priority 12288
|
||
|
|
archive
|
||
|
|
log config
|
||
|
|
logging enable
|
||
|
|
logging size 900
|
||
|
|
notify syslog contenttype plaintext
|
||
|
|
hidekeys
|
||
|
|
path tftp://tftp/IZH/MLK/IZM-SW_L3/$H-$T
|
||
|
|
write-memory
|
||
|
|
time-period 10080
|
||
|
|
!
|
||
|
|
!
|
||
|
|
username netadmin privilege 15 secret 5 $1$CJcs$KdKLEShFyyvUiOSSRtOMs.
|
||
|
|
!
|
||
|
|
redundancy
|
||
|
|
mode sso
|
||
|
|
!
|
||
|
|
!
|
||
|
|
vlan 8
|
||
|
|
name --UserNet_8.0/24--
|
||
|
|
!
|
||
|
|
vlan 9
|
||
|
|
name --UserNet_9.0/24--
|
||
|
|
!
|
||
|
|
vlan 10
|
||
|
|
name --UserNet_10.0/24--
|
||
|
|
!
|
||
|
|
vlan 11
|
||
|
|
name --UserNet_11.0/24--
|
||
|
|
!
|
||
|
|
vlan 12
|
||
|
|
name --UserNet_12.0/24--
|
||
|
|
!
|
||
|
|
vlan 13
|
||
|
|
name --UserNet_13.0/24--
|
||
|
|
!
|
||
|
|
vlan 14
|
||
|
|
name --UserNet_14.0/24--
|
||
|
|
!
|
||
|
|
vlan 15
|
||
|
|
name --UserNet_15.0/24--
|
||
|
|
!
|
||
|
|
vlan 16
|
||
|
|
name --UserNet_16.0/24--
|
||
|
|
!
|
||
|
|
vlan 17
|
||
|
|
name --UserNet_17.0/24--
|
||
|
|
!
|
||
|
|
vlan 18
|
||
|
|
name --UserNet_18.0/24--
|
||
|
|
!
|
||
|
|
vlan 19
|
||
|
|
name --UserNet_19.0/24--
|
||
|
|
!
|
||
|
|
vlan 20
|
||
|
|
name --UserNet_20.0/24--
|
||
|
|
!
|
||
|
|
vlan 22
|
||
|
|
name MILKOM_Nobel_Users
|
||
|
|
!
|
||
|
|
vlan 23
|
||
|
|
!
|
||
|
|
vlan 50
|
||
|
|
name RCOD
|
||
|
|
!
|
||
|
|
vlan 93
|
||
|
|
name VideoNetToStolovaya
|
||
|
|
!
|
||
|
|
vlan 96
|
||
|
|
name --ERTELEKOM--
|
||
|
|
!
|
||
|
|
vlan 99
|
||
|
|
name --MARK_ASTERISK--
|
||
|
|
!
|
||
|
|
vlan 101
|
||
|
|
name --PRINTERS--
|
||
|
|
!
|
||
|
|
vlan 113
|
||
|
|
name TRANSIT_TO_MIKROTIK
|
||
|
|
!
|
||
|
|
vlan 150
|
||
|
|
name --Wi-Fi_Users_32.0/24--
|
||
|
|
!
|
||
|
|
vlan 151
|
||
|
|
name --Wi-Fi_Prod_33.0/24--
|
||
|
|
!
|
||
|
|
vlan 172
|
||
|
|
name TelephotiNet
|
||
|
|
!
|
||
|
|
vlan 173
|
||
|
|
name telephonyTest
|
||
|
|
!
|
||
|
|
vlan 200-201
|
||
|
|
!
|
||
|
|
vlan 202
|
||
|
|
name --DMZ--
|
||
|
|
!
|
||
|
|
vlan 207
|
||
|
|
name VCOD_Servers_DMZ_Frontend
|
||
|
|
!
|
||
|
|
vlan 208
|
||
|
|
name VCOD_Servers_Backend
|
||
|
|
!
|
||
|
|
vlan 229
|
||
|
|
!
|
||
|
|
vlan 248
|
||
|
|
name --SANDBOX_ELAR--
|
||
|
|
!
|
||
|
|
vlan 249
|
||
|
|
name --ServTestC_36.0/24--
|
||
|
|
!
|
||
|
|
vlan 250
|
||
|
|
name --ServerNet_0.0/24--
|
||
|
|
!
|
||
|
|
vlan 251
|
||
|
|
name -=ServMail_7.0/28=-
|
||
|
|
!
|
||
|
|
vlan 252
|
||
|
|
name --VOICE_ATS--
|
||
|
|
!
|
||
|
|
vlan 253
|
||
|
|
name exchange_komos-group
|
||
|
|
!
|
||
|
|
vlan 254
|
||
|
|
name SRV_SharePint_1.0/24
|
||
|
|
!
|
||
|
|
vlan 255
|
||
|
|
name --ServerNet_2.0/24--
|
||
|
|
!
|
||
|
|
vlan 256
|
||
|
|
name Server_Mon_1C_3.0/24
|
||
|
|
!
|
||
|
|
vlan 257
|
||
|
|
name KONTUR_DEV_SQL5.0/27
|
||
|
|
!
|
||
|
|
vlan 288
|
||
|
|
name SERVERS_DEV
|
||
|
|
!
|
||
|
|
vlan 289
|
||
|
|
name -=SRVBakNet_245.0_24=-
|
||
|
|
!
|
||
|
|
vlan 290
|
||
|
|
name -=SrvVmwVMon_242.0/26=-
|
||
|
|
!
|
||
|
|
vlan 291
|
||
|
|
name -=SrvVmwVSan_242.64/26=-
|
||
|
|
!
|
||
|
|
vlan 292
|
||
|
|
name -=SrvBakNet_243.0/24=-
|
||
|
|
!
|
||
|
|
vlan 294
|
||
|
|
name --SRV_iLO_iDrack_etc--
|
||
|
|
!
|
||
|
|
vlan 299
|
||
|
|
name --SrvMng_240.0\24--
|
||
|
|
!
|
||
|
|
vlan 300
|
||
|
|
name --MANAGMENT--
|
||
|
|
!
|
||
|
|
vlan 301
|
||
|
|
name --Wi-Fi_MANAGMENT--
|
||
|
|
!
|
||
|
|
vlan 302
|
||
|
|
name -=Wi-Fi_MANAGMENT=-
|
||
|
|
!
|
||
|
|
vlan 350
|
||
|
|
name --VOICE_28.0/24--
|
||
|
|
!
|
||
|
|
vlan 500
|
||
|
|
name --Wi-Fi_Guest_35.0/24--
|
||
|
|
!
|
||
|
|
vlan 550
|
||
|
|
name --CISCO_ASA--
|
||
|
|
!
|
||
|
|
vlan 551
|
||
|
|
name --TRANSIT_HSRP--
|
||
|
|
!
|
||
|
|
vlan 556
|
||
|
|
name P2P_iBGP_KOMOS_AS_over_ER_Tel
|
||
|
|
!
|
||
|
|
vlan 557
|
||
|
|
name P2P_iBGP_KOMOS_AS_over_MTS
|
||
|
|
!
|
||
|
|
vlan 596
|
||
|
|
name P2P_RCOD-OCOD_ER_Telecom
|
||
|
|
!
|
||
|
|
vlan 597
|
||
|
|
name TRANSIT_TO_ISR4431
|
||
|
|
!
|
||
|
|
vlan 599
|
||
|
|
name --MTS_KOMOS_599--
|
||
|
|
!
|
||
|
|
vlan 601
|
||
|
|
name --KMK_PRODACTION--
|
||
|
|
!
|
||
|
|
vlan 650
|
||
|
|
name --ISCSI--
|
||
|
|
!
|
||
|
|
vlan 666
|
||
|
|
name NOT_ROUTED
|
||
|
|
!
|
||
|
|
vlan 1000
|
||
|
|
name --ELAR-TEST--
|
||
|
|
!
|
||
|
|
vlan 1100
|
||
|
|
name TEST_ARR_ESR-10
|
||
|
|
!
|
||
|
|
vlan 1113
|
||
|
|
name PI_RT-1-3
|
||
|
|
!
|
||
|
|
vlan 1500
|
||
|
|
name dmz_env_1C_WMS_MLK
|
||
|
|
!
|
||
|
|
vlan 1501
|
||
|
|
name safe_env_1C_WMS_MLK
|
||
|
|
!
|
||
|
|
vlan 1999
|
||
|
|
name env_1C_Licensing
|
||
|
|
!
|
||
|
|
vlan 3915
|
||
|
|
name IZM_VLAN3915_SPLUNK
|
||
|
|
!
|
||
|
|
vlan 4030
|
||
|
|
name --MTS_KOMOS_4030--
|
||
|
|
!
|
||
|
|
vlan 4031
|
||
|
|
name -VeamRepl_172.31.31.0/24-
|
||
|
|
!
|
||
|
|
vlan 4032
|
||
|
|
name -SQLRepl_172.31.33.0/24-
|
||
|
|
!
|
||
|
|
vlan 4033
|
||
|
|
name -SrvVCHA_172.31.33.0/24-
|
||
|
|
!
|
||
|
|
vlan 4034
|
||
|
|
name -ExchRepl_172.31.34.0/24-
|
||
|
|
!
|
||
|
|
vlan 4035
|
||
|
|
name -SrvVCMg_172.31.35.0/24-
|
||
|
|
!
|
||
|
|
!
|
||
|
|
class-map match-any CM_QoS_Q2
|
||
|
|
match qos-group 2
|
||
|
|
class-map match-any CM_QoS_Q3
|
||
|
|
match qos-group 3
|
||
|
|
class-map match-any CM_QoS_Q0
|
||
|
|
match qos-group 0
|
||
|
|
class-map match-any CM_QoS_Q1
|
||
|
|
match qos-group 1
|
||
|
|
class-map match-any system-cpp-police-topology-control
|
||
|
|
description Topology control
|
||
|
|
class-map match-any CM_QoS_Q6
|
||
|
|
match qos-group 6
|
||
|
|
match qos-group 7
|
||
|
|
class-map match-any system-cpp-police-sw-forward
|
||
|
|
description Sw forwarding, SGT Cache Full, LOGGING
|
||
|
|
class-map match-any CM_QoS_Q4
|
||
|
|
match qos-group 4
|
||
|
|
class-map match-any CM_QoS_Q5
|
||
|
|
match qos-group 5
|
||
|
|
class-map match-any system-cpp-default
|
||
|
|
description DHCP snooping, show forward and rest of traffic
|
||
|
|
class-map match-any system-cpp-police-sys-data
|
||
|
|
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL SAMPLED DATA, Gold Pkt, RPF Failed
|
||
|
|
class-map match-any CM_RDP
|
||
|
|
match access-group name RDP
|
||
|
|
class-map match-any system-cpp-police-punt-webauth
|
||
|
|
description Punt Webauth
|
||
|
|
class-map match-any system-cpp-police-forus
|
||
|
|
description Forus Address resolution and Forus traffic
|
||
|
|
class-map match-any system-cpp-police-multicast-end-station
|
||
|
|
description MCAST END STATION
|
||
|
|
class-map match-any system-cpp-police-multicast
|
||
|
|
description Transit Traffic and MCAST Data
|
||
|
|
class-map match-any CM_QoS_CS3
|
||
|
|
match dscp cs3 af31 af32 af33
|
||
|
|
class-map match-any CM_QoS_CS2
|
||
|
|
match dscp cs2 af21 af22 af23
|
||
|
|
class-map match-any CM_QoS_CS1
|
||
|
|
match dscp cs1 af11 af12 af13
|
||
|
|
class-map match-any system-cpp-police-l2-control
|
||
|
|
description L2 control
|
||
|
|
class-map match-any CM_QoS_CS0
|
||
|
|
match dscp default 1 2 3
|
||
|
|
class-map match-any system-cpp-police-dot1x-auth
|
||
|
|
description DOT1X Auth
|
||
|
|
class-map match-any CM_QoS_CS7
|
||
|
|
match dscp cs7
|
||
|
|
class-map match-any CM_QoS_CS6
|
||
|
|
match dscp cs6 49
|
||
|
|
class-map match-any CM_QoS_CS5
|
||
|
|
match dscp cs5 41 42 45 ef 47
|
||
|
|
class-map match-any system-cpp-police-data
|
||
|
|
description ICMP_GEN and BROADCAST
|
||
|
|
class-map match-any CM_QoS_CS4
|
||
|
|
match dscp cs4 af41 af42 af43
|
||
|
|
class-map match-any system-cpp-police-control-low-priority
|
||
|
|
description ICMP redirect and general punt
|
||
|
|
class-map match-any system-cpp-police-wireless-priority1
|
||
|
|
description Wireless priority 1
|
||
|
|
class-map match-any system-cpp-police-wireless-priority2
|
||
|
|
description Wireless priority 2
|
||
|
|
class-map match-any system-cpp-police-wireless-priority3-4-5
|
||
|
|
description Wireless priority 3,4 and 5
|
||
|
|
class-map match-any non-client-nrt-class
|
||
|
|
class-map match-any CM_COS_1
|
||
|
|
match cos 1
|
||
|
|
class-map match-any system-cpp-police-routing-control
|
||
|
|
description Routing control
|
||
|
|
class-map match-any system-cpp-police-protocol-snooping
|
||
|
|
description Protocol snooping
|
||
|
|
class-map match-any CM_COS_0
|
||
|
|
match cos 0
|
||
|
|
class-map match-any CM_COS_3
|
||
|
|
match cos 3
|
||
|
|
class-map match-any CM_COS_2
|
||
|
|
match cos 2
|
||
|
|
class-map match-any CM_COS_5
|
||
|
|
match cos 5
|
||
|
|
class-map match-any CM_COS_4
|
||
|
|
match cos 4
|
||
|
|
class-map match-any CM_COS_7
|
||
|
|
match cos 7
|
||
|
|
class-map match-any CM_COS_6
|
||
|
|
match cos 6
|
||
|
|
!
|
||
|
|
policy-map port_child_policy
|
||
|
|
class non-client-nrt-class
|
||
|
|
bandwidth remaining ratio 10
|
||
|
|
policy-map system-cpp-policy
|
||
|
|
class system-cpp-police-data
|
||
|
|
police rate 200 pps
|
||
|
|
class system-cpp-police-sys-data
|
||
|
|
police rate 100 pps
|
||
|
|
class system-cpp-police-sw-forward
|
||
|
|
police rate 1000 pps
|
||
|
|
class system-cpp-police-multicast
|
||
|
|
police rate 500 pps
|
||
|
|
class system-cpp-police-multicast-end-station
|
||
|
|
police rate 2000 pps
|
||
|
|
class system-cpp-police-punt-webauth
|
||
|
|
class system-cpp-police-l2-control
|
||
|
|
class system-cpp-police-routing-control
|
||
|
|
police rate 1800 pps
|
||
|
|
class system-cpp-police-control-low-priority
|
||
|
|
class system-cpp-police-wireless-priority1
|
||
|
|
class system-cpp-police-wireless-priority2
|
||
|
|
class system-cpp-police-wireless-priority3-4-5
|
||
|
|
class system-cpp-police-topology-control
|
||
|
|
class system-cpp-police-dot1x-auth
|
||
|
|
class system-cpp-police-protocol-snooping
|
||
|
|
class system-cpp-police-forus
|
||
|
|
class system-cpp-default
|
||
|
|
policy-map PM_QoS_CLASS_IN
|
||
|
|
class CM_QoS_CS7
|
||
|
|
set qos-group 7
|
||
|
|
class CM_COS_7
|
||
|
|
set qos-group 7
|
||
|
|
class CM_QoS_CS6
|
||
|
|
set qos-group 6
|
||
|
|
class CM_COS_6
|
||
|
|
set qos-group 6
|
||
|
|
class CM_QoS_CS5
|
||
|
|
set qos-group 5
|
||
|
|
class CM_COS_5
|
||
|
|
set qos-group 5
|
||
|
|
class CM_QoS_CS4
|
||
|
|
set qos-group 4
|
||
|
|
class CM_COS_4
|
||
|
|
set qos-group 4
|
||
|
|
class CM_QoS_CS3
|
||
|
|
set qos-group 3
|
||
|
|
class CM_COS_3
|
||
|
|
set qos-group 3
|
||
|
|
class CM_QoS_CS2
|
||
|
|
set qos-group 2
|
||
|
|
class CM_COS_2
|
||
|
|
set qos-group 2
|
||
|
|
class CM_QoS_CS1
|
||
|
|
set qos-group 1
|
||
|
|
class CM_COS_1
|
||
|
|
set qos-group 1
|
||
|
|
class CM_QoS_CS0
|
||
|
|
set qos-group 0
|
||
|
|
class CM_COS_0
|
||
|
|
set qos-group 0
|
||
|
|
class CM_RDP
|
||
|
|
set dscp cs4
|
||
|
|
class class-default
|
||
|
|
set qos-group 0
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
interface Port-channel1
|
||
|
|
description [CORE] SW-1-1
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel2
|
||
|
|
description [SRV] izh-vmw004_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel3
|
||
|
|
description [SRV] izh-vmw005_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel4
|
||
|
|
description [SRV] izh-vmw005_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel5
|
||
|
|
description [SRV] izh-vmw006_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel6
|
||
|
|
description [SRV] izh-vmw006_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel7
|
||
|
|
description [SRV] izh-vmw007_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel8
|
||
|
|
description [SRV] izh-vmw007_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel9
|
||
|
|
description [SRV] izh-vmw008_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel10
|
||
|
|
description [SRV] izh-vmw008_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel11
|
||
|
|
description [SRV] izh-vmw011_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel12
|
||
|
|
description [SRV] izh-vmw011_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel13
|
||
|
|
description [SRV] izh-vmw012_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel14
|
||
|
|
description [SRV] izh-vmw012_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel15
|
||
|
|
description [SRV] izh-vmw013_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel16
|
||
|
|
description [SRV] izh-vmw013_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel17
|
||
|
|
description [SRV] izh-vmw016_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel18
|
||
|
|
description [SRV] izh-vmw016_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel19
|
||
|
|
description [SRV] izh-vmw015_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel20
|
||
|
|
description [SRV] izh-vmw015_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel21
|
||
|
|
description [SRV] izh-vmw014_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel22
|
||
|
|
description [SRV] izh-vmw014_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel23
|
||
|
|
description [SRV] izh-vmw020_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel24
|
||
|
|
description [SRV] izh-vmw020_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel25
|
||
|
|
description [SRV] izh-vmw021_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel26
|
||
|
|
description [SRV] izh-vmw021_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel27
|
||
|
|
description NONE
|
||
|
|
switchport access vlan 294
|
||
|
|
switchport mode access
|
||
|
|
!
|
||
|
|
interface Port-channel29
|
||
|
|
description izh-vmw017_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel33
|
||
|
|
description [SRV] izh-bkp007_p2
|
||
|
|
switchport access vlan 292
|
||
|
|
switchport mode access
|
||
|
|
!
|
||
|
|
interface Port-channel35
|
||
|
|
description [SRV] izm-vmw022_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel36
|
||
|
|
description [SRV] izm-vmw022_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel37
|
||
|
|
description [SRV] izm-vmw023_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel38
|
||
|
|
description [SRV] izm-vmw023_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel39
|
||
|
|
description [SRV] izm-vmw025_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel40
|
||
|
|
description [SRV] izm-vmw025_srv
|
||
|
|
switchport access vlan 8
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel41
|
||
|
|
description [SRV] izm-vmw024_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel42
|
||
|
|
description [SRV] izm-vmw024_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel43
|
||
|
|
description [SRV] izm-vmw026_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel44
|
||
|
|
description [SRV] izm-vmw026_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel45
|
||
|
|
description [SRV] izm-vmw028_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel46
|
||
|
|
description [SRV] izm-vmw027_srv
|
||
|
|
switchport access vlan 294
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel101
|
||
|
|
description [SRV] izh-vmw004_mgt
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Port-channel102
|
||
|
|
description izh-vmw017_srv
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet0/0
|
||
|
|
vrf forwarding Mgmt-vrf
|
||
|
|
no ip address
|
||
|
|
negotiation auto
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/1
|
||
|
|
description [SRV] Po101 izh-vmw004-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 101 mode active
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/2
|
||
|
|
description [SRV] Po2 izh-vmw004-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 2 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/3
|
||
|
|
description [SRV] Po3 izh-vmw005-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 3 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/4
|
||
|
|
description [SRV] Po4 izh-vmw005-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 4 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/5
|
||
|
|
description [SRV] Po5 izh-vmw006-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 5 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/6
|
||
|
|
description [SRV] Po6 izh-vmw006-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 6 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/7
|
||
|
|
description [SRV] Po7 izh-vmw007-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 7 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/8
|
||
|
|
description [SRV] Po8 izh-vmw007-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 8 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/9
|
||
|
|
description [SRV] Po9 izh-vmw008-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 9 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/10
|
||
|
|
description [SRV] Po10 izh-vmw008-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 10 mode active
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/11
|
||
|
|
description [SRV] Po11 izh-vmw011-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 11 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/12
|
||
|
|
description [SRV] Po12 izh-vmw011-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 12 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/13
|
||
|
|
description [SRV] Po13 izh-vmw012-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 13 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/14
|
||
|
|
description [SRV] Po14 izh-vmw012-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 14 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/15
|
||
|
|
description [SRV] Po15 izh-vmw013-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 15 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/16
|
||
|
|
description [SRV] Po16 izh-vmw013-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 16 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/17
|
||
|
|
description [SRV] Po17 izh-vmw016-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 17 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/18
|
||
|
|
description [SRV] Po18 izh-vmw016-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 18 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/19
|
||
|
|
description [SRV] Po19 izh-vmw015-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 19 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/20
|
||
|
|
description [SRV] Po20 izh-vmw015-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 20 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/21
|
||
|
|
description [SRV] Po21 izh-vmw014-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 21 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/22
|
||
|
|
description [SRV] Po22 izh-vmw014-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 22 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/23
|
||
|
|
description [SRV] Po23 izh-vmw020-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 23 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/24
|
||
|
|
description [SRV] Po24 izh-vmw020-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 24 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/25
|
||
|
|
description [SRV] Po25 izh-vmw021-p00
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 25 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/26
|
||
|
|
description [SRV] Po26 izh-vmw021-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 26 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/27
|
||
|
|
description [SRV] izh-vmw027_p0
|
||
|
|
switchport access vlan 294
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 46 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/28
|
||
|
|
description NONE
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/29
|
||
|
|
description [SRV] izh-vmw028_p0
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 45 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/30
|
||
|
|
description [SRV] izh-shd002_Qsan
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/31
|
||
|
|
description [SRV] izh-bkp006_p
|
||
|
|
switchport access vlan 292
|
||
|
|
switchport mode access
|
||
|
|
no snmp trap link-status
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/32
|
||
|
|
description [SRV] izh-bkp006_p2
|
||
|
|
switchport access vlan 289
|
||
|
|
switchport mode access
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/33
|
||
|
|
description [SRV] Po33 izh-bkp007-p01
|
||
|
|
switchport access vlan 292
|
||
|
|
switchport mode access
|
||
|
|
no snmp trap link-status
|
||
|
|
no cdp enable
|
||
|
|
channel-group 33 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/34
|
||
|
|
description [SRV] izh-bkp007_p4
|
||
|
|
switchport access vlan 250
|
||
|
|
switchport mode access
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/35
|
||
|
|
description [SRV] Po35 kg-izm-vmw022-p00
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 35 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/36
|
||
|
|
description [SRV] Po36 kg-izm-vmw022-p02
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 36 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/37
|
||
|
|
description [SRV] Po37 kg-izm-vmw023-p00
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 37 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/38
|
||
|
|
description [SRV] Po38 kg-izm-vmw023-p02
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 38 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/39
|
||
|
|
description [SRV] Po39 kg-izm-vmw025-p00
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 39 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/40
|
||
|
|
description [SRV] Po40 kg-izm-vmw025-p02
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 40 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/41
|
||
|
|
description [SRV] Po41 kg-izm-vmw024-p00
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 41 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/42
|
||
|
|
description kg-izm-vmw024-p02
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 42 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/43
|
||
|
|
description [SRV] Po43 kg-izm-vmw026-p00
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 43 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/44
|
||
|
|
description [SRV] Po44 kg-izm-vmw026-p02
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 44 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/45
|
||
|
|
description --TEST_DORADO--
|
||
|
|
switchport access vlan 294
|
||
|
|
switchport mode access
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/46
|
||
|
|
description [WIFI] AP-1-2-COD
|
||
|
|
switchport trunk native vlan 302
|
||
|
|
switchport trunk allowed vlan 150,151,301,302,500
|
||
|
|
switchport mode trunk
|
||
|
|
switchport voice vlan 350
|
||
|
|
load-interval 60
|
||
|
|
no snmp trap link-status
|
||
|
|
no lldp transmit
|
||
|
|
no lldp receive
|
||
|
|
spanning-tree portfast
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/47
|
||
|
|
description [CORE] RT-1-3
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/0/48
|
||
|
|
description [ISP-1G] L2VPN-to-KG-P11_MTS
|
||
|
|
switchport trunk native vlan 4030
|
||
|
|
switchport trunk allowed vlan 557,599,4030-4035
|
||
|
|
switchport mode trunk
|
||
|
|
logging event trunk-status
|
||
|
|
logging event spanning-tree
|
||
|
|
load-interval 60
|
||
|
|
no snmp trap link-status
|
||
|
|
no lldp transmit
|
||
|
|
no lldp receive
|
||
|
|
no cdp enable
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
hold-queue 240000 in
|
||
|
|
hold-queue 240000 out
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/1/1
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/1/2
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/1/3
|
||
|
|
!
|
||
|
|
interface GigabitEthernet1/1/4
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet1/1/1
|
||
|
|
description [CORE] Po1 SW-1-1
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 1 mode active
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet1/1/2
|
||
|
|
description -=shd007 10GethP0 B=-
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet1/1/3
|
||
|
|
description =-shd007 10GethP0 A=-
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet1/1/4
|
||
|
|
description -=vmw028 10Geth01=-
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/1
|
||
|
|
description [SRV] Po101 izh-vmw004-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 101 mode active
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/2
|
||
|
|
description [SRV] Po2 izh-vmw004-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 2 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/3
|
||
|
|
description [SRV] Po3 izh-vmw005-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 3 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/4
|
||
|
|
description [SRV] Po4 izh-vmw005-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 4 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/5
|
||
|
|
description [SRV] Po5 izh-vmw006-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 5 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/6
|
||
|
|
description [SRV] Po6 izh-vmw006-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 6 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/7
|
||
|
|
description [SRV] Po7 izh-vmw007-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 7 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/8
|
||
|
|
description [SRV] Po8 izh-vmw007-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 8 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/9
|
||
|
|
description [SRV] Po9 izh-vmw008-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 9 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/10
|
||
|
|
description [SRV] Po10 izh-vmw008-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 10 mode active
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/11
|
||
|
|
description [SRV] Po11 izh-vmw011-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 11 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/12
|
||
|
|
description [SRV] Po12 izh-vmw011-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 12 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/13
|
||
|
|
description [SRV] Po13 izh-vmw012-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 13 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/14
|
||
|
|
description [SRV] Po14 izh-vmw012-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 14 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/15
|
||
|
|
description [SRV] Po15 izh-vmw013-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 15 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/16
|
||
|
|
description [SRV] Po16 izh-vmw013-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 16 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/17
|
||
|
|
description [SRV] Po17 izh-vmw016-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 17 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/18
|
||
|
|
description [SRV] Po18 izh-vmw016-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 18 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/19
|
||
|
|
description [SRV] Po19 izh-vmw015-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 19 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/20
|
||
|
|
description [SRV] Po20 izh-vmw015-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 20 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/21
|
||
|
|
description [SRV] Po21 izh-vmw014-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 21 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/22
|
||
|
|
description [SRV] Po22 izh-vmw014-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 22 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/23
|
||
|
|
description [SRV] Po23 izh-vmw020-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 23 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/24
|
||
|
|
description [SRV] Po24 izh-vmw020-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 24 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/25
|
||
|
|
description [SRV] Po25 izh-vmw021-p02
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 25 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/26
|
||
|
|
description [SRV] Po26 izh-vmw021-p03
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 26 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/27
|
||
|
|
description [SRV] izh-vmw027_p1
|
||
|
|
switchport access vlan 294
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 46 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/28
|
||
|
|
description [SRV] Po35 kg-izm-vmw022-p01
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 35 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/29
|
||
|
|
description [SRV] izh-vmw028_p1
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 45 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/30
|
||
|
|
description [SRV] Po36 kg-izm-vmw022-p03
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 36 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/31
|
||
|
|
description [SRV] izh-bkp006_p3
|
||
|
|
switchport access vlan 250
|
||
|
|
switchport mode access
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/32
|
||
|
|
description [SRV] Po37 kg-izm-vmw023-p01
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 37 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/33
|
||
|
|
description [SRV] Po33 izh-bkp007-p02
|
||
|
|
switchport access vlan 292
|
||
|
|
switchport mode access
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 33 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/34
|
||
|
|
description [SRV] Po38 kg-izm-vmw023-p03
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 38 mode active
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/35
|
||
|
|
description [SRV] Po39 kg-izm-vmw025-p01
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 39 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/36
|
||
|
|
description [SRV] Po40 kg-izm-vmw025-p03
|
||
|
|
switchport access vlan 8
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
channel-group 40 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/37
|
||
|
|
description [SRV] izh-vsr001
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/38
|
||
|
|
description [SRV] izh-vsr002
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/39
|
||
|
|
description [SRV] izh-vsr003
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/40
|
||
|
|
description [SRV] izh-vsr004
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/41
|
||
|
|
description [SRV] izh-vsr006
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/42
|
||
|
|
description kg-izm-vmw024-p01
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 41 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/43
|
||
|
|
description [SRV] Po42 kg-izm-vmw024-p03
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 42 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/44
|
||
|
|
description [SRV] Po43 kg-izm-vmw026-p01
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 43 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/45
|
||
|
|
description [SRV] Po44 kg-izm-vmw026-p03
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 44 mode active
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/46
|
||
|
|
switchport access vlan 294
|
||
|
|
switchport mode access
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/47
|
||
|
|
description [CORE] RT-1-4
|
||
|
|
switchport mode trunk
|
||
|
|
no snmp trap link-status
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/0/48
|
||
|
|
description [ISP-1G] L2VPN-to-KG-P11_ER-Telecom
|
||
|
|
switchport trunk native vlan 4030
|
||
|
|
switchport trunk allowed vlan 556,596
|
||
|
|
switchport mode trunk
|
||
|
|
logging event trunk-status
|
||
|
|
logging event spanning-tree
|
||
|
|
no snmp trap link-status
|
||
|
|
no lldp transmit
|
||
|
|
no lldp receive
|
||
|
|
no cdp enable
|
||
|
|
spanning-tree bpdufilter enable
|
||
|
|
hold-queue 240000 in
|
||
|
|
hold-queue 240000 out
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/1/1
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/1/2
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/1/3
|
||
|
|
!
|
||
|
|
interface GigabitEthernet2/1/4
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet2/1/1
|
||
|
|
description [CORE] Po1 SW-1-1
|
||
|
|
switchport mode trunk
|
||
|
|
channel-group 1 mode active
|
||
|
|
service-policy input PM_QoS_CLASS_IN
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet2/1/2
|
||
|
|
description -=shd007 10GethP1 A=-
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet2/1/3
|
||
|
|
description -=shd007 10GethP1 B=-
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface TenGigabitEthernet2/1/4
|
||
|
|
description -=vmw028 10Geth02=-
|
||
|
|
switchport mode trunk
|
||
|
|
!
|
||
|
|
interface Vlan1
|
||
|
|
no ip address
|
||
|
|
shutdown
|
||
|
|
!
|
||
|
|
interface Vlan22
|
||
|
|
ip address 192.168.255.253 255.255.255.0
|
||
|
|
!
|
||
|
|
interface Vlan300
|
||
|
|
description --MANAGMENT--
|
||
|
|
ip address 10.4.254.248 255.255.255.0
|
||
|
|
no ip redirects
|
||
|
|
no ip unreachables
|
||
|
|
no ip proxy-arp
|
||
|
|
!
|
||
|
|
ip default-gateway 10.4.254.254
|
||
|
|
ip forward-protocol nd
|
||
|
|
no ip http server
|
||
|
|
no ip http secure-server
|
||
|
|
ip ssh version 2
|
||
|
|
!
|
||
|
|
!
|
||
|
|
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
|
||
|
|
permit tcp any any eq 22
|
||
|
|
permit tcp any any eq 465
|
||
|
|
permit tcp any any eq 143
|
||
|
|
permit tcp any any eq 993
|
||
|
|
permit tcp any any eq 995
|
||
|
|
permit tcp any any eq 1914
|
||
|
|
permit tcp any any eq ftp
|
||
|
|
permit tcp any any eq ftp-data
|
||
|
|
permit tcp any any eq smtp
|
||
|
|
permit tcp any any eq pop3
|
||
|
|
ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
|
||
|
|
permit udp any any range 16384 32767
|
||
|
|
permit tcp any any range 50000 59999
|
||
|
|
ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
|
||
|
|
permit tcp any any range 2300 2400
|
||
|
|
permit udp any any range 2300 2400
|
||
|
|
permit tcp any any range 6881 6999
|
||
|
|
permit tcp any any range 28800 29100
|
||
|
|
permit tcp any any eq 1214
|
||
|
|
permit udp any any eq 1214
|
||
|
|
permit tcp any any eq 3689
|
||
|
|
permit udp any any eq 3689
|
||
|
|
permit tcp any any eq 11999
|
||
|
|
ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
|
||
|
|
permit tcp any any range 2000 2002
|
||
|
|
permit tcp any any range 5060 5061
|
||
|
|
permit udp any any range 5060 5061
|
||
|
|
ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
|
||
|
|
permit tcp any any eq 443
|
||
|
|
permit tcp any any eq 1521
|
||
|
|
permit udp any any eq 1521
|
||
|
|
permit tcp any any eq 1526
|
||
|
|
permit udp any any eq 1526
|
||
|
|
permit tcp any any eq 1575
|
||
|
|
permit udp any any eq 1575
|
||
|
|
permit tcp any any eq 1630
|
||
|
|
permit udp any any eq 1630
|
||
|
|
permit tcp any any eq 1527
|
||
|
|
permit tcp any any eq 6200
|
||
|
|
permit tcp any any eq 3389
|
||
|
|
permit tcp any any eq 5985
|
||
|
|
permit tcp any any eq 8080
|
||
|
|
ip access-list extended RDP
|
||
|
|
permit tcp any eq 3389 any
|
||
|
|
permit tcp any any eq 3389
|
||
|
|
!
|
||
|
|
logging origin-id hostname
|
||
|
|
logging facility local2
|
||
|
|
logging source-interface Vlan300
|
||
|
|
logging host 192.168.8.119 transport udp port 5544
|
||
|
|
logging host 10.4.244.4 transport udp port 515
|
||
|
|
access-list 5 permit 192.168.8.99
|
||
|
|
access-list 5 permit 10.4.0.58
|
||
|
|
access-list 5 permit 10.4.0.214
|
||
|
|
access-list 5 permit 10.2.1.245
|
||
|
|
!
|
||
|
|
snmp-server community lmTUEsk6Yvlv RO 5
|
||
|
|
snmp ifmib ifindex persist
|
||
|
|
!
|
||
|
|
!
|
||
|
|
!
|
||
|
|
radius server IZH-RDS002
|
||
|
|
address ipv4 10.4.0.248 auth-port 1645 acct-port 1646
|
||
|
|
timeout 3
|
||
|
|
retransmit 2
|
||
|
|
key hykFAA@Hg9X9fsokWh5q8wez#&^a9lIizldHKxlRer3RE7AbsTsJwdB^RESF$eJ0
|
||
|
|
!
|
||
|
|
radius server P11-RDS003
|
||
|
|
address ipv4 10.1.122.248 auth-port 1645 acct-port 1646
|
||
|
|
timeout 3
|
||
|
|
retransmit 2
|
||
|
|
key hykFAA@Hg9X9fsokWh5q8wez#&^a9lIizldHKxlRer3RE7AbsTsJwdB^RESF$eJ0
|
||
|
|
!
|
||
|
|
!
|
||
|
|
control-plane
|
||
|
|
service-policy input system-cpp-policy
|
||
|
|
!
|
||
|
|
!
|
||
|
|
no vstack
|
||
|
|
!
|
||
|
|
line con 0
|
||
|
|
login authentication CONSOLE
|
||
|
|
stopbits 1
|
||
|
|
line aux 0
|
||
|
|
stopbits 1
|
||
|
|
line vty 0 4
|
||
|
|
exec-timeout 120 0
|
||
|
|
transport input ssh
|
||
|
|
line vty 5 15
|
||
|
|
exec-timeout 120 0
|
||
|
|
transport input ssh
|
||
|
|
!
|
||
|
|
ntp server 192.168.8.200
|
||
|
|
ntp server 192.168.8.201
|
||
|
|
!
|
||
|
|
wsma agent exec
|
||
|
|
!
|
||
|
|
wsma agent config
|
||
|
|
!
|
||
|
|
wsma agent filesys
|
||
|
|
!
|
||
|
|
wsma agent notify
|
||
|
|
!
|
||
|
|
!
|
||
|
|
ap dot11 airtime-fairness policy-name Default 0
|
||
|
|
ap group default-group
|
||
|
|
ap hyperlocation ble-beacon 0
|
||
|
|
ap hyperlocation ble-beacon 1
|
||
|
|
ap hyperlocation ble-beacon 2
|
||
|
|
ap hyperlocation ble-beacon 3
|
||
|
|
ap hyperlocation ble-beacon 4
|
||
|
|
end
|