쫑콩아빠의 지금 이 순간...

SAISEI Config

stm1wins# show running_config
#
#
netflow_sender record
no description
no dynamic
max_flow_rate 0
name record
sample_rate 1
no policies
minimum_flow_size 0
no hidden
minimum_flow_duration 0.000
type csv
exit
#
#
ingress_flow_class games
geolocation
no minimum_rate
no next_hop_ases
no dynamic
no maximum_packets
egress_flow_class games
no minimum_total_bytes
no excluded_groups
no threat_level
no capture
no bad_source_internal
no maximum_rate
no final_ases
no bad_source_external
no hidden
initial_rate_plan
no minimum_duration
no description
no applications
minimum_distress 0
name games
no minimum_packets
no maximum_total_bytes
acl
top_host dontcare
no reputation
required_groups games
match_rate_plan
no threat_types
no maximum_duration
exit
ingress_flow_class other
geolocation
no minimum_rate
no next_hop_ases
no dynamic
no maximum_packets
egress_flow_class other
no minimum_total_bytes
no excluded_groups
no threat_level
no capture
no bad_source_internal
no maximum_rate
no final_ases
no bad_source_external
no hidden
initial_rate_plan
no minimum_duration
no description
no applications
minimum_distress 0
name other
no minimum_packets
no maximum_total_bytes
acl
top_host dontcare
no reputation
no required_groups
match_rate_plan
no threat_types
no maximum_duration
exit
ingress_flow_class speedtest
geolocation
no minimum_rate
no next_hop_ases
no dynamic
no maximum_packets
egress_flow_class speedtest
no minimum_total_bytes
no excluded_groups
no threat_level
no capture
no bad_source_internal
no maximum_rate
no final_ases
no bad_source_external
no hidden
initial_rate_plan
no minimum_duration
no description
no applications
minimum_distress 0
name speedtest
no minimum_packets
no maximum_total_bytes
acl
top_host dontcare
no reputation
required_groups speedtest
match_rate_plan
no threat_types
no maximum_duration
exit
ingress_flow_class streaming
geolocation
no minimum_rate
no next_hop_ases
no dynamic
no maximum_packets
egress_flow_class streaming
no minimum_total_bytes
no excluded_groups
no threat_level
no capture
no bad_source_internal
no maximum_rate
no final_ases
no bad_source_external
no hidden
initial_rate_plan
no minimum_duration
no description
no applications
minimum_distress 0
name streaming
no minimum_packets
no maximum_total_bytes
acl
top_host dontcare
no reputation
required_groups streaming
match_rate_plan
no threat_types
no maximum_duration
exit
ingress_flow_class updates
geolocation
no minimum_rate
no next_hop_ases
no dynamic
no maximum_packets
egress_flow_class updates
no minimum_total_bytes
no excluded_groups
no threat_level
no capture
no bad_source_internal
no maximum_rate
no final_ases
no bad_source_external
no hidden
initial_rate_plan
no minimum_duration
no description
no applications
minimum_distress 0
name updates
no minimum_packets
no maximum_total_bytes
acl
top_host dontcare
no reputation
required_groups updates
match_rate_plan
no threat_types
no maximum_duration
exit
ingress_flow_class voip
geolocation
no minimum_rate
no next_hop_ases
no dynamic
no maximum_packets
egress_flow_class voip
no minimum_total_bytes
no excluded_groups
no threat_level
no capture
no bad_source_internal
no maximum_rate
no final_ases
no bad_source_external
no hidden
initial_rate_plan
no minimum_duration
no description
no applications
minimum_distress 0
name voip
no minimum_packets
no maximum_total_bytes
acl
top_host dontcare
no reputation
required_groups voip
match_rate_plan
no threat_types
no maximum_duration
exit
ingress_flow_class Youtube
geolocation
no minimum_rate
no next_hop_ases
no dynamic
no maximum_packets
egress_flow_class Youtube
no minimum_total_bytes
no excluded_groups
no threat_level
no capture
no bad_source_internal
no maximum_rate
no final_ases
no bad_source_external
no hidden
initial_rate_plan
no minimum_duration
no description
applications youtube
minimum_distress 0
name Youtube
no minimum_packets
no maximum_total_bytes
acl Youtube
top_host dontcare
no reputation
no required_groups
match_rate_plan
no threat_types
no maximum_duration
exit
#
#
egress_policy_map external1.any_epm
no description
no dynamic
no hidden
name external1.any_epm
egress_policy games
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class games
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name games
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy other
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class other
no child_equalisation
downstream_cir 0
host_equalisation
shaper_margin 10.0
priority normal
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name other
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy speedtest
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class speedtest
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority override
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name speedtest
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy streaming
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class streaming
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name streaming
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 30.0
exit
egress_policy updates
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class updates
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority background
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name updates
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy voip
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class voip
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name voip
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 10.0
exit
egress_policy Youtube
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class Youtube
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority normal
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name Youtube
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
exit
egress_policy_map external1_epm
no description
no dynamic
no hidden
name external1_epm
egress_policy games
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class games
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name games
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy other
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class other
no child_equalisation
downstream_cir 0
host_equalisation
shaper_margin 10.0
priority normal
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name other
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy speedtest
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class speedtest
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority override
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name speedtest
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy streaming
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class streaming
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name streaming
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 30.0
exit
egress_policy updates
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class updates
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority background
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name updates
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy voip
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class voip
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name voip
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 10.0
exit
egress_policy Youtube
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class Youtube
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority normal
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name Youtube
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
exit
egress_policy_map internal1.any_epm
no description
no dynamic
no hidden
name internal1.any_epm
egress_policy games
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class games
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name games
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy other
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class other
no child_equalisation
downstream_cir 0
host_equalisation
shaper_margin 10.0
priority normal
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name other
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy speedtest
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class speedtest
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority override
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name speedtest
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy streaming
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class streaming
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name streaming
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 30.0
exit
egress_policy updates
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class updates
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority background
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name updates
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy voip
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class voip
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name voip
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 10.0
exit
egress_policy Youtube
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class Youtube
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority normal
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name Youtube
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
exit
egress_policy_map internal1_epm
no description
no dynamic
no hidden
name internal1_epm
egress_policy games
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class games
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name games
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy other
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class other
no child_equalisation
downstream_cir 0
host_equalisation
shaper_margin 10.0
priority normal
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name other
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy speedtest
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class speedtest
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority override
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name speedtest
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy streaming
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class streaming
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name streaming
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 30.0
exit
egress_policy updates
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class updates
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority background
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name updates
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
egress_policy voip
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class voip
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority high
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name voip
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 10.0
exit
egress_policy Youtube
upstream_mir 0
upstream_cir 0
downstream_mir 0
no dynamic
egress_flow_class Youtube
no child_equalisation
downstream_cir 0
no host_equalisation
shaper_margin 10.0
priority normal
no hidden
no description
parent
no rate_multiplier
percent_mir 0.0
no control_peak
name Youtube
no shaped
enabled
secondary_parent
burst_threshold 30
percent_cir 0.0
exit
exit
#
#
management_interface mgmt0
no description
requested_system_interface enp11s0
allowed_subnets 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
no dynamic
pci_address 0000:0b:00.0
no hidden
name mgmt0
exit
#
#
egress_flow_class games
no hidden
no dynamic
no description
name games
exit
egress_flow_class other
no hidden
no dynamic
no description
name other
exit
egress_flow_class speedtest
no hidden
no dynamic
no description
name speedtest
exit
egress_flow_class streaming
no hidden
no dynamic
no description
name streaming
exit
egress_flow_class updates
no hidden
no dynamic
no description
name updates
exit
egress_flow_class voip
no hidden
no dynamic
no description
name voip
exit
egress_flow_class Youtube
no hidden
no dynamic
no description
name Youtube
exit
#
#
parameter_info internal_host_quiet_limit

exit

parameter_info model

exit

#
#
fib fib0
no parent_fib
no description
no dynamic
no permitted_hosts
no hidden
root
name fib0
exit
#
#
ingress_policy_map external1.any_ipm
no description
no dynamic
no hidden
name external1.any_ipm
ingress_policy games
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name games
reverse
ingress_flow_class games
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy other
sequence 9000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name other
reverse
ingress_flow_class other
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy speedtest
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name speedtest
reverse
ingress_flow_class speedtest
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy streaming
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name streaming
reverse
ingress_flow_class streaming
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy updates
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name updates
reverse
ingress_flow_class updates
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy voip
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name voip
reverse
ingress_flow_class voip
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy Youtube
sequence 1000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name Youtube
reverse
ingress_flow_class Youtube
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
exit
ingress_policy_map external1_ipm
no description
no dynamic
no hidden
name external1_ipm
ingress_policy games
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name games
reverse
ingress_flow_class games
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy other
sequence 9000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name other
reverse
ingress_flow_class other
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy speedtest
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name speedtest
reverse
ingress_flow_class speedtest
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy streaming
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name streaming
reverse
ingress_flow_class streaming
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy updates
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name updates
reverse
ingress_flow_class updates
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy voip
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name voip
reverse
ingress_flow_class voip
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy Youtube
sequence 1000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name Youtube
reverse
ingress_flow_class Youtube
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
exit
ingress_policy_map internal1.any_ipm
no description
no dynamic
no hidden
name internal1.any_ipm
ingress_policy games
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name games
reverse
ingress_flow_class games
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy other
sequence 9000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name other
reverse
ingress_flow_class other
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy speedtest
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name speedtest
reverse
ingress_flow_class speedtest
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy streaming
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name streaming
reverse
ingress_flow_class streaming
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy updates
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name updates
reverse
ingress_flow_class updates
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy voip
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name voip
reverse
ingress_flow_class voip
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy Youtube
sequence 1000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name Youtube
reverse
ingress_flow_class Youtube
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
exit
ingress_policy_map internal1_ipm
no description
no dynamic
no hidden
name internal1_ipm
ingress_policy games
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name games
reverse
ingress_flow_class games
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy other
sequence 9000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name other
reverse
ingress_flow_class other
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy speedtest
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name speedtest
reverse
ingress_flow_class speedtest
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy streaming
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name streaming
reverse
ingress_flow_class streaming
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy updates
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name updates
reverse
ingress_flow_class updates
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy voip
sequence 8000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name voip
reverse
ingress_flow_class voip
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
ingress_policy Youtube
sequence 1000
no dynamic
flow_rate_cap 0
no reverse_path_forward
minimum_delay 0.000
no dscp_rewrite
no postprocess
no hidden
policy_route_interface
no maximum_delay
no description
policy_route_address ::
chargeable dontcare
name Youtube
reverse
ingress_flow_class Youtube
ip_protocol_rewrite 0
no drop
enabled
fixed_rate 0
no no_police
exit
exit
#
#
condition 5M_over
no dynamic
no clearing_filter
no clear_attribute_value
no attribute_value
object_class interface
severity minor
script
delay 00:00:05.000
no hidden
no description
no name_filter
clearing_script
no mail_subject
no groups
no mail_address
no mail_body
no attribute_name
name 5M_over
clear_delay 00:00:01.000
no enabled
filter name=internal1,transmit_rate>500|receive_rate>500
no trap
no restore_attribute_value
exit
condition 90M_over
no dynamic
clearing_filter rate<90000
no clear_attribute_value
no attribute_value
object_class interface
severity minor
script
delay 00:01:00.000
no hidden
no description
no name_filter
clearing_script
no mail_subject
no groups
no mail_address
no mail_body
no attribute_name
name 90M_over
clear_delay 00:00:10.000
no enabled
filter receive_rate>90000
no trap
no restore_attribute_value
exit
condition Total_Rate_Monitorintg
no dynamic
no clearing_filter
no clear_attribute_value
no attribute_value
object_class application
severity minor
script
delay 00:00:30.000
no hidden
no description
no name_filter
clearing_script
mail_subject Application Total Rate exceeded 90Mbps
no groups
mail_address taks@w-ins.net
mail_body Application Total Rate exceeded 90Mbps
no attribute_name
name Total_Rate_Monitorintg
clear_delay 00:01:00.000
no enabled
filter total_rate>90000
no trap
no restore_attribute_value
exit
#
#
interface external1
no secondary_addresses
ingress_policy_map external1_ipm
no dynamic
unmatched_efc
outer_interface
no secondary_peer
dhcp_subnet 0.0.0.0/0
no port_forwarders
proxy_arp
requested_direction external
dhcp_default_gw 0.0.0.0
shaper_margin 10.0
rate 500000
state enabled
fib fib0
dhcp_low_range 0.0.0.0
no default_ipv4_gateway
no address_pools
no hidden
type ethernet
parent_efc
no description
dhcp_default_lease_time 00:00:00.000
primary_address ::/0
peer internal1
dhcp_broadcast_addr 0.0.0.0
no control_peak
name external1
shaped
arp_timeout 00:00:00.000
lag_interface
no dhcp_enabled
dhcp_max_lease_time 00:00:00.000
egress_policy_map external1_epm
dhcp_hi_range 0.0.0.0
no flash_led
exit
interface external1.any
no secondary_addresses
ingress_policy_map external1.any_ipm
no dynamic
outer_interface external1
no secondary_peer
dhcp_subnet 0.0.0.0/0
no port_forwarders
proxy_arp
requested_direction external
dhcp_default_gw 0.0.0.0
shaper_margin 10.0
rate 500000
state enabled
fib fib0
dhcp_low_range 0.0.0.0
no default_ipv4_gateway
no address_pools
no hidden
type vlan
parent_efc
unmatched_efc
no description
dhcp_default_lease_time 00:00:00.000
primary_address ::/0
peer internal1.any
dhcp_broadcast_addr 0.0.0.0
no control_peak
name external1.any
shaped
arp_timeout 00:00:00.000
lag_interface
no dhcp_enabled
dhcp_max_lease_time 00:00:00.000
egress_policy_map external1.any_epm
dhcp_hi_range 0.0.0.0
no flash_led
exit
interface internal1
no secondary_addresses
ingress_policy_map internal1_ipm
no dynamic
unmatched_efc
outer_interface
no secondary_peer
dhcp_subnet 0.0.0.0/0
no port_forwarders
proxy_arp
requested_direction internal
dhcp_default_gw 0.0.0.0
shaper_margin 10.0
rate 500000
state enabled
fib fib0
dhcp_low_range 0.0.0.0
no default_ipv4_gateway
no address_pools
no hidden
type ethernet
parent_efc
no description
dhcp_default_lease_time 00:00:00.000
primary_address ::/0
peer external1
dhcp_broadcast_addr 0.0.0.0
no control_peak
name internal1
shaped
arp_timeout 00:00:00.000
lag_interface
no dhcp_enabled
dhcp_max_lease_time 00:00:00.000
egress_policy_map internal1_epm
dhcp_hi_range 0.0.0.0
no flash_led
exit
interface internal1.any
no secondary_addresses
ingress_policy_map internal1.any_ipm
no dynamic
outer_interface internal1
no secondary_peer
dhcp_subnet 0.0.0.0/0
no port_forwarders
proxy_arp
requested_direction internal
dhcp_default_gw 0.0.0.0
shaper_margin 10.0
rate 500000
state enabled
fib fib0
dhcp_low_range 0.0.0.0
no default_ipv4_gateway
no address_pools
no hidden
type vlan
parent_efc
unmatched_efc
no description
dhcp_default_lease_time 00:00:00.000
primary_address ::/0
peer external1.any
dhcp_broadcast_addr 0.0.0.0
no control_peak
name internal1.any
shaped
arp_timeout 00:00:00.000
lag_interface
no dhcp_enabled
dhcp_max_lease_time 00:00:00.000
egress_policy_map internal1.any_epm
dhcp_hi_range 0.0.0.0
no flash_led
exit
#
#
administrator admin
encrypted_password $5$LBLoJGFsTPCf$ucn5TXXMFfMz.IkZtsT9EV/CKXihes1.Qw/pNMdSQ3B
no description
no dynamic
enabled
privilege superuser
no hidden
name admin
exit
administrator FlowCommand
encrypted_password $5$JUV7L/f1T4Y$Pq88P9JaDQN/0ei.vi6LH4rpE9SMHW2EfuKyAcI4q02
no description
no dynamic
enabled
privilege monitor
no hidden
name FlowCommand
exit
administrator sbbaek
encrypted_password $5$B5P5XoWFL4$Fg3pM7xmrS31UPouJZsbZ1Oq4EuzNG.AUb9DL0DrKg4
no description
no dynamic
enabled
privilege superuser
no hidden
name sbbaek
exit
#
#
application youtube
no track_in_history
priority 10000
no short_lived
protocol youtube
no description
no stop_dpi
no drop
no dynamic
server youtube%e|googlevideo.com|googlevideo.c|googlevideo.co
chargeable dontcare
track_users
no location
groups streaming
map_location
no hidden
no ports
no postprocess
name youtube
exit
#
#
group games
no nested_groups
no description
no dynamic
no track_in_history
no hidden
type app
name games
exit
group p2p
no nested_groups
no description
no dynamic
no track_in_history
no hidden
type app
name p2p
exit
group speedtest
no nested_groups
no description
no dynamic
no track_in_history
no hidden
type app
name speedtest
exit
group streaming
no nested_groups
no description
no dynamic
no track_in_history
no hidden
type app
name streaming
exit
group updates
no nested_groups
no description
no dynamic
no track_in_history
no hidden
type app
name updates
exit
group voip
no nested_groups
no description
no dynamic
no track_in_history
no hidden
type app
name voip
exit
#
#
script USER_LISTENER
no interval
no description
no persistent
file_name user_listener.py
no dynamic
no argument
no days
no start_times
no end_time
directory /etc/stmfiles/files/scripts
no hidden
run_on_boot
name USER_LISTENER
exit
#
#
user User-10.10.100.35
description tak
no dynamic
chargeable_bytes_base 0
quota 0
no track_in_history
no location
no groups
map_location
no hidden
name User-10.10.100.35
exit
#
#
acl Youtube
no subnets
no description
no dynamic
no hidden
no ports
name Youtube
exit
#
#
policy games
geolocation
shared_partition
chargeable dontcare
no next_hop_ases
upstream_cir 0
downstream_mir 0
no dynamic
flow_rate_cap 0
no maximum_packets
no maximum_total_bytes
no excluded_groups
acl
host_downstream_mir 0
downstream_cir 0
no minimum_duration
no host_equalisation
no maximum_delay
shaper_margin 10.0
minimum_delay 0.000
sequence 8000
no maximum_rate
priority high
no final_ases
no dscp_rewrite
no minimum_total_bytes
no hidden
no maximum_duration
initial_rate_plan
no ports
no subnets
policy_route_interface
host_upstream_cir 0
no description
parent
attach_to_tunnel
no rate_multiplier
attach_to_interface
no applications
no shaped
groups games
percent_mir 0.0
minimum_distress 0
no minimum_rate
name games
policy_route_address ::
no threat_level
no minimum_packets
no drop
enabled
host_downstream_cir 0
host_upstream_mir 0
attach_to_access_point
top_host dontcare
no reputation
upstream_mir 0
no threat_types
percent_cir 0.0
burst_threshold 30
attach_to_rate_plan
exit
policy other
geolocation
shared_partition
chargeable dontcare
no next_hop_ases
upstream_cir 0
downstream_mir 0
no dynamic
flow_rate_cap 0
no maximum_packets
no maximum_total_bytes
no excluded_groups
acl
host_downstream_mir 0
downstream_cir 0
no minimum_duration
host_equalisation
no maximum_delay
shaper_margin 10.0
minimum_delay 0.000
sequence 9000
no maximum_rate
priority normal
no final_ases
no dscp_rewrite
no minimum_total_bytes
no hidden
no maximum_duration
initial_rate_plan
no ports
no subnets
policy_route_interface
host_upstream_cir 0
no description
parent
attach_to_tunnel
no rate_multiplier
attach_to_interface
no applications
no shaped
no groups
percent_mir 0.0
minimum_distress 0
no minimum_rate
name other
policy_route_address ::
no threat_level
no minimum_packets
no drop
enabled
host_downstream_cir 0
host_upstream_mir 0
attach_to_access_point
top_host dontcare
no reputation
upstream_mir 0
no threat_types
percent_cir 0.0
burst_threshold 30
attach_to_rate_plan
exit
policy p2p
geolocation
shared_partition
chargeable dontcare
no next_hop_ases
upstream_cir 0
downstream_mir 0
no dynamic
flow_rate_cap 0
no maximum_packets
no maximum_total_bytes
no excluded_groups
acl
host_downstream_mir 0
downstream_cir 0
no minimum_duration
host_equalisation
no maximum_delay
shaper_margin 10.0
minimum_delay 0.000
sequence 8000
no maximum_rate
priority normal
no final_ases
no dscp_rewrite
no minimum_total_bytes
no hidden
no maximum_duration
initial_rate_plan
no ports
no subnets
policy_route_interface
host_upstream_cir 0
no description
parent
attach_to_tunnel
no rate_multiplier
attach_to_interface
no applications
no shaped
groups p2p
percent_mir 0.0
minimum_distress 0
no minimum_rate
name p2p
policy_route_address ::
no threat_level
no minimum_packets
no drop
enabled
host_downstream_cir 0
host_upstream_mir 0
attach_to_access_point
top_host dontcare
no reputation
upstream_mir 0
no threat_types
percent_cir 0.0
burst_threshold 30
attach_to_rate_plan
exit
policy speedtest
geolocation
shared_partition
chargeable dontcare
no next_hop_ases
upstream_cir 0
downstream_mir 0
no dynamic
flow_rate_cap 0
no maximum_packets
no maximum_total_bytes
no excluded_groups
acl
host_downstream_mir 0
downstream_cir 0
no minimum_duration
no host_equalisation
no maximum_delay
shaper_margin 10.0
minimum_delay 0.000
sequence 8000
no maximum_rate
priority override
no final_ases
no dscp_rewrite
no minimum_total_bytes
no hidden
no maximum_duration
initial_rate_plan
no ports
no subnets
policy_route_interface
host_upstream_cir 0
no description
parent
attach_to_tunnel
no rate_multiplier
attach_to_interface
no applications
no shaped
groups speedtest
percent_mir 0.0
minimum_distress 0
no minimum_rate
name speedtest
policy_route_address ::
no threat_level
no minimum_packets
no drop
enabled
host_downstream_cir 0
host_upstream_mir 0
attach_to_access_point
top_host dontcare
no reputation
upstream_mir 0
no threat_types
percent_cir 0.0
burst_threshold 30
attach_to_rate_plan
exit
policy streaming
geolocation
shared_partition
chargeable dontcare
no next_hop_ases
upstream_cir 0
downstream_mir 0
no dynamic
flow_rate_cap 0
no maximum_packets
no maximum_total_bytes
no excluded_groups
acl
host_downstream_mir 0
downstream_cir 0
no minimum_duration
no host_equalisation
no maximum_delay
shaper_margin 10.0
minimum_delay 0.000
sequence 8000
no maximum_rate
priority high
no final_ases
no dscp_rewrite
no minimum_total_bytes
no hidden
no maximum_duration
initial_rate_plan
no ports
no subnets
policy_route_interface
host_upstream_cir 0
no description
parent
attach_to_tunnel
no rate_multiplier
attach_to_interface
no applications
no shaped
groups streaming
percent_mir 0.0
minimum_distress 0
no minimum_rate
name streaming
policy_route_address ::
no threat_level
no minimum_packets
no drop
enabled
host_downstream_cir 0
host_upstream_mir 0
attach_to_access_point
top_host dontcare
no reputation
upstream_mir 0
no threat_types
percent_cir 30.0
burst_threshold 30
attach_to_rate_plan
exit
policy updates
geolocation
shared_partition
chargeable dontcare
no next_hop_ases
upstream_cir 0
downstream_mir 0
no dynamic
flow_rate_cap 0
no maximum_packets
no maximum_total_bytes
no excluded_groups
acl
host_downstream_mir 0
downstream_cir 0
no minimum_duration
no host_equalisation
no maximum_delay
shaper_margin 10.0
minimum_delay 0.000
sequence 8000
no maximum_rate
priority background
no final_ases
no dscp_rewrite
no minimum_total_bytes
no hidden
no maximum_duration
initial_rate_plan
no ports
no subnets
policy_route_interface
host_upstream_cir 0
no description
parent
attach_to_tunnel
no rate_multiplier
attach_to_interface
no applications
no shaped
groups updates
percent_mir 0.0
minimum_distress 0
no minimum_rate
name updates
policy_route_address ::
no threat_level
no minimum_packets
no drop
enabled
host_downstream_cir 0
host_upstream_mir 0
attach_to_access_point
top_host dontcare
no reputation
upstream_mir 0
no threat_types
percent_cir 0.0
burst_threshold 30
attach_to_rate_plan
exit
policy voip
geolocation
shared_partition
chargeable dontcare
no next_hop_ases
upstream_cir 0
downstream_mir 0
no dynamic
flow_rate_cap 0
no maximum_packets
no maximum_total_bytes
no excluded_groups
acl
host_downstream_mir 0
downstream_cir 0
no minimum_duration
no host_equalisation
no maximum_delay
shaper_margin 10.0
minimum_delay 0.000
sequence 8000
no maximum_rate
priority high
no final_ases
no dscp_rewrite
no minimum_total_bytes
no hidden
no maximum_duration
initial_rate_plan
no ports
no subnets
policy_route_interface
host_upstream_cir 0
no description
parent
attach_to_tunnel
no rate_multiplier
attach_to_interface
no applications
no shaped
groups voip
percent_mir 0.0
minimum_distress 0
no minimum_rate
name voip
policy_route_address ::
no threat_level
no minimum_packets
no drop
enabled
host_downstream_cir 0
host_upstream_mir 0
attach_to_access_point
top_host dontcare
no reputation
upstream_mir 0
no threat_types
percent_cir 10.0
burst_threshold 30
attach_to_rate_plan
exit
policy Youtube
geolocation
shared_partition
chargeable dontcare
no next_hop_ases
upstream_cir 0
downstream_mir 0
no dynamic
flow_rate_cap 0
no maximum_packets
no maximum_total_bytes
no excluded_groups
acl
host_downstream_mir 0
downstream_cir 0
no minimum_duration
no host_equalisation
no maximum_delay
shaper_margin 10.0
minimum_delay 0.000
sequence 1000
no maximum_rate
priority normal
no final_ases
no dscp_rewrite
no minimum_total_bytes
no hidden
no maximum_duration
initial_rate_plan
no ports
no subnets
policy_route_interface
host_upstream_cir 0
no description
parent
attach_to_tunnel
no rate_multiplier
attach_to_interface
applications youtube
no shaped
no groups
percent_mir 0.0
minimum_distress 0
no minimum_rate
name Youtube
policy_route_address ::
no threat_level
no minimum_packets
no drop
enabled
host_downstream_cir 0
host_upstream_mir 0
attach_to_access_point
top_host dontcare
no reputation
upstream_mir 0
no threat_types
percent_cir 0.0
burst_threshold 30
attach_to_rate_plan
exit
stm1wins#

[FortiSandbox Clustering Setting]

Step 1 - Configure the master

1. Configure the port IP addresses and gateway address with the following commands:
   set port1-ip 192.168.1.99/24
   set port2-ip 192.168.2.99/24
   set port3-ip 192.168.3.99/24
   set default-gw 192.168.1.1
2. Configure the device as the master node and its cluster fail-over IP for Port1 with the following commands:
   hc-settings -sc -tM -nMasterA -cTestHCsystem -ppassw0rd -iport2
   hc-settings -si -iport1 -a192.168.1.98/24
   See Appendix A - CLI Reference on page 1 for more information about the CLI commands.
3. Review the cluster status with the following command:
   hc-status -l
   Other ports on the device can be used for file inputs.

Step 2 - Configure the primary slave

1. Configure the port IP addresses and gateway address with the following commands:
   set port1-ip 192.168.1.100/24
   set port2-ip 192.168.2.100/24
   set port3-ip 192.168.3.100/24
   set default-gw 192.168.1.1
2. Configure the device as the primary slave node with the following commands:
   hc-settings -s -tP -nPslaveB -iport2
   hc-settings -l
   hc-slave -a -s192.168.2.99 -ppassw0rd
3. Review the cluster status with the following command:
   hc-status -l

Step 3 - Configure the normal slave

1. Configure the port IP addresses and gateway address with the following commands:
   set port1-ip 192.168.1.101/24
   set port2-ip 192.168.2.101/24
   set port3-ip 192.168.3.101/24
   set default-gw 192.168.1.1
2. Configure the device as a slave node with the following commands:
   hc-settings -s -tR -nSlaveC -iport2
   hc-settings -l
   hc-slave -a -s192.168.2.99 -ppassw0rd
3. Review the cluster status with the following command:
   hc-status -l

Example 8—Flexible Inline Single Tag Configuration

When you configure inline maps with single VLAN tag, the map rules must have the same VLAN tag as configured in the from parameter.

The following is an example of a flexible inline single tag configuration.

map alias map1_in1_100_11
  type flexinline byRule
  rule add pass ipver 4 vlan 100
  from in1 vlan 100
  a-to-b it1_extTool,itg1
  b-to-a reverse
  tag 11
  oob-copy from in1 to 1/2/x1 tag original
  oob-copy from it1_extTool to 1/2/x1 tag original
  exit
 

[SSL VPN] Configuration

AxGate# show running-config 
aos v2.1-x86(2.5-r28000)
!
hostname AxGate
!
username change password duration 60
username axroot privilege 15 password 5 8.ktW$kkQKSeYoc1JbA0nWqfQhiLhGIYulzXSPkjZ86cLUZ96
!
clock timezone KST 9 
!
config sync manual 
config sync group ip service time target
config sync signature
config sync parameters
config sync aip
config sync arp-sniff
config sync policy userauth security nat
config sync admin network
config sync l2-tunnel
!
config full-sync exclude ha
config full-sync exclude hostname
config full-sync exclude full-sync
config full-sync exclude sync
config full-sync exclude vrrp
!
healthcheck threshold 600
!
security zone dmz
security zone ssl
security zone trust
security zone untrust
security zone any
!
logging
 console kernel off
 memory system severity informational
 memory audit
 memory session
 memory application
 memory ipsec
 memory anti-ddos
 memory ips
 memory anti-spam
 memory anti-virus
 memory sslvpn
 memory userauth
 file option size 50 alert 7 purge 5
 file system audit session application ipsec anti-ddos ips anti-spam anti-virus sslvpn userauth
!
statistics log at 01:00:00
!
report
 option top count 10
 language html korean
!
arp max-entries 8192
!
ip domain-lookup timeout 1 retry 1
!
ip dhcp server lease-check icmp svpn0
!
ip dhcp pool ssl
 network 50.0.0.0 255.255.255.0
 range 50.0.0.10 50.0.0.50
 classless-routes 7.7.1.10/32 50.0.0.1
 lease 1 0 0
!
ipv6 neighbor max-entries 1024
!
ip igmp max-memberships 20
!
interface lo
 ip address 127.0.0.1/8
!
interface eth0-0
 ip address 10.10.11.116/24
 security-zone untrust
 no shutdown
!
interface eth0-1
 ip address 7.7.2.1/24
 security-zone trust
 no shutdown
!
interface eth0-2
 shutdown
!
interface eth0-3
 shutdown
!
interface eth0-4
 shutdown
!         
interface eth0-5
 shutdown
!
interface eth0-6
 shutdown
!
interface eth0-7
 shutdown
!
interface eth0-8
 shutdown
!
interface eth0-9
 shutdown
!
interface bond0
 bonding mode balance-rr
 bonding link-check miimon 1
 shutdown
!
interface svpn0
 mtu 1426
 sslvpn heartbeat interval 500 threshold 10
 sslvpn proto tcp port 7900 queue 16384
 sslvpn key 1q2w3e
 sslvpn algorithm aes128 aes128
 sslvpn source eth0-0
 ip address 50.0.0.1/24
 security-zone ssl
 no shutdown
!
ip route 0.0.0.0/0 10.10.11.1
ip route 7.7.1.0/24 10.10.11.118
!
security parameters
 no offloading
 control-no3way-timeout
 session-timeout generic 1800
 session-timeout icmp 10
 session-timeout tcp 3600
 session-timeout udp 60
 state-timeout tcp syn-sent 120
 state-timeout tcp syn-recv 60
 state-timeout tcp no3way-est 60
 state-timeout tcp fin-wait 120
 state-timeout tcp close-wait 60
 state-timeout tcp last-ack 30
 state-timeout tcp time-wait 120
 state-timeout tcp reset 3
 session-limit 4500002
 logging firewall
 logging ha session-synced
 logging security-policy expired
 logging nat-policy expired
 logging ipsec
 logging ips
 logging anti-ddos
 logging anti-spam
 logging anti-virus
 logging application
 logging sslvpn
 logging userauth
 accounting firewall
 accounting ips
 accounting anti-ddos
 accounting anti-spam
 accounting anti-virus
 accounting ipsec
 accounting application
 top-statistics update-time 10
 top-statistics topn-count 10
 qos priority queue length 10
 qos priority queue restore-time 10000
 qos priority queue host-lifetime 60
 nat entry-limit 5000
 reference update-time 600
 use-abbreviated-shell
!
security signature timeout connection 10 transaction 60
security signature retry connection 3
security signature code 20
!
ddns
 update-period 600
!
service group acmsoda
 proto tcp sport any dport eq 6969
!
service group ats
 proto tcp sport any dport eq 2201
!
service group avt-profile
 proto tcp sport any dport eq 5004
!
service group bgp
 proto tcp sport any dport eq 179
!
service group blp2
 proto tcp sport any dport eq 8195
!
service group bootpc
 proto udp sport any dport eq 68
!
service group bootps
 proto udp sport any dport eq 67
!
service group dcube(default)
 proto esp
 proto udp sport any dport eq 7900
!
service group dhcpv6-server
 proto tcp sport any dport eq 547
!
service group dns
 proto tcp sport any dport eq 53
 proto udp sport any dport eq 53
!
service group fodms
 proto udp sport any dport eq 7200
!
service group ftp
 proto tcp sport any dport eq 21
!
service group ftps
 proto tcp sport any dport eq 990
!
service group h263-video
 proto tcp sport any dport eq 2979
!
service group h323gatedisc
 proto tcp sport any dport eq 1718
!
service group h323gatestat
 proto tcp sport any dport eq 1719
!
service group h323hostcall
 proto tcp sport any dport eq 1720
!         
service group h323hostcallsc
 proto tcp sport any dport eq 1300
!
service group hostmon
 proto udp sport any dport eq 5355
!
service group hpvipgrp
 proto tcp sport any dport eq 5223
!
service group http
 proto tcp sport any dport eq 80
!
service group https
 proto tcp sport any dport eq 443
!
service group ike
 proto udp sport any dport eq 500
!
service group imap
 proto tcp sport any dport eq 143
 proto tcp sport any dport eq 993
!
service group imaps
 proto tcp sport any dport eq 993
!
service group kerberos
 proto tcp sport any dport eq 88
!
service group kerberos_v5
 proto tcp sport any dport eq 464
!
service group l2tp
 proto udp sport any dport eq 1701
!
service group ldap
 proto tcp sport any dport eq 389
!
service group ldaps
 proto tcp sport any dport eq 636
!
service group mdns
 proto udp sport any dport eq 5353
!
service group mevent
 proto tcp sport any dport eq 7900
!         
service group microsoft-ds
 proto tcp sport any dport eq 445
!
service group mindprintf
 proto tcp sport any dport eq 8033
!
service group mms
 proto tcp sport any dport eq 1755
 proto udp sport any dport eq 1755
!
service group ms-sql
 proto udp sport any dport eq 1434
 proto tcp sport any dport eq 1433
!
service group ms-sql-m
 proto udp sport any dport eq 1434
!
service group ms-sql-s
 proto tcp sport any dport eq 1433
!
service group mysql
 proto tcp sport any dport eq 3306
!         
service group netbios
 proto udp sport any dport multi 137 138 139
!
service group netbios-dgm
 proto udp sport any dport eq 138
!
service group netbios-ns
 proto udp sport any dport eq 137
!
service group netbios-ssn
 proto udp sport any dport eq 139
!
service group ntp
 proto udp sport any dport eq 123
!
service group oracle
 proto tcp sport any dport eq 1521
!
service group oracle-em2
 proto tcp sport any dport eq 1754
!
service group oracle-vp1
 proto tcp sport any dport eq 1809
!
service group oracle-vp2
 proto tcp sport any dport eq 1808
!
service group pharos
 proto tcp sport any dport eq 4443
!
service group pop3
 proto tcp sport any dport eq 110
 proto tcp sport any dport eq 995
!
service group pptp
 proto udp sport any dport eq 1723
!
service group proshare-mc-2
 proto tcp sport any dport eq 1674
!
service group radius-account
 proto tcp sport any dport eq 1813
!
service group radius-auth
 proto tcp sport any dport eq 1812
!         
service group regacy_radius
 proto tcp sport any dport multi 1645 1646
!
service group rsync
 proto tcp sport any dport eq 873
!
service group rtsp
 proto tcp sport any dport eq 554
!
service group sabams
 proto tcp sport any dport eq 2760
!
service group sftp
 proto tcp sport any dport eq 115
!
service group smtp
 proto tcp sport any dport eq 25
!
service group smtps
 proto tcp sport any dport eq 465
!
service group snapp
 proto tcp sport any dport eq 2333
!
service group snmp
 proto udp sport any dport eq 161
!
service group snmptrap
 proto udp sport any dport eq 162
!
service group ssdp
 proto udp sport any dport eq 1900
!
service group ssh
 proto tcp sport any dport eq 22
!
service group stun
 proto udp sport any dport eq 3478
!
service group syslog
 proto udp sport any dport eq 514
!
service group tcslap
 proto tcp sport any dport eq 2869
!
service group telnet
 proto tcp sport any dport eq 23
!
service group teradataordbms
 proto tcp sport any dport eq 8002
!
service group teredo
 proto udp sport any dport eq 3544
!
service group tftp-mcast
 proto tcp sport any dport eq 1758
!
service group unicall
 proto tcp sport any dport eq 4343
!
service group vcom-tunnel
 proto tcp sport any dport eq 8001
!
service group webcache
 proto tcp sport any dport eq 8080
!
service group www
 proto tcp sport any dport eq 80
 proto tcp sport any dport eq 443
!
service group www-ldap-gw
 proto tcp sport any dport eq 1760
!
service group x11-ssh-offset
 proto tcp sport any dport eq 6010
!
service group xmpp-client
 proto tcp sport any dport eq 5222
!
password policy admin
 length 9 16
 character-count upper 1 lower 1 digit 1 special 1
 impossible sequential-count asc 3 same 3 qwerty-right 3
 impossible contain-word id password 6
!
password policy user
 length 9 16
 character-count english 1 digit 1 special 1
!
userauth http port 10444 secure-port 10443
userauth http-install port 4443
userauth factor ip
userauth expire-timeout 24 expire-update delete-timeout 65535 connection-timeout 1
userauth max-connections 1000
userauth server priority local
userauth username mskang password 5 bJoq0$vdlEf8FVv1CqhdC3eFev.L0z0f/dAVUgCrhy3tyrFG7
userauth username test01 password 5 bJo35$EflVN/ufphqDzV8ZS498mrMv93yI9GSE2Vy6AjBJTd5
userauth username test02 password 5 4DmRC$d9M.Cb93m.JZWBFX6mcfuB9wEMJAbFCZiY/w0TzcD8C
userauth group special
userauth group special username mskang
userauth group special username test01
userauth group special username test02
!
application http option url-cache 10000
!
ip userauth policy from ssl to trust 1
 source any
 destination any
 action authenticate
 enable
!
ip userauth policy from ssl to untrust 1
 source any
 destination any
 action authenticate
 enable
!
security policy index 3
!
ip security policy from ssl to trust 10 id 1
 source any
 destination any
 action pass log
 enable
!
ip security policy from ssl to untrust 10 id 3
 source any
 destination any
 tcp-mss 1300
 action pass log
 enable
!
vrrp vmac disable
!
line vty
 exec-timeout 10 0
 telnet port 2333
 ssh port 2222
 http secure-port 4433
 login server request-condition auth-fail
 login server priority local
 login server privilege default monitor
!
end

AxGate#    

EX2300 OSPF SW#6

root@SW6# run show configuration | display set
set version 18.2R3-S4.1
set groups phcd_user_script system scripts op allow-url-for-python
set groups phcd_user_script system scripts language python
set apply-groups phcd_user_script
set system root-authentication encrypted-password "$6$3j/9mf6Z$Q7PfdiLhdbyl8p2NMZHzaJav3dW6N6QQ4AvYwobvDAfZpSh/seAisGmpHrj7uieu/a3mNSk5BJwi3976.79GX0"
set system host-name SW6
set system auto-snapshot
set system services telnet
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system syslog file interface daemon info
set system syslog file interface match "SNMP_TRAP_LINK_UP|SNMP_TRAP_LINK_DOWN"
set chassis alarm management-ethernet link-down ignore
set interfaces ge-0/0/0 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/1 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/2 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/3 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/4 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/5 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/6 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/7 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/8 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/9 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/10 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/11 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/12 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/13 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/14 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/15 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/16 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/17 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/18 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/19 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/20 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/21 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/22 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/23 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/24 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/25 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/26 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/27 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/28 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/29 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/30 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/31 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/32 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/33 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/34 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/35 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/36 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/37 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/38 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/39 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/40 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/41 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/42 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/43 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/44 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/45 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/46 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/0/47 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/1/0 hold-time up 0
set interfaces ge-0/1/0 hold-time down 500
set interfaces ge-0/1/0 unit 0 family inet address 46.46.46.2/24
set interfaces xe-0/1/0 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/1/1 hold-time up 0
set interfaces ge-0/1/1 hold-time down 500
set interfaces ge-0/1/1 unit 0 family inet address 56.56.56.2/24
set interfaces xe-0/1/1 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/1/2 unit 0 family ethernet-switching storm-control default
set interfaces xe-0/1/2 unit 0 family ethernet-switching storm-control default
set interfaces ge-0/1/3 unit 0 family ethernet-switching storm-control default
set interfaces xe-0/1/3 unit 0 family ethernet-switching storm-control default
set interfaces irb unit 0 family inet address 7.7.6.1/24
set interfaces lo0 unit 0 family inet address 6.6.6.6/32
set forwarding-options storm-control-profiles default all
set forwarding-options analyzer gm-monitor input ingress interface ge-0/1/0.0
set forwarding-options analyzer gm-monitor input ingress interface ge-0/1/1.0
set forwarding-options analyzer gm-monitor output interface ge-0/0/47.0
## set routing-options forwarding-table export ecmp
## set routing-options forwarding-table ecmp-fast-reroute
set protocols ospf area 0.0.0.0 interface ge-0/1/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/1/1.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface irb.0 passive
set protocols ospf3 area 0.0.0.0 interface ge-0/1/0.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface ge-0/1/1.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface lo0.0 passive
set protocols ospf3 area 0.0.0.0 interface irb.0 passive
set protocols lldp interface all
set protocols lldp-med interface all
set protocols igmp-snooping vlan default
set policy-options policy-statement ecmp then load-balance per-packet
set vlans default vlan-id 1
set vlans default l3-interface irb.0

EX4200 OSPF & LACP SW#5

root@SW5# run show configuration | display set
set version 12.3R9.4
set system host-name SW5
set system root-authentication encrypted-password "$1$Qp95b1m6$tJ8VgCXGWXsD6sAZdt9HV1"
set system login user isd uid 1001
set system login user isd class super-user
set system login user isd authentication encrypted-password "$1$IF2vLXTr$w48niAOWvFxZ5xT/93Tg2/"
set system services telnet
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system syslog file interface daemon info
set system syslog file interface match "SNMP_TRAP_LINK_UP|SNMP_TRAP_LINK_DOWN"
set chassis aggregated-devices ethernet device-count 4
set chassis alarm management-ethernet link-down ignore
set chassis auto-image-upgrade
set interfaces ge-0/0/0 hold-time up 0
set interfaces ge-0/0/0 hold-time down 500
set interfaces ge-0/0/0 unit 0 family inet address 56.56.56.1/24
set interfaces ge-0/0/1 unit 0 family ethernet-switching
set interfaces ge-0/0/2 hold-time up 0
set interfaces ge-0/0/2 hold-time down 500
set interfaces ge-0/0/2 ether-options 802.3ad ae0
set interfaces ge-0/0/3 hold-time up 0
set interfaces ge-0/0/3 hold-time down 500
set interfaces ge-0/0/3 ether-options 802.3ad ae0
set interfaces ge-0/0/4 unit 0 family ethernet-switching
set interfaces ge-0/0/5 unit 0 family ethernet-switching
set interfaces ge-0/0/6 unit 0 family ethernet-switching
set interfaces ge-0/0/7 unit 0 family ethernet-switching
set interfaces ge-0/0/8 unit 0 family ethernet-switching
set interfaces ge-0/0/9 unit 0 family ethernet-switching
set interfaces ge-0/0/10 unit 0 family ethernet-switching
set interfaces ge-0/0/11 unit 0 family ethernet-switching
set interfaces ge-0/0/12 unit 0 family ethernet-switching
set interfaces ge-0/0/13 unit 0 family ethernet-switching
set interfaces ge-0/0/14 unit 0 family ethernet-switching
set interfaces ge-0/0/15 unit 0 family ethernet-switching
set interfaces ge-0/0/16 unit 0 family ethernet-switching
set interfaces ge-0/0/17 unit 0 family ethernet-switching
set interfaces ge-0/0/18 hold-time up 0
set interfaces ge-0/0/18 hold-time down 500
set interfaces ge-0/0/18 unit 0 family inet address 45.45.45.2/24
set interfaces ge-0/0/19 unit 0 family ethernet-switching
set interfaces ge-0/0/20 unit 0 family ethernet-switching
set interfaces ge-0/0/21 unit 0 family ethernet-switching
set interfaces ge-0/0/22 unit 0 family ethernet-switching
set interfaces ge-0/0/23 unit 0 family ethernet-switching
set interfaces ge-0/1/0 unit 0 family ethernet-switching
set interfaces xe-0/1/0 unit 0 family ethernet-switching
set interfaces ge-0/1/1 unit 0 family ethernet-switching
set interfaces xe-0/1/1 unit 0 family ethernet-switching
set interfaces ge-0/1/2 unit 0 family ethernet-switching
set interfaces xe-0/1/2 unit 0 family ethernet-switching
set interfaces ge-0/1/3 unit 0 family ethernet-switching
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 unit 0 family inet address 35.35.35.2/24
set interfaces lo0 unit 0 family inet address 5.5.5.5/32
set routing-options forwarding-table export ecmp
set routing-options forwarding-table ecmp-fast-reroute
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/18.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ae0.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface ge-0/0/18.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface lo0.0 passive
set protocols ospf3 area 0.0.0.0 interface ae0.0 interface-type p2p
set protocols igmp-snooping vlan all
set protocols igmp-snooping vlan default
set protocols lldp interface all
set protocols lldp-med interface all
set policy-options policy-statement ecmp then load-balance per-packet
set ethernet-switching-options storm-control interface all
set poe interface all

EX4200 OSPF & LACP SW#4

root@SW4# run show configuration | display set
set version 12.3R9.4
set system host-name SW4
set system root-authentication encrypted-password "$1$yQEBAZvn$SM4sjpM10uofVrAQOXHWg0"
set system login user isd uid 1001
set system login user isd class super-user
set system login user isd authentication encrypted-password "$1$q9p/yZQ1$3AFSsQ1YZNxqAPtF2R3dy."
set system services telnet
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system syslog file interface daemon info
set system syslog file interface match "SNMP_TRAP_LINK_UP|SNMP_TRAP_LINK_DOWN"
set chassis aggregated-devices ethernet device-count 4
set chassis alarm management-ethernet link-down ignore
set chassis auto-image-upgrade
set interfaces ge-0/0/0 hold-time up 0
set interfaces ge-0/0/0 hold-time down 500
set interfaces ge-0/0/0 unit 0 family inet address 46.46.46.1/24
set interfaces ge-0/0/1 unit 0 family ethernet-switching
set interfaces ge-0/0/2 hold-time up 0
set interfaces ge-0/0/2 hold-time down 500
set interfaces ge-0/0/2 ether-options 802.3ad ae0
set interfaces ge-0/0/3 hold-time up 0
set interfaces ge-0/0/3 hold-time down 500
set interfaces ge-0/0/3 ether-options 802.3ad ae0
set interfaces ge-0/0/4 unit 0 family ethernet-switching
set interfaces ge-0/0/5 unit 0 family ethernet-switching
set interfaces ge-0/0/6 unit 0 family ethernet-switching
set interfaces ge-0/0/7 unit 0 family ethernet-switching
set interfaces ge-0/0/8 unit 0 family ethernet-switching
set interfaces ge-0/0/9 unit 0 family ethernet-switching
set interfaces ge-0/0/10 unit 0 family ethernet-switching
set interfaces ge-0/0/11 unit 0 family ethernet-switching
set interfaces ge-0/0/12 unit 0 family ethernet-switching
set interfaces ge-0/0/13 unit 0 family ethernet-switching
set interfaces ge-0/0/14 unit 0 family ethernet-switching
set interfaces ge-0/0/15 unit 0 family ethernet-switching
set interfaces ge-0/0/16 unit 0 family ethernet-switching
set interfaces ge-0/0/17 unit 0 family ethernet-switching
set interfaces ge-0/0/18 hold-time up 0
set interfaces ge-0/0/18 hold-time down 500
set interfaces ge-0/0/18 unit 0 family inet address 45.45.45.1/24
set interfaces ge-0/0/19 unit 0 family ethernet-switching
set interfaces ge-0/0/20 unit 0 family ethernet-switching
set interfaces ge-0/0/21 unit 0 family ethernet-switching
set interfaces ge-0/0/22 unit 0 family ethernet-switching
set interfaces ge-0/0/23 unit 0 family ethernet-switching
set interfaces ge-0/1/0 unit 0 family ethernet-switching
set interfaces xe-0/1/0 unit 0 family ethernet-switching
set interfaces ge-0/1/1 unit 0 family ethernet-switching
set interfaces xe-0/1/1 unit 0 family ethernet-switching
set interfaces ge-0/1/2 unit 0 family ethernet-switching
set interfaces xe-0/1/2 unit 0 family ethernet-switching
set interfaces ge-0/1/3 unit 0 family ethernet-switching
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 unit 0 family inet address 24.24.24.2/24
set interfaces lo0 unit 0 family inet address 4.4.4.4/32
set routing-options forwarding-table export ecmp
set routing-options forwarding-table ecmp-fast-reroute
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/18.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ae0.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface ge-0/0/18.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface lo0.0 passive
set protocols ospf3 area 0.0.0.0 interface ae0.0 interface-type p2p
set protocols igmp-snooping vlan all
set protocols igmp-snooping vlan default
set protocols lldp interface all
set protocols lldp-med interface all
set policy-options policy-statement ecmp then load-balance per-packet
set ethernet-switching-options storm-control interface all
set poe interface all

EX4200 OSPF & LACP SW#3

root@SW3# run show configuration | display set
set version 12.3R9.4
set system host-name SW3
set system root-authentication encrypted-password "$1$BnuMHZY/$aBijYYixSLmMp10AgebVH/"
set system login user isd uid 1001
set system login user isd class super-user
set system login user isd authentication encrypted-password "$1$D9Ehoc0n$1X9.3nHgjxy2ldjOkaTDU1"
set system services telnet
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system syslog file interface daemon info
set system syslog file interface match "SNMP_TRAP_LINK_UP|SNMP_TRAP_LINK_DOWN"
set chassis aggregated-devices ethernet device-count 4
set chassis alarm management-ethernet link-down ignore
set chassis auto-image-upgrade
set interfaces ge-0/0/0 hold-time up 0
set interfaces ge-0/0/0 hold-time down 500
set interfaces ge-0/0/0 unit 0 family inet address 13.13.13.2/24
set interfaces ge-0/0/1 unit 0 family ethernet-switching
set interfaces ge-0/0/2 hold-time up 0
set interfaces ge-0/0/2 hold-time down 500
set interfaces ge-0/0/2 ether-options 802.3ad ae0
set interfaces ge-0/0/3 hold-time up 0
set interfaces ge-0/0/3 hold-time down 500
set interfaces ge-0/0/3 ether-options 802.3ad ae0
set interfaces ge-0/0/4 unit 0 family ethernet-switching
set interfaces ge-0/0/5 unit 0 family ethernet-switching
set interfaces ge-0/0/6 unit 0 family ethernet-switching
set interfaces ge-0/0/7 unit 0 family ethernet-switching
set interfaces ge-0/0/8 unit 0 family ethernet-switching
set interfaces ge-0/0/9 unit 0 family ethernet-switching
set interfaces ge-0/0/10 unit 0 family ethernet-switching
set interfaces ge-0/0/11 unit 0 family ethernet-switching
set interfaces ge-0/0/12 unit 0 family ethernet-switching
set interfaces ge-0/0/13 unit 0 family ethernet-switching
set interfaces ge-0/0/14 unit 0 family ethernet-switching
set interfaces ge-0/0/15 unit 0 family ethernet-switching
set interfaces ge-0/0/16 unit 0 family ethernet-switching
set interfaces ge-0/0/17 unit 0 family ethernet-switching
set interfaces ge-0/0/18 hold-time up 0
set interfaces ge-0/0/18 hold-time down 500
set interfaces ge-0/0/18 unit 0 family inet address 23.23.23.2/24
set interfaces ge-0/0/19 unit 0 family ethernet-switching
set interfaces ge-0/0/20 unit 0 family ethernet-switching
set interfaces ge-0/0/21 unit 0 family ethernet-switching
set interfaces ge-0/0/22 unit 0 family ethernet-switching
set interfaces ge-0/0/23 unit 0 family ethernet-switching
set interfaces ge-0/1/0 unit 0 family ethernet-switching
set interfaces xe-0/1/0 unit 0 family ethernet-switching
set interfaces ge-0/1/1 unit 0 family ethernet-switching
set interfaces xe-0/1/1 unit 0 family ethernet-switching
set interfaces ge-0/1/2 unit 0 family ethernet-switching
set interfaces xe-0/1/2 unit 0 family ethernet-switching
set interfaces ge-0/1/3 unit 0 family ethernet-switching
set interfaces ae0 aggregated-ether-options lacp active
set interfaces ae0 unit 0 family inet address 35.35.35.1/24
set interfaces lo0 unit 0 family inet address 3.3.3.3/32
set routing-options forwarding-table export ecmp
set routing-options forwarding-table ecmp-fast-reroute
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface ge-0/0/18.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface ae0.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface ge-0/0/0.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface ge-0/0/18.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface lo0.0 passive
set protocols ospf3 area 0.0.0.0 interface ae0.0 interface-type p2p
set protocols igmp-snooping vlan all
set protocols igmp-snooping vlan default
set protocols lldp interface all
set protocols lldp-med interface all
set policy-options policy-statement ecmp then load-balance per-packet
set ethernet-switching-options storm-control interface all
set poe interface all