paulmataruso/cml-community
1
0
Fork 0
mirror of https://github.com/CiscoDevNet/cml-community.git synced 2025-11-03 05:23:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
82da71d916171a4448cdb70eb48b8b4bc48ce06b
cml-community/lab-topologies/sandbox-multiplatform-network/multi-platform-network.yaml
Hank Preston 7e8040ef2f sandbox multiplatform sample
2020-06-01 09:51:28 -04:00

2171 lines
60 KiB
YAML
Raw Blame History

lab:
description: A sample network built with IOS XE, NX-OS, IOS XR, and ASA devices. Includes
Linux hosts.
notes: ''
timestamp: 1590053429.3350143
title: Multi Platform Network
version: 0.0.3
nodes:
- id: n0
label: internet-rtr01
node_definition: csr1000v
x: -750
y: -200
configuration: |-
service timestamps debug datetime msec
service timestamps log datetime msec
! Call-home is enabled by Smart-Licensing.
service call-home
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
platform console serial
!
hostname internet-rtr01
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
no logging console
enable password cisco
!
no aaa new-model
call-home
! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
contact-email-addr sch-smart-licensing@cisco.com
profile "CiscoTAC-1"
active
destination transport-method http
no destination transport-method email
!
!
no ip domain lookup
ip domain name virl.info
!
login on-success log
!
subscriber templating
!
!
multilink bundle-name authenticated
!
crypto pki trustpoint SLA-TrustPoint
enrollment pkcs12
revocation-check crl
!
!
crypto pki certificate chain SLA-TrustPoint
certificate ca 01
30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363
6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934
3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305
43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720
526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030
82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D
CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520
1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE
4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC
7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188
68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7
C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191
C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44
DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201
06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85
4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500
03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905
604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B
D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8
467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C
7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B
5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678
80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB
418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0
D697DF7F 28
quit
!
license udi pid CSR1000V sn 9N2F3VJUAMK
diagnostic bootup level minimal
!
spanning-tree extend system-id
memory free low-watermark processor 80526
!
username cisco privilege 15 secret 9 $9$X8t5V6eWdPoRd.$wOxXAiJ8i7jeYcH70M82cMnxDgwX.31ymh9Y18oj3eg
!
redundancy
!
!
interface Loopback0
description to
no ip address
shutdown
!
interface GigabitEthernet1
description to port1.sandbox-backend
vrf forwarding Mgmt-intf
ip address 10.10.20.181 255.255.255.0
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet2
description to GigabitEthernet0/0.edge-firewall01
ip address 172.31.252.1 255.255.255.0
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet3
description to enp0s2.internet-host01
ip address 172.31.0.1 255.255.255.0
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet4
description to
no ip address
shutdown
negotiation auto
no mop enabled
no mop sysid
!
ip forward-protocol nd
no ip http server
ip http secure-server
ip route 172.16.0.0 255.255.0.0 172.31.252.2
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 10.10.20.254
!
ip ssh server algorithm authentication password
!
control-plane
!
!
line con 0
exec-timeout 0 0
password cisco
stopbits 1
line vty 0 4
exec-timeout 720 0
password cisco
login local
transport input telnet ssh
!
!
end
image_definition: csr1000v-161101b
ram: 4096
cpus: 2
tags: []
interfaces:
- id: i0
label: Loopback0
type: loopback
- id: i1
slot: 0
label: GigabitEthernet1
type: physical
- id: i2
slot: 1
label: GigabitEthernet2
type: physical
- id: i3
slot: 2
label: GigabitEthernet3
type: physical
- id: i4
slot: 3
label: GigabitEthernet4
type: physical
- id: n1
label: internet-host01
node_definition: ubuntu
x: -850
y: -200
configuration: |-
#cloud-config
bootcmd:
- ln -s -t /etc/rc.d /etc/rc.local
hostname: internet-host01
manage_etc_hosts: true
runcmd:
- systemctl start rc-local
- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config
- echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
- echo "UseDNS no" >> /etc/ssh/sshd_config
- service ssh restart
- service sshd restart
users:
- default
- gecos: User configured by VIRL Configuration Engine 0.23.12
lock-passwd: false
name: cisco
plain-text-passwd: cisco
shell: /bin/bash
ssh-authorized-keys:
- VIRL-USER-SSH-PUBLIC-KEY
sudo: ALL=(ALL) ALL
write_files:
- path: /etc/rc.local
owner: root:root
permissions: '0755'
content: |-
#!/bin/sh
ifconfig enp0s9 up 10.10.20.182 netmask 255.255.255.0
route add -net 0.0.0.0/0 gw 10.10.20.254 dev enp0s9
ifconfig enp0s2 up 172.31.0.11 netmask 255.255.255.0
route add -net 172.16.0.0/16 gw 172.31.0.1 dev enp0s2
route add -net 172.31.0.0/16 gw 172.31.0.1 dev enp0s2
exit 0
image_definition: ubuntu-18-04
tags: []
interfaces:
- id: i0
slot: 0
label: enp0s2
type: physical
- id: i1
slot: 1
label: enp0s3
type: physical
- id: i2
slot: 2
label: enp0s4
type: physical
- id: i3
slot: 3
label: enp0s5
type: physical
- id: i4
slot: 4
label: enp0s6
type: physical
- id: i5
slot: 5
label: enp0s7
type: physical
- id: i6
slot: 6
label: enp0s8
type: physical
- id: i7
slot: 7
label: enp0s9
type: physical
- id: n2
label: edge-firewall01
node_definition: asav
x: -650
y: -200
configuration: |-
terminal width 511
hostname edge-firewall01
username cisco password cisco privilege 15
enable password cisco
passwd cisco
!
license smart
feature tier standard
throughput level 1G
names
no mac-address auto
!
interface GigabitEthernet0/0
description to GigabitEthernet2.internet-rtr01
duplex full
nameif outside
security-level 0
ip address 172.31.252.2 255.255.255.0
!
interface GigabitEthernet0/1
description to GigabitEthernet0/1.edge-sw01
duplex full
nameif inside
security-level 100
ip address 172.16.253.4 255.255.255.248
!
interface Management0/0
description to port2.sandbox-backend
duplex full
management-only
nameif mgmt
security-level 100
ip address 10.10.20.171 255.255.255.0
!
ftp mode passive
dns domain-lookup mgmt
dns server-group DefaultDNS
name-server 10.17.248.11
name-server 10.17.248.12
same-security-traffic permit inter-interface
object network INSIDE-DEV
subnet 172.16.102.0 255.255.255.0
object network INSIDE-IOT
subnet 172.16.105.0 255.255.255.0
object network INSIDE-PROD
subnet 172.16.101.0 255.255.255.0
object network INSIDE-SECURITY
subnet 172.16.104.0 255.255.255.0
object network INSIDE-TEST
subnet 172.16.103.0 255.255.255.0
object network OUTSIDE-PUBLIC-IP-NETWORK
subnet 172.31.252.0 255.255.255.0
object-group network INSIDE-NETWORKS
network-object object INSIDE-DEV
network-object object INSIDE-IOT
network-object object INSIDE-PROD
network-object object INSIDE-SECURITY
network-object object INSIDE-TEST
access-list global_access remark Allow Ping
access-list global_access extended permit icmp any4 any4 log default
access-list inside_access_in extended permit ip object-group INSIDE-NETWORKS any log default
pager lines 23
logging enable
logging asdm informational
mtu mgmt 1500
mtu outside 1500
mtu inside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
arp rate-limit 8192
access-group inside_access_in in interface inside
access-group global_access global
router ospf 1
network 172.16.253.0 255.255.255.248 area 0
redistribute static
!
route mgmt 0.0.0.0 0.0.0.0 10.10.20.254 1
route outside 172.31.0.0 255.255.0.0 172.31.252.1 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
timeout conn-holddown 0:00:15
timeout igp stale-route 0:01:10
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication login-history
http server enable
http 0.0.0.0 0.0.0.0 mgmt
no snmp-server location
no snmp-server contact
crypto ipsec security-association pmtu-aging infinite
crypto ca trustpoint _SmartCallHome_ServerCA
no validation-usage
crl configure
crypto ca trustpool policy
auto-import
crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca 0509
308205b7 3082039f a0030201 02020205 09300d06 092a8648 86f70d01 01050500
3045310b 30090603 55040613 02424d31 19301706 0355040a 13105175 6f566164
6973204c 696d6974 6564311b 30190603 55040313 1251756f 56616469 7320526f
6f742043 41203230 1e170d30 36313132 34313832 3730305a 170d3331 31313234
31383233 33335a30 45310b30 09060355 04061302 424d3119 30170603 55040a13
1051756f 56616469 73204c69 6d697465 64311b30 19060355 04031312 51756f56
61646973 20526f6f 74204341 20323082 0222300d 06092a86 4886f70d 01010105
00038202 0f003082 020a0282 0201009a 18ca4b94 0d002daf 03298af0 0f81c8ae
4c19851d 089fab29 4485f32f 81ad321e 9046bfa3 86261a1e fe7e1c18 3a5c9c60
172a3a74 8333307d 615411cb edabe0e6 d2a27ef5 6b6f18b7 0a0b2dfd e93eef0a
c6b310e9 dcc24617 f85dfda4 daff9e49 5a9ce633 e62496f7 3fba5b2b 1c7a35c2
d667feab 66508b6d 28602bef d760c3c7 93bc8d36 91f37ff8 db1113c4 9c7776c1
aeb7026a 817aa945 83e205e6 b956c194 378f4871 6322ec17 6507958a 4bdf8fc6
5a0ae5b0 e35f5e6b 11ab0cf9 85eb44e9 f80473f2 e9fe5c98 8cf573af 6bb47ecd
d45c022b 4c39e1b2 95952d42 87d7d5b3 9043b76c 13f1dedd f6c4f889 3fd175f5
92c391d5 8a88d090 ecdc6dde 89c26571 968b0d03 fd9cbf5b 16ac92db eafe797c
adebaff7 16cbdbcd 252be51f fb9a9fe2 51cc3a53 0c48e60e bdc9b476 0652e611
13857263 0304e004 362b2019 02e874a7 1fb6c956 66f07525 dc67c10e 616088b3
3ed1a8fc a3da1db0 d1b12354 df44766d ed41d8c1 b222b653 1cdf351d dca1772a
31e42df5 e5e5dbc8 e0ffe580 d70b63a0 ff33a10f ba2c1515 ea97b3d2 a2b5bef2
8c961e1a 8f1d6ca4 6137b986 7333d797 969e237d 82a44c81 e2a1d1ba 675f9507
a32711ee 16107bbc 454a4cb2 04d2abef d5fd0c51 ce506a08 31f991da 0c8f645c
03c33a8b 203f6e8d 673d3ad6 fe7d5b88 c95efbcc 61dc8b33 77d34432 35096204
921610d8 9e2747fb 3b21e3f8 eb1d5b02 03010001 a381b030 81ad300f 0603551d
130101ff 04053003 0101ff30 0b060355 1d0f0404 03020106 301d0603 551d0e04
1604141a 8462bc48 4c332504 d4eed0f6 03c41946 d1946b30 6e060355 1d230467
30658014 1a8462bc 484c3325 04d4eed0 f603c419 46d1946b a149a447 3045310b
30090603 55040613 02424d31 19301706 0355040a 13105175 6f566164 6973204c
696d6974 6564311b 30190603 55040313 1251756f 56616469 7320526f 6f742043
41203282 02050930 0d06092a 864886f7 0d010105 05000382 0201003e 0a164d9f
065ba8ae 715d2f05 2f67e613 4583c436 f6f3c026 0c0db547 645df8b4 72c946a5
03182755 89787d76 ea963480 1720dce7 83f88dfc 07b8da5f 4d2e67b2 84fdd944
fc775081 e67cb4c9 0d0b7253 f8760707 4147960c fbe08226 93558cfe 221f6065
7c5fe726 b3f73290 9850d437 7155f692 2178f795 79faf82d 26876656 3077a637
78335210 58ae3f61 8ef26ab1 ef187e4a 5963ca8d a256d5a7 2fbc561f cf39c1e2
fb0aa815 2c7d4d7a 63c66c97 443cd26f c34a170a f890d257 a21951a5 2d9741da
074fa950 da908d94 46e13ef0 94fd1000 38f53be8 40e1b46e 561a20cc 6f588ded
2e458fd6 e9933fe7 b12cdf3a d6228cdc 84bb226f d0f8e4c6 39e90488 3cc3baeb
557a6d80 9924f56c 01fbf897 b0945beb fdd26ff1 77680d35 6423acb8 55a103d1
4d4219dc f8755956 a3f9a849 79f8af0e b911a07c b76aed34 d0b62662 381a870c
f8e8fd2e d3907f07 912a1dd6 7e5c8583 99b03808 3fe95ef9 3507e4c9 626e577f
a75095f7 bac89be6 8ea201c5 d666bf79 61f33c1c e1b9825c 5da0c3e9 d848bd19
a2111419 6eb2861b 683e4837 1a88b75d 965e9cc7 ef276208 e291195c d2f121dd
ba174282 97718153 31a99ff6 7d62bf72 e1a3931d cc8a265a 0938d0ce d70d8016
b478a53a 874c8d8a a5d54697 f22c10b9 bc5422c0 01506943 9ef4b2ef 6df8ecda
f1e3b1ef df918f54 2a0b25c1 2619c452 100565d5 8210eac2 31cd2e
quit
telnet 0.0.0.0 0.0.0.0 mgmt
telnet timeout 15
ssh stricthostkeycheck
ssh 0.0.0.0 0.0.0.0 mgmt
ssh timeout 5
console timeout 0
console serial
management-access mgmt
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
dynamic-access-policy-record DfltAccessPolicy
username cisco password ***** pbkdf2 privilege 15
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
policy-map global_policy
class inspection_default
inspect ip-options
inspect netbios
inspect rtsp
inspect sunrpc
inspect tftp
inspect xdmcp
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect esmtp
inspect sqlnet
inspect sip
inspect skinny
policy-map type inspect dns migrated_dns_map_2
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum client auto
message-length maximum 512
no tcp-inspection
!
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email callhome@cisco.com
profile License
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination transport-method http
Cryptochecksum:b81cd20c8219fc5aa3c01e148bc739ce
: end
image_definition: asav-9-12-2
tags: []
interfaces:
- id: i0
slot: 0
label: Management0/0
type: physical
- id: i1
slot: 1
label: GigabitEthernet0/0
type: physical
- id: i2
slot: 2
label: GigabitEthernet0/1
type: physical
- id: n3
label: core-rtr01
node_definition: iosxrv
x: -700
y: 0
configuration: |-
hostname core-rtr01
logging console disable
service timestamps log datetime msec
service timestamps debug datetime msec
telnet vrf default ipv4 server max-servers 10
telnet vrf Mgmt-intf ipv4 server max-servers 10
domain name virl.info
domain lookup disable
vrf Mgmt-intf
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
line template vty
timestamp
exec-timeout 720 0
!
line console
exec-timeout 0 0
absolute-timeout 0
session-timeout 0
!
line default
exec-timeout 0 0
absolute-timeout 0
session-timeout 0
!
vty-pool default 0 50
control-plane
management-plane
inband
interface all
allow all
!
!
!
!
interface Loopback0
description to
shutdown
!
interface MgmtEth0/0/CPU0/0
description to port4.sandbox-backend
vrf Mgmt-intf
ipv4 address 10.10.20.173 255.255.255.0
no shutdown
!
interface GigabitEthernet0/0/0/0
description L3 Link to core-rtr02
ipv4 address 172.16.252.37 255.255.255.252
no shutdown
!
interface GigabitEthernet0/0/0/1
description L3 Link to edge-sw01
ipv4 address 172.16.253.2 255.255.255.248
no shutdown
!
interface GigabitEthernet0/0/0/2
description L3 Link to dist-rtr01
ipv4 address 172.16.252.22 255.255.255.252
no shutdown
!
interface GigabitEthernet0/0/0/3
description L3 Link to dist-rtr02
ipv4 address 172.16.252.30 255.255.255.252
no shutdown
!
router static
address-family ipv4 unicast
0.0.0.0/0 172.16.253.4
!
vrf Mgmt-intf
address-family ipv4 unicast
0.0.0.0/0 10.10.20.254
!
!
!
router ospf 1
area 0
interface GigabitEthernet0/0/0/0
!
interface GigabitEthernet0/0/0/1
!
interface GigabitEthernet0/0/0/2
!
interface GigabitEthernet0/0/0/3
!
!
!
ssh server v2
end
image_definition: iosxrv-6-3-1
tags: []
interfaces:
- id: i0
label: Loopback0
type: loopback
- id: i1
slot: 0
label: MgmtEth0/0/CPU0/0
type: physical
- id: i2
slot: 1
label: GigabitEthernet0/0/0/0
type: physical
- id: i3
slot: 2
label: GigabitEthernet0/0/0/1
type: physical
- id: i4
slot: 3
label: GigabitEthernet0/0/0/2
type: physical
- id: i5
slot: 4
label: GigabitEthernet0/0/0/3
type: physical
- id: n4
label: core-rtr02
node_definition: iosxrv
x: -600
y: 0
configuration: |-
hostname core-rtr02
logging console disable
service timestamps log datetime msec
service timestamps debug datetime msec
telnet vrf default ipv4 server max-servers 10
telnet vrf Mgmt-intf ipv4 server max-servers 10
domain name virl.info
domain lookup disable
vrf Mgmt-intf
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
line template vty
timestamp
exec-timeout 720 0
!
line console
exec-timeout 0 0
absolute-timeout 0
session-timeout 0
!
line default
exec-timeout 0 0
absolute-timeout 0
session-timeout 0
!
vty-pool default 0 50
control-plane
management-plane
inband
interface all
allow all
!
!
!
!
interface Loopback0
description to
shutdown
!
interface MgmtEth0/0/CPU0/0
description to port5.sandbox-backend
vrf Mgmt-intf
ipv4 address 10.10.20.174 255.255.255.0
no shutdown
!
interface GigabitEthernet0/0/0/0
description L3 Link to core-rtr01
ipv4 address 172.16.252.38 255.255.255.252
no shutdown
!
interface GigabitEthernet0/0/0/1
description L3 Link to edge-sw01
ipv4 address 172.16.253.3 255.255.255.248
no shutdown
!
interface GigabitEthernet0/0/0/2
description L3 Link to dist-rtr01
ipv4 address 172.16.252.26 255.255.255.252
no shutdown
!
interface GigabitEthernet0/0/0/3
description L3 Link to dist-rtr02
ipv4 address 172.16.252.34 255.255.255.252
no shutdown
!
router static
address-family ipv4 unicast
0.0.0.0/0 172.16.253.4
!
vrf Mgmt-intf
address-family ipv4 unicast
0.0.0.0/0 10.10.20.254
!
!
!
router ospf 1
area 0
interface GigabitEthernet0/0/0/0
!
interface GigabitEthernet0/0/0/1
!
interface GigabitEthernet0/0/0/2
!
interface GigabitEthernet0/0/0/3
!
!
!
ssh server v2
end
image_definition: iosxrv-6-3-1
tags: []
interfaces:
- id: i0
label: Loopback0
type: loopback
- id: i1
slot: 0
label: MgmtEth0/0/CPU0/0
type: physical
- id: i2
slot: 1
label: GigabitEthernet0/0/0/0
type: physical
- id: i3
slot: 2
label: GigabitEthernet0/0/0/1
type: physical
- id: i4
slot: 3
label: GigabitEthernet0/0/0/2
type: physical
- id: i5
slot: 4
label: GigabitEthernet0/0/0/3
type: physical
- id: n5
label: dist-rtr01
node_definition: csr1000v
x: -700
y: 100
configuration: |-
service timestamps debug datetime msec
service timestamps log datetime msec
! Call-home is enabled by Smart-Licensing.
service call-home
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
platform console serial
!
hostname dist-rtr01
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
no logging console
enable password cisco
!
no aaa new-model
call-home
! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
contact-email-addr sch-smart-licensing@cisco.com
profile "CiscoTAC-1"
active
destination transport-method http
no destination transport-method email
!
no ip domain lookup
ip domain name virl.info
!
login on-success log
!
subscriber templating
!
!
multilink bundle-name authenticated
!
crypto pki trustpoint SLA-TrustPoint
enrollment pkcs12
revocation-check crl
!
!
crypto pki certificate chain SLA-TrustPoint
certificate ca 01
30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363
6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934
3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305
43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720
526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030
82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D
CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520
1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE
4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC
7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188
68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7
C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191
C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44
DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201
06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85
4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500
03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905
604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B
D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8
467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C
7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B
5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678
80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB
418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0
D697DF7F 28
quit
!
license udi pid CSR1000V sn 9QRVOWWZSOE
diagnostic bootup level minimal
!
spanning-tree extend system-id
memory free low-watermark processor 80526
!
restconf
!
username cisco privilege 15 secret 9 $9$iVecEqVTUJzHUk$EO2BfGoo4I8.wW.QanPw2rSxwy9NJt6kc3xFNEFLYSA
!
redundancy
!
!
interface Loopback0
description to
no ip address
shutdown
!
interface GigabitEthernet1
description to port6.sandbox-backend
vrf forwarding Mgmt-intf
ip address 10.10.20.175 255.255.255.0
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet2
description L3 Link to core-rtr01
ip address 172.16.252.21 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet3
description L3 Link to core-rtr02
ip address 172.16.252.25 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet4
description L3 Link to dist-sw01
ip address 172.16.252.2 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet5
description L3 Link to dist-sw02
ip address 172.16.252.10 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet6
description L3 Link to dist-rtr02
ip address 172.16.252.17 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
router ospf 1
no log-adjacency-changes
network 172.16.252.0 0.0.3.255 area 0
!
ip forward-protocol nd
no ip http server
ip http secure-server
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 10.10.20.254
!
ip ssh server algorithm authentication password
!
control-plane
!
!
line con 0
exec-timeout 0 0
password cisco
stopbits 1
line vty 0 4
exec-timeout 720 0
password cisco
login local
transport input telnet ssh
!
!
end
image_definition: csr1000v-161101b
tags: []
interfaces:
- id: i0
label: Loopback0
type: loopback
- id: i1
slot: 0
label: GigabitEthernet1
type: physical
- id: i2
slot: 1
label: GigabitEthernet2
type: physical
- id: i3
slot: 2
label: GigabitEthernet3
type: physical
- id: i4
slot: 3
label: GigabitEthernet4
type: physical
- id: i5
slot: 4
label: GigabitEthernet5
type: physical
- id: i6
slot: 5
label: GigabitEthernet6
type: physical
- id: n6
label: dist-rtr02
node_definition: csr1000v
x: -600
y: 100
configuration: |-
service timestamps debug datetime msec
service timestamps log datetime msec
! Call-home is enabled by Smart-Licensing.
service call-home
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
platform console serial
!
hostname dist-rtr02
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
no logging console
enable password cisco
!
no aaa new-model
call-home
! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
contact-email-addr sch-smart-licensing@cisco.com
profile "CiscoTAC-1"
active
destination transport-method http
no destination transport-method email
!
no ip domain lookup
ip domain name virl.info
!
login on-success log
!
subscriber templating
!
!
multilink bundle-name authenticated
!
crypto pki trustpoint SLA-TrustPoint
enrollment pkcs12
revocation-check crl
!
!
crypto pki certificate chain SLA-TrustPoint
certificate ca 01
30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363
6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934
3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305
43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720
526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030
82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D
CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520
1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE
4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC
7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188
68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7
C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191
C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44
DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201
06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85
4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500
03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905
604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B
D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8
467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C
7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B
5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678
80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB
418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0
D697DF7F 28
quit
!
license udi pid CSR1000V sn 9BYY4VJUS2J
diagnostic bootup level minimal
!
spanning-tree extend system-id
memory free low-watermark processor 80526
!
username cisco privilege 15 secret 9 $9$cONmK/B00qLzO.$iaGnQNzSbJ3ypgnmS02qYpg3FORertbgOgB2CyOHl9g
!
redundancy
!
!
interface Loopback0
description to
no ip address
shutdown
!
interface GigabitEthernet1
description to port7.sandbox-backend
vrf forwarding Mgmt-intf
ip address 10.10.20.176 255.255.255.0
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet2
description L3 Link to core-rtr01
ip address 172.16.252.29 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet3
description L3 Link to core-rtr02
ip address 172.16.252.33 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet4
description L3 Link to dist-sw01
ip address 172.16.252.6 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet5
description L3 Link to dist-sw02
ip address 172.16.252.14 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
interface GigabitEthernet6
description L3 Link to dist-rtr01
ip address 172.16.252.18 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
no shutdown
!
router ospf 1
no log-adjacency-changes
network 172.16.252.0 0.0.3.255 area 0
!
ip forward-protocol nd
no ip http server
ip http secure-server
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 10.10.20.254
!
ip ssh server algorithm authentication password
!
control-plane
!
!
line con 0
exec-timeout 0 0
password cisco
stopbits 1
line vty 0 4
exec-timeout 720 0
password cisco
login local
transport input telnet ssh
!
!
end
image_definition: csr1000v-161101b
tags: []
interfaces:
- id: i0
label: Loopback0
type: loopback
- id: i1
slot: 0
label: GigabitEthernet1
type: physical
- id: i2
slot: 1
label: GigabitEthernet2
type: physical
- id: i3
slot: 2
label: GigabitEthernet3
type: physical
- id: i4
slot: 3
label: GigabitEthernet4
type: physical
- id: i5
slot: 4
label: GigabitEthernet5
type: physical
- id: i6
slot: 5
label: GigabitEthernet6
type: physical
- id: n7
label: dist-sw01
node_definition: nxosv9000
x: -700
y: 200
configuration: |-
hostname dist-sw01
vdc dist-sw01 id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource u4route-mem minimum 96 maximum 96
limit-resource u6route-mem minimum 24 maximum 24
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8
feature telnet
cfs eth distribute
feature ospf
feature interface-vlan
feature hsrp
feature lacp
feature vpc
no password strength-check
username admin password 5 $1$KuOSBsvW$Cy0TSD..gEBGBPjzpDgf51 role network-admin
username adminbackup password 5 ! role network-operator
username adminbackup passphrase lifetime 99999 warntime 14 gracetime 3
username cisco password 5 $1$Nk7ZkwH0$fyiRmMMfIheqE3BqvcL0C1 role network-operator
username cisco role network-admin
username cisco passphrase lifetime 99999 warntime 14 gracetime 3
username lab password 5 $1$buoy/oqy$.EXQz8rCn72ii8qtdldj00 role network-admin
username lab passphrase lifetime 99999 warntime 14 gracetime 3
ip domain-lookup
snmp-server user lab network-admin auth md5 0x5ceb414591539ee35159fca86fdfa101 priv 0x5ceb414591539ee35159fca86fdfa101 localizedkey
snmp-server user admin network-admin auth md5 0x328945d53e05e8e7207f8c20b142f0b7 priv 0x328945d53e05e8e7207f8c20b142f0b7 localizedkey
snmp-server user cisco network-operator auth md5 0x55b3c64a53fb95518e75358ee75e82e9 priv 0x55b3c64a53fb95518e75358ee75e82e9 localizedkey
snmp-server user cisco network-admin
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO
vlan 1,101-105
vlan 101
name prod
vlan 102
name dev
vlan 103
name test
vlan 104
name security
vlan 105
name iot
vrf context management
ip route 0.0.0.0/0 10.10.20.254
hardware forwarding unicast trace
vpc domain 101
peer-switch
peer-keepalive destination 10.10.20.178 source 10.10.20.177
peer-gateway
interface Vlan1
no ip redirects
no ipv6 redirects
interface Vlan101
description prod svi
no shutdown
no ip redirects
ip address 172.16.101.2/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.101.1
interface Vlan102
description dev svi
no shutdown
no ip redirects
ip address 172.16.102.2/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.102.1
interface Vlan103
description test svi
no shutdown
no ip redirects
ip address 172.16.103.2/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.103.1
interface Vlan104
description security svi
no shutdown
no ip redirects
ip address 172.16.104.2/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.104.1
interface Vlan105
description iot svi
no shutdown
no ip redirects
ip address 172.16.105.2/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.105.1
interface port-channel1
switchport mode trunk
spanning-tree port type network
vpc peer-link
interface Ethernet1/1
description VPC Peer Link
switchport mode trunk
channel-group 1 mode active
interface Ethernet1/2
description VPC Peer Link
switchport mode trunk
channel-group 1 mode active
interface Ethernet1/3
description L3 link to dist-rtr01
no switchport
ip address 172.16.252.1/30
no ip ospf passive-interface
ip router ospf 1 area 0.0.0.0
no shutdown
interface Ethernet1/4
description L3 link to dist-rtr02
no switchport
ip address 172.16.252.5/30
no ip ospf passive-interface
ip router ospf 1 area 0.0.0.0
no shutdown
interface Ethernet1/5
description to
shutdown
interface Ethernet1/6
description to
shutdown
interface Ethernet1/7
description to
shutdown
interface Ethernet1/8
description to
shutdown
interface Ethernet1/9
description to
shutdown
interface Ethernet1/10
description to
shutdown
interface Ethernet1/11
description Link to inside-host01
switchport access vlan 101
spanning-tree port type edge
interface mgmt0
description to port8.sandbox-backend
duplex full
vrf member management
ip address 10.10.20.177/24
interface loopback0
description to
shutdown
line console
exec-timeout 0
terminal width 511
line vty
router ospf 1
passive-interface default
no logging console
boot nxos bootflash:///nxos.9.2.3.bin
image_definition: nxosv9000-9-2-3
ram: 8192
cpus: 4
tags: []
interfaces:
- id: i0
label: Loopback0
type: loopback
- id: i1
slot: 0
label: mgmt0
type: physical
- id: i2
slot: 1
label: Ethernet1/1
type: physical
- id: i3
slot: 2
label: Ethernet1/2
type: physical
- id: i4
slot: 3
label: Ethernet1/3
type: physical
- id: i5
slot: 4
label: Ethernet1/4
type: physical
- id: i6
slot: 5
label: Ethernet1/5
type: physical
- id: i7
slot: 6
label: Ethernet1/6
type: physical
- id: i8
slot: 7
label: Ethernet1/7
type: physical
- id: i9
slot: 8
label: Ethernet1/8
type: physical
- id: i10
slot: 9
label: Ethernet1/9
type: physical
- id: i11
slot: 10
label: Ethernet1/10
type: physical
- id: i12
slot: 11
label: Ethernet1/11
type: physical
- id: n8
label: dist-sw02
node_definition: nxosv9000
x: -600
y: 200
configuration: |-
hostname dist-sw02
vdc dist-sw02 id 1
limit-resource vlan minimum 16 maximum 4094
limit-resource vrf minimum 2 maximum 4096
limit-resource port-channel minimum 0 maximum 511
limit-resource u4route-mem minimum 96 maximum 96
limit-resource u6route-mem minimum 24 maximum 24
limit-resource m4route-mem minimum 58 maximum 58
limit-resource m6route-mem minimum 8 maximum 8
feature telnet
cfs eth distribute
feature ospf
feature interface-vlan
feature hsrp
feature lacp
feature vpc
no password strength-check
username admin password 5 $1$KuOSBsvW$Cy0TSD..gEBGBPjzpDgf51 role network-admin
username adminbackup password 5 ! role network-operator
username adminbackup passphrase lifetime 99999 warntime 14 gracetime 3
username cisco password 5 $1$Nk7ZkwH0$fyiRmMMfIheqE3BqvcL0C1 role network-operator
username cisco role network-admin
username cisco passphrase lifetime 99999 warntime 14 gracetime 3
username lab password 5 $1$buoy/oqy$.EXQz8rCn72ii8qtdldj00 role network-admin
username lab passphrase lifetime 99999 warntime 14 gracetime 3
ip domain-lookup
snmp-server user lab network-admin auth md5 0x5ceb414591539ee35159fca86fdfa101 priv 0x5ceb414591539ee35159fca86fdfa101 localizedkey
snmp-server user admin network-admin auth md5 0x328945d53e05e8e7207f8c20b142f0b7 priv 0x328945d53e05e8e7207f8c20b142f0b7 localizedkey
snmp-server user cisco network-operator auth md5 0x55b3c64a53fb95518e75358ee75e82e9 priv 0x55b3c64a53fb95518e75358ee75e82e9 localizedkey
snmp-server user cisco network-admin
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO
vlan 1,101-105
vlan 101
name prod
vlan 102
name dev
vlan 103
name test
vlan 104
name security
vlan 105
name iot
vrf context management
ip route 0.0.0.0/0 10.10.20.254
hardware forwarding unicast trace
vpc domain 101
peer-switch
peer-keepalive destination 10.10.20.177 source 10.10.20.178
peer-gateway
interface Vlan1
no ip redirects
no ipv6 redirects
interface Vlan101
description prod svi
no shutdown
no ip redirects
ip address 172.16.101.3/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.101.1
interface Vlan102
description dev svi
no shutdown
no ip redirects
ip address 172.16.102.3/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.102.1
interface Vlan103
description test svi
no shutdown
no ip redirects
ip address 172.16.103.3/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.103.1
interface Vlan104
description security svi
no shutdown
no ip redirects
ip address 172.16.104.3/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.104.1
interface Vlan105
description iot svi
no shutdown
no ip redirects
ip address 172.16.105.3/24
no ipv6 redirects
ip router ospf 1 area 0.0.0.0
hsrp 10
ip 172.16.105.1
interface port-channel1
switchport mode trunk
spanning-tree port type network
vpc peer-link
interface Ethernet1/1
description VPC Peer Link
switchport mode trunk
channel-group 1 mode active
interface Ethernet1/2
description VPC Peer Link
switchport mode trunk
channel-group 1 mode active
interface Ethernet1/3
description L3 link to dist-rtr01
no switchport
ip address 172.16.252.9/30
no ip ospf passive-interface
ip router ospf 1 area 0.0.0.0
no shutdown
interface Ethernet1/4
description L3 link to dist-rtr02
no switchport
ip address 172.16.252.13/30
no ip ospf passive-interface
ip router ospf 1 area 0.0.0.0
no shutdown
interface Ethernet1/5
description to
shutdown
interface Ethernet1/6
description to
shutdown
interface Ethernet1/7
description to
shutdown
interface Ethernet1/8
description to
shutdown
interface Ethernet1/9
description to
shutdown
interface Ethernet1/10
description to
shutdown
interface Ethernet1/11
description Link to inside-host02
switchport access vlan 102
spanning-tree port type edge
interface mgmt0
description to port9.sandbox-backend
duplex full
vrf member management
ip address 10.10.20.178/24
interface loopback0
description to
shutdown
line console
exec-timeout 0
terminal width 511
line vty
router ospf 1
passive-interface default
no logging console
boot nxos bootflash:///nxos.9.2.3.bin
image_definition: nxosv9000-9-2-3
ram: 8192
cpus: 4
tags: []
interfaces:
- id: i0
label: Loopback0
type: loopback
- id: i1
slot: 0
label: mgmt0
type: physical
- id: i2
slot: 1
label: Ethernet1/1
type: physical
- id: i3
slot: 2
label: Ethernet1/2
type: physical
- id: i4
slot: 3
label: Ethernet1/3
type: physical
- id: i5
slot: 4
label: Ethernet1/4
type: physical
- id: i6
slot: 5
label: Ethernet1/5
type: physical
- id: i7
slot: 6
label: Ethernet1/6
type: physical
- id: i8
slot: 7
label: Ethernet1/7
type: physical
- id: i9
slot: 8
label: Ethernet1/8
type: physical
- id: i10
slot: 9
label: Ethernet1/9
type: physical
- id: i11
slot: 10
label: Ethernet1/10
type: physical
- id: i12
slot: 11
label: Ethernet1/11
type: physical
- id: n9
label: inside-host01
node_definition: ubuntu
x: -700
y: 300
configuration: |-
#cloud-config
bootcmd:
- ln -s -t /etc/rc.d /etc/rc.local
hostname: inside-host01
manage_etc_hosts: true
runcmd:
- systemctl start rc-local
- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config
- echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
- echo "UseDNS no" >> /etc/ssh/sshd_config
- service ssh restart
- service sshd restart
users:
- default
- gecos: User configured by VIRL Configuration Engine 0.23.12
lock-passwd: false
name: cisco
plain-text-passwd: cisco
shell: /bin/bash
ssh-authorized-keys:
- VIRL-USER-SSH-PUBLIC-KEY
sudo: ALL=(ALL) ALL
write_files:
- path: /etc/rc.local
owner: root:root
permissions: '0755'
content: |-
#!/bin/sh
ifconfig enp0s9 up 10.10.20.179 netmask 255.255.255.0
route add -net 0.0.0.0/0 gw 10.10.20.254 dev enp0s9
ifconfig enp0s2 up 172.16.101.11 netmask 255.255.255.0
route add -net 172.16.0.0/16 gw 172.16.101.1 dev enp0s2
route add -net 172.31.0.0/16 gw 172.16.101.1 dev enp0s2
exit 0
image_definition: ubuntu-18-04
tags: []
interfaces:
- id: i0
slot: 0
label: enp0s2
type: physical
- id: i1
slot: 1
label: enp0s3
type: physical
- id: i2
slot: 2
label: enp0s4
type: physical
- id: i3
slot: 3
label: enp0s5
type: physical
- id: i4
slot: 4
label: enp0s6
type: physical
- id: i5
slot: 5
label: enp0s7
type: physical
- id: i6
slot: 6
label: enp0s8
type: physical
- id: i7
slot: 7
label: enp0s9
type: physical
- id: n11
label: edge-sw01
node_definition: iosvl2
x: -650
y: -100
configuration: |-
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname edge-sw01
!
boot-start-marker
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
no logging console
enable password cisco
!
no aaa new-model
!
vtp domain virl.lab
vtp mode transparent
!
no ip domain-lookup
ip cef
no ipv6 cef
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
vlan 2
name ank_vlan2
!
vlan 999
name edge-transit
no cdp run
!
!
interface Loopback0
description to
no ip address
shutdown
!
interface GigabitEthernet0/0
description to port3.sandbox-backend
no switchport
vrf forwarding Mgmt-intf
ip address 10.10.20.172 255.255.255.0
duplex full
no negotiation auto
!
interface GigabitEthernet0/1
description to GigabitEthernet0/1.edge-firewall01
switchport access vlan 999
switchport mode access
duplex full
no negotiation auto
spanning-tree portfast edge
!
interface GigabitEthernet0/2
description to GigabitEthernet0/0/0/1.core-rtr01
switchport access vlan 999
switchport mode access
duplex full
no negotiation auto
spanning-tree portfast edge
!
interface GigabitEthernet0/3
description to GigabitEthernet0/0/0/1.core-rtr02
switchport access vlan 999
switchport mode access
duplex full
no negotiation auto
spanning-tree portfast edge
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 10.10.20.254
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
!
control-plane
!
banner exec ^CC
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner incoming ^CC
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
banner login ^CC
**************************************************************************
* IOSv is strictly limited to use for evaluation, demonstration and IOS *
* education. IOSv is provided as-is and is not supported by Cisco's *
* Technical Advisory Center. Any use or disclosure, in whole or in part, *
* of the IOSv Software or Documentation to any third party for any *
* purposes is expressly prohibited except as otherwise authorized by *
* Cisco in writing. *
**************************************************************************^C
!
line con 0
exec-timeout 0 0
password cisco
line aux 0
line vty 0 4
exec-timeout 720 0
password cisco
login
transport input telnet ssh
!
!
end
image_definition: iosvl2-2019
tags: []
interfaces:
- id: i0
label: Loopback0
type: loopback
- id: i1
slot: 0
label: GigabitEthernet0/0
type: physical
- id: i2
slot: 1
label: GigabitEthernet0/1
type: physical
- id: i3
slot: 2
label: GigabitEthernet0/2
type: physical
- id: i4
slot: 3
label: GigabitEthernet0/3
type: physical
- id: n12
label: sandbox-backend
node_definition: unmanaged_switch
x: -1000
y: 50
configuration: ''
tags: []
interfaces:
- id: i0
slot: 0
label: port0
type: physical
- id: i1
slot: 1
label: port1
type: physical
- id: i2
slot: 2
label: port2
type: physical
- id: i3
slot: 3
label: port3
type: physical
- id: i4
slot: 4
label: port4
type: physical
- id: i5
slot: 5
label: port5
type: physical
- id: i6
slot: 6
label: port6
type: physical
- id: i7
slot: 7
label: port7
type: physical
- id: i8
slot: 8
label: port8
type: physical
- id: i9
slot: 9
label: port9
type: physical
- id: i10
slot: 10
label: port10
type: physical
- id: i11
slot: 11
label: port11
type: physical
- id: i12
slot: 12
label: port12
type: physical
- id: n13
label: bridge-to-sandbox
node_definition: external_connector
x: -1000
y: -50
configuration: bridge0
tags: []
interfaces:
- id: i0
slot: 0
label: port
type: physical
- id: n10
label: inside-host02
node_definition: desktop
x: -600
y: 300
configuration: |-
hostname inside-host02
# like this:
echo "127.0.0.1 inside-host02" >>/etc/hosts
echo "::1 inside-host02" >> /etc/hosts
ifconfig eth1 up 10.10.20.180 netmask 255.255.255.0
route add -net 0.0.0.0/0 gw 10.10.20.254 dev eth1
ifconfig eth0 up 172.16.102.11 netmask 255.255.255.0
route add -net 172.16.0.0/16 gw 172.16.102.1 dev eth0
route add -net 172.31.0.0/16 gw 172.16.102.1 dev eth0
service lightdm restart
image_definition: desktop
tags: []
interfaces:
- id: i0
slot: 0
label: eth0
type: physical
- id: i1
slot: 1
label: eth1
type: physical
links:
- id: l1
i1: i1
n1: n2
i2: i2
n2: n0
- id: l2
i1: i2
n1: n2
i2: i2
n2: n11
- id: l3
i1: i2
n1: n3
i2: i2
n2: n4
- id: l5
i1: i2
n1: n7
i2: i2
n2: n8
- id: l6
i1: i3
n1: n7
i2: i3
n2: n8
- id: l7
i1: i3
n1: n11
i2: i3
n2: n3
- id: l8
i1: i4
n1: n11
i2: i3
n2: n4
- id: l9
i1: i4
n1: n3
i2: i2
n2: n5
- id: l10
i1: i5
n1: n3
i2: i2
n2: n6
- id: l11
i1: i4
n1: n4
i2: i3
n2: n5
- id: l12
i1: i5
n1: n4
i2: i3
n2: n6
- id: l13
i1: i4
n1: n5
i2: i4
n2: n7
- id: l14
i1: i5
n1: n5
i2: i4
n2: n8
- id: l15
i1: i4
n1: n6
i2: i5
n2: n7
- id: l16
i1: i5
n1: n6
i2: i5
n2: n8
- id: l17
i1: i12
n1: n7
i2: i0
n2: n9
- id: l19
i1: i0
n1: n13
i2: i0
n2: n12
- id: l0
i1: i3
n1: n0
i2: i0
n2: n1
- id: l20
i1: i1
n1: n0
i2: i1
n2: n12
- id: l21
i1: i0
n1: n2
i2: i2
n2: n12
- id: l22
i1: i1
n1: n11
i2: i3
n2: n12
- id: l23
i1: i1
n1: n3
i2: i4
n2: n12
- id: l24
i1: i1
n1: n4
i2: i5
n2: n12
- id: l4
i1: i1
n1: n5
i2: i6
n2: n12
- id: l25
i1: i1
n1: n6
i2: i7
n2: n12
- id: l26
i1: i6
n1: n5
i2: i6
n2: n6
- id: l27
i1: i1
n1: n7
i2: i8
n2: n12
- id: l28
i1: i1
n1: n8
i2: i9
n2: n12
- id: l29
i1: i7
n1: n1
i2: i10
n2: n12
- id: l30
i1: i7
n1: n9
i2: i11
n2: n12
- id: l18
i1: i0
n1: n10
i2: i12
n2: n8
- id: l31
i1: i1
n1: n10
i2: i12
n2: n12
Reference in New Issue View Git Blame Copy Permalink