-
Notifications
You must be signed in to change notification settings - Fork 184
/
autovpn-rr1.cfg
128 lines (128 loc) · 2.94 KB
/
autovpn-rr1.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
!RANCID-CONTENT-TYPE: arista
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname autovpn-rr1
!
router path-selection
peer dynamic source stun
!
path-group INET id 101
ipsec profile AUTOVPN
!
local interface Ethernet1
!
load-balance policy LBPOLICY
path-group INET
!
policy dps-policy-default
default-match
load-balance LBPOLICY
!
vrf default
path-selection-policy dps-policy-default
!
spanning-tree mode none
!
no enable password
no aaa root
!
vrf instance MGMT
!
ip security
!
ike policy AUTOVPN-IKE
local-id 192.168.31.1
!
sa policy AUTOVPN-SA
!
profile AUTOVPN
ike-policy AUTOVPN-IKE
sa-policy AUTOVPN-SA
connection start
shared-key 7 ABCDEF1234567890
dpd 10 50 clear
mode transport
!
interface Dps1
description DPS Interface
tcp mss ceiling ipv4 1000
!
interface Ethernet1
no shutdown
no switchport
ip address dhcp
dhcp client accept default-route
!
interface Loopback0
description Router_ID
no shutdown
ip address 192.168.31.1/32
!
interface Vxlan1
description autovpn-rr1_VTEP
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vrf default vni 1
!
ip routing
no ip routing vrf MGMT
!
router bfd
multihop interval 300 min-rx 300 multiplier 3
!
router bgp 65000
router-id 192.168.31.1
maximum-paths 4 ecmp 4
update wait-install
no bgp default ipv4-unicast
bgp cluster-id 192.168.31.1
bgp listen range 192.168.30.0/24 peer-group WAN-OVERLAY-PEERS remote-as 65000
neighbor RR-OVERLAY-PEERS peer group
neighbor RR-OVERLAY-PEERS remote-as 65000
neighbor RR-OVERLAY-PEERS update-source Loopback0
neighbor RR-OVERLAY-PEERS bfd
neighbor RR-OVERLAY-PEERS send-community
neighbor RR-OVERLAY-PEERS maximum-routes 0
neighbor WAN-OVERLAY-PEERS peer group
neighbor WAN-OVERLAY-PEERS remote-as 65000
neighbor WAN-OVERLAY-PEERS update-source Loopback0
neighbor WAN-OVERLAY-PEERS route-reflector-client
neighbor WAN-OVERLAY-PEERS bfd
neighbor WAN-OVERLAY-PEERS password 7 htm4AZe9mIQOO1uiMuGgYQ==
neighbor WAN-OVERLAY-PEERS send-community
neighbor WAN-OVERLAY-PEERS maximum-routes 0
neighbor 192.168.31.2 peer group RR-OVERLAY-PEERS
neighbor 192.168.31.2 description autovpn-rr2
!
address-family evpn
neighbor RR-OVERLAY-PEERS activate
neighbor WAN-OVERLAY-PEERS activate
next-hop resolution disabled
!
address-family ipv4
no neighbor RR-OVERLAY-PEERS activate
no neighbor WAN-OVERLAY-PEERS activate
!
address-family path-selection
bgp additional-paths receive
bgp additional-paths send any
neighbor RR-OVERLAY-PEERS activate
neighbor WAN-OVERLAY-PEERS activate
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
stun
server
local-interface Ethernet1
!
end