-
Notifications
You must be signed in to change notification settings - Fork 184
/
autovpn-rr2.cfg
129 lines (129 loc) · 2.95 KB
/
autovpn-rr2.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
!RANCID-CONTENT-TYPE: arista
!
vlan internal order ascending range 1006 1199
!
transceiver qsfp default-mode 4x10G
!
service routing protocols model multi-agent
!
hostname autovpn-rr2
!
router path-selection
peer dynamic source stun
!
path-group INET id 101
ipsec profile AUTOVPN
!
local interface Ethernet1
!
load-balance policy LBPOLICY
path-group INET
!
policy dps-policy-default
default-match
load-balance LBPOLICY
!
vrf default
path-selection-policy dps-policy-default
!
spanning-tree mode none
!
no enable password
no aaa root
!
vrf instance MGMT
!
ip security
!
ike policy AUTOVPN-IKE
local-id 192.168.31.2
!
sa policy AUTOVPN-SA
!
profile AUTOVPN
ike-policy AUTOVPN-IKE
sa-policy AUTOVPN-SA
connection start
shared-key 7 ABCDEF1234567890
dpd 10 50 clear
mode transport
!
interface Dps1
description DPS Interface
tcp mss ceiling ipv4 1000
!
interface Ethernet1
no shutdown
no switchport
ip address 10.8.8.8/31
!
interface Loopback0
description Router_ID
no shutdown
ip address 192.168.31.2/32
!
interface Vxlan1
description autovpn-rr2_VTEP
vxlan source-interface Loopback0
vxlan udp-port 4789
vxlan vrf default vni 1
!
ip routing
no ip routing vrf MGMT
!
ip route 0.0.0.0/0 10.8.8.9
!
router bfd
multihop interval 300 min-rx 300 multiplier 3
!
router bgp 65000
router-id 192.168.31.2
maximum-paths 4 ecmp 4
update wait-install
no bgp default ipv4-unicast
bgp cluster-id 192.168.31.2
bgp listen range 192.168.30.0/24 peer-group WAN-OVERLAY-PEERS remote-as 65000
neighbor RR-OVERLAY-PEERS peer group
neighbor RR-OVERLAY-PEERS remote-as 65000
neighbor RR-OVERLAY-PEERS update-source Loopback0
neighbor RR-OVERLAY-PEERS bfd
neighbor RR-OVERLAY-PEERS send-community
neighbor RR-OVERLAY-PEERS maximum-routes 0
neighbor WAN-OVERLAY-PEERS peer group
neighbor WAN-OVERLAY-PEERS remote-as 65000
neighbor WAN-OVERLAY-PEERS update-source Loopback0
neighbor WAN-OVERLAY-PEERS route-reflector-client
neighbor WAN-OVERLAY-PEERS bfd
neighbor WAN-OVERLAY-PEERS password 7 htm4AZe9mIQOO1uiMuGgYQ==
neighbor WAN-OVERLAY-PEERS send-community
neighbor WAN-OVERLAY-PEERS maximum-routes 0
neighbor 192.168.31.1 peer group RR-OVERLAY-PEERS
neighbor 192.168.31.1 description autovpn-rr1
!
address-family evpn
neighbor RR-OVERLAY-PEERS activate
neighbor WAN-OVERLAY-PEERS activate
next-hop resolution disabled
!
address-family ipv4
no neighbor RR-OVERLAY-PEERS activate
no neighbor WAN-OVERLAY-PEERS activate
!
address-family path-selection
bgp additional-paths receive
bgp additional-paths send any
neighbor RR-OVERLAY-PEERS activate
neighbor WAN-OVERLAY-PEERS activate
!
management api http-commands
protocol https
no shutdown
!
vrf MGMT
no shutdown
!
stun
server
local-interface Ethernet1
!
end