diff options
| author | Trygve Laugstøl <trygvis@inamo.no> | 2025-07-20 22:13:59 +0200 |
|---|---|---|
| committer | Trygve Laugstøl <trygvis@inamo.no> | 2025-07-20 22:14:21 +0200 |
| commit | 25f90d4d7e7feb0096c5d7f3af5ab5f4fa7e901b (patch) | |
| tree | 2202501e4dd0ea17536141ddcc0836c54d3cf786 | |
| parent | 93ecfbe2a7dc759e83ca8cc7da84473e20dde373 (diff) | |
| download | infra-25f90d4d7e7feb0096c5d7f3af5ab5f4fa7e901b.tar.gz infra-25f90d4d7e7feb0096c5d7f3af5ab5f4fa7e901b.tar.bz2 infra-25f90d4d7e7feb0096c5d7f3af5ab5f4fa7e901b.tar.xz infra-25f90d4d7e7feb0096c5d7f3af5ab5f4fa7e901b.zip | |
lhn2ix config
| -rw-r--r-- | config/lhn2ix.txt | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/config/lhn2ix.txt b/config/lhn2ix.txt new file mode 100644 index 0000000..8442f03 --- /dev/null +++ b/config/lhn2ix.txt @@ -0,0 +1,109 @@ +set interfaces ethernet eth0 address dhcp +set interfaces ethernet eth0 description Internet +set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0 host-address '::1' +set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0 prefix-id ':1' +set interfaces ethernet eth0 dhcpv6-pd pd 1 interface switch0 service slaac +set interfaces ethernet eth0 dhcpv6-pd pd 1 prefix-length /56 +set interfaces ethernet eth0 dhcpv6-pd rapid-commit enable +set interfaces ethernet eth0 duplex auto +set interfaces ethernet eth0 ipv6 dup-addr-detect-transmits 1 +set interfaces ethernet eth0 poe output off +set interfaces ethernet eth0 speed auto +set interfaces ethernet eth1 description conflatorio +set interfaces ethernet eth1 duplex auto +set interfaces ethernet eth1 poe output off +set interfaces ethernet eth1 speed auto +set interfaces ethernet eth2 description Local +set interfaces ethernet eth2 duplex auto +set interfaces ethernet eth2 poe output off +set interfaces ethernet eth2 speed auto +set interfaces ethernet eth3 description Local +set interfaces ethernet eth3 duplex auto +set interfaces ethernet eth3 poe output off +set interfaces ethernet eth3 speed auto +set interfaces ethernet eth4 description Wifi +set interfaces ethernet eth4 duplex auto +set interfaces ethernet eth4 poe output 24v +set interfaces ethernet eth4 speed auto +set interfaces ethernet eth5 duplex auto +set interfaces ethernet eth5 mac '48:FD:8E:B5:98:49' +set interfaces ethernet eth5 speed auto +set interfaces loopback lo +set interfaces switch switch0 address 'fdb1:4242:3538:2008::1/64' +set interfaces switch switch0 address 192.168.11.1/24 +set interfaces switch switch0 description Local +set interfaces switch switch0 ipv6 address +set interfaces switch switch0 ipv6 dup-addr-detect-transmits 1 +set interfaces switch switch0 mtu 1500 +set interfaces switch switch0 switch-port interface eth1 +set interfaces switch switch0 switch-port interface eth2 +set interfaces switch switch0 switch-port interface eth3 +set interfaces switch switch0 switch-port interface eth4 +set interfaces switch switch0 switch-port vlan-aware disable +set interfaces wireguard wg0 address 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9b/64' +set interfaces wireguard wg0 description tnet-knot +set interfaces wireguard wg0 mtu 1420 +set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= allowed-ips '::0/0' +set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= endpoint 'knot.inamo.no:51002' +set interfaces wireguard wg0 peer Up8+DhBlMp+/fpaxyGDQBnH/4tZnHojcAKZWCr5sSAk= persistent-keepalive 60 +set interfaces wireguard wg0 private-key 4IhYSjPBx5K2TuEYs2bl3rjaKSLdx3HNgbjn2BpJimg= +set interfaces wireguard wg0 route-allowed-ips false +set policy prefix-list6 bitraf-dn42 rule 1 action permit +set policy prefix-list6 bitraf-dn42 rule 1 description 'tnet subnetworks' +set policy prefix-list6 bitraf-dn42 rule 1 le 128 +set policy prefix-list6 bitraf-dn42 rule 1 prefix 'fdb1:4242:3538:2000::/60' +set policy route-map bitraf-dn42 rule 1 action permit +set policy route-map bitraf-dn42 rule 1 match ipv6 address prefix-list bitraf-dn42 +set protocols bgp 4242423538 address-family ipv6-unicast redistribute connected route-map bitraf-dn42 +set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast capability graceful-restart +set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast nexthop-self +set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast route-reflector-client +set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' address-family ipv6-unicast soft-reconfiguration inbound +set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' description knot +set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' password trygvis +set protocols bgp 4242423538 neighbor 'fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a' remote-as 4242423538 +set protocols bgp 4242423538 parameters graceful-restart +set protocols static route6 'fdb1:4242:3538:2008::/64' blackhole +set service dhcp-server disabled false +set service dhcp-server hostfile-update disable +set service dhcp-server shared-network-name LAN authoritative enable +set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 default-router 192.168.11.1 +set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 dns-server 192.168.11.1 +set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 dns-server 8.8.8.8 +set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 lease 86400 +set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 start 192.168.11.100 stop 192.168.11.199 +set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 static-mapping teknisk ip-address 192.168.11.2 +set service dhcp-server shared-network-name LAN subnet 192.168.11.0/24 static-mapping teknisk mac-address 'f4:e2:c6:1c:f9:e3' +set service dhcp-server static-arp disable +set service dhcp-server use-dnsmasq disable +set service dns forwarding cache-size 1000 +set service dns forwarding listen-on switch0 +set service gui http-port 80 +set service gui https-port 443 +set service gui older-ciphers enable +set service nat rule 5010 description 'masquerade for WAN' +set service nat rule 5010 outbound-interface eth0 +set service nat rule 5010 type masquerade +set service snmp community public authorization ro +set service snmp location lhn2ix +set service ssh port 22 +set service ssh protocol-version v2 +set service unms disable +set system analytics-handler send-analytics-report false +set system config-management commit-revisions 10 +set system crash-handler send-crash-report false +set system domain-name trygvis.io +set system host-name lhn2ix +set system login user ubnt authentication encrypted-password '$5$ucVLbcMWY6pqMscw$uTjpyafVQ9Qj7nfKEOsurrfRgFhTb6ZbANgAsdRfWo8' +set system login user ubnt authentication plaintext-password '' +set system login user ubnt full-name '' +set system login user ubnt level admin +set system name-server 8.8.8.8 +set system ntp server 0.ubnt.pool.ntp.org +set system ntp server 1.ubnt.pool.ntp.org +set system ntp server 2.ubnt.pool.ntp.org +set system ntp server 3.ubnt.pool.ntp.org +set system syslog console facility all level debug +set system syslog global facility all level notice +set system syslog global facility protocols level debug +set system time-zone Europe/Oslo |