From a304d81858738594b7a7334def988e06fcad6438 Mon Sep 17 00:00:00 2001 From: John Poland Date: Sun, 19 Apr 2026 20:36:30 -0400 Subject: [PATCH] ct/ct-noc-a8360-1-b.cfg Sun Apr 19 08:36:27 PM EDT 2026 --- configs/ct/ct-noc-a8360-1-b.cfg | 335 +++++++++++--------------------- 1 file changed, 114 insertions(+), 221 deletions(-) diff --git a/configs/ct/ct-noc-a8360-1-b.cfg b/configs/ct/ct-noc-a8360-1-b.cfg index 423169d..d0bc79f 100644 --- a/configs/ct/ct-noc-a8360-1-b.cfg +++ b/configs/ct/ct-noc-a8360-1-b.cfg @@ -2,7 +2,7 @@ Current configuration: ! !Version ArubaOS-CX LL.10.13.1010 !export-password: default -hostname ct-noc-a8360-1-b +hostname ct-noc-a8360-2-b banner motd # !!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ! You are accessing a PRIVATE COMPUTING FACILITY. ! @@ -18,12 +18,9 @@ banner motd # ! ! ! IF YOU ARE NOT AUTHORIZED TO BE HERE DISCONNECT NOW! ! !!!!!!!!!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!# -user admin group administrators password ciphertext AQBapTEevtY7lM+kHKSkkX1bOfEYBF3ZhcpQqPzmCRTTstHzYgAAADp3kPH5OcbdGFv83hUwWAuVLIvEPilvF9C8XsDh3PmQRuqYLzcmBdGpX1N/8n6F9cXcWWDEcp7qwIzMvsl1MhKlCLceQVtwdk0DCywIHCyi2tjCl0j1aqjKazLZRIU2rzdM +user admin group administrators password ciphertext AQBapc7xM5lJ1LpJwrne0HtnwVlefij7xu8Fmj+Kpye4ivSsYgAAAIx4BE1lanTTS2+NtUGdtMVM27uzr4eJuektGIqpIe4GRkzGrjzfTlYGZZfKX+wgiV4dZL+9YGzt4q7nDd1DwWhYyrxRmAWqS3QWnEp7MzVul9IbUW1rYVNvSkciM6ddBEfo clock timezone america/new_york -router vrrp enable -bfd profile aggregation-leaf -vrf outside ntp server 10.1.1.2 iburst ntp server 10.1.1.3 iburst ntp enable @@ -31,9 +28,9 @@ ntp enable ! ! ! -tacacs-server host 10.1.40.115 key ciphertext AQBapcYUUASiYxDliVMPYfLTRD/NT3E+iggCnHk06y6tVsjECQAAAItwfenTk5YK8g== vrf mgmt -tacacs-server host 10.1.40.116 key ciphertext AQBapdK5MeXMDftvyXJL+Onh7N3CdRQCsRNLnwR9oEzG9sXOCQAAAIFIj3bwCgADsA== vrf mgmt -tacacs-server host 10.1.40.117 key ciphertext AQBapczlRKnMIcIMER0hLrQRdg6CfDIkWn94AsmlB7eUBDSZCQAAAGjfvq7R5cNbfA== vrf mgmt +tacacs-server host 10.1.40.115 key ciphertext AQBapQolpl8fVv5MoOiL5fSEYB2+xL0++UZWlBb/R2bK8ZrxCQAAAG+dvQWuw7STOQ== vrf mgmt +tacacs-server host 10.1.40.116 key ciphertext AQBapSzstHL/Nfq0Q4yf84kjV9VwMZteedFlhMfaodLTFP3sCQAAAJPuA1ZQD9bfng== vrf mgmt +tacacs-server host 10.1.40.117 key ciphertext AQBapeuP8ioqqlPxk5UthaDr6oLGqJ6gxjVvhZw4YBiTrVP3CQAAAOc1VFhc68xJOw== vrf mgmt aaa authentication allow-fail-through ! ! @@ -94,6 +91,9 @@ vlan 18 description Peoplesoft vlan 19 name VLAN0019 +vlan 20 + name OSA_Data_VLAN + description DATA VLAN vlan 21 name Imaging description Imaging @@ -168,6 +168,9 @@ vlan 164 description Intune Wireless Imaging vlan 165 name VLAN0165 +vlan 168 + name Imaging_VLAN + description Imaging VLAN vlan 172 name isolated_iSCSI_vlan_used_on_Por description isolated iSCSI vlan used on Port-Channel 2 @@ -215,9 +218,6 @@ vlan 303 vlan 304 name NottinghamSecureWLAN description Nottingham Secure WLAN -vlan 305 - name STEAMSecureWLAN - description STEAM HS Secure WLAN vlan 306 name HenningerSecureWLAN description Henninger Secure WLAN clients @@ -302,9 +302,6 @@ vlan 344 vlan 345 name EdSmithSecureWLAN description EdSmith Secure WLAN -vlan 346 - name Brighton466SecureWLAN - description Brighton466 Secure WLAN vlan 347 name ELMSSecureWLAN description ELMS Secure WLAN @@ -335,9 +332,12 @@ vlan 357 vlan 360 name TeachersCenterSecureWLAN description TeachersCenter Secure WLAN -vlan 366 - name ENLSecureWLAN - description ENL Secure WLAN +vlan 367 + name RAPCenterSecureWLAN + description RAP Center Secure WLAN +vlan 368 + name CNYWorksSecureWLAN + description CNY Works Secure WLAN vlan 386 name StLucySecureWLAN description StLucy Secure WLAN @@ -350,9 +350,6 @@ vlan 403 vlan 404 name NottinghamVendorWLAN description Nottingham Vendor WLAN -vlan 405 - name STEAMVendorWLAN - description STEAM HS Vendor WLAN vlan 406 name HenningerVendorWLAN description Henninger Vendor WLAN clients @@ -437,9 +434,6 @@ vlan 444 vlan 445 name EdSmithVendorWLAN description EdSmith Vendor WLAN -vlan 446 - name Brighton466VendorWLAN - description Brighton466 Vendor WLAN vlan 447 name ELMSVendorWLAN description ELMS Vendor WLAN @@ -470,9 +464,12 @@ vlan 457 vlan 460 name TeachersCenterVendorWLAN description TeachersCenter Vendor WLAN -vlan 466 - name ENLVendorWLAN - description ENL Vendor WLAN +vlan 467 + name RAPCenterVendorWLAN + description RAP Center Vendor WLAN +vlan 468 + name CNYWorksVendorWLAN + description CNY Works Vendor WLAN vlan 486 name StLucyVendorWLAN description StLucy Vendor WLAN @@ -541,11 +538,6 @@ vlan 1811 vlan 1812 name InterVRF_A_Outside description InterVRF B outside -vlan 1813 - name InterVRF_Linewize_A_Outside -vlan 1814 - name InterVRF_Linewize_B_Outside - description InterVRF Linewize B Outside vlan 2999 name NexusToArubaTransit description NexusToArubaTransit @@ -557,7 +549,7 @@ spanning-tree spanning-tree priority 2 spanning-tree trap topology-change instance 0 spanning-tree ignore-pvid-inconsistency -spanning-tree vlan 3,5-7,9-12,16,18,19,21,24,30,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,172-179,200,203,230,251,252,302-310,313-316,320-325,327-330,333,334,336,337,340-342,344-349,351,353-357,360,366,386,402-410,413-416,420-425,427-430,433,434,436,437,440-442,444-449,451,453-457,460,466,486,500-509,525,699,811,812,995,999,1180,1202,1251,1254,1256,1811-1814,2999,3000 +spanning-tree vlan 3,5-7,9-12,16,18-21,24,30,34,35,40,45,48,50,60,70,72,99-101,107,114,140,145,150,151,160,161,164,165,168,172-179,200,203,230,251,252,302-304,306-310,313-316,320-325,327-330,333,334,336,337,340-342,344,345,347-349,351,353-357,360,367,368,386,402-404,406-410,413-416,420-425,427-430,433,434,436,437,440-442,444,445,447-449,451,453-457,460,467,468,486,500-509,525,699,811,812,995,999,1180,1202,1251,1254,1256,1811,1812,2999,3000 spanning-tree vlan 3 priority 12 spanning-tree vlan 5 priority 12 spanning-tree vlan 6 priority 12 @@ -569,6 +561,7 @@ spanning-tree vlan 12 priority 12 spanning-tree vlan 16 priority 12 spanning-tree vlan 18 priority 12 spanning-tree vlan 19 priority 12 +spanning-tree vlan 20 priority 12 spanning-tree vlan 21 priority 12 spanning-tree vlan 24 priority 12 spanning-tree vlan 30 priority 12 @@ -594,6 +587,7 @@ spanning-tree vlan 160 priority 12 spanning-tree vlan 161 priority 12 spanning-tree vlan 164 priority 12 spanning-tree vlan 165 priority 12 +spanning-tree vlan 168 priority 12 spanning-tree vlan 172 priority 12 spanning-tree vlan 173 priority 12 spanning-tree vlan 174 priority 12 @@ -610,7 +604,6 @@ spanning-tree vlan 252 priority 12 spanning-tree vlan 302 priority 12 spanning-tree vlan 303 priority 12 spanning-tree vlan 304 priority 12 -spanning-tree vlan 305 priority 12 spanning-tree vlan 306 priority 12 spanning-tree vlan 307 priority 12 spanning-tree vlan 308 priority 12 @@ -639,7 +632,6 @@ spanning-tree vlan 341 priority 12 spanning-tree vlan 342 priority 12 spanning-tree vlan 344 priority 12 spanning-tree vlan 345 priority 12 -spanning-tree vlan 346 priority 12 spanning-tree vlan 347 priority 12 spanning-tree vlan 348 priority 12 spanning-tree vlan 349 priority 12 @@ -650,12 +642,12 @@ spanning-tree vlan 355 priority 12 spanning-tree vlan 356 priority 12 spanning-tree vlan 357 priority 12 spanning-tree vlan 360 priority 12 -spanning-tree vlan 366 priority 12 +spanning-tree vlan 367 priority 12 +spanning-tree vlan 368 priority 12 spanning-tree vlan 386 priority 12 spanning-tree vlan 402 priority 12 spanning-tree vlan 403 priority 12 spanning-tree vlan 404 priority 12 -spanning-tree vlan 405 priority 12 spanning-tree vlan 406 priority 12 spanning-tree vlan 407 priority 12 spanning-tree vlan 408 priority 12 @@ -684,7 +676,6 @@ spanning-tree vlan 441 priority 12 spanning-tree vlan 442 priority 12 spanning-tree vlan 444 priority 12 spanning-tree vlan 445 priority 12 -spanning-tree vlan 446 priority 12 spanning-tree vlan 447 priority 12 spanning-tree vlan 448 priority 12 spanning-tree vlan 449 priority 12 @@ -695,7 +686,8 @@ spanning-tree vlan 455 priority 12 spanning-tree vlan 456 priority 12 spanning-tree vlan 457 priority 12 spanning-tree vlan 460 priority 12 -spanning-tree vlan 466 priority 12 +spanning-tree vlan 467 priority 12 +spanning-tree vlan 468 priority 12 spanning-tree vlan 486 priority 12 spanning-tree vlan 500 priority 12 spanning-tree vlan 501 priority 12 @@ -712,13 +704,11 @@ spanning-tree vlan 699 priority 12 spanning-tree vlan 995 priority 12 spanning-tree vlan 999 priority 12 spanning-tree vlan 1180 priority 12 -spanning-tree vlan 1251 priority 12 -spanning-tree vlan 1254 priority 12 spanning-tree vlan 2999 priority 12 spanning-tree vlan 3000 priority 12 interface mgmt no shutdown - ip static 192.168.101.21/24 + ip static 192.168.101.22/24 default-gateway 192.168.101.1 qos queue-profile switchports map queue 0 local-priority 0 @@ -749,58 +739,20 @@ qos dscp-map 45 local-priority 6 color green name CS5 qos dscp-map 47 local-priority 6 color green name CS5 system interface-group 1 speed 10g !interface group 1 contains ports 1/1/1-1/1/4 -interface lag 19 multi-chassis - description aruba-wlc-a pc-0 - no shutdown - no routing - vlan trunk native 699 - vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466,486 - lacp mode active -interface lag 26 multi-chassis - description aruba-wlc-b pc-0 - no shutdown - no routing - vlan trunk native 699 - vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466,486 - lacp mode active -interface lag 28 multi-chassis - description aruba-wlc-c pc-0 - no shutdown - no routing - vlan trunk native 699 - vlan trunk allowed 10,30,35,100,160,164,302-310,313-316,320-325,327-330,333-334,336-337,340-342,344-349,351,353-357,360,366,386,402-410,413-416,420-425,427-430,433-434,436-437,440-442,444-449,451,453-457,460,466,486 - lacp mode active -interface lag 181 multi-chassis - description FG-A inside - no shutdown - no routing - vlan access 1251 - lacp mode active -interface lag 182 multi-chassis - description FG-A outside - no shutdown - no routing - vlan access 1202 - lacp mode active -interface lag 183 multi-chassis - description FG-B inside - no shutdown - no routing - vlan access 1251 - lacp mode active -interface lag 184 multi-chassis - description FG-B outside - no shutdown - no routing - vlan access 1202 - lacp mode active -interface lag 241 multi-chassis +interface lag 242 multi-chassis description Uplink LAG no shutdown no routing vlan trunk native 699 tag vlan trunk allowed all lacp mode active +interface lag 248 multi-chassis + description NOC 6300 LAG + no shutdown + no routing + vlan trunk native 699 + vlan trunk allowed 6,10,20,30,35,40,48,50,70,72,101,168,230 + lacp mode active interface lag 256 description ISL link no shutdown @@ -809,75 +761,94 @@ interface lag 256 vlan trunk allowed all lacp mode active interface 1/1/1 - description CKM02-LAN-SFP1 C07U18 C07P13 + description MrRobinWilliams_Birdcage-SFP2 C22U37 C25P13 + no shutdown no routing - vlan access 252 + vlan trunk native 40 + vlan trunk allowed 9,18,35,40,48,70,175-179,203 +interface 1/1/2 + description DPHOST-SFP2 C26U24 C26P01 + no shutdown + no routing + vlan access 48 interface 1/1/3 - description CKM02-WAN C07U18 C07P14 - no routing - vlan access 1202 -interface 1/1/4 - description Linewize-B-WAN C12U35 C12P02 + description MrRobinWilliams_Birdcage-SFP4 C22U37 C25P14 no shutdown no routing - vlan access 1814 + vlan trunk native 40 + vlan trunk allowed 9,18,35,40,48,70,175-179,203 interface 1/1/5 - description CKM03-LAN C07U16 C07P15 + description MrRobinWilliams_MrsDoubtfire-SFP2 C22U35 C25P15 + no shutdown no routing - vlan access 252 + vlan trunk native 40 + vlan trunk allowed 9,18,35,40,45,48,70,175-179,203 +interface 1/1/6 + description NVR-SFP-B C26U38 C26P08 + no shutdown + no routing + vlan trunk native 70 + vlan trunk allowed all interface 1/1/7 - description CKM03-WAN C07U16 C07P16 - no routing - vlan access 1202 -interface 1/1/13 - description FG-A_port19 C19U32 C12P07 - no shutdown - lag 181 -interface 1/1/14 - description future FG-A_port19 C19U32 C19P13 - no shutdown - lag 181 -interface 1/1/15 - description FG-A_port20 C19U32 C12P08+- - no shutdown - lag 182 -interface 1/1/16 - description future FG-A_port20 C19U32 C19P14 - no shutdown - lag 182 -interface 1/1/19 - description aruba-wlc-a_0/0/3 C19U22 C12P10 - no shutdown - lag 19 -interface 1/1/24 - description to a8325-2_1/1/25:1 for Filter Bypass + description MrRobinWilliams_MrsDoubtfire-SFP4 C22U35 C25P16 no shutdown no routing - vlan access 1813 -interface 1/1/26 - description aruba-wlc-b_0/0/3_Cab20-fpp7 + vlan trunk native 40 + vlan trunk allowed 9,18,35,40,45,48,70,175-179,203 +interface 1/1/8 + description NVR-SFP-B C26U36 C26P09 no shutdown - lag 26 -interface 1/1/28 - description aruba-wlc-c_0/0/3_Cab20-fpp8 + no routing + vlan trunk native 70 + vlan trunk allowed all +interface 1/1/9 + description MrRobinWilliams_Deadpoets-SFP2 C22U33 C25P17 no shutdown - lag 28 -interface 1/1/30 - description FG-B_port17 C20U32 C20P09 + no routing + vlan trunk native 40 + vlan trunk allowed 9,18,35,40,45,48,70,175-179,203 +interface 1/1/10 + description NVR-SFP-B C26U34 C26P10 no shutdown - lag 183 -interface 1/1/32 - description FG-B_port20 C20U32 C20P10 + no routing + vlan trunk native 70 + vlan trunk allowed all +interface 1/1/11 + description MrRobinWilliams_Deadpoets-SFP4 C22U33 C25P18 no shutdown - lag 184 + no routing + vlan trunk native 40 + vlan trunk allowed 9,18,35,40,45,48,70,175-179,203 +interface 1/1/12 + description NVR-SFP-B C26U22 C26P11 + no shutdown + no routing + vlan trunk native 70 + vlan trunk allowed all +interface 1/1/18 + description Uplink LAG + no shutdown + lag 248 +interface 1/1/21 + description AV500047-SFP-B C26U22 C26P11 + no shutdown + no routing + vlan trunk native 70 + vlan trunk allowed all +interface 1/1/23 + description AV500047-SFP-B C26U20 C26P12 + no shutdown + no routing + vlan trunk native 70 + vlan trunk allowed all interface 1/1/33 description Uplink LAG no shutdown - lag 241 + lag 242 interface 1/1/34 description Uplink LAG no shutdown - lag 241 + lag 242 interface 1/1/35 description ISL LAG no shutdown @@ -886,105 +857,27 @@ interface 1/1/36 description ISL LAG no shutdown lag 256 -interface vlan 1251 - description ct-noc inside firewall - vrf attach outside - ip address 10.251.1.254/24 - ip ospf 2 area 0.0.0.0 - vrrp dual-active-forwarding - vrrp 1 address-family ipv4 - address 10.251.1.1 primary - priority 130 - no shutdown - exit -interface vlan 1254 - description outside vrf transit-vlan - vrf attach outside - ip address 172.31.254.254/24 - ip ospf 2 area 0.0.0.0 - no ip ospf passive - ip pim-sparse enable -interface vlan 1813 - description linewize bypass - vrf attach outside - ip address 172.31.250.2/24 - ip ospf 2 area 0.0.0.0 - no ip ospf passive - ip ospf cost 9000 - ip ospf bfd -interface vlan 1814 - description Linewize-B outside - vrf attach outside - ip address 172.31.249.2/24 - ip neighbor-flood - ip ospf 2 area 0.0.0.0 - no ip ospf passive - ip ospf cost 2000 - ip ospf bfd snmp-server vrf default snmp-server vrf mgmt -snmp-server system-description ct-noc-8360-2-1 +snmp-server system-description ct-noc-8360-2-2 snmp-server system-location CT NOC snmp-server system-contact Tim Marris snmp-server community mickey03 vsx - system-mac 12:01:01:01:01:01 + system-mac 12:02:02:02:02:02 inter-switch-link lag 256 role secondary - keepalive peer 192.168.101.11 source 192.168.101.21 vrf mgmt -ip route 0.0.0.0/0 10.251.1.5 vrf outside -ip route 10.0.0.0/8 nullroute vrf outside -ip route 10.11.0.0/20 10.251.1.5 vrf outside -ip route 10.46.0.0/16 10.251.1.5 vrf outside -ip route 10.51.62.32/28 10.251.1.5 vrf outside -ip route 10.79.0.0/16 10.251.1.5 vrf outside -ip route 10.107.49.0/24 10.251.1.5 vrf outside -ip route 10.107.50.0/24 10.251.1.5 vrf outside -ip route 10.107.100.0/24 10.251.1.5 vrf outside -ip route 10.211.21.16/28 10.251.1.5 vrf outside -ip route 10.212.134.0/26 10.251.1.5 vrf outside -ip route 10.222.0.0/16 10.251.1.5 vrf outside -ip route 10.235.40.0/21 10.251.1.5 vrf outside -ip route 10.249.0.46/32 10.251.1.5 vrf outside -ip route 10.249.0.44/32 10.251.1.5 vrf outside -ip route 10.250.0.0/16 10.251.1.5 vrf outside -ip route 10.250.100.0/24 10.251.1.5 vrf outside -ip route 10.253.17.0/24 10.251.1.5 vrf outside -ip route 10.253.18.0/24 10.251.1.5 vrf outside -ip route 172.16.0.0/12 nullroute vrf outside -ip route 172.17.0.0/16 10.252.1.4 vrf outside -ip route 172.18.0.0/16 10.252.1.5 vrf outside -ip route 172.19.0.0/16 10.252.1.6 vrf outside -ip route 172.30.44.0/23 10.251.1.5 vrf outside -ip route 172.30.45.25/32 10.251.1.5 vrf outside -ip route 172.30.45.30/32 10.251.1.5 vrf outside -ip route 172.30.45.35/32 10.251.1.5 vrf outside -ip route 172.30.45.84/32 10.251.1.5 vrf outside -ip route 172.30.45.107/32 10.251.1.5 vrf outside -ip route 172.30.45.109/32 10.251.1.5 vrf outside -ip route 192.168.0.0/16 nullroute vrf outside -ip route 192.168.46.0/24 10.251.1.5 vrf outside -ip route 192.168.79.0/24 10.251.1.5 vrf outside -ip route 192.168.146.0/24 10.251.1.5 vrf outside + keepalive peer 192.168.101.12 source 192.168.101.22 vrf mgmt ip dns domain-name scsd.ad +ip dns server-address 10.1.48.11 +ip dns server-address 10.1.40.10 ip dns server-address 10.1.40.10 vrf mgmt -ip dns server-address 10.21.48.10 vrf mgmt -ip prefix-list default-route seq 5 deny 0.0.0.0/0 -ip prefix-list default-route seq 10 permit 0.0.0.0/0 +ip dns server-address 10.1.48.11 vrf mgmt ! ! ! ! -route-map type1routes permit seq 10 - match ip address prefix-list default-route - set metric-type external type-1 -route-map type1routes permit seq 20 ! -router ospf 2 vrf outside - router-id 10.251.1.254 - passive-interface default - rfc1583-compatibility - area 0.0.0.0 https-server vrf default https-server vrf mgmt configuration-lockout central managed \ No newline at end of file