Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Topologia VyOS: https://ibb.co/kcqnR2S
- Print (Traceroute CPE-1): https://ibb.co/F8XsHP5
- *------------------ VyOS 1.4.0 Config -----------------*
- set interfaces ethernet eth0 hw-id '50:00:00:01:00:00'
- set interfaces ethernet eth1 address 'dhcp'
- set interfaces ethernet eth1 description 'LAB-BGP-PBR'
- set interfaces ethernet eth1 hw-id '50:00:00:01:00:01'
- set interfaces ethernet eth2 address '10.100.1.1/30'
- set interfaces ethernet eth2 description 'CGN-1'
- set interfaces ethernet eth2 hw-id '50:00:00:01:00:02'
- set interfaces ethernet eth3 address '10.100.1.5/30'
- set interfaces ethernet eth3 description 'BNG-1'
- set interfaces ethernet eth3 hw-id '50:00:00:01:00:03'
- set interfaces loopback lo address '150.150.0.255/32'
- set policy prefix-list EXPORT-V4 rule 5 action 'permit'
- set policy prefix-list EXPORT-V4 rule 5 prefix '150.150.0.0/24'
- set policy route PBR-CGNAT interface 'eth3'
- set policy route PBR-CGNAT rule 5 action 'accept'
- set policy route PBR-CGNAT rule 5 destination address '100.64.1.0/24'
- set policy route PBR-CGNAT rule 5 set table 'main'
- set policy route PBR-CGNAT rule 10 action 'accept'
- set policy route PBR-CGNAT rule 10 set table '100'
- set policy route PBR-CGNAT rule 10 source address '100.64.1.0/24'
- set policy route-map EXPORT-V4 rule 5 action 'permit'
- set policy route-map EXPORT-V4 rule 5 match ip address prefix-list 'EXPORT-V4'
- set protocols bgp address-family ipv4-unicast network 150.150.0.0/24
- set protocols bgp neighbor 10.12.1.1 address-family ipv4-unicast route-map export 'EXPORT-V4'
- set protocols bgp neighbor 10.12.1.1 address-family ipv4-unicast soft-reconfiguration inbound
- set protocols bgp neighbor 10.12.1.1 remote-as '100'
- set protocols bgp parameters router-id '150.150.0.255'
- set protocols bgp system-as '150'
- set protocols ospf area 0.0.0.0 network '10.100.1.0/30'
- set protocols ospf area 0.0.0.0 network '10.100.1.4/30'
- set protocols ospf area 0.0.0.0 network '150.150.0.255/32'
- set protocols ospf default-information originate always
- set protocols ospf interface eth1 passive
- set protocols ospf interface eth2 network 'point-to-point'
- set protocols ospf interface eth3 network 'point-to-point'
- set protocols ospf interface lo passive
- set protocols ospf parameters router-id '150.150.0.255'
- set protocols static route 150.150.0.0/24 blackhole
- set protocols static table 100 route 0.0.0.0/0 next-hop 10.100.1.2
- set service ntp allow-client address '0.0.0.0/0'
- set service ntp allow-client address '::/0'
- set service ntp server time1.vyos.net
- set service ntp server time2.vyos.net
- set service ntp server time3.vyos.net
- set system config-management commit-revisions '100'
- set system conntrack modules ftp
- set system conntrack modules h323
- set system conntrack modules nfs
- set system conntrack modules pptp
- set system conntrack modules sip
- set system conntrack modules sqlnet
- set system conntrack modules tftp
- set system console device ttyS0 speed '115200'
- set system host-name 'vyos'
- set system login user vyos authentication encrypted-password '$6$rounds=656000$zJ7rWKS.b2E3R7k0$uZr/pqdvb.jVSgXXfoV3UaENe4q54iJ6oVxwGHsbZBaVSaBy1D47OwtgrEqzxncDFxc75plf2lwNOVIh.3koe0'
- set system login user vyos authentication plaintext-password ''
- set system syslog global facility all level 'info'
- set system syslog global facility local7 level 'debug'
- *------------------ CGN-1 Config -----------------*
- /interface bridge
- add name=Loopback
- /interface ethernet
- set [ find default-name=ether2 ] name=ether2-MK
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /routing ospf instance
- set [ find default=yes ] redistribute-static=as-type-1
- /ip address
- add address=10.100.1.2/30 interface=ether2-MK network=10.100.1.0
- add address=150.150.0.254 interface=Loopback network=150.150.0.254
- /ip firewall nat
- add action=netmap chain=srcnat out-interface=ether2-MK src-address=100.64.1.0/24 to-addresses=150.150.0.0/30
- /ip route
- add distance=1 dst-address=150.150.0.0/30 type=blackhole
- /routing ospf interface
- add interface=Loopback network-type=point-to-point passive=yes
- add interface=ether2-MK network-type=point-to-point
- /routing ospf network
- add area=backbone network=150.150.0.254/32
- add area=backbone network=10.100.1.0/30
- /system identity
- set name=CGN-1
- /tool romon
- set enabled=yes
- *------------------ BNG-1 Config -----------------*
- /interface ethernet
- set [ find default-name=ether3 ] name=ether3-MK
- set [ find default-name=ether4 ] name=ether4-CPE-2
- /ip pool
- add name=Pool-PPPoE ranges=100.64.1.0/24
- /port
- set 0 name=serial0
- /ppp profile
- add local-address=150.150.0.253 name=PPPoE remote-address=Pool-PPPoE
- /routing ospf instance
- add disabled=no name=default redistribute=static router-id=150.150.0.253
- /routing ospf area
- add disabled=no instance=default name=0.0.0.0
- /interface pppoe-server server
- add disabled=no interface=ether4-CPE-2 max-mru=1480 max-mtu=1480 service-name=service1
- /ip address
- add address=150.150.0.253 interface=lo network=150.150.0.253
- add address=10.100.1.6/30 interface=ether3-MK network=10.100.1.4
- /ip route
- add blackhole disabled=no dst-address=100.64.1.0/24 gateway="" routing-table=main suppress-hw-offload=no
- /ppp secret
- add name=cpe-1 profile=PPPoE service=pppoe
- /routing ospf interface-template
- add area=0.0.0.0 disabled=no interfaces=ether3-MK networks=10.100.1.4/30 type=ptp
- add area=0.0.0.0 disabled=no interfaces=lo networks=150.150.0.253/32 passive type=ptp
- /system identity
- set name=BNG-1
- /system note
- set show-at-login=no
- /tool romon
- set enabled=yes
- *------------------ CPE-1 Config -----------------*
- /interface pppoe-client
- add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 password=123 user=cpe-1
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /ip dhcp-client
- add disabled=no interface=ether1
- /system identity
- set name=CPE-1
- /tool romon
- set enabled=yes
- =============================================================================================================================
- Topologia MikroTik: https://ibb.co/hLBtXvs
- Print (Traceroute CPE-2): https://ibb.co/4FcmjLj
- *------------------ MikroTik Config -----------------*
- /interface bridge
- add name=Loopback
- /interface ethernet
- set [ find default-name=ether1 ] name=ether1-LAB-BGP-PBR
- set [ find default-name=ether2 ] name=ether2-CGN-2
- set [ find default-name=ether3 ] name=ether3-BNG-2
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /routing bgp instance
- set default as=200 router-id=200.200.0.255
- /routing ospf instance
- set [ find default=yes ] distribute-default=always-as-type-1 router-id=200.200.0.255
- /ip address
- add address=10.200.1.1/30 interface=ether2-CGN-2 network=10.200.1.0
- add address=10.200.1.5/30 interface=ether3-BNG-2 network=10.200.1.4
- add address=200.200.0.255 interface=Loopback network=200.200.0.255
- /ip dhcp-client
- add add-default-route=no disabled=no interface=ether1-LAB-BGP-PBR use-peer-dns=no use-peer-ntp=no
- /ip route
- add distance=1 gateway=10.200.1.2 routing-mark=CGN
- /ip route rule
- add src-address=100.65.1.0/24 table=CGN
- /routing bgp network
- add network=200.200.0.0/24 synchronize=no
- /routing bgp peer
- add in-filter=IN-peer1 name=peer1 out-filter=OUT-peer1 remote-address=10.12.1.1 remote-as=100
- /routing filter
- add action=accept chain=IN-peer1 prefix=0.0.0.0/0
- add action=discard chain=IN-peer1
- add action=accept chain=OUT-peer1 prefix=200.200.0.0/24
- add action=discard chain=OUT-peer1
- /routing ospf interface
- add interface=Loopback network-type=point-to-point passive=yes
- add interface=ether2-CGN-2 network-type=point-to-point
- add interface=ether3-BNG-2 network-type=point-to-point
- /routing ospf network
- add area=backbone network=200.200.0.255/32
- add area=backbone network=10.200.1.0/30
- add area=backbone network=10.200.1.4/30
- /tool romon
- set enabled=yes
- *------------------ CGN-2 Config -----------------*
- /interface bridge
- add name=Loopback
- /interface ethernet
- set [ find default-name=ether2 ] name=ether2-MK
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /routing ospf instance
- set [ find default=yes ] redistribute-static=as-type-1 router-id=200.200.0.254
- /ip address
- add address=10.200.1.2/30 interface=ether2-MK network=10.200.1.0
- add address=200.200.0.254 interface=Loopback network=200.200.0.254
- /ip firewall nat
- add action=netmap chain=srcnat out-interface=ether2-MK src-address=100.65.1.0/24 to-addresses=200.200.0.0/30
- /ip route
- add distance=1 dst-address=200.200.0.0/30 type=blackhole
- /routing ospf interface
- add interface=ether2-MK network-type=point-to-point
- add interface=Loopback network-type=point-to-point passive=yes
- /routing ospf network
- add area=backbone network=10.200.1.0/30
- add area=backbone network=200.200.0.254/32
- /system identity
- set name=CGN-2
- /tool romon
- set enabled=yes
- *------------------ BNG-2 Config -----------------*
- /interface ethernet
- set [ find default-name=ether3 ] name=ether3-MK
- set [ find default-name=ether4 ] name=ether4-CPE-2
- /ip pool
- add name=Pool-PPPoE ranges=100.65.1.0/24
- /port
- set 0 name=serial0
- /ppp profile
- add local-address=200.200.0.253 name=PPPoE remote-address=Pool-PPPoE
- /routing ospf instance
- add disabled=no name=default redistribute=static router-id=200.200.0.253
- /routing ospf area
- add disabled=no instance=default name=0.0.0.0
- /interface pppoe-server server
- add disabled=no interface=ether4-CPE-2 max-mru=1480 max-mtu=1480 service-name=service1
- /ip address
- add address=10.200.1.6/30 interface=ether3-MK network=10.200.1.4
- add address=200.200.0.253 interface=lo network=200.200.0.253
- /ip route
- add blackhole disabled=no dst-address=100.65.1.0/24 gateway="" routing-table=main suppress-hw-offload=no
- /ppp secret
- add name=cpe-2 profile=PPPoE service=pppoe
- /routing ospf interface-template
- add area=0.0.0.0 disabled=no interfaces=lo networks=200.200.0.253/32 passive type=ptp
- add area=0.0.0.0 disabled=no interfaces=ether3-MK networks=10.200.1.4/30 type=ptp
- /system identity
- set name=BNG-2
- /system note
- set show-at-login=no
- /tool romon
- set enabled=yes
- *------------------ CPE-2 Config -----------------*
- /interface pppoe-client
- add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 password=123 user=cpe-2
- /interface wireless security-profiles
- set [ find default=yes ] supplicant-identity=MikroTik
- /ip dhcp-client
- add disabled=no interface=ether1
- /system identity
- set name=CPE-2
- /tool romon
- set enabled=yes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement