0% found this document useful (0 votes)

87 views

Config

This document configures system settings, login users, and services like DHCP for a device called bras-lab-01. It sets the hostname, encrypted root and user passwords, login classes and users with super-user privileges. It also configures services like FTP, SSH, NETCONF and enables DHCP, setting options like interface assignments and authentication.

Uploaded by

dibyam baral

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

87 views

Config

Uploaded by

dibyam baral

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 21

set system host-name bras-lab-01

set system root-authentication encrypted-password

"$6$Fc/jeGcN$dJFuqc2vLhQJs2ehVhAHFjmC7uiDwT1GFNjSnX/enUNBBbTdhXPzVA3kGAqvVdU8a4dAzA
bMxr3YI9nsKKfa//"
set system configuration-database max-db-size 314572800
set system login class rancid-class idle-timeout 5
set system login class rancid-class login-alarms
set system login class rancid-class permissions secret
set system login class rancid-class permissions view
set system login class rancid-class permissions view-configuration
set system login class rancid-class allow-commands "(set cli.*)|(show.*)|(quit)"
set system login class rancid-class deny-commands .*
set system login user abhishek uid 2024
set system login user abhishek class super-user
set system login user abhishek authentication encrypted-password
"$5$m7CD1TX7$tg/wZDxTGtupoAJ2YqWKm7jhYBB7uJQOxsQQhXjqE1B"
set system login user abhishek authentication ssh-rsa "ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAQEAuFMb3BrJ7TJ77N+fYVMSSQEC4p4f+MiYyAJnBCpf8ijmq1wiPvvBYLP
uxu7EooFYL/xWSSCVIHBFdcNzJlalLnUXxviGpU/S5R/H2UDF1x9W3KAngZLqCBl43y0HpGZNMIWEt9Is5w
JfeGKpliTbLYfL10V0yecV/JYrmA7cwa5VnSi6Yn9aTLP+oiD2lB+BRdzBqGRdRZnsnNF0eIRxV6F+65Y1k
U1GUz5yZBZhn8V8W597hxP8E6Vx9IHnpwGlSAXf5V6SFLQ3Q6+m8rYrO4CZ8/4JGB4Vc7AJWIlwBh//w+rN
N1bHqSTgf/kOCAMPIdVuEaWsRg/KrFrwvE+ESw=="
set system login user amilan uid 2010
set system login user amilan class super-user
set system login user amilan authentication encrypted-password
"$6$SMUp0Lk/$URCoVEmoxM/2RnGaucf/B503af4CuJrtsIUlnWFzjBUGgjFzNy8YbeBaiU7JPg3vdbZqPd
KC/kf2Fou6pYd3.0"
set system login user amilan authentication ssh-rsa "ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAQEArJlqzAgkO2uaBv1rp2hvKb6ZiHjSHLnHhTy3gPcGFDkekS+CBq6Dqvr
dRRpfOkco0w2wPGN35PLr3BeswLKCUDj3/dfAG0bi1TSylmqIwAmHiTJQ0BgS1PRW10JvxEqYgGd8/J4f4q
f8y/EhCHHS7oB1Wld/MV514hj//NHgUDShw0LUdLBXZ+9vJygOTjySjE4NPtz9F222qVJIVkyMTjG4bdpE+
eqY7j4q4sQ9dB44l3AgVWHW9c42cORf8CCok0Y2brjOnSlXXFjQTxKGgQ3Q0GLWsmSGxqNR9Tp3UQvd70mu
iBpSmAIydHGKC2q4kwRQ/BiYsqZYOOqeVpnlrw=="
set system login user bidhanb uid 2026
set system login user bidhanb class super-user
set system login user bidhanb authentication encrypted-password
"$6$Uyxpf1LQ$rZxgj0KVLH3z8tOYYkX1CYgO.uEJEG9PP5qbDJB67ypnrWb2xT.5rTL18LffP/Pxqlmsg7
gXAxtB3y08QZWEV."
set system login user craju uid 2006
set system login user craju class super-user
set system login user craju authentication encrypted-password
"$6$mWtUHXK6$IAzSunEtpWoVa/cDlX6FVDnioHeHjBDZH1IQB.QHw.6XNR4O0mXe..cHkWAs0o236.f8Hl
yIhj.pcpy1eR.DO1"
set system login user gbijay uid 2011
set system login user gbijay class super-user
set system login user gbijay authentication encrypted-password
"$6$IPMPL5bD$Y9bIeuSHmk.RTP5h/dWeuj1BFATkaUfIINZG.vTE1aD0Z2uL8Jq54ESINjb6cw0qZNTOJQ
anFwqY0OkzsCky21"
set system login user gshyam uid 2000
set system login user gshyam class super-user
set system login user gshyam authentication encrypted-password
"$6$xPGuF79q$uh3VRTB.7BjC0r0oItUXxTFYwlsWK3ZF9eFEyoIxXgZYjJedubHqTqTguxF0aTXV8fO3cB
J2gE5YHvSabZLw0."
set system login user jspace uid 2027
set system login user jspace class super-user
set system login user jspace authentication encrypted-password
"$6$Zhg1Udol$wXTzbNgSk828oVrvvrbG8D5vjR4qFS1E2LcdBgYEfQqE/X2/VZi4KqzXYdNC.hE9BrBJ/9
n7.4Ekzgb0u8RZM."
set system login user junadmin full-name "TACACS Authenticated users with super-
user privileges"
set system login user junadmin uid 2029
set system login user junadmin class super-user
set system login user kijush uid 2016
set system login user kijush class super-user
set system login user kijush authentication encrypted-password
"$6$pVQsVgrS$id39yjau59hfXFqmnzUkm3odCCuznQGu1V2f8fSa3yTSNdusktuhPFdnqVMHafxJDBW1N1
Y2g3zVJcxIbB49G/"
set system login user lab uid 2017
set system login user lab class super-user
set system login user lab authentication encrypted-password
"$6$AbJiNwze$MbLs7bNTM73tC63RleqsoiUMeGhb5BA9dZXPpWsjm0XzHCSIdxI./bj7/oEW/JSc/Qpbp9
ADk4rGEkiBfHY7C/"
set system login user laxman uid 2022
set system login user laxman class super-user
set system login user laxman authentication encrypted-password
"$6$HlwVGX/P$YXnuqnL/5HcPUbOvUmhOHYOPZbRqmewo.F6/cRixNwdA4ckFgfeTDaAAyQDkI33CK8HqwT
42RNHtXirnKI0Y81"
set system login user mhjsakar uid 2020
set system login user mhjsakar class super-user
set system login user mhjsakar authentication encrypted-password
"$6$jaBQ0k1v$cuaBsQ6fva8UneB1O4Ya7kQKU32dSg1Yico2nbnYGuDqENERRyM6YcEYXPFutJtjv2vxTV
0B8ordICPUHNY8a1"
set system login user rancid uid 2015
set system login user rancid class super-user
set system login user rancid authentication encrypted-password
"$1$TFci3GHn$pU3DsQul8vZw6W37cJhYo/"
set system login user saralps uid 2025
set system login user saralps class super-user
set system login user saralps authentication encrypted-password
"$6$Vz50rL/9$XDjdzfVxHCqw8hJlKLaOBjzLL31Tafxoa3lhmBtLe5pu5h.2cs7eP.7NB/7fOpmYN0Egrr
Gc2MZdpjT6.56zw0"
set system login user script uid 2019
set system login user script class super-user
set system login user srijan uid 2028
set system login user srijan class super-user
set system login user srijan authentication encrypted-password
"$6$jVvonUyq$7jc3aNF2f/bRnIu1GR/a6RoL4AhdkEJ4ZoqjvuvKqTnWVF1hwG1movUSLNTYOn1w3DuxBM
0fzRVYaH6ti/18f."
set system login user sthashish uid 2001
set system login user sthashish class super-user
set system login user sthashish authentication encrypted-password
"$6$ML/NZGy5$DWKmg/IL92VuuKjao/fenF.WfQv8iiHGtj68F1.26tcqkJHUxLYp7XN/HPRFdUnipbA55j
46rj/6p4cjgvXxA0"
set system services ftp
set system services ssh root-login allow
set system services ssh protocol-version v2
set system services ssh max-sessions-per-connection 64
set system services extension-service request-response grpc clear-text port 9000
set system services extension-service request-response grpc skip-authentication
set system services netconf ssh
set system services rest http
set system services rest enable-explorer
set system services dhcp-local-server dhcpv6 short-cycle-protection lockout-min-
time 2
set system services dhcp-local-server dhcpv6 short-cycle-protection lockout-max-
time 900
set system services dhcp-local-server dhcpv6 group IPv6 overrides rapid-commit
set system services dhcp-local-server dhcpv6 group IPv6 overrides delegated-pool
Default-v6-pd-pool
set system services dhcp-local-server dhcpv6 group IPv6 overrides delete-binding-
on-renegotiation
deactivate system services dhcp-local-server dhcpv6 group IPv6 overrides delete-
binding-on-renegotiation
set system services dhcp-local-server dhcpv6 group IPv6 overrides asymmetric-lease-
time 1200
set system services dhcp-local-server dhcpv6 group IPv6 overrides asymmetric-
prefix-lease-time 1200
set system services dhcp-local-server dhcpv6 group IPv6 overrides dual-stack dual-
stack-group
set system services dhcp-local-server dhcpv6 group IPv6 interface xe-0/0/0.0
set system services dhcp-local-server dhcpv6 group IPv6 interface xe-1/0/0:1.0
set system services dhcp-local-server dhcpv6 group IPv6 interface ae14.0
set system services dhcp-local-server dhcpv6 group IPv6 interface demux0.0
set system services dhcp-local-server pool-match-order external-authority
set system services dhcp-local-server pool-match-order ip-address-first
set system services dhcp-local-server liveness-detection failure-action clear-
binding-if-interface-up
set system services dhcp-local-server liveness-detection method bfd version
automatic
set system services dhcp-local-server liveness-detection method bfd minimum-
interval 45000
set system services dhcp-local-server liveness-detection method bfd minimum-
receive-interval 60000
set system services dhcp-local-server liveness-detection method bfd multiplier 1
set system services dhcp-local-server liveness-detection method bfd no-adaptation
set system services dhcp-local-server liveness-detection method bfd transmit-
interval minimum-interval 45000
set system services dhcp-local-server liveness-detection method bfd transmit-
interval threshold 60000
set system services dhcp-local-server liveness-detection method bfd detection-time
threshold 66000
set system services dhcp-local-server liveness-detection method bfd session-mode
automatic
set system services dhcp-local-server liveness-detection method bfd holddown-
interval 50
deactivate system services dhcp-local-server liveness-detection
set system services dhcp-local-server overrides client-discover-match incoming-
interface
set system services dhcp-local-server overrides dual-stack dual-stack-group
set system services dhcp-local-server short-cycle-protection lockout-min-time 2
set system services dhcp-local-server short-cycle-protection lockout-max-time 900
set system services dhcp-local-server group IPv4 overrides delete-binding-on-
renegotiation
deactivate system services dhcp-local-server group IPv4 overrides delete-binding-
on-renegotiation
set system services dhcp-local-server group IPv4 overrides asymmetric-lease-time
1200
set system services dhcp-local-server group IPv4 overrides dual-stack dual-stack-
group
set system services dhcp-local-server group IPv4 interface xe-0/0/0.0
set system services dhcp-local-server group IPv4 interface xe-1/0/0:1.0
set system services dhcp-local-server group IPv4 interface ae14.0
set system services dhcp-local-server group IPv4 interface demux0.0
set system services dhcp-local-server dual-stack-group dual-stack-group
authentication password "wlink123$"
set system services dhcp-local-server dual-stack-group dual-stack-group
authentication username-include mac-address
set system services dhcp-local-server dual-stack-group dual-stack-group dynamic-
profile wlink-default-prof
set system services dhcp-local-server dual-stack-group dual-stack-group on-demand-
address-allocation
deactivate system services dhcp-local-server dual-stack-group dual-stack-group on-
demand-address-allocation
set system services dhcp-local-server dual-stack-group dual-stack-group
classification-key mac-address
set system services dhcp-local-server dual-stack-group dual-stack-group
renegotiation-master inet
set system services dhcp-local-server dual-stack-group dual-stack-group
renegotiation-master inet6
set system services dhcp-local-server dual-stack-group dual-stack-group liveness-
detection failure-action clear-binding-if-interface-up
set system services dhcp-local-server dual-stack-group dual-stack-group liveness-
detection method layer2-liveness-detection transmit-interval 300
set system services dhcp-local-server dual-stack-group dual-stack-group liveness-
detection method layer2-liveness-detection max-consecutive-retries 5
deactivate system services dhcp-local-server dual-stack-group dual-stack-group
liveness-detection
set system services dhcp-local-server dual-stack-group dual-stack-group short-
cycle-protection lockout-min-time 2
set system services dhcp-local-server dual-stack-group dual-stack-group short-
cycle-protection lockout-max-time 900
set system services dhcp-local-server no-stale-timer-refresh
set system services subscriber-management traceoptions file test_log1
set system services subscriber-management traceoptions file size 2m
set system services subscriber-management traceoptions file files 20
set system services subscriber-management traceoptions file world-readable
set system services subscriber-management enable
set system time-zone Asia/Kathmandu
set system authentication-order tacplus
set system authentication-order password
set system name-server 202.79.32.4
set system tacplus-server 202.79.32.39 port 49
set system tacplus-server 202.79.32.39 secret "$9$qmQn0BErKWIRVYoGq.0B1"
set system tacplus-server 202.79.32.39 source-address 202.166.192.34
set system tacplus-server 202.166.193.74 port 49
set system tacplus-server 202.166.193.74 secret "$9$OtlA1clxNbgaGdVmT39OBxN-"
set system tacplus-server 202.166.193.74 source-address 202.166.192.34
set system accounting events change-log
set system accounting destination tacplus server 202.79.32.39 port 49
set system accounting destination tacplus server 202.79.32.39 secret
"$9$AUEsp1hM87bY4Xxi.5FAtM8L"
set system accounting destination tacplus server 202.79.32.39 timeout 30
set system accounting destination tacplus server 202.79.32.39 single-connection
set system accounting destination tacplus server 202.166.193.74 port 49
set system accounting destination tacplus server 202.166.193.74 secret
"$9$AUEsp1hM87bY4Xxi.5FAtM8L"
set system accounting destination tacplus server 202.166.193.74 timeout 30
set system accounting destination tacplus server 202.166.193.74 single-connection
set system schema openconfig unhide
set system syslog user * any emergency
set system syslog host 202.79.32.84 any any
set system syslog host 202.79.32.84 port 5140
set system syslog host 202.79.32.84 source-address 202.166.192.34
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system syslog file config-change change-log any
set system syslog file BGP-log any info
set system syslog file BGP-log match BGP_
set system syslog file updown any any
set system syslog file updown match TRAP_LINK
set system syslog file ddos-log any info
set system syslog file ddos-log match DDOS_
set system syslog file default-log-messages any info
set system syslog file default-log-messages match "(requested 'commit' operation)|
(requested 'commit synchronize' operation)|(copying configuration to juniper.save)|
(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link
UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package
-X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|
CFMD_CCM_DEFECT| LFMD_3AH | RPD_MPLS_PATH_BFD|(Master Unchanged, Members Changed)|
(Master Changed, Members Changed)|(Master Detected, Members Changed)|(vc add)|(vc
delete)|(Master detected)|(Master changed)|(Backup detected)|(Backup changed)|
(interface vcp-)"
set system syslog file default-log-messages structured-data
set system syslog log-rotate-frequency 59
set system processes general-authentication-service traceoptions file jauthd
set system processes general-authentication-service traceoptions file size 100m
set system processes general-authentication-service traceoptions file files 10
set system processes general-authentication-service traceoptions flag all
set system processes smg-service traceoptions file smgd
set system processes smg-service traceoptions file size 100m
set system processes smg-service traceoptions file files 10
set system processes smg-service traceoptions level all
set system processes smg-service traceoptions flag all
deactivate system processes smg-service traceoptions
set system processes bbe-mib-daemon traceoptions file bbe-mibd
set system processes bbe-mib-daemon traceoptions file size 100m
set system processes bbe-mib-daemon traceoptions file files 10
set system processes bbe-mib-daemon traceoptions level all
set system processes bbe-mib-daemon traceoptions flag all
deactivate system processes bbe-mib-daemon traceoptions
set system processes dhcp-service traceoptions file jdhcpd
set system processes dhcp-service traceoptions file size 100m
set system processes dhcp-service traceoptions level all
set system processes dhcp-service traceoptions flag packet
set system processes dhcp-service traceoptions flag all
set system ddos-protection protocols dhcpv4 discover recover-time 10
set system ntp server 202.79.32.104
set chassis aggregated-devices ethernet device-count 25
set chassis fpc 0 sampling-instance s1
set chassis fpc 1 pic 0 port 0 number-of-sub-ports 4
set chassis fpc 1 pic 0 port 0 speed 10g
set chassis fpc 1 pic 0 port 2 speed 100g
set chassis fpc 1 pic 0 port 5 speed 100g
set chassis fpc 1 pic 1 port 0 number-of-sub-ports 4
set chassis fpc 1 pic 1 port 0 speed 10g
set chassis fpc 1 pic 1 port 2 speed 100g
set chassis fpc 1 pic 1 port 5 speed 100g
set chassis fpc 1 max-queues 512k
set chassis network-services enhanced-ip
set services analytics streaming-server telemetry-server remote-address 10.21.7.34
set services analytics streaming-server telemetry-server remote-port 9000
set services analytics export-profile export-param local-address 202.166.192.34
set services analytics export-profile export-param local-port 21111
set services analytics export-profile export-param reporting-rate 60
set services analytics export-profile export-param format gpb
set services analytics export-profile export-param transport udp
set services analytics sensor interface-1 server-name telemetry-server
set services analytics sensor interface-1 export-name export-param
set services analytics sensor interface-1 resource
/junos/system/linecard/interface/logical/usage/
set services analytics sensor interface-1 resource-filter xe-*
set services analytics sensor resource-1 server-name telemetry-server
set services analytics sensor resource-1 export-name export-param
set services analytics sensor resource-1 resource
/junos/system/linecard/cpu/memory/
set services flow-monitoring version-ipfix template ipv4 flow-active-timeout 60
set services flow-monitoring version-ipfix template ipv4 flow-inactive-timeout 70
set services flow-monitoring version-ipfix template ipv4 template-refresh-rate
seconds 30
set services flow-monitoring version-ipfix template ipv4 option-refresh-rate
seconds 30
set services flow-monitoring version-ipfix template ipv4 ipv4-template
set access-profile Rad
set interfaces xe-0/2/4 unit 0
set interfaces xe-1/0/0:0 description WAN_jnpr-prera-01_xe-2/0/1
set interfaces xe-1/0/0:0 unit 0 family inet address 202.79.40.6/31
set interfaces xe-1/0/0:0 unit 0 family inet6 address 2400:1a00:0:42::179/127
set interfaces xe-1/0/0:1 description jnpr-prera-01_xe-2/0/3_VPLS
set interfaces xe-1/0/0:1 hierarchical-scheduler maximum-hierarchy-levels 2
set interfaces xe-1/0/0:1 hierarchical-scheduler implicit-hierarchy
set interfaces xe-1/0/0:1 flexible-vlan-tagging
set interfaces xe-1/0/0:1 auto-configure stacked-vlan-ranges dynamic-profile
FtthZoom-svlan-prof accept dhcp-v4
set interfaces xe-1/0/0:1 auto-configure stacked-vlan-ranges dynamic-profile
FtthZoom-svlan-prof accept dhcp-v6
set interfaces xe-1/0/0:1 auto-configure stacked-vlan-ranges dynamic-profile
FtthZoom-svlan-prof ranges 3800-3800,121-121
set interfaces xe-1/0/0:1 auto-configure stacked-vlan-ranges dynamic-profile
FtthZoom-svlan-prof ranges 3700-3700,121-121
set interfaces xe-1/0/0:1 auto-configure stacked-vlan-ranges dynamic-profile
FtthZoom-svlan-profile accept pppoe
set interfaces xe-1/0/0:1 auto-configure stacked-vlan-ranges dynamic-profile
FtthZoom-svlan-profile ranges 3800-3800,120-120
set interfaces xe-1/0/0:1 auto-configure stacked-vlan-ranges dynamic-profile
FtthZoom-svlan-profile ranges 3700-3700,120-120
set interfaces xe-1/0/0:1 auto-configure stacked-vlan-ranges access-profile Rad
set interfaces xe-1/0/0:1 auto-configure remove-when-no-subscribers
set interfaces xe-1/0/0:1 mtu 9192
set interfaces xe-1/0/0:1 encapsulation flexible-ethernet-services
set interfaces xe-1/0/0:1 gigether-options ignore-l3-incompletes
set interfaces xe-1/0/0:2 description gw-jwl-stc-02_BGP_VL1120
set interfaces xe-1/0/0:2 flexible-vlan-tagging
set interfaces xe-1/0/0:2 encapsulation flexible-ethernet-services
set interfaces xe-1/0/0:2 unit 1120 vlan-id 1120
set interfaces xe-1/0/0:2 unit 1120 family inet address 202.166.220.2/24
set interfaces et-1/1/5 description To_X590
set interfaces et-1/1/5 unit 0 family inet address 172.16.16.2/30
set interfaces xe-2/0/0 unit 0 family inet
set interfaces xe-2/0/0 unit 0 family inet6
set interfaces fxp0 unit 0 description MGMT
set interfaces fxp0 unit 0 family inet address 10.10.250.22/23
set interfaces fxp0 unit 0 family inet address 10.0.1.6/24
set interfaces lo0 unit 0 family inet filter input ProtectRE
set interfaces lo0 unit 0 family inet address 202.166.192.34/32
set interfaces lo0 unit 0 family inet address 124.41.255.1/32
set interfaces lo0 unit 0 family inet6 filter input ipv6-ProtectRE
deactivate interfaces lo0 unit 0 family inet6 filter
set interfaces lo0 unit 0 family inet6 address 2400:1a00::34/128
set interfaces lo0 unit 0 family inet6 address 2400:1a00:8001:1::1/128 primary
set interfaces lo0 unit 0 family inet6 address 2400:1a00:8001:1::1/128 preferred
set snmp filter-interfaces interfaces pp0.*
set snmp filter-interfaces interfaces demux0.*
set snmp filter-interfaces all-internal-interfaces
set snmp engine-id use-mac-address
set snmp community 3263all authorization read-only
set snmp community 3263all clients 202.79.32.218/32
set snmp community 3263all clients 202.79.32.51/32
set snmp community 3263all clients 202.79.32.207/32
set snmp community 3263all clients 202.166.193.41/32
set snmp community 3263all clients 202.166.193.42/32
set snmp community 3263all clients 202.166.193.86/32
set snmp community 3263all clients 202.79.32.85/32
set snmp community 3263all clients 202.79.38.61/32
set snmp trap-group logstash destination-port 1062
set snmp trap-group logstash categories authentication
set snmp trap-group logstash categories chassis
set snmp trap-group logstash categories link
set snmp trap-group logstash categories routing
set snmp trap-group logstash categories startup
set snmp trap-group logstash categories rmon-alarm
set snmp trap-group logstash categories configuration
set snmp trap-group logstash categories services
set snmp trap-group logstash targets 202.79.32.200
set snmp trap-group Junos-space targets 202.79.32.12
set snmp trap-group space targets 202.79.38.60
set snmp trap-group space targets 202.79.38.62
set snmp traceoptions file bbe-snmp
set snmp traceoptions file size 100m
set snmp traceoptions file files 10
set snmp traceoptions flag all
set forwarding-options sampling instance s1 input rate 10
set forwarding-options sampling instance s1 family inet output flow-server
202.79.36.101 port 2055
set forwarding-options sampling instance s1 family inet output flow-server
202.79.36.101 version-ipfix template ipv4
set forwarding-options sampling instance s1 family inet output inline-jflow source-
address 202.166.192.34
set policy-options prefix-list IPTV-EDGE-SERVERS 103.213.31.0/24
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.32/29
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.180/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.182/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.192/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.196/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.198/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.200/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.204/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.206/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.212/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.216/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.220/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.222/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.226/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.240/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.242/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.244/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.246/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.250/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.79.40.252/31
set policy-options prefix-list IPTV-EDGE-SERVERS 202.166.192.204/30
set policy-options policy-statement import-routes term T0 from route-filter
0.0.0.0/0 exact
set policy-options policy-statement import-routes term T0 then accept
set policy-options policy-statement import-routes then reject
set policy-options policy-statement ipv6-outbound-routes term default from route-
filter ::/0 exact reject
set policy-options policy-statement ipv6-outbound-routes term static from family
inet6
set policy-options policy-statement ipv6-outbound-routes term static from protocol
static
set policy-options policy-statement ipv6-outbound-routes term static from route-
filter ::/0 upto /48
set policy-options policy-statement ipv6-outbound-routes term static then accept
set policy-options policy-statement ipv6-outbound-routes term direct from family
inet6
set policy-options policy-statement ipv6-outbound-routes term direct from protocol
direct
set policy-options policy-statement ipv6-outbound-routes term direct from route-
filter ::/0 upto /48
set policy-options policy-statement ipv6-outbound-routes term direct then accept
set policy-options policy-statement ipv6-outbound-routes term DHCP_IA-NA from
route-filter 2400:1a00:8001:1::/64 exact
set policy-options policy-statement ipv6-outbound-routes term DHCP_IA-NA then
accept
set policy-options policy-statement ipv6-outbound-routes then reject
set policy-options policy-statement next-hop-self then next-hop self
set policy-options policy-statement outbound-route term T0 from route-filter
0.0.0.0/0 exact
set policy-options policy-statement outbound-route term T0 from route-filter
10.0.1.0/24 exact
set policy-options policy-statement outbound-route term T0 from route-filter
124.41.211.0/24 exact
set policy-options policy-statement outbound-route term T0 from route-filter
202.79.32.0/24 upto /32
set policy-options policy-statement outbound-route term T0 from route-filter
202.79.36.0/24 upto /32
set policy-options policy-statement outbound-route term T0 then reject
set policy-options policy-statement outbound-route term direct from protocol static
set policy-options policy-statement outbound-route term direct then accept
deactivate policy-options policy-statement outbound-route term direct
set policy-options policy-statement outbound-route term test-prefix from route-
filter 124.41.255.0/24 exact
set policy-options policy-statement outbound-route term test-prefix from route-
filter 202.166.192.34/32 exact
set policy-options policy-statement outbound-route term test-prefix then accept
set policy-options policy-statement outbound-route then reject
set class-of-service host-outbound-traffic forwarding-class NC
set class-of-service forwarding-classes queue 0 INTERNET
set class-of-service forwarding-classes queue 0 priority low
set class-of-service forwarding-classes queue 1 IPTV
set class-of-service forwarding-classes queue 1 priority high
set class-of-service forwarding-classes queue 2 VOICE
deactivate class-of-service forwarding-classes queue 2
set class-of-service forwarding-classes queue 3 NC
set class-of-service forwarding-classes queue 3 priority high
set class-of-service rewrite-rules ieee-802.1 pbit-rewrite forwarding-class IPTV
loss-priority low code-point 101
set firewall family inet filter block-frag-in term 1 from packet-length 20
set firewall family inet filter block-frag-in term 1 from fragment-offset-except 0
set firewall family inet filter block-frag-in term 1 from fragment-flags "!more-
fragments"
set firewall family inet filter block-frag-in term 1 then count lenth0-in
set firewall family inet filter block-frag-in term 1 then discard
set firewall family inet filter block-frag-in term 2 then count test-in
set firewall family inet filter block-frag-in term 2 then accept
set firewall family inet filter block-frag-out term 1 from packet-length 20
set firewall family inet filter block-frag-out term 1 from fragment-offset-except 0
set firewall family inet filter block-frag-out term 1 from fragment-flags "!more-
fragments"
set firewall family inet filter block-frag-out term 1 then count lenth0-out
set firewall family inet filter block-frag-out term 1 then discard
set firewall family inet filter block-frag-out term 2 then count test-out
set firewall family inet filter block-frag-out term 2 then accept
set firewall family inet filter internal-ingress-filter term NO-NAT from
destination-address 100.64.0.0/10
set firewall family inet filter internal-ingress-filter term NO-NAT then accept
set firewall family inet filter internal-ingress-filter term 0 from destination-
address 192.168.0.0/16
set firewall family inet filter internal-ingress-filter term 0 from destination-
address 172.16.0.0/12
set firewall family inet filter internal-ingress-filter term 0 from destination-
address 10.0.0.0/8
set firewall family inet filter internal-ingress-filter term 0 then discard
set firewall family inet filter IPTV-TRAFFIC term FROM-EDGE-SERVER from prefix-list
IPTV-EDGE-SERVERS
set firewall family inet filter IPTV-TRAFFIC term FROM-EDGE-SERVER then count IPTV-
TRAFFIC
set firewall family inet filter IPTV-TRAFFIC term FROM-EDGE-SERVER then forwarding-
class IPTV
set firewall family inet filter IPTV-TRAFFIC term FROM-EDGE-SERVER then accept
set firewall family inet filter IPTV-TRAFFIC term FROM-EDGE-SERVER then dscp af41
set firewall family inet filter IPTV-TRAFFIC term DEFAULT then count DEFAULT-
TRAFFIC
set firewall family inet filter IPTV-TRAFFIC term DEFAULT then accept
set firewall family inet6 filter ALLOW-v6-Filter term DHCPv6-accept from next-
header udp
set firewall family inet6 filter ALLOW-v6-Filter term DHCPv6-accept from source-
port 546
set firewall family inet6 filter ALLOW-v6-Filter term DHCPv6-accept from source-
port 547
set firewall family inet6 filter ALLOW-v6-Filter term DHCPv6-accept from
destination-port 546
set firewall family inet6 filter ALLOW-v6-Filter term DHCPv6-accept from
destination-port 547
set firewall family inet6 filter ALLOW-v6-Filter term DHCPv6-accept then accept
set firewall family inet6 filter ALLOW-v6-Filter term ICMPv6-accept from next-
header icmp6
set firewall family inet6 filter ALLOW-v6-Filter term ICMPv6-accept from icmp-type
router-solicit
set firewall family inet6 filter ALLOW-v6-Filter term ICMPv6-accept from icmp-type
neighbor-solicit
set firewall family inet6 filter ALLOW-v6-Filter term ICMPv6-accept from icmp-type
neighbor-advertisement
set firewall family inet6 filter ALLOW-v6-Filter term ICMPv6-accept from icmp-type
router-advertisement
set firewall family inet6 filter ALLOW-v6-Filter term ICMPv6-accept then accept
set firewall family inet6 filter ipv6-ProtectRE term 0 filter ALLOW-v6-Filter
set firewall family inet6 filter ipv6-ProtectRE term 1 from source-address
2400:1a00::/63
set firewall family inet6 filter ipv6-ProtectRE term 1 from source-address
2400:1a00:2::/48
set firewall family inet6 filter ipv6-ProtectRE term 1 from source-address
2400:1a00:0::/48
set firewall family inet6 filter ipv6-ProtectRE term 1 then count
ipv6_RE_protect_count
set firewall family inet6 filter ipv6-ProtectRE term 1 then log
set firewall family inet6 filter ipv6-ProtectRE term 1 then accept
set firewall family inet6 filter ipv6-ProtectRE term 2 from payload-protocol ospf
set firewall family inet6 filter ipv6-ProtectRE term 2 then accept
set firewall family inet6 filter ipv6-ProtectRE term 4 from payload-protocol tcp
set firewall family inet6 filter ipv6-ProtectRE term 4 from port 179
set firewall family inet6 filter ipv6-ProtectRE term 4 then accept
set firewall family inet6 filter ipv6-ProtectRE term icmp6 from payload-protocol
icmp6
set firewall family inet6 filter ipv6-ProtectRE term icmp6 then accept
set firewall family inet6 filter ipv6-ProtectRE term 3 then discard
set firewall policer 32k filter-specific
set firewall policer 32k if-exceeding bandwidth-limit 32k
set firewall policer 32k if-exceeding burst-size-limit 4k
set firewall policer 32k then discard
set firewall filter ProtectRE term 0 filter ALLOW-DHCP
set firewall filter ProtectRE term 1 from source-address 202.79.32.0/24
set firewall filter ProtectRE term 1 from source-address 202.79.40.0/23
set firewall filter ProtectRE term 1 from source-address 202.166.192.0/24
set firewall filter ProtectRE term 1 from source-address 202.79.36.0/24
set firewall filter ProtectRE term 1 from source-address 192.168.1.0/24
set firewall filter ProtectRE term 1 from source-address 202.166.193.64/26
set firewall filter ProtectRE term 1 from source-address 124.41.211.1/32
set firewall filter ProtectRE term 1 from source-address 10.0.1.0/24
set firewall filter ProtectRE term 1 from source-address 202.166.193.32/27
set firewall filter ProtectRE term 1 from source-address 10.12.9.0/24
set firewall filter ProtectRE term 1 from source-address 202.79.36.101/32
set firewall filter ProtectRE term 1 from source-address 202.79.38.61/32
set firewall filter ProtectRE term 1 from source-address 10.10.250.0/23
set firewall filter ProtectRE term 1 from source-address 202.166.220.1/32
set firewall filter ProtectRE term 1 then accept
set firewall filter ProtectRE term 2 from tcp-established
set firewall filter ProtectRE term 2 then accept
set firewall filter ProtectRE term 3 from destination-port bgp
set firewall filter ProtectRE term 3 then accept
set firewall filter ProtectRE term 4 from protocol icmp
set firewall filter ProtectRE term 4 from protocol ospf
set firewall filter ProtectRE term 4 then accept
set firewall filter ProtectRE term 5 then count ProtectRE
set firewall filter ProtectRE term 5 then log
set firewall filter ProtectRE term 5 then discard
set firewall filter ALLOW-DHCP term dhcp-client-accept from source-address
0.0.0.0/32
set firewall filter ALLOW-DHCP term dhcp-client-accept from destination-address
255.255.255.255/32
set firewall filter ALLOW-DHCP term dhcp-client-accept from protocol udp
set firewall filter ALLOW-DHCP term dhcp-client-accept from source-port 68
set firewall filter ALLOW-DHCP term dhcp-client-accept from destination-port 67
set firewall filter ALLOW-DHCP term dhcp-client-accept then accept
set firewall filter ALLOW-DHCP term dhcp-server-accept from protocol udp
set firewall filter ALLOW-DHCP term dhcp-server-accept from source-port 67
set firewall filter ALLOW-DHCP term dhcp-server-accept from source-port 68
set firewall filter ALLOW-DHCP term dhcp-server-accept from destination-port 67
set firewall filter ALLOW-DHCP term dhcp-server-accept from destination-port 68
set firewall filter ALLOW-DHCP term dhcp-server-accept then accept
set access domain-name-server 202.79.32.4
set access domain-name-server-inet 202.79.32.4
set access domain-name-server-inet6 2400:1a00:0:32::165
set access domain-name-server-inet6 2400:1a00:8000:4::73
set access profile Rad authentication-order radius
set access profile Rad radius authentication-server 202.79.32.202
set access profile Rad radius accounting-server 202.79.32.202
set access profile Rad radius options client-authentication-algorithm round-robin
set access profile Rad radius options client-accounting-algorithm round-robin
set access profile Rad session-options client-idle-timeout 10
deactivate access profile Rad session-options client-idle-timeout
set access profile Rad radius-server 202.79.32.51 port 1649
set access profile Rad radius-server 202.79.32.51 accounting-port 1650
set access profile Rad radius-server 202.79.32.51 secret "$9$NB-sg4aUDHmYgGj"
set access profile Rad radius-server 202.79.32.51 max-outstanding-requests 2000
set access profile Rad radius-server 202.79.32.51 source-address 202.166.192.34
set access profile Rad radius-server 202.79.32.201 port 1649
set access profile Rad radius-server 202.79.32.201 accounting-port 1650
set access profile Rad radius-server 202.79.32.201 secret "$9$.mQ3n/tpORz3Au"
set access profile Rad radius-server 202.79.32.201 max-outstanding-requests 2000
set access profile Rad radius-server 202.79.32.201 source-address 202.166.192.34
set access profile Rad radius-server 10.21.8.10 port 1812
set access profile Rad radius-server 10.21.8.10 accounting-port 1813
set access profile Rad radius-server 10.21.8.10 secret
"$9$4OaDiqmTzF/Ygi.P5/9KM8xVwgoJjik"
set access profile Rad radius-server 10.21.8.10 max-outstanding-requests 2000
set access profile Rad radius-server 10.21.8.10 source-address 202.166.192.34
set access profile Rad radius-server 202.79.32.202 port 1649
set access profile Rad radius-server 202.79.32.202 accounting-port 1650
set access profile Rad radius-server 202.79.32.202 secret "$9$.mQ3n/tpORz3Au"
set access profile Rad radius-server 202.79.32.202 max-outstanding-requests 2000
set access profile Rad radius-server 202.79.32.202 source-address 202.166.192.34
set access profile Rad radius-server 202.79.32.224 port 1649
set access profile Rad radius-server 202.79.32.224 accounting-port 1650
set access profile Rad radius-server 202.79.32.224 secret "$9$.mQ3n/tpORz3Au"
set access profile Rad radius-server 202.79.32.224 max-outstanding-requests 2000
set access profile Rad radius-server 202.79.32.224 source-address 202.166.192.34
set access profile Rad radius-server 202.79.32.222 port 1812
set access profile Rad radius-server 202.79.32.222 accounting-port 1813
set access profile Rad radius-server 202.79.32.222 secret "$9$.mQ3n/tpORz3Au"
set access profile Rad radius-server 202.79.32.222 max-outstanding-requests 2000
set access profile Rad radius-server 202.79.32.222 source-address 202.166.192.34
set access profile Rad accounting order radius
set access profile Rad accounting accounting-stop-on-failure
set access profile Rad accounting accounting-stop-on-access-deny
deactivate access profile Rad accounting accounting-stop-on-access-deny
set access profile Rad accounting immediate-update
deactivate access profile Rad accounting immediate-update
set access profile Rad accounting coa-immediate-update
set access profile Rad accounting statistics volume-time
set access address-assignment pool safenet-pool family inet network 124.41.255.0/24
set access address-assignment pool safenet-pool family inet range 0-255 low
124.41.255.2
set access address-assignment pool safenet-pool family inet range 0-255 high
124.41.255.254
set access address-assignment pool safenet-pool family inet dhcp-attributes
maximum-lease-time 3600
set access address-assignment pool safenet-pool family inet dhcp-attributes router
124.41.255.1
set access address-assignment pool Default-v6-pool family inet6 prefix
2400:1a00:8001:1::/64
set access address-assignment pool Default-v6-pool family inet6 range 0-ffff low
2400:1a00:8001:1::2/128
set access address-assignment pool Default-v6-pool family inet6 range 0-ffff high
2400:1a00:8001:1:ffff:ffff:ffff:ffff/128
set access address-assignment pool Default-v6-pool family inet6 dhcp-attributes
dns-server 2400:1a00:0:32::165
set access address-assignment pool Default-v6-pool family inet6 dhcp-attributes
dns-server 2400:1a00:8000:4::73
set access address-assignment pool Default-v6-pool family inet6 dhcp-attributes
valid-lifetime 4800
set access address-assignment pool Default-v6-pool family inet6 dhcp-attributes
preferred-lifetime 3600
set access address-assignment pool Default-v6-pd-pool family inet6 prefix
2400:1a00:8002::/48
set access address-assignment pool Default-v6-pd-pool family inet6 range v6-pd
prefix-length 64
set access address-assignment pool Default-v6-pd-pool family inet6 dhcp-attributes
dns-server 2400:1a00:0:32::165
set access address-assignment pool Default-v6-pd-pool family inet6 dhcp-attributes
dns-server 2400:1a00:8000:4::73
set access address-assignment pool Default-v6-pd-pool family inet6 dhcp-attributes
valid-lifetime 4800
set access address-assignment pool Default-v6-pd-pool family inet6 dhcp-attributes
preferred-lifetime 3600
set access address-assignment pool default-pool family inet network 192.168.0.0/24
set access address-assignment pool default-pool family inet range 0-255 low
192.168.0.2
set access address-assignment pool default-pool family inet range 0-255 high
192.168.0.254
set access address-assignment pool default-pool family inet dhcp-attributes
maximum-lease-time 3600
set access address-assignment pool default-pool family inet dhcp-attributes router
192.168.0.1
set routing-options rib inet6.0 static route 2400:1a00:8002::/48 discard
set routing-options static route 124.41.255.0/24 discard
set routing-options static route 172.16.0.0/12 discard
set routing-options static route 172.16.0.0/12 no-readvertise
set routing-options static route 10.0.0.0/8 discard
set routing-options static route 10.0.0.0/8 no-readvertise
set routing-options static route 192.168.0.0/16 discard
set routing-options static route 192.168.0.0/16 no-readvertise
set routing-options static route 10.21.8.10/32 next-hop 202.79.40.7
set routing-options router-id 202.166.192.34
set routing-options autonomous-system 17501
set protocols ospf area 0.0.0.1 interface lo0.0 passive
set protocols ospf area 0.0.0.1 interface xe-1/0/0:0.0 interface-type p2p
deactivate protocols ospf
set protocols bgp group gw-jwl-stc-01 type internal
set protocols bgp group gw-jwl-stc-01 local-address 202.166.220.2
set protocols bgp group gw-jwl-stc-01 import import-routes
set protocols bgp group gw-jwl-stc-01 export next-hop-self
set protocols bgp group gw-jwl-stc-01 export outbound-route
set protocols bgp group gw-jwl-stc-01 local-as 17501
set protocols bgp group gw-jwl-stc-01 neighbor 202.166.220.1
set protocols ldp explicit-null
set protocols ldp transport-address router-id
set protocols ldp interface xe-1/0/0:0.0
set protocols ldp interface xe-2/1/0.0
set protocols ldp interface lo0.0
set protocols ospf3 area 0.0.0.1 interface lo0.0
set protocols ospf3 area 0.0.0.1 interface xe-1/0/0:0.0 interface-type p2p
set protocols lldp interface all
set dynamic-profiles FtthZoom-svlan-profile routing-instances "$junos-routing-
instance" interface "$junos-interface-name"
set dynamic-profiles FtthZoom-svlan-profile interfaces demux0 unit "$junos-
interface-unit" vlan-tags outer "$junos-stacked-vlan-id"
set dynamic-profiles FtthZoom-svlan-profile interfaces demux0 unit "$junos-
interface-unit" vlan-tags inner "$junos-vlan-id"
set dynamic-profiles FtthZoom-svlan-profile interfaces demux0 unit "$junos-
interface-unit" demux-options underlying-interface "$junos-interface-ifd-name"
set dynamic-profiles FtthZoom-svlan-profile interfaces demux0 unit "$junos-
interface-unit" family pppoe access-concentrator FtthZoom
set dynamic-profiles FtthZoom-svlan-profile interfaces demux0 unit "$junos-
interface-unit" family pppoe duplicate-protection
set dynamic-profiles FtthZoom-svlan-profile interfaces demux0 unit "$junos-
interface-unit" family pppoe dynamic-profile FtthZoom-pp0
set dynamic-profiles FtthZoom-svlan-profile interfaces demux0 unit "$junos-
interface-unit" family pppoe short-cycle-protection lockout-time-min 2
set dynamic-profiles FtthZoom-svlan-profile interfaces demux0 unit "$junos-
interface-unit" family pppoe short-cycle-protection lockout-time-max 1800
set dynamic-profiles wlink-dynamic-prof variables bandwidth default-value 10m
set dynamic-profiles wlink-dynamic-prof variables bandwidth mandatory
set dynamic-profiles wlink-dynamic-prof variables burst default-value 1280000
set dynamic-profiles wlink-dynamic-prof variables burst mandatory
set dynamic-profiles wlink-dynamic-prof variables filter-out uid
set dynamic-profiles wlink-dynamic-prof variables filter-in uid
set dynamic-profiles wlink-dynamic-prof variables pol-out uid
set dynamic-profiles wlink-dynamic-prof variables pol-in uid
set dynamic-profiles wlink-dynamic-prof variables filter-out-v6 uid
set dynamic-profiles wlink-dynamic-prof variables filter-in-v6 uid
set dynamic-profiles wlink-dynamic-prof variables iptv-bandwidth equals
"($bandwidth)/2"
set dynamic-profiles wlink-dynamic-prof variables iptv-bandwidth uid
deactivate dynamic-profiles wlink-dynamic-prof variables iptv-bandwidth
set dynamic-profiles wlink-dynamic-prof variables iptv-burst equals "($burst)/2"
set dynamic-profiles wlink-dynamic-prof variables iptv-burst uid
deactivate dynamic-profiles wlink-dynamic-prof variables iptv-burst
set dynamic-profiles wlink-dynamic-prof variables pol-iptv-out uid
set dynamic-profiles wlink-dynamic-prof variables pol-iptv-in uid
set dynamic-profiles wlink-dynamic-prof interfaces demux0 unit "$junos-interface-
unit" family inet filter input "$filter-in"
set dynamic-profiles wlink-dynamic-prof interfaces demux0 unit "$junos-interface-
unit" family inet filter input precedence 100
set dynamic-profiles wlink-dynamic-prof interfaces demux0 unit "$junos-interface-
unit" family inet filter output "$filter-out"
set dynamic-profiles wlink-dynamic-prof interfaces demux0 unit "$junos-interface-
unit" family inet filter output precedence 100
set dynamic-profiles wlink-dynamic-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 filter input "$filter-in-v6"
set dynamic-profiles wlink-dynamic-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 filter input precedence 100
set dynamic-profiles wlink-dynamic-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 filter output "$filter-out-v6"
set dynamic-profiles wlink-dynamic-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 filter output precedence 100
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
interface-specific
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
term NETTV-DESTINATION from destination-prefix-list IPTV-EDGE-SERVERS
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
term NETTV-DESTINATION then policer "$pol-iptv-in"
deactivate dynamic-profiles wlink-dynamic-prof firewall family inet filter
"$filter-in" term NETTV-DESTINATION then policer
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
term NETTV-DESTINATION then accept
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
term DNS from destination-port 53
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
term DNS then policer 32k
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
term DNS then next term
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
term internet-traffic then policer "$pol-in"
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
term internet-traffic then service-accounting
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-in"
term internet-traffic then accept
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-out"
interface-specific
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-out"
term NETTV-SOURCE from source-prefix-list IPTV-EDGE-SERVERS
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-out"
term NETTV-SOURCE then policer "$pol-iptv-out"
deactivate dynamic-profiles wlink-dynamic-prof firewall family inet filter
"$filter-out" term NETTV-SOURCE then policer
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-out"
term NETTV-SOURCE then accept
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-out"
term internet-traffic then policer "$pol-out"
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-out"
term internet-traffic then service-accounting
set dynamic-profiles wlink-dynamic-prof firewall family inet filter "$filter-out"
term internet-traffic then accept
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-in-
v6" interface-specific
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-in-
v6" term DNS-v6 from destination-port 53
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-in-
v6" term DNS-v6 then policer 32k
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-in-
v6" term DNS-v6 then next term
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-in-
v6" term internet-traffic then policer "$pol-in"
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-in-
v6" term internet-traffic then service-accounting
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-in-
v6" term internet-traffic then accept
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-out-
v6" interface-specific
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-out-
v6" term internet-traffic then policer "$pol-out"
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-out-
v6" term internet-traffic then service-accounting
set dynamic-profiles wlink-dynamic-prof firewall family inet6 filter "$filter-out-
v6" term internet-traffic then accept
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-iptv-in" filter-
specific
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-iptv-in" if-
exceeding bandwidth-limit "$iptv-bandwidth"
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-iptv-in" if-
exceeding burst-size-limit "$iptv-burst"
deactivate dynamic-profiles wlink-dynamic-prof firewall policer "$pol-iptv-in"
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-iptv-out" filter-
specific
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-iptv-out" if-
exceeding bandwidth-limit "$iptv-bandwidth"
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-iptv-out" if-
exceeding burst-size-limit "$iptv-burst"
deactivate dynamic-profiles wlink-dynamic-prof firewall policer "$pol-iptv-out"
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-out" filter-specific
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-out" logical-
interface-policer
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-out" if-exceeding
bandwidth-limit "$bandwidth"
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-out" if-exceeding
burst-size-limit "$burst"
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-out" then discard
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-in" filter-specific
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-in" logical-
interface-policer
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-in" if-exceeding
bandwidth-limit "$bandwidth"
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-in" if-exceeding
burst-size-limit "$burst"
set dynamic-profiles wlink-dynamic-prof firewall policer "$pol-in" then discard
set dynamic-profiles FtthZoom-svlan-prof routing-instances "$junos-routing-
instance" interface "$junos-interface-name"
set dynamic-profiles FtthZoom-svlan-prof interfaces demux0 interface-mib
set dynamic-profiles FtthZoom-svlan-prof interfaces demux0 unit "$junos-interface-
unit" proxy-arp unrestricted
set dynamic-profiles FtthZoom-svlan-prof interfaces demux0 unit "$junos-interface-
unit" vlan-tags outer "$junos-stacked-vlan-id"
set dynamic-profiles FtthZoom-svlan-prof interfaces demux0 unit "$junos-interface-
unit" vlan-tags inner "$junos-vlan-id"
set dynamic-profiles FtthZoom-svlan-prof interfaces demux0 unit "$junos-interface-
unit" demux-options underlying-interface "$junos-underlying-interface"
set dynamic-profiles FtthZoom-svlan-prof interfaces demux0 unit "$junos-interface-
unit" family inet unnumbered-address "$junos-loopback-interface"
set dynamic-profiles FtthZoom-svlan-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 unnumbered-address "$junos-loopback-interface"
set dynamic-profiles FtthZoom-svlan-prof protocols router-advertisement interface
"$junos-interface-name" max-advertisement-interval 15
set dynamic-profiles FtthZoom-svlan-prof protocols router-advertisement interface
"$junos-interface-name" min-advertisement-interval 10
set dynamic-profiles FtthZoom-svlan-prof protocols router-advertisement interface
"$junos-interface-name" managed-configuration
set dynamic-profiles FtthZoom-svlan-prof protocols router-advertisement interface
"$junos-interface-name" dns-server-address 2400:1a00:0:32::165 lifetime 180
set dynamic-profiles FtthZoom routing-instances "$junos-routing-instance" interface
"$junos-interface-name"
set dynamic-profiles FtthZoom interfaces demux0 unit "$junos-interface-unit" vlan-
id "$junos-vlan-id"
set dynamic-profiles FtthZoom interfaces demux0 unit "$junos-interface-unit" demux-
options underlying-interface "$junos-interface-ifd-name"
set dynamic-profiles FtthZoom interfaces demux0 unit "$junos-interface-unit" family
pppoe access-concentrator FtthZoom
set dynamic-profiles FtthZoom interfaces demux0 unit "$junos-interface-unit" family
pppoe duplicate-protection
set dynamic-profiles FtthZoom interfaces demux0 unit "$junos-interface-unit" family
pppoe dynamic-profile FtthZoom-pp0
set dynamic-profiles FtthZoom interfaces demux0 unit "$junos-interface-unit" family
pppoe short-cycle-protection lockout-time-min 2
set dynamic-profiles FtthZoom interfaces demux0 unit "$junos-interface-unit" family
pppoe short-cycle-protection lockout-time-max 1800
set dynamic-profiles FtthZoom-pp0 routing-instances "$junos-routing-instance"
interface "$junos-interface-name"
set dynamic-profiles FtthZoom-pp0 interfaces pp0 interface-mib
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit" ppp-
options pap
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit" ppp-
options authentication pap
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit" ppp-
options ipcp-suggest-dns-option
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit"
pppoe-options underlying-interface "$junos-underlying-interface"
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit"
pppoe-options server
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit"
keepalives interval 30
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit"
family inet rpf-check
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit"
family inet unnumbered-address lo0.0
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit"
family inet6 rpf-check
set dynamic-profiles FtthZoom-pp0 interfaces pp0 unit "$junos-interface-unit"
family inet6 address $junos-ipv6-address
set dynamic-profiles FtthZoom-pp0 protocols router-advertisement interface "$junos-
interface-name" dns-server-address 2400:1a00:8000:4::73 lifetime 1800
set dynamic-profiles FtthZoom-pp0 protocols router-advertisement interface "$junos-
interface-name" prefix $junos-ipv6-ndra-prefix
set dynamic-profiles wlink-default-prof predefined-variable-defaults cos-scheduler-
map SCHED-MAP-DEFAULT
set dynamic-profiles wlink-default-prof routing-instances "$junos-routing-instance"
interface "$junos-interface-name"
set dynamic-profiles wlink-default-prof interfaces demux0 unit "$junos-interface-
unit" family inet unnumbered-address "$junos-loopback-interface"
set dynamic-profiles wlink-default-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 unnumbered-address "$junos-loopback-interface"
set dynamic-profiles wlink-default-prof class-of-service traffic-control-profiles
TC-PROFILE-01 scheduler-map "$junos-cos-scheduler-map"
set dynamic-profiles wlink-default-prof class-of-service interfaces "$junos-
interface-ifd-name" unit "$junos-interface-unit" output-traffic-control-profile TC-
PROFILE-01
set dynamic-profiles wlink-default-prof class-of-service interfaces "$junos-
interface-ifd-name" unit "$junos-interface-unit" rewrite-rules ieee-802.1 pbit-
rewrite
set dynamic-profiles wlink-default-prof class-of-service interfaces "$junos-
interface-ifd-name" unit "$junos-interface-unit" rewrite-rules ieee-802.1 vlan-tag
outer-and-inner
set dynamic-profiles wlink-default-prof class-of-service scheduler-maps SCHED-MAP-
DEFAULT forwarding-class INTERNET scheduler SCHED-INTERNET
set dynamic-profiles wlink-default-prof class-of-service scheduler-maps SCHED-MAP-
DEFAULT forwarding-class IPTV scheduler SCHED-IPTV
set dynamic-profiles wlink-default-prof class-of-service scheduler-maps SCHED-MAP-
DEFAULT forwarding-class NC scheduler SCHED-NC
set dynamic-profiles wlink-default-prof class-of-service schedulers SCHED-INTERNET
priority low
set dynamic-profiles wlink-default-prof class-of-service schedulers SCHED-IPTV
priority high
set dynamic-profiles wlink-default-prof class-of-service schedulers SCHED-NC
priority high
set dynamic-profiles dynamic-profiles
set dynamic-profiles wlink-pppoe-prof variables bandwidth default-value 10m
set dynamic-profiles wlink-pppoe-prof variables bandwidth mandatory
set dynamic-profiles wlink-pppoe-prof variables burst default-value 1280000
set dynamic-profiles wlink-pppoe-prof variables burst mandatory
set dynamic-profiles wlink-pppoe-prof variables filter-out uid
set dynamic-profiles wlink-pppoe-prof variables filter-in uid
set dynamic-profiles wlink-pppoe-prof variables pol-in uid
set dynamic-profiles wlink-pppoe-prof variables pol-out uid
set dynamic-profiles wlink-pppoe-prof variables filter-in-v6 uid
set dynamic-profiles wlink-pppoe-prof variables filter-out-v6 uid
set dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-unit"
targeted-distribution
deactivate dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-
unit" targeted-distribution
set dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-unit"
family inet filter input "$filter-in"
set dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-unit"
family inet filter input precedence 100
set dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-unit"
family inet filter output "$filter-out"
set dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-unit"
family inet filter output precedence 100
set dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-unit"
family inet6 filter input "$filter-in-v6"
set dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-unit"
family inet6 filter input precedence 100
set dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-unit"
family inet6 filter output "$filter-out-v6"
set dynamic-profiles wlink-pppoe-prof interfaces pp0 unit "$junos-interface-unit"
family inet6 filter output precedence 100
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-in"
interface-specific
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-in" term
DNS from destination-port 53
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-in" term
DNS then policer 32k
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-in" term
DNS then next term
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-in" term
internet-traffic then policer "$pol-in"
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-in" term
internet-traffic then service-accounting
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-in" term
internet-traffic then accept
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-out"
interface-specific
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-out"
term internet-traffic then policer "$pol-out"
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-out"
term internet-traffic then service-accounting
set dynamic-profiles wlink-pppoe-prof firewall family inet filter "$filter-out"
term internet-traffic then accept
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-in-v6"
interface-specific
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-in-v6"
term DNS-v6 from destination-port 53
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-in-v6"
term DNS-v6 then policer 32k
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-in-v6"
term DNS-v6 then next term
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-in-v6"
term internet-traffic then policer "$pol-in"
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-in-v6"
term internet-traffic then service-accounting
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-in-v6"
term internet-traffic then accept
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-out-v6"
interface-specific
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-out-v6"
term internet-traffic then policer "$pol-out"
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-out-v6"
term internet-traffic then service-accounting
set dynamic-profiles wlink-pppoe-prof firewall family inet6 filter "$filter-out-v6"
term internet-traffic then accept
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-in" filter-specific
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-in" logical-interface-
policer
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-in" if-exceeding
bandwidth-limit "$bandwidth"
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-in" if-exceeding
burst-size-limit "$burst"
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-in" then discard
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-out" filter-specific
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-out" logical-
interface-policer
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-out" if-exceeding
bandwidth-limit "$bandwidth"
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-out" if-exceeding
burst-size-limit "$burst"
set dynamic-profiles wlink-pppoe-prof firewall policer "$pol-out" then discard
set dynamic-profiles wlink-stb-int-prof variables bandwidth default-value 10m
set dynamic-profiles wlink-stb-int-prof variables bandwidth mandatory
set dynamic-profiles wlink-stb-int-prof variables burst default-value 1280000
set dynamic-profiles wlink-stb-int-prof variables burst mandatory
set dynamic-profiles wlink-stb-int-prof variables filter-out uid
set dynamic-profiles wlink-stb-int-prof variables filter-in uid
set dynamic-profiles wlink-stb-int-prof variables pol-out uid
set dynamic-profiles wlink-stb-int-prof variables pol-in uid
set dynamic-profiles wlink-stb-int-prof variables filter-out-v6 uid
set dynamic-profiles wlink-stb-int-prof variables filter-in-v6 uid
set dynamic-profiles wlink-stb-int-prof interfaces demux0 unit "$junos-interface-
unit" family inet filter input "$filter-in"
set dynamic-profiles wlink-stb-int-prof interfaces demux0 unit "$junos-interface-
unit" family inet filter input precedence 100
set dynamic-profiles wlink-stb-int-prof interfaces demux0 unit "$junos-interface-
unit" family inet filter output "$filter-out"
set dynamic-profiles wlink-stb-int-prof interfaces demux0 unit "$junos-interface-
unit" family inet filter output precedence 100
set dynamic-profiles wlink-stb-int-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 filter input "$filter-in-v6"
set dynamic-profiles wlink-stb-int-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 filter input precedence 100
set dynamic-profiles wlink-stb-int-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 filter output "$filter-out-v6"
set dynamic-profiles wlink-stb-int-prof interfaces demux0 unit "$junos-interface-
unit" family inet6 filter output precedence 100
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-in"
interface-specific
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-in"
term DNS from destination-port 53
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-in"
term DNS then policer 32k
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-in"
term DNS then next term
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-in"
term internet-traffic then policer "$pol-in"
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-in"
term internet-traffic then service-accounting
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-in"
term internet-traffic then accept
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-out"
interface-specific
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-out"
term internet-traffic then policer "$pol-out"
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-out"
term internet-traffic then service-accounting
set dynamic-profiles wlink-stb-int-prof firewall family inet filter "$filter-out"
term internet-traffic then accept
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-in-
v6" interface-specific
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-in-
v6" term DNS-v6 from destination-port 53
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-in-
v6" term DNS-v6 then policer 32k
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-in-
v6" term DNS-v6 then next term
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-in-
v6" term internet-traffic then policer "$pol-in"
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-in-
v6" term internet-traffic then service-accounting
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-in-
v6" term internet-traffic then accept
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-out-
v6" interface-specific
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-out-
v6" term internet-traffic then policer "$pol-out"
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-out-
v6" term internet-traffic then service-accounting
set dynamic-profiles wlink-stb-int-prof firewall family inet6 filter "$filter-out-
v6" term internet-traffic then accept
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-in" filter-specific
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-in" logical-
interface-policer
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-in" if-exceeding
bandwidth-limit "$bandwidth"
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-in" if-exceeding
burst-size-limit "$burst"
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-in" then discard
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-out" filter-specific
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-out" logical-
interface-policer
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-out" if-exceeding
bandwidth-limit "$bandwidth"
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-out" if-exceeding
burst-size-limit "$burst"
set dynamic-profiles wlink-stb-int-prof firewall policer "$pol-out" then discard
set dynamic-profiles wlink-single-pipe-prof variables bandwidth default-value 10m
set dynamic-profiles wlink-single-pipe-prof variables bandwidth mandatory
set dynamic-profiles wlink-single-pipe-prof variables burst default-value 1280000
set dynamic-profiles wlink-single-pipe-prof variables burst mandatory
set dynamic-profiles wlink-single-pipe-prof variables filter-out uid
set dynamic-profiles wlink-single-pipe-prof variables filter-in uid
set dynamic-profiles wlink-single-pipe-prof variables pol-out uid
set dynamic-profiles wlink-single-pipe-prof variables pol-in uid
set dynamic-profiles wlink-single-pipe-prof variables filter-out-v6 uid
set dynamic-profiles wlink-single-pipe-prof variables filter-in-v6 uid
set dynamic-profiles wlink-single-pipe-prof interfaces demux0 unit "$junos-
interface-unit" family inet filter input "$filter-in"
set dynamic-profiles wlink-single-pipe-prof interfaces demux0 unit "$junos-
interface-unit" family inet filter input precedence 100
set dynamic-profiles wlink-single-pipe-prof interfaces demux0 unit "$junos-
interface-unit" family inet filter output "$filter-out"
set dynamic-profiles wlink-single-pipe-prof interfaces demux0 unit "$junos-
interface-unit" family inet filter output precedence 100
set dynamic-profiles wlink-single-pipe-prof interfaces demux0 unit "$junos-
interface-unit" family inet6 filter input "$filter-in-v6"
set dynamic-profiles wlink-single-pipe-prof interfaces demux0 unit "$junos-
interface-unit" family inet6 filter input precedence 100
set dynamic-profiles wlink-single-pipe-prof interfaces demux0 unit "$junos-
interface-unit" family inet6 filter output "$filter-out-v6"
set dynamic-profiles wlink-single-pipe-prof interfaces demux0 unit "$junos-
interface-unit" family inet6 filter output precedence 100
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
in" interface-specific
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
in" term DNS from destination-port 53
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
in" term DNS then policer 32k
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
in" term DNS then next term
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
in" term internet-traffic then policer "$pol-in"
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
in" term internet-traffic then service-accounting
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
in" term internet-traffic then accept
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
out" interface-specific
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
out" term internet-traffic then policer "$pol-out"
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
out" term internet-traffic then service-accounting
set dynamic-profiles wlink-single-pipe-prof firewall family inet filter "$filter-
out" term internet-traffic then accept
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
in-v6" interface-specific
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
in-v6" term DNS-v6 from destination-port 53
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
in-v6" term DNS-v6 then policer 32k
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
in-v6" term DNS-v6 then next term
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
in-v6" term internet-traffic then policer "$pol-in"
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
in-v6" term internet-traffic then service-accounting
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
in-v6" term internet-traffic then accept
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
out-v6" interface-specific
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
out-v6" term internet-traffic then policer "$pol-out"
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
out-v6" term internet-traffic then service-accounting
set dynamic-profiles wlink-single-pipe-prof firewall family inet6 filter "$filter-
out-v6" term internet-traffic then accept
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-in" filter-
specific
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-in" logical-
interface-policer
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-in" if-exceeding
bandwidth-limit "$bandwidth"
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-in" if-exceeding
burst-size-limit "$burst"
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-in" then discard
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-out" filter-
specific
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-out" logical-
interface-policer
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-out" if-
exceeding bandwidth-limit "$bandwidth"
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-out" if-
exceeding burst-size-limit "$burst"
set dynamic-profiles wlink-single-pipe-prof firewall policer "$pol-out" then
discard

RHCSA - 9 - Exam - Question - 06 - 2023 - UPDATE
No ratings yet
RHCSA - 9 - Exam - Question - 06 - 2023 - UPDATE
11 pages
Rhcsa Ex200 Practice Paper - 1494511722571
50% (6)
Rhcsa Ex200 Practice Paper - 1494511722571
68 pages
Linuxnotes
No ratings yet
Linuxnotes
17 pages
AZ 104T00A ENU PowerPoint - 04
100% (1)
AZ 104T00A ENU PowerPoint - 04
36 pages
Lista de Carding Foro
100% (2)
Lista de Carding Foro
22 pages
Cli Console
No ratings yet
Cli Console
190 pages
Configuracion Por Comandos de Olt Huawei EA 5801E
0% (1)
Configuracion Por Comandos de Olt Huawei EA 5801E
14 pages
Fortinet Basic and Fundamentals
0% (1)
Fortinet Basic and Fundamentals
93 pages
Bras Lab 01 - 9 13 21
No ratings yet
Bras Lab 01 - 9 13 21
54 pages
Check Point Gateway
No ratings yet
Check Point Gateway
8 pages
Dhdoh016jnr01 Dhk4294 Tbl
No ratings yet
Dhdoh016jnr01 Dhk4294 Tbl
25 pages
389 Directory Server
No ratings yet
389 Directory Server
24 pages
BCSL 63
No ratings yet
BCSL 63
8 pages
Servicios Compartidos - Visa
No ratings yet
Servicios Compartidos - Visa
18 pages
Dnsmasq
No ratings yet
Dnsmasq
10 pages
Ex4600 Core Switch Template 1.3
No ratings yet
Ex4600 Core Switch Template 1.3
26 pages
Samba LDAP PDC Complete Tutorial
No ratings yet
Samba LDAP PDC Complete Tutorial
11 pages
Fgt50e Gye Plantilla - Nat
No ratings yet
Fgt50e Gye Plantilla - Nat
113 pages
VM FROM SCRATCH
No ratings yet
VM FROM SCRATCH
10 pages
N - FortiGate 200a Configuration
No ratings yet
N - FortiGate 200a Configuration
100 pages
Booti
No ratings yet
Booti
5 pages
ST Asd Cra23 Bta
No ratings yet
ST Asd Cra23 Bta
6 pages
Rhcsa Updated 2019
No ratings yet
Rhcsa Updated 2019
28 pages
Packet
No ratings yet
Packet
33 pages
BB AIO 2p$
No ratings yet
BB AIO 2p$
9 pages
Commands I Used in CLI
No ratings yet
Commands I Used in CLI
5 pages
BvSshServer20220223-171835379-P0100
No ratings yet
BvSshServer20220223-171835379-P0100
17 pages
BvSshServer20220222-094711093-P0100
No ratings yet
BvSshServer20220222-094711093-P0100
32 pages
BvSshServer20220218-183946695-P0100
No ratings yet
BvSshServer20220218-183946695-P0100
12 pages
Linux Administration Soft
No ratings yet
Linux Administration Soft
14 pages
8-linux-commands (11)
No ratings yet
8-linux-commands (11)
7 pages
Cerberus
No ratings yet
Cerberus
5 pages
linux practical
No ratings yet
linux practical
81 pages
FREEIPA
No ratings yet
FREEIPA
3 pages
Pim Sparse Mode With Snat Potential Bug
No ratings yet
Pim Sparse Mode With Snat Potential Bug
261 pages
conf-T6P
No ratings yet
conf-T6P
15 pages
Postgresql13 Conf
No ratings yet
Postgresql13 Conf
15 pages
2020 11 18.17 26 26.yn4 A1 - 1f Oa JR 01 s5735 l24p4s b1 15u#
No ratings yet
2020 11 18.17 26 26.yn4 A1 - 1f Oa JR 01 s5735 l24p4s b1 15u#
11 pages
CENTOS
No ratings yet
CENTOS
32 pages
5508_AmanTripathi_Lsa
No ratings yet
5508_AmanTripathi_Lsa
47 pages
interface Ethernet
No ratings yet
interface Ethernet
4 pages
MONTERREY
No ratings yet
MONTERREY
18 pages
Tac Plus Config
No ratings yet
Tac Plus Config
3 pages
Console Output CLI Console
No ratings yet
Console Output CLI Console
141 pages
Vedge 22
No ratings yet
Vedge 22
3 pages
Comandos Ccna Security
No ratings yet
Comandos Ccna Security
26 pages
Comandos Alcatel
No ratings yet
Comandos Alcatel
45 pages
Domain Name Server (DNS) Configuration and Administration
No ratings yet
Domain Name Server (DNS) Configuration and Administration
8 pages
1paper 7
No ratings yet
1paper 7
11 pages
Template Config Alu7750 BNG - DHCP Relay - Radius Auth.
No ratings yet
Template Config Alu7750 BNG - DHCP Relay - Radius Auth.
7 pages
SIC Manual
No ratings yet
SIC Manual
22 pages
1 - How To Install Tacacs
No ratings yet
1 - How To Install Tacacs
11 pages
Linux
No ratings yet
Linux
5 pages
GWL Audit Rules
No ratings yet
GWL Audit Rules
2 pages
IZTAPALAPA
No ratings yet
IZTAPALAPA
21 pages
028 Net SR1 Final
No ratings yet
028 Net SR1 Final
5 pages
Unix Toolbox: 1 System
No ratings yet
Unix Toolbox: 1 System
48 pages
aggrDP117-1 Ord6
No ratings yet
aggrDP117-1 Ord6
11 pages
Hack Sheet
100% (1)
Hack Sheet
3 pages
Exam 1
100% (2)
Exam 1
11 pages
Router Challenge 195
No ratings yet
Router Challenge 195
28 pages
AAA
No ratings yet
AAA
9 pages
How to a Developers Guide to 4k: Developer edition, #3
From Everand
How to a Developers Guide to 4k: Developer edition, #3
Xinc Cyberwizard
No ratings yet
Multiple Choice Questions (New)
No ratings yet
Multiple Choice Questions (New)
4 pages
CCNA 2 (v5.1 + v6.0) Chapter 2 Exam Answers Full PDF
No ratings yet
CCNA 2 (v5.1 + v6.0) Chapter 2 Exam Answers Full PDF
22 pages
NETWK2 - Documentation Format
No ratings yet
NETWK2 - Documentation Format
4 pages
Rl8008es Epon Olt
No ratings yet
Rl8008es Epon Olt
3 pages
Types of Network Interface Cards
No ratings yet
Types of Network Interface Cards
2 pages
Web Technology Notes Btech Csvtu 6th Sem
No ratings yet
Web Technology Notes Btech Csvtu 6th Sem
14 pages
Spanning Tree Protocol
No ratings yet
Spanning Tree Protocol
30 pages
AG 110 SIP User Manual V070427 en
No ratings yet
AG 110 SIP User Manual V070427 en
34 pages
B Cisco Nexus 9000 Series NX-OS Quality of Service Configuration Guide 7x
No ratings yet
B Cisco Nexus 9000 Series NX-OS Quality of Service Configuration Guide 7x
220 pages
Datasheet - Ucm6510 - English (PABX)
No ratings yet
Datasheet - Ucm6510 - English (PABX)
2 pages
ANOME Moshell
No ratings yet
ANOME Moshell
47 pages
Introduction To Nmap Scripting Engine
No ratings yet
Introduction To Nmap Scripting Engine
7 pages
1 PDF
No ratings yet
1 PDF
1 page
Syllabus CST 476 MC
No ratings yet
Syllabus CST 476 MC
9 pages
Basics of Networking
100% (2)
Basics of Networking
169 pages
CNLABFINAL (v2) PDF
No ratings yet
CNLABFINAL (v2) PDF
36 pages
Summit 48 Si
No ratings yet
Summit 48 Si
5 pages
Tle-12 q1 Las Css Wk8day1
No ratings yet
Tle-12 q1 Las Css Wk8day1
7 pages
Course Outline Switching and Routing
100% (1)
Course Outline Switching and Routing
4 pages
How To Connect A Domain Name To A Hosting Account or A Serve PDF
No ratings yet
How To Connect A Domain Name To A Hosting Account or A Serve PDF
12 pages
Add Devices and Connect Cables Configure Pcs Configure R1 Configure R2 Save The Packet Tracer File
No ratings yet
Add Devices and Connect Cables Configure Pcs Configure R1 Configure R2 Save The Packet Tracer File
12 pages
Sybex CCNA 640-802: Chapter 7: Managing A Cisco Internetwork
No ratings yet
Sybex CCNA 640-802: Chapter 7: Managing A Cisco Internetwork
33 pages
Axlfbkeipef: Axioline F Bus Coupler For Ethernet/Ip™, Extended Function
No ratings yet
Axlfbkeipef: Axioline F Bus Coupler For Ethernet/Ip™, Extended Function
21 pages
KS8995MA: General Description
No ratings yet
KS8995MA: General Description
77 pages
Extra Networking Concepts
No ratings yet
Extra Networking Concepts
13 pages
9.3.8 Lab - Exploring Nmap
No ratings yet
9.3.8 Lab - Exploring Nmap
7 pages
Networks 9608
No ratings yet
Networks 9608
52 pages

Uploaded by

Uploaded by

set system host-name bras-lab-01

set system root-authentication encrypted-password

You might also like