Re: [Slightly OT] Router logs

From: Bogdan Sass (bogdan.sass@catc.ro)
Date: Sat Jan 24 2009 - 16:06:49 ARST

• Next message: Narbik Kocharians: "Re: Access-list rate-limit mask"
• Previous message: Darby Weaver: "Re: Re-take the CCIE written exam"
• Maybe in reply to: Bogdan Sass: "[Slightly OT] Router logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Darby Weaver wrote:
> I'd like to see the config on the router that generated these logs.
> Sanitized?
    Here is the config.

version 12.4
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
service compress-config
!
hostname r1
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
enable secret 5
enable password 7
!
aaa new-model
!
!
aaa authentication login default group tacacs+ line
aaa authentication enable default group tacacs+ enable
aaa authentication ppp default local
aaa authorization commands 1 default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ if-authenticated
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
!
aaa session-id common
!
resource policy
!
clock timezone EET 2
clock summer-time EEST recurring last Sun Mar 2:00 last Sun Oct 4:00
ip subnet-zero
no ip source-route
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip tftp source-interface Loopback1
isdn switch-type basic-net3
!
x25 routing
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username user password 7
!
!
class-map match-all Prec4
 match access-group name Prec4
class-map match-all Prec1
 match access-group name Prec1
class-map match-all Prec2
 match access-group name Prec2
class-map match-all Prec3
 match access-group name Prec3
class-map match-any D1
 match ip precedence 3 4
class-map match-any D2
 match ip precedence 1 2
class-map match-all D3
 match ip precedence 0
!
!
policy-map MARKING
  description "Mark"
 class Prec4
  set ip precedence 4
 class Prec3
  set ip precedence 3
 class Prec2
  set ip precedence 2
 class Prec1
  set ip precedence 1
policy-map B64
 class D1
  bandwidth remaining percent 80
  random-detect
  random-detect precedence 3 3 6 20
  random-detect precedence 4 7 21 20
 class D2
  bandwidth remaining percent 5
  random-detect
  random-detect precedence 1 9 18 20
  random-detect precedence 2 16 32 20
 class D3
  bandwidth remaining percent 15
  random-detect
  random-detect precedence 0 19 38 20
 class class-default
  fair-queue
policy-map B64_WLL
 class class-default
  shape average 62000 1240 0
  service-policy B64
policy-map B128-384
 class D1
  bandwidth remaining percent 80
  random-detect
  random-detect precedence 3 7 14 20
  random-detect precedence 4 15 45 20
 class D2
  bandwidth remaining percent 5
  random-detect
  random-detect precedence 1 12 24 20
  random-detect precedence 2 22 44 20
 class D3
  bandwidth remaining percent 15
  random-detect
  random-detect precedence 0 27 54 20
 class class-default
  fair-queue
!
!
!
!
interface Loopback1
 ip address x.x.x.x 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 no ip route-cache cef
 no ip route-cache
 no ip mroute-cache
 duplex auto
 speed 100
!
interface FastEthernet0/0.1
 encapsulation dot1Q 1 native
 ip address x.x.x.x 255.255.255.0
 ip accounting output-packets
 no ip route-cache
 no ip mroute-cache
 no snmp trap link-status
 service-policy input MARKING
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip address x.x.x.x 255.255.255.0
 no ip route-cache
 no ip mroute-cache
 no snmp trap link-status
!
interface FastEthernet0/1
 description Internet
 no ip address
 shutdown
 duplex auto
 speed auto
 service-policy output B64_WLL
!
interface Serial0/0/0
 no ip address
 shutdown
 no fair-queue
 clock rate 125000
!
interface Serial0/0/1
 no ip address
 shutdown
 clock rate 125000
!
interface Serial0/1/0
 description s0/0-w
 bandwidth 128
 no ip address
 encapsulation frame-relay
 load-interval 30
 keepalive 1
 no fair-queue
 frame-relay traffic-shaping
!
interface Serial0/1/0.1 point-to-point
 bandwidth 128
 ip address x.x.x.x 255.255.255.252
 frame-relay interface-dlci 200 CISCO
  class B128
!
interface BRI0/2/0
 description b0/0-db
 ip address x.x.x.x 255.255.255.252
 encapsulation ppp
 dialer map ip x.x.x.x name b-info xxxxxx
 dialer load-threshold 200 either
 dialer-group 3
 isdn switch-type basic-net3
 isdn twait-disable
 isdn point-to-point-setup
 ppp authentication chap
!
router rip
 version 2
 redistribute connected
 passive-interface BRI0/2/0
 network x.x.x.x
 distribute-list RUTE-OUT-RIP out
 distribute-list RIP-IN in
 no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.x 250
ip route x.x.x.x 255.255.255.255 x.x.x.x
!
no ip http server
no ip http secure-server
ip tacacs source-interface Loopback1
!
ip access-list standard RIP-IN
--output omitted--
ip access-list standard RUTE-OUT-RIP
--output omitted--
!
ip access-list extended Prec1
 --output omitted--
ip access-list extended Prec2
--output omitted--
ip access-list extended Prec3
--output omitted--
ip access-list extended Prec4
--output omitted--
!
!
map-class frame-relay B64
 frame-relay cir 62000
 frame-relay bc 1240
 frame-relay be 0
 frame-relay mincir 62000
 service-policy output BRD64
!
map-class frame-relay B128
 frame-relay cir 124000
 frame-relay bc 2480
 frame-relay be 0
 frame-relay mincir 124000
 service-policy output B128-384
logging source-interface Loopback1
logging x.x.x.x
logging x.x.x.x
logging x.x.x.x
access-list 8 permit x.x.x.x
access-list 9 permit x.x.x.x
access-list 10 permit x.x.x.x
access-list 101 permit ip any x.x.x.x 0.0.0.255
access-list 111 permit ip x.x.x.x 0.0.0.31 any log
access-list 111 deny ip any any log
dialer-list 3 protocol ip list 101
snmp-server community zzzz RO 10
snmp-server community zzzz RO 9
snmp-server community zzzz RW 8
snmp-server trap-source Loopback1
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server host x.x.x.x zzzz
snmp-server host x.x.x.x zzzz
route-map LAN permit 10
 match ip address RUTA_LAN
!
!
!
tacacs-server host x.x.x.x
tacacs-server directed-request
tacacs-server key 7
!
control-plane
!
!
!
!
!
!
dial-peer cor custom
!
!
!
line con 0
 password 7
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7
line vty 5
 exec-timeout 0 0
!
scheduler allocate 20000 1000
ntp clock-period 17180315
ntp source Loopback1
ntp server x.x.x.x
ntp server x.x.x.x prefer
!
end

    Thank you,

-- 
Bogdan Sass
CCAI,CCSP,JNCIA-ER,CCIE #22221 (RS)
Information Systems Security Professional
"Curiosity was framed - ignorance killed the cat"
Blogs and organic groups at http://www.ccie.net

• Next message: Narbik Kocharians: "Re: Access-list rate-limit mask"
• Previous message: Darby Weaver: "Re: Re-take the CCIE written exam"
• Maybe in reply to: Bogdan Sass: "[Slightly OT] Router logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:40 ARST