From df439060d78a5a1fde079c4fd42d9ae9e84f7e24 Mon Sep 17 00:00:00 2001 From: Sebastian Rieger <sebastian.rieger@informatik.hs-fulda.de> Date: Fri, 11 Dec 2015 12:16:15 +0100 Subject: [PATCH] initial commit --- GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl | 662 ++++++++++++++++++++ 1 file changed, 662 insertions(+) create mode 100644 GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl diff --git a/GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl b/GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl new file mode 100644 index 0000000..abd81bc --- /dev/null +++ b/GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl @@ -0,0 +1,662 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<topology xmlns="http://www.cisco.com/VIRL" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" schemaVersion="0.9" xsi:schemaLocation="http://www.cisco.com/VIRL https://raw.github.com/CiscoVIRL/schema/v0.9/virl.xsd"> + <node name="Router-A" type="SIMPLE" subtype="IOSv" location="185,293"> + <extensions> + <entry key="AutoNetkit.mgmt_ip" type="string"></entry> + <entry key="AutoNetkit.IGP" type="String">eigrp</entry> + <entry key="Auto-generate config" type="Boolean">false</entry> + <entry key="config" type="String">! IOS Config generated on 2015-09-06 21:22 +! by autonetkit_0.18.1 +! +hostname iosv-1 +boot-start-marker +boot-end-marker +! +vrf definition Mgmt-intf +! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +! +! +no aaa new-model +! +! +ip cef +ipv6 unicast-routing +ipv6 cef +! +! +service timestamps debug datetime msec +service timestamps log datetime msec +no service password-encryption +no service config +enable password cisco +ip classless +ip subnet-zero +no ip domain lookup +line vty 0 4 + transport input ssh telnet + exec-timeout 720 0 + password cisco + login +line con 0 + password cisco +! +no cdp run +! +! +interface Loopback0 + description Loopback + ip address 192.168.0.2 255.255.255.255 +! +interface GigabitEthernet0/0 + description OOB Management + vrf forwarding Mgmt-intf + ! Configured on launch + no ip address + duplex full + speed auto + no shutdown +! +interface GigabitEthernet0/1 + description to wanEM + ip address 192.168.101.2 255.255.255.252 + duplex full + speed auto + no shutdown +! +interface GigabitEthernet0/2 + description to server-1 + ip address 192.168.1.1 255.255.255.0 + duplex full + speed auto + no shutdown +! +! +! + +! +ip route 0.0.0.0 0.0.0.0 192.168.101.1 +! +end +</entry> + </extensions> + <interface id="0" name="GigabitEthernet0/1" ipv4="192.168.101.2" netPrefixLenV4="24"/> + <interface id="1" name="GigabitEthernet0/2" ipv4="192.168.1.1" netPrefixLenV4="24"/> + <interface id="2" name="GigabitEthernet0/3"/> + <interface id="3" name="GigabitEthernet0/4"/> + </node> + <node name="Client" type="SIMPLE" subtype="server" location="165,452"> + <extensions> + <entry key="Auto-generate config" type="Boolean">false</entry> + <entry key="config" type="String">#cloud-config +bootcmd: +- ln -s -t /etc/rc.d /etc/rc.local +hostname: server-1 +manage_etc_hosts: true +runcmd: +- start ttyS0 +- systemctl start getty@ttyS0.service +- systemctl start rc-local +- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config +- echo "UseDNS no" >> /etc/ssh/sshd_config +- service ssh restart +- service sshd restart +users: +- default +- gecos: User configured by VIRL Configuration Engine 0.18.9 + lock-passwd: false + name: cisco + plain-text-passwd: cisco + shell: /bin/bash + ssh-authorized-keys: + - VIRL-USER-SSH-PUBLIC-KEY + sudo: ALL=(ALL) ALL +write_files: +- path: /etc/init/ttyS0.conf + owner: root:root + content: | + # ttyS0 - getty + # This service maintains a getty on ttyS0 from the point the system is + # started until it is shut down again. + start on stopped rc or RUNLEVEL=[12345] + stop on runlevel [!12345] + respawn + exec /sbin/getty -L 115200 ttyS0 vt102 + permissions: '0644' +- path: /etc/systemd/system/dhclient@.service + content: | + [Unit] + Description=Run dhclient on %i interface + After=network.target + [Service] + Type=oneshot + ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease + RemainAfterExit=yes + owner: root:root + permissions: '0644' +- path: /etc/rc.local + owner: root:root + permissions: '0755' + content: |- + !/bin/sh -e + ifconfig eth1 up 192.168.1.100 netmask 255.255.255.0 + route del default + route add default gw 192.168.1.1 + arp -i eth1 -s 192.168.1.1 aa:aa:aa:aa:aa:aa + exit 0 + +- path: /etc/resolv.conf + owner: root:root + permissions: '0644' + content: | + #by Patrick. + nameserver 8.8.8.8 + </entry> + </extensions> + <interface id="0" name="eth1" ipv4="192.168.1.100" netPrefixLenV4="24"/> + </node> + <node name="ISP" type="SIMPLE" subtype="wanEM" location="340,139" vmImage="wanEM-bash-init-aktuell [d38b887a-e92a-41ad-9f86-f6d81d7afeb8]" vmFlavor="m1.small [2]"> + <extensions> + <entry key="Auto-generate config" type="Boolean">false</entry> + <entry key="config" type="String"> ifconfig eth1 up 192.168.101.1 netmask 255.255.255.252 + ifconfig eth2 up 192.168.102.1 netmask 255.255.255.252 + + + dhclient eth0 + dhclient eth3 + + + route add default gw 172.16.1.254 eth3 + route add -net 192.168.101.0/30 gw 192.168.101.2 dev eth1 + route add -net 192.168.1.0/24 gw 192.168.101.2 dev eth1 + route add -net 192.168.102.0/30 gw 192.168.102.2 dev eth2 + route add -net 192.168.2.0/24 gw 192.168.102.2 dev eth2 + + + iptables -t nat -A POSTROUTING -o eth3 -j MASQUERADE + iptables -A FORWARD -i eth2 -j ACCEPT + iptables -A FORWARD -i eth1 -j ACCEPT + /sbin/tc qdisc add dev eth3 root handle 1:1 netem delay 100ms + service ssh start + + exit 0 +</entry> + </extensions> + <interface id="0" name="Ethernet1" ipv4="192.168.101.1" netPrefixLenV4="24"/> + <interface id="1" name="Ethernet2" ipv4="192.168.102.1" netPrefixLenV4="24"/> + <interface id="2" name="Ethernet3"/> + </node> + <node name="Router-B" type="SIMPLE" subtype="IOSv" location="480,286"> + <extensions> + <entry key="AutoNetkit.mgmt_ip" type="string"></entry> + <entry key="Auto-generate config" type="Boolean">false</entry> + <entry key="config" type="String">! IOS Config generated on 2015-09-06 21:22 +! by autonetkit_0.18.1 +! +hostname iosv-2 +boot-start-marker +boot-end-marker +! +vrf definition Mgmt-intf +! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +! +! +no aaa new-model +! +! +ip cef +ipv6 unicast-routing +ipv6 cef +! +! +service timestamps debug datetime msec +service timestamps log datetime msec +no service password-encryption +no service config +enable password cisco +ip classless +ip subnet-zero +no ip domain lookup +line vty 0 4 + transport input ssh telnet + exec-timeout 720 0 + password cisco + login +line con 0 + password cisco +! +no cdp run +! +! +interface Loopback0 + description Loopback + ip address 192.168.0.3 255.255.255.255 +! +interface GigabitEthernet0/0 + description OOB Management + vrf forwarding Mgmt-intf + ! Configured on launch + no ip address + duplex full + speed auto + no shutdown +! +interface GigabitEthernet0/1 + description to wanEM + ip address 192.168.102.2 255.255.255.252 + ip ospf cost 1 + duplex full + speed auto + no shutdown +! +interface GigabitEthernet0/2 + description to server-2 + ip address 192.168.2.1 255.255.255.0 + ip ospf cost 1 + duplex full + speed auto + no shutdown +! +! +! +ip route 0.0.0.0 0.0.0.0 192.168.102.1 + ! +end +</entry> + </extensions> + <interface id="0" name="GigabitEthernet0/1"/> + <interface id="1" name="GigabitEthernet0/2" netPrefixLenV4="24"/> + </node> + <node name="Server-B" type="SIMPLE" subtype="server" location="397,485" vmImage="uwmadmin-server-Server-A [2b17bd84-1700-4275-8951-ce6946e3e08e]"> + <extensions> + <entry key="Auto-generate config" type="Boolean">false</entry> + <entry key="config" type="String">#cloud-config +bootcmd: +- ln -s -t /etc/rc.d /etc/rc.local +hostname: Server-B +manage_etc_hosts: true +manage_resolv_conf: true + +resolv_conf: + nameservers: ['8.8.4.4', '8.8.8.8'] +runcmd: +- start ttyS0 +- systemctl start getty@ttyS0.service +- systemctl start rc-local +- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config +- echo "UseDNS no" >> /etc/ssh/sshd_config +- service ssh restart +- service sshd restart +users: +- default +- gecos: User configured by VIRL Configuration Engine 0.18.9 + lock-passwd: false + name: cisco + plain-text-passwd: cisco + shell: /bin/bash + ssh-authorized-keys: + - VIRL-USER-SSH-PUBLIC-KEY + sudo: ALL=(ALL) ALL +write_files: +- path: /etc/init/ttyS0.conf + owner: root:root + content: | + # ttyS0 - getty + # This service maintains a getty on ttyS0 from the point the system is + # started until it is shut down again. + start on stopped rc or RUNLEVEL=[12345] + stop on runlevel [!12345] + respawn + exec /sbin/getty -L 115200 ttyS0 vt102 + permissions: '0644' +- path: /etc/systemd/system/dhclient@.service + content: | + [Unit] + Description=Run dhclient on %i interface + After=network.target + [Service] + Type=oneshot + ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease + RemainAfterExit=yes + owner: root:root + permissions: '0644' +- path: /etc/rc.local + owner: root:root + permissions: '0755' + content: |- + #!/bin/sh -e + ifconfig eth1 up 192.168.2.100 netmask 255.255.255.0 + route del default + route add default gw 192.168.2.1 + exit 0 +</entry> + </extensions> + <interface id="0" name="eth1" ipv4="192.168.2.100" netPrefixLenV4="24"/> + </node> + <node name="flat-1" type="ASSET" subtype="FLAT" location="358,16"> + <interface id="0" name="link0"/> + </node> + <node name="Server-A" type="SIMPLE" subtype="server" location="665,259"> + <extensions> + <entry key="Auto-generate config" type="Boolean">false</entry> + <entry key="config" type="String">#cloud-config +bootcmd: +- ln -s -t /etc/rc.d /etc/rc.local +hostname: Server-B +manage_etc_hosts: true +runcmd: +- start ttyS0 +- systemctl start getty@ttyS0.service +- systemctl start rc-local +- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config +- echo "UseDNS no" >> /etc/ssh/sshd_config +- service ssh restart +- service sshd restart +users: +- default +- gecos: User configured by VIRL Configuration Engine 0.18.9 + lock-passwd: false + name: cisco + plain-text-passwd: cisco + shell: /bin/bash + ssh-authorized-keys: + - VIRL-USER-SSH-PUBLIC-KEY + sudo: ALL=(ALL) ALL +write_files: +- path: /etc/init/ttyS0.conf + owner: root:root + content: | + # ttyS0 - getty + # This service maintains a getty on ttyS0 from the point the system is + # started until it is shut down again. + start on stopped rc or RUNLEVEL=[12345] + stop on runlevel [!12345] + respawn + exec /sbin/getty -L 115200 ttyS0 vt102 + permissions: '0644' +- path: /etc/systemd/system/dhclient@.service + content: | + [Unit] + Description=Run dhclient on %i interface + After=network.target + [Service] + Type=oneshot + ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease + RemainAfterExit=yes + owner: root:root + permissions: '0644' +- path: /etc/rc.local + owner: root:root + permissions: '0755' + content: |- + #!/bin/sh -e + ifconfig eth1 up 192.168.2.200 netmask 255.255.255.0 + route del default + route add default gw 192.168.2.1 + exit 0 + +- path: /etc/resolv.conf + owner: root:root + permissions: '0644' + content: | + # ttyS0 - getty + # This service maintains a getty on ttyS0 from the point the system is + # started until it is shut down again. + nameserver 8.8.8.8</entry> + </extensions> + <interface id="0" name="eth1" ipv4="10.0.0.14" netPrefixLenV4="30"/> + </node> + <node name="Switch-A" type="SIMPLE" subtype="NX-OSv" location="567,428" excludeFromLaunch="true"> + <extensions> + <entry key="AutoNetkit.mgmt_ip" type="string"></entry> + <entry key="Auto-generate config" type="Boolean">false</entry> + <entry key="config" type="String">! NX-OSv Config generated on 2015-12-09 19:45 +! by autonetkit_0.18.1 +! +version 6.2(1) +license grace-period +! +hostname SwitchA +vdc SwitchA id 1 + allocate interface Ethernet2/1-48 + allocate interface Ethernet3/1-48 + limit-resource vlan minimum 16 maximum 4094 + limit-resource vrf minimum 2 maximum 4096 + limit-resource port-channel minimum 0 maximum 768 + limit-resource u4route-mem minimum 96 maximum 96 + limit-resource u6route-mem minimum 24 maximum 24 + limit-resource m4route-mem minimum 58 maximum 58 + limit-resource m6route-mem minimum 8 maximum 8 + +feature telnet + +feature ospf +feature bgp + +username adminbackup password 5 ! role network-operator +username admin password 5 $1$KuOSBsvW$Cy0TSD..gEBGBPjzpDgf51 role network-admin +username cisco password 5 $1$Nk7ZkwH0$fyiRmMMfIheqE3BqvcL0C1 role network-operator +username cisco role network-admin +username lab password 5 $1$buoy/oqy$.EXQz8rCn72ii8qtdldj00 role network-admin +no password strength-check +ip domain-lookup +copp profile strict +snmp-server user lab network-admin auth md5 0x5ceb414591539ee35159fca86fdfa101 priv 0x5ceb414591539ee35159fca86fdfa101 localizedkey +snmp-server user admin network-admin auth md5 0x328945d53e05e8e7207f8c20b142f0b7 priv 0x328945d53e05e8e7207f8c20b142f0b7 localizedkey +snmp-server user cisco network-operator auth md5 0x55b3c64a53fb95518e75358ee75e82e9 priv 0x55b3c64a53fb95518e75358ee75e82e9 localizedkey +snmp-server user cisco network-admin +rmon event 1 log trap public description FATAL(1) owner PMON@FATAL +rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL +rmon event 3 log trap public description ERROR(3) owner PMON@ERROR +rmon event 4 log trap public description WARNING(4) owner PMON@WARNING +rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO + + +vlan 1 + +vrf context management +hardware forwarding unicast trace + +interface Loopback0 + description Loopback + ip address 192.168.0.1/32 + ip router ospf 1 area 0 + +interface Ethernet2/1 + description to Router-B + switchport + duplex full + no mac-address + no shutdown + +interface Ethernet2/2 + description to server-A + switchport + duplex full + no mac-address + shutdown + +interface Ethernet2/3 + description to server-B + switchport + duplex full + no mac-address + no shutdown + +interface mgmt0 + description OOB Management + ! Configured on launch + no ip address + duplex full + no mac-address + no shutdown + vrf member management + + +line console +line vty +router ospf 1 + router-id 192.168.0.1 +router bgp 1 + router-id 192.168.0.1 + address-family ipv4 unicast + network 192.168.0.1/32 + ! +! iBGP +! +! iBGP peers + ! + neighbor 192.168.101.2 remote-as 1 + description iBGP peer Router-A + update-source Loopback0 + address-family ipv4 unicast + ! + ! + ! + neighbor 192.168.102.2 remote-as 1 + description iBGP peer Router-B + update-source Loopback0 + address-family ipv4 unicast + ! + ! + </entry> + </extensions> + <interface id="0" name="Ethernet2/1" ipv4="10.0.128.5" netPrefixLenV4="30"/> + <interface id="1" name="Ethernet2/2" ipv4="10.0.0.1" netPrefixLenV4="30"/> + <interface id="2" name="Ethernet2/3" ipv4="10.0.128.1" netPrefixLenV4="30"/> + </node> + <node name="iosvl2-1" type="SIMPLE" subtype="IOSvL2" location="692,434"> + <extensions> + <entry key="AutoNetkit.mgmt_ip" type="string"></entry> + <entry key="config" type="String">! IOSvL2 Config generated on 2015-12-11 11:07
 +! by autonetkit_0.18.1
 +!
 +version 15.2
 +service timestamps debug datetime msec
 +service timestamps log datetime msec
 +no service password-encryption
 +service compress-config
 +no service config
 +enable password cisco
 +ip classless
 +ip subnet-zero
 +no ip domain lookup
 +!
 +line vty 0 4
 +transport input ssh telnet
 +exec-timeout 720 0
 +password cisco
 +login
 +!
 +line con 0
 +password cisco
 +!
 +hostname iosvl2-1
 +!
 +boot-start-marker
 +boot-end-marker
 +!
 +!
 +!
 +no aaa new-model
 +!
 +!
 +!
 +!
 +!
 +!
 +!
 +!
 +ip cef
 +no ipv6 cef
 +!
 +!
 +spanning-tree mode pvst
 +spanning-tree extend system-id
 +!
 +vlan internal allocation policy ascending
 +!
 +!
 +!
 +!
 +vrf definition Mgmt-intf
 +!
 + address-family ipv4
 + exit-address-family
 + !
 + address-family ipv6
 + exit-address-family
 +!
 +!
 +!
 +!
 +!
 +interface Loopback0
 + description Loopback
 +!
 +interface GigabitEthernet0/0
 + description OOB management
 + ! Configured on launch
 + no switchport
 + no ip address
 + no shutdown
 +!
 +interface GigabitEthernet0/1
 + description to Router-B
 + switchport access vlan 2
 + switchport mode access
 + no shutdown
 +!
 +interface GigabitEthernet0/2
 + description to Server-A
 + switchport access vlan 2
 + switchport mode access
 + shutdown
 +!
 +interface GigabitEthernet0/3
 + description to Server-B
 + switchport access vlan 2
 + switchport mode access
 + no shutdown
 +!
 +!
 +ip forward-protocol nd
 +!
 +no ip http server
 +no ip http secure-server
 +!
 +!
 +!
 +!
 +!
 +!
 +control-plane
 +!
 +!
 +!
 +end
 + </entry> + </extensions> + <interface id="0" name="GigabitEthernet0/1"/> + <interface id="1" name="GigabitEthernet0/2"/> + <interface id="2" name="GigabitEthernet0/3"/> + </node> + <connection dst="/virl:topology/virl:node[3]/virl:interface[1]" src="/virl:topology/virl:node[1]/virl:interface[1]"/> + <connection dst="/virl:topology/virl:node[4]/virl:interface[1]" src="/virl:topology/virl:node[3]/virl:interface[2]"/> + <connection dst="/virl:topology/virl:node[3]/virl:interface[3]" src="/virl:topology/virl:node[6]/virl:interface[1]"/> + <connection dst="/virl:topology/virl:node[2]/virl:interface[1]" src="/virl:topology/virl:node[1]/virl:interface[2]"/> + <connection dst="/virl:topology/virl:node[9]/virl:interface[1]" src="/virl:topology/virl:node[4]/virl:interface[2]"/> + <connection dst="/virl:topology/virl:node[9]/virl:interface[2]" src="/virl:topology/virl:node[7]/virl:interface[1]"/> + <connection dst="/virl:topology/virl:node[9]/virl:interface[3]" src="/virl:topology/virl:node[5]/virl:interface[1]"/> +</topology> -- GitLab