git-virl-hs-fulda/GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<topology xmlns="http://www.cisco.com/VIRL" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" schemaVersion="0.9" xsi:schemaLocation="http://www.cisco.com/VIRL https://raw.github.com/CiscoVIRL/schema/v0.9/virl.xsd">
    <node name="Router-A" type="SIMPLE" subtype="IOSv" location="220,198">
        <extensions>
            <entry key="AutoNetkit.mgmt_ip" type="string"></entry>
            <entry key="AutoNetkit.IGP" type="String">eigrp</entry>
            <entry key="Auto-generate config" type="Boolean">false</entry>
            <entry key="config" type="String">! IOS Config generated on 2015-09-06 21:22
! by autonetkit_0.18.1
!
hostname iosv-1
boot-start-marker
boot-end-marker
!
vrf definition Mgmt-intf
!
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
!
!
no aaa new-model
!
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
!
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service config
enable password cisco
ip classless
ip subnet-zero
no ip domain lookup
line vty 0 4
 transport input ssh telnet
 exec-timeout 720 0
 password cisco
 login
line con 0
 password cisco
!
no cdp run
!
!
interface Loopback0
  description Loopback
  ip address 192.168.0.2 255.255.255.255
!
interface GigabitEthernet0/0
  description OOB Management
  vrf forwarding Mgmt-intf
  ! Configured on launch
  no ip address
  duplex full
  speed auto
  no shutdown
!
interface GigabitEthernet0/1
  description to wanEM
  ip address 192.168.101.2 255.255.255.252
  duplex full
  speed auto
  no shutdown
!
interface GigabitEthernet0/2
  description to server-1
  ip address 192.168.1.1 255.255.255.0
  duplex full
  speed auto
  no shutdown
!
!
!

!
ip route 0.0.0.0 0.0.0.0 192.168.101.1
!
end
</entry>
        </extensions>
        <interface id="0" name="GigabitEthernet0/1" ipv4="192.168.101.2" netPrefixLenV4="24"/>
        <interface id="1" name="GigabitEthernet0/2" ipv4="192.168.1.1" netPrefixLenV4="24"/>
        <interface id="2" name="GigabitEthernet0/3"/>
        <interface id="3" name="GigabitEthernet0/4"/>
    </node>
    <node name="Client" type="SIMPLE" subtype="server" location="158,285">
        <extensions>
            <entry key="Auto-generate config" type="Boolean">false</entry>
            <entry key="config" type="String">#cloud-config
bootcmd:
- ln -s -t /etc/rc.d /etc/rc.local
hostname: server-1
manage_etc_hosts: true
runcmd:
- start ttyS0
- systemctl start getty@ttyS0.service
- systemctl start rc-local
- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config
- echo "UseDNS no" &gt;&gt; /etc/ssh/sshd_config
- service ssh restart
- service sshd restart
users:
- default
- gecos: User configured by VIRL Configuration Engine 0.18.9
  lock-passwd: false
  name: cisco
  plain-text-passwd: cisco
  shell: /bin/bash
  ssh-authorized-keys:
  - VIRL-USER-SSH-PUBLIC-KEY
  sudo: ALL=(ALL) ALL
write_files:
- path: /etc/init/ttyS0.conf
  owner: root:root
  content: |
    # ttyS0 - getty
    # This service maintains a getty on ttyS0 from the point the system is
    # started until it is shut down again.
    start on stopped rc or RUNLEVEL=[12345]
    stop on runlevel [!12345]
    respawn
    exec /sbin/getty -L 115200 ttyS0 vt102
  permissions: '0644'
- path: /etc/systemd/system/dhclient@.service
  content: |
    [Unit]
    Description=Run dhclient on %i interface
    After=network.target
    [Service]
    Type=oneshot
    ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease
    RemainAfterExit=yes
  owner: root:root
  permissions: '0644'
- path: /etc/rc.local
  owner: root:root
  permissions: '0755'
  content: |-
    !/bin/sh -e
    ifconfig eth1 up 192.168.1.100 netmask 255.255.255.0
    route del default
    route add default gw 192.168.1.1
    arp -i eth1 -s 192.168.1.1 aa:aa:aa:aa:aa:aa
    exit 0

- path: /etc/resolv.conf
  owner: root:root
  permissions: '0644'
  content: |
    #by Patrick.
    nameserver 8.8.8.8
  </entry>
        </extensions>
        <interface id="0" name="eth1" ipv4="192.168.1.100" netPrefixLenV4="24"/>
    </node>
    <node name="ISP" type="SIMPLE" subtype="wanEM" location="340,139" vmImage="wanEM-bash-init-aktuell [d38b887a-e92a-41ad-9f86-f6d81d7afeb8]" vmFlavor="m1.small [2]">
        <extensions>
            <entry key="Auto-generate config" type="Boolean">false</entry>
            <entry key="config" type="String">    ifconfig eth1 up 192.168.101.1 netmask 255.255.255.252
    ifconfig eth2 up 192.168.102.1 netmask 255.255.255.252


    dhclient eth0
    dhclient eth3


    route add default gw 172.16.1.254 eth3
    route add -net 192.168.101.0/30 gw 192.168.101.2 dev eth1
    route add -net 192.168.1.0/24 gw 192.168.101.2 dev eth1
    route add -net 192.168.102.0/30 gw 192.168.102.2 dev eth2
    route add -net 192.168.2.0/24 gw 192.168.102.2 dev eth2


     iptables -t nat -A POSTROUTING -o eth3 -j MASQUERADE
     iptables -A FORWARD -i eth2 -j ACCEPT
     iptables -A FORWARD -i eth1 -j ACCEPT
     /sbin/tc qdisc add dev eth3 root handle 1:1 netem delay 100ms
     service ssh start

    exit 0
</entry>
        </extensions>
        <interface id="0" name="Ethernet1" ipv4="192.168.101.1" netPrefixLenV4="24"/>
        <interface id="1" name="Ethernet2" ipv4="192.168.102.1" netPrefixLenV4="24"/>
        <interface id="2" name="Ethernet3"/>
    </node>
    <node name="Router-B" type="SIMPLE" subtype="IOSv" location="442,185">
        <extensions>
            <entry key="AutoNetkit.mgmt_ip" type="string"></entry>
            <entry key="Auto-generate config" type="Boolean">false</entry>
            <entry key="config" type="String">! IOS Config generated on 2015-09-06 21:22
! by autonetkit_0.18.1
!
hostname iosv-2
boot-start-marker
boot-end-marker
!
vrf definition Mgmt-intf
!
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
!
!
no aaa new-model
!
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
!
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service config
enable password cisco
ip classless
ip subnet-zero
no ip domain lookup
line vty 0 4
 transport input ssh telnet
 exec-timeout 720 0
 password cisco
 login
line con 0
 password cisco
!
no cdp run
!
!
interface Loopback0
  description Loopback
  ip address 192.168.0.3 255.255.255.255
!
interface GigabitEthernet0/0
  description OOB Management
  vrf forwarding Mgmt-intf
  ! Configured on launch
  no ip address
  duplex full
  speed auto
  no shutdown
!
interface GigabitEthernet0/1
  description to wanEM
  ip address 192.168.102.2 255.255.255.252
  ip ospf cost 1
  duplex full
  speed auto
  no shutdown
!
interface GigabitEthernet0/2
  description to server-2
  ip address 192.168.2.1 255.255.255.0
  ip ospf cost 1
  duplex full
  speed auto
  no shutdown
!
!
!
ip route 0.0.0.0 0.0.0.0 192.168.102.1
 !
end
</entry>
        </extensions>
        <interface id="0" name="GigabitEthernet0/1"/>
        <interface id="1" name="GigabitEthernet0/2" netPrefixLenV4="24"/>
    </node>
    <node name="Server-B" type="SIMPLE" subtype="server" location="405,302" vmImage="server-uwmadmin-server-Server-B-aktuell [df1463d4-87d0-439f-96d6-ea7aeacccaf3]">
        <extensions>
            <entry key="Auto-generate config" type="Boolean">false</entry>
            <entry key="config" type="String">#cloud-config
bootcmd:
- ln -s -t /etc/rc.d /etc/rc.local
hostname: Server-B
manage_etc_hosts: true

runcmd:
- start ttyS0
- systemctl start getty@ttyS0.service
- systemctl start rc-local
- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config
- echo "UseDNS no" &gt;&gt; /etc/ssh/sshd_config
- service ssh restart
- service sshd restart
users:
- default
- gecos: User configured by VIRL Configuration Engine 0.18.9
  lock-passwd: false
  name: cisco
  plain-text-passwd: cisco
  shell: /bin/bash
  ssh-authorized-keys:
  - VIRL-USER-SSH-PUBLIC-KEY
  sudo: ALL=(ALL) ALL
write_files:
- path: /etc/init/ttyS0.conf
  owner: root:root
  content: |
    # ttyS0 - getty
    # This service maintains a getty on ttyS0 from the point the system is
    # started until it is shut down again.
    start on stopped rc or RUNLEVEL=[12345]
    stop on runlevel [!12345]
    respawn
    exec /sbin/getty -L 115200 ttyS0 vt102
  permissions: '0644'
- path: /etc/systemd/system/dhclient@.service
  content: |
    [Unit]
    Description=Run dhclient on %i interface
    After=network.target
    [Service]
    Type=oneshot
    ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease
    RemainAfterExit=yes
  owner: root:root
  permissions: '0644'
- path: /etc/rc.local
  owner: root:root
  permissions: '0755'
  content: |-
    #!/bin/sh -e
    ifconfig eth1 up 192.168.2.100 netmask 255.255.255.0
    route del default
    route add default gw 192.168.2.1
    echo "nameserver 8.8.8.8" &gt;/etc/resolv.conf
    exit 0
</entry>
        </extensions>
        <interface id="0" name="eth1" ipv4="192.168.2.100" netPrefixLenV4="24"/>
    </node>
    <node name="flat-1" type="ASSET" subtype="FLAT" location="358,16">
        <interface id="0" name="link0"/>
    </node>
    <node name="Server-A" type="SIMPLE" subtype="server" location="650,215">
        <extensions>
            <entry key="Auto-generate config" type="Boolean">false</entry>
            <entry key="config" type="String">#cloud-config
bootcmd:
- ln -s -t /etc/rc.d /etc/rc.local
hostname: Server-B
manage_etc_hosts: true
runcmd:
- start ttyS0
- systemctl start getty@ttyS0.service
- systemctl start rc-local
- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config
- echo "UseDNS no" &gt;&gt; /etc/ssh/sshd_config
- service ssh restart
- service sshd restart
users:
- default
- gecos: User configured by VIRL Configuration Engine 0.18.9
  lock-passwd: false
  name: cisco
  plain-text-passwd: cisco
  shell: /bin/bash
  ssh-authorized-keys:
  - VIRL-USER-SSH-PUBLIC-KEY
  sudo: ALL=(ALL) ALL
write_files:
- path: /etc/init/ttyS0.conf
  owner: root:root
  content: |
    # ttyS0 - getty
    # This service maintains a getty on ttyS0 from the point the system is
    # started until it is shut down again.
    start on stopped rc or RUNLEVEL=[12345]
    stop on runlevel [!12345]
    respawn
    exec /sbin/getty -L 115200 ttyS0 vt102
  permissions: '0644'
- path: /etc/systemd/system/dhclient@.service
  content: |
    [Unit]
    Description=Run dhclient on %i interface
    After=network.target
    [Service]
    Type=oneshot
    ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease
    RemainAfterExit=yes
  owner: root:root
  permissions: '0644'
- path: /etc/rc.local
  owner: root:root
  permissions: '0755'
  content: |-
    #!/bin/sh -e
    ifconfig eth1 up 192.168.2.200 netmask 255.255.255.0
    route del default
    route add default gw 192.168.2.1
    exit 0

- path: /etc/resolv.conf
  owner: root:root
  permissions: '0644'
  content: |
    # ttyS0 - getty
    # This service maintains a getty on ttyS0 from the point the system is
    # started until it is shut down again.
    nameserver 8.8.8.8</entry>
        </extensions>
        <interface id="0" name="eth1" ipv4="10.0.0.14" netPrefixLenV4="30"/>
    </node>
    <node name="Switch-A" type="SIMPLE" subtype="IOSvL2" location="578,316">
        <extensions>
            <entry key="AutoNetkit.mgmt_ip" type="string"></entry>
            <entry key="config" type="String">! IOSvL2 Config generated on 2015-12-11 21:04
! by autonetkit_0.18.1
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
no service config
enable password cisco
ip classless
ip subnet-zero
no ip domain lookup
!
line vty 0 4
transport input ssh telnet
exec-timeout 720 0
password cisco
login
!
line con 0
password cisco
!
hostname Switch-A
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
vrf definition Mgmt-intf
!
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
!
!
!
!
interface Loopback0
  description Loopback
!
interface GigabitEthernet0/0
  description OOB management
  ! Configured on launch
  no switchport
  no ip address
  no shutdown
!
interface GigabitEthernet0/1
  description to Router-B
  switchport access vlan 2
  switchport mode access
  no shutdown
!
interface GigabitEthernet0/2
  description to Server-A
  switchport access vlan 2
  switchport mode access
  no shutdown
!
interface GigabitEthernet0/3
  description to Server-B
  switchport access vlan 2
  switchport mode access
  no shutdown
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
!
!
end
        </entry>
        </extensions>
        <interface id="0" name="GigabitEthernet0/1"/>
        <interface id="1" name="GigabitEthernet0/2"/>
        <interface id="2" name="GigabitEthernet0/3"/>
    </node>
    <connection dst="/virl:topology/virl:node[3]/virl:interface[1]" src="/virl:topology/virl:node[1]/virl:interface[1]"/>
    <connection dst="/virl:topology/virl:node[4]/virl:interface[1]" src="/virl:topology/virl:node[3]/virl:interface[2]"/>
    <connection dst="/virl:topology/virl:node[3]/virl:interface[3]" src="/virl:topology/virl:node[6]/virl:interface[1]"/>
    <connection dst="/virl:topology/virl:node[2]/virl:interface[1]" src="/virl:topology/virl:node[1]/virl:interface[2]"/>
    <connection dst="/virl:topology/virl:node[8]/virl:interface[1]" src="/virl:topology/virl:node[4]/virl:interface[2]"/>
    <connection dst="/virl:topology/virl:node[8]/virl:interface[2]" src="/virl:topology/virl:node[7]/virl:interface[1]"/>
    <connection dst="/virl:topology/virl:node[8]/virl:interface[3]" src="/virl:topology/virl:node[5]/virl:interface[1]"/>
</topology>