diff --git a/GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl b/GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl index eafa952..fd2fcf7 100644 --- a/GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl +++ b/GIT-VIRL-HS-Fulda/KOMPROT_wanem_uebung.virl @@ -5,84 +5,84 @@ eigrp false - ! IOS Config generated on 2015-09-06 21:22 -! by autonetkit_0.18.1 -! -hostname iosv-1 -boot-start-marker -boot-end-marker -! -vrf definition Mgmt-intf -! - address-family ipv4 - exit-address-family - ! - address-family ipv6 - exit-address-family -! -! -! -no aaa new-model -! -! -ip cef -ipv6 unicast-routing -ipv6 cef -! -! -service timestamps debug datetime msec -service timestamps log datetime msec -no service password-encryption -no service config -enable password cisco -ip classless -ip subnet-zero -no ip domain lookup -line vty 0 4 - transport input ssh telnet - exec-timeout 720 0 - password cisco - login -line con 0 - password cisco -! -no cdp run -! -! -interface Loopback0 - description Loopback - ip address 192.168.0.2 255.255.255.255 -! -interface GigabitEthernet0/0 - description OOB Management - vrf forwarding Mgmt-intf - ! Configured on launch - no ip address - duplex full - speed auto - no shutdown -! -interface GigabitEthernet0/1 - description to wanEM - ip address 192.168.101.2 255.255.255.252 - duplex full - speed auto - no shutdown -! -interface GigabitEthernet0/2 - description to server-1 - ip address 192.168.1.1 255.255.255.0 - duplex full - speed auto - no shutdown -! -! -! - -! -ip route 0.0.0.0 0.0.0.0 192.168.101.1 -! -end + ! IOS Config generated on 2015-09-06 21:22 +! by autonetkit_0.18.1 +! +hostname Router-A +boot-start-marker +boot-end-marker +! +vrf definition Mgmt-intf +! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +! +! +no aaa new-model +! +! +ip cef +ipv6 unicast-routing +ipv6 cef +! +! +service timestamps debug datetime msec +service timestamps log datetime msec +no service password-encryption +no service config +enable password cisco +ip classless +ip subnet-zero +no ip domain lookup +line vty 0 4 + transport input ssh telnet + exec-timeout 720 0 + password cisco + login +line con 0 + password cisco +! +no cdp run +! +! +interface Loopback0 + description Loopback + ip address 192.168.0.2 255.255.255.255 +! +interface GigabitEthernet0/0 + description OOB Management + vrf forwarding Mgmt-intf + ! Configured on launch + no ip address + duplex full + speed auto + no shutdown +! +interface GigabitEthernet0/1 + description to wanEM + ip address 192.168.101.2 255.255.255.252 + duplex full + speed auto + no shutdown +! +interface GigabitEthernet0/2 + description to server-1 + ip address 192.168.1.1 255.255.255.0 + duplex full + speed auto + no shutdown +! +! +! + +! +ip route 0.0.0.0 0.0.0.0 192.168.101.1 +! +end @@ -93,69 +93,69 @@ end false - #cloud-config -bootcmd: -- ln -s -t /etc/rc.d /etc/rc.local -hostname: server-1 -manage_etc_hosts: true -runcmd: -- start ttyS0 -- systemctl start getty@ttyS0.service -- systemctl start rc-local -- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config -- echo "UseDNS no" >> /etc/ssh/sshd_config -- service ssh restart -- service sshd restart -users: -- default -- gecos: User configured by VIRL Configuration Engine 0.18.9 - lock-passwd: false - name: cisco - plain-text-passwd: cisco - shell: /bin/bash - ssh-authorized-keys: - - VIRL-USER-SSH-PUBLIC-KEY - sudo: ALL=(ALL) ALL -write_files: -- path: /etc/init/ttyS0.conf - owner: root:root - content: | - # ttyS0 - getty - # This service maintains a getty on ttyS0 from the point the system is - # started until it is shut down again. - start on stopped rc or RUNLEVEL=[12345] - stop on runlevel [!12345] - respawn - exec /sbin/getty -L 115200 ttyS0 vt102 - permissions: '0644' -- path: /etc/systemd/system/dhclient@.service - content: | - [Unit] - Description=Run dhclient on %i interface - After=network.target - [Service] - Type=oneshot - ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease - RemainAfterExit=yes - owner: root:root - permissions: '0644' -- path: /etc/rc.local - owner: root:root - permissions: '0755' - content: |- - !/bin/sh -e - ifconfig eth1 up 192.168.1.100 netmask 255.255.255.0 - route del default - route add default gw 192.168.1.1 - arp -i eth1 -s 192.168.1.1 aa:aa:aa:aa:aa:aa - exit 0 - -- path: /etc/resolv.conf - owner: root:root - permissions: '0644' - content: | - #by Patrick. - nameserver 8.8.8.8 + #cloud-config +bootcmd: +- ln -s -t /etc/rc.d /etc/rc.local +hostname: Client +manage_etc_hosts: true +runcmd: +- start ttyS0 +- systemctl start getty@ttyS0.service +- systemctl start rc-local +- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config +- echo "UseDNS no" >> /etc/ssh/sshd_config +- service ssh restart +- service sshd restart +users: +- default +- gecos: User configured by VIRL Configuration Engine 0.18.9 + lock-passwd: false + name: cisco + plain-text-passwd: cisco + shell: /bin/bash + ssh-authorized-keys: + - VIRL-USER-SSH-PUBLIC-KEY + sudo: ALL=(ALL) ALL +write_files: +- path: /etc/init/ttyS0.conf + owner: root:root + content: | + # ttyS0 - getty + # This service maintains a getty on ttyS0 from the point the system is + # started until it is shut down again. + start on stopped rc or RUNLEVEL=[12345] + stop on runlevel [!12345] + respawn + exec /sbin/getty -L 115200 ttyS0 vt102 + permissions: '0644' +- path: /etc/systemd/system/dhclient@.service + content: | + [Unit] + Description=Run dhclient on %i interface + After=network.target + [Service] + Type=oneshot + ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease + RemainAfterExit=yes + owner: root:root + permissions: '0644' +- path: /etc/rc.local + owner: root:root + permissions: '0755' + content: |- + !/bin/sh -e + ifconfig eth1 up 192.168.1.100 netmask 255.255.255.0 + route del default + route add default gw 192.168.1.1 + arp -i eth1 -s 192.168.1.1 aa:aa:aa:aa:aa:aa + exit 0 + +- path: /etc/resolv.conf + owner: root:root + permissions: '0644' + content: | + #by Patrick. + nameserver 8.8.8.8 @@ -163,28 +163,30 @@ write_files: false - ifconfig eth1 up 192.168.101.1 netmask 255.255.255.252 - ifconfig eth2 up 192.168.102.1 netmask 255.255.255.252 - - - dhclient eth0 - dhclient eth3 - - - route add default gw 172.16.1.254 eth3 - route add -net 192.168.101.0/30 gw 192.168.101.2 dev eth1 - route add -net 192.168.1.0/24 gw 192.168.101.2 dev eth1 - route add -net 192.168.102.0/30 gw 192.168.102.2 dev eth2 - route add -net 192.168.2.0/24 gw 192.168.102.2 dev eth2 - - - iptables -t nat -A POSTROUTING -o eth3 -j MASQUERADE - iptables -A FORWARD -i eth2 -j ACCEPT - iptables -A FORWARD -i eth1 -j ACCEPT - /sbin/tc qdisc add dev eth3 root handle 1:1 netem delay 100ms - service ssh start - - exit 0 + ifconfig eth1 up 192.168.101.1 netmask 255.255.255.252 + ifconfig eth2 up 192.168.102.1 netmask 255.255.255.252 + + + dhclient eth0 + dhclient eth3 + + + route add default gw 172.16.1.254 eth3 + route add -net 192.168.101.0/30 gw 192.168.101.2 dev eth1 + route add -net 192.168.1.0/24 gw 192.168.101.2 dev eth1 + route add -net 192.168.102.0/30 gw 192.168.102.2 dev eth2 + route add -net 192.168.2.0/24 gw 192.168.102.2 dev eth2 + + + iptables -t nat -A POSTROUTING -o eth3 -j MASQUERADE + iptables -A FORWARD -i eth2 -j ACCEPT + iptables -A FORWARD -i eth1 -j ACCEPT + /sbin/tc qdisc add dev eth3 root handle 1:1 netem delay 100ms + service ssh start + + hostname ISP + + exit 0 @@ -195,84 +197,84 @@ write_files: false - ! IOS Config generated on 2015-09-06 21:22 -! by autonetkit_0.18.1 -! -hostname iosv-2 -boot-start-marker -boot-end-marker -! -vrf definition Mgmt-intf -! - address-family ipv4 - exit-address-family - ! - address-family ipv6 - exit-address-family -! -! -! -no aaa new-model -! -! -ip cef -ipv6 unicast-routing -ipv6 cef -! -! -service timestamps debug datetime msec -service timestamps log datetime msec -no service password-encryption -no service config -enable password cisco -ip classless -ip subnet-zero -no ip domain lookup -line vty 0 4 - transport input ssh telnet - exec-timeout 720 0 - password cisco - login -line con 0 - password cisco -! -no cdp run -! -! -interface Loopback0 - description Loopback - ip address 192.168.0.3 255.255.255.255 -! -interface GigabitEthernet0/0 - description OOB Management - vrf forwarding Mgmt-intf - ! Configured on launch - no ip address - duplex full - speed auto - no shutdown -! -interface GigabitEthernet0/1 - description to wanEM - ip address 192.168.102.2 255.255.255.252 - ip ospf cost 1 - duplex full - speed auto - no shutdown -! -interface GigabitEthernet0/2 - description to server-2 - ip address 192.168.2.1 255.255.255.0 - ip ospf cost 1 - duplex full - speed auto - no shutdown -! -! -! -ip route 0.0.0.0 0.0.0.0 192.168.102.1 - ! -end + ! IOS Config generated on 2015-09-06 21:22 +! by autonetkit_0.18.1 +! +hostname Router-B +boot-start-marker +boot-end-marker +! +vrf definition Mgmt-intf +! + address-family ipv4 + exit-address-family + ! + address-family ipv6 + exit-address-family +! +! +! +no aaa new-model +! +! +ip cef +ipv6 unicast-routing +ipv6 cef +! +! +service timestamps debug datetime msec +service timestamps log datetime msec +no service password-encryption +no service config +enable password cisco +ip classless +ip subnet-zero +no ip domain lookup +line vty 0 4 + transport input ssh telnet + exec-timeout 720 0 + password cisco + login +line con 0 + password cisco +! +no cdp run +! +! +interface Loopback0 + description Loopback + ip address 192.168.0.3 255.255.255.255 +! +interface GigabitEthernet0/0 + description OOB Management + vrf forwarding Mgmt-intf + ! Configured on launch + no ip address + duplex full + speed auto + no shutdown +! +interface GigabitEthernet0/1 + description to wanEM + ip address 192.168.102.2 255.255.255.252 + ip ospf cost 1 + duplex full + speed auto + no shutdown +! +interface GigabitEthernet0/2 + description to server-2 + ip address 192.168.2.1 255.255.255.0 + ip ospf cost 1 + duplex full + speed auto + no shutdown +! +! +! +ip route 0.0.0.0 0.0.0.0 192.168.102.1 + ! +end @@ -348,69 +350,69 @@ write_files: false - #cloud-config -bootcmd: -- ln -s -t /etc/rc.d /etc/rc.local -hostname: Server-B -manage_etc_hosts: true -runcmd: -- start ttyS0 -- systemctl start getty@ttyS0.service -- systemctl start rc-local -- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config -- echo "UseDNS no" >> /etc/ssh/sshd_config -- service ssh restart -- service sshd restart -users: -- default -- gecos: User configured by VIRL Configuration Engine 0.18.9 - lock-passwd: false - name: cisco - plain-text-passwd: cisco - shell: /bin/bash - ssh-authorized-keys: - - VIRL-USER-SSH-PUBLIC-KEY - sudo: ALL=(ALL) ALL -write_files: -- path: /etc/init/ttyS0.conf - owner: root:root - content: | - # ttyS0 - getty - # This service maintains a getty on ttyS0 from the point the system is - # started until it is shut down again. - start on stopped rc or RUNLEVEL=[12345] - stop on runlevel [!12345] - respawn - exec /sbin/getty -L 115200 ttyS0 vt102 - permissions: '0644' -- path: /etc/systemd/system/dhclient@.service - content: | - [Unit] - Description=Run dhclient on %i interface - After=network.target - [Service] - Type=oneshot - ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease - RemainAfterExit=yes - owner: root:root - permissions: '0644' -- path: /etc/rc.local - owner: root:root - permissions: '0755' - content: |- - #!/bin/sh -e - ifconfig eth1 up 192.168.2.200 netmask 255.255.255.0 - route del default - route add default gw 192.168.2.1 - exit 0 - -- path: /etc/resolv.conf - owner: root:root - permissions: '0644' - content: | - # ttyS0 - getty - # This service maintains a getty on ttyS0 from the point the system is - # started until it is shut down again. + #cloud-config +bootcmd: +- ln -s -t /etc/rc.d /etc/rc.local +hostname: Server-A +manage_etc_hosts: true +runcmd: +- start ttyS0 +- systemctl start getty@ttyS0.service +- systemctl start rc-local +- sed -i '/^\s*PasswordAuthentication\s\+no/d' /etc/ssh/sshd_config +- echo "UseDNS no" >> /etc/ssh/sshd_config +- service ssh restart +- service sshd restart +users: +- default +- gecos: User configured by VIRL Configuration Engine 0.18.9 + lock-passwd: false + name: cisco + plain-text-passwd: cisco + shell: /bin/bash + ssh-authorized-keys: + - VIRL-USER-SSH-PUBLIC-KEY + sudo: ALL=(ALL) ALL +write_files: +- path: /etc/init/ttyS0.conf + owner: root:root + content: | + # ttyS0 - getty + # This service maintains a getty on ttyS0 from the point the system is + # started until it is shut down again. + start on stopped rc or RUNLEVEL=[12345] + stop on runlevel [!12345] + respawn + exec /sbin/getty -L 115200 ttyS0 vt102 + permissions: '0644' +- path: /etc/systemd/system/dhclient@.service + content: | + [Unit] + Description=Run dhclient on %i interface + After=network.target + [Service] + Type=oneshot + ExecStart=/sbin/dhclient %i -pf /var/run/dhclient.%i.pid -lf /var/lib/dhclient/dhclient.%i.lease + RemainAfterExit=yes + owner: root:root + permissions: '0644' +- path: /etc/rc.local + owner: root:root + permissions: '0755' + content: |- + #!/bin/sh -e + ifconfig eth1 up 192.168.2.200 netmask 255.255.255.0 + route del default + route add default gw 192.168.2.1 + exit 0 + +- path: /etc/resolv.conf + owner: root:root + permissions: '0644' + content: | + # ttyS0 - getty + # This service maintains a getty on ttyS0 from the point the system is + # started until it is shut down again. nameserver 8.8.8.8