forked from heyglen/network_tech
-
Notifications
You must be signed in to change notification settings - Fork 0
/
syntax_test_cisco_ace.cisco-ace
386 lines (326 loc) · 8.31 KB
/
syntax_test_cisco_ace.cisco-ace
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
# ace
! On Admin context
config-register 0x1
boot system image:image_name
write memory all
show running-config
reload
backup all
copy ftp://1.2.3.4/NAME.bin image:
dir NAME.bin
! On load-balancer-1
checkpoint create NAME
checkpoint delete NAME
checkpoint rollback NAME
copy running-config startup-config
copy running-config tftp://1.2.3.4/asdf
copy startup-config running-config
changeto context-1
ft switchover all
configure terminal
hostname lb01
exit
hostname lb01
parameter-map type connection PARAM_MAP
set tcp buffer-share 123
set tcp wan-optimization rtt 0
exit
context context-1
description blah blah
allocate-interface vlan 1
allocate-interface vlan 2
member BRONZE
exit
ft group 3
peer 1
priority 100
peer priority 50
associate-context context-1
inservice
exit
logging enable
logging standby
logging timestamp
logging trap 6
logging history 3
logging buffered 4
logging persistent 3
logging queue 4096
logging device-id string LB-NAME
logging host 1.2.3.4 udp/514
interface vlan 0
description Network Interface
ip address 1.2.3.4 255.255.255.0
peer ip address 1.2.3.4 255.255.255.0
access-group input NAME_ACL
no shutdown
exit
login timeout 10
tacacs-server key 7 "key"
tacacs-server host 1.2.3.4
tacacs-server host 1.2.3.4
aaa group server tacacs+ TACACS
server 1.2.3.4
server 1.2.3.4
exit
aaa authentication login default group TACACS local
resource-class SILVER
limit-resource all minimum 5.00 maximum unlimited
limit-resource acl-memory minimum 10.00 maximum unlimited
limit-resource conc-connections minimum 10.00 maximum unlimited
limit-resource mgmt-connections minimum 5.00 maximum unlimited
limit-resource rate bandwidth minimum 10.00 maximum unlimited
limit-resource rate connections minimum 10.00 maximum unlimited
limit-resource rate ssl-connections minimum 5.00 maximum unlimited
limit-resource rate mgmt-traffic minimum 5.00 maximum unlimited
exit
object-group network NAME
description blah
network-object host 1.2.3.4
group-object group_name
exit
object-group service NAME
description blah
port-object eq 42
port-object range 4 5
group-object group_name
exit
access-list ALLOW_STUFF line 1 extended permit ip any any
access-list ALLOW_STUFF line 1 extended permit tcp any any eq 1
access-list ALLOW_STUFF line 1 extended permit tcp any any neq 1
access-list ALLOW_STUFF line 1 extended permit tcp any any ge 1
access-list ALLOW_STUFF line 1 extended permit tcp any any gt 1
access-list ALLOW_STUFF line 1 extended permit tcp any any lt 1
access-list ALLOW_STUFF line 1 extended permit tcp any any le 1
access-list ALLOW_STUFF line 1 extended deny ip any any
access-list ALLOW_STUFF extended permit ip 1.2.3.4 255.255.255.0 any
access-list ALLOW_STUFF extended permit ip host 1.2.3.4 host 1.2.3.4
probe tcp NAME
description TCP Health Probe
open 20
port 1234
receive 20
interval 40
send-data hello-world
passdetect interval 30
passdetect count 2
faildetect 3
ip address 10.0.0.1 routed
ip address 2001:DB8:12::15 routed
exit
probe https HTTPS-NAME
open 20
receive 20
passdetect interval 30
passdetect count 2
ip address 10.0.0.1 routed
ip address 2001:DB8:12::15 routed
header Host header-value domain.root
port 80
ssl version all
request method get url /index.html
expect regex *hello* offset 20 cache 30
expect regex "hello world" offset 20 cache 30
expect status 200 200
hash
interval 40
faildetect 3
exit
probe http HTTP-NAME
description HTTP Health Probe
open 20
receive 20
passdetect interval 30
passdetect count 2
ip address 10.0.0.1 routed
ip address 2001:DB8:12::15 routed
header Host header-value domain.root
port 80
request method get url /index.html
expect regex *hello* offset 20 cache 30
expect regex "hello world" offset 20 cache 30
expect status 200 200
hash
interval 40
faildetect 3
exit
rserver host NAME
description hello
ip address 1.2.3.4
inservice
exit
rserver redirect NAME
description hello
inservice
exit
serverfarm host NAME
description
no probe
predictor roundrobin
predictor response app-req-to-resp
predictor response syn-to-close
predictor response syn-to-synack
predictor response syn-to-synack samples 20
predictor leastconns slowstart 60
probe NAME
rserver NAME 80
inservice
exit
rserver NAME
inservice
exit
exit
serverfarm redirect NAME
rserver NAME 80
inservice
exit
rserver NAME
inservice
exit
description
exit
sticky http-cookie domain.root http-cookie_name
description
timeout 60
replicate sticky
cookie offset 90 length 90
cookie insert browser-expire
cookie secondary name
static cookie-value value rserver name 90
serverfarm NAME
serverfarm NAME backup NAME
exit
sticky layer4-payload L4_PAYLOAD_GROUP
description
timeout 30
replicate sticky
serverfarm NAME
exit
sticky sip-header name1 name2
description
exit
sticky rtsp-header session RTSP_GROUP
description
exit
sticky radius framed-ip calling-station-id name
description
exit
sticky radius framed-ip username name
description
exit
sticky http-header name1 name2
description
timeout 30
replicate sticky
serverfarm NAME
exit
sticky http-content HTTP_CONTENT_GROUP
description
timeout 30
replicate sticky
static content value rserver name 80
content offset 10 length 20 begin-pattern expression1
serverfarm NAME
exit
sticky v6-prefix 64 address source STICKY1
description
timeout 30
replicate sticky
serverfarm NAME
exit
sticky ip-netmask 255.255.255.255 address source STICKY1
description
timeout 60
replicate sticky
serverfarm NAME
exit
class-map match-any L4-CLASS-1
description L4 Class 1
2 match virtual-address 1.2.3.4 any
match virtual-address 1.2.3.4 tcp any
match virtual-address 1.2.3.4 tcp eq 32
match virtual-address 1.2.3.4 tcp range 32 43
exit
class-map type http inspect match-any map_name
2 match content expression offset 2
match content length eq 4
4 match content length range 8 16
5 match header Host header-value domain.local
6 match url /index.html
exit
class-map type http loadbalance match-any CLASS-NAME_L7CLASS
2 match http header Host header-value VALUE
2 match http url /
exit
class-map type management match-any remote_access
2 match protocol xml-https source-address 1.2.3.0 255.255.255.0
3 match protocol icmp any
5 match protocol ssh source-address 1.2.3.0 255.255.255.0
7 match protocol https source-address 1.2.3.0 255.255.255.0
8 match protocol snmp source-address 1.2.3.0 255.255.255.0
9 match protocol snmp source-address 1.2.3.0 255.255.255.0
10 match protocol http source-address 1.2.3.0 255.255.255.0
exit
policy-map type management first-match NAME
class remote_access
permit
deny
exit
exit
policy-map type loadbalance first-match L7-POLICY-1
class class-default
sticky-serverfarm STICKY1
serverfarm NAME
serverfarm NAME backup NAME
action ACTION-LIST
ssl-proxy client SSL-CLIENT
drop
forward
exit
exit
policy-map multi-match L4-POLICY-1
description L4 POLICY-1
class L4-CLASS-1
loadbalance vip inservice
loadbalance policy L7-POLICY-1
loadbalance vip icmp-reply
loadbalance vip icmp-reply active
nat dynamic 1 vlan 2
appl-parameter http advanced-options APPL-PARAM
ssl-proxy server SSL-SERVER
connection advanced-options CONNECTION-OPTIONS_NAME
exit
exit
ssl-proxy service NAME
key NAME.key
cert NAME.crt
exit
interface vlan 2
description Network Interface
ip address 1.2.3.4 255.255.255.224
peer ip address 1.2.3.4 255.255.255.224
alias 1.2.3.4 255.255.255.0
access-group input ALLOW_ANY
nat-pool 29 1.2.3.4 1.2.3.4 netmask 255.255.255.255 pat
service-policy input L4-POLICY-1
service-policy input NAME
no shutdown
shutdown
exit
ip route 1.2.3.4 255.255.255.255 2.2.2.2
snmp-server contact "Someone"
snmp-server location "Here"
snmp-server community public group Network-Monitor
snmp-server host 1.2.3.4 traps version 2c public
snmp-server trap-source vlan 1
snmp-server enable traps slb vserver
snmp-server enable traps slb real
snmp-server enable traps syslog
snmp-server enable traps snmp linkup
snmp-server enable traps snmp linkdown
show ip route | include "SEARCH_TERM"
show ip route | begin "SEARCH_TERM"
show ip route | exclude "SEARCH_TERM"
show ip route | count
show ip route | more
logout