Конфигурации устройств

RT.MSK

system {
    host-name RT.MSK.M34;
    root-authentication {
        encrypted-password "$1$qJWadfgn$miUUR35MmW7coGaM.PoV20"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 5;             
        }
    }
}
interfaces {
    interface-range to_m9 {
        member-range ge-0/0/4 to ge-0/0/5;
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/0 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/1 {
        unit 0 {
            family inet {
                address 8.0.0.3/31;
            }
        }
    }
    ae0 {                               
        description RT.MSK.M34;
        aggregated-ether-options {
            lacp {
                active;
                periodic fast;
            }
        }
        unit 0 {
            family inet {
                address 10.1.1.0/31;
            }
        }
    }
    ae1 {
        description RT.MSK.M9;
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.1.1.2/31;    
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.1.1.200/32;
            }
        }
    }
}
routing-options {
    generate {
        route 0.0.0.0/0 policy Contributes_For_Gateway;
    }
    autonomous-system 65001;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {                               
        import BGPimport;
        group eBGP {
            type external;
            metric-out igp;
            import [ 9000:666-import BGPimport ];
            export 9000:666-export;
            neighbor 8.0.0.2 {
                peer-as 8000;
            }
        }
        group intra-Sub-AS {
            type internal;
            local-address 10.1.1.200;
            import [ 9000:666-import BGPimport ];
            export [ next-hop-self Gateway_to_iBGP ];
            multipath;
            neighbor 10.1.1.201;
            neighbor 10.1.1.202;
        }
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {                  
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface lo0.0 {
                passive;
            }
        }
    }
}
policy-options {
    prefix-list private {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }
    policy-statement 9000:666-export {  
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            community add Blackhole-Uplinks;
            accept;
        }
    }
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement BGPimport {
        from {
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement Contributes_For_Gateway {
        term 1 {
            from {
                route-filter 40.0.0.0/8 orlonger;
            }
            then reject;
        }
        term 2 {
            from {
                protocol bgp;
                route-type external;
            }
            then accept;
        }
        then reject;
    }
    policy-statement Gateway_to_iBGP {
        from {
            protocol aggregate;         
            route-filter 0.0.0.0/0 exact;
        }
        then accept;
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;
        }
    }
    policy-statement next-hop-self {
        from {
            protocol bgp;
            route-type external;
        }
        then {
            next-hop self;
        }
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

system {
    host-name RT.MSK.M8;
    root-authentication {
        encrypted-password "$1$nbK7gN3Q$anrxKHm7EMi1CZtK1T5p/0"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 5;             
        }
    }
}
interfaces {
    interface-range to_m9 {
        member-range ge-0/0/2 to ge-0/0/3;
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/0 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/4 {
        unit 0 {
            family inet {
                address 8.0.0.1/31;
            }
        }
    }
    ae0 {                               
        description RT.MSK.M34;
        aggregated-ether-options {
            lacp {
                passive;
            }
        }
        unit 0 {
            family inet {
                address 10.1.1.1/31;
            }
        }
    }
    ae1 {
        description RT.MSK.M9;
        aggregated-ether-options {
            lacp {
                passive;
            }
        }
        unit 0 {
            family inet {
                address 10.1.1.4/31;
            }                           
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.1.1.201/32;
            }
        }
    }
}
routing-options {
    generate {
        route 0.0.0.0/0 policy Contributes_For_Gateway;
    }
    autonomous-system 65001;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        import BGPimport;               
        group eBGP {
            type external;
            metric-out igp;
            import [ 9000:666-import BGPimport ];
            export 9000:666-export;
            neighbor 8.0.0.0 {
                peer-as 8000;
            }
        }
        group intra-Sub-AS {
            type internal;
            local-address 10.1.1.201;
            import [ 9000:666-import BGPimport ];
            export [ next-hop-self Gateway_to_iBGP ];
            multipath;
            neighbor 10.1.1.200;
            neighbor 10.1.1.202;
        }
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface ae0.0 {           
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface lo0.0 {
                passive;
            }
        }
    }
}
policy-options {
    prefix-list private {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }
    policy-statement 9000:666-export {
        from {                          
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            community add Blackhole-Uplinks;
            accept;
        }
    }
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement BGPimport {
        from {
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement Contributes_For_Gateway {
        term 1 {
            from {
                route-filter 40.0.0.0/8 orlonger;
            }
            then reject;
        }
        term 2 {
            from {
                protocol bgp;
                route-type external;
            }
            then reject;
        }
    }
    policy-statement Gateway_to_iBGP {
        from {
            protocol aggregate;
            route-filter 0.0.0.0/0 exact;
        }                               
        then accept;
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;
        }
    }
    policy-statement next-hop-self {
        from {
            protocol bgp;
            route-type external;
        }
        then {
            next-hop self;
        }
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

system {
    host-name RT.MSK.M9;
    root-authentication {
        encrypted-password "$1$FJtfts6M$BpKv8KKdCG5u1kyhy3t2c/"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 5;             
        }
    }
}
interfaces {
    interface-range to_m34 {
        member-range ge-0/0/4 to ge-0/0/5;
        gigether-options {
            802.3ad ae0;
        }
    }
    interface-range to_m8 {
        member-range ge-0/0/2 to ge-0/0/3;
        gigether-options {
            802.3ad ae1;
        }
    }
    interface-range to_stl {
        member-range ge-0/0/0 to ge-0/0/1;
        gigether-options {
            802.3ad ae2;
        }
    }
    interface-range to_obv {            
        member-range ge-0/0/6 to ge-0/0/7;
        gigether-options {
            802.3ad ae3;
        }
    }
    ae0 {
        description RT.MSK.M34;
        aggregated-ether-options {
            lacp {
                passive;
            }
        }
        unit 0 {
            family inet {
                address 10.1.1.3/31;
            }
        }
    }
    ae1 {
        description RT.MSK.M8;
        aggregated-ether-options {
            lacp {
                active;                 
            }
        }
        unit 0 {
            family inet {
                address 10.1.1.5/31;
            }
        }
    }
    ae2 {
        description RT.SPB.STL;
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.0/31;
            }
        }
    }
    ae3 {
        description RT.SPB.OBV;         
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.2/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.1.1.202/32;
            }
        }
    }
}
routing-options {
    autonomous-system 65001;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {                  
        export LoadBalancing;
    }
}
protocols {
    bgp {
        group intra-Sub-AS {
            type internal;
            local-address 10.1.1.202;
            import 9000:666-import;
            multipath;
            neighbor 10.1.1.201;
            neighbor 10.1.1.200;
        }
        group inter-Sub-AS {
            type external;
            import 9000:666-import;
            peer-as 65002;
            multipath;
            neighbor 10.0.0.1;
            neighbor 10.0.0.3;
        }
    }
    ospf {                              
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface lo0.0 {
                passive;
            }
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae2.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae3.0 {
                interface-type p2p;
                hello-interval 2;       
                dead-interval 10;
            }
        }
    }
}
policy-options {
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;
        }
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

RT.SPB

system {
    host-name RT.SPB.STL;
    root-authentication {
        encrypted-password "$1$8G6X1vds$P9xsK7Qc..W9pOWA/2RRr1"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 4;             
        }
    }
}
interfaces {
    ge-0/0/0 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/1 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/2 {
        gigether-options {
            802.3ad ae2;
        }
    }
    ge-0/0/3 {
        gigether-options {
            802.3ad ae2;
        }                               
    }
    ge-0/0/4 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/5 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ae0 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.10/31;
            }
        }
    }                                   
    ae1 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.5/31;
            }
        }
    }
    ae2 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.1/31;
            }
        }                               
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.0.0.200/32;
            }
        }
    }
}
routing-options {
    autonomous-system 65002;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        group inter-Sub-AS {
            type external;
            import 9000:666-import;
            peer-as 65001;
            multipath;                  
            neighbor 10.0.0.0;
        }
        group rr-client {
            type internal;
            local-address 10.0.0.200;
            import 9000:666-import;
            multipath;
            neighbor 10.0.0.201;
            neighbor 10.0.0.204;
        }
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;       
            }
            interface ae2.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface lo0.0 {
                passive;
            }
        }
    }
}
policy-options {
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }                                   
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;
        }
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

system {
    host-name RT.SPB.OBV;
    root-authentication {
        encrypted-password "$1$bS51COvq$OQBsqg3hOj8Edx9SeOjON0"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 5;             
        }
    }
}
interfaces {
    ge-0/0/0 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/1 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/2 {
        gigether-options {
            802.3ad ae3;
        }
    }
    ge-0/0/3 {
        gigether-options {
            802.3ad ae3;
        }                               
    }
    ge-0/0/4 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/5 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/6 {
        gigether-options {
            802.3ad ae2;
        }
    }
    ge-0/0/7 {
        gigether-options {
            802.3ad ae2;
        }
    }
    ge-0/0/8 {
        gigether-options {              
            802.3ad ae2;
        }
    }
    ae0 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.4/31;
            }
        }
    }
    ae1 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {               
                address 10.0.0.6/31;
            }
        }
    }
    ae2 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.8/31;
            }
        }
    }
    ae3 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {                        
            family inet {
                address 10.0.0.3/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.0.0.201/32;
            }
        }
    }
}
routing-options {
    autonomous-system 65002;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        group inter-Sub-AS {            
            type external;
            import 9000:666-import;
            peer-as 65001;
            multipath;
            neighbor 10.0.0.2;
        }
        group rr-BGP {
            type internal;
            local-address 10.0.0.201;
            import 9000:666-import;
            cluster 10.0.0.201;
            multipath;
            neighbor 10.0.0.203;
            neighbor 10.0.0.200;
            neighbor 10.0.0.204;
        }
        group rr-client {
            type internal;
            local-address 10.0.0.201;
            import 9000:666-import;
            multipath;
            neighbor 10.0.0.202;
        }                               
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae2.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae3.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;       
            }
            interface lo0.0 {
                passive;
            }
        }
    }
}
policy-options {
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;
        }                               
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

system {
    host-name RT.SPB.MIR;
    root-authentication {
        encrypted-password "$1$MjqMjRN6$w/hRo5mqGBNHuOCukxOGO0"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 4;             
        }
    }
}
interfaces {
    ge-0/0/0 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/1 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/2 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/3 {
        gigether-options {
            802.3ad ae1;
        }                               
    }
    ge-0/0/4 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/5 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/6 {
        gigether-options {
            802.3ad ae2;
        }
    }
    ge-0/0/7 {
        gigether-options {
            802.3ad ae2;
        }
    }
    ge-0/0/8 {
        unit 0 {                        
            family inet {
                address 192.168.88.100/24;
            }
        }
    }
    ge-0/0/9 {
        flexible-vlan-tagging;
        encapsulation flexible-ethernet-services;
        unit 10 {
            vlan-id 1;
            family inet {
                address 200.0.0.1/25;
            }
        }
        unit 20 {
            vlan-id 2;
            family inet {
                address 200.0.0.129/25;
            }
        }
    }
    ae0 {
        aggregated-ether-options {      
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.9/31;
            }
        }
    }
    ae1 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.12/31;
            }
        }
    }
    ae2 {                               
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.2.2.0/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.0.0.202/32;
            }
        }
    }
}
routing-options {
    aggregate {
        route 200.0.0.0/24;
    }                                   
    autonomous-system 65002;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        export aggregate-export;
        group inter-Sub-AS {
            type external;
            import 9000:666-import;
            peer-as 65003;
            multipath;
            neighbor 10.2.2.1;
        }
        group rr-BGP {
            type internal;
            local-address 10.0.0.202;
            import 9000:666-import;
            cluster 10.0.0.202;
            multipath;
            neighbor 10.0.0.201;        
            neighbor 10.0.0.204;
        }
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface lo0.0 {
                passive;
            }
            interface ae2.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;       
            }
        }
        area 200.0.0.0 {
            interface ge-0/0/9.10 {
                passive;
            }
        }
        area 200.0.0.128 {
            interface ge-0/0/9.20 {
                passive;
            }
        }
    }
}
policy-options {
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;                     
        }
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;
        }
    }
    policy-statement aggregate-export {
        from {
            protocol aggregate;
            route-filter 200.0.0.0/24 exact;
        }
        then accept;
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

system {
    host-name RT.SPB.K12;
    root-authentication {
        encrypted-password "$1$pgjyDau2$33uf4KZUU6I4FP9QYBbab."; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 3;             
        }
    }
}
interfaces {
    ge-0/0/0 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/1 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/2 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/3 {
        gigether-options {
            802.3ad ae1;
        }                               
    }
    ge-0/0/4 {
        unit 0 {
            family inet {
                address 9.1.1.1/31;
            }
        }
    }
    ge-0/0/5 {
        unit 0 {
            family inet {
                address 9.2.2.3/31;
            }
        }
    }
    ae0 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {               
                address 10.0.0.11/31;
            }
        }
    }
    ae1 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.14/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.0.0.203/32;
            }
        }
    }                                   
}
routing-options {
    generate {
        route 0.0.0.0/0 policy Contributes_For_Gateway;
    }
    autonomous-system 65002;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        import BGPimport;
        group eBGP {
            type external;
            import [ 9000:666-import BGPimport ];
            export 9000:666-export;
            neighbor 9.2.2.2 {
                peer-as 9002;
            }
            neighbor 9.1.1.0 {
                peer-as 9001;           
            }
        }
        group rr-client {
            type internal;
            local-address 10.0.0.203;
            import 9000:666-import;
            export [ next-hop-self Gateway_to_iBGP ];
            multipath;
            neighbor 10.0.0.201;
            neighbor 10.0.0.204;
        }
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;       
                dead-interval 10;
            }
            interface lo0.0 {
                passive;
            }
        }
    }
}
policy-options {
    prefix-list private {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }
    policy-statement 9000:666-export {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            community add Blackhole-Uplinks;
            accept;
        }                               
    }
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement BGPimport {
        from {
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement Contributes_For_Gateway {
        term 1 {
            from {
                route-filter 40.0.0.0/8 orlonger;
            }
            then reject;
        }
        term 2 {
            from {
                protocol bgp;
                route-type external;
            }
            then accept;
        }
        then reject;
    }
    policy-statement Gateway_to_iBGP {
        from {
            protocol aggregate;
            route-filter 0.0.0.0/0 exact;
        }
        then accept;
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;    
        }
    }
    policy-statement next-hop-self {
        from {
            protocol bgp;
            route-type external;
        }
        then {
            next-hop self;
        }
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

system {
    host-name RT.SPB.LNX;
    root-authentication {
        encrypted-password "$1$.0l/0YqG$0TvcL6l0O5aRhvlalmC.t."; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 5;             
        }
    }
}
interfaces {
    ge-0/0/0 {
        gigether-options {
            802.3ad ae3;
        }
    }
    ge-0/0/1 {
        gigether-options {
            802.3ad ae3;
        }
    }
    ge-0/0/2 {
        gigether-options {
            802.3ad ae2;
        }
    }
    ge-0/0/3 {
        gigether-options {
            802.3ad ae2;
        }                               
    }
    ge-0/0/4 {
        gigether-options {
            802.3ad ae2;
        }
    }
    ge-0/0/5 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/6 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/7 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/8 {
        gigether-options {              
            802.3ad ae1;
        }
    }
    ae0 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.15/31;
            }
        }
    }
    ae1 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {               
                address 10.2.2.2/31;
            }
        }
    }
    ae2 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.0.0.13/31;
            }
        }
    }
    ae3 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {                        
            family inet {
                address 10.0.0.7/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.0.0.204/32;
            }
        }
    }
}
routing-options {
    autonomous-system 65002;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        group inter-Sub-AS {            
            type external;
            import 9000:666-import;
            peer-as 65003;
            multipath;
            neighbor 10.2.2.3;
        }
        group rr-client {
            type internal;
            local-address 10.0.0.204;
            import 9000:666-import;
            multipath;
            neighbor 10.0.0.202;
        }
        group rr-BGP {
            type internal;
            local-address 10.0.0.204;
            import 9000:666-import;
            cluster 10.0.0.201;
            multipath;
            neighbor 10.0.0.201;
            neighbor 10.0.0.203;
            neighbor 10.0.0.200;
        }                               
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae2.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae3.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface lo0.0 {
                passive;
            }
            interface ae1.0 {           
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
        }
    }
}
policy-options {
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;
        }                               
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

RT.[IKT/EKB/VVK]

system {
    host-name RT.IKT.MRK;
    root-authentication {
        encrypted-password "$1$jKIWptB2$p8Yi.awlie5ciBwPTq6KN1"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 4;             
        }
    }
}
interfaces {
    ge-0/0/0 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/1 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/2 {
        gigether-options {
            802.3ad ae2;
        }
    }
    ge-0/0/3 {
        gigether-options {
            802.3ad ae2;
        }                               
    }
    ge-0/0/4 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ae0 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.2.2.3/31;
            }
        }
    }
    ae1 {
        aggregated-ether-options {
            lacp {
                active;
            }                           
        }
        unit 0 {
            family inet {
                address 10.2.2.6/31;
            }
        }
    }
    ae2 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.2.2.4/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.2.2.200/32;  
            }
        }
    }
}
routing-options {
    autonomous-system 65003;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        group intra-Sub-AS {
            type internal;
            local-address 10.2.2.200;
            import 9000:666-import;
            multipath;
            neighbor 10.2.2.201;
            neighbor 10.2.2.202;
        }
        group inter-Sub-AS {
            type external;              
            import 9000:666-import;
            peer-as 65002;
            multipath;
            neighbor 10.2.2.2;
        }
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae2.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;       
            }
            interface lo0.0 {
                passive;
            }
        }
    }
}
policy-options {
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;
        }                               
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

system {
    host-name RT.EKB.LEN;
    root-authentication {
        encrypted-password "$1$l1YIZcR/$UkzBKTYRUz7bhSzZ3QtrG."; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 4;             
        }
    }
}
interfaces {
    ge-0/0/0 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/1 {
        gigether-options {
            802.3ad ae0;
        }
    }
    ge-0/0/2 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/3 {
        gigether-options {
            802.3ad ae1;
        }                               
    }
    ge-0/0/4 {
        gigether-options {
            802.3ad ae2;
        }
    }
    ae0 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.2.2.1/31;
            }
        }
    }
    ae1 {
        aggregated-ether-options {
            lacp {
                active;
            }                           
        }
        unit 0 {
            family inet {
                address 10.2.2.5/31;
            }
        }
    }
    ae2 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.2.2.9/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.2.2.201/32;  
            }
        }
    }
}
routing-options {
    autonomous-system 65003;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        group intra-Sub-AS {
            type internal;
            local-address 10.2.2.201;
            import 9000:666-import;
            multipath;
            neighbor 10.2.2.200;
            neighbor 10.2.2.202;
        }
        group inter-Sub-AS {
            type external;              
            import 9000:666-import;
            peer-as 65002;
            multipath;
            neighbor 10.2.2.0;
        }
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface lo0.0 {
                passive;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae2.0 {           
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
        }
    }
}
policy-options {
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;
        }                               
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
}

system {
    host-name RT.VVK.NOV;
    root-authentication {
        encrypted-password "$1$vu439Pis$lEdgCwT5Xcj7ATQMxcs5m/"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
chassis {
    aggregated-devices {
        ethernet {
            device-count 3;             
        }
    }
}
interfaces {
    inactive: ge-0/0/0 {
        unit 0 {
            family inet {
                address 192.168.0.1/24;
                address 9.1.1.3/31;
            }
        }
    }
    inactive: ge-0/0/1 {
        unit 0 {
            family inet {
                address 9.2.2.1/31;
            }
        }
    }
    ge-0/0/2 {
        gigether-options {
            802.3ad ae0;
        }                               
    }
    ge-0/0/3 {
        gigether-options {
            802.3ad ae1;
        }
    }
    ge-0/0/9 {
        unit 0 {
            family inet {
                filter {
                    input to-101.0.0.0;
                }
                address 50.0.0.0/31;
            }
        }
    }
    ae0 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {                        
            family inet {
                address 10.2.2.7/31;
            }
        }
    }
    ae1 {
        aggregated-ether-options {
            lacp {
                active;
            }
        }
        unit 0 {
            family inet {
                address 10.2.2.8/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 10.2.2.202/32;
            }
        }                               
    }
}
routing-options {
    interface-routes {
        rib-group inet ip-transit-group;
    }
    generate {
        route 0.0.0.0/0 policy Contributes_For_Gateway;
    }
    rib-groups {
        ip-transit-group {
            import-rib [ inet.0 101.0.0.0-reroute.inet.0 ];
        }
    }
    autonomous-system 65003;
    confederation 9000 members [ 65001 65002 65003 ];
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        import BGPimport;               
        group eBGP {
            type external;
            import [ 9000:666-import BGPimport Attr-BGP ];
            export 9000:666-export;
            neighbor 9.2.2.0 {
                peer-as 9002;
            }
            neighbor 9.1.1.2 {
                peer-as 9001;
            }
        }
        group intra-Sub-AS {
            type internal;
            local-address 10.2.2.202;
            import 9000:666-import;
            export [ next-hop-self Gateway_to_iBGP ];
            multipath;
            neighbor 10.2.2.200;
            neighbor 10.2.2.201;
        }
        group ip-transit {
            type external;
            import [ 9000:666-import BGPimport ];
            export BGPclient-export;
            neighbor 50.0.0.1 {
                peer-as 500;
            }
        }
    }
    ospf {
        reference-bandwidth 1g;
        area 0.0.0.0 {
            interface ae0.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface ae1.0 {
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
            interface lo0.0 {
                passive;
            }
            interface ae2.0 {           
                interface-type p2p;
                hello-interval 2;
                dead-interval 10;
            }
        }
    }
}
policy-options {
    prefix-list private {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }
    policy-statement 9000:666-export {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            community add Blackhole-Uplinks;
            accept;
        }
    }                                   
    policy-statement 9000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement Attr-BGP {
        term localpref {
            from {
                next-hop 9.2.2.0;
                route-filter 102.0.0.0/24 exact;
            }
            then {
                local-preference 200;
                accept;
            }
        }
    }
    policy-statement BGPclient-export { 
        term export-default {
            from {
                route-filter 0.0.0.0/0 exact;
                condition if-101.0.0.0-exists;
            }
            then accept;
        }
        term reject-other {
            then reject;
        }
    }
    policy-statement BGPimport {
        from {
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement Contributes_For_Gateway {
        term 1 {
            from {
                route-filter 40.0.0.0/8 orlonger;
            }
            then reject;
        }
        term 2 {
            from {
                protocol bgp;
                route-type external;
            }
            then accept;
        }
        then reject;
    }
    policy-statement Gateway_to_iBGP {
        from {
            protocol aggregate;
            route-filter 0.0.0.0/0 exact;
        }
        then accept;
    }
    policy-statement LoadBalancing {
        from protocol [ bgp ospf ];
        then {
            load-balance per-packet;    
        }
    }
    policy-statement next-hop-self {
        from {
            protocol bgp;
            route-type external;
        }
        then {
            next-hop self;
        }
    }
    community Blackhole members 9000:666;
    community Blackhole-Uplinks members [ 9001:666 9002:666 8000:666 8001:666 ];
    condition if-101.0.0.0-exists {
        if-route-exists {
            101.0.0.0/24;
            table inet.0;
        }
    }
}
firewall {
    filter to-101.0.0.0 {
        term 1 {                        
            from {
                source-address {
                    40.0.0.0/24;
                }
                destination-address {
                    101.0.0.0/24;
                }
            }
            then {
                routing-instance 101.0.0.0-reroute;
            }
        }
        term default {
            then accept;
        }
    }
}
routing-instances {
    101.0.0.0-reroute {
        instance-type forwarding;
        routing-options {
            static {
                route 0.0.0.0/0 next-hop 9.2.2.0;
            }
        }
    }
}

Uplinks and Client

system {
    host-name AS8000;
    root-authentication {
        encrypted-password "$1$tUg9Q5YH$W.lEdnFPxGPNDmiqnFFet0"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    ge-0/0/1 {
        unit 0 {
            family inet {               
                address 8.0.0.2/31;
            }
        }
    }
    ge-0/0/2 {
        unit 0 {
            family inet {
                address 8.1.1.1/31;
            }
        }
    }
    ge-0/0/4 {
        unit 0 {
            family inet {
                address 8.0.0.0/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 100.0.0.1/32;
            }                           
        }
    }
}
routing-options {
    static {
        route 100.0.0.0/24 discard;
        route 100.0.1.0/25 discard;
        route 8.0.0.0/16 discard;
    }
    autonomous-system 8000;
    forwarding-table {
        export LoadBalancing;
    }
}
protocols {
    bgp {
        import [ 8000:666-import BGPimport ];
        export [ exportBGP 8000:666-export ];
        group eBGP {
            type external;
            multipath;
            neighbor 8.0.0.3 {
                peer-as 9000;           
            }
            neighbor 8.0.0.1 {
                peer-as 9000;
            }
            neighbor 8.1.1.0 {
                peer-as 8001;
            }
        }
    }
}
policy-options {
    prefix-list private {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }
    policy-statement 8000:666-export {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            community add Blackhole-Uplinks;
            accept;
        }
    }
    policy-statement 8000:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement BGPimport {
        from {
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement LoadBalancing {
        from {                          
            route-filter 40.0.0.0/24 exact;
        }
        then {
            load-balance per-packet;
        }
    }
    policy-statement exportBGP {
        from {
            protocol static;
            route-filter 100.0.0.0/8 upto /25;
            route-filter 8.0.0.0/16 exact;
        }
        then accept;
    }
    community Blackhole members 8000:666;
    community Blackhole-Uplinks members [ 9000:666 9002:666 8001:666 9001:666 ];
}

system {
    host-name AS8001;
    root-authentication {
        encrypted-password "$1$ncSO8mXX$cn24/6plpiMBcduowTmL.1"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    ge-0/0/2 {
        unit 0 {
            family inet {               
                address 8.1.1.0/31;
            }
        }
    }
    ge-0/0/3 {
        unit 0 {
            family inet {
                address 8.1.1.2/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 101.0.0.1/32;
            }
        }
    }
}
routing-options {
    static {
        route 101.0.0.0/24 discard;
        route 8.1.0.0/16 discard;       
    }
    autonomous-system 8001;
}
protocols {
    bgp {
        import [ 8001:666-import BGPimport ];
        export [ exportBGP 8001:666-export ];
        group eBGP {
            type external;
            neighbor 8.1.1.1 {
                peer-as 8000;
            }
            neighbor 8.1.1.3 {
                peer-as 9001;
            }
        }
    }
}
policy-options {
    prefix-list private {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;                 
    }
    policy-statement 8001:666-export {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            community add Blackhole-Uplinks;
            accept;
        }
    }
    policy-statement 8001:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement BGPimport {
        from {                          
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement exportBGP {
        from {
            protocol static;
            route-filter 8.1.0.0/16 exact;
            route-filter 101.0.0.0/8 upto /24;
        }
        then {
            origin incomplete;
            accept;
        }
    }
    community Blackhole members 8001:666;
    community Blackhole-Uplinks members [ 9000:666 9002:666 8000:666 9001:666 ];
}

system {
    host-name AS9001;
    root-authentication {
        encrypted-password "$1$MOsRKjEj$U5BJxGpiTEpPbxipCKXE4/"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            family inet {               
                address 9.1.1.2/31;
            }
        }
    }
    ge-0/0/1 {
        unit 0 {
            family inet {
                address 9.2.2.5/31;
            }
        }
    }
    ge-0/0/2 {
        unit 0 {
            family inet {
                address 9.2.2.7/31;
            }
        }
    }
    ge-0/0/3 {
        unit 0 {
            family inet {
                address 8.1.1.3/31;
            }                           
        }
    }
    ge-0/0/4 {
        unit 0 {
            family inet {
                address 9.1.1.0/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 102.0.0.1/32;
            }
        }
    }
}
routing-options {
    static {
        route 102.0.0.0/24 discard;
        route 9.1.0.0/16 discard;
    }
    autonomous-system 9001;             
}
protocols {
    bgp {
        import [ 9001:666-import BGPimport ];
        export [ exportBGP 9001:666-export ];
        group eBGP {
            type external;
            neighbor 8.1.1.2 {
                peer-as 8001;
            }
            neighbor 9.1.1.1 {
                peer-as 9000;
            }
            neighbor 9.1.1.3 {
                peer-as 9000;
            }
            neighbor 9.2.2.4 {
                peer-as 9002;
            }
            neighbor 9.2.2.6 {
                peer-as 9002;
            }
        }                               
    }
}
policy-options {
    prefix-list private {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }
    policy-statement 9001:666-export {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            community add Blackhole-Uplinks;
            accept;
        }
    }
    policy-statement 9001:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }                               
        then {
            next-hop discard;
            accept;
        }
    }
    policy-statement BGPimport {
        from {
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement exportBGP {
        from {
            protocol static;
            route-filter 102.0.0.0/8 upto /24;
            route-filter 9.1.0.0/16 exact;
        }
        then accept;
    }
    community Blackhole members 9001:666;
    community Blackhole-Uplinks members [ 9000:666 9002:666 8000:666 8001:666 ];
}

system {
    host-name AS9002-1;
    root-authentication {
        encrypted-password "$1$FEI2W1Qz$5LF4sJOUA5B8H38pTIt9i/"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            family inet {               
                address 192.168.0.0/31;
            }
        }
    }
    ge-0/0/1 {
        unit 0 {
            family inet {
                address 9.2.2.4/31;
            }
        }
    }
    ge-0/0/5 {
        unit 0 {
            family inet {
                address 9.2.2.2/31;
            }
        }
    }
}
routing-options {
    static {
        route 9.2.0.0/16 discard;
    }                                   
    autonomous-system 9002;
}
protocols {
    bgp {
        import [ 9002:666-import BGPimport ];
        export [ exportBGP 9002:666-export ];
        group eBGP {
            type external;
            neighbor 9.2.2.5 {
                peer-as 9001;
            }
            neighbor 9.2.2.3 {
                peer-as 9000;
            }
        }
        group iBGP {
            type internal;
            neighbor 192.168.0.1;
        }
    }
}
policy-options {
    prefix-list private {               
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }
    policy-statement 9002:666-export {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            community add Blackhole-Uplinks;
            accept;
        }
    }
    policy-statement 9002:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;
        }                               
    }
    policy-statement BGPimport {
        from {
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement exportBGP {
        from {
            protocol static;
            route-filter 9.2.0.0/16 exact;
        }
        then accept;
    }
    community Blackhole members 9002:666;
    community Blackhole-Uplinks members [ 9002:666 8000:666 8001:666 9001:666 ];
}

system {
    host-name AS9002-2;
    root-authentication {
        encrypted-password "$1$bvln5wmj$V41CjbvAFHVV2ML7ZXwbE0"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            family inet {               
                address 192.168.0.1/31;
            }
        }
    }
    ge-0/0/1 {
        unit 0 {
            family inet {
                address 9.2.2.0/31;
            }
        }
    }
    ge-0/0/2 {
        unit 0 {
            family inet {
                address 9.2.2.6/31;
            }
        }
    }
}
routing-options {
    static {
        route 9.2.0.0/16 discard;
    }                                   
    autonomous-system 9002;
}
protocols {
    bgp {
        import [ 9002:666-import BGPimport ];
        export [ exportBGP 9002:666-export ];
        group eBGP {
            type external;
            neighbor 9.2.2.7 {
                peer-as 9001;
            }
            neighbor 9.2.2.1 {
                peer-as 9000;
            }
        }
        group iBGP {
            type internal;
            import [ 9002:666-import BGPimport ];
            neighbor 192.168.0.0;
        }
    }
}
policy-options {                        
    prefix-list private {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }
    policy-statement 9002:666-export {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            community add Blackhole-Uplinks;
            accept;
        }
    }
    policy-statement 9002:666-import {
        from {
            community Blackhole;
            route-filter 0.0.0.0/0 prefix-length-range /32-/32;
        }
        then {
            next-hop discard;
            accept;                     
        }
    }
    policy-statement BGPimport {
        from {
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement exportBGP {
        from {
            protocol static;
            route-filter 9.2.0.0/16 exact;
        }
        then accept;
    }
    community Blackhole members 9002:666;
    community Blackhole-Uplinks members [ 9002:666 8000:666 8001:666 9001:666 ];
}

system {
    host-name BGP-Client;
    root-authentication {
        encrypted-password "$1$.BIGm42G$m24NadW953bB1hHp.fMo1."; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            family inet {               
                address 50.0.0.1/31;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 40.0.0.1/32;
            }
        }
    }
}
routing-options {
    static {
        route 40.0.0.0/24 discard;
        route 40.0.0.2/32 {
            discard;
            tag 666;
        }
    }
    autonomous-system 500;
}
protocols {                             
    bgp {
        group ISP {
            type external;
            advertise-inactive;
            import BGPimport;
            export [ BGPexport Blackhole ];
            neighbor 50.0.0.0 {
                peer-as 9000;
            }
        }
    }
}
policy-options {
    prefix-list private {
        10.0.0.0/8;
        172.16.0.0/12;
        192.168.0.0/16;
    }
    policy-statement BGPexport {
        from {
            protocol static;
            route-filter 40.0.0.0/24 exact;
        }                               
        then accept;
    }
    policy-statement BGPimport {
        from {
            protocol bgp;
            route-filter 0.0.0.0/0 prefix-length-range /25-/32;
            prefix-list-filter private orlonger;
        }
        then reject;
    }
    policy-statement Blackhole {
        from {
            protocol static;
            tag 666;
        }
        then {
            community set Blackhole;
            accept;
        }
    }
    community Blackhole members 9000:666;
}

PreviousBGP Session Attributes NextПримечание (Router-ID)

Last updated 1 year ago

Was this helpful?

hashtagRT.MSK

hashtagRT.SPB

hashtagRT.[IKT/EKB/VVK]

hashtagUplinks and Client

RT.MSK

RT.SPB

RT.[IKT/EKB/VVK]

Uplinks and Client