├── .gitignore ├── .gitlab-ci.yml ├── Ansible ├── Modules │ ├── commit-merge │ │ └── commit-merge-final-config.yml │ ├── generate │ │ └── generate-all-config-and-make-diff.yml │ ├── ios_modules │ │ ├── ios_backup.yaml │ │ ├── ios_backup_v2.yaml │ │ └── ios_command_ip_scp_server.yaml │ └── napalm │ │ └── napalm_get_facts.yaml ├── Python_scripts │ ├── NetBox_api │ │ └── test1.py │ └── generate_diff │ │ ├── generate-prod-diff.py │ │ └── generate-test-diff.py ├── Roles │ ├── FHRP │ │ └── glbp │ │ │ ├── tasks │ │ │ └── main.yml │ │ │ └── templates │ │ │ └── ios.j2 │ ├── VPN │ │ └── IPsec │ │ │ ├── tasks │ │ │ └── main.yml │ │ │ └── templates │ │ │ ├── asa.j2 │ │ │ ├── junos.j2 │ │ │ └── vyos.j2 │ ├── ZBF │ │ ├── tasks │ │ │ └── main.yml │ │ └── templates │ │ │ ├── junos.j2 │ │ │ └── junos_policies.j2 │ ├── basic_config │ │ ├── tasks │ │ │ └── main.yml │ │ └── templates │ │ │ ├── asa.j2 │ │ │ ├── ios.j2 │ │ │ ├── junos.j2 │ │ │ └── vyos.j2 │ ├── interfaces │ │ ├── tasks │ │ │ └── main.yml │ │ └── templates │ │ │ ├── asa.j2 │ │ │ ├── ios.j2 │ │ │ ├── ios_ROTS.j2 │ │ │ ├── ios_access.j2 │ │ │ ├── ios_l2_channel.j2 │ │ │ ├── ios_l2_to_l3.j2 │ │ │ ├── ios_trunk.j2 │ │ │ ├── junos.j2 │ │ │ └── vyos.j2 │ ├── interfaces_vlans │ │ ├── tasks │ │ │ └── main.yml │ │ └── templates │ │ │ └── ios.j2 │ ├── routing │ │ ├── ospfv2 │ │ │ ├── tasks │ │ │ │ └── main.yml │ │ │ └── templates │ │ │ │ ├── asa.j2 │ │ │ │ └── ios.j2 │ │ └── static │ │ │ ├── tasks │ │ │ └── main.yml │ │ │ └── templates │ │ │ ├── asa.j2 │ │ │ ├── ios.j2 │ │ │ ├── junos.j2 │ │ │ └── vyos.j2 │ ├── services │ │ ├── ACL │ │ │ ├── tasks │ │ │ │ └── main.yml │ │ │ └── templates │ │ │ │ └── asa.j2 │ │ ├── DHCP │ │ │ ├── tasks │ │ │ │ └── main.yml │ │ │ └── templates │ │ │ │ └── ios.j2 │ │ └── PAT │ │ │ ├── tasks │ │ │ └── main.yml │ │ │ └── templates │ │ │ ├── ios.j2 │ │ │ ├── junos.j2 │ │ │ └── vyos.j2 │ ├── stp │ │ ├── tasks │ │ │ └── main.yml │ │ └── templates │ │ │ └── ios.j2 │ └── vlans │ │ ├── tasks │ │ └── main.yml │ │ └── templates │ │ └── ios.j2 ├── ansible.cfg └── inventories │ ├── development │ ├── CONFIGS │ │ ├── BR1-AC1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-AC1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL.diff │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-AC2 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-AC3 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-AC4 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-CO1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-l2-to-l3.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-DIS1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-l2-to-l3.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── 5_interfaces-po-channel.conf │ │ │ ├── 6_glbp-config.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-DIS2 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-l2-to-l3.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── 5_interfaces-po-channel.conf │ │ │ ├── 6_glbp-config.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-ED1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 6_pat-service.conf │ │ │ ├── 9_static-routing.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-FW1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 5_ipsec-config.conf │ │ │ ├── 9_ACL-config.conf │ │ │ ├── 9_static-routing.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-SF1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-l2-to-l3.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── ISP │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── VyOS-BR1-ED1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 6_pat-service.conf │ │ │ ├── 8_ipsec-config.conf │ │ │ ├── 9_static-routing.conf │ │ │ ├── FINAL.diff │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ └── vSRX-BR2-FW1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 5_ipsec-config.conf │ │ │ ├── 6_pat-service.conf │ │ │ ├── 7_sec-policies-config.conf │ │ │ ├── 8_zbf-config.conf │ │ │ ├── 9_static-routing.conf │ │ │ ├── FINAL.diff │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ ├── Modules │ │ ├── PING │ │ │ └── ping.yaml │ │ ├── commit-merge │ │ │ ├── commit-merge-basic-config.yml │ │ │ └── commit-merge-final-config.yml │ │ ├── generate │ │ │ ├── generate-all-config-and-make-diff.yml │ │ │ ├── generate-all-config.yml │ │ │ └── generate-basic-config.yml │ │ ├── ios_modules │ │ │ ├── ios_backup.yaml │ │ │ ├── ios_backup_v2.yaml │ │ │ ├── ios_command_add_ntp_server.yaml │ │ │ ├── ios_command_save_config.yaml │ │ │ ├── ios_command_show.yaml │ │ │ └── ios_command_show_ntp.yaml │ │ ├── ios_napalm │ │ │ └── napalm_get_facts.yaml │ │ ├── junos_napalm │ │ │ └── napalm_get_facts.yaml │ │ ├── rollback.yml │ │ ├── vasa_napalm │ │ │ ├── asa_command.yaml │ │ │ └── napalm_get_facts.yaml │ │ └── vyos_napalm │ │ │ └── napalm_get_facts.yaml │ ├── Python_scripts │ │ └── vASA │ │ │ ├── NetmikoOperator.py │ │ │ └── asa_send_commands.py │ ├── Topologies │ │ ├── L1.png │ │ ├── L2.png │ │ ├── L3.png │ │ ├── MGMT_IP.png │ │ ├── Routing.png │ │ └── VPNs.png │ ├── group_vars │ │ ├── Cisco-ASA.yaml │ │ ├── Cisco.yaml │ │ ├── JunOS.yaml │ │ ├── VyOS.yaml │ │ └── all.yaml │ ├── host_vars │ │ ├── BR1-AC1.yaml │ │ ├── HQ-AC1.yaml │ │ ├── HQ-AC2.yaml │ │ ├── HQ-AC3.yaml │ │ ├── HQ-AC4.yaml │ │ ├── HQ-CO1.yaml │ │ ├── HQ-DIS1.yaml │ │ ├── HQ-DIS2.yaml │ │ ├── HQ-ED1.yaml │ │ ├── HQ-FW1.yaml │ │ ├── HQ-SF1.yaml │ │ ├── ISP.yaml │ │ ├── VyOS-BR1-ED1.yaml │ │ └── vSRX-BR2-FW1.yaml │ └── hosts │ ├── production │ ├── CONFIGS │ │ ├── BR1-AC1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-AC1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-AC2 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-AC3 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-AC4 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-access.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── HQ-CO1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-l2-to-l3.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-DIS1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-l2-to-l3.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── 5_interfaces-po-channel.conf │ │ │ ├── 6_glbp-config.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-DIS2 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 2_stp-config.conf │ │ │ ├── 3_vlans.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-l2-to-l3.conf │ │ │ ├── 4_interfaces-trunk.conf │ │ │ ├── 5_interfaces-po-channel.conf │ │ │ ├── 6_glbp-config.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-ED1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 6_pat-service.conf │ │ │ ├── 9_static-routing.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-FW1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 5_ipsec-config.conf │ │ │ ├── 9_ACL-config.conf │ │ │ ├── 9_static-routing.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── ospfv2-routing.conf │ │ ├── HQ-SF1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 4_interfaces-l2-to-l3.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ ├── FINAL_pre_DIFF.conf │ │ │ └── ospfv2-routing.conf │ │ ├── ISP │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── FINAL.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ ├── VyOS-BR1-ED1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 6_pat-service.conf │ │ │ ├── 8_ipsec-config.conf │ │ │ ├── 9_static-routing.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ │ └── vSRX-BR2-FW1 │ │ │ ├── 1_basic-config.conf │ │ │ ├── 4_interfaces-ip.conf │ │ │ ├── 5_ipsec-config.conf │ │ │ ├── 6_pat-service.conf │ │ │ ├── 7_sec-policies-config.conf │ │ │ ├── 8_zbf-config.conf │ │ │ ├── 9_static-routing.conf │ │ │ ├── FINAL_pre.conf │ │ │ └── FINAL_pre_DIFF.conf │ ├── Modules │ │ ├── PING │ │ │ └── ping.yaml │ │ ├── commit-merge │ │ │ ├── commit-merge-basic-config.yml │ │ │ └── commit-merge-final-config.yml │ │ ├── generate │ │ │ ├── generate-all-config-and-make-diff.yml │ │ │ ├── generate-all-config.yml │ │ │ └── generate-basic-config.yml │ │ ├── ios_modules │ │ │ ├── ios_backup.yaml │ │ │ ├── ios_backup_v2.yaml │ │ │ ├── ios_command_add_ntp_server.yaml │ │ │ ├── ios_command_save_config.yaml │ │ │ ├── ios_command_show.yaml │ │ │ └── ios_command_show_ntp.yaml │ │ ├── ios_napalm │ │ │ └── napalm_get_facts.yaml │ │ ├── junos_napalm │ │ │ └── napalm_get_facts.yaml │ │ ├── rollback.yml │ │ ├── vasa_napalm │ │ │ ├── asa_command.yaml │ │ │ └── napalm_get_facts.yaml │ │ └── vyos_napalm │ │ │ └── napalm_get_facts.yaml │ ├── Python_scripts │ │ └── vASA │ │ │ ├── NetmikoOperator.py │ │ │ └── asa_send_commands.py │ ├── Topologies │ │ ├── L1.png │ │ ├── L2.png │ │ ├── L3.png │ │ ├── MGMT_IP.png │ │ ├── Routing.png │ │ └── VPNs.png │ ├── group_vars │ │ ├── Cisco-ASA.yaml │ │ ├── Cisco.yaml │ │ ├── JunOS.yaml │ │ ├── VyOS.yaml │ │ └── all.yaml │ ├── host_vars │ │ ├── BR1-AC1.yaml │ │ ├── HQ-AC1.yaml │ │ ├── HQ-AC2.yaml │ │ ├── HQ-AC3.yaml │ │ ├── HQ-AC4.yaml │ │ ├── HQ-CO1.yaml │ │ ├── HQ-DIS1.yaml │ │ ├── HQ-DIS2.yaml │ │ ├── HQ-ED1.yaml │ │ ├── HQ-FW1.yaml │ │ ├── HQ-SF1.yaml │ │ ├── ISP.yaml │ │ ├── VyOS-BR1-ED1.yaml │ │ └── vSRX-BR2-FW1.yaml │ └── hosts │ └── test │ ├── CONFIGS │ ├── BR1-AC1 │ │ ├── 1_basic-config.conf │ │ ├── 2_stp-config.conf │ │ ├── 3_vlans.conf │ │ ├── 4_interfaces-access.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 4_interfaces-trunk.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ └── FINAL_pre_DIFF.conf │ ├── HQ-AC1 │ │ ├── 1_basic-config.conf │ │ ├── 2_stp-config.conf │ │ ├── 3_vlans.conf │ │ ├── 4_interfaces-access.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 4_interfaces-trunk.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ └── FINAL_pre_DIFF.conf │ ├── HQ-AC2 │ │ ├── 1_basic-config.conf │ │ ├── 2_stp-config.conf │ │ ├── 3_vlans.conf │ │ ├── 4_interfaces-access.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 4_interfaces-trunk.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ └── FINAL_pre_DIFF.conf │ ├── HQ-AC3 │ │ ├── 1_basic-config.conf │ │ ├── 2_stp-config.conf │ │ ├── 3_vlans.conf │ │ ├── 4_interfaces-access.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 4_interfaces-trunk.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ └── FINAL_pre_DIFF.conf │ ├── HQ-AC4 │ │ ├── 1_basic-config.conf │ │ ├── 2_stp-config.conf │ │ ├── 3_vlans.conf │ │ ├── 4_interfaces-access.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 4_interfaces-trunk.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ └── FINAL_pre_DIFF.conf │ ├── HQ-CO1 │ │ ├── 1_basic-config.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 4_interfaces-l2-to-l3.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ ├── FINAL_pre_DIFF.conf │ │ └── ospfv2-routing.conf │ ├── HQ-DIS1 │ │ ├── 1_basic-config.conf │ │ ├── 2_stp-config.conf │ │ ├── 3_vlans.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 4_interfaces-l2-to-l3.conf │ │ ├── 4_interfaces-trunk.conf │ │ ├── 5_interfaces-po-channel.conf │ │ ├── 6_glbp-config.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ ├── FINAL_pre_DIFF.conf │ │ └── ospfv2-routing.conf │ ├── HQ-DIS2 │ │ ├── 1_basic-config.conf │ │ ├── 2_stp-config.conf │ │ ├── 3_vlans.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 4_interfaces-l2-to-l3.conf │ │ ├── 4_interfaces-trunk.conf │ │ ├── 5_interfaces-po-channel.conf │ │ ├── 6_glbp-config.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ ├── FINAL_pre_DIFF.conf │ │ └── ospfv2-routing.conf │ ├── HQ-ED1 │ │ ├── 1_basic-config.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 6_pat-service.conf │ │ ├── 9_static-routing.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ ├── FINAL_pre_DIFF.conf │ │ └── ospfv2-routing.conf │ ├── HQ-FW1 │ │ ├── 1_basic-config.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 5_ipsec-config.conf │ │ ├── 9_ACL-config.conf │ │ ├── 9_static-routing.conf │ │ ├── FINAL_pre.conf │ │ └── ospfv2-routing.conf │ ├── HQ-SF1 │ │ ├── 1_basic-config.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 4_interfaces-l2-to-l3.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ ├── FINAL_pre_DIFF.conf │ │ └── ospfv2-routing.conf │ ├── ISP │ │ ├── 1_basic-config.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── FINAL.conf │ │ ├── FINAL_pre.conf │ │ └── FINAL_pre_DIFF.conf │ ├── VyOS-BR1-ED1 │ │ ├── 1_basic-config.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 6_pat-service.conf │ │ ├── 8_ipsec-config.conf │ │ ├── 9_static-routing.conf │ │ ├── FINAL_pre.conf │ │ └── FINAL_pre_DIFF.conf │ └── vSRX-BR2-FW1 │ │ ├── 1_basic-config.conf │ │ ├── 4_interfaces-ip.conf │ │ ├── 5_ipsec-config.conf │ │ ├── 6_pat-service.conf │ │ ├── 7_sec-policies-config.conf │ │ ├── 8_zbf-config.conf │ │ ├── 9_static-routing.conf │ │ ├── FINAL_pre.conf │ │ └── FINAL_pre_DIFF.conf │ ├── Modules │ ├── PING │ │ └── ping.yaml │ ├── commit-merge │ │ ├── commit-merge-basic-config.yml │ │ └── commit-merge-final-config.yml │ ├── generate │ │ ├── generate-all-config-and-make-diff.yml │ │ ├── generate-all-config.yml │ │ └── generate-basic-config.yml │ ├── ios_modules │ │ ├── ios_backup.yaml │ │ ├── ios_backup_v2.yaml │ │ ├── ios_command_add_ntp_server.yaml │ │ ├── ios_command_save_config.yaml │ │ ├── ios_command_show.yaml │ │ └── ios_command_show_ntp.yaml │ ├── ios_napalm │ │ └── napalm_get_facts.yaml │ ├── junos_napalm │ │ └── napalm_get_facts.yaml │ ├── rollback.yml │ ├── vasa_napalm │ │ ├── asa_command.yaml │ │ └── napalm_get_facts.yaml │ └── vyos_napalm │ │ └── napalm_get_facts.yaml │ ├── Python_scripts │ └── vASA │ │ ├── NetmikoOperator.py │ │ └── asa_send_commands.py │ ├── Topologies │ ├── L1.png │ ├── L2.png │ ├── L3.png │ ├── MGMT_IP.png │ ├── Routing.png │ └── VPNs.png │ ├── group_vars │ ├── Cisco-ASA.yaml │ ├── Cisco.yaml │ ├── JunOS.yaml │ ├── VyOS.yaml │ └── all.yaml │ ├── host_vars │ ├── BR1-AC1.yaml │ ├── HQ-AC1.yaml │ ├── HQ-AC2.yaml │ ├── HQ-AC3.yaml │ ├── HQ-AC4.yaml │ ├── HQ-CO1.yaml │ ├── HQ-DIS1.yaml │ ├── HQ-DIS2.yaml │ ├── HQ-ED1.yaml │ ├── HQ-FW1.yaml │ ├── HQ-SF1.yaml │ ├── ISP.yaml │ ├── VyOS-BR1-ED1.yaml │ └── vSRX-BR2-FW1.yaml │ └── hosts ├── Docker-runner └── ansible.cfg ├── GNS3 ├── DEV-Startup-CFGs │ ├── BR1-AC1 │ ├── BR1-ED1 │ ├── BR2-FW1 │ ├── HQ-AC1 │ ├── HQ-AC2 │ ├── HQ-AC3 │ ├── HQ-AC4 │ ├── HQ-CO1 │ ├── HQ-DIS1 │ ├── HQ-DIS2 │ ├── HQ-ED1 │ ├── HQ-FW1 │ ├── HQ-SF1 │ └── ISP ├── GNS3_API │ ├── DEV_START_CFGS │ │ ├── BR1-AC1 │ │ ├── BR1-ED1 │ │ ├── BR2-FW1 │ │ ├── HQ-AC1 │ │ ├── HQ-AC2 │ │ ├── HQ-AC3 │ │ ├── HQ-AC4 │ │ ├── HQ-CO1 │ │ ├── HQ-DIS1 │ │ ├── HQ-DIS2 │ │ ├── HQ-ED1 │ │ ├── HQ-FW1 │ │ ├── HQ-SF1 │ │ └── ISP │ ├── PROD_START_CFGS │ │ ├── BR1-AC1 │ │ ├── BR1-ED1 │ │ ├── BR2-FW1 │ │ ├── HQ-AC1 │ │ ├── HQ-AC2 │ │ ├── HQ-AC3 │ │ ├── HQ-AC4 │ │ ├── HQ-CO1 │ │ ├── HQ-DIS1 │ │ ├── HQ-DIS2 │ │ ├── HQ-ED1 │ │ ├── HQ-FW1 │ │ ├── HQ-SF1 │ │ └── ISP │ ├── README.md │ ├── TEST_START_CFGS │ │ ├── BR1-AC1 │ │ ├── BR1-ED1 │ │ ├── BR2-FW1 │ │ ├── HQ-AC1 │ │ ├── HQ-AC2 │ │ ├── HQ-AC3 │ │ ├── HQ-AC4 │ │ ├── HQ-CO1 │ │ ├── HQ-DIS1 │ │ ├── HQ-DIS2 │ │ ├── HQ-ED1 │ │ ├── HQ-FW1 │ │ ├── HQ-SF1 │ │ └── ISP │ ├── gns3_deploy_topology.py │ ├── gns3_dev_topology.yaml │ ├── gns3_prod_topology.yaml │ ├── gns3_show_appliances.py │ ├── gns3_test_topology.yaml │ ├── netascode_company_x.png │ └── requirements.txt ├── PROD-Startup-CFGs │ ├── BR1-AC1 │ ├── BR1-ED1 │ ├── BR2-FW1 │ ├── HQ-AC1 │ ├── HQ-AC2 │ ├── HQ-AC3 │ ├── HQ-AC4 │ ├── HQ-CO1 │ ├── HQ-DIS1 │ ├── HQ-DIS2 │ ├── HQ-ED1 │ ├── HQ-FW1 │ ├── HQ-SF1 │ └── ISP └── TEST-Startup-CFGs │ ├── BR1-AC1 │ ├── BR1-ED1 │ ├── BR2-FW1 │ ├── HQ-AC1 │ ├── HQ-AC2 │ ├── HQ-AC3 │ ├── HQ-AC4 │ ├── HQ-CO1 │ ├── HQ-DIS1 │ ├── HQ-DIS2 │ ├── HQ-ED1 │ ├── HQ-FW1 │ ├── HQ-SF1 │ └── ISP ├── Installation_components ├── docker-compose.yml └── docker_compose_setup.sh ├── LICENSE ├── PyATS ├── ex4_pings │ ├── connectivity_check_v2.py │ ├── job1.py │ └── testbed.yaml ├── ex5_vlans │ ├── cisco_ios_show_vlan.template │ ├── genie_interface_checker.py │ ├── job1.py │ ├── testbed.yaml │ └── vlans_check.py ├── ex6_rollback │ ├── rollback.py │ └── testbed.yaml └── inventories │ ├── development │ ├── __pycache__ │ │ ├── job.cpython-36.pyc │ │ ├── ntp_check_v2_no_rollback.cpython-36.pyc │ │ └── ntp_check_v3.cpython-36.pyc │ ├── job.py │ ├── ntp_check_v2_no_rollback.py │ ├── ntp_check_v3.py │ ├── rollback.py │ ├── run.txt │ └── testbed.yaml │ ├── production │ ├── job.py │ ├── ntp_check_v2_no_rollback.py │ ├── ntp_check_v3.py │ ├── rollback.py │ ├── run.txt │ └── testbed.yaml │ └── test │ ├── __pycache__ │ ├── job.cpython-36.pyc │ └── ntp_check_v3.cpython-36.pyc │ ├── job.py │ ├── logs │ ├── 19-May │ │ ├── job.2019May06_19:21:57.532130.zip │ │ ├── job.2019May06_19:28:27.176994.zip │ │ ├── job.2019May06_19:33:27.975707.zip │ │ ├── job.2019May06_19:42:44.606910.zip │ │ └── job.2019May06_19:47:35.892361.zip │ └── TaskLog.html │ ├── ntp_check_v2_no_rollback.py │ ├── ntp_check_v3.py │ ├── rollback.py │ ├── run.txt │ └── testbed.yaml ├── README.md ├── RobotFramework ├── ex3 │ ├── __pycache__ │ │ └── vlans_check.cpython-36.pyc │ ├── cisco_ios_show_vlan.template │ ├── pyats1.robot │ ├── testbed.yaml │ └── vlans_check.py ├── ex4 │ ├── __pycache__ │ │ ├── connectivity_check_v2.cpython-36.pyc │ │ └── vlans_check.cpython-36.pyc │ ├── cisco_ios_show_vlan.template │ ├── connectivity_check_v2.py │ ├── pyats1.robot │ ├── testbed_1.yaml │ ├── testbed_2.yaml │ └── vlans_check.py └── inventories │ ├── development │ ├── __pycache__ │ │ ├── connectivity_check_v2.cpython-36.pyc │ │ └── vlans_check.cpython-36.pyc │ ├── cisco_ios_show_vlan.template │ ├── connectivity_check_v2.py │ ├── pyats1.robot │ ├── testbed_1.yaml │ ├── testbed_2.yaml │ └── vlans_check.py │ ├── production │ ├── __pycache__ │ │ ├── connectivity_check_v2.cpython-36.pyc │ │ └── vlans_check.cpython-36.pyc │ ├── cisco_ios_show_vlan.template │ ├── connectivity_check_v2.py │ ├── pyats1.robot │ ├── testbed_1.yaml │ ├── testbed_2.yaml │ └── vlans_check.py │ └── test │ ├── __pycache__ │ ├── connectivity_check_v2.cpython-36.pyc │ └── vlans_check.cpython-36.pyc │ ├── cisco_ios_show_vlan.template │ ├── connectivity_check_v2.py │ ├── pyats1.robot │ ├── testbed_1.yaml │ ├── testbed_2.yaml │ └── vlans_check.py ├── requirements.txt └── static_images ├── 1.png ├── 2.png ├── components.png ├── example_of_pipeline.png ├── gns3_test_network.png └── overview.png /.gitignore: -------------------------------------------------------------------------------- 1 | .idea -------------------------------------------------------------------------------- /Ansible/Modules/ios_modules/ios_backup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Simple IOS backup config 3 | hosts: ALL 4 | gather_facts: yes 5 | vars: 6 | create_backup_dir: "BACKUPS/{{ ansible_date_time.date }}" 7 | 8 | tasks: 9 | - name: Creates BACKUP directory 10 | file: 11 | path: "{{ create_backup_dir }}" 12 | state: directory 13 | 14 | - name: Get running config 15 | ios_command: 16 | commands: show run 17 | register: show_run 18 | 19 | - name: Save config to file 20 | copy: 21 | content: "{{ show_run.stdout[0] }}" 22 | dest: "{{ create_backup_dir }}/{{ inventory_hostname }}--{{ ansible_date_time.iso8601 }}.txt" -------------------------------------------------------------------------------- /Ansible/Modules/ios_modules/ios_backup_v2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Archive backup of running-config to TFTP 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Archive backup of running-config to TFTP 9 | ios_command: 10 | commands: 11 | - wr 12 | 13 | -------------------------------------------------------------------------------- /Ansible/Modules/ios_modules/ios_command_ip_scp_server.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Enable SCP server on Devices for NAPALM 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Enable SCP Server 9 | ios_command: 10 | commands: 11 | - conf t 12 | - ip scp server enable 13 | - do wr 14 | -------------------------------------------------------------------------------- /Ansible/Modules/napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: ALL 4 | vars: 5 | ansible_python_interpreter: "/usr/bin/env python" 6 | 7 | tasks: 8 | 9 | - name: get facts from device 10 | napalm_get_facts: 11 | optional_args: {'global_delay_factor': 1} 12 | hostname: '{{ ansible_host }}' 13 | username: '{{ ansible_user }}' 14 | dev_os: '{{ ansible_network_os }}' 15 | password: '{{ ansible_ssh_pass }}' 16 | filter: 'facts' 17 | register: result 18 | 19 | - name: print data 20 | debug: var=result -------------------------------------------------------------------------------- /Ansible/Python_scripts/NetBox_api/test1.py: -------------------------------------------------------------------------------- 1 | import pynetbox 2 | 3 | nb = pynetbox.api(url='http://192.168.1.100:8080/', token='agmi4q0owhteubbp5wtttg43ka53fsw4o8bojuw5') 4 | 5 | all_devices = nb.dcim.devices.all() 6 | 7 | print(all_devices) 8 | 9 | all_devices = nb.dcim.devices.get(1) 10 | 11 | print(all_devices) 12 | 13 | print(all_devices.serial) 14 | -------------------------------------------------------------------------------- /Ansible/Roles/FHRP/glbp/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate GLBP config from templates 4 | when: inventory_hostname in groups['GLBP'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/6_glbp-config.conf -------------------------------------------------------------------------------- /Ansible/Roles/FHRP/glbp/templates/ios.j2: -------------------------------------------------------------------------------- 1 | {% for iface in interfaces_glbp %} 2 | ! 3 | interface {{ iface.name }} 4 | glbp {{ iface.glbp_group }} priority {{ iface.glbp_priority }} 5 | {{ iface.preempt }} 6 | glbp {{ iface.glbp_group }} ip {{ iface.glbp_ip }} 7 | glbp {{ iface.glbp_group }} load-balancing {{ iface.glbp_load_balancing }} 8 | ! 9 | {% endfor %} -------------------------------------------------------------------------------- /Ansible/Roles/VPN/IPsec/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate IPsec config from templates (VyOS) 4 | when: inventory_hostname in groups['VyOS-IPsec'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/8_ipsec-config.conf 6 | - name: generate IPsec config from templates (JunOS) 7 | when: inventory_hostname in groups['JunOS-IPsec'] 8 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/5_ipsec-config.conf 9 | - name: generate IPsec config from templates (Cisco ASA) 10 | when: inventory_hostname in groups['Cisco-ASA-IPsec'] 11 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/5_ipsec-config.conf -------------------------------------------------------------------------------- /Ansible/Roles/ZBF/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate ZBF-config from templates (JunOS) 4 | when: inventory_hostname in groups['ZBF'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/8_zbf-config.conf 6 | - name: generate Security-policies-config from templates (JunOS) 7 | when: inventory_hostname in groups['JunOS-SEC-POL'] 8 | template: src=../templates/{{ansible_network_os}}_policies.j2 dest={{config_dir}}/{{inventory_hostname}}/7_sec-policies-config.conf -------------------------------------------------------------------------------- /Ansible/Roles/ZBF/templates/junos.j2: -------------------------------------------------------------------------------- 1 | zones { 2 | {% for zone in sec_zones %} 3 | security-zone {{ zone.zone_name }} { 4 | address-book { 5 | {% for address in zone.address_books %} 6 | address {{ address.address }}; 7 | {% endfor %} 8 | } 9 | host-inbound-traffic { 10 | system-services { 11 | {% for service in zone.services_zone %} 12 | {{ service.service }}; 13 | {% endfor %} 14 | } 15 | } 16 | interfaces { 17 | {% for zone_int in zone.zone_ints %} 18 | {{ zone_int.int_zone }}; 19 | {% endfor %} 20 | } 21 | } 22 | {% endfor %} 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /Ansible/Roles/basic_config/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate basic-config from templates 4 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/1_basic-config.conf -------------------------------------------------------------------------------- /Ansible/Roles/basic_config/templates/asa.j2: -------------------------------------------------------------------------------- 1 | ! 2 | hostname {{ hostname }} 3 | ! 4 | clock timezone {{ timezone }} 5 | ! 6 | ntp server {{ ntp_server }} 7 | ! 8 | {% for user in users %} 9 | ! 10 | username {{ user.name }} password {{ user.password }} privilege {{ user.priv }} 11 | ! 12 | {% endfor %} -------------------------------------------------------------------------------- /Ansible/Roles/basic_config/templates/ios.j2: -------------------------------------------------------------------------------- 1 | ! 2 | hostname {{ hostname }} 3 | ! 4 | clock timezone {{ timezone }} 5 | ! 6 | ntp server {{ ntp_server }} 7 | ! 8 | {% for user in users %} 9 | ! 10 | username {{ user.name }} privilege {{ user.priv }} secret {{ user.password }} 11 | ! 12 | {% endfor %} -------------------------------------------------------------------------------- /Ansible/Roles/basic_config/templates/junos.j2: -------------------------------------------------------------------------------- 1 | system { 2 | host-name {{ hostname }}; 3 | time-zone {{ timezone }}; 4 | login { 5 | {% for user in users %} 6 | user {{ user.name }} { 7 | class {{ user.class }}; 8 | authentication { 9 | encrypted-password {{ user.password }} 10 | } 11 | } 12 | {% endfor %} 13 | } 14 | ntp { 15 | server {{ ntp_server }}; 16 | } 17 | } -------------------------------------------------------------------------------- /Ansible/Roles/interfaces/templates/asa.j2: -------------------------------------------------------------------------------- 1 | {% for iface in interfaces %} 2 | ! 3 | interface {{ iface.name }} 4 | description {{ iface.description }} 5 | nameif {{ iface.nameif }} 6 | security-level {{ iface.security_level }} 7 | ip address {{ iface.ip }} 8 | {{ iface.shutdown }} 9 | ! 10 | {% endfor %} 11 | -------------------------------------------------------------------------------- /Ansible/Roles/interfaces/templates/ios.j2: -------------------------------------------------------------------------------- 1 | {% for iface in interfaces %} 2 | ! 3 | interface {{ iface.name }} 4 | description {{ iface.description }} 5 | ip address {{ iface.ip }} 6 | {{ iface.shutdown }} 7 | ! 8 | {% endfor %} 9 | 10 | -------------------------------------------------------------------------------- /Ansible/Roles/interfaces/templates/ios_ROTS.j2: -------------------------------------------------------------------------------- 1 | {% for iface in interfaces_ROTS %} 2 | ! 3 | interface {{ iface.name }} 4 | description {{ iface.description }} 5 | {{ iface.shutdown }} 6 | ! 7 | {% endfor %} 8 | 9 | -------------------------------------------------------------------------------- /Ansible/Roles/interfaces/templates/ios_access.j2: -------------------------------------------------------------------------------- 1 | {% for iface in interfaces_access %} 2 | ! 3 | interface {{ iface.name }} 4 | description {{ iface.description }} 5 | switchport mode access 6 | switchport access vlan {{ iface.vlan }} 7 | spanning-tree {{ iface.portfast }} 8 | spanning-tree bpduguard {{ iface.bpduguard }} 9 | {{ iface.shutdown }} 10 | ! 11 | {% endfor %} 12 | 13 | -------------------------------------------------------------------------------- /Ansible/Roles/interfaces/templates/ios_l2_channel.j2: -------------------------------------------------------------------------------- 1 | {% for iface in interfaces_l2_channel %} 2 | ! 3 | interface {{ iface.name }} 4 | description {{ iface.description }} 5 | channel-group {{ iface.po_number }} mode {{ iface.po_mode }} 6 | {{ iface.shutdown }} 7 | ! 8 | {% endfor %} 9 | {% for iface in interfaces_po %} 10 | ! 11 | interface {{ iface.name }} 12 | description {{ iface.description }} 13 | {{ trunk_encapsulation }} 14 | switchport mode {{ iface.mode }} 15 | {{ iface.dtp }} 16 | {{ iface.shutdown }} 17 | ! 18 | {% endfor %} -------------------------------------------------------------------------------- /Ansible/Roles/interfaces/templates/ios_l2_to_l3.j2: -------------------------------------------------------------------------------- 1 | {% for iface in interface_l2_to_l3 %} 2 | ! 3 | interface {{ iface.name }} 4 | no switchport 5 | description {{ iface.description }} 6 | ip address {{ iface.ip }} 7 | {{ iface.shutdown }} 8 | ! 9 | {% endfor %} 10 | 11 | -------------------------------------------------------------------------------- /Ansible/Roles/interfaces/templates/ios_trunk.j2: -------------------------------------------------------------------------------- 1 | {% for iface in interfaces_trunk %} 2 | ! 3 | interface {{ iface.name }} 4 | description {{ iface.description }} 5 | {{ trunk_encapsulation }} 6 | switchport mode trunk 7 | {{ iface.dtp }} 8 | {{ iface.shutdown }} 9 | ! 10 | {% endfor %} 11 | 12 | -------------------------------------------------------------------------------- /Ansible/Roles/interfaces/templates/junos.j2: -------------------------------------------------------------------------------- 1 | interfaces { 2 | {% for iface in interfaces %} 3 | {{ iface.name }} { 4 | description {{ iface.description }}; 5 | unit 0 { 6 | family inet { 7 | address {{iface.ip}}; 8 | } 9 | } 10 | } 11 | {% endfor %} 12 | {% for node in groups['JunOS-IPsec'] %} 13 | {% for iface in interfaces_st %} 14 | {{ iface.name }} { 15 | unit 0 { 16 | family inet; 17 | } 18 | {% endfor %} 19 | } 20 | {% endfor %} 21 | } 22 | -------------------------------------------------------------------------------- /Ansible/Roles/interfaces/templates/vyos.j2: -------------------------------------------------------------------------------- 1 | interfaces { 2 | {% for iface in interfaces_dummy %} 3 | dummy {{ iface.name }} { 4 | address {{ iface.ip }} 5 | } 6 | {% endfor %} 7 | {% for iface in interfaces_ethernet %} 8 | ethernet {{ iface.name }} { 9 | address {{ iface.ip }} 10 | description {{ iface.description }} 11 | } 12 | {% endfor %} 13 | {% for node in groups['VyOS-IPsec'] %} 14 | {% for iface in interfaces_vti %} 15 | vti {{ iface.name }} { 16 | address {{ iface.ip }} 17 | } 18 | {% endfor %} 19 | {% endfor %} 20 | } -------------------------------------------------------------------------------- /Ansible/Roles/interfaces_vlans/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate ip interface configs from templates 4 | when: inventory_hostname in groups['routers-interfaces_vlans'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/5_interfaces-vlans-ip.conf -------------------------------------------------------------------------------- /Ansible/Roles/interfaces_vlans/templates/ios.j2: -------------------------------------------------------------------------------- 1 | {% for iface in interfaces_vlans %} 2 | ! 3 | interface {{ iface.name }} 4 | encapsulation dot1q {{ iface.vlan }} 5 | description {{ iface.description }} 6 | ip address {{ iface.ip }} 7 | {{ iface.shutdown }} 8 | ! 9 | {% endfor %} -------------------------------------------------------------------------------- /Ansible/Roles/routing/ospfv2/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate ospfv2-routing from templates (Cisco) 4 | when: inventory_hostname in groups['OSPFv2-Domain'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/ospfv2-routing.conf -------------------------------------------------------------------------------- /Ansible/Roles/routing/ospfv2/templates/asa.j2: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf {{ ospf_proccess }} 3 | router-id {{ router_id }} 4 | {% for network in networks %} 5 | network {{ network.net }} 6 | {% endfor %} 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/Roles/routing/ospfv2/templates/ios.j2: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf {{ ospf_proccess }} 3 | router-id {{ router_id }} 4 | passive-interface default 5 | {% for no_passive in no_passive_ints %} 6 | no passive-interface {{ no_passive.int }} 7 | {% endfor %} 8 | {% for network in networks %} 9 | network {{ network.net }} 10 | {% endfor %} 11 | {% if (inventory_hostname == "HQ-ED1") %} 12 | default-information originate 13 | ! 14 | {% endif %} -------------------------------------------------------------------------------- /Ansible/Roles/routing/static/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate static-routing from templates (Cisco, JunOS, VyOS) 4 | when: inventory_hostname in groups['STATIC-Domain'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/9_static-routing.conf -------------------------------------------------------------------------------- /Ansible/Roles/routing/static/templates/asa.j2: -------------------------------------------------------------------------------- 1 | ! 2 | {% for s_route in s_routes %} 3 | route {{ s_route.int }} {{ s_route.route }} {{ s_route.next_hop }} {{ s_route.metric }} 4 | {% endfor %} 5 | ! -------------------------------------------------------------------------------- /Ansible/Roles/routing/static/templates/ios.j2: -------------------------------------------------------------------------------- 1 | ! 2 | ip route {{ default_route }} 3 | ! -------------------------------------------------------------------------------- /Ansible/Roles/routing/static/templates/junos.j2: -------------------------------------------------------------------------------- 1 | routing-options { 2 | static { 3 | {% for s_route in s_routes %} 4 | route {{ s_route.route }} { 5 | next-hop {{ s_route.next_hop }}; 6 | metric {{ s_route.metric }}; 7 | {% endfor %} 8 | } 9 | {% for node in groups['JunOS-IPsec'] %} 10 | {% for route in ipsec_routes %} 11 | {{ route.ipsec_route }}; 12 | {% endfor %} 13 | {% endfor %} 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /Ansible/Roles/routing/static/templates/vyos.j2: -------------------------------------------------------------------------------- 1 | protocols { 2 | static { 3 | {% for node in groups['VyOS-IPsec'] %} 4 | {% for s_route in s_vti_routes %} 5 | interface-route {{ s_route.route }} { 6 | next-hop-interface {{ s_route.next_hop_int }} { 7 | } 8 | {% endfor %} 9 | } 10 | {% endfor %} 11 | {% for s_route in s_routes %} 12 | route {{ s_route.route }} { 13 | next-hop {{ s_route.next_hop }} { 14 | distance {{ s_route.metric }} 15 | } 16 | } 17 | {% endfor %} 18 | } 19 | } -------------------------------------------------------------------------------- /Ansible/Roles/services/ACL/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate ACL from templates 4 | when: inventory_hostname in groups['ACL'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/9_ACL-config.conf -------------------------------------------------------------------------------- /Ansible/Roles/services/ACL/templates/asa.j2: -------------------------------------------------------------------------------- 1 | {% for acl in acl_lists %} 2 | access-list {{ acl.name }} extended {{ acl.action }} {{ acl.protocol }} {{ acl.source }} {{ acl.destination }} 3 | {% endfor %} 4 | {% for acl_group in acl_groups %} 5 | access-group {{ acl_group.acl_name }} {{ acl_group.way }} interface {{ acl_group.interface }} 6 | {% endfor %} -------------------------------------------------------------------------------- /Ansible/Roles/services/DHCP/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate dhcp from templates 4 | when: inventory_hostname in groups['DHCP-Servers'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/dhcp-service.conf -------------------------------------------------------------------------------- /Ansible/Roles/services/DHCP/templates/ios.j2: -------------------------------------------------------------------------------- 1 | {% for pool in dhcp_pools %} 2 | ip dhcp pool {{ pool.name }} 3 | network {{ pool.network }} 4 | default-router {{ pool.gateway }} 5 | dns-server {{ pool.dns }} 6 | domain-name {{ pool.domain }} 7 | lease {{ pool.lease }} 8 | ! 9 | {% endfor %} -------------------------------------------------------------------------------- /Ansible/Roles/services/PAT/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate pat from templates 4 | when: inventory_hostname in groups['PAT'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/6_pat-service.conf -------------------------------------------------------------------------------- /Ansible/Roles/services/PAT/templates/ios.j2: -------------------------------------------------------------------------------- 1 | ! 2 | ip access-list extended {{ acl_name_pat }} 3 | {% for strings in acl_pat_strings %} 4 | remark {{ strings.remark }} 5 | {{ strings.string }} 6 | {% endfor %} 7 | ! 8 | interface {{ int_nat_outside }} 9 | ip nat outside 10 | interface {{ int_nat_inside }} 11 | ip nat inside 12 | ! 13 | ip nat inside source list {{ acl_name_pat }} interface {{ int_nat_outside }} overload 14 | -------------------------------------------------------------------------------- /Ansible/Roles/services/PAT/templates/junos.j2: -------------------------------------------------------------------------------- 1 | nat { 2 | source { 3 | rule-set {{ name_nat_rules_set }} { 4 | from zone {{ nat_from_zone }}; 5 | to zone {{ nat_to_zone }}; 6 | {% for ruleset in nat_rules_set %} 7 | rule {{ ruleset.rule_name }} { 8 | match { 9 | source-address {{ ruleset.source_net }}; 10 | destination-address {{ ruleset.dest_net }}; 11 | } 12 | then { 13 | source-nat { 14 | interface; 15 | } 16 | } 17 | } 18 | {% endfor %} 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /Ansible/Roles/services/PAT/templates/vyos.j2: -------------------------------------------------------------------------------- 1 | nat { 2 | source { 3 | {% for rule in nat_rules %} 4 | rule {{ rule.rule_number }} { 5 | description {{ rule.desc_rule }} 6 | outbound-interface {{ rule.outbound_int }} 7 | protocol {{ rule.protocol }} 8 | source { 9 | address {{ rule.source_net }} 10 | } 11 | translation { 12 | address {{ rule.translation }} 13 | } 14 | } 15 | {% endfor %} 16 | } 17 | } -------------------------------------------------------------------------------- /Ansible/Roles/stp/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate stp-config from templates 4 | when: inventory_hostname in groups['switches'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/2_stp-config.conf -------------------------------------------------------------------------------- /Ansible/Roles/stp/templates/ios.j2: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode {{ stp_mode }} 3 | ! 4 | {% for vlan in stp_vlan %} 5 | spanning-tree vlan {{ vlan.vlan_number }} priority {{ vlan.vlan_priority }} 6 | {% endfor %} 7 | ! -------------------------------------------------------------------------------- /Ansible/Roles/vlans/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: generate vlans from templates 4 | when: inventory_hostname in groups['switches'] 5 | template: src=../templates/{{ansible_network_os}}.j2 dest={{config_dir}}/{{inventory_hostname}}/3_vlans.conf -------------------------------------------------------------------------------- /Ansible/Roles/vlans/templates/ios.j2: -------------------------------------------------------------------------------- 1 | ! 2 | {{ vtp_mode }} 3 | ! 4 | {% for vlan in vlans %} 5 | ! 6 | vlan {{ vlan.vlan_number }} 7 | name {{ vlan.vlan_name }} 8 | ! 9 | {% endfor %} -------------------------------------------------------------------------------- /Ansible/ansible.cfg: -------------------------------------------------------------------------------- 1 | # config file for ansible 2 | # override global certain global settings 3 | # 4 | 5 | [defaults] 6 | retry_files_enabled = False 7 | # default to inventory file of ./hosts 8 | inventory = inventories 9 | # disable host checking to automatically add hosts to known_hosts 10 | host_key_checking = False 11 | # set the roles path to the local directory 12 | roles_path = Roles 13 | # NAPALM 14 | library = /home/dmitrii/PycharmProjects/venv-netascode/lib/python3.6/site-packages/napalm_ansible/modules 15 | action_plugins = /home/dmitrii/PycharmProjects/venv-netascode/lib/python3.6/site-packages/napalm_ansible/plugins/action 16 | 17 | [persistent_connection] 18 | connect_timeout = 100 19 | command_timeout = 80 -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/BR1-AC1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname BR1-AC1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/BR1-AC1/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 0 5 | ! -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/BR1-AC1/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 1 6 | name default 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/BR1-AC1/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_BR1-C1 4 | switchport mode access 5 | switchport access vlan 1 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/3 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 1 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | 20 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/BR1-AC1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan1 3 | description VLAN 1 4 | ip address 10.1.100.30 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/BR1-AC1/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/2 3 | description TO_BR1-ED1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | 10 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/BR1-AC1/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco 3 | vlan 1 4 | name default 5 | interface GigabitEthernet0/1 6 | switchport access vlan 1 7 | interface GigabitEthernet0/3 8 | switchport access vlan 1 9 | interface Vlan1 10 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/BR1-AC1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco 3 | +vlan 1 4 | + name default 5 | +interface GigabitEthernet0/1 6 | + switchport access vlan 1 7 | +interface GigabitEthernet0/3 8 | + switchport access vlan 1 9 | +interface Vlan1 10 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC1/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 10 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC1/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 10 6 | name Sales 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC1/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 10 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 10 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 10 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan10 3 | description Managers 4 | ip address 10.255.100.30 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC1/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/1 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet2/0 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC1/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco 3 | spanning-tree vlan 1 priority 8192 4 | spanning-tree vlan 10 priority 8192 5 | interface Vlan10 6 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC1/FINAL.diff: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco 3 | +spanning-tree vlan 1 priority 8192 4 | +spanning-tree vlan 10 priority 8192 5 | +interface Vlan10 6 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco 3 | +spanning-tree vlan 1 priority 8192 4 | +spanning-tree vlan 10 priority 8192 5 | +interface Vlan10 6 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC2/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC2 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC2/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 20 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC2/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 20 6 | name Managers 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC2/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 20 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 20 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 20 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC2/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan20 3 | description Managers 4 | ip address 10.255.100.62 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC2/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/2 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet2/1 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC2/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco 3 | spanning-tree vlan 1 priority 8192 4 | spanning-tree vlan 20 priority 8192 5 | interface Vlan20 6 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC2/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco 3 | +spanning-tree vlan 1 priority 8192 4 | +spanning-tree vlan 20 priority 8192 5 | +interface Vlan20 6 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC3/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC3 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC3/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 30 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC3/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 30 6 | name Developers 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC3/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 30 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 30 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 30 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC3/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan30 3 | description Managers 4 | ip address 10.255.100.94 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC3/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet2/1 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet1/1 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC3/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco 3 | spanning-tree vlan 1 priority 8192 4 | spanning-tree vlan 30 priority 8192 5 | interface Vlan30 6 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC3/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco 3 | +spanning-tree vlan 1 priority 8192 4 | +spanning-tree vlan 30 priority 8192 5 | +interface Vlan30 6 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC4/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC4 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC4/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 40 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC4/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 40 6 | name Accounting 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC4/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 40 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 40 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 40 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC4/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan40 3 | description Managers 4 | ip address 10.255.100.126 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC4/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet2/0 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet1/2 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC4/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco 3 | spanning-tree vlan 1 priority 8192 4 | spanning-tree vlan 40 priority 8192 5 | interface Vlan40 6 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-AC4/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco 3 | +spanning-tree vlan 1 priority 8192 4 | +spanning-tree vlan 40 priority 8192 5 | +interface Vlan40 6 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-CO1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-CO1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-CO1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.3 255.255.255.255 5 | 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-CO1/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | no switchport 4 | description TO-HQ-FW1 5 | ip address 10.255.1.1 255.255.255.252 6 | 7 | ! 8 | ! 9 | interface GigabitEthernet0/3 10 | no switchport 11 | description TO-HQ-DIS1 12 | ip address 10.255.1.9 255.255.255.252 13 | 14 | ! 15 | ! 16 | interface GigabitEthernet1/0 17 | no switchport 18 | description TO-HQ-DIS2 19 | ip address 10.255.1.13 255.255.255.252 20 | 21 | ! 22 | ! 23 | interface GigabitEthernet0/2 24 | no switchport 25 | description TO-HQ-SF1 26 | ip address 10.255.1.5 255.255.255.252 27 | 28 | ! 29 | 30 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-CO1/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-CO1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-CO1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.3 4 | passive-interface default 5 | no passive-interface GigabitEthernet0/1 6 | no passive-interface GigabitEthernet0/2 7 | no passive-interface GigabitEthernet0/3 8 | no passive-interface GigabitEthernet1/0 9 | network 10.255.1.0 0.0.0.3 area 0 10 | network 10.255.1.8 0.0.0.3 area 0 11 | network 10.255.1.12 0.0.0.3 area 0 12 | network 10.255.1.4 0.0.0.3 area 0 13 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-DIS1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 0 5 | spanning-tree vlan 10 priority 0 6 | spanning-tree vlan 20 priority 0 7 | spanning-tree vlan 30 priority 0 8 | spanning-tree vlan 40 priority 0 9 | ! -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 10 6 | name Sales 7 | ! 8 | ! 9 | vlan 20 10 | name Managers 11 | ! 12 | ! 13 | vlan 30 14 | name Developers 15 | ! 16 | ! 17 | vlan 40 18 | name Accounting 19 | ! 20 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.1 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Vlan10 9 | description Sales 10 | ip address 10.255.100.2 255.255.255.224 11 | no shutdown 12 | ! 13 | ! 14 | interface Vlan20 15 | description Managers 16 | ip address 10.255.100.34 255.255.255.224 17 | no shutdown 18 | ! 19 | ! 20 | interface Vlan30 21 | description Developers 22 | ip address 10.255.100.66 255.255.255.224 23 | no shutdown 24 | ! 25 | ! 26 | interface Vlan40 27 | description Accounting 28 | ip address 10.255.100.98 255.255.255.224 29 | no shutdown 30 | ! 31 | 32 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/3 3 | no switchport 4 | description TO_HQ1-CO1 5 | ip address 10.255.1.10 255.255.255.252 6 | 7 | ! 8 | 9 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/1 3 | description TO_HQ-AC1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet1/2 11 | description TO_HQ-AC2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | ! 18 | interface GigabitEthernet2/0 19 | description TO_HQ-AC4 20 | switchport trunk encapsulation dot1q 21 | switchport mode trunk 22 | switchport nonegotiate 23 | 24 | ! 25 | ! 26 | interface GigabitEthernet2/1 27 | description TO_HQ-AC3 28 | switchport trunk encapsulation dot1q 29 | switchport mode trunk 30 | switchport nonegotiate 31 | 32 | ! 33 | 34 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/5_interfaces-po-channel.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-DIS2 4 | channel-group 1 mode active 5 | 6 | ! 7 | ! 8 | interface GigabitEthernet0/2 9 | description TO_HQ-DIS2 10 | channel-group 1 mode active 11 | 12 | ! 13 | ! 14 | interface Port-channel1 15 | description TO_HQ-DIS2-LACP 16 | switchport trunk encapsulation dot1q 17 | switchport mode trunk 18 | switchport nonegotiate 19 | 20 | ! 21 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/6_glbp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan10 3 | glbp 10 priority 200 4 | glbp 10 preempt 5 | glbp 10 ip 10.255.100.1 6 | glbp 10 load-balancing round-robin 7 | ! 8 | ! 9 | interface Vlan20 10 | glbp 20 priority 200 11 | glbp 20 preempt 12 | glbp 20 ip 10.255.100.33 13 | glbp 20 load-balancing round-robin 14 | ! 15 | ! 16 | interface Vlan30 17 | glbp 30 priority 200 18 | glbp 30 preempt 19 | glbp 30 ip 10.255.100.65 20 | glbp 30 load-balancing round-robin 21 | ! 22 | ! 23 | interface Vlan40 24 | glbp 40 priority 200 25 | glbp 40 preempt 26 | glbp 40 ip 10.255.100.97 27 | glbp 40 load-balancing round-robin 28 | ! 29 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco 3 | spanning-tree vlan 1 priority 0 4 | spanning-tree vlan 10 priority 0 5 | spanning-tree vlan 20 priority 0 6 | spanning-tree vlan 30 priority 0 7 | spanning-tree vlan 40 priority 0 8 | interface Vlan10 9 | no shutdown 10 | interface Vlan20 11 | no shutdown 12 | interface Vlan30 13 | no shutdown 14 | interface Vlan40 15 | no shutdown 16 | interface Vlan10 17 | glbp 10 load-balancing round-robin 18 | interface Vlan20 19 | glbp 20 load-balancing round-robin 20 | interface Vlan30 21 | glbp 30 load-balancing round-robin 22 | interface Vlan40 23 | glbp 40 load-balancing round-robin -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco 3 | +spanning-tree vlan 1 priority 0 4 | +spanning-tree vlan 10 priority 0 5 | +spanning-tree vlan 20 priority 0 6 | +spanning-tree vlan 30 priority 0 7 | +spanning-tree vlan 40 priority 0 8 | +interface Vlan10 9 | - no shutdown 10 | +interface Vlan20 11 | - no shutdown 12 | +interface Vlan30 13 | - no shutdown 14 | +interface Vlan40 15 | - no shutdown 16 | +interface Vlan10 17 | + glbp 10 load-balancing round-robin 18 | +interface Vlan20 19 | + glbp 20 load-balancing round-robin 20 | +interface Vlan30 21 | + glbp 30 load-balancing round-robin 22 | +interface Vlan40 23 | + glbp 40 load-balancing round-robin -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.1 4 | passive-interface default 5 | no passive-interface Vlan10 6 | no passive-interface Vlan20 7 | no passive-interface Vlan30 8 | no passive-interface Vlan40 9 | no passive-interface GigabitEthernet0/3 10 | network 10.255.1.8 0.0.0.3 area 0 11 | network 10.255.100.0 0.0.0.31 area 100 12 | network 10.255.100.32 0.0.0.31 area 100 13 | network 10.255.100.64 0.0.0.31 area 100 14 | network 10.255.100.96 0.0.0.31 area 100 15 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS2/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-DIS2 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS2/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 4096 5 | spanning-tree vlan 10 priority 4096 6 | spanning-tree vlan 20 priority 4096 7 | spanning-tree vlan 30 priority 4096 8 | spanning-tree vlan 40 priority 4096 9 | ! -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS2/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 10 6 | name Sales 7 | ! 8 | ! 9 | vlan 20 10 | name Managers 11 | ! 12 | ! 13 | vlan 30 14 | name Developers 15 | ! 16 | ! 17 | vlan 40 18 | name Accounting 19 | ! 20 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS2/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.2 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Vlan10 9 | description Sales 10 | ip address 10.255.100.3 255.255.255.224 11 | no shutdown 12 | ! 13 | ! 14 | interface Vlan20 15 | description Managers 16 | ip address 10.255.100.35 255.255.255.224 17 | no shutdown 18 | ! 19 | ! 20 | interface Vlan30 21 | description Developers 22 | ip address 10.255.100.67 255.255.255.224 23 | no shutdown 24 | ! 25 | ! 26 | interface Vlan40 27 | description Accounting 28 | ip address 10.255.100.99 255.255.255.224 29 | no shutdown 30 | ! 31 | 32 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS2/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/0 3 | no switchport 4 | description TO_HQ1-CO1 5 | ip address 10.255.1.14 255.255.255.252 6 | 7 | ! 8 | 9 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS2/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet2/0 3 | description TO_HQ-AC1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet2/1 11 | description TO_HQ-AC2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | ! 18 | interface GigabitEthernet1/2 19 | description TO_HQ-AC4 20 | switchport trunk encapsulation dot1q 21 | switchport mode trunk 22 | switchport nonegotiate 23 | 24 | ! 25 | ! 26 | interface GigabitEthernet1/1 27 | description TO_HQ-AC3 28 | switchport trunk encapsulation dot1q 29 | switchport mode trunk 30 | switchport nonegotiate 31 | 32 | ! 33 | 34 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS2/5_interfaces-po-channel.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-DIS1 4 | channel-group 1 mode active 5 | 6 | ! 7 | ! 8 | interface GigabitEthernet0/2 9 | description TO_HQ-DIS1 10 | channel-group 1 mode active 11 | 12 | ! 13 | ! 14 | interface Port-channel1 15 | description TO_HQ-DIS1-LACP 16 | switchport trunk encapsulation dot1q 17 | switchport mode trunk 18 | switchport nonegotiate 19 | 20 | ! 21 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS2/6_glbp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan10 3 | glbp 10 priority 100 4 | glbp 10 preempt 5 | glbp 10 ip 10.255.100.1 6 | glbp 10 load-balancing round-robin 7 | ! 8 | ! 9 | interface Vlan20 10 | glbp 20 priority 100 11 | glbp 20 preempt 12 | glbp 20 ip 10.255.100.33 13 | glbp 20 load-balancing round-robin 14 | ! 15 | ! 16 | interface Vlan30 17 | glbp 30 priority 100 18 | glbp 30 preempt 19 | glbp 30 ip 10.255.100.65 20 | glbp 30 load-balancing round-robin 21 | ! 22 | ! 23 | interface Vlan40 24 | glbp 40 priority 100 25 | glbp 40 preempt 26 | glbp 40 ip 10.255.100.97 27 | glbp 40 load-balancing round-robin 28 | ! 29 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-DIS2/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.2 4 | passive-interface default 5 | no passive-interface Vlan10 6 | no passive-interface Vlan20 7 | no passive-interface Vlan30 8 | no passive-interface Vlan40 9 | no passive-interface GigabitEthernet1/0 10 | network 10.255.1.12 0.0.0.3 area 0 11 | network 10.255.100.0 0.0.0.31 area 100 12 | network 10.255.100.32 0.0.0.31 area 100 13 | network 10.255.100.64 0.0.0.31 area 100 14 | network 10.255.100.96 0.0.0.31 area 100 15 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-ED1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-ED1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-ED1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.5 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Loopback50 9 | description OSPF AREA 50 NET1 10 | ip address 10.255.50.1 255.255.255.0 11 | 12 | ! 13 | ! 14 | interface GigabitEthernet0/1 15 | description TO-ISP 16 | ip address 1.1.1.2 255.255.255.252 17 | no shutdown 18 | ! 19 | ! 20 | interface GigabitEthernet0/2 21 | description TO-HQ-FW1 22 | ip address 10.255.0.1 255.255.255.252 23 | no shutdown 24 | ! 25 | 26 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-ED1/6_pat-service.conf: -------------------------------------------------------------------------------- 1 | ! 2 | ip access-list extended ACL_PAT_HQ-DEPARTMENTS 3 | remark HQ VLAN 10 4 | permit ip 10.255.100.0 0.0.0.31 any 5 | remark HQ VLAN 20 6 | permit ip 10.255.100.32 0.0.0.31 any 7 | remark HQ VLAN 30 8 | permit ip 10.255.100.64 0.0.0.31 any 9 | remark HQ VLAN 40 10 | permit ip 10.255.100.96 0.0.0.31 any 11 | ! 12 | interface GigabitEthernet0/1 13 | ip nat outside 14 | interface GigabitEthernet0/2 15 | ip nat inside 16 | ! 17 | ip nat inside source list ACL_PAT_HQ-DEPARTMENTS interface GigabitEthernet0/1 overload 18 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-ED1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | ip route 0.0.0.0 0.0.0.0 1.1.1.1 3 | ! -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-ED1/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco 3 | interface GigabitEthernet0/1 4 | no shutdown 5 | interface GigabitEthernet0/2 6 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-ED1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco 3 | +interface GigabitEthernet0/1 4 | - no shutdown 5 | +interface GigabitEthernet0/2 6 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-ED1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.5 4 | passive-interface default 5 | no passive-interface GigabitEthernet0/2 6 | network 10.255.0.0 0.0.0.3 area 50 7 | network 10.255.50.0 0.0.0.255 area 50 8 | default-information originate 9 | ! 10 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-FW1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-FW1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 password cisco privilege 15 10 | ! 11 | ! 12 | username test2 password cisco privilege 15 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-FW1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/0 3 | description TO_ISP 4 | nameif TO-ISP-P2P 5 | security-level 0 6 | ip address 2.2.2.2 255.255.255.252 7 | no shutdown 8 | ! 9 | ! 10 | interface GigabitEthernet0/1 11 | description TO_HQ-CO1 12 | nameif TO-HQ-CO1-P2P 13 | security-level 100 14 | ip address 10.255.1.2 255.255.255.252 15 | no shutdown 16 | ! 17 | ! 18 | interface GigabitEthernet0/2 19 | description TO_HQ-ED1 20 | nameif TO-HQ-ED1-P2P 21 | security-level 50 22 | ip address 10.255.0.2 255.255.255.252 23 | no shutdown 24 | ! 25 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-FW1/9_ACL-config.conf: -------------------------------------------------------------------------------- 1 | access-list PERMIT_ICMP extended permit icmp any any 2 | access-group PERMIT_ICMP in interface TO-HQ-ED1-P2P 3 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-FW1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | route TO-ISP-P2P 0.0.0.0 0.0.0.0 2.2.2.1 200 3 | route TO-ISP-P2P 15.15.15.2 255.255.255.255 2.2.2.1 1 4 | route TO-ISP-P2P 20.2.2.2 255.255.255.255 2.2.2.1 1 5 | ! -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-FW1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 10.255.1.2 4 | network 10.255.1.0 255.255.255.252 area 0 5 | network 10.255.0.0 255.255.255.252 area 50 6 | ! 7 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-SF1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-SF1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-SF1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.4 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Loopback1 9 | description Server Net2 10 | ip address 10.255.255.5 255.255.255.252 11 | 12 | ! 13 | ! 14 | interface Loopback2 15 | description Server Net3 16 | ip address 10.255.255.9 255.255.255.252 17 | 18 | ! 19 | 20 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-SF1/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/2 3 | no switchport 4 | description TO-HQ-CO1 5 | ip address 10.255.1.6 255.255.255.252 6 | 7 | ! 8 | ! 9 | interface GigabitEthernet0/1 10 | no switchport 11 | description TO-HQ-S1 12 | ip address 10.255.255.1 255.255.255.252 13 | 14 | ! 15 | 16 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-SF1/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-SF1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/HQ-SF1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.4 4 | passive-interface default 5 | no passive-interface GigabitEthernet0/2 6 | network 10.255.1.4 0.0.0.3 area 0 7 | network 10.255.255.0 0.0.0.3 area 255 8 | network 10.255.255.4 0.0.0.3 area 255 9 | network 10.255.255.8 0.0.0.3 area 255 10 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/ISP/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname ISP 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 8.8.8.8 7 | ! 8 | ! 9 | username test1 privilege 15 secret cisco 10 | ! 11 | ! 12 | username test2 privilege 15 secret cisco 13 | ! 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/ISP/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback8 3 | description Google Public DNS 4 | ip address 8.8.8.8 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface GigabitEthernet0/1 9 | description TO_BR1-ED1-CompanyX 10 | ip address 15.15.15.1 255.255.255.252 11 | no shutdown 12 | ! 13 | ! 14 | interface GigabitEthernet0/2 15 | description TO_BR2-FW1-CompanyX 16 | ip address 20.2.2.1 255.255.255.252 17 | no shutdown 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description TO_HQ-ED1-CompanyX 22 | ip address 1.1.1.1 255.255.255.252 23 | no shutdown 24 | ! 25 | ! 26 | interface GigabitEthernet0/4 27 | description TO_HQ-FW1-CompanyX 28 | ip address 2.2.2.1 255.255.255.252 29 | no shutdown 30 | ! 31 | 32 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/ISP/FINAL.conf: -------------------------------------------------------------------------------- 1 | username test1 privilege 15 secret cisco 2 | username test2 privilege 15 secret cisco 3 | interface GigabitEthernet0/1 4 | no shutdown 5 | interface GigabitEthernet0/2 6 | no shutdown 7 | interface GigabitEthernet0/3 8 | no shutdown 9 | interface GigabitEthernet0/4 10 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/ISP/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +username test1 privilege 15 secret cisco 2 | +username test2 privilege 15 secret cisco 3 | +interface GigabitEthernet0/1 4 | - no shutdown 5 | +interface GigabitEthernet0/2 6 | - no shutdown 7 | +interface GigabitEthernet0/3 8 | - no shutdown 9 | +interface GigabitEthernet0/4 10 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/VyOS-BR1-ED1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | interfaces { 2 | dummy dum0 { 3 | address 10.1.255.1/32 4 | } 5 | ethernet eth0 { 6 | address 192.168.4.111/24 7 | description MGMT-ONLY 8 | } 9 | ethernet eth1 { 10 | address 10.1.100.1/27 11 | description TO_BR1-AC1 12 | } 13 | ethernet eth2 { 14 | address 15.15.15.2/30 15 | description TO_ISP 16 | } 17 | vti vti0 { 18 | address 169.254.100.1/30 19 | } 20 | } -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/VyOS-BR1-ED1/6_pat-service.conf: -------------------------------------------------------------------------------- 1 | nat { 2 | source { 3 | rule 10 { 4 | description BR1-C1-NET 5 | outbound-interface eth2 6 | protocol all 7 | source { 8 | address 10.1.100.0/27 9 | } 10 | translation { 11 | address masquerade 12 | } 13 | } 14 | } 15 | } -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/VyOS-BR1-ED1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | protocols { 2 | static { 3 | interface-route 10.255.255.0/30 { 4 | next-hop-interface vti0 { 5 | } 6 | } 7 | route 192.168.1.0/24 { 8 | next-hop 192.168.4.254 { 9 | distance 1 10 | } 11 | } 12 | route 0.0.0.0/0 { 13 | next-hop 15.15.15.1 { 14 | distance 10 15 | } 16 | } 17 | } 18 | } -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/VyOS-BR1-ED1/FINAL.diff: -------------------------------------------------------------------------------- 1 | [edit system login] 2 | +user test1 { 3 | + authentication { 4 | + plaintext-password cisco 5 | + } 6 | + level admin 7 | +} 8 | +user test2 { 9 | + authentication { 10 | + plaintext-password cisco 11 | + } 12 | + level admin 13 | +} 14 | [edit system login user vyos authentication] 15 | -encrypted-password $1$F7bDC8en$M/e8HL1CNie0nOymM8ebw1 16 | >plaintext-password vyos 17 | [edit] 18 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/VyOS-BR1-ED1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | [edit system login] 2 | +user test1 { 3 | + authentication { 4 | + plaintext-password cisco 5 | + } 6 | + level admin 7 | +} 8 | +user test2 { 9 | + authentication { 10 | + plaintext-password cisco 11 | + } 12 | + level admin 13 | +} 14 | [edit system login user vyos authentication] 15 | -encrypted-password $1$F7bDC8en$M/e8HL1CNie0nOymM8ebw1 16 | >plaintext-password vyos 17 | [edit] 18 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/vSRX-BR2-FW1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | interfaces { 2 | lo0 { 3 | description Lo0; 4 | unit 0 { 5 | family inet { 6 | address 10.2.255.1/32; 7 | } 8 | } 9 | } 10 | ge-0/0/0 { 11 | description TO_ISP; 12 | unit 0 { 13 | family inet { 14 | address 20.2.2.2/30; 15 | } 16 | } 17 | } 18 | ge-0/0/1 { 19 | description TO_BR2-C1; 20 | unit 0 { 21 | family inet { 22 | address 10.2.100.1/27; 23 | } 24 | } 25 | } 26 | st0 { 27 | unit 0 { 28 | family inet; 29 | } 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/vSRX-BR2-FW1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | routing-options { 2 | static { 3 | route 0.0.0.0/0 { 4 | next-hop 20.2.2.1; 5 | metric 10; 6 | } 7 | route 10.255.255.0/30 next-hop st0; 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/vSRX-BR2-FW1/FINAL.diff: -------------------------------------------------------------------------------- 1 | [edit system login] 2 | + user test1 { 3 | + class super-user; 4 | + authentication { 5 | + encrypted-password "$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA 6 | + } 7 | + } 8 | + user test2 { 9 | + class super-user; 10 | + authentication { 11 | + encrypted-password "$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA 12 | + } 13 | + } -------------------------------------------------------------------------------- /Ansible/inventories/development/CONFIGS/vSRX-BR2-FW1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | [edit system login] 2 | + user test1 { 3 | + class super-user; 4 | + authentication { 5 | + encrypted-password "$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA 6 | + } 7 | + } 8 | + user test2 { 9 | + class super-user; 10 | + authentication { 11 | + encrypted-password "$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA 12 | + } 13 | + } -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/PING/ping.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: PING 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | - ping: 8 | -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/generate/generate-basic-config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Generate basic-config 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | pre_tasks: 7 | - name: remove potentially existing previous candidate config (BASIC-CONFIG) 8 | file: path={{config_dir}}/{{inventory_hostname}}/1_basic-config.conf state=absent 9 | - name: create candidate config directory (if it does not exist) 10 | file: path={{config_dir}}/{{inventory_hostname}} state=directory 11 | 12 | roles: 13 | - basic_config -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/ios_modules/ios_backup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Simple IOS backup config 3 | hosts: ALL 4 | gather_facts: yes 5 | vars: 6 | create_backup_dir: "BACKUPS/ios_backups/{{ ansible_date_time.date }}" 7 | 8 | tasks: 9 | - name: Creates BACKUP directory 10 | file: 11 | path: "{{ create_backup_dir }}" 12 | state: directory 13 | 14 | - name: Get running config 15 | ios_command: 16 | commands: show run 17 | register: show_run 18 | 19 | - name: Save config to file 20 | copy: 21 | content: "{{ show_run.stdout[0] }}" 22 | dest: "{{ create_backup_dir }}/{{ inventory_hostname }}--{{ ansible_date_time.iso8601 }}.txt" -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/ios_modules/ios_backup_v2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Archive backup of running-config to TFTP 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Archive backup of running-config to TFTP 9 | ios_command: 10 | commands: 11 | - wr 12 | 13 | -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/ios_modules/ios_command_add_ntp_server.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Sample IOS add ntp server 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Add NTP server 9 | ios_command: 10 | commands: 11 | - conf t 12 | - ntp server 1.1.1.1 13 | -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/ios_modules/ios_command_save_config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Sample IOS add ntp server 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Saving configuration 9 | ios_command: 10 | commands: 11 | - wr 12 | -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/ios_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: Cisco 4 | vars: 5 | ansible_python_interpreter: "/usr/bin/env python" 6 | 7 | tasks: 8 | 9 | - name: get facts from device 10 | napalm_get_facts: 11 | optional_args: {'global_delay_factor': 1} 12 | hostname: '{{ ansible_host }}' 13 | username: '{{ ansible_user }}' 14 | dev_os: '{{ ansible_network_os }}' 15 | password: '{{ ansible_ssh_pass }}' 16 | filter: 'facts' 17 | register: result 18 | 19 | - name: print data 20 | debug: var=result -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/junos_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: JunOS 4 | gather_facts: no 5 | vars: 6 | ansible_python_interpreter: "/usr/bin/env python" 7 | 8 | tasks: 9 | 10 | - name: get facts from device 11 | napalm_get_facts: 12 | optional_args: {'global_delay_factor': 4} 13 | hostname: '{{ ansible_host }}' 14 | username: '{{ ansible_user }}' 15 | dev_os: '{{ ansible_network_os }}' 16 | password: '{{ ansible_ssh_pass }}' 17 | filter: 'facts' 18 | register: result 19 | 20 | - name: print data 21 | debug: var=result 22 | 23 | -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/vasa_napalm/asa_command.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # aaa authorization exec LOCAL auto-enable 3 | 4 | - name: ASA_COMMAND 5 | hosts: HQ-FW1 6 | gather_facts: no 7 | vars: 8 | command1: 9 | show version 10 | 11 | show memory 12 | 13 | show int ip br 14 | 15 | tasks: 16 | - asa_command: 17 | commands: 18 | - "{{ command1 }}" 19 | # - show version 20 | register: result1 21 | 22 | - name: print data1 23 | debug: var=result1 24 | -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/vasa_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: localhost 4 | gather_facts: no 5 | vars: 6 | ansible_python_interpreter: "/usr/bin/env python" 7 | 8 | tasks: 9 | 10 | - name: get facts from device 11 | napalm_get_facts: 12 | optional_args: {'global_delay_factor': 4, 'port': 443} 13 | hostname: '172.30.33.171' 14 | username: 'cisco' 15 | dev_os: 'asa' 16 | password: 'cisco' 17 | filter: 'facts' 18 | register: result 19 | 20 | - name: print data 21 | debug: var=result 22 | 23 | -------------------------------------------------------------------------------- /Ansible/inventories/development/Modules/vyos_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: VyOS 4 | gather_facts: no 5 | vars: 6 | ansible_python_interpreter: "/usr/bin/env python" 7 | 8 | tasks: 9 | 10 | - name: get facts from device 11 | napalm_get_facts: 12 | optional_args: {'global_delay_factor': 4} 13 | hostname: '{{ ansible_host }}' 14 | username: '{{ ansible_user }}' 15 | dev_os: '{{ ansible_network_os }}' 16 | password: '{{ ansible_ssh_pass }}' 17 | filter: 'facts' 18 | register: result 19 | 20 | - name: print data 21 | debug: var=result 22 | 23 | -------------------------------------------------------------------------------- /Ansible/inventories/development/Topologies/L1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/development/Topologies/L1.png -------------------------------------------------------------------------------- /Ansible/inventories/development/Topologies/L2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/development/Topologies/L2.png -------------------------------------------------------------------------------- /Ansible/inventories/development/Topologies/L3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/development/Topologies/L3.png -------------------------------------------------------------------------------- /Ansible/inventories/development/Topologies/MGMT_IP.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/development/Topologies/MGMT_IP.png -------------------------------------------------------------------------------- /Ansible/inventories/development/Topologies/Routing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/development/Topologies/Routing.png -------------------------------------------------------------------------------- /Ansible/inventories/development/Topologies/VPNs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/development/Topologies/VPNs.png -------------------------------------------------------------------------------- /Ansible/inventories/development/group_vars/Cisco-ASA.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: test1 5 | priv: 15 6 | password: cisco 7 | - name: test2 8 | priv: 15 9 | password: cisco 10 | -------------------------------------------------------------------------------- /Ansible/inventories/development/group_vars/Cisco.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: test1 5 | priv: 15 6 | password: cisco 7 | - name: test2 8 | priv: 15 9 | password: cisco 10 | -------------------------------------------------------------------------------- /Ansible/inventories/development/group_vars/JunOS.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: test1 5 | class: super-user 6 | password: '"$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA' 7 | - name: test2 8 | class: super-user 9 | password: '"$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA' 10 | -------------------------------------------------------------------------------- /Ansible/inventories/development/group_vars/VyOS.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: vyos 5 | level: admin 6 | password: vyos 7 | - name: test1 8 | level: admin 9 | password: cisco 10 | - name: test2 11 | level: admin 12 | password: cisco 13 | 14 | -------------------------------------------------------------------------------- /Ansible/inventories/development/group_vars/all.yaml: -------------------------------------------------------------------------------- 1 | # for napalm_install_config (Modules) 2 | config_dir: "{{ inventory_dir }}/CONFIGS" -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/BR1-AC1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname BR1-AC1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/BR1-AC1/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 0 5 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/BR1-AC1/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 1 6 | name default 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/BR1-AC1/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_BR1-C1 4 | switchport mode access 5 | switchport access vlan 1 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/3 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 1 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | 20 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/BR1-AC1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan1 3 | description VLAN 1 4 | ip address 10.1.100.30 255.255.255.224 5 | 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/BR1-AC1/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/2 3 | description TO_BR1-ED1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | 10 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/BR1-AC1/FINAL.conf: -------------------------------------------------------------------------------- 1 | vlan 1 2 | name default 3 | interface GigabitEthernet0/1 4 | switchport access vlan 1 5 | interface GigabitEthernet0/3 6 | switchport access vlan 1 -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/BR1-AC1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +vlan 1 2 | + name default 3 | +interface GigabitEthernet0/1 4 | + switchport access vlan 1 5 | +interface GigabitEthernet0/3 6 | + switchport access vlan 1 -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC1/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 10 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC1/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 10 6 | name Sales 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC1/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 10 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 10 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 10 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan10 3 | description Managers 4 | ip address 10.255.100.30 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC1/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/1 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet2/0 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC1/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 8192 2 | spanning-tree vlan 10 priority 8192 3 | interface Vlan10 4 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 8192 2 | +spanning-tree vlan 10 priority 8192 3 | +interface Vlan10 4 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC2/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC2 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC2/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 20 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC2/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 20 6 | name Managers 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC2/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 20 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 20 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 20 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC2/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan20 3 | description Managers 4 | ip address 10.255.100.62 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC2/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/2 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet2/1 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC2/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 8192 2 | spanning-tree vlan 20 priority 8192 3 | interface Vlan20 4 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC2/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 8192 2 | +spanning-tree vlan 20 priority 8192 3 | +interface Vlan20 4 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC3/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC3 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC3/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 30 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC3/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 30 6 | name Developers 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC3/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 30 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 30 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 30 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC3/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan30 3 | description Managers 4 | ip address 10.255.100.94 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC3/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet2/1 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet1/1 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC3/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 8192 2 | spanning-tree vlan 30 priority 8192 3 | interface Vlan30 4 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC3/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 8192 2 | +spanning-tree vlan 30 priority 8192 3 | +interface Vlan30 4 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC4/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC4 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC4/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 40 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC4/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 40 6 | name Accounting 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC4/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 40 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 40 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 40 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC4/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan40 3 | description Managers 4 | ip address 10.255.100.126 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC4/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet2/0 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet1/2 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC4/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 8192 2 | spanning-tree vlan 40 priority 8192 3 | interface Vlan40 4 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-AC4/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 8192 2 | +spanning-tree vlan 40 priority 8192 3 | +interface Vlan40 4 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-CO1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-CO1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-CO1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.3 255.255.255.255 5 | 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-CO1/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | no switchport 4 | description TO-HQ-FW1 5 | ip address 10.255.1.1 255.255.255.252 6 | 7 | ! 8 | ! 9 | interface GigabitEthernet0/3 10 | no switchport 11 | description TO-HQ-DIS1 12 | ip address 10.255.1.9 255.255.255.252 13 | 14 | ! 15 | ! 16 | interface GigabitEthernet1/0 17 | no switchport 18 | description TO-HQ-DIS2 19 | ip address 10.255.1.13 255.255.255.252 20 | 21 | ! 22 | ! 23 | interface GigabitEthernet0/2 24 | no switchport 25 | description TO-HQ-SF1 26 | ip address 10.255.1.5 255.255.255.252 27 | 28 | ! 29 | 30 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-CO1/FINAL.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/CONFIGS/HQ-CO1/FINAL.conf -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-CO1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/CONFIGS/HQ-CO1/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-CO1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.3 4 | passive-interface default 5 | no passive-interface GigabitEthernet0/1 6 | no passive-interface GigabitEthernet0/2 7 | no passive-interface GigabitEthernet0/3 8 | no passive-interface GigabitEthernet1/0 9 | network 10.255.1.0 0.0.0.3 area 0 10 | network 10.255.1.8 0.0.0.3 area 0 11 | network 10.255.1.12 0.0.0.3 area 0 12 | network 10.255.1.4 0.0.0.3 area 0 13 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-DIS1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 0 5 | spanning-tree vlan 10 priority 0 6 | spanning-tree vlan 20 priority 0 7 | spanning-tree vlan 30 priority 0 8 | spanning-tree vlan 40 priority 0 9 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 10 6 | name Sales 7 | ! 8 | ! 9 | vlan 20 10 | name Managers 11 | ! 12 | ! 13 | vlan 30 14 | name Developers 15 | ! 16 | ! 17 | vlan 40 18 | name Accounting 19 | ! 20 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.1 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Vlan10 9 | description Sales 10 | ip address 10.255.100.2 255.255.255.224 11 | no shutdown 12 | ! 13 | ! 14 | interface Vlan20 15 | description Managers 16 | ip address 10.255.100.34 255.255.255.224 17 | no shutdown 18 | ! 19 | ! 20 | interface Vlan30 21 | description Developers 22 | ip address 10.255.100.66 255.255.255.224 23 | no shutdown 24 | ! 25 | ! 26 | interface Vlan40 27 | description Accounting 28 | ip address 10.255.100.98 255.255.255.224 29 | no shutdown 30 | ! 31 | 32 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/3 3 | no switchport 4 | description TO_HQ1-CO1 5 | ip address 10.255.1.10 255.255.255.252 6 | 7 | ! 8 | 9 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/1 3 | description TO_HQ-AC1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet1/2 11 | description TO_HQ-AC2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | ! 18 | interface GigabitEthernet2/0 19 | description TO_HQ-AC4 20 | switchport trunk encapsulation dot1q 21 | switchport mode trunk 22 | switchport nonegotiate 23 | 24 | ! 25 | ! 26 | interface GigabitEthernet2/1 27 | description TO_HQ-AC3 28 | switchport trunk encapsulation dot1q 29 | switchport mode trunk 30 | switchport nonegotiate 31 | 32 | ! 33 | 34 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/5_interfaces-po-channel.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-DIS2 4 | channel-group 1 mode active 5 | 6 | ! 7 | ! 8 | interface GigabitEthernet0/2 9 | description TO_HQ-DIS2 10 | channel-group 1 mode active 11 | 12 | ! 13 | ! 14 | interface Port-channel1 15 | description TO_HQ-DIS2-LACP 16 | switchport trunk encapsulation dot1q 17 | switchport mode trunk 18 | switchport nonegotiate 19 | 20 | ! 21 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/6_glbp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan10 3 | glbp 10 priority 200 4 | glbp 10 preempt 5 | glbp 10 ip 10.255.100.1 6 | glbp 10 load-balancing round-robin 7 | ! 8 | ! 9 | interface Vlan20 10 | glbp 20 priority 200 11 | glbp 20 preempt 12 | glbp 20 ip 10.255.100.33 13 | glbp 20 load-balancing round-robin 14 | ! 15 | ! 16 | interface Vlan30 17 | glbp 30 priority 200 18 | glbp 30 preempt 19 | glbp 30 ip 10.255.100.65 20 | glbp 30 load-balancing round-robin 21 | ! 22 | ! 23 | interface Vlan40 24 | glbp 40 priority 200 25 | glbp 40 preempt 26 | glbp 40 ip 10.255.100.97 27 | glbp 40 load-balancing round-robin 28 | ! 29 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 0 2 | spanning-tree vlan 10 priority 0 3 | spanning-tree vlan 20 priority 0 4 | spanning-tree vlan 30 priority 0 5 | spanning-tree vlan 40 priority 0 6 | interface Vlan10 7 | no shutdown 8 | interface Vlan20 9 | no shutdown 10 | interface Vlan30 11 | no shutdown 12 | interface Vlan40 13 | no shutdown 14 | interface Vlan10 15 | glbp 10 load-balancing round-robin 16 | interface Vlan20 17 | glbp 20 load-balancing round-robin 18 | interface Vlan30 19 | glbp 30 load-balancing round-robin 20 | interface Vlan40 21 | glbp 40 load-balancing round-robin -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 0 2 | +spanning-tree vlan 10 priority 0 3 | +spanning-tree vlan 20 priority 0 4 | +spanning-tree vlan 30 priority 0 5 | +spanning-tree vlan 40 priority 0 6 | +interface Vlan10 7 | - no shutdown 8 | +interface Vlan20 9 | - no shutdown 10 | +interface Vlan30 11 | - no shutdown 12 | +interface Vlan40 13 | - no shutdown 14 | +interface Vlan10 15 | + glbp 10 load-balancing round-robin 16 | +interface Vlan20 17 | + glbp 20 load-balancing round-robin 18 | +interface Vlan30 19 | + glbp 30 load-balancing round-robin 20 | +interface Vlan40 21 | + glbp 40 load-balancing round-robin -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.1 4 | passive-interface default 5 | no passive-interface Vlan10 6 | no passive-interface Vlan20 7 | no passive-interface Vlan30 8 | no passive-interface Vlan40 9 | no passive-interface GigabitEthernet0/3 10 | network 10.255.1.8 0.0.0.3 area 0 11 | network 10.255.100.0 0.0.0.31 area 100 12 | network 10.255.100.32 0.0.0.31 area 100 13 | network 10.255.100.64 0.0.0.31 area 100 14 | network 10.255.100.96 0.0.0.31 area 100 15 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-DIS2 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 4096 5 | spanning-tree vlan 10 priority 4096 6 | spanning-tree vlan 20 priority 4096 7 | spanning-tree vlan 30 priority 4096 8 | spanning-tree vlan 40 priority 4096 9 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 10 6 | name Sales 7 | ! 8 | ! 9 | vlan 20 10 | name Managers 11 | ! 12 | ! 13 | vlan 30 14 | name Developers 15 | ! 16 | ! 17 | vlan 40 18 | name Accounting 19 | ! 20 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.2 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Vlan10 9 | description Sales 10 | ip address 10.255.100.3 255.255.255.224 11 | no shutdown 12 | ! 13 | ! 14 | interface Vlan20 15 | description Managers 16 | ip address 10.255.100.35 255.255.255.224 17 | no shutdown 18 | ! 19 | ! 20 | interface Vlan30 21 | description Developers 22 | ip address 10.255.100.67 255.255.255.224 23 | no shutdown 24 | ! 25 | ! 26 | interface Vlan40 27 | description Accounting 28 | ip address 10.255.100.99 255.255.255.224 29 | no shutdown 30 | ! 31 | 32 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/0 3 | no switchport 4 | description TO_HQ1-CO1 5 | ip address 10.255.1.14 255.255.255.252 6 | 7 | ! 8 | 9 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet2/0 3 | description TO_HQ-AC1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet2/1 11 | description TO_HQ-AC2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | ! 18 | interface GigabitEthernet1/2 19 | description TO_HQ-AC4 20 | switchport trunk encapsulation dot1q 21 | switchport mode trunk 22 | switchport nonegotiate 23 | 24 | ! 25 | ! 26 | interface GigabitEthernet1/1 27 | description TO_HQ-AC3 28 | switchport trunk encapsulation dot1q 29 | switchport mode trunk 30 | switchport nonegotiate 31 | 32 | ! 33 | 34 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/5_interfaces-po-channel.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-DIS1 4 | channel-group 1 mode active 5 | 6 | ! 7 | ! 8 | interface GigabitEthernet0/2 9 | description TO_HQ-DIS1 10 | channel-group 1 mode active 11 | 12 | ! 13 | ! 14 | interface Port-channel1 15 | description TO_HQ-DIS1-LACP 16 | switchport trunk encapsulation dot1q 17 | switchport mode trunk 18 | switchport nonegotiate 19 | 20 | ! 21 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/6_glbp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan10 3 | glbp 10 priority 100 4 | glbp 10 preempt 5 | glbp 10 ip 10.255.100.1 6 | glbp 10 load-balancing round-robin 7 | ! 8 | ! 9 | interface Vlan20 10 | glbp 20 priority 100 11 | glbp 20 preempt 12 | glbp 20 ip 10.255.100.33 13 | glbp 20 load-balancing round-robin 14 | ! 15 | ! 16 | interface Vlan30 17 | glbp 30 priority 100 18 | glbp 30 preempt 19 | glbp 30 ip 10.255.100.65 20 | glbp 30 load-balancing round-robin 21 | ! 22 | ! 23 | interface Vlan40 24 | glbp 40 priority 100 25 | glbp 40 preempt 26 | glbp 40 ip 10.255.100.97 27 | glbp 40 load-balancing round-robin 28 | ! 29 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 4096 2 | spanning-tree vlan 10 priority 4096 3 | spanning-tree vlan 20 priority 4096 4 | spanning-tree vlan 30 priority 4096 5 | spanning-tree vlan 40 priority 4096 6 | interface Vlan10 7 | no shutdown 8 | interface Vlan20 9 | no shutdown 10 | interface Vlan30 11 | no shutdown 12 | interface Vlan40 13 | no shutdown 14 | interface Vlan10 15 | glbp 10 priority 100 16 | glbp 10 load-balancing round-robin 17 | interface Vlan20 18 | glbp 20 priority 100 19 | glbp 20 load-balancing round-robin 20 | interface Vlan30 21 | glbp 30 priority 100 22 | glbp 30 load-balancing round-robin 23 | interface Vlan40 24 | glbp 40 priority 100 25 | glbp 40 load-balancing round-robin -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-DIS2/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.2 4 | passive-interface default 5 | no passive-interface Vlan10 6 | no passive-interface Vlan20 7 | no passive-interface Vlan30 8 | no passive-interface Vlan40 9 | no passive-interface GigabitEthernet1/0 10 | network 10.255.1.12 0.0.0.3 area 0 11 | network 10.255.100.0 0.0.0.31 area 100 12 | network 10.255.100.32 0.0.0.31 area 100 13 | network 10.255.100.64 0.0.0.31 area 100 14 | network 10.255.100.96 0.0.0.31 area 100 15 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-ED1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-ED1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-ED1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.5 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Loopback50 9 | description OSPF AREA 50 NET1 10 | ip address 10.255.50.1 255.255.255.0 11 | 12 | ! 13 | ! 14 | interface GigabitEthernet0/1 15 | description TO-ISP 16 | ip address 1.1.1.2 255.255.255.252 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/2 21 | description TO-HQ-FW1 22 | ip address 10.255.0.1 255.255.255.252 23 | 24 | ! 25 | 26 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-ED1/6_pat-service.conf: -------------------------------------------------------------------------------- 1 | ! 2 | ip access-list extended ACL_PAT_HQ-DEPARTMENTS 3 | remark HQ VLAN 10 4 | permit ip 10.255.100.0 0.0.0.31 any 5 | remark HQ VLAN 20 6 | permit ip 10.255.100.32 0.0.0.31 any 7 | remark HQ VLAN 30 8 | permit ip 10.255.100.64 0.0.0.31 any 9 | remark HQ VLAN 40 10 | permit ip 10.255.100.96 0.0.0.31 any 11 | ! 12 | interface GigabitEthernet0/1 13 | ip nat outside 14 | interface GigabitEthernet0/2 15 | ip nat inside 16 | ! 17 | ip nat inside source list ACL_PAT_HQ-DEPARTMENTS interface GigabitEthernet0/1 overload 18 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-ED1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | ip route 0.0.0.0 0.0.0.0 1.1.1.1 3 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-ED1/FINAL.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/CONFIGS/HQ-ED1/FINAL.conf -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-ED1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/CONFIGS/HQ-ED1/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-ED1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.5 4 | passive-interface default 5 | no passive-interface GigabitEthernet0/2 6 | network 10.255.0.0 0.0.0.3 area 50 7 | network 10.255.50.0 0.0.0.255 area 50 8 | default-information originate 9 | ! 10 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-FW1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-FW1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-FW1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/0 3 | description TO_ISP 4 | nameif TO-ISP-P2P 5 | security-level 0 6 | ip address 2.2.2.2 255.255.255.252 7 | no shutdown 8 | ! 9 | ! 10 | interface GigabitEthernet0/1 11 | description TO_HQ-CO1 12 | nameif TO-HQ-CO1-P2P 13 | security-level 100 14 | ip address 10.255.1.2 255.255.255.252 15 | no shutdown 16 | ! 17 | ! 18 | interface GigabitEthernet0/2 19 | description TO_HQ-ED1 20 | nameif TO-HQ-ED1-P2P 21 | security-level 50 22 | ip address 10.255.0.2 255.255.255.252 23 | no shutdown 24 | ! 25 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-FW1/9_ACL-config.conf: -------------------------------------------------------------------------------- 1 | access-list PERMIT_ICMP extended permit icmp any any 2 | access-group PERMIT_ICMP in interface TO-HQ-ED1-P2P 3 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-FW1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | route TO-ISP-P2P 0.0.0.0 0.0.0.0 2.2.2.1 200 3 | route TO-ISP-P2P 15.15.15.2 255.255.255.255 2.2.2.1 1 4 | route TO-ISP-P2P 20.2.2.2 255.255.255.255 2.2.2.1 1 5 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-FW1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 10.255.1.2 4 | network 10.255.1.0 255.255.255.252 area 0 5 | network 10.255.0.0 255.255.255.252 area 50 6 | ! 7 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-SF1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-SF1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-SF1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.4 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Loopback1 9 | description Server Net2 10 | ip address 10.255.255.5 255.255.255.252 11 | 12 | ! 13 | ! 14 | interface Loopback2 15 | description Server Net3 16 | ip address 10.255.255.9 255.255.255.252 17 | 18 | ! 19 | 20 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-SF1/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/2 3 | no switchport 4 | description TO-HQ-CO1 5 | ip address 10.255.1.6 255.255.255.252 6 | 7 | ! 8 | ! 9 | interface GigabitEthernet0/1 10 | no switchport 11 | description TO-HQ-S1 12 | ip address 10.255.255.1 255.255.255.252 13 | 14 | ! 15 | 16 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-SF1/FINAL.conf: -------------------------------------------------------------------------------- 1 | interface Loopback1 2 | ip address 10.255.255.5 255.255.255.252 3 | interface Loopback2 4 | ip address 10.255.255.9 255.255.255.252 -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-SF1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +interface Loopback1 2 | + ip address 10.255.255.5 255.255.255.252 3 | +interface Loopback2 4 | + ip address 10.255.255.9 255.255.255.252 -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/HQ-SF1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.4 4 | passive-interface default 5 | no passive-interface GigabitEthernet0/2 6 | network 10.255.1.4 0.0.0.3 area 0 7 | network 10.255.255.0 0.0.0.3 area 255 8 | network 10.255.255.4 0.0.0.3 area 255 9 | network 10.255.255.8 0.0.0.3 area 255 10 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/ISP/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname ISP 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 8.8.8.8 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/ISP/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback8 3 | description Google Public DNS 4 | ip address 8.8.8.8 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface GigabitEthernet0/1 9 | description TO_BR1-ED1-CompanyX 10 | ip address 15.15.15.1 255.255.255.252 11 | 12 | ! 13 | ! 14 | interface GigabitEthernet0/2 15 | description TO_BR2-FW1-CompanyX 16 | ip address 20.2.2.1 255.255.255.252 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description TO_HQ-ED1-CompanyX 22 | ip address 1.1.1.1 255.255.255.252 23 | 24 | ! 25 | ! 26 | interface GigabitEthernet0/4 27 | description TO_HQ-FW1-CompanyX 28 | ip address 2.2.2.1 255.255.255.252 29 | 30 | ! 31 | 32 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/ISP/FINAL.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/CONFIGS/ISP/FINAL.conf -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/ISP/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/CONFIGS/ISP/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/VyOS-BR1-ED1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | interfaces { 2 | dummy dum0 { 3 | address 10.1.255.1/32 4 | } 5 | ethernet eth0 { 6 | address 192.168.2.111/24 7 | description MGMT-ONLY 8 | } 9 | ethernet eth1 { 10 | address 10.1.100.1/27 11 | description TO_BR1-AC1 12 | } 13 | ethernet eth2 { 14 | address 15.15.15.2/30 15 | description TO_ISP 16 | } 17 | vti vti0 { 18 | address 169.254.100.1/30 19 | } 20 | } -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/VyOS-BR1-ED1/6_pat-service.conf: -------------------------------------------------------------------------------- 1 | nat { 2 | source { 3 | rule 10 { 4 | description BR1-C1-NET 5 | outbound-interface eth2 6 | protocol all 7 | source { 8 | address 10.1.100.0/27 9 | } 10 | translation { 11 | address masquerade 12 | } 13 | } 14 | } 15 | } -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/VyOS-BR1-ED1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | protocols { 2 | static { 3 | interface-route 10.255.255.0/30 { 4 | next-hop-interface vti0 { 5 | } 6 | } 7 | route 192.168.1.0/24 { 8 | next-hop 192.168.2.254 { 9 | distance 1 10 | } 11 | } 12 | route 0.0.0.0/0 { 13 | next-hop 15.15.15.1 { 14 | distance 10 15 | } 16 | } 17 | } 18 | } -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/VyOS-BR1-ED1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/CONFIGS/VyOS-BR1-ED1/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/vSRX-BR2-FW1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | system { 2 | host-name vSRX-BR2-FW1; 3 | time-zone Pacific/Auckland; 4 | ntp { 5 | server 10.255.255.2; 6 | } 7 | } -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/vSRX-BR2-FW1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | interfaces { 2 | lo0 { 3 | description Lo0; 4 | unit 0 { 5 | family inet { 6 | address 10.2.255.1/32; 7 | } 8 | } 9 | } 10 | ge-0/0/0 { 11 | description TO_ISP; 12 | unit 0 { 13 | family inet { 14 | address 20.2.2.2/30; 15 | } 16 | } 17 | } 18 | ge-0/0/1 { 19 | description TO_BR2-C1; 20 | unit 0 { 21 | family inet { 22 | address 10.2.100.1/27; 23 | } 24 | } 25 | } 26 | st0 { 27 | unit 0 { 28 | family inet; 29 | } 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/vSRX-BR2-FW1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | routing-options { 2 | static { 3 | route 0.0.0.0/0 { 4 | next-hop 20.2.2.1; 5 | metric 10; 6 | } 7 | route 10.255.255.0/30 next-hop st0; 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /Ansible/inventories/production/CONFIGS/vSRX-BR2-FW1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/CONFIGS/vSRX-BR2-FW1/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/PING/ping.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: PING 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | - ping: 8 | -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/generate/generate-basic-config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Generate basic-config 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | pre_tasks: 7 | - name: remove potentially existing previous candidate config (BASIC-CONFIG) 8 | file: path={{config_dir}}/{{inventory_hostname}}/1_basic-config.conf state=absent 9 | - name: create candidate config directory (if it does not exist) 10 | file: path={{config_dir}}/{{inventory_hostname}} state=directory 11 | 12 | roles: 13 | - basic_config -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/ios_modules/ios_backup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Simple IOS backup config 3 | hosts: ALL 4 | gather_facts: yes 5 | vars: 6 | create_backup_dir: "BACKUPS/ios_backups/{{ ansible_date_time.date }}" 7 | 8 | tasks: 9 | - name: Creates BACKUP directory 10 | file: 11 | path: "{{ create_backup_dir }}" 12 | state: directory 13 | 14 | - name: Get running config 15 | ios_command: 16 | commands: show run 17 | register: show_run 18 | 19 | - name: Save config to file 20 | copy: 21 | content: "{{ show_run.stdout[0] }}" 22 | dest: "{{ create_backup_dir }}/{{ inventory_hostname }}--{{ ansible_date_time.iso8601 }}.txt" -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/ios_modules/ios_backup_v2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Archive backup of running-config to TFTP 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Archive backup of running-config to TFTP 9 | ios_command: 10 | commands: 11 | - wr 12 | 13 | -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/ios_modules/ios_command_add_ntp_server.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Sample IOS add ntp server 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Add NTP server 9 | ios_command: 10 | commands: 11 | - conf t 12 | - ntp server 1.1.1.1 13 | -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/ios_modules/ios_command_save_config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Sample IOS add ntp server 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Saving configuration 9 | ios_command: 10 | commands: 11 | - wr 12 | -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/ios_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: Cisco 4 | vars: 5 | ansible_python_interpreter: "/usr/bin/env python" 6 | 7 | tasks: 8 | 9 | - name: get facts from device 10 | napalm_get_facts: 11 | optional_args: {'global_delay_factor': 1} 12 | hostname: '{{ ansible_host }}' 13 | username: '{{ ansible_user }}' 14 | dev_os: '{{ ansible_network_os }}' 15 | password: '{{ ansible_ssh_pass }}' 16 | filter: 'facts' 17 | register: result 18 | 19 | - name: print data 20 | debug: var=result -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/junos_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: JunOS 4 | gather_facts: no 5 | vars: 6 | ansible_python_interpreter: "/usr/bin/env python" 7 | 8 | tasks: 9 | 10 | - name: get facts from device 11 | napalm_get_facts: 12 | optional_args: {'global_delay_factor': 4} 13 | hostname: '{{ ansible_host }}' 14 | username: '{{ ansible_user }}' 15 | dev_os: '{{ ansible_network_os }}' 16 | password: '{{ ansible_ssh_pass }}' 17 | filter: 'facts' 18 | register: result 19 | 20 | - name: print data 21 | debug: var=result 22 | 23 | -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/vasa_napalm/asa_command.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # aaa authorization exec LOCAL auto-enable 3 | 4 | - name: ASA_COMMAND 5 | hosts: HQ-FW1 6 | gather_facts: no 7 | vars: 8 | command1: 9 | show version 10 | 11 | show memory 12 | 13 | show int ip br 14 | 15 | tasks: 16 | - asa_command: 17 | commands: 18 | - "{{ command1 }}" 19 | # - show version 20 | register: result1 21 | 22 | - name: print data1 23 | debug: var=result1 24 | -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/vasa_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: localhost 4 | gather_facts: no 5 | vars: 6 | ansible_python_interpreter: "/usr/bin/env python" 7 | 8 | tasks: 9 | 10 | - name: get facts from device 11 | napalm_get_facts: 12 | optional_args: {'global_delay_factor': 4, 'port': 443} 13 | hostname: '172.30.33.171' 14 | username: 'cisco' 15 | dev_os: 'asa' 16 | password: 'cisco' 17 | filter: 'facts' 18 | register: result 19 | 20 | - name: print data 21 | debug: var=result 22 | 23 | -------------------------------------------------------------------------------- /Ansible/inventories/production/Modules/vyos_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: VyOS 4 | gather_facts: no 5 | vars: 6 | ansible_python_interpreter: "/usr/bin/env python" 7 | 8 | tasks: 9 | 10 | - name: get facts from device 11 | napalm_get_facts: 12 | optional_args: {'global_delay_factor': 4} 13 | hostname: '{{ ansible_host }}' 14 | username: '{{ ansible_user }}' 15 | dev_os: '{{ ansible_network_os }}' 16 | password: '{{ ansible_ssh_pass }}' 17 | filter: 'facts' 18 | register: result 19 | 20 | - name: print data 21 | debug: var=result 22 | 23 | -------------------------------------------------------------------------------- /Ansible/inventories/production/Topologies/L1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/Topologies/L1.png -------------------------------------------------------------------------------- /Ansible/inventories/production/Topologies/L2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/Topologies/L2.png -------------------------------------------------------------------------------- /Ansible/inventories/production/Topologies/L3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/Topologies/L3.png -------------------------------------------------------------------------------- /Ansible/inventories/production/Topologies/MGMT_IP.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/Topologies/MGMT_IP.png -------------------------------------------------------------------------------- /Ansible/inventories/production/Topologies/Routing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/Topologies/Routing.png -------------------------------------------------------------------------------- /Ansible/inventories/production/Topologies/VPNs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/production/Topologies/VPNs.png -------------------------------------------------------------------------------- /Ansible/inventories/production/group_vars/Cisco-ASA.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: test1 5 | priv: 15 6 | password: cisco 7 | - name: test2 8 | priv: 15 9 | password: cisco 10 | 11 | -------------------------------------------------------------------------------- /Ansible/inventories/production/group_vars/Cisco.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: test1 5 | priv: 15 6 | password: cisco 7 | - name: test2 8 | priv: 15 9 | password: cisco 10 | -------------------------------------------------------------------------------- /Ansible/inventories/production/group_vars/JunOS.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: test1 5 | class: super-user 6 | password: '"$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA' 7 | - name: test2 8 | class: super-user 9 | password: '"$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA' 10 | 11 | -------------------------------------------------------------------------------- /Ansible/inventories/production/group_vars/VyOS.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: vyos 5 | level: admin 6 | password: vyos 7 | - name: test1 8 | level: admin 9 | password: cisco 10 | - name: test2 11 | level: admin 12 | password: cisco 13 | 14 | 15 | -------------------------------------------------------------------------------- /Ansible/inventories/production/group_vars/all.yaml: -------------------------------------------------------------------------------- 1 | # for napalm_install_config (Modules) 2 | config_dir: "{{ inventory_dir }}/CONFIGS" -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/BR1-AC1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname BR1-AC1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/BR1-AC1/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 0 5 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/BR1-AC1/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 1 6 | name default 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/BR1-AC1/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_BR1-C1 4 | switchport mode access 5 | switchport access vlan 1 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/3 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 1 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | 20 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/BR1-AC1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan1 3 | description VLAN 1 4 | ip address 10.1.100.30 255.255.255.224 5 | 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/BR1-AC1/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/2 3 | description TO_BR1-ED1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | 10 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/BR1-AC1/FINAL.conf: -------------------------------------------------------------------------------- 1 | vlan 1 2 | name default 3 | interface GigabitEthernet0/1 4 | switchport access vlan 1 5 | interface GigabitEthernet0/3 6 | switchport access vlan 1 -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/BR1-AC1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +vlan 1 2 | + name default 3 | +interface GigabitEthernet0/1 4 | + switchport access vlan 1 5 | +interface GigabitEthernet0/3 6 | + switchport access vlan 1 -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC1/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 10 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC1/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 10 6 | name Sales 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC1/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 10 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 10 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 10 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan10 3 | description Managers 4 | ip address 10.255.100.30 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC1/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/1 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet2/0 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC1/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 8192 2 | spanning-tree vlan 10 priority 8192 3 | interface Vlan10 4 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 8192 2 | +spanning-tree vlan 10 priority 8192 3 | +interface Vlan10 4 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC2/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC2 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC2/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 20 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC2/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 20 6 | name Managers 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC2/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 20 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 20 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 20 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC2/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan20 3 | description Managers 4 | ip address 10.255.100.62 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC2/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/2 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet2/1 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC2/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 8192 2 | spanning-tree vlan 20 priority 8192 3 | interface Vlan20 4 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC2/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 8192 2 | +spanning-tree vlan 20 priority 8192 3 | +interface Vlan20 4 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC3/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC3 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC3/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 30 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC3/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 30 6 | name Developers 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC3/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 30 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 30 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 30 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC3/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan30 3 | description Managers 4 | ip address 10.255.100.94 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC3/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet2/1 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet1/1 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC3/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 8192 2 | spanning-tree vlan 30 priority 8192 3 | interface Vlan30 4 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC3/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 8192 2 | +spanning-tree vlan 30 priority 8192 3 | +interface Vlan30 4 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC4/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-AC4 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC4/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 8192 5 | spanning-tree vlan 40 priority 8192 6 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC4/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 40 6 | name Accounting 7 | ! 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC4/4_interfaces-access.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-C1 4 | switchport mode access 5 | switchport access vlan 40 6 | spanning-tree portfast edge 7 | spanning-tree bpduguard enable 8 | 9 | ! 10 | ! 11 | interface GigabitEthernet0/2 12 | description Empty client 13 | switchport mode access 14 | switchport access vlan 40 15 | spanning-tree portfast edge 16 | spanning-tree bpduguard enable 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description Empty client 22 | switchport mode access 23 | switchport access vlan 40 24 | spanning-tree portfast edge 25 | spanning-tree bpduguard enable 26 | 27 | ! 28 | 29 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC4/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan40 3 | description Managers 4 | ip address 10.255.100.126 255.255.255.224 5 | no shutdown 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC4/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet2/0 3 | description TO_HQ-DIS1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet1/2 11 | description TO_HQ-DIS2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | 18 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC4/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 8192 2 | spanning-tree vlan 40 priority 8192 3 | interface Vlan40 4 | no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-AC4/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 8192 2 | +spanning-tree vlan 40 priority 8192 3 | +interface Vlan40 4 | - no shutdown -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-CO1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-CO1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-CO1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.3 255.255.255.255 5 | 6 | ! 7 | 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-CO1/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | no switchport 4 | description TO-HQ-FW1 5 | ip address 10.255.1.1 255.255.255.252 6 | 7 | ! 8 | ! 9 | interface GigabitEthernet0/3 10 | no switchport 11 | description TO-HQ-DIS1 12 | ip address 10.255.1.9 255.255.255.252 13 | 14 | ! 15 | ! 16 | interface GigabitEthernet1/0 17 | no switchport 18 | description TO-HQ-DIS2 19 | ip address 10.255.1.13 255.255.255.252 20 | 21 | ! 22 | ! 23 | interface GigabitEthernet0/2 24 | no switchport 25 | description TO-HQ-SF1 26 | ip address 10.255.1.5 255.255.255.252 27 | 28 | ! 29 | 30 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-CO1/FINAL.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/CONFIGS/HQ-CO1/FINAL.conf -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-CO1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/CONFIGS/HQ-CO1/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-CO1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.3 4 | passive-interface default 5 | no passive-interface GigabitEthernet0/1 6 | no passive-interface GigabitEthernet0/2 7 | no passive-interface GigabitEthernet0/3 8 | no passive-interface GigabitEthernet1/0 9 | network 10.255.1.0 0.0.0.3 area 0 10 | network 10.255.1.8 0.0.0.3 area 0 11 | network 10.255.1.12 0.0.0.3 area 0 12 | network 10.255.1.4 0.0.0.3 area 0 13 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-DIS1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 0 5 | spanning-tree vlan 10 priority 0 6 | spanning-tree vlan 20 priority 0 7 | spanning-tree vlan 30 priority 0 8 | spanning-tree vlan 40 priority 0 9 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 10 6 | name Sales 7 | ! 8 | ! 9 | vlan 20 10 | name Managers 11 | ! 12 | ! 13 | vlan 30 14 | name Developers 15 | ! 16 | ! 17 | vlan 40 18 | name Accounting 19 | ! 20 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.1 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Vlan10 9 | description Sales 10 | ip address 10.255.100.2 255.255.255.224 11 | no shutdown 12 | ! 13 | ! 14 | interface Vlan20 15 | description Managers 16 | ip address 10.255.100.34 255.255.255.224 17 | no shutdown 18 | ! 19 | ! 20 | interface Vlan30 21 | description Developers 22 | ip address 10.255.100.66 255.255.255.224 23 | no shutdown 24 | ! 25 | ! 26 | interface Vlan40 27 | description Accounting 28 | ip address 10.255.100.98 255.255.255.224 29 | no shutdown 30 | ! 31 | 32 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/3 3 | no switchport 4 | description TO_HQ1-CO1 5 | ip address 10.255.1.10 255.255.255.252 6 | 7 | ! 8 | 9 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/1 3 | description TO_HQ-AC1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet1/2 11 | description TO_HQ-AC2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | ! 18 | interface GigabitEthernet2/0 19 | description TO_HQ-AC4 20 | switchport trunk encapsulation dot1q 21 | switchport mode trunk 22 | switchport nonegotiate 23 | 24 | ! 25 | ! 26 | interface GigabitEthernet2/1 27 | description TO_HQ-AC3 28 | switchport trunk encapsulation dot1q 29 | switchport mode trunk 30 | switchport nonegotiate 31 | 32 | ! 33 | 34 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/5_interfaces-po-channel.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-DIS2 4 | channel-group 1 mode active 5 | 6 | ! 7 | ! 8 | interface GigabitEthernet0/2 9 | description TO_HQ-DIS2 10 | channel-group 1 mode active 11 | 12 | ! 13 | ! 14 | interface Port-channel1 15 | description TO_HQ-DIS2-LACP 16 | switchport trunk encapsulation dot1q 17 | switchport mode trunk 18 | switchport nonegotiate 19 | 20 | ! 21 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/6_glbp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan10 3 | glbp 10 priority 200 4 | glbp 10 preempt 5 | glbp 10 ip 10.255.100.1 6 | glbp 10 load-balancing round-robin 7 | ! 8 | ! 9 | interface Vlan20 10 | glbp 20 priority 200 11 | glbp 20 preempt 12 | glbp 20 ip 10.255.100.33 13 | glbp 20 load-balancing round-robin 14 | ! 15 | ! 16 | interface Vlan30 17 | glbp 30 priority 200 18 | glbp 30 preempt 19 | glbp 30 ip 10.255.100.65 20 | glbp 30 load-balancing round-robin 21 | ! 22 | ! 23 | interface Vlan40 24 | glbp 40 priority 200 25 | glbp 40 preempt 26 | glbp 40 ip 10.255.100.97 27 | glbp 40 load-balancing round-robin 28 | ! 29 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 0 2 | spanning-tree vlan 10 priority 0 3 | spanning-tree vlan 20 priority 0 4 | spanning-tree vlan 30 priority 0 5 | spanning-tree vlan 40 priority 0 6 | interface Vlan10 7 | no shutdown 8 | interface Vlan20 9 | no shutdown 10 | interface Vlan30 11 | no shutdown 12 | interface Vlan40 13 | no shutdown 14 | interface Vlan10 15 | glbp 10 load-balancing round-robin 16 | interface Vlan20 17 | glbp 20 load-balancing round-robin 18 | interface Vlan30 19 | glbp 30 load-balancing round-robin 20 | interface Vlan40 21 | glbp 40 load-balancing round-robin -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 0 2 | +spanning-tree vlan 10 priority 0 3 | +spanning-tree vlan 20 priority 0 4 | +spanning-tree vlan 30 priority 0 5 | +spanning-tree vlan 40 priority 0 6 | +interface Vlan10 7 | - no shutdown 8 | +interface Vlan20 9 | - no shutdown 10 | +interface Vlan30 11 | - no shutdown 12 | +interface Vlan40 13 | - no shutdown 14 | +interface Vlan10 15 | + glbp 10 load-balancing round-robin 16 | +interface Vlan20 17 | + glbp 20 load-balancing round-robin 18 | +interface Vlan30 19 | + glbp 30 load-balancing round-robin 20 | +interface Vlan40 21 | + glbp 40 load-balancing round-robin -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.1 4 | passive-interface default 5 | no passive-interface Vlan10 6 | no passive-interface Vlan20 7 | no passive-interface Vlan30 8 | no passive-interface Vlan40 9 | no passive-interface GigabitEthernet0/3 10 | network 10.255.1.8 0.0.0.3 area 0 11 | network 10.255.100.0 0.0.0.31 area 100 12 | network 10.255.100.32 0.0.0.31 area 100 13 | network 10.255.100.64 0.0.0.31 area 100 14 | network 10.255.100.96 0.0.0.31 area 100 15 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-DIS2 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/2_stp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | spanning-tree mode rapid-pvst 3 | ! 4 | spanning-tree vlan 1 priority 4096 5 | spanning-tree vlan 10 priority 4096 6 | spanning-tree vlan 20 priority 4096 7 | spanning-tree vlan 30 priority 4096 8 | spanning-tree vlan 40 priority 4096 9 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/3_vlans.conf: -------------------------------------------------------------------------------- 1 | ! 2 | vtp mode off 3 | ! 4 | ! 5 | vlan 10 6 | name Sales 7 | ! 8 | ! 9 | vlan 20 10 | name Managers 11 | ! 12 | ! 13 | vlan 30 14 | name Developers 15 | ! 16 | ! 17 | vlan 40 18 | name Accounting 19 | ! 20 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.2 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Vlan10 9 | description Sales 10 | ip address 10.255.100.3 255.255.255.224 11 | no shutdown 12 | ! 13 | ! 14 | interface Vlan20 15 | description Managers 16 | ip address 10.255.100.35 255.255.255.224 17 | no shutdown 18 | ! 19 | ! 20 | interface Vlan30 21 | description Developers 22 | ip address 10.255.100.67 255.255.255.224 23 | no shutdown 24 | ! 25 | ! 26 | interface Vlan40 27 | description Accounting 28 | ip address 10.255.100.99 255.255.255.224 29 | no shutdown 30 | ! 31 | 32 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet1/0 3 | no switchport 4 | description TO_HQ1-CO1 5 | ip address 10.255.1.14 255.255.255.252 6 | 7 | ! 8 | 9 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/4_interfaces-trunk.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet2/0 3 | description TO_HQ-AC1 4 | switchport trunk encapsulation dot1q 5 | switchport mode trunk 6 | switchport nonegotiate 7 | 8 | ! 9 | ! 10 | interface GigabitEthernet2/1 11 | description TO_HQ-AC2 12 | switchport trunk encapsulation dot1q 13 | switchport mode trunk 14 | switchport nonegotiate 15 | 16 | ! 17 | ! 18 | interface GigabitEthernet1/2 19 | description TO_HQ-AC4 20 | switchport trunk encapsulation dot1q 21 | switchport mode trunk 22 | switchport nonegotiate 23 | 24 | ! 25 | ! 26 | interface GigabitEthernet1/1 27 | description TO_HQ-AC3 28 | switchport trunk encapsulation dot1q 29 | switchport mode trunk 30 | switchport nonegotiate 31 | 32 | ! 33 | 34 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/5_interfaces-po-channel.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/1 3 | description TO_HQ-DIS1 4 | channel-group 1 mode active 5 | 6 | ! 7 | ! 8 | interface GigabitEthernet0/2 9 | description TO_HQ-DIS1 10 | channel-group 1 mode active 11 | 12 | ! 13 | ! 14 | interface Port-channel1 15 | description TO_HQ-DIS1-LACP 16 | switchport trunk encapsulation dot1q 17 | switchport mode trunk 18 | switchport nonegotiate 19 | 20 | ! 21 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/6_glbp-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Vlan10 3 | glbp 10 priority 100 4 | glbp 10 preempt 5 | glbp 10 ip 10.255.100.1 6 | glbp 10 load-balancing round-robin 7 | ! 8 | ! 9 | interface Vlan20 10 | glbp 20 priority 100 11 | glbp 20 preempt 12 | glbp 20 ip 10.255.100.33 13 | glbp 20 load-balancing round-robin 14 | ! 15 | ! 16 | interface Vlan30 17 | glbp 30 priority 100 18 | glbp 30 preempt 19 | glbp 30 ip 10.255.100.65 20 | glbp 30 load-balancing round-robin 21 | ! 22 | ! 23 | interface Vlan40 24 | glbp 40 priority 100 25 | glbp 40 preempt 26 | glbp 40 ip 10.255.100.97 27 | glbp 40 load-balancing round-robin 28 | ! 29 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/FINAL.conf: -------------------------------------------------------------------------------- 1 | spanning-tree vlan 1 priority 4096 2 | spanning-tree vlan 10 priority 4096 3 | spanning-tree vlan 20 priority 4096 4 | spanning-tree vlan 30 priority 4096 5 | spanning-tree vlan 40 priority 4096 6 | interface Vlan10 7 | no shutdown 8 | interface Vlan20 9 | no shutdown 10 | interface Vlan30 11 | no shutdown 12 | interface Vlan40 13 | no shutdown 14 | interface Vlan10 15 | glbp 10 priority 100 16 | glbp 10 load-balancing round-robin 17 | interface Vlan20 18 | glbp 20 priority 100 19 | glbp 20 load-balancing round-robin 20 | interface Vlan30 21 | glbp 30 priority 100 22 | glbp 30 load-balancing round-robin 23 | interface Vlan40 24 | glbp 40 priority 100 25 | glbp 40 load-balancing round-robin -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +spanning-tree vlan 1 priority 4096 2 | +spanning-tree vlan 10 priority 4096 3 | +spanning-tree vlan 20 priority 4096 4 | +spanning-tree vlan 30 priority 4096 5 | +spanning-tree vlan 40 priority 4096 6 | +interface Vlan10 7 | - no shutdown 8 | +interface Vlan20 9 | - no shutdown 10 | +interface Vlan30 11 | - no shutdown 12 | +interface Vlan40 13 | - no shutdown 14 | +interface Vlan10 15 | + glbp 10 priority 100 16 | + glbp 10 load-balancing round-robin 17 | +interface Vlan20 18 | + glbp 20 priority 100 19 | + glbp 20 load-balancing round-robin 20 | +interface Vlan30 21 | + glbp 30 priority 100 22 | + glbp 30 load-balancing round-robin 23 | +interface Vlan40 24 | + glbp 40 priority 100 25 | + glbp 40 load-balancing round-robin -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-DIS2/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.2 4 | passive-interface default 5 | no passive-interface Vlan10 6 | no passive-interface Vlan20 7 | no passive-interface Vlan30 8 | no passive-interface Vlan40 9 | no passive-interface GigabitEthernet1/0 10 | network 10.255.1.12 0.0.0.3 area 0 11 | network 10.255.100.0 0.0.0.31 area 100 12 | network 10.255.100.32 0.0.0.31 area 100 13 | network 10.255.100.64 0.0.0.31 area 100 14 | network 10.255.100.96 0.0.0.31 area 100 15 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-ED1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-ED1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-ED1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.5 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Loopback50 9 | description OSPF AREA 50 NET1 10 | ip address 10.255.50.1 255.255.255.0 11 | 12 | ! 13 | ! 14 | interface GigabitEthernet0/1 15 | description TO-ISP 16 | ip address 1.1.1.2 255.255.255.252 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/2 21 | description TO-HQ-FW1 22 | ip address 10.255.0.1 255.255.255.252 23 | 24 | ! 25 | 26 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-ED1/6_pat-service.conf: -------------------------------------------------------------------------------- 1 | ! 2 | ip access-list extended ACL_PAT_HQ-DEPARTMENTS 3 | remark HQ VLAN 10 4 | permit ip 10.255.100.0 0.0.0.31 any 5 | remark HQ VLAN 20 6 | permit ip 10.255.100.32 0.0.0.31 any 7 | remark HQ VLAN 30 8 | permit ip 10.255.100.64 0.0.0.31 any 9 | remark HQ VLAN 40 10 | permit ip 10.255.100.96 0.0.0.31 any 11 | ! 12 | interface GigabitEthernet0/1 13 | ip nat outside 14 | interface GigabitEthernet0/2 15 | ip nat inside 16 | ! 17 | ip nat inside source list ACL_PAT_HQ-DEPARTMENTS interface GigabitEthernet0/1 overload 18 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-ED1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | ip route 0.0.0.0 0.0.0.0 1.1.1.1 3 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-ED1/FINAL.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/CONFIGS/HQ-ED1/FINAL.conf -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-ED1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/CONFIGS/HQ-ED1/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-ED1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.5 4 | passive-interface default 5 | no passive-interface GigabitEthernet0/2 6 | network 10.255.0.0 0.0.0.3 area 50 7 | network 10.255.50.0 0.0.0.255 area 50 8 | default-information originate 9 | ! 10 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-FW1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-FW1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-FW1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/0 3 | description TO_ISP 4 | nameif TO-ISP-P2P 5 | security-level 0 6 | ip address 2.2.2.2 255.255.255.252 7 | no shutdown 8 | ! 9 | ! 10 | interface GigabitEthernet0/1 11 | description TO_HQ-CO1 12 | nameif TO-HQ-CO1-P2P 13 | security-level 100 14 | ip address 10.255.1.2 255.255.255.252 15 | no shutdown 16 | ! 17 | ! 18 | interface GigabitEthernet0/2 19 | description TO_HQ-ED1 20 | nameif TO-HQ-ED1-P2P 21 | security-level 50 22 | ip address 10.255.0.2 255.255.255.252 23 | no shutdown 24 | ! 25 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-FW1/9_ACL-config.conf: -------------------------------------------------------------------------------- 1 | access-list PERMIT_ICMP extended permit icmp any any 2 | access-group PERMIT_ICMP in interface TO-HQ-ED1-P2P 3 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-FW1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | route TO-ISP-P2P 0.0.0.0 0.0.0.0 2.2.2.1 200 3 | route TO-ISP-P2P 15.15.15.2 255.255.255.255 2.2.2.1 1 4 | route TO-ISP-P2P 20.2.2.2 255.255.255.255 2.2.2.1 1 5 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-FW1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 10.255.1.2 4 | network 10.255.1.0 255.255.255.252 area 0 5 | network 10.255.0.0 255.255.255.252 area 50 6 | ! 7 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-SF1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname HQ-SF1 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 10.255.255.2 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-SF1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback0 3 | description OSPF RID 4 | ip address 169.254.255.4 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface Loopback1 9 | description Server Net2 10 | ip address 10.255.255.5 255.255.255.252 11 | 12 | ! 13 | ! 14 | interface Loopback2 15 | description Server Net3 16 | ip address 10.255.255.9 255.255.255.252 17 | 18 | ! 19 | 20 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-SF1/4_interfaces-l2-to-l3.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface GigabitEthernet0/2 3 | no switchport 4 | description TO-HQ-CO1 5 | ip address 10.255.1.6 255.255.255.252 6 | 7 | ! 8 | ! 9 | interface GigabitEthernet0/1 10 | no switchport 11 | description TO-HQ-S1 12 | ip address 10.255.255.1 255.255.255.252 13 | 14 | ! 15 | 16 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-SF1/FINAL.conf: -------------------------------------------------------------------------------- 1 | interface Loopback1 2 | ip address 10.255.255.5 255.255.255.252 3 | interface Loopback2 4 | ip address 10.255.255.9 255.255.255.252 -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-SF1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- 1 | +interface Loopback1 2 | + ip address 10.255.255.5 255.255.255.252 3 | +interface Loopback2 4 | + ip address 10.255.255.9 255.255.255.252 -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/HQ-SF1/ospfv2-routing.conf: -------------------------------------------------------------------------------- 1 | ! 2 | router ospf 1 3 | router-id 169.254.255.4 4 | passive-interface default 5 | no passive-interface GigabitEthernet0/2 6 | network 10.255.1.4 0.0.0.3 area 0 7 | network 10.255.255.0 0.0.0.3 area 255 8 | network 10.255.255.4 0.0.0.3 area 255 9 | network 10.255.255.8 0.0.0.3 area 255 10 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/ISP/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | ! 2 | hostname ISP 3 | ! 4 | clock timezone NZDT 13 0 5 | ! 6 | ntp server 8.8.8.8 7 | ! -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/ISP/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | ! 2 | interface Loopback8 3 | description Google Public DNS 4 | ip address 8.8.8.8 255.255.255.255 5 | 6 | ! 7 | ! 8 | interface GigabitEthernet0/1 9 | description TO_BR1-ED1-CompanyX 10 | ip address 15.15.15.1 255.255.255.252 11 | 12 | ! 13 | ! 14 | interface GigabitEthernet0/2 15 | description TO_BR2-FW1-CompanyX 16 | ip address 20.2.2.1 255.255.255.252 17 | 18 | ! 19 | ! 20 | interface GigabitEthernet0/3 21 | description TO_HQ-ED1-CompanyX 22 | ip address 1.1.1.1 255.255.255.252 23 | 24 | ! 25 | ! 26 | interface GigabitEthernet0/4 27 | description TO_HQ-FW1-CompanyX 28 | ip address 2.2.2.1 255.255.255.252 29 | 30 | ! 31 | 32 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/ISP/FINAL.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/CONFIGS/ISP/FINAL.conf -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/ISP/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/CONFIGS/ISP/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/VyOS-BR1-ED1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | interfaces { 2 | dummy dum0 { 3 | address 10.1.255.1/32 4 | } 5 | ethernet eth0 { 6 | address 192.168.3.111/24 7 | description MGMT-ONLY 8 | } 9 | ethernet eth1 { 10 | address 10.1.100.1/27 11 | description TO_BR1-AC1 12 | } 13 | ethernet eth2 { 14 | address 15.15.15.2/30 15 | description TO_ISP 16 | } 17 | vti vti0 { 18 | address 169.254.100.1/30 19 | } 20 | } -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/VyOS-BR1-ED1/6_pat-service.conf: -------------------------------------------------------------------------------- 1 | nat { 2 | source { 3 | rule 10 { 4 | description BR1-C1-NET 5 | outbound-interface eth2 6 | protocol all 7 | source { 8 | address 10.1.100.0/27 9 | } 10 | translation { 11 | address masquerade 12 | } 13 | } 14 | } 15 | } -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/VyOS-BR1-ED1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | protocols { 2 | static { 3 | interface-route 10.255.255.0/30 { 4 | next-hop-interface vti0 { 5 | } 6 | } 7 | route 192.168.1.0/24 { 8 | next-hop 192.168.3.254 { 9 | distance 1 10 | } 11 | } 12 | route 0.0.0.0/0 { 13 | next-hop 15.15.15.1 { 14 | distance 10 15 | } 16 | } 17 | } 18 | } -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/VyOS-BR1-ED1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/CONFIGS/VyOS-BR1-ED1/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/vSRX-BR2-FW1/1_basic-config.conf: -------------------------------------------------------------------------------- 1 | system { 2 | host-name vSRX-BR2-FW1; 3 | time-zone Pacific/Auckland; 4 | ntp { 5 | server 10.255.255.2; 6 | } 7 | } -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/vSRX-BR2-FW1/4_interfaces-ip.conf: -------------------------------------------------------------------------------- 1 | interfaces { 2 | lo0 { 3 | description Lo0; 4 | unit 0 { 5 | family inet { 6 | address 10.2.255.1/32; 7 | } 8 | } 9 | } 10 | ge-0/0/0 { 11 | description TO_ISP; 12 | unit 0 { 13 | family inet { 14 | address 20.2.2.2/30; 15 | } 16 | } 17 | } 18 | ge-0/0/1 { 19 | description TO_BR2-C1; 20 | unit 0 { 21 | family inet { 22 | address 10.2.100.1/27; 23 | } 24 | } 25 | } 26 | st0 { 27 | unit 0 { 28 | family inet; 29 | } 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/vSRX-BR2-FW1/9_static-routing.conf: -------------------------------------------------------------------------------- 1 | routing-options { 2 | static { 3 | route 0.0.0.0/0 { 4 | next-hop 20.2.2.1; 5 | metric 10; 6 | } 7 | route 10.255.255.0/30 next-hop st0; 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /Ansible/inventories/test/CONFIGS/vSRX-BR2-FW1/FINAL_pre_DIFF.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/CONFIGS/vSRX-BR2-FW1/FINAL_pre_DIFF.conf -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/PING/ping.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: PING 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | - ping: 8 | -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/generate/generate-basic-config.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Generate basic-config 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | pre_tasks: 7 | - name: remove potentially existing previous candidate config (BASIC-CONFIG) 8 | file: path={{config_dir}}/{{inventory_hostname}}/1_basic-config.conf state=absent 9 | - name: create candidate config directory (if it does not exist) 10 | file: path={{config_dir}}/{{inventory_hostname}} state=directory 11 | 12 | roles: 13 | - basic_config -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/ios_modules/ios_backup.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Simple IOS backup config 3 | hosts: ALL 4 | gather_facts: yes 5 | vars: 6 | create_backup_dir: "BACKUPS/ios_backups/{{ ansible_date_time.date }}" 7 | 8 | tasks: 9 | - name: Creates BACKUP directory 10 | file: 11 | path: "{{ create_backup_dir }}" 12 | state: directory 13 | 14 | - name: Get running config 15 | ios_command: 16 | commands: show run 17 | register: show_run 18 | 19 | - name: Save config to file 20 | copy: 21 | content: "{{ show_run.stdout[0] }}" 22 | dest: "{{ create_backup_dir }}/{{ inventory_hostname }}--{{ ansible_date_time.iso8601 }}.txt" -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/ios_modules/ios_backup_v2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Archive backup of running-config to TFTP 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Archive backup of running-config to TFTP 9 | ios_command: 10 | commands: 11 | - wr 12 | 13 | -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/ios_modules/ios_command_add_ntp_server.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Sample IOS add ntp server 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Add NTP server 9 | ios_command: 10 | commands: 11 | - conf t 12 | - ntp server 1.1.1.1 13 | -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/ios_modules/ios_command_save_config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Sample IOS add ntp server 3 | hosts: ALL 4 | gather_facts: no 5 | 6 | tasks: 7 | 8 | - name: Saving configuration 9 | ios_command: 10 | commands: 11 | - wr 12 | -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/ios_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: Cisco 4 | vars: 5 | ansible_python_interpreter: "/usr/bin/env python" 6 | 7 | tasks: 8 | 9 | - name: get facts from device 10 | napalm_get_facts: 11 | optional_args: {'global_delay_factor': 1} 12 | hostname: '{{ ansible_host }}' 13 | username: '{{ ansible_user }}' 14 | dev_os: '{{ ansible_network_os }}' 15 | password: '{{ ansible_ssh_pass }}' 16 | filter: 'facts' 17 | register: result 18 | 19 | - name: print data 20 | debug: var=result -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/junos_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: JunOS 4 | gather_facts: no 5 | vars: 6 | ansible_python_interpreter: "/usr/bin/env python" 7 | 8 | tasks: 9 | 10 | - name: get facts from device 11 | napalm_get_facts: 12 | optional_args: {'global_delay_factor': 4} 13 | hostname: '{{ ansible_host }}' 14 | username: '{{ ansible_user }}' 15 | dev_os: '{{ ansible_network_os }}' 16 | password: '{{ ansible_ssh_pass }}' 17 | filter: 'facts' 18 | register: result 19 | 20 | - name: print data 21 | debug: var=result 22 | 23 | -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/vasa_napalm/asa_command.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # aaa authorization exec LOCAL auto-enable 3 | 4 | - name: ASA_COMMAND 5 | hosts: HQ-FW1 6 | gather_facts: no 7 | vars: 8 | command1: 9 | show version 10 | 11 | show memory 12 | 13 | show int ip br 14 | 15 | tasks: 16 | - asa_command: 17 | commands: 18 | - "{{ command1 }}" 19 | # - show version 20 | register: result1 21 | 22 | - name: print data1 23 | debug: var=result1 24 | -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/vasa_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: localhost 4 | gather_facts: no 5 | vars: 6 | ansible_python_interpreter: "/usr/bin/env python" 7 | 8 | tasks: 9 | 10 | - name: get facts from device 11 | napalm_get_facts: 12 | optional_args: {'global_delay_factor': 4, 'port': 443} 13 | hostname: '172.30.33.171' 14 | username: 'cisco' 15 | dev_os: 'asa' 16 | password: 'cisco' 17 | filter: 'facts' 18 | register: result 19 | 20 | - name: print data 21 | debug: var=result 22 | 23 | -------------------------------------------------------------------------------- /Ansible/inventories/test/Modules/vyos_napalm/napalm_get_facts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: "NAPALM: GET FACTS" 3 | hosts: VyOS 4 | gather_facts: no 5 | vars: 6 | ansible_python_interpreter: "/usr/bin/env python" 7 | 8 | tasks: 9 | 10 | - name: get facts from device 11 | napalm_get_facts: 12 | optional_args: {'global_delay_factor': 4} 13 | hostname: '{{ ansible_host }}' 14 | username: '{{ ansible_user }}' 15 | dev_os: '{{ ansible_network_os }}' 16 | password: '{{ ansible_ssh_pass }}' 17 | filter: 'facts' 18 | register: result 19 | 20 | - name: print data 21 | debug: var=result 22 | 23 | -------------------------------------------------------------------------------- /Ansible/inventories/test/Topologies/L1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/Topologies/L1.png -------------------------------------------------------------------------------- /Ansible/inventories/test/Topologies/L2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/Topologies/L2.png -------------------------------------------------------------------------------- /Ansible/inventories/test/Topologies/L3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/Topologies/L3.png -------------------------------------------------------------------------------- /Ansible/inventories/test/Topologies/MGMT_IP.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/Topologies/MGMT_IP.png -------------------------------------------------------------------------------- /Ansible/inventories/test/Topologies/Routing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/Topologies/Routing.png -------------------------------------------------------------------------------- /Ansible/inventories/test/Topologies/VPNs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/Ansible/inventories/test/Topologies/VPNs.png -------------------------------------------------------------------------------- /Ansible/inventories/test/group_vars/Cisco-ASA.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: test1 5 | priv: 15 6 | password: cisco 7 | - name: test2 8 | priv: 15 9 | password: cisco 10 | 11 | -------------------------------------------------------------------------------- /Ansible/inventories/test/group_vars/Cisco.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: test1 5 | priv: 15 6 | password: cisco 7 | - name: test2 8 | priv: 15 9 | password: cisco 10 | 11 | -------------------------------------------------------------------------------- /Ansible/inventories/test/group_vars/JunOS.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: test1 5 | class: super-user 6 | password: '"$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA' 7 | - name: test2 8 | class: super-user 9 | password: '"$6$rQaia7uY$vVWpxY0QeBPjQl5O5GYqwUUWsC1zEJDxgWdIy/EA5cWrGCKuF794A0Il17t5XfcXXlO.G/MYB9fh9zV.4Vp1y1"; ## SECRET-DATA' 10 | 11 | 12 | -------------------------------------------------------------------------------- /Ansible/inventories/test/group_vars/VyOS.yaml: -------------------------------------------------------------------------------- 1 | # local_users 2 | 3 | users: 4 | - name: vyos 5 | level: admin 6 | password: vyos 7 | - name: test1 8 | level: admin 9 | password: cisco 10 | - name: test2 11 | level: admin 12 | password: cisco 13 | 14 | 15 | -------------------------------------------------------------------------------- /Ansible/inventories/test/group_vars/all.yaml: -------------------------------------------------------------------------------- 1 | # for napalm_install_config (Modules) 2 | config_dir: "{{ inventory_dir }}/CONFIGS" -------------------------------------------------------------------------------- /Docker-runner/ansible.cfg: -------------------------------------------------------------------------------- 1 | # config file for ansible 2 | # override global certain global settings 3 | 4 | [defaults] 5 | retry_files_enabled = False 6 | # default to inventory file of ./hosts 7 | inventory = inventories 8 | # disable host checking to automatically add hosts to known_hosts 9 | host_key_checking = False 10 | # set the roles path to the local directory 11 | roles_path = Roles 12 | # NAPALM 13 | library = /usr/local/lib/python3.6/dist-packages/napalm_ansible/modules 14 | action_plugins = /usr/local/lib/python3.6/dist-packages/napalm_ansible/plugins/action 15 | 16 | [persistent_connection] 17 | connect_timeout = 100 18 | command_timeout = 80 -------------------------------------------------------------------------------- /GNS3/DEV-Startup-CFGs/BR1-ED1: -------------------------------------------------------------------------------- 1 | configure 2 | 3 | set system host-name VyOS-BR1-ED1 4 | 5 | set service ssh port 22 6 | 7 | set interfaces ethernet eth0 address 192.168.4.111/24 8 | 9 | set interfaces ethernet eth0 description MGMT-ONLY 10 | 11 | set service ssh listen-address 192.168.4.111 12 | 13 | set service ssh allow-root 14 | 15 | set protocols static route 192.168.1.0/24 next-hop 192.168.4.254 16 | n 17 | commit 18 | 19 | save -------------------------------------------------------------------------------- /GNS3/DEV-Startup-CFGs/BR2-FW1: -------------------------------------------------------------------------------- 1 | edit 2 | 3 | set system root-authentication plain-text-password 4 | 5 | set system host-name vSRX-BR2-FW1 6 | 7 | set interfaces fxp0 unit 0 family inet address 192.168.4.113/24 8 | 9 | set system services ssh authentication-order password 10 | 11 | set system services ssh protocol-version v2 12 | 13 | set system login user cisco class super-user authentication plain-text-password 14 | 15 | set routing-instances mgmt_junos description MGMT_ONLY 16 | 17 | set system management-instance 18 | 19 | set routing-instances mgmt_junos routing-options static route 0.0.0.0/0 next-hop 192.168.4.254 20 | 21 | commit check 22 | 23 | commit -------------------------------------------------------------------------------- /GNS3/DEV-Startup-CFGs/HQ-ED1: -------------------------------------------------------------------------------- 1 | vrf definition Mgmt-intf 2 | ! 3 | address-family ipv4 4 | exit-address-family 5 | ! 6 | address-family ipv6 7 | exit-address-family 8 | ! 9 | interface GigabitEthernet0/0 10 | description MGMT 11 | vrf forwarding Mgmt-intf 12 | ip address 192.168.4.109 255.255.255.0 13 | no shut 14 | ! 15 | ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 192.168.4.254 16 | ! 17 | hostname HQ-ED1 18 | enable secret cisco 19 | ip domain name nac.local 20 | username cisco privilege 15 secret cisco 21 | crypto key generate rsa label SSH_KEY modulus 2048 22 | ip ssh version 2 23 | line vty 0 4 24 | logging synchronous 25 | login local 26 | transport input ssh 27 | ! 28 | line con 0 29 | logging synchronous 30 | ! 31 | ip scp server enable 32 | ! 33 | do wr 34 | ! 35 | -------------------------------------------------------------------------------- /GNS3/DEV-Startup-CFGs/HQ-FW1: -------------------------------------------------------------------------------- 1 | hostname HQ-FW1 2 | enable password cisco 3 | ! 4 | interface Management0/0 5 | management-only 6 | nameif MGMT 7 | security-level 100 8 | ip address 192.168.4.108 255.255.255.0 9 | no shutdown 10 | ! 11 | route MGMT 0 0 192.168.4.254 12 | ! 13 | username cisco password cisco privilege 15 14 | ! 15 | aaa authentication ssh console LOCAL 16 | aaa authentication http console LOCAL 17 | aaa authorization exec LOCAL auto-enable 18 | ! 19 | http server enable 20 | http 0 0 MGMT 21 | ! 22 | ssh 0 0 MGMT 23 | ssh version 2 24 | ! 25 | rest-api image boot:/asa-restapi-132-lfbff-k8.SPA 26 | rest-api agent 27 | ! 28 | pager 0 29 | ! 30 | wr 31 | ! -------------------------------------------------------------------------------- /GNS3/DEV-Startup-CFGs/ISP: -------------------------------------------------------------------------------- 1 | vrf definition Mgmt-intf 2 | ! 3 | address-family ipv4 4 | exit-address-family 5 | ! 6 | address-family ipv6 7 | exit-address-family 8 | ! 9 | interface GigabitEthernet0/0 10 | description MGMT 11 | vrf forwarding Mgmt-intf 12 | ip address 192.168.4.110 255.255.255.0 13 | no shut 14 | ! 15 | ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 192.168.4.254 16 | ! 17 | hostname ISP 18 | enable secret cisco 19 | ip domain name nac.local 20 | username cisco privilege 15 secret cisco 21 | crypto key generate rsa label SSH_KEY modulus 2048 22 | ip ssh version 2 23 | line vty 0 4 24 | logging synchronous 25 | login local 26 | transport input ssh 27 | ! 28 | line con 0 29 | logging synchronous 30 | ! 31 | ip scp server enable 32 | ! 33 | do wr 34 | ! 35 | -------------------------------------------------------------------------------- /GNS3/GNS3_API/DEV_START_CFGS/BR1-ED1: -------------------------------------------------------------------------------- 1 | configure 2 | 3 | set system host-name VyOS-BR1-ED1 4 | 5 | set service ssh port 22 6 | 7 | set interfaces ethernet eth0 address 192.168.4.111/24 8 | 9 | set interfaces ethernet eth0 description MGMT-ONLY 10 | 11 | set service ssh listen-address 192.168.4.111 12 | 13 | set service ssh allow-root 14 | 15 | set protocols static route 192.168.1.0/24 next-hop 192.168.4.254 16 | 17 | commit 18 | 19 | save 20 | 21 | exit 22 | 23 | exit -------------------------------------------------------------------------------- /GNS3/GNS3_API/DEV_START_CFGS/BR2-FW1: -------------------------------------------------------------------------------- 1 | set system root-authentication plain-text-password-value Pa$$w0rd 2 | set system host-name vSRX-BR2-FW1 3 | set interfaces fxp0 unit 0 family inet address 192.168.4.113/24 4 | set system services ssh authentication-order password 5 | set system services ssh protocol-version v2 6 | set system login user cisco class super-user authentication plain-text-password-value Pa$$w0rd 7 | set routing-instances mgmt_junos description MGMT_ONLY 8 | set system management-instance 9 | set routing-instances mgmt_junos routing-options static route 0.0.0.0/0 next-hop 192.168.4.254 10 | commit -------------------------------------------------------------------------------- /GNS3/GNS3_API/DEV_START_CFGS/HQ-ED1: -------------------------------------------------------------------------------- 1 | vrf definition Mgmt-intf 2 | ! 3 | address-family ipv4 4 | exit-address-family 5 | ! 6 | address-family ipv6 7 | exit-address-family 8 | ! 9 | interface GigabitEthernet0/0 10 | description MGMT 11 | vrf forwarding Mgmt-intf 12 | ip address 192.168.4.109 255.255.255.0 13 | no shut 14 | ! 15 | ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 192.168.4.254 16 | ! 17 | hostname HQ-ED1 18 | enable secret cisco 19 | ip domain name nac.local 20 | username cisco privilege 15 secret cisco 21 | crypto key generate rsa label SSH_KEY modulus 2048 22 | ip ssh version 2 23 | line vty 0 4 24 | logging synchronous 25 | login local 26 | transport input ssh 27 | ! 28 | line con 0 29 | logging synchronous 30 | ! 31 | ip scp server enable 32 | ! 33 | do wr 34 | ! 35 | -------------------------------------------------------------------------------- /GNS3/GNS3_API/DEV_START_CFGS/HQ-FW1: -------------------------------------------------------------------------------- 1 | hostname HQ-FW1 2 | enable password cisco 3 | ! 4 | interface Management0/0 5 | management-only 6 | nameif MGMT 7 | security-level 100 8 | ip address 192.168.4.108 255.255.255.0 9 | no shutdown 10 | ! 11 | route MGMT 0 0 192.168.4.254 12 | ! 13 | username cisco password cisco privilege 15 14 | ! 15 | aaa authentication ssh console LOCAL 16 | aaa authentication http console LOCAL 17 | aaa authorization exec LOCAL auto-enable 18 | ! 19 | http server enable 20 | http 0 0 MGMT 21 | ! 22 | ssh 0 0 MGMT 23 | ssh version 2 24 | ! 25 | pager 0 26 | ! 27 | wr 28 | ! -------------------------------------------------------------------------------- /GNS3/GNS3_API/DEV_START_CFGS/ISP: -------------------------------------------------------------------------------- 1 | vrf definition Mgmt-intf 2 | ! 3 | address-family ipv4 4 | exit-address-family 5 | ! 6 | address-family ipv6 7 | exit-address-family 8 | ! 9 | interface GigabitEthernet0/0 10 | description MGMT 11 | vrf forwarding Mgmt-intf 12 | ip address 192.168.4.110 255.255.255.0 13 | no shut 14 | ! 15 | ip route vrf Mgmt-intf 0.0.0.0 0.0.0.0 192.168.4.254 16 | ! 17 | hostname ISP 18 | enable secret cisco 19 | ip domain name nac.local 20 | username cisco privilege 15 secret cisco 21 | crypto key generate rsa label SSH_KEY modulus 2048 22 | ip ssh version 2 23 | line vty 0 4 24 | logging synchronous 25 | login local 26 | transport input ssh 27 | ! 28 | line con 0 29 | logging synchronous 30 | ! 31 | ip scp server enable 32 | ! 33 | do wr 34 | ! 35 | -------------------------------------------------------------------------------- /GNS3/GNS3_API/PROD_START_CFGS/BR1-ED1: -------------------------------------------------------------------------------- 1 | configure 2 | 3 | set system host-name VyOS-BR1-ED1 4 | 5 | set service ssh port 22 6 | 7 | set interfaces ethernet eth0 address 192.168.2.111/24 8 | 9 | set interfaces ethernet eth0 description MGMT-ONLY 10 | 11 | set service ssh listen-address 192.168.2.111 12 | 13 | set service ssh allow-root 14 | 15 | set protocols static route 192.168.1.0/24 next-hop 192.168.2.254 16 | 17 | commit 18 | 19 | save 20 | 21 | exit 22 | 23 | exit -------------------------------------------------------------------------------- /GNS3/GNS3_API/PROD_START_CFGS/BR2-FW1: -------------------------------------------------------------------------------- 1 | set system root-authentication plain-text-password-value Pa$$w0rd 2 | set system host-name vSRX-BR2-FW1 3 | set interfaces fxp0 unit 0 family inet address 192.168.2.113/24 4 | set system services ssh authentication-order password 5 | set system services ssh protocol-version v2 6 | set system login user cisco class super-user authentication plain-text-password-value Pa$$w0rd 7 | set routing-instances mgmt_junos description MGMT_ONLY 8 | set system management-instance 9 | set routing-instances mgmt_junos routing-options static route 0.0.0.0/0 next-hop 192.168.2.254 10 | commit -------------------------------------------------------------------------------- /GNS3/GNS3_API/PROD_START_CFGS/HQ-FW1: -------------------------------------------------------------------------------- 1 | hostname HQ-FW1 2 | enable password cisco 3 | ! 4 | interface Management0/0 5 | management-only 6 | nameif MGMT 7 | security-level 100 8 | ip address 192.168.2.108 255.255.255.0 9 | no shutdown 10 | ! 11 | route MGMT 0 0 192.168.2.254 12 | ! 13 | username cisco password cisco privilege 15 14 | ! 15 | aaa authentication ssh console LOCAL 16 | aaa authentication http console LOCAL 17 | aaa authorization exec LOCAL auto-enable 18 | ! 19 | http server enable 20 | http 0 0 MGMT 21 | ! 22 | ssh 0 0 MGMT 23 | ssh version 2 24 | ! 25 | pager 0 26 | ! 27 | wr 28 | ! -------------------------------------------------------------------------------- /GNS3/GNS3_API/TEST_START_CFGS/BR1-ED1: -------------------------------------------------------------------------------- 1 | configure 2 | 3 | set system host-name VyOS-BR1-ED1 4 | 5 | set service ssh port 22 6 | 7 | set interfaces ethernet eth0 address 192.168.3.111/24 8 | 9 | set interfaces ethernet eth0 description MGMT-ONLY 10 | 11 | set service ssh listen-address 192.168.3.111 12 | 13 | set service ssh allow-root 14 | 15 | set protocols static route 192.168.1.0/24 next-hop 192.168.3.254 16 | 17 | commit 18 | 19 | save 20 | 21 | exit 22 | 23 | exit -------------------------------------------------------------------------------- /GNS3/GNS3_API/TEST_START_CFGS/BR2-FW1: -------------------------------------------------------------------------------- 1 | set system root-authentication plain-text-password-value Pa$$w0rd 2 | set system host-name vSRX-BR2-FW1 3 | set interfaces fxp0 unit 0 family inet address 192.168.3.113/24 4 | set system services ssh authentication-order password 5 | set system services ssh protocol-version v2 6 | set system login user cisco class super-user authentication plain-text-password-value Pa$$w0rd 7 | set routing-instances mgmt_junos description MGMT_ONLY 8 | set system management-instance 9 | set routing-instances mgmt_junos routing-options static route 0.0.0.0/0 next-hop 192.168.3.254 10 | commit -------------------------------------------------------------------------------- /GNS3/GNS3_API/TEST_START_CFGS/HQ-FW1: -------------------------------------------------------------------------------- 1 | hostname HQ-FW1 2 | enable password cisco 3 | ! 4 | interface Management0/0 5 | management-only 6 | nameif MGMT 7 | security-level 100 8 | ip address 192.168.3.108 255.255.255.0 9 | no shutdown 10 | ! 11 | route MGMT 0 0 192.168.3.254 12 | ! 13 | username cisco password cisco privilege 15 14 | ! 15 | aaa authentication ssh console LOCAL 16 | aaa authentication http console LOCAL 17 | aaa authorization exec LOCAL auto-enable 18 | ! 19 | http server enable 20 | http 0 0 MGMT 21 | ! 22 | ssh 0 0 MGMT 23 | ssh version 2 24 | ! 25 | pager 0 26 | ! 27 | wr 28 | ! -------------------------------------------------------------------------------- /GNS3/GNS3_API/netascode_company_x.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/GNS3/GNS3_API/netascode_company_x.png -------------------------------------------------------------------------------- /GNS3/GNS3_API/requirements.txt: -------------------------------------------------------------------------------- 1 | asn1crypto==0.24.0 2 | bcrypt==3.1.7 3 | certifi==2019.6.16 4 | cffi==1.12.3 5 | chardet==3.0.4 6 | cryptography==2.7 7 | future==0.17.1 8 | idna==2.8 9 | netmiko==2.4.1 10 | paramiko==2.6.0 11 | pexpect==4.7.0 12 | prettytable==0.7.2 13 | ptyprocess==0.6.0 14 | pycparser==2.19 15 | PyNaCl==1.3.0 16 | pyserial==3.4 17 | PyYAML==5.1.2 18 | requests==2.22.0 19 | scp==0.13.2 20 | six==1.12.0 21 | textfsm==1.1.0 22 | urllib3==1.25.3 23 | -------------------------------------------------------------------------------- /GNS3/PROD-Startup-CFGs/BR1-ED1: -------------------------------------------------------------------------------- 1 | configure 2 | 3 | set system host-name VyOS-BR1-ED1 4 | 5 | set service ssh port 22 6 | 7 | set interfaces ethernet eth0 address 192.168.2.111/24 8 | 9 | set interfaces ethernet eth0 description MGMT-ONLY 10 | 11 | set service ssh listen-address 192.168.2.111 12 | 13 | set service ssh allow-root 14 | 15 | set protocols static route 192.168.1.0/24 next-hop 192.168.2.254 16 | 17 | commit 18 | 19 | save -------------------------------------------------------------------------------- /GNS3/PROD-Startup-CFGs/BR2-FW1: -------------------------------------------------------------------------------- 1 | edit 2 | 3 | set system root-authentication plain-text-password 4 | 5 | set system host-name vSRX-BR2-FW1 6 | 7 | set interfaces fxp0 unit 0 family inet address 192.168.2.113/24 8 | 9 | set system services ssh authentication-order password 10 | 11 | set system services ssh protocol-version v2 12 | 13 | set system login user cisco class super-user authentication plain-text-password 14 | 15 | set routing-instances mgmt_junos description MGMT_ONLY 16 | 17 | set system management-instance 18 | 19 | set routing-instances mgmt_junos routing-options static route 0.0.0.0/0 next-hop 192.168.2.254 20 | 21 | commit check 22 | 23 | commit -------------------------------------------------------------------------------- /GNS3/PROD-Startup-CFGs/HQ-FW1: -------------------------------------------------------------------------------- 1 | hostname HQ-FW1 2 | enable password cisco 3 | ! 4 | interface Management0/0 5 | management-only 6 | nameif MGMT 7 | security-level 100 8 | ip address 192.168.2.108 255.255.255.0 9 | no shutdown 10 | ! 11 | route MGMT 0 0 192.168.2.254 12 | ! 13 | username cisco password cisco privilege 15 14 | ! 15 | aaa authentication ssh console LOCAL 16 | aaa authentication http console LOCAL 17 | aaa authorization exec LOCAL auto-enable 18 | ! 19 | http server enable 20 | http 0 0 MGMT 21 | ! 22 | ssh 0 0 MGMT 23 | ssh version 2 24 | ! 25 | rest-api image boot:/asa-restapi-132-lfbff-k8.SPA 26 | rest-api agent 27 | ! 28 | pager 0 29 | ! 30 | wr -------------------------------------------------------------------------------- /GNS3/TEST-Startup-CFGs/BR1-ED1: -------------------------------------------------------------------------------- 1 | configure 2 | 3 | set system host-name VyOS-BR1-ED1 4 | 5 | set service ssh port 22 6 | 7 | set interfaces ethernet eth0 address 192.168.3.111/24 8 | 9 | set interfaces ethernet eth0 description MGMT-ONLY 10 | 11 | set service ssh listen-address 192.168.3.111 12 | 13 | set service ssh allow-root 14 | 15 | set protocols static route 192.168.1.0/24 next-hop 192.168.3.254 16 | 17 | commit 18 | 19 | save -------------------------------------------------------------------------------- /GNS3/TEST-Startup-CFGs/BR2-FW1: -------------------------------------------------------------------------------- 1 | edit 2 | 3 | set system root-authentication plain-text-password 4 | 5 | set system host-name vSRX-BR2-FW1 6 | 7 | set interfaces fxp0 unit 0 family inet address 192.168.3.113/24 8 | 9 | set system services ssh authentication-order password 10 | 11 | set system services ssh protocol-version v2 12 | 13 | set system login user cisco class super-user authentication plain-text-password 14 | 15 | set routing-instances mgmt_junos description MGMT_ONLY 16 | 17 | set system management-instance 18 | 19 | set routing-instances mgmt_junos routing-options static route 0.0.0.0/0 next-hop 192.168.3.254 20 | 21 | commit check 22 | 23 | commit -------------------------------------------------------------------------------- /GNS3/TEST-Startup-CFGs/HQ-FW1: -------------------------------------------------------------------------------- 1 | hostname HQ-FW1 2 | enable password cisco 3 | ! 4 | interface Management0/0 5 | management-only 6 | nameif MGMT 7 | security-level 100 8 | ip address 192.168.3.108 255.255.255.0 9 | no shutdown 10 | ! 11 | route MGMT 0 0 192.168.3.254 12 | ! 13 | username cisco password cisco privilege 15 14 | ! 15 | aaa authentication ssh console LOCAL 16 | aaa authentication http console LOCAL 17 | aaa authorization exec LOCAL auto-enable 18 | ! 19 | http server enable 20 | http 0 0 MGMT 21 | ! 22 | ssh 0 0 MGMT 23 | ssh version 2 24 | ! 25 | rest-api image boot:/asa-restapi-132-lfbff-k8.SPA 26 | rest-api agent 27 | ! 28 | pager 0 29 | ! 30 | wr -------------------------------------------------------------------------------- /Installation_components/docker_compose_setup.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | echo "" 4 | echo "Installation and checking docker-compose..." 5 | sudo curl -L "https://github.com/docker/compose/releases/download/1.23.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose 6 | sudo chmod +x /usr/local/bin/docker-compose 7 | sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose 8 | docker-compose --version 9 | 10 | echo "" 11 | echo "Ensuring firewalld is stopped and disabled" 12 | sudo systemctl stop firewalld 13 | sudo systemctl disable firewalld 14 | sudo systemctl restart docker 15 | -------------------------------------------------------------------------------- /PyATS/ex4_pings/job1.py: -------------------------------------------------------------------------------- 1 | # Example: job1.py 2 | # ------------------- 3 | # 4 | # a simple job file for the script above 5 | 6 | from pyats.easypy import run 7 | 8 | def main(): 9 | 10 | # run api launches a testscript as an individual task. 11 | run('connectivity_check_v2.py') 12 | -------------------------------------------------------------------------------- /PyATS/ex5_vlans/job1.py: -------------------------------------------------------------------------------- 1 | # Example: job1.py 2 | # ------------------- 3 | # 4 | # a simple job file for the script above 5 | 6 | from pyats.easypy import run 7 | 8 | def main(): 9 | 10 | # run api launches a testscript as an individual task. 11 | run('vlans_check.py') 12 | -------------------------------------------------------------------------------- /PyATS/inventories/development/__pycache__/job.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/development/__pycache__/job.cpython-36.pyc -------------------------------------------------------------------------------- /PyATS/inventories/development/__pycache__/ntp_check_v2_no_rollback.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/development/__pycache__/ntp_check_v2_no_rollback.cpython-36.pyc -------------------------------------------------------------------------------- /PyATS/inventories/development/__pycache__/ntp_check_v3.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/development/__pycache__/ntp_check_v3.cpython-36.pyc -------------------------------------------------------------------------------- /PyATS/inventories/development/job.py: -------------------------------------------------------------------------------- 1 | # Example: job.py 2 | # ------------------- 3 | 4 | from pyats.easypy import run 5 | import argparse 6 | 7 | parser = argparse.ArgumentParser() 8 | parser.add_argument('--ntp-server', dest='ntp_server', type=str, required=True) 9 | parser.add_argument('--devices', dest = 'devices', nargs='+', required=True) 10 | args = parser.parse_args() 11 | 12 | ntp_server = args.ntp_server 13 | devices = args.devices 14 | 15 | def main(): 16 | 17 | # run api launches a testscript as an individual task. 18 | 19 | run('ntp_check_v2_no_rollback.py', devices=devices, ntp_server=ntp_server) 20 | 21 | # run('ntp_check_v3.py', devices = devices, ntp_server = ntp_server) -------------------------------------------------------------------------------- /PyATS/inventories/development/run.txt: -------------------------------------------------------------------------------- 1 | pyats run job job.py --testbed-file testbed.yaml --html-logs logs/ --ntp-server 10.255.255.2 --devices HQ-FW1 --archive-dir logs/ --runinfo-dir logs/ -------------------------------------------------------------------------------- /PyATS/inventories/production/job.py: -------------------------------------------------------------------------------- 1 | # Example: job.py 2 | # ------------------- 3 | 4 | from pyats.easypy import run 5 | import argparse 6 | 7 | parser = argparse.ArgumentParser() 8 | parser.add_argument('--ntp-server', dest='ntp_server', type=str, required=True) 9 | parser.add_argument('--devices', dest = 'devices', nargs='+', required=True) 10 | args = parser.parse_args() 11 | 12 | ntp_server = args.ntp_server 13 | devices = args.devices 14 | 15 | def main(): 16 | 17 | # run api launches a testscript as an individual task. 18 | 19 | run('ntp_check_v2_no_rollback.py', devices=devices, ntp_server=ntp_server) 20 | 21 | # run('ntp_check_v3.py', devices = devices, ntp_server = ntp_server) -------------------------------------------------------------------------------- /PyATS/inventories/production/run.txt: -------------------------------------------------------------------------------- 1 | pyats run job job.py --testbed-file testbed.yaml --html-logs logs/ --ntp-server 10.255.255.2 --devices HQ-FW1 HQ-FW1 vSRX-BR2-FW1 VyOS-BR1-ED1 HQ-ED1 HQ-CO1 --archive-dir logs/ --runinfo-dir logs/ -------------------------------------------------------------------------------- /PyATS/inventories/test/__pycache__/job.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/test/__pycache__/job.cpython-36.pyc -------------------------------------------------------------------------------- /PyATS/inventories/test/__pycache__/ntp_check_v3.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/test/__pycache__/ntp_check_v3.cpython-36.pyc -------------------------------------------------------------------------------- /PyATS/inventories/test/job.py: -------------------------------------------------------------------------------- 1 | # Example: job.py 2 | # ------------------- 3 | 4 | from pyats.easypy import run 5 | import argparse 6 | 7 | parser = argparse.ArgumentParser() 8 | parser.add_argument('--ntp-server', dest='ntp_server', type=str, required=True) 9 | parser.add_argument('--devices', dest = 'devices', nargs='+', required=True) 10 | args = parser.parse_args() 11 | 12 | ntp_server = args.ntp_server 13 | devices = args.devices 14 | 15 | def main(): 16 | 17 | # run api launches a testscript as an individual task. 18 | 19 | # run('ntp_check_v2_no_rollback.py', devices=devices, ntp_server=ntp_server) 20 | 21 | run('ntp_check_v3.py', devices = devices, ntp_server = ntp_server) -------------------------------------------------------------------------------- /PyATS/inventories/test/logs/19-May/job.2019May06_19:21:57.532130.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/test/logs/19-May/job.2019May06_19:21:57.532130.zip -------------------------------------------------------------------------------- /PyATS/inventories/test/logs/19-May/job.2019May06_19:28:27.176994.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/test/logs/19-May/job.2019May06_19:28:27.176994.zip -------------------------------------------------------------------------------- /PyATS/inventories/test/logs/19-May/job.2019May06_19:33:27.975707.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/test/logs/19-May/job.2019May06_19:33:27.975707.zip -------------------------------------------------------------------------------- /PyATS/inventories/test/logs/19-May/job.2019May06_19:42:44.606910.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/test/logs/19-May/job.2019May06_19:42:44.606910.zip -------------------------------------------------------------------------------- /PyATS/inventories/test/logs/19-May/job.2019May06_19:47:35.892361.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/PyATS/inventories/test/logs/19-May/job.2019May06_19:47:35.892361.zip -------------------------------------------------------------------------------- /PyATS/inventories/test/run.txt: -------------------------------------------------------------------------------- 1 | pyats run job job.py --testbed-file testbed.yaml --html-logs logs/ --ntp-server 10.255.255.2 --devices HQ-FW1 vSRX-BR2-FW1 VyOS-BR1-ED1 HQ-ED1 HQ-CO1 --archive-dir logs/ --runinfo-dir logs/ -------------------------------------------------------------------------------- /RobotFramework/ex3/__pycache__/vlans_check.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/RobotFramework/ex3/__pycache__/vlans_check.cpython-36.pyc -------------------------------------------------------------------------------- /RobotFramework/ex4/__pycache__/connectivity_check_v2.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/RobotFramework/ex4/__pycache__/connectivity_check_v2.cpython-36.pyc -------------------------------------------------------------------------------- /RobotFramework/ex4/__pycache__/vlans_check.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/RobotFramework/ex4/__pycache__/vlans_check.cpython-36.pyc -------------------------------------------------------------------------------- /RobotFramework/inventories/development/__pycache__/connectivity_check_v2.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/RobotFramework/inventories/development/__pycache__/connectivity_check_v2.cpython-36.pyc -------------------------------------------------------------------------------- /RobotFramework/inventories/development/__pycache__/vlans_check.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/RobotFramework/inventories/development/__pycache__/vlans_check.cpython-36.pyc -------------------------------------------------------------------------------- /RobotFramework/inventories/production/__pycache__/connectivity_check_v2.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/RobotFramework/inventories/production/__pycache__/connectivity_check_v2.cpython-36.pyc -------------------------------------------------------------------------------- /RobotFramework/inventories/production/__pycache__/vlans_check.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/RobotFramework/inventories/production/__pycache__/vlans_check.cpython-36.pyc -------------------------------------------------------------------------------- /RobotFramework/inventories/test/__pycache__/connectivity_check_v2.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/RobotFramework/inventories/test/__pycache__/connectivity_check_v2.cpython-36.pyc -------------------------------------------------------------------------------- /RobotFramework/inventories/test/__pycache__/vlans_check.cpython-36.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/RobotFramework/inventories/test/__pycache__/vlans_check.cpython-36.pyc -------------------------------------------------------------------------------- /static_images/1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/static_images/1.png -------------------------------------------------------------------------------- /static_images/2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/static_images/2.png -------------------------------------------------------------------------------- /static_images/components.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/static_images/components.png -------------------------------------------------------------------------------- /static_images/example_of_pipeline.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/static_images/example_of_pipeline.png -------------------------------------------------------------------------------- /static_images/gns3_test_network.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/static_images/gns3_test_network.png -------------------------------------------------------------------------------- /static_images/overview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dmmar/netascode/1d15e717b600d38bd33a65fa110e1c129d72e5df/static_images/overview.png --------------------------------------------------------------------------------