set interfaces ethernet eth0 address '10.2.0.2/24'
set interfaces ethernet eth0 description 'WAN-Kernel'
set interfaces ethernet eth1 address '10.3.0.2/24'
set interfaces ethernet eth1 description 'WAN-VPP'
set interfaces ethernet eth2 address '100.64.2.1/24'
set interfaces ethernet eth2 description 'LAN-Kernel'
set interfaces ethernet eth3 address '100.64.3.1/24'
set interfaces ethernet eth3 description 'LAN-VPP'
set interfaces loopback lo
set interfaces vti vti0 address '10.255.0.2/30'
set interfaces vti vti0 description 'IPsec-VTI-peer-initiator-001-cfg_000'
set interfaces vti vti1 address '10.255.0.6/30'
set interfaces vti vti1 description 'IPsec-VTI-peer-initiator-001-cfg_001'
set protocols static route 0.0.0.0/0 next-hop 10.2.0.1 interface 'eth0'
set protocols static route 10.0.0.2/32 next-hop 10.2.0.1 interface 'eth0'
set protocols static route 10.1.0.2/32 next-hop 10.3.0.1 interface 'eth1'
set protocols static route 172.16.1.0/24 next-hop 10.255.0.1
set protocols static route 172.16.2.0/24 next-hop 10.255.0.5
set protocols static route 172.16.3.0/24 next-hop 10.255.0.9
set protocols static route 172.16.4.0/24 next-hop 10.255.0.13
set protocols static route 172.16.5.0/24 next-hop 10.255.0.17
set protocols static route 172.16.6.0/24 next-hop 10.255.0.21
set protocols static route 172.16.7.0/24 next-hop 10.255.0.25
set protocols static route 172.16.8.0/24 next-hop 10.255.0.29
set protocols static route 172.16.9.0/24 next-hop 10.255.0.33
set protocols static route 172.16.10.0/24 next-hop 10.255.0.33
set protocols static route 172.16.11.0/24 next-hop 10.255.0.37
set protocols static route 172.16.12.0/24 next-hop 10.255.0.37
set protocols static route 172.16.13.0/24 next-hop 10.255.0.41
set protocols static route 172.16.14.0/24 next-hop 10.255.0.41
set protocols static route 172.16.15.0/24 next-hop 10.255.0.45
set protocols static route 172.16.16.0/24 next-hop 10.255.0.45
set protocols static route 172.16.17.0/24 next-hop 10.255.0.49
set protocols static route 172.16.18.0/24 next-hop 10.255.0.49
set protocols static route 172.16.19.0/24 next-hop 10.255.0.53
set protocols static route 172.16.20.0/24 next-hop 10.255.0.53
set protocols static route 172.16.21.0/24 next-hop 10.255.0.57
set protocols static route 172.16.22.0/24 next-hop 10.255.0.57
set protocols static route 172.16.23.0/24 next-hop 10.255.0.61
set protocols static route 172.16.24.0/24 next-hop 10.255.0.61
set protocols static route 172.16.37.0/24 next-hop 10.255.0.65
set protocols static route 172.16.38.0/24 next-hop 10.255.0.69
set protocols static route 172.16.39.0/24 next-hop 10.255.0.73
set protocols static route 172.16.40.0/24 next-hop 10.255.0.77
set protocols static route 172.16.41.0/24 next-hop 10.255.0.81
set protocols static route 172.16.42.0/24 next-hop 10.255.0.85
set protocols static route 172.16.43.0/24 next-hop 10.255.0.89
set protocols static route 172.16.44.0/24 next-hop 10.255.0.93
set protocols static route 172.16.45.0/24 next-hop 10.255.0.97
set protocols static route 172.16.46.0/24 next-hop 10.255.0.101
set protocols static route 172.16.47.0/24 next-hop 10.255.0.105
set protocols static route 172.16.48.0/24 next-hop 10.255.0.109
set protocols static route 172.16.49.0/24 next-hop 10.255.0.113
set protocols static route 172.16.50.0/24 next-hop 10.255.0.117
set protocols static route 172.16.51.0/24 next-hop 10.255.0.121
set protocols static route 172.16.52.0/24 next-hop 10.255.0.125
set protocols static route 172.16.53.0/24 next-hop 10.255.0.129
set protocols static route 172.16.54.0/24 next-hop 10.255.0.129
set protocols static route 172.16.55.0/24 next-hop 10.255.0.133
set protocols static route 172.16.56.0/24 next-hop 10.255.0.133
set protocols static route 172.16.57.0/24 next-hop 10.255.0.137
set protocols static route 172.16.58.0/24 next-hop 10.255.0.137
set protocols static route 172.16.59.0/24 next-hop 10.255.0.141
set protocols static route 172.16.60.0/24 next-hop 10.255.0.141
set protocols static route 172.16.61.0/24 next-hop 10.255.0.145
set protocols static route 172.16.62.0/24 next-hop 10.255.0.145
set protocols static route 172.16.63.0/24 next-hop 10.255.0.149
set protocols static route 172.16.64.0/24 next-hop 10.255.0.149
set protocols static route 172.16.65.0/24 next-hop 10.255.0.153
set protocols static route 172.16.66.0/24 next-hop 10.255.0.153
set protocols static route 172.16.67.0/24 next-hop 10.255.0.157
set protocols static route 172.16.68.0/24 next-hop 10.255.0.157
set protocols static route 172.16.69.0/24 next-hop 10.255.0.161
set protocols static route 172.16.70.0/24 next-hop 10.255.0.161
set protocols static route 172.16.71.0/24 next-hop 10.255.0.165
set protocols static route 172.16.72.0/24 next-hop 10.255.0.165
set protocols static route 172.16.73.0/24 next-hop 10.255.0.169
set protocols static route 172.16.74.0/24 next-hop 10.255.0.169
set protocols static route 172.16.75.0/24 next-hop 10.255.0.173
set protocols static route 172.16.76.0/24 next-hop 10.255.0.173
set protocols static route 172.16.77.0/24 next-hop 10.255.0.177
set protocols static route 172.16.78.0/24 next-hop 10.255.0.177
set protocols static route 172.16.79.0/24 next-hop 10.255.0.181
set protocols static route 172.16.80.0/24 next-hop 10.255.0.181
set protocols static route 172.16.81.0/24 next-hop 10.255.0.185
set protocols static route 172.16.82.0/24 next-hop 10.255.0.185
set protocols static route 172.16.83.0/24 next-hop 10.255.0.189
set protocols static route 172.16.84.0/24 next-hop 10.255.0.189
set protocols static route 172.17.1.0/24 next-hop 100.64.2.10
set protocols static route 172.17.2.0/24 next-hop 100.64.3.10
set protocols static route 172.17.3.0/24 next-hop 100.64.2.10
set protocols static route 172.17.4.0/24 next-hop 100.64.3.10
set protocols static route 172.17.5.0/24 next-hop 100.64.2.10
set protocols static route 172.17.6.0/24 next-hop 100.64.2.10
set protocols static route 172.17.7.0/24 next-hop 100.64.3.10
set protocols static route 172.17.8.0/24 next-hop 100.64.3.10
set protocols static route 172.17.9.0/24 next-hop 100.64.2.10
set protocols static route 172.17.10.0/24 next-hop 100.64.2.10
set protocols static route 172.17.11.0/24 next-hop 100.64.3.10
set protocols static route 172.17.12.0/24 next-hop 100.64.3.10
set protocols static route 172.17.13.0/24 next-hop 100.64.2.10
set protocols static route 172.17.14.0/24 next-hop 100.64.3.10
set protocols static route 172.17.15.0/24 next-hop 100.64.2.10
set protocols static route 172.17.16.0/24 next-hop 100.64.3.10
set protocols static route 172.17.17.0/24 next-hop 100.64.2.10
set protocols static route 172.17.18.0/24 next-hop 100.64.2.10
set protocols static route 172.17.19.0/24 next-hop 100.64.3.10
set protocols static route 172.17.20.0/24 next-hop 100.64.3.10
set protocols static route 172.17.21.0/24 next-hop 100.64.2.10
set protocols static route 172.17.22.0/24 next-hop 100.64.2.10
set protocols static route 172.17.23.0/24 next-hop 100.64.3.10
set protocols static route 172.17.24.0/24 next-hop 100.64.3.10
set protocols static route 172.17.25.0/24 next-hop 100.64.2.10
set protocols static route 172.17.26.0/24 next-hop 100.64.3.10
set protocols static route 172.17.27.0/24 next-hop 100.64.2.10
set protocols static route 172.17.28.0/24 next-hop 100.64.2.10
set protocols static route 172.17.29.0/24 next-hop 100.64.3.10
set protocols static route 172.17.30.0/24 next-hop 100.64.3.10
set protocols static route 172.17.31.0/24 next-hop 100.64.2.10
set protocols static route 172.17.32.0/24 next-hop 100.64.3.10
set protocols static route 172.17.33.0/24 next-hop 100.64.2.10
set protocols static route 172.17.34.0/24 next-hop 100.64.2.10
set protocols static route 172.17.35.0/24 next-hop 100.64.3.10
set protocols static route 172.17.36.0/24 next-hop 100.64.3.10
set protocols static route 172.17.37.0/24 next-hop 100.64.2.10
set protocols static route 172.17.38.0/24 next-hop 100.64.3.10
set protocols static route 172.17.39.0/24 next-hop 100.64.2.10
set protocols static route 172.17.40.0/24 next-hop 100.64.3.10
set protocols static route 172.17.41.0/24 next-hop 100.64.2.10
set protocols static route 172.17.42.0/24 next-hop 100.64.3.10
set protocols static route 172.17.43.0/24 next-hop 100.64.2.10
set protocols static route 172.17.44.0/24 next-hop 100.64.3.10
set protocols static route 172.17.45.0/24 next-hop 100.64.2.10
set protocols static route 172.17.46.0/24 next-hop 100.64.2.10
set protocols static route 172.17.47.0/24 next-hop 100.64.3.10
set protocols static route 172.17.48.0/24 next-hop 100.64.3.10
set protocols static route 172.17.49.0/24 next-hop 100.64.2.10
set protocols static route 172.17.50.0/24 next-hop 100.64.2.10
set protocols static route 172.17.51.0/24 next-hop 100.64.3.10
set protocols static route 172.17.52.0/24 next-hop 100.64.3.10
set protocols static route 172.17.53.0/24 next-hop 100.64.2.10
set protocols static route 172.17.54.0/24 next-hop 100.64.2.10
set protocols static route 172.17.55.0/24 next-hop 100.64.3.10
set protocols static route 172.17.56.0/24 next-hop 100.64.3.10
set protocols static route 172.17.57.0/24 next-hop 100.64.2.10
set protocols static route 172.17.58.0/24 next-hop 100.64.2.10
set protocols static route 172.17.59.0/24 next-hop 100.64.3.10
set protocols static route 172.17.60.0/24 next-hop 100.64.3.10
set protocols static route 172.17.61.0/24 next-hop 100.64.2.10
set protocols static route 172.17.62.0/24 next-hop 100.64.3.10
set protocols static route 172.17.63.0/24 next-hop 100.64.2.10
set protocols static route 172.17.64.0/24 next-hop 100.64.3.10
set protocols static route 172.17.65.0/24 next-hop 100.64.2.10
set protocols static route 172.17.66.0/24 next-hop 100.64.3.10
set protocols static route 172.17.67.0/24 next-hop 100.64.2.10
set protocols static route 172.17.68.0/24 next-hop 100.64.3.10
set protocols static route 172.17.69.0/24 next-hop 100.64.2.10
set protocols static route 172.17.70.0/24 next-hop 100.64.2.10
set protocols static route 172.17.71.0/24 next-hop 100.64.3.10
set protocols static route 172.17.72.0/24 next-hop 100.64.3.10
set protocols static route 172.17.73.0/24 next-hop 100.64.2.10
set protocols static route 172.17.74.0/24 next-hop 100.64.2.10
set protocols static route 172.17.75.0/24 next-hop 100.64.3.10
set protocols static route 172.17.76.0/24 next-hop 100.64.3.10
set protocols static route 172.17.77.0/24 next-hop 100.64.2.10
set protocols static route 172.17.78.0/24 next-hop 100.64.2.10
set protocols static route 172.17.79.0/24 next-hop 100.64.3.10
set protocols static route 172.17.80.0/24 next-hop 100.64.3.10
set protocols static route 172.17.81.0/24 next-hop 100.64.2.10
set protocols static route 172.17.82.0/24 next-hop 100.64.2.10
set protocols static route 172.17.83.0/24 next-hop 100.64.3.10
set protocols static route 172.17.84.0/24 next-hop 100.64.3.10
set protocols static route 172.17.85.0/24 next-hop 100.64.2.10
set protocols static route 172.17.86.0/24 next-hop 100.64.3.10
set protocols static route 172.17.87.0/24 next-hop 100.64.2.10
set protocols static route 172.17.88.0/24 next-hop 100.64.3.10
set protocols static route 172.17.89.0/24 next-hop 100.64.2.10
set protocols static route 172.17.90.0/24 next-hop 100.64.2.10
set protocols static route 172.17.91.0/24 next-hop 100.64.3.10
set protocols static route 172.17.92.0/24 next-hop 100.64.3.10
set protocols static route 172.17.93.0/24 next-hop 100.64.2.10
set protocols static route 172.17.94.0/24 next-hop 100.64.2.10
set protocols static route 172.17.95.0/24 next-hop 100.64.3.10
set protocols static route 172.17.96.0/24 next-hop 100.64.3.10
set protocols static route 172.17.97.0/24 next-hop 100.64.2.10
set protocols static route 172.17.98.0/24 next-hop 100.64.3.10
set protocols static route 172.17.99.0/24 next-hop 100.64.2.10
set protocols static route 172.17.100.0/24 next-hop 100.64.3.10
set protocols static route 172.17.101.0/24 next-hop 100.64.2.10
set protocols static route 172.17.102.0/24 next-hop 100.64.2.10
set protocols static route 172.17.103.0/24 next-hop 100.64.3.10
set protocols static route 172.17.104.0/24 next-hop 100.64.3.10
set protocols static route 172.17.105.0/24 next-hop 100.64.2.10
set protocols static route 172.17.106.0/24 next-hop 100.64.2.10
set protocols static route 172.17.107.0/24 next-hop 100.64.3.10
set protocols static route 172.17.108.0/24 next-hop 100.64.3.10
set service ntp allow-client address '127.0.0.0/8'
set service ntp allow-client address '169.254.0.0/16'
set service ntp allow-client address '10.0.0.0/8'
set service ntp allow-client address '172.16.0.0/12'
set service ntp allow-client address '192.168.0.0/16'
set service ntp allow-client address '::1/128'
set service ntp allow-client address 'fe80::/10'
set service ntp allow-client address 'fc00::/7'
set service ntp server time1.vyos.net
set service ntp server time2.vyos.net
set service ntp server time3.vyos.net
set service ssh
set system config-management commit-revisions '100'
set system console device ttyS0 speed '115200'
set system host-name 'router-responder-001'
set system login operator-group default command-policy allow '*'
set system login user vyos authentication encrypted-password '$6$QxPS.uk6mfo$9QBSo8u1FkH16gMyAVhus6fU3LOzvLR9Z9.82m3tiHFAxTtIkhaZSWssSgzt4v4dGAL8rhVQxTg0oAG9/q11h/'
set system login user vyos authentication plaintext-password ''
set system option kernel cpu disable-nmi-watchdog
set system option kernel cpu isolate-cpus '2-3'
set system option kernel cpu nohz-full '2-3'
set system option kernel cpu rcu-no-cbs '2-3'
set system option kernel disable-hpet
set system option kernel disable-mce
set system option kernel disable-mitigations
set system option kernel disable-softlockup
set system option kernel memory hugepage-size 2M hugepage-count '1024'
set system option reboot-on-upgrade-failure '5'
set system syslog local facility all level 'info'
set system syslog local facility local7 level 'debug'
set vpn ipsec authentication psk peer-initiator-001-cfg_000 id 'responder-001-cfg_000'
set vpn ipsec authentication psk peer-initiator-001-cfg_000 id 'initiator-001-cfg_000'
set vpn ipsec authentication psk peer-initiator-001-cfg_000 secret 'secret-cfg_000'
set vpn ipsec authentication psk peer-initiator-001-cfg_001 id 'responder-001-cfg_001'
set vpn ipsec authentication psk peer-initiator-001-cfg_001 id 'initiator-001-cfg_001'
set vpn ipsec authentication psk peer-initiator-001-cfg_001 secret 'secret-cfg_001'
set vpn ipsec esp-group ESP-TUNNEL lifetime '3600'
set vpn ipsec esp-group ESP-TUNNEL mode 'tunnel'
set vpn ipsec esp-group ESP-TUNNEL pfs 'dh-group14'
set vpn ipsec esp-group ESP-TUNNEL proposal 10 encryption 'aes256'
set vpn ipsec esp-group ESP-TUNNEL proposal 10 hash 'sha256'
set vpn ipsec esp-group ESP-VTI lifetime '3600'
set vpn ipsec esp-group ESP-VTI mode 'tunnel'
set vpn ipsec esp-group ESP-VTI pfs 'dh-group14'
set vpn ipsec esp-group ESP-VTI proposal 10 encryption 'aes256'
set vpn ipsec esp-group ESP-VTI proposal 10 hash 'sha256'
set vpn ipsec ike-group IKE-GROUP key-exchange 'ikev2'
set vpn ipsec ike-group IKE-GROUP lifetime '28800'
set vpn ipsec ike-group IKE-GROUP proposal 10 dh-group '14'
set vpn ipsec ike-group IKE-GROUP proposal 10 encryption 'aes256'
set vpn ipsec ike-group IKE-GROUP proposal 10 hash 'sha256'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 authentication local-id 'responder-001-cfg_000'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 authentication mode 'pre-shared-secret'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 authentication remote-id 'initiator-001-cfg_000'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 connection-type 'none'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 default-esp-group 'ESP-VTI'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 ike-group 'IKE-GROUP'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 local-address '10.2.0.2'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 remote-address '10.0.0.2'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 vti bind 'vti0'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 vti traffic-selector local prefix '172.17.1.0/24'
set vpn ipsec site-to-site peer peer-initiator-001-cfg_000 vti traffic-selector remote prefix '172.16.1.0/24'
set vpp settings interface eth1 driver 'dpdk'
set vpp settings interface eth3 driver 'dpdk'
set vpp settings ipsec netlink batch-delay-ms '1'
set vpp settings ipsec netlink batch-size '256'
set vpp settings ipsec netlink rx-buffer-size '16384'
set vpp settings memory main-heap-size '1G'
set vpp settings unix poll-sleep-usec '1000'