interfaces { dummy dum0 { address "10.10.10.1/32" description "LNS loopback to terminate L2TP" } dummy dum1 { address "192.168.1.1/32" description "Loopback for eBGP vpnv4" } dummy dum2 { address "20.20.20.20/32" description "ip interface in vrf client" vrf "client" } ethernet eth0 { hw-id "00:50:56:bf:50:96" address "10.39.250.102/24" vrf "oam" } ethernet eth1 { hw-id "00:50:56:bf:a6:f9" offload { gro { } sg { } tso { } } vif 427 { address "10.20.2.1/29" address "192.168.100.1/24" description "LAB-VPC2LNS" } vif 428 { address "10.20.2.10/29" description "2MPLS" vrf "client" } } ethernet eth2 { hw-id "00:50:56:bf:bb:d5" address "10.20.2.17/29" description "IPv4 LU for mpls" ip { adjust-mss "1300" } } loopback lo { } } policy { prefix-list filter2bird { rule 100 { action "deny" prefix "192.168.1.1/32" } rule 110 { action "deny" prefix "192.168.1.2/32" } } } protocols { bgp { address-family { ipv4-unicast { redistribute { connected { } } } ipv4-labeled-unicast { network 10.20.2.8/29 { } network 10.20.2.16/29 { } network 192.168.1.1/32 { } } } neighbor 10.20.2.2 { address-family { ipv4-unicast { nexthop-self { } soft-reconfiguration { inbound { } } } } remote-as "65001" } neighbor 10.20.2.18 { address-family { ipv4-labeled-unicast { } } remote-as "65002" } neighbor 192.168.1.2 { address-family { ipv4-vpn { } } ebgp-multihop "10" remote-as "65002" update-source "dum1" } parameters { log-neighbor-changes { } router-id "192.168.1.1" } system-as "65101" } mpls { interface "eth2" } static { route 0.0.0.0/0 { } route 16.0.0.0/8 { next-hop 192.168.100.10 { } } route 48.0.0.0/8 { next-hop 192.168.101.10 { } } } } service { lldp { interface all { location { coordinate-based { datum "WGS84" latitude "37.692043N" longitude "55.780379W" } } } management-address "10.39.250.102" } monitoring { telegraf { influxdb { authentication { organization "CPM_Ltd" token "dp9-FKZlwJrAy_pUBbOd2yq0zaH4cRYV3wIlf-O3jmd6qY6k_wwbSZB3DdJ7YcsZbolxZ5zYz_pQJDdOEgOGyQ==" } bucket "vyos" port "8086" url "http://c240m4-2-5.cpm.lab" } prometheus-client { } vrf "oam" } } snmp { community public { authorization "ro" } listen-address 10.39.250.102 { } vrf "oam" } ssh { disable-host-validation { } listen-address "10.39.250.102" port "22" vrf "oam" } } system { config-management { commit-revisions "100" } conntrack { modules { ftp { } h323 { } nfs { } pptp { } sip { } sqlnet { } tftp { } } } console { device ttyS0 { speed "115200" } } domain-name "cpm.lab" host-name "vyos-lns-1" login { user admin { authentication { encrypted-password "$6$D29cvscbEXrMOx6H$5Xu69FH8SJJhq8iVqbSbrxxf8/f20XOdM5qb3dGqWzNlUSFTByzAqZw/T/I/Y/Nu9ZJS6wAcQsWE5jArsne8G1" public-keys aserkin { key "AAAAB3NzaC1yc2EAAAADAQABAAABAQDfRP35gOuLw+sW9owhCBJoiDsbMoSU6RPiRDFGksUNgECgbJaOaGZZqJ0d0imBYiq/BiaK1W8dxbt2gArlJ3ZDteQBQei7MQPaowPPU/7bw55sCzFM2U8Yd2L9c8pKRTOOMNUKNWRZZs1U6Rapdlgg0vxjXLSVEeu2ai/StjO/XUBAkABt5YxFrFA4dx2P1Ju2MX2knGNBGIK5gxds3XBQnw7TgXG+Ex+IwV4xx8hhfn76Oh1l0HJLNRTyB6Fj53HI2BD+pjxj08+5tP7u6xpo1Ktt40nkLhdCNSG6RSA15ltqnYvcu/JrGQjwgToifwlvnntYbUl38LKvwnsELvML" type "ssh-rsa" } } } } logs { logrotate { messages { max-size "10" } } } name-server "8.8.8.8" ntp { listen-address "10.39.250.102" server 10.39.250.1 { prefer { } } server time1.vyos.net { } server time2.vyos.net { } server time3.vyos.net { } vrf "oam" } static-host-mapping { host-name c240m4-2-5.cpm.lab { inet "10.39.250.65" } host-name vyos-lns-1 { inet "10.10.10.1" } } syslog { global { facility all { level "err" } facility protocols { level "err" } } } } vpn { l2tp { remote-access { authentication { local-users { } mode "radius" radius { nas-identifier "vyos-lns-1" nas-ip-address "10.10.10.1" server 10.20.1.18 { key "secret" } source-address "10.10.10.1" } require "pap" } ccp-disable { } client-ip-pool { subnet "192.168.0.0/24" } lns { host-name "vyos-lns-1" shared-secret "secret" } name-server "8.8.8.8" name-server "1.1.1.1" outside-address "10.10.10.1" } } } vrf { name client { protocols { bgp { address-family { ipv4-unicast { export { vpn { } } import { vpn { } } label { vpn { export "auto" } } network 20.20.20.20/32 { } rd { vpn { export "65101:1002" } } redistribute { connected { } } route-target { vpn { both "65101:1002" } } } } parameters { } system-as "65101" } } table "1002" } name oam { protocols { static { route 0.0.0.0/0 { next-hop 10.39.250.1 { } } } } table "100" } } // Warning: Do not remove the following line. // vyos-config-version: "bgp@3:broadcast-relay@1:cluster@1:config-management@1:conntrack@3:conntrack-sync@2:dhcp-relay@2:dhcp-server@6:dhcpv6-server@1:dns-forwarding@3:firewall@7:flow-accounting@1:https@3:interfaces@26:ipoe-server@1:ipsec@9:isis@1:l2tp@4:lldp@1:mdns@1:monitoring@1:nat@5:nat66@1:ntp@1:openconnect@2:ospf@1:policy@3:pppoe-server@5:pptp@2:qos@1:quagga@10:rpki@1:salt@1:snmp@2:ssh@2:sstp@4:system@25:vrf@3:vrrp@3:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2" // Release version: 1.4-rolling-202209131208