Code examples

Split up into bits. Moved to last chapter.

chapter/baseconf.tex

@@ -2,34 +2,12 @@
 
 \section{Cisco Lab}
 
-% <!-- ROUTER -->
-
-\subsection{Router}
-\subsubsection{File: base.cfg}
-%\lstinputlisting[language=tcl]{code/router/base.cfg}
-\subsubsection{File: reset.tcl}
-%\lstinputlisting[language=tcl]{code/router/reset.tcl}
-
-\newpage
-
-% <!-- LAYER 3 SWITCH -->
-
-\subsection{Layer 3 Switch}
-\subsubsection{FILE: base.cfg}
-\lstinputlisting[language=tcl]{code/l3switch/base.cfg}
-\subsubsection{FILE: reset.tcl}
-\lstinputlisting[language=tcl]{code/l3switch/reset-tcl.txt}
-\subsubsection{FILE: resetvlans.tcl}
-\lstinputlisting[language=tcl]{code/l3switch/resetvlans-tcl.txt}
-
-\newpage
-
-% <!-- LAYER 2 SWITCH -->
-
-\subsection{Layer 2 Switch}
-\subsubsection{FILE: base.cfg}
-\lstinputlisting[language=tcl]{code/l2switch/base.cfg}
-\subsubsection{FILE: reset.tcl}
-\lstinputlisting[language=tcl]{code/l2switch/reset-tcl.txt}
-\subsubsection{FILE: resetvlans.tcl}
-\lstinputlisting[language=tcl]{code/l2switch/resetvlans-tcl.txt}
+\lstinputlisting[language=cisco]{code/base.cfg/base.cfg}
+\lstinputlisting[language=cisco]{code/base.cfg/blockHSRPVRRPGLBP.cfg}
+\lstinputlisting[language=cisco]{code/base.cfg/cdp.cfg}
+\lstinputlisting[language=cisco]{code/base.cfg/clock.cfg}
+\lstinputlisting[language=cisco]{code/base.cfg/interfaces.cfg}
+\lstinputlisting[language=cisco]{code/base.cfg/lldp.cfg}
+\lstinputlisting[language=cisco]{code/base.cfg/snmp.cfg}
+\lstinputlisting[language=cisco]{code/base.cfg/ssh.cfg}
+\lstinputlisting[language=cisco]{code/base.cfg/vty.cfg}

code/base.cfg/base.cfg

@@ -0,0 +1,31 @@
+service password-encryption
+service counters max age 10
+!
+hostname UNNAMED-DEVICE
+!
+logging buffered 40960
+logging buffered notifications
+no logging console
+!
+no aaa new-model
+!
+service unsupported-transceiver
+!
+ip subnet-zero
+system mtu routing 1500
+!
+no ip domain-lookup
+ip domain-name cisco.tld
+ip tcp synwait-time 5
+!
+password encryption aes
+!
+vtp mode transparent
+!
+spanning-tree mode pvst
+spanning-tree extend system-id
+!
+vlan internal allocation policy ascending
+!
+no ip http server
+no ip http secure-server

code/base.cfg/blockHSRPVRRPGLBP.cfg

@@ -0,0 +1,33 @@
+ip access-list extended blockHSRP
+ deny   udp any host 224.0.0.2 eq 1985
+ deny   udp any host 224.0.0.102 eq 1985
+ permit ip any any
+!
+ip access-list extended blockHSRPVRRP
+ deny   udp any host 224.0.0.2 eq 1985
+ deny   udp any host 224.0.0.102 eq 1985
+ deny   ip any host 224.0.0.18
+ permit ip any any
+!
+ip access-list extended blockVRRP
+ deny   ip any host 224.0.0.18
+ permit ip any any
+!
+ip access-list extended blockHSRPGLBP
+ deny   udp any host 224.0.0.2 eq 1985
+ deny   udp any host 224.0.0.102 eq 1985
+ deny   udp any host 224.0.0.102 eq 3222
+ permit ip any any
+!
+ip access-list extended blockHSRPVRRPGLBP
+ deny   udp any host 224.0.0.2 eq 1985
+ deny   udp any host 224.0.0.102 eq 1985
+ deny   udp any host 224.0.0.102 eq 3222
+ deny   ip any host 224.0.0.18
+ permit ip any any
+!
+ip access-list extended blockVRRPGLBP
+ deny   udp any host 224.0.0.102 eq 3222
+ deny   ip any host 224.0.0.18
+ permit ip any any
+!

code/base.cfg/cdp.cfg

@@ -0,0 +1,6 @@
+cdp advertise-v2
+cdp holdtime 100
+cdp timer 12
+cdp tlv app
+cdp tlv location
+cdp run

code/base.cfg/clock.cfg

@@ -0,0 +1,5 @@
+service timestamps debug datetime msec
+service timestamps log datetime msec
+!
+clock timezone MET 1 0
+clock summer-time MET-DST recurring last Sun Mar 2:00 last Sun Oct 3:00

code/base.cfg/interfaces.cfg

@@ -0,0 +1,26 @@
+interface range f0/1-24
+ shutdown
+ no ip address
+ no ipv6 address
+ no cdp enable
+ no lldp transmit
+ lldp recieve
+!
+interface range g0/1-2
+ shutdown
+ no ip adress
+ no ipv6 address
+ no cdp enable
+ no lldp transmit
+ lldp recieve
+!
+!
+!
+interface Loopback0
+ shutdown
+ ip address 192.0.2.1 255.255.255.255
+ ipv6 address 2001:db8:c000:2::1/128
+!
+interface Vlan1
+ shutdown
+!

code/base.cfg/lldp.cfg

@@ -0,0 +1,9 @@
+lldp timer 15
+lldp holdtime 180
+lldp reinit 5
+lldp run
+lldp tlv-select mac-phy-cfg
+lldp tlv-select management-address
+lldp tlv-select port-vlan
+lldp tlv-select power-management
+lldp tlv-select system-name

code/base.cfg/snmp.cfg

@@ -0,0 +1,8 @@
+access-list 99 remark Allow SNMP from select hosts in 192.0.2.192 /26
+access-list 99 permit 192.0.2.192 0.0.0.63
+access-list 99 deny any log
+!
+snmp-server community altersaaunormalt RO 99
+snmp-server community 
+snmp-server location TestLab
+snmp-server contact lobber

code/base.cfg/ssh.cfg

@@ -0,0 +1,4 @@
+ip ssh logging events
+ip ssh version 2
+ip ssh dh min size 2048
+ip ssh dscp 56

code/base.cfg/vty.cfg

@@ -0,0 +1,16 @@
+username lobber privilege 15 password 0 f1ndfIsh3
+!
+line con 0
+ exec-timeout 5 0
+ password cisconrose
+ logging synchronous
+!
+line aux
+!
+line vty 0 15
+ exec-timeout 60 0
+ password cisconrose
+ privilege level 15
+ logging synchronous
+ transport input ssh telnet
+!

code/l2switch/base.cfg

@@ -1,90 +0,0 @@
-tclsh
-puts [ open "flash:base.cfg" w+ ] {
-service timestamps debug datetime msec localtime show-timezone
-service timestamps log datetime msec localtime show-timezone
-service password-encryption
-service counters max age 10
-hostname __HOSTNAME__
-logging buffered notifications
-no logging console
-no aaa new-model
-clock timezone MET 1 0
-clock summer-time MET-DST recurring last Sun Mar 2:00 last Sun Oct 3:00
-system mtu routing 1500
-vtp mode transparent
-no ip domain-lookup
-ip domain-name cisco.tld
-password encryption aes
-spanning-tree mode pvst
-spanning-tree extend system-id
-vlan internal allocation policy ascending
-vlan 666
- name VLAN-BLACKHOLE
-exit
-lldp timer 12
-lldp holdtime 100
-lldp reinit 5
-lldp tlv-select mac-phy-cfg
-lldp tlv-select management-address
-lldp tlv-select port-vlan
-lldp tlv-select power-management
-lldp tlv-select system-name
-lldp run
-ip tcp synwait-time 5
-ip ssh logging events
-ip ssh version 2
-ip ssh dh min size 2048
-ip ssh dscp 56
-interface range f0/1-24 , g0/1-2
- shutdown
- switchport mode access
- switchport access vlan 666
- no cdp enable
- no lldp transmit
- lldp recieve
-exit
-interface range f0/19-24
- switchport mode trunk
- switchport trunk allowed vlan 1
- switchport trunk native vlan 1
- no shutdown
-exit
-interface Vlan1
- no ip address
- shutdown
-exit
-interface Vlan666
- no ip address
- shutdown
-exit
-no ip http server
-no ip http secure-server
-cdp advertise-v2
-cdp holdtime 100
-cdp timer 12
-cdp tlv app
-cdp tlv location
-cdp run
-line con 0
- exec-timeout 60 0
- privilege level 15
- logging synchronous
- stopbits 1
-exit
-line vty 0 4
- exec-timeout 60 0
- privilege level 15
- logging synchronous
- login
- length 0
- stopbits 1
-exit
-line vty 5 15
- exec-timeout 60 0
- logging synchronous
- login
- stopbits 1
-exit
-end
-}
-tclquit

code/l2switch/reset-tcl.txt

@@ -1,26 +0,0 @@
-tclsh
-puts [ open "flash:reset.tcl" w+ ] {
-
-puts "Erasing Configuration"
-typeahead "r"
-
-puts [ exec "write erase" ]
-puts "Erasing VLAN Database"
-typeahead "r"
-
-puts [ exec "del flash:vlan.dat" ]
-puts "Copying Base Configuration To Startup"
-typeahead "r"
-
-puts [ ios_config "sdm prefer lanbase-routing" ]
-puts "Changing prefered sdm to lanbase-routing"
-typeahead "r"
-
-puts [ exec "copy flash:base.cfg nvram:startup-config" ]
-puts "Reloading the layer 2 switch"
-typeahead "r"
-
-puts [ exec "reload" ]
-}
-}
-tclquit

code/l2switch/resetvlans-tcl.txt

@@ -1,12 +0,0 @@
-tclsh
-puts [ open "flash:resetvlans.tcl" w+ ] {
-foreach vlanItem [regexp -all -line -inline "^\[0-9\]+" [exec "show vlan brief"]] {
-if { ($vlanItem == 1) || (($vlanItem >= 1002) && ($vlanItem <= 1005)) } {
-  puts "Skipping VLAN $vlanItem"
-} else {
-  puts "Removing VLAN $vlanItem"
-  ios_config "no vlan $vlanItem"
-}
-}
-}
-tclquit

code/l3switch/base.cfg

@@ -1,90 +0,0 @@
-tclsh
-puts [ open "flash:base.cfg" w+ ] {
-service timestamps debug datetime msec localtime show-timezone
-service timestamps log datetime msec localtime show-timezone
-service password-encryption
-service counters max age 10
-hostname __HOSTNAME__
-logging buffered notifications
-no logging console
-no aaa new-model
-clock timezone MET 1 0
-clock summer-time MET-DST recurring last Sun Mar 2:00 last Sun Oct 3:00
-system mtu routing 1500
-vtp mode transparent
-no ip domain-lookup
-ip domain-name cisco.tld
-password encryption aes
-spanning-tree mode pvst
-spanning-tree extend system-id
-vlan internal allocation policy ascending
-vlan 666
- name VLAN-BLACKHOLE
-exit
-lldp timer 15
-lldp holdtime 180
-lldp reinit 5
-lldp run
-lldp tlv-select mac-phy-cfg
-lldp tlv-select management-address
-lldp tlv-select port-vlan
-lldp tlv-select power-management
-lldp tlv-select system-name
-ip tcp synwait-time 5
-ip ssh logging events
-ip ssh version 2
-ip ssh dh min size 2048
-ip ssh dscp 56
-interface range f0/1-24 , g0/1-2
- shutdown
- switchport mode access
- switchport access vlan 666
- no cdp enable
- no lldp transmit
- lldp recieve
-exit
-interface range f0/19-24
- switchport mode trunk
- switchport trunk allowed vlan 1
- switchport trunk native vlan 1
- no shutdown
-exit
-interface Vlan1
- no ip address
- shutdown
-exit
-interface Vlan666
- no ip address
- shutdown
-exit
-no ip http server
-no ip http secure-server
-cdp advertise-v2
-cdp holdtime 100
-cdp timer 12
-cdp tlv app
-cdp tlv location
-cdp run
-line con 0
- exec-timeout 60 0
- privilege level 15
- logging synchronous
- stopbits 1
-exit
-line vty 0 4
- exec-timeout 60 0
- privilege level 15
- logging synchronous
- login
- length 0
- stopbits 1
-exit
-line vty 5 15
- exec-timeout 60 0
- logging synchronous
- login
- stopbits 1
-exit
-end
-}
-tclquit

code/l3switch/reset-tcl.txt

@@ -1,26 +0,0 @@
-tclsh
-puts [ open "flash:reset.tcl" w+ ] {
-
-puts "Erasing Configuration"
-typeahead "r"
-
-puts [ exec "write erase" ]
-puts "Erasing VLAN Database"
-typeahead "r"
-
-puts [ exec "delete flash:vlan.dat" ]
-puts "Copying Base Configuration To Startup"
-typeahead "r"
-
-puts [ ios_config "sdm prefer dual-ipv4-and-ipv6 routing" ]
-puts "Changing prefered sdm to dual-ipv4-and-ipv6 routing"
-typeahead "r"
-
-puts [ exec "copy flash:base.cfg nvram:startup-config" ]
-puts "Reloading the layer 3 switch"
-typeahead "r"
-
-puts [ exec "reload" ]
-}
-}
-tclquit

code/l3switch/resetvlans-tcl.txt

@@ -1,12 +0,0 @@
-tclsh
-puts [ open "flash:resetvlans.tcl" w+ ] {
-foreach vlanItem [regexp -all -line -inline "^\[0-9\]+" [exec "show vlan brief"]] {
-if { ($vlanItem == 1) || (($vlanItem >= 1002) && ($vlanItem <= 1005)) } {
-  puts "Skipping VLAN $vlanItem"
-} else {
-  puts "Removing VLAN $vlanItem"
-  ios_config "no vlan $vlanItem"
-}
-}
-}
-tclquit

main.tex

@@ -23,7 +23,6 @@
 %                                                    %
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 
-\include{chapter/baseconf}
 \include{chapter/layer2}
 \include{chapter/l2tol3}
 \include{chapter/layer3}
@@ -31,6 +30,7 @@
 \include{chapter/ntp}
 \include{chapter/mgmt}
 \include{chapter/internet}
+\include{chapter/baseconf}
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 %                                                    %

structure.tex

@@ -97,8 +97,9 @@
 \input{layout/color} %user-defined colors
 
 
+% https://tex.stackexchange.com/a/174553
 \lstdefinestyle{mystyle}{
-    language=TeX,
+    language=cisco,
     backgroundcolor=\color{backcolour},
     commentstyle=\color{codegreen}\ttfamily,
     keywordstyle=\color{magenta},
@@ -114,9 +115,9 @@
     showstringspaces=false,
     showtabs=false,
     tabsize=4,
-    abovecaptionskip=3em,
+    abovecaptionskip=1em,
     aboveskip=1em,
-    belowcaptionskip=5em,
+    belowcaptionskip=1em,
     belowskip=3em,
     upquote=true,
     numbersep=8pt,
@@ -189,6 +190,12 @@
     comment=[l]{!},
     commentstyle=\color{purple}\ttfamily,
     stringstyle=\color{red}\ttfamily,
+    caption=\lstname,
+    tabsize=1,
+    captionpos=t,
+    showstringspaces=false,
+    breaklines=true,
+    breakatwhitespace=true,    
 }