NEWDC Network Configuration Template v0.1

Download Template
NEWDC Network Configuration Template v0.1

jsmith
December 16, 2014

Short Customer Name, 1 Word, eg. Cisco


In the format 10.5.5 eg. leave off the last octet

Full IP eg. 75.65.55.45

// NEWDC Network Configuration Template v0.1

// %{Change_Number}% - %{Cust_Name}% - NEWDC Network Configuration

Customer Name:	 		%{Cust_Name}%
VLAN ID:		 	%{VLAN_ID}%
Hosted Subnet:	 		%{Hosted_Subnet_24}%
Customer Dynamic NAT IP:        %{Public_Dyn_Nat}%


!// **** Core_Switch_1 <x.x.x.x> ****

!// VLAN 

vlan %{VLAN_ID}%
mode fabricpath
name %{Cust_Name}%

!// VRF 

vrf context %{Cust_Name}%
  description %{Cust_Name}%
  ip route 0.0.0.0/0 %{Hosted_Subnet_24}%.7
  address-family ipv4 unicast
    route-target import 65010:10
    route-target import 65010:%{VLAN_ID}%
    route-target export 65010:%{VLAN_ID}%

!// Layer 3 HSRP Interface

interface Vlan%{VLAN_ID}%
  description %{Cust_Name}%
  no shutdown
  vrf member %{Cust_Name}%
  no ip redirects
  ip address %{Hosted_Subnet_24}%.2/24
  hsrp version 2
  hsrp %{VLAN_ID}% 
    preempt delay minimum 180 
    priority 120
    ip %{Hosted_Subnet_24}%.1

!// VRF-Lite Route-Leaking via BGP

router bgp 65010
  vrf %{Cust_Name}%
    address-family ipv4 unicast
      network %{Hosted_Subnet_24}%.0/24

vrf context Services
  address-family ipv4 unicast
    route-target import 65010:%{VLAN_ID}%
	  
!// **** Core_Switch_2 <x.x.x.x> ****

!// VLAN 

vlan %{VLAN_ID}%
mode fabricpath
name %{Cust_Name}%

!// VRF 

vrf context %{Cust_Name}%
  description %{Cust_Name}%
  ip route 0.0.0.0/0 %{Hosted_Subnet_24}%.7
  address-family ipv4 unicast
    route-target import 65010:10
    route-target import 65010:%{VLAN_ID}%
    route-target export 65010:%{VLAN_ID}%

!// Layer 3 HSRP Interface

interface Vlan%{VLAN_ID}%
  description %{Cust_Name}%
  no shutdown
  vrf member %{Cust_Name}%
  no ip redirects
  ip address %{Hosted_Subnet_24}%.3/24
  hsrp version 2
  hsrp %{VLAN_ID}% 
    priority 110
    ip %{Hosted_Subnet_24}%.1

!// VRF-Lite Route-Leaking via BGP

router bgp 65010
  vrf %{Cust_Name}%
    address-family ipv4 unicast
      network %{Hosted_Subnet_24}%.0/24

vrf context Services
  address-family ipv4 unicast
    route-target import 65010:%{VLAN_ID}%

!// **** Dist_Switch_1 <x.x.x.x> ****

!// VLAN 

vlan %{VLAN_ID}%
mode fabricpath
name %{Cust_Name}%

!// **** Dist_Switch_2 <x.x.x.x> ****

!// VLAN 

vlan %{VLAN_ID}%
mode fabricpath
name %{Cust_Name}%

!// **** Hosted_FW1 <x.x.x.x> ****

!// Admin Context

!// Add Interface

interface Port-channel16.%{VLAN_ID}%
 description %{Cust_Name}%
 vlan %{VLAN_ID}%

!// Add interface to context 

context HOSTED
  allocate-interface Port-channel16.%{VLAN_ID}%
 
!// Hosted FW Context

interface Port-channel16.%{VLAN_ID}%
 nameif %{Cust_Name}%
 security-level 80
 ip address %{Hosted_Subnet_24}%.7 255.255.255.0 standby %{Hosted_Subnet_24}%.8 

!// Customer Dynamic NAT

object network %{Cust_Name}%-NET1
 subnet %{Hosted_Subnet_24}%.0 255.255.255.0
 description %{Cust_Name}% Subnet 1
 nat (%{Cust_Name}%,outside) dynamic %{Public_Dyn_Nat}%


!// **** In Netflow <netflow.com> ****

!// Create new IP Group for %{Cust_Name}%. Include %{Public_Dyn_Nat}%

!// Missing border router shaping config

You must be logged in to comment.