Page MenuHomePhabricator

Config discrepencies on network devices
Closed, ResolvedPublic

Description

Creating this task to track all the small discrepancies around our network. Nothing major, but some items might need discussions before fix.
Mostly discovering them with the Ansible automation POC, will update jnt when applicable.

More items will most likely be added once those are tackled.

CR:

  • Add chassis redundancy failover on-disk-failure to routers with redundant RE
  • Re-activate chassis redundancy graceful-switchover on cr1/2-codfw. Any idea why it's deactivated? (Will track in T191371)
  • Remove routing-options forwarding-table unicast-reverse-path feasible-paths; as we don't do RPF
  • Remove commit synchronize from routers with single RE
  • Delete protocols ospf area 0.0.0.0 interface ae0.0 bfd-liveness-detection on cr1/2-eqiad curently dactivated, directly connected
  • Add ospf(3) area 0.0.0.0 interface lo0.0 passive on cr1/2-ulsfo
  • Enable LLDP on all interface and disable on external, instead of enabling only on group infrastructure
  • Set OSPF metric of 20000 for the cr2-knams<->mr1-esams link
  • Remove routing-options martians Not needed anymore https://kb.juniper.net/InfoCenter/index?page=content&id=KB23884

ASW:

  • Remove default vlan 1
  • Remove vlan descriptions where identical to vlan name
  • Add missing vlans (eg. cloud-support1-b-codfw on asw-a-codfw)
  • Fix typoed VLAN numbers
  • Remove auto-sw-update statements

MR:

  • Add routing-options router-id
  • Add ospf3 area 0.0.0.0 interface lo0.0 passive
  • Add security screen

Event Timeline

ayounsi created this task.
Restricted Application added a subscriber: Aklapper. · View Herald Transcript

Mentioned in SAL (#wikimedia-operations) [2018-04-03T23:55:07Z] <XioNoX> re-activating graceful-switchover on cr1-codfw - T189588

ayounsi updated the task description. (Show Details)