Link Search Menu Expand Document
calendar_month 20-Aug-25

Core Switch Reference Configuration

user %USERNAME% group administrators password plaintext %PASSWORD% 
!
banner motd $
**********************************************************
NOTICE TO USERS
This is a private computer system and is the property of <YOUR ORGNIZATION NAME>. It is for authorized use only. users (authorized or unauthorized) have no explicit or implicit expectation of privacy while connected to this system.

Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to an authorized site, Aruba networks, and law enforcement personnel (foreign and domestic).

By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of an authorized site or <YOUR ORGNIZATION NAME> personnel.

Unauthorized or improper use of this system may result in administrative disciplinary action and civil and criminal
penalties. By continuing to use of this system you indicate your awareness of and consent to these terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning.
***********************************************************
$
!
ntp server %NTP1_IP%
ntp server %NTP1_IP%
!
ip dns host %DNS1_IP%
ip dns host %DNS2_IP%
ip dns domain-name %Domain_NAME% 
!
tacacs-server host %TACACS_SERVER_IP% key plaintext %TACACS_KEY%
tacacs-server host %TACACS_SERVER_IP% key plaintext %TACACS_KEY%
!
aaa group server tacacs %TACACS_SERVER_GROUP_NAME%
    server %TACACS_SERVER_IP%
    server %TACACS_SERVER_IP%
!
aaa authentication login ssh group %TACACS_SERVER_GROUP_NAME% local
aaa authentication login console group %TACACS_SERVER_GROUP_NAME% local
aaa authorization commands default group local %TACACS_SERVER_GROUP_NAME% 
aaa accounting all default start-stop group %TACACS_SERVER_GROUP_NAME% local
aaa authentication allow-fail-through
!
tacacs-server tracking user-name %USERNAME% plaintext %TRACK_USER_PASSWORD%
!
vlan 3998
    name to-RSVDC-FW
!
router ospf 1 area 0.0.0.0
  passive-interface default
  router-id %LOOPBACK0_IP%
  graceful-restart restart-interval 30
!

#Sample point-to-point interface to aggregation switch
interface 1/1/1
  description CORE_TO_%AG_SW_NAME%
  ip address %AGG1_PTP_IP%/31
  no shutdown
  mtu 9198
  ip mtu 9198
  no ip ospf passive
  ip ospf network point-to-point
  ip ospf 1 area 0.0.0.0
  ip pim-sparse enable
!

#Sample point-to-point interface between core switches
interface 1/1/1
  description INTER-CORE-LINK
  ip address %CORE_PTP_IP%/31
  no shutdown
  mtu 9198
  ip mtu 9198
  no ip ospf passive
  ip ospf network point-to-point
  ip ospf 1 area 0.0.0.0
  ip pim-sparse enable
!

interface 1/3/19
  description to-RSVDC-FW1-1
  shutdown
  mtu 9198
  no routing
  vlan access 3998
!
interface 1/3/20
  description to-RSVDC-FW1-2
  no shutdown
  mtu 9198
  no routing
  vlan access 3998
!
interface loopback 0
  ip address %LOOPBACK_IP%/32
  ip pim-sparse enable
  ip ospf 1 area 0.0.0.0
!
interface loopback 1
  ip address %RP_ANYCAST_IP%/32
  ip pim-sparse enable
  ip ospf 1 area 0.0.0.0
!
interface vlan 3998
  description RSVDC-FW
  ip address %OSPF_INTERFACE_IP%/31
  ip mtu 9000
  ip ospf 1 area 0.0.0.0
  no ip ospf passive
  ip ospf network point-to-point
  ip pim-sparse enable
  exit
!
router pim
  enable
  rp-candidate source-ip-interface loopback1 group-prefix %MULTICAST_SERVICE_SUBNET%/%MULTICAST_SERVICE_MASK%
  bsr-candidate source-ip-interface loopback0
  bsr-candidate priority 1
!
router msdp 
 enable 
 ip msdp peer %COR2_LOOPBACK_IP%
     connect-source loopback0
     enable
     mesh-group %MESH_GROUP_NAME%