glyzinie/IX3315

## IX3315

! NEC Portable Internetwork Core Operating System Software
! IX Series IX3315 (magellan-sec) Software, Version 10.9.11, RELEASE SOFTWARE
! Compiled Dec 15-Fri-2023 13:25:17 JST #2
! Last updated May 20-Mon-2024 03:25:54 JST
!
service ssl-protocol tls1.2-and-later
!
hostname HomeLab
timezone +09 00
!
!
ntp server dhcpv6
ntp retry 10
ntp interval 3600
!
!
ip ufs-cache max-entries 20000
ip ufs-cache enable
ip dhcp enable
ip access-list dhcpv4-0 permit ip src 192.168.0.0/24 dest any
ip access-list dhcpv4-10 permit ip src 192.168.10.0/24 dest any
ip access-list dhcpv4-39 permit ip src 192.168.39.0/24 dest any
!
arp auto-refresh
!
ipv6 ufs-cache max-entries 10000
ipv6 ufs-cache enable
ipv6 cache-size 8192
ipv6 dhcp enable
ipv6 access-list block-list deny ip src any dest any
ipv6 access-list dhcpv6-list permit udp src any sport any dest any dport eq 546
ipv6 access-list dhcpv6-list permit udp src any sport any dest any dport eq 547
ipv6 access-list icmpv6-list sequence-mode 100
ipv6 access-list icmpv6-list 100 permit icmp src any dest any
ipv6 access-list other-list permit ip src any dest any
ipv6 access-list dynamic cache 65535
ipv6 access-list dynamic dflt-list access other-list
!
!
!
!
!
!
!
!
!
ipv6 name-server 2404:1a8:7f01:a::3
ipv6 name-server 2404:1a8:7f01:b::3
dns cache enable
dns cache max-records 256
!
proxy-dns ip enable
proxy-dns ip request both
proxy-dns interface GigaEthernet2.0 priority 200
proxy-dns ipv6 enable
proxy-dns ipv6 request both
proxy-dns server 2001:4860:4860::8888
proxy-dns server 2606:4700:4700::1111
!
http-server protocol https
http-server authentication-method digest
http-server ip enable
!
!
ddns enable
!
nm ipv6 enable ngn-private auto mqtt force
nm sitename tky01
nm ddns hostname center
nm logging enable
!
!
route-map v6connect permit 10
  match ip address access-list dhcpv4-10
  set default interface Tunnel2.0
!
route-map xpass permit 10
  match ip address access-list dhcpv4-39
  set default interface Tunnel1.0
!
route-map xpass-static permit 10
  match ip address access-list dhcpv4-0
  set default interface Tunnel0.0
!
ip dhcp profile dhcpv4-10
  assignable-range 192.168.10.100 192.168.10.199
  subnet-mask 255.255.255.0
  default-gateway 192.168.10.254
  dns-server 192.168.10.254
  lease-time 86400
!
ip dhcp profile dhcpv4-39
  assignable-range 192.168.39.100 192.168.39.199
  subnet-mask 255.255.255.0
  default-gateway 192.168.39.254
  dns-server 192.168.39.254
  lease-time 86400
!
ip dhcp profile dhcpv4-0
  assignable-range 192.168.0.100 192.168.0.199
  subnet-mask 255.255.255.0
  default-gateway 192.168.0.254
  dns-server 192.168.0.254
  lease-time 86400
!
ipv6 dhcp client-profile dhcpv6-0
  information-request
  option-request dns-servers
  option-request ntp-servers
!
ipv6 dhcp client-profile dhcpv6-2
  option-request dns-servers
  option-request ntp-servers
  ia-pd subscriber GigaEthernet3.0 ::/64 eui-64
  ia-pd subscriber GigaEthernet4.0 0:0:0:10::/64 eui-64
!
ipv6 dhcp server-profile dhcpv6-3
  dns-server autoconfig
!
ipv6 dhcp server-profile dhcpv6-4
  dns-server autoconfig
!
ipv6 dhcp server-profile dhcpv6-5
  dns-server autoconfig
!
ddns profile xpass-update
  url https://ddnsweb1.ddns.vbbnet.jp/cgi-bin/ddns_api.cgi
  query d=AAAA&u=AAAA&p=AAAA&a=<IP6>
  account AAAA
  password plain AAAA
  transport ipv6
  notify-interface GigaEthernet3.0
  source-interface GigaEthernet3.0
  update-interval 10
!
device GigaEthernet0
!
device GigaEthernet1
!
device GigaEthernet2
!
device GigaEthernet3
  connector-type sfp
!
device GigaEthernet4
!
device GigaEthernet5
!
device USB0
  shutdown
!
interface GigaEthernet0.0
  description WAN 1GbE
  no ip address
  ipv6 enable
  ipv6 address autoconfig receive-default
  ipv6 dhcp client dhcpv6-0
  ipv6 traffic-class tos 0
  ipv6 filter dhcpv6-list 1 in
  ipv6 filter icmpv6-list 2 in
  ipv6 filter block-list 100 in
  ipv6 filter dhcpv6-list 1 out
  ipv6 filter icmpv6-list 2 out
  ipv6 filter dflt-list 100 out
  no shutdown
!
interface GigaEthernet1.0
  no ip address
  shutdown
!
interface GigaEthernet2.0
  description WAN 10GbE
  no ip address
  ipv6 enable
  ipv6 dhcp client dhcpv6-2
  ipv6 traffic-class tos 0
  ipv6 filter dhcpv6-list 1 in
  ipv6 filter icmpv6-list 2 in
  ipv6 filter block-list 100 in
  ipv6 filter dhcpv6-list 1 out
  ipv6 filter icmpv6-list 2 out
  ipv6 filter dflt-list 100 out
  no shutdown
!
interface GigaEthernet3.0
  description LAN Xpass Static
  ip address 192.168.0.254/24
  ip dhcp binding dhcpv4-0
  ip policy route-map xpass-static
  ipv6 enable
  ipv6 dhcp server dhcpv6-3
  ipv6 nd ra enable
  ipv6 nd ra other-config-flag
  linkmgr enable
  no shutdown
!
interface GigaEthernet4.0
  description LAN Xpass
  ip address 192.168.39.254/24
  ip dhcp binding dhcpv4-39
  ip policy route-map xpass
  ipv6 enable
  ipv6 dhcp server dhcpv6-4
  ipv6 nd ra enable
  ipv6 nd ra other-config-flag
  linkmgr enable
  no shutdown
!
interface GigaEthernet5.0
  description LAN v6connect
  ip address 192.168.10.254/24
  ip dhcp binding dhcpv4-10
  ip policy route-map v6connect
  ipv6 enable
  ipv6 dhcp server dhcpv6-5
  ipv6 nd ra enable
  ipv6 nd ra other-config-flag
  linkmgr enable
  no shutdown
!
interface USB-Serial0.0
  encapsulation ppp
  no auto-connect
  no ip address
  shutdown
!
interface Loopback0.0
  no ip address
!
interface Null0.0
  no ip address
!
interface Tunnel0.0
  description Xpass Static
  tunnel mode 4-over-6
  tunnel destination 2001:f60:0:205::2
  tunnel source GigaEthernet3.0
  ip address 0.0.0.0/32
  ip tcp adjust-mss auto
  ip napt enable
  no shutdown
!
interface Tunnel1.0
  description Xpass
  tunnel mode 4-over-6
  tunnel destination fqdn dgw.xpass.jp
  tunnel source GigaEthernet4.0
  ip unnumbered GigaEthernet4.0
  ip tcp adjust-mss auto
  no shutdown
!
interface Tunnel2.0
  description v6connect
  tunnel mode 4-over-6
  tunnel destination fqdn dslite.v6connect.net
  tunnel source GigaEthernet5.0
  ip unnumbered GigaEthernet5.0
  ip tcp adjust-mss auto
  no shutdown
!
system information wan 1 GigaEthernet2.0
system information wan 2 GigaEthernet0.0
!
web-console system information
!
linkmgr profile
  group-main 1 base64 55m76Yyy5riI44G/
!

	! NEC Portable Internetwork Core Operating System Software
	! IX Series IX3315 (magellan-sec) Software, Version 10.9.11, RELEASE SOFTWARE
	! Compiled Dec 15-Fri-2023 13:25:17 JST #2
	! Last updated May 20-Mon-2024 03:25:54 JST
	!
	service ssl-protocol tls1.2-and-later
	!
	hostname HomeLab
	timezone +09 00
	!
	!
	ntp server dhcpv6
	ntp retry 10
	ntp interval 3600
	!
	!
	ip ufs-cache max-entries 20000
	ip ufs-cache enable
	ip dhcp enable
	ip access-list dhcpv4-0 permit ip src 192.168.0.0/24 dest any
	ip access-list dhcpv4-10 permit ip src 192.168.10.0/24 dest any
	ip access-list dhcpv4-39 permit ip src 192.168.39.0/24 dest any
	!
	arp auto-refresh
	!
	ipv6 ufs-cache max-entries 10000
	ipv6 ufs-cache enable
	ipv6 cache-size 8192
	ipv6 dhcp enable
	ipv6 access-list block-list deny ip src any dest any
	ipv6 access-list dhcpv6-list permit udp src any sport any dest any dport eq 546
	ipv6 access-list dhcpv6-list permit udp src any sport any dest any dport eq 547
	ipv6 access-list icmpv6-list sequence-mode 100
	ipv6 access-list icmpv6-list 100 permit icmp src any dest any
	ipv6 access-list other-list permit ip src any dest any
	ipv6 access-list dynamic cache 65535
	ipv6 access-list dynamic dflt-list access other-list
	!
	!
	!
	!
	!
	!
	!
	!
	!
	ipv6 name-server 2404:1a8:7f01:a::3
	ipv6 name-server 2404:1a8:7f01:b::3
	dns cache enable
	dns cache max-records 256
	!
	proxy-dns ip enable
	proxy-dns ip request both
	proxy-dns interface GigaEthernet2.0 priority 200
	proxy-dns ipv6 enable
	proxy-dns ipv6 request both
	proxy-dns server 2001:4860:4860::8888
	proxy-dns server 2606:4700:4700::1111
	!
	http-server protocol https
	http-server authentication-method digest
	http-server ip enable
	!
	!
	ddns enable
	!
	nm ipv6 enable ngn-private auto mqtt force
	nm sitename tky01
	nm ddns hostname center
	nm logging enable
	!
	!
	route-map v6connect permit 10
	match ip address access-list dhcpv4-10
	set default interface Tunnel2.0
	!
	route-map xpass permit 10
	match ip address access-list dhcpv4-39
	set default interface Tunnel1.0
	!
	route-map xpass-static permit 10
	match ip address access-list dhcpv4-0
	set default interface Tunnel0.0
	!
	ip dhcp profile dhcpv4-10
	assignable-range 192.168.10.100 192.168.10.199
	subnet-mask 255.255.255.0
	default-gateway 192.168.10.254
	dns-server 192.168.10.254
	lease-time 86400
	!
	ip dhcp profile dhcpv4-39
	assignable-range 192.168.39.100 192.168.39.199
	subnet-mask 255.255.255.0
	default-gateway 192.168.39.254
	dns-server 192.168.39.254
	lease-time 86400
	!
	ip dhcp profile dhcpv4-0
	assignable-range 192.168.0.100 192.168.0.199
	subnet-mask 255.255.255.0
	default-gateway 192.168.0.254
	dns-server 192.168.0.254
	lease-time 86400
	!
	ipv6 dhcp client-profile dhcpv6-0
	information-request
	option-request dns-servers
	option-request ntp-servers
	!
	ipv6 dhcp client-profile dhcpv6-2
	option-request dns-servers
	option-request ntp-servers
	ia-pd subscriber GigaEthernet3.0 ::/64 eui-64
	ia-pd subscriber GigaEthernet4.0 0:0:0:10::/64 eui-64
	!
	ipv6 dhcp server-profile dhcpv6-3
	dns-server autoconfig
	!
	ipv6 dhcp server-profile dhcpv6-4
	dns-server autoconfig
	!
	ipv6 dhcp server-profile dhcpv6-5
	dns-server autoconfig
	!
	ddns profile xpass-update
	url https://ddnsweb1.ddns.vbbnet.jp/cgi-bin/ddns_api.cgi
	query d=AAAA&u=AAAA&p=AAAA&a=<IP6>
	account AAAA
	password plain AAAA
	transport ipv6
	notify-interface GigaEthernet3.0
	source-interface GigaEthernet3.0
	update-interval 10
	!
	device GigaEthernet0
	!
	device GigaEthernet1
	!
	device GigaEthernet2
	!
	device GigaEthernet3
	connector-type sfp
	!
	device GigaEthernet4
	!
	device GigaEthernet5
	!
	device USB0
	shutdown
	!
	interface GigaEthernet0.0
	description WAN 1GbE
	no ip address
	ipv6 enable
	ipv6 address autoconfig receive-default
	ipv6 dhcp client dhcpv6-0
	ipv6 traffic-class tos 0
	ipv6 filter dhcpv6-list 1 in
	ipv6 filter icmpv6-list 2 in
	ipv6 filter block-list 100 in
	ipv6 filter dhcpv6-list 1 out
	ipv6 filter icmpv6-list 2 out
	ipv6 filter dflt-list 100 out
	no shutdown
	!
	interface GigaEthernet1.0
	no ip address
	shutdown
	!
	interface GigaEthernet2.0
	description WAN 10GbE
	no ip address
	ipv6 enable
	ipv6 dhcp client dhcpv6-2
	ipv6 traffic-class tos 0
	ipv6 filter dhcpv6-list 1 in
	ipv6 filter icmpv6-list 2 in
	ipv6 filter block-list 100 in
	ipv6 filter dhcpv6-list 1 out
	ipv6 filter icmpv6-list 2 out
	ipv6 filter dflt-list 100 out
	no shutdown
	!
	interface GigaEthernet3.0
	description LAN Xpass Static
	ip address 192.168.0.254/24
	ip dhcp binding dhcpv4-0
	ip policy route-map xpass-static
	ipv6 enable
	ipv6 dhcp server dhcpv6-3
	ipv6 nd ra enable
	ipv6 nd ra other-config-flag
	linkmgr enable
	no shutdown
	!
	interface GigaEthernet4.0
	description LAN Xpass
	ip address 192.168.39.254/24
	ip dhcp binding dhcpv4-39
	ip policy route-map xpass
	ipv6 enable
	ipv6 dhcp server dhcpv6-4
	ipv6 nd ra enable
	ipv6 nd ra other-config-flag
	linkmgr enable
	no shutdown
	!
	interface GigaEthernet5.0
	description LAN v6connect
	ip address 192.168.10.254/24
	ip dhcp binding dhcpv4-10
	ip policy route-map v6connect
	ipv6 enable
	ipv6 dhcp server dhcpv6-5
	ipv6 nd ra enable
	ipv6 nd ra other-config-flag
	linkmgr enable
	no shutdown
	!
	interface USB-Serial0.0
	encapsulation ppp
	no auto-connect
	no ip address
	shutdown
	!
	interface Loopback0.0
	no ip address
	!
	interface Null0.0
	no ip address
	!
	interface Tunnel0.0
	description Xpass Static
	tunnel mode 4-over-6
	tunnel destination 2001:f60:0:205::2
	tunnel source GigaEthernet3.0
	ip address 0.0.0.0/32
	ip tcp adjust-mss auto
	ip napt enable
	no shutdown
	!
	interface Tunnel1.0
	description Xpass
	tunnel mode 4-over-6
	tunnel destination fqdn dgw.xpass.jp
	tunnel source GigaEthernet4.0
	ip unnumbered GigaEthernet4.0
	ip tcp adjust-mss auto
	no shutdown
	!
	interface Tunnel2.0
	description v6connect
	tunnel mode 4-over-6
	tunnel destination fqdn dslite.v6connect.net
	tunnel source GigaEthernet5.0
	ip unnumbered GigaEthernet5.0
	ip tcp adjust-mss auto
	no shutdown
	!
	system information wan 1 GigaEthernet2.0
	system information wan 2 GigaEthernet0.0
	!
	web-console system information
	!
	linkmgr profile
	group-main 1 base64 55m76Yyy5riI44G/
	!