edison-edge#show running-config

Building configuration...

Current configuration : 13846 bytes

!
! Last configuration change at 01:41:27 UTC Mon Apr 17 2017
!
version 16.5
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no platform punt-keepalive disable-kernel-core
!
hostname edison-edge
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging buffered 40000000
!
no aaa new-model
boot system switch all flash:cat3k_caa-universalk9.idt_20170206_193029.swati.bin
facility-alarm critical exceed-action shutdown
switch 1 provision ws-c3850-24p
switch 3 provision ws-c3850-24p
!
!
!
!
ip routing
!
!
!
ip multicast-routing

ip dhcp excluded-address 9.10.41.1 9.10.41.100

ip dhcp excluded-address 9.10.42.1 9.10.42.100
!
ip dhcp pool dhcp41
network 9.10.41.0 255.255.255.0
default-router 9.10.41.1
!
ip dhcp pool dhcp42
network 9.10.42.0 255.255.255.0
default-router 9.10.42.1
!
!
!
ip dhcp snooping vlan 41-42
ip dhcp snooping
!
!
!
!
!
!
!
vtp domain pnhvtp
vtp mode off
cpp system-default
!
crypto pki trustpoint TP-self-signed-2245457990
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2245457990
revocation-check none
rsakeypair TP-self-signed-2245457990
!
crypto pki trustpoint TP-self-signed-3357634391
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3357634391
revocation-check none
rsakeypair TP-self-signed-3357634391
!
!
crypto pki certificate chain TP-self-signed-2245457990
certificate self-signed 01
30820330 30820218 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32323435 34353739 3930301E 170D3136 31303033 32313539
34335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 32343534
35373939 30308201 22300D06 092A8648 86F70D01 01010500 0382010F 00308201
0A028201 0100CF31 11F56DD3 843DC027 A6881D96 162AE264 83234D57 42A505E5
2FCEB9E3 8E61AC89 F48E39AF E554329D 18ED9A76 6DCD0266 44EB6B40 4D2EE9C6
159E40B4 6F053ABA 989BC48B E65A53B3 D70FBBFC CF91B8A6 EC908143 FA04449A
5C25E3C2 8A522C90 A5F3A366 42261C47 22ED851D 79C3D541 EB5739FF 1CC3E6D5
1758493C 97B557A0 6582FB37 58EDF44D E36C407A 100E146F 32B25A91 04EF44CB
009129F3 3D326A7F ACDA7442 91F9A294 EC1B355E 94A7CCA6 1E4D5144 01038198
04F237F5 B69F1135 15FE3E5A 54D71B55 1BA689D0 1B7DAD39 067D7238 44FB691B
AEEE73B8 C2C331EF CFD35951 7447D65F EAEB3B47 ADAADC13 C0D6B572 F812C850
1A7F88AD 012D0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF
301F0603 551D2304 18301680 14EED2F2 F81FDA35 8468FBB0 6A1A055E B19F5521
85301D06 03551D0E 04160414 EED2F2F8 1FDA3584 68FBB06A 1A055EB1 9F552185
300D0609 2A864886 F70D0101 05050003 82010100 7E28A3F4 6F7DA71E 662D2C77
84FBEB98 7A51F110 D4DB9BAF 38E2F2F9 96FEF112 EA22D603 32825568 29E8F9E4
8AC7BB7E 807D710F BC48FA69 EBA77633 0882CF96 111872B6 EFA599E6 261B6230
DFD15D91 3D193D80 A9B79BE9 04E9C416 07ECE85D E57AA5CE 51550BBD D7EF2A3E
706B0666 5021AE7E 4B499F46 E247BE58 95F62C71 FFB1CB1A 44891FC4 BFCAE577
8C317248 9A8B53E6 68D7DBD4 92EB2C13 8076C6A4 30E2FEA8 DD91A235 F9F4484E
73E6719D 64B3AEC0 47E569A2 66542EE0 5ACEF9CB 2422CF6F 18077256 011F344C
DD03357D 957356ED 0843CD56 A4F5FAC0 C9E5B4A3 F89A98DC 542F86F0 3CE656C4
0BC5E5D8 D1600DAB C5415E0B 6F4F402E 41A880E2
quit
crypto pki certificate chain TP-self-signed-3357634391
!
system mtu 2000
license boot level ipservicesk9
diagnostic bootup level minimal
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
username cisco privilege 15 one-time password 0 Cisco123!
!
redundancy
mode sso
!
!
vlan 4,41-42
!
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, SGT Cache Full, LOGGING
class-map match-any system-cpp-default
description DHCP snooping, sption Punt Webauth
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, Crypto Control, Exception, EGR Exception, NFL
SAMPLED DATA, Gold Pkt, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-routpps
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-wireless-priority3-4
description Wireless priority 3,4
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-wireless-priority1-2
description Wireless priority 1,2
class-map match-any system-cpp-police-data
description ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-control-low-priority
description ICMP redirect and general punt
class-map match-any system-cpp-police-wireless-priority1
description Wireless priority 1
class-map match-any system-cpp-police-wireless-priority2
description Wireless priority 2
class-map match-any system-cpp-police-wireless-priority3-4-5
description Wireless priority 3,4 and 5
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-wireless-priority5
description Perfmon
class-map match-any system-cpp-police-routing-control
description Routing control
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
description DHCP snooping
class-map match-any system-cpp-police-performance-monitor
description Perfmon
!
policy-map system-cpp-policy
class system-cpp-police-data
police rate 200 pps
 class system-cpp-police-sys-data
police rate 200 pps
class system-cpp-police-sw-forward
police rate 1000 pps
class system-cpp-police-multicast
police rate 500 pps
class system-cpp-police-multicast-end-station
police rate 2000 pps
class system-cpp-police-punt-webauth
class system-cpp-police-l2-control
class system-cpp-police-routing-control
police rate 1800 pps
class system-cpp-police-control-low-priority
class system-cpp-police-wireless-priority5
police rate 1000 pps
class system-cpp-police-topology-control
class system-cpp-police-dot1x-auth
class system-cpp-police-protocol-snooping
class system-cpp-police-dhcp-snooping
class system-cpp-police-forus
class system-cpp-default
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface LISP0
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
shutdown
negotiation auto
!
interface GigabitEthernet1/0/1
description "bordernode port"
no switchport
ip address 9.10.43.2 255.255.255.252
ip ospf 1 area 0
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
 description "AP port"
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/4
description "AP port"
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/5
description "AP"
switchport access vlan 42
switchport mode access
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
switchport access vlan 41
switchport mode access
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface GigabitEthernet3/0/1
no switchport
no ip address
!
interface GigabitEthernet3/0/2
!
interface GigabitEthernet3/0/3
!
interface GigabitEthernet3/0/4
!
interface GigabitEthernet3/0/5
!
interface GigabitEthernet3/0/6
!
interface GigabitEthernet3/0/7
!
interface GigabitEthernet3/0/8
!
interface GigabitEthernet3/0/9
!
interface GigabitEthernet3/0/10
!
interface GigabitEthernet3/0/11
!
interface GigabitEthernet3/0/12
!
interface GigabitEthernet3/0/13
!
interface GigabitEthernet3/0/14
!
interface GigabitEthernet3/0/15
!
interface GigabitEthernet3/0/16
!
interface GigabitEthernet3/0/17
!
interface GigabitEthernet3/0/18
!
interface GigabitEthernet3/0/19
!
interface GigabitEthernet3/0/20
!
interface GigabitEthernet3/0/21
!
interface GigabitEthernet3/0/22
!
interface GigabitEthernet3/0/23
!
interface GigabitEthernet3/0/24
!
interface GigabitEthernet3/1/1
!
interface GigabitEthernet3/1/2
!
interface GigabitEthernet3/1/3
!
interface GigabitEthernet3/1/4
!
interface TenGigabitEthernet3/1/1
!
interface TenGigabitEthernet3/1/2
!
interface TenGigabitEthernet3/1/3
!
interface TenGigabitEthernet3/1/4
!
interface Vlan1
no ip address
shutdown
!
interface Vlan41
ip address 9.10.41.1 255.255.255.0
no ip redirects
ip local-proxy-arp
ip route-cache same-interface
no lisp mobility liveness test
lisp mobility eid_9_10_41_0
!
interface Vlan42
ip address 9.10.42.1 255.255.255.0
no ip redirects
ip local-proxy-arp
ip pim sparse-dense-mode
ip route-cache same-interface
no lisp mobility liveness test
lisp mobility eid_9_10_42_0
!
router lisp
locator-table default
locator-set rloc_loopback
IPv4-interface Loopback0 priority 50 weight 50
exit-locator-set
!
locator default-set rloc_loopback
service ipv4
encapsulation vxlan
itr map-resolver 4.4.4.4
itr
etr map-server 4.4.4.4 key cisco
etr map-cache-ttl 10000
etr
use-petr 4.4.4.4 priority 1 weight 100
exit-service-ipv4
!
service ethernet
itr map-resolver 4.4.4.4
itr
 etr map-server 4.4.4.4 key cisco
etr map-cache-ttl 10000
etr
exit-service-ethernet
!
instance-id 0
loc-reach-algorithm lsb-reports ignore
dynamic-eid eid_9_10_41_0
database-mapping 9.10.41.0/24 locator-set rloc_loopback
exit-dynamic-eid
!
dynamic-eid eid_9_10_42_0
database-mapping 9.10.42.0/24 locator-set rloc_loopback
exit-dynamic-eid
!
service ipv4
eid-table default
database-mapping limit dynamic 2000
itr map-resolver 4.4.4.4
itr
etr map-server 4.4.4.4 key cisco
etr map-server 4.4.4.4 proxy-reply
etr map-cache-ttl 10000
etr
use-petr 4.4.4.4 priority 1 weight 100
exit-service-ipv4
!
exit-instance-id
!
instance-id 1
dynamic-eid eid_client_mac
exit-dynamic-eid
!
service ethernet
eid-table vlan 42
database-mapping 0001.0002.1234 locator-set rloc_loopback
database-mapping mac locator-set rloc_loopback
exit-service-ethernet
!
exit-instance-id
!
loc-reach-algorithm lsb-reports ignore
exit-router-lisp
!
router ospf 1
network 3.3.3.3 0.0.0.0 area 0
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip tftp source-interface GigabitEthernet0/0
ip route 9.10.45.0 255.255.255.0 9.10.43.1
ip route vrf Mgmt-vrf 10.225.117.0 255.255.255.0 10.225.117.1
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
 permit tcp any any eq 22
permit tcp any any eq 465
permit tcp any any eq 143
permit tcp any any eq 993
permit tcp any any eq 995
permit tcp any any eq 1914
permit tcp any any eq ftp
permit tcp any any eq ftp-data
permit tcp any any eq smtp
permit tcp any any eq pop3
ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
permit udp any any range 16384 32767
permit tcp any any range 50000 59999
ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
permit tcp any any range 2300 2400
permit udp any any range 2300 2400
permit tcp any any range 6881 6999
permit tcp any any range 28800 29100
permit tcp any any eq 1214
permit udp any any eq 1214
permit tcp any any eq 3689
permit udp any any eq 3689
permit tcp any any eq 11999
ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
permit tcp any any range 2000 2002
permit tcp any any range 5060 5061
permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
permit tcp any any eq 443
permit tcp any any eq 1521
permit udp any any eq 1521
permit tcp any any eq 1526
permit udp any any eq 1526
permit tcp any any eq 1575
permit udp any any eq 1575
permit tcp any any eq 1630
permit udp any any eq 1630
permit tcp any any eq 1527
permit tcp any any eq 6200
permit tcp any any eq 3389
permit tcp any any eq 5985
permit tcp any any eq 8080
!
!
!
!
ipv6 access-list preauth_ipv6_acl
permit udp any any eq domain
permit tcp any any eq domain
permit icmp any any nd-ns
permit icmp any any nd-na
permit icmp any any router-solicitation
permit icmp any any router-advertisement
permit icmp any any redirect
permit udp any eq 547 any eq 546
permit udp any eq 546 any eq 547
deny ipv6 any any
!
control-plane
 service-policy input system-cpp-policy
!
!
!
line con 0
exec-timeout 0 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
line vty 5 15
login
!
!
monitor session 1 source interface Gi1/0/7 , Gi1/0/9
monitor session 1 destination interface Gi1/0/13
!
!
!
!
!
!
end