15
Apr

Bash convert number

   Posted by: admin   in Mẹo vặt của hiếu râu

Method of converting scientific notation (e) to numbers under Linux (tutorialfor.com)

Scientific notation uses e to identify values,The idea of ​​turning scientific computing into numbers:press the number to the right of e to move the number of decimal places.If the number to the right of e is negative,Then move the decimal point to the left.Examples are as follows:

  1. 1.2345678e2=123.45678
  2. 1.2345678e-2=0.012345678
  3. 1.7615562e + 06=1761556.2
  4. 1.87982e7=18798200
  5. 1e3=1000

So how do you convert scientific notation into numbers in the shell,The method is as follows:Here take “1.7615562e + 06″ (or 1.7615562e6) as an example:

  1. [root@kevin ~] #echo "1.7615562e6" | gawk "$1=strtonum ($1)"
  2. 1.76156e + 06

1) Conversion of scientific notation to decimal

  1. [root@kevin ~] #printf "%f" 1.7615569e + 06
  2. 1761556.900000
  3. [root@kevin ~] #echo "1.7615569e + 06" | awk "{printf ("%f ", $0)}"
  4. 1761556.900000
  5. [root@kevin ~] #echo "1.7615569e + 03" | awk "{printf ("%f ", $0)}"
  6. 1761.556900
  7. [root@kevin ~] #echo "1.7615569e + 04" | awk "{printf ("%f ", $0)}"
  8. 17615.569000
  9. [root@kevin ~] #echo "1.7615569e-6" | awk "{printf ("%f ", $0)}"
  10. 0.000002
  11. [root@kevin ~] #echo "1.7615569e-4" | awk "{printf ("%f ", $0)}"
  12. 0.000176
  13. [root@kevin ~] #echo "1.7615569e-3" | awk "{printf ("%f ", $0)}"
  14. 0.001762
  15. [root@kevin ~] #echo "1.7615569e-2" | awk "{printf ("%f ", $0)}"
  16. 0.017616

Note:This method,In the conversion result, 6 digits are reserved after the decimal point:

1) If the number after e is positive,6 digits should be reserved after the decimal point, if not enough,Make up with 0.

2) If the number after e is negative,6 digits should be reserved after the decimal point.6 bits are reserved.

2) Convert scientific notation to decimal and retain two decimal places

  1. [root@kevin ~] #echo "1.7615569e + 06" | awk "{printf ("%. 2f ", $0)}"
  2. 1761556.90

Keep three decimal places

  1. [root@kevin ~] #echo "1.7615569e + 06" | awk "{printf ("%. 3f ", $0)}"
  2. 1761556.900

3) Scientific notation is converted to decimal and rounded

  1. [root@kevin ~] #echo "1.7615569e + 06" | awk "{printf ("%d ", $0)}"
  2. 1761556
  3. [root@kevin ~] #echo "1.7615569e3" | awk "{printf ("%d ", $0)}"
  4. 1761
  5. [root@kevin ~] #echo "1.7615569e02" | awk "{printf ("%d ", $0)}"
  6. 176

4) Scientific notation is converted to decimal and rounded

  1. [root@kevin ~] #echo "1.7615569e + 06" | awk "{printf ("%d ", $0 + 0.5)}"
  2. 1761557
  3. [root@kevin ~] #echo "1.7615563e + 06" | awk "{printf ("%d ", $0 + 0.5)}"
  4. 1761556

5) How to remove the useless 0 after the decimal point, you can refer to:daily operation and maintenanceIntercept string in shell scriptPractice, that is, using variable expansion

  1. [root@kevin ~] #echo "1.7615569e + 06" | awk "{printf ("%f ", $0)}"
  2. 1761556.900000
  3. [root@kevin ~] #var=$(echo "1.7615569e + 06" | awk "{printf ("%f ", $0)}")
  4. [root@kevin ~] #echo ${var %%0 *}
  5. 1761556.9

Or use the sed method

  1. [root@kevin ~] #echo "1.7615569e + 06" | awk "{printf ("%f ", $0)}"
  2. 1761556.900000
  3. [root@kevin ~] #var=$(echo "1.7615569e + 06" | awk "{printf ("%f ", $0)}")
  4. [root@kevin ~] #echo "$var" | sed "s/0 * $//"
  5. 1761556.9
  6. [root@kevin ~] #echo "1.7615569e + 06" | awk "{printf ("%f ", $0)}" | sed "s/0 * $//"
  7. 1761556.9

6) Sed removes the characters after the decimal point

  1. [root@kevin ~] #echo "kevin.123" | sed "s /\.*//g"
  2. kevin123
  3. \ .. * represents 1 or more after the decimal point
  4. [root@kevin ~] #echo "kevin.123" | sed "s /\..*//g"
  5. kevin
  6. [root@kevin ~] #echo "kevin_123" | sed "s/\ _ * //g"
  7. kevin123
  8. [root@kevin ~] #echo "kevin_123" | sed "s /\_.*//g"
  9. kevin

Command explanation:

* Represents 0 to more. Therefore, \. * Can only replace the decimal point and become empty.\ _ * Similarly.

. * Stands for 1 or more. Therefore, \ .. * removed everything after the decimal point.\ _. * Similarly.

7) Description of numerical calculation in the shell

  1. 1) bc method
  2. bc is a more commonly used linux computing tool,And supports floating-point operations:
  3. [root@kevin ~] #a=`echo 1 + 1 | bc`
  4. [root@kevin ~] #echo $a
  5. 2
  6. This method cannot solve the precision problem of floating point arithmetic,The following floating point calculations are silly x!
  7. [root@kevin ~] #a=`echo 1 + 1 | bc`
  8. [root@kevin ~] #echo $a
  9. 2
  10. [root@kevin ~] #b=`echo" 1.2 * 1.2 "| bc`
  11. [root@kevin ~] #echo $b
  12. 1.4
  13. [root@kevin ~] #c=`echo" 5.0/3.0 "| bc`
  14. [root@kevin ~] #echo $c
  15. 1
  16. [root@kevin ~] #d=`echo" scale=2;5.0/3.0 "| bc`
  17. [root@kevin ~] #echo $d
  18. 1.66
  19. [root@kevin ~] #e=`echo" scale=2;5.0/6.0 "| bc`
  20. [root@kevin ~] #echo $e
  21. .83
  22. 2) expr method
  23. Does not support floating point calculations,This is a pit,And pay attention to the spaces in numbers and operators.
  24. [root@kevin ~] #a=`expr 1 + 1`
  25. [root@kevin ~] #echo $a
  26. 1 + 1
  27. [root@kevin ~] #a=`expr 1 + 1`
  28. [root@kevin ~] #echo $a
  29. 2
  30. [root@kevin ~] #b=`expr 10/2`
  31. [root@kevin ~] #echo $b
  32. 5
  33. 3) $(()) method
  34. Same as expr, does not support floating point arithmetic
  35. [root@kevin ~] #a=$((1 + 1))
  36. [root@kevin ~] #echo $a
  37. 2
  38. [root@kevin ~] #b=$((1 + 3))
  39. [root@kevin ~] #echo $b
  40. 4
  41. 4) let method
  42. Does not support floating point arithmetic,And does not support direct output,Can only be assigned
  43. [root@kevin ~] #let a=1 + 1
  44. [root@kevin ~] #echo $a
  45. 2
  46. [root@kevin ~] #let b=50/5
  47. [root@kevin ~] #echo $b
  48. 10
  49. [root@kevin ~] #let c=1.2 * 2
  50. -bash:let:c=1.2 * 2:syntax error:invalid arithmetic operator (error token is ".2 * 2")
  51. 5) Awk method
  52. Common operations:
  53. [root@kevin ~] #a=`echo | awk" {print 1.0/2.0} "`
  54. [root@kevin ~] #echo $a
  55. 0.5
  56. control precision:
  57. [root@kevin ~] #b=`echo | awk" {printf ("%. 2f", 1.0/2.0)} "`
  58. [root@kevin ~] #echo $b
  59. 0.50
  60. Passing parameters:
  61. [root@kevin ~] #c=`echo | awk -v a=1 -v b=3" {printf ("%. 4f", a/b)} "`
  62. [root@kevin ~] #echo $c
  63. 0.3333
  64. Awk combined with begin (retain 6 digits after the decimal point)
  65. [root@ss-server ~] #awk "begin {printf"%.2f %%\ n ", (87/500) * 100}"
  66. 17.40%
  67. [root@ss-server ~] #awk "begin {printf"%.2f %%\ n ", (100/300) * 100}"
  68. 33.33%

in summary,Or awk’s method is the most reliable,Other methods have corresponding problems.Therefore, it is recommended to use awk to perform mathematical calculations in daily maintenance scenarios.

11
Mar

Squid Reverse Proxy

   Posted by: admin   in Mẹo vặt của hiếu râu

cache_peer ip.of.server1 parent 80 0 no-query originserver name=server_1
acl sites_server_1 dstdomain www.example.com example.com
cache_peer_access server_1 allow sites_server_1

cache_peer ip.of.server2 parent 80 0 no-query originserver name=server_2
acl sites_server_2 dstdomain www.example.net download.example.com .example.net
cache_peer_access server_2 allow sites_server_2
acl foo urlpath_regex ^/foo

cache_peer ip.of.server1 parent 80 0 no-query originserver name=server1
cache_peer_access server1 deny foo

cache_peer ip.of.server2 parent 80 0 no-query originserver name=server2
cache_peer_access server2 allow foo
cache_peer_access server2 deny all

SquidFaq/SquidAcl - Squid Web Proxy Wiki (squid-cache.org)

24
Nov

win mười ác ti

   Posted by: admin   in Mẹo vặt của hiếu râu

C:\Windows\system32>slmgr /ipk W269N-WFGWX-YVC9B-4J6C9-T83GX
C:\Windows\system32>slmgr /skms kms.digiboy.ir
C:\Windows\system32>slmgr /ato
16
Sep

MariaDB audit log

   Posted by: admin   in Mẹo vặt của hiếu râu

INSTALL SONAME ’server_audit’;

SET GLOBAL server_audit_events=’QUERY_DML_NO_SELECT’;

SET GLOBAL server_audit_logging=ON;

SET GLOBAL server_audit_incl_users=’cacti’;

https://mariadb.com/kb/en/mariadb-audit-plugin-log-settings/

4
Aug

my fail2ban ssh

   Posted by: admin   in Mẹo vặt của hiếu râu

#!/bin/bash

BLACKLIST=`tail -n 1000 /var/log/secure | grep “Failed password for root from” | sed ’s/  / /g’ | cut -d’ ‘ -f 11 | sort | uniq -c | sort -n -r | grep -v -E ” 1 | 2 | 3 ” | sed ’s/^ *//g’ | cut -d’ ‘ -f 2`;

for i in $BLACKLIST; do

echo “+”${i} > /proc/net/xt_recent/SSH

done

add crontab */6

modprobe xt_recent ip_list_tot=1000

iptables-restore

-A INPUT -p tcp -m multiport –dports 8443 -m state –state NEW -m recent –rcheck –seconds 86400 –hitcount 1 –name SSH –mask 255.255.255.255 –rsource -j DROP
-A INPUT -p tcp -m multiport –dports 8443 -m state –state NEW -j ACCEPT
16
Dec

ELK packetbeat

   Posted by: admin   in Mẹo vặt của hiếu râu

#yum -y install java-openjdk-devel java-openjdk

cat <<EOF | sudo tee /etc/yum.repos.d/elasticsearch.repo
[elasticsearch-7.x]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
EOF


sudo yum clean all
sudo yum makecache
sudo yum -y install elasticsearch
vi /etc/elasticsearch/jvm.options
set 4G heap
systemctl enable --now elasticsearch.service 
curl http://127.0.0.1:9200 
yum -y install kibana
vi /etc/kibana/kibana.yml
server.host: "0.0.0.0"
server.name: "kibana.example.com"
elasticsearch.url: "http://localhost:9200"
systemctl enable --now kibana
yum install filebeat auditbeat metricbeat packetbeat heartbeat-elastic
curl -s -H "Content-Type: application/json" -XPUT localhost:9200/sniff -d
'{"mappings": { "doc" :  {"properties" : {"@datetime":{"type":"date"}}}}'}
cat json.txt

{ “index” : { “_index” : “sniff” , “_type” : “_doc” } }

{”@datetime”:1576812955644,”proto”:”TCP”,”length”:52,”source”:”10.10.26.253″,”sport”:57086,”dest”:”10.10.26.238″,”dport”:5601}
{ “index” : { “_index” : “sniff” , “_type” : “_doc” } }
{”@datetime”:1576812955644,”proto”:”TCP”,”length”:52,”source”:”10.10.26.238″,”sport”:5601,”dest”:”10.10.26.253″,”dport”:57086}
{ “index” : { “_index” : “sniff” , “_type” : “_doc” } }
{”@datetime”:1576812955644,”proto”:”TCP”,”length”:40,”source”:”10.10.26.253″,”sport”:57086,”dest”:”10.10.26.238″,”dport”:5601}
curl -s -H “Content-Type: application/x-ndjson” -XPOST localhost:9200/_bulk –data-binary “@json.txt”
tcpdump -i eth1 -nnnn -tt -v not port 22 | php tcparse.php
# cat load.sh
#!/bin/bash

/bin/killall tcpdump
sleep 5
/sbin/tcpdump -i eth7 -nnnn -tt -G 60 -z /_DATA/reload2.sh -w /tmp/PCAP2-%Y-%m-%d-%H-%M-%S &
/sbin/tcpdump -i eth6 -nnnn -tt -G 60 -z /_DATA/reload.sh -w /tmp/PCAP-%Y-%m-%d-%H-%M-%S &

# cat reload.sh
#!/bin/bash

rm -f /_DATA/json.txt
rm -f /_DATA/sql.txt tcpdump -v -nnnn -tt -r $1 not vrrp | php /_DATA/tcparse.php json.txt sql.txt 1
curl -s -H “Content-Type: application/x-ndjson” -XPOST localhost:9200/_bulk –data-binary “@/_DATA/json.txt”
mkdir /_DATA/`date +%Y-%m` > /dev/null 2>&1
mkdir /_DATA/`date +%Y-%m`/`date +%d` > /dev/null 2>&1
mv $1 /_DATA/`date +%Y-%m`/`date +%d`
/bin/mysql –defaults-extra-file=/_DATA/mysql.ini SNIFF < /_DATA/sql.txt &

30
May

snmp proxy

   Posted by: admin   in Mẹo vặt của hiếu râu

# com2sec6 [-Cn CONTEXT]   SECNAME          SOURCE    COMMUNITY

com2sec   -Cn old14   notConfigUser6   default  10.175.0.14

com2sec   -Cn old15   notConfigUser6   default  10.175.0.15

# group    GROUP           {v1|v2c|usm}     SECNAME

group      OLDSWITCH       v2c              notConfigUser6

# view     VNAME           TYPE             OID   [MASK]

view       all             included         .1

# access   GROUP           CONTEXT          {any|v1|v2c|usm}  LEVEL  PREFX  READ WRITE NOTIFY

access     OLDSWITCH       old        v2c               noauth prefix  all  none  none

# proxy [-Cn CONTEXTNAME]  [SNMPCMD_ARGS]    HOST         OID

proxy   -Cn old14      -v 2c -c public   10.175.0.14  .1.3

proxy   -Cn old15      -v 2c -c public  10.175.0.15  .1.3

22
May

Centos 7 Clone

   Posted by: admin   in Mẹo vặt của hiếu râu

#yum install -y rsync

#vi /root/rsync.excl
/boot
/dev
/tmp
/sys
/proc
/backup
/etc/fstab
/etc/mtab
/etc/mdadm.conf
/etc/sysconfig/network*
#rsync -vPa –exclude-from=/root/rsync.excl -e ssh / DESTIP:/
13
Feb

syslog-ng

   Posted by: admin   in Mẹo vặt của hiếu râu

source s_net {
udp(ip(0.0.0.0) port(514));
};
destination d_net {
file(”/_SYSLOG/$HOST/$YEAR/$MONTH/$FACILITY $DAY”
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes) );
};
log { source(s_net); destination(d_net); };
=========client========
/etc/rsyslog.conf
*.*  @server-ip
16
Aug

contrail

   Posted by: admin   in Mẹo vặt của hiếu râu

https://github.com/Juniper/contrail-ansible-deployer/wiki/Deployment-Example:-Contrail-and-Kubernetes-and-Openstack

https://www.juniper.net/documentation/en_US/contrail5.0/information-products/pathway-pages/contrail-feature-guide-pwp.pdf

https://www.youtube.com/watch?v=cULuCvB-_b0

==================== EVPN VXLAN ===========================

set interfaces ge-0/0/7 unit 0 family bridge interface-mode access

set interfaces ge-0/0/7 unit 0 family bridge vlan-id 200

set interfaces ge-0/0/8 unit 0 family bridge interface-mode access

set interfaces ge-0/0/8 unit 0 family bridge vlan-id 1000

set interfaces ge-0/0/9 unit 0 family inet address 192.168.122.21/24

set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B75A36475

set interfaces irb unit 200 family inet address 200.200.200.200/24

set interfaces irb unit 1000 family inet address 10.1.1.122/24

set interfaces lo0 unit 0 family inet address 5.5.5.5/32

set interfaces lo0 unit 11 family inet address 11.11.11.1/32

set routing-options router-id 5.5.5.5

set protocols bgp group contrail type internal

set protocols bgp group contrail family evpn signaling

set protocols bgp group contrail local-as 64512

set protocols bgp group contrail allow 192.168.122.0/24

set routing-instances VRF instance-type vrf

set routing-instances VRF interface irb.200

set routing-instances VRF interface irb.1000

set routing-instances VRF interface lo0.11

set routing-instances VRF route-distinguisher 5.5.5.5:11

set routing-instances VRF vrf-target target:64512:1

set routing-instances VRF vrf-table-label

set routing-instances VRF routing-options auto-export

set routing-instances VS vtep-source-interface lo0.0

set routing-instances VS instance-type virtual-switch

set routing-instances VS interface ge-0/0/8.0

set routing-instances VS route-distinguisher 5.5.5.5:1

set routing-instances VS vrf-target target:64512:1

set routing-instances VS protocols evpn encapsulation vxlan

set routing-instances VS protocols evpn extended-vni-list 1000

set routing-instances VS protocols evpn multicast-mode ingress-replication

set routing-instances VS bridge-domains VLAN1000 domain-type bridge

set routing-instances VS bridge-domains VLAN1000 vlan-id 1000

set routing-instances VS bridge-domains VLAN1000 routing-interface irb.1000

set routing-instances VS bridge-domains VLAN1000 vxlan vni 1000

set routing-instances VS bridge-domains VLAN1000 vxlan ingress-node-replication

set bridge-domains VLAN200 vlan-id 200

set bridge-domains VLAN200 routing-interface irb.200

================ MPLSoGRE =======================

set chassis fpc 0 pic 0 tunnel-services

set interfaces ge-0/0/8 unit 0 description “IP Fabric Int”

set interfaces ge-0/0/8 unit 0 family inet address 9.9.9.9/24

set interfaces ge-0/0/9 unit 0 family inet address 192.168.122.22/24

set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B76594E6D

set interfaces lo0 unit 0 family inet address 127.0.0.1/32

set routing-options static route 0.0.0.0/0 next-hop 9.9.9.10

set routing-options route-distinguisher-id 192.168.122.22

set routing-options autonomous-system 64512

set routing-options dynamic-tunnels gw-gre source-address 192.168.122.22

set routing-options dynamic-tunnels gw-gre gre

set routing-options dynamic-tunnels gw-gre destination-networks 192.168.122.0/24

set protocols mpls interface all

set protocols bgp group contrail type internal

set protocols bgp group contrail local-address 192.168.122.22

set protocols bgp group contrail family inet-vpn unicast

set protocols bgp group contrail family route-target

set protocols bgp group contrail peer-as 64512

set protocols bgp group contrail local-as 64512

set protocols bgp group contrail allow 192.168.122.0/24

set protocols ldp interface all

set routing-instances admin instance-type vrf

set routing-instances admin interface ge-0/0/8.0

set routing-instances admin vrf-target target:64512:11111

set routing-instances admin routing-options static route 0.0.0.0/0 next-hop 9.9.9.10

====================== L2VXLAN + L3 MPLSoGRE ==========================

set chassis fpc 0 pic 0 tunnel-services

set interfaces ge-0/0/7 unit 0 family inet address 111.111.111.111/24

set interfaces ge-0/0/8 unit 0 family bridge interface-mode access

set interfaces ge-0/0/8 unit 0 family bridge vlan-id 1000

set interfaces ge-0/0/9 unit 0 family inet address 192.168.122.21/24

set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B75A36475

set interfaces lo0 unit 0 family inet address 9.9.9.9/32

set routing-options static route 1.1.1.1/32 next-hop 192.168.122.10

set routing-options router-id 9.9.9.9

set routing-options route-distinguisher-id 192.168.122.21

set routing-options dynamic-tunnels gw-gre source-address 192.168.122.21

set routing-options dynamic-tunnels gw-gre gre

set routing-options dynamic-tunnels gw-gre destination-networks 192.168.122.0/24

set protocols bgp group contrail type internal

set protocols bgp group contrail family inet-vpn unicast

set protocols bgp group contrail family evpn signaling

set protocols bgp group contrail local-as 64512

set protocols bgp group contrail allow 192.168.122.0/24

set routing-instances net1L2 vtep-source-interface lo0.0

set routing-instances net1L2 instance-type virtual-switch

set routing-instances net1L2 interface ge-0/0/8.0

set routing-instances net1L2 route-distinguisher 9.9.9.9:11111

set routing-instances net1L2 vrf-target target:64512:11111

set routing-instances net1L2 protocols evpn encapsulation vxlan

set routing-instances net1L2 protocols evpn extended-vni-list 1000

set routing-instances net1L2 protocols evpn multicast-mode ingress-replication

set routing-instances net1L2 bridge-domains VLAN1000 domain-type bridge

set routing-instances net1L2 bridge-domains VLAN1000 vlan-id 1000

set routing-instances net1L2 bridge-domains VLAN1000 vxlan vni 1000

set routing-instances net1L2 bridge-domains VLAN1000 vxlan ingress-node-replication

set routing-instances net1L3 instance-type vrf

set routing-instances net1L3 vrf-table-label

set routing-instances net1L3 interface ge-0/0/7.0

set routing-instances net1L3 vrf-target target:64512:11111

set routing-instances net1L3 routing-options static route 0.0.0.0/0 next-hop 111.111.111.112

==================== 2DC ====================

[edit]

root@VMX9999# show | display set | no-more

set chassis fpc 0 pic 0 tunnel-services

set chassis network-services enhanced-ip

set interfaces ge-0/0/0 description “loop back to extL2″

set interfaces ge-0/0/0 unit 0 family bridge interface-mode trunk

set interfaces ge-0/0/0 unit 0 family bridge vlan-id-list 1000

set interfaces ge-0/0/0 unit 0 family bridge vlan-id-list 1002

set interfaces ge-0/0/1 description “loop back to net1L2″

set interfaces ge-0/0/1 unit 0 family bridge interface-mode trunk

set interfaces ge-0/0/1 unit 0 family bridge vlan-id-list 1000

set interfaces ge-0/0/1 unit 0 family bridge vlan-id-list 1002

set interfaces ge-0/0/2 description “server access vlan 1000″

set interfaces ge-0/0/2 unit 0 family bridge interface-mode access

set interfaces ge-0/0/2 unit 0 family bridge vlan-id 1000

set interfaces ge-0/0/3 description “server access vlan 1002″

set interfaces ge-0/0/3 unit 0 family bridge interface-mode access

set interfaces ge-0/0/3 unit 0 family bridge vlan-id 1002

set interfaces ge-0/0/4 description “server L3 172.16.9.9″

set interfaces ge-0/0/4 unit 0 family inet address 172.16.9.21/24

set interfaces ge-0/0/5 description “Internet Peering”

set interfaces ge-0/0/5 unit 0 family inet address 20.1.1.21/24

set interfaces ge-0/0/9 unit 0 family inet address 192.168.122.21/24

set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B75A36475

set interfaces irb unit 1000 virtual-gateway-accept-data

set interfaces irb unit 1000 family inet address 10.1.1.254/24 virtual-gateway-address 10.1.1.1

set interfaces irb unit 1002 virtual-gateway-accept-data

set interfaces irb unit 1002 family inet address 10.1.2.254/24 virtual-gateway-address 10.1.2.1

set interfaces lo0 unit 0 family inet address 9.9.9.9/32

set interfaces lo0 unit 1 family inet address 9.9.9.10/32

set routing-options static route 0.0.0.0/0 next-hop 20.1.1.1

set routing-options router-id 9.9.9.9

set routing-options route-distinguisher-id 192.168.122.21

set routing-options autonomous-system 64512

set routing-options dynamic-tunnels gw-gre source-address 9.9.9.9

set routing-options dynamic-tunnels gw-gre gre

set routing-options dynamic-tunnels gw-gre destination-networks 192.168.122.0/24

set routing-options dynamic-tunnels gw-gre destination-networks 8.8.8.8/32

set protocols bgp group contrail type internal

set protocols bgp group contrail family inet-vpn unicast

set protocols bgp group contrail family evpn signaling

set protocols bgp group contrail local-as 64512

set protocols bgp group contrail allow 192.168.122.0/24

set protocols bgp group EXT_BGP type external

set protocols bgp group EXT_BGP multihop ttl 5

set protocols bgp group EXT_BGP local-address 9.9.9.9

set protocols bgp group EXT_BGP family inet-vpn unicast

set protocols bgp group EXT_BGP family evpn signaling

set protocols bgp group EXT_BGP neighbor 8.8.8.8 peer-as 64513

set protocols bgp group EXT_BGP neighbor 8.8.8.8 local-as 64512

set routing-instances extL2 vtep-source-interface lo0.0

set routing-instances extL2 instance-type virtual-switch

set routing-instances extL2 interface ge-0/0/0.0

set routing-instances extL2 interface ge-0/0/2.0

set routing-instances extL2 interface ge-0/0/3.0

set routing-instances extL2 route-distinguisher 9.9.9.9:20

set routing-instances extL2 vrf-target target:64512:20

set routing-instances extL2 protocols evpn encapsulation vxlan

set routing-instances extL2 protocols evpn extended-vni-list 100

set routing-instances extL2 protocols evpn extended-vni-list 102

set routing-instances extL2 protocols evpn multicast-mode ingress-replication

set routing-instances extL2 bridge-domains VLAN1000 vlan-id 1000

set routing-instances extL2 bridge-domains VLAN1000 vxlan vni 100

set routing-instances extL2 bridge-domains VLAN1000 vxlan ingress-node-replication

set routing-instances extL2 bridge-domains VLAN1002 vlan-id 1002

set routing-instances extL2 bridge-domains VLAN1002 vxlan vni 102

set routing-instances extL2 bridge-domains VLAN1002 vxlan ingress-node-replication

set routing-instances net1L2 vtep-source-interface lo0.0

set routing-instances net1L2 instance-type virtual-switch

set routing-instances net1L2 interface ge-0/0/1.0

set routing-instances net1L2 route-distinguisher 9.9.9.9:11111

set routing-instances net1L2 vrf-target target:64512:11111

set routing-instances net1L2 protocols evpn encapsulation vxlan

set routing-instances net1L2 protocols evpn extended-vni-list 1000

set routing-instances net1L2 protocols evpn extended-vni-list 1002

set routing-instances net1L2 protocols evpn multicast-mode ingress-replication

set routing-instances net1L2 bridge-domains VLAN1000 domain-type bridge

set routing-instances net1L2 bridge-domains VLAN1000 vlan-id 1000

set routing-instances net1L2 bridge-domains VLAN1000 routing-interface irb.1000

set routing-instances net1L2 bridge-domains VLAN1000 vxlan vni 1000

set routing-instances net1L2 bridge-domains VLAN1000 vxlan ingress-node-replication

set routing-instances net1L2 bridge-domains VLAN1002 domain-type bridge

set routing-instances net1L2 bridge-domains VLAN1002 vlan-id 1002

set routing-instances net1L2 bridge-domains VLAN1002 routing-interface irb.1002

set routing-instances net1L2 bridge-domains VLAN1002 vxlan vni 1002

set routing-instances net1L2 bridge-domains VLAN1002 vxlan ingress-node-replication

set routing-instances net1L3 instance-type vrf

set routing-instances net1L3 interface ge-0/0/4.0

set routing-instances net1L3 interface irb.1000

set routing-instances net1L3 interface irb.1002

set routing-instances net1L3 interface lo0.1

set routing-instances net1L3 vrf-target target:64512:20

set routing-instances net1L3 vrf-table-label

set routing-instances net1L3 routing-options static route 10.1.2.0/24 discard

set routing-instances net1L3 routing-options static route 10.1.1.0/24 discard

[edit]
root@VMX8888# show | display set | no-more
set chassis fpc 0 pic 0 tunnel-services
set interfaces ge-0/0/2 description “server access vlan 1000″
set interfaces ge-0/0/2 unit 0 family bridge interface-mode access
set interfaces ge-0/0/2 unit 0 family bridge vlan-id 1000
set interfaces ge-0/0/3 description “server access vlan 1002″
set interfaces ge-0/0/3 unit 0 family bridge interface-mode access
set interfaces ge-0/0/3 unit 0 family bridge vlan-id 1002
set interfaces ge-0/0/4 description “server L3 172.16.8.8″
set interfaces ge-0/0/4 unit 0 family inet address 172.16.8.22/24
set interfaces ge-0/0/5 description “Internet Peering”
set interfaces ge-0/0/5 unit 0 family inet address 20.2.2.22/24
set interfaces fxp0 unit 0 family inet dhcp vendor-id Juniper-vmx-VM5B76594E6D
set interfaces irb unit 1000 virtual-gateway-accept-data
set interfaces irb unit 1000 family inet address 10.1.1.253/24 virtual-gateway-address 10.1.1.1
set interfaces irb unit 1002 virtual-gateway-accept-data
set interfaces irb unit 1002 family inet address 10.1.2.253/24 virtual-gateway-address 10.1.2.1
set interfaces lo0 unit 0 family inet address 8.8.8.8/32
set interfaces lo0 unit 1 family inet address 8.8.8.9/32
set routing-options static route 0.0.0.0/0 next-hop 20.2.2.1
set routing-options router-id 8.8.8.8
set routing-options route-distinguisher-id 20.2.2.22
set routing-options autonomous-system 64513
set routing-options dynamic-tunnels gw-gre source-address 8.8.8.8
set routing-options dynamic-tunnels gw-gre gre
set routing-options dynamic-tunnels gw-gre destination-networks 9.9.9.9/32
set protocols bgp group EXT_BGP type external
set protocols bgp group EXT_BGP multihop ttl 5
set protocols bgp group EXT_BGP local-address 8.8.8.8
set protocols bgp group EXT_BGP family inet-vpn unicast
set protocols bgp group EXT_BGP family evpn signaling
set protocols bgp group EXT_BGP neighbor 9.9.9.9 peer-as 64512
set protocols bgp group EXT_BGP neighbor 9.9.9.9 local-as 64513
set routing-instances extL2 vtep-source-interface lo0.0
set routing-instances extL2 instance-type virtual-switch
set routing-instances extL2 interface ge-0/0/2.0
set routing-instances extL2 interface ge-0/0/3.0
set routing-instances extL2 route-distinguisher 8.8.8.8:20
set routing-instances extL2 vrf-target target:64512:20
set routing-instances extL2 protocols evpn encapsulation vxlan
set routing-instances extL2 protocols evpn extended-vni-list 100
set routing-instances extL2 protocols evpn extended-vni-list 102
set routing-instances extL2 protocols evpn multicast-mode ingress-replication
set routing-instances extL2 bridge-domains VLAN1000 vlan-id 1000
set routing-instances extL2 bridge-domains VLAN1000 routing-interface irb.1000
set routing-instances extL2 bridge-domains VLAN1000 vxlan vni 100
set routing-instances extL2 bridge-domains VLAN1000 vxlan ingress-node-replication
set routing-instances extL2 bridge-domains VLAN1002 vlan-id 1002
set routing-instances extL2 bridge-domains VLAN1002 routing-interface irb.1002
set routing-instances extL2 bridge-domains VLAN1002 vxlan vni 102
set routing-instances extL2 bridge-domains VLAN1002 vxlan ingress-node-replication
set routing-instances net1L3 instance-type vrf
set routing-instances net1L3 interface ge-0/0/4.0
set routing-instances net1L3 interface irb.1000
set routing-instances net1L3 interface irb.1002
set routing-instances net1L3 interface lo0.1
set routing-instances net1L3 vrf-target target:64512:20
set routing-instances net1L3 vrf-table-label
set routing-instances net1L3 routing-options static route 10.1.2.0/24 discard
set routing-instances net1L3 routing-options static route 10.1.1.0/24 discard
[edit]
root@VMX8888#