# Basculement réseau du 10/04/21

## Périmètre

Le périmètre de l'exercice comporte 32 adresses:

^ Socle ^ Nom ^ Type Virt ^ IP Tours ^ IP Marseille ^ Type ^ 
| z/OS | ETUDES | LPAR | 10.37.222.30 | 10.103.219.30 | VIPA |
| z/OS | CQIF | LPAR | 10.37.222.50 | 10.103.219.50 | VIPA |
| z/OS | PRODAM | LPAR | 10.37.222.60 | 10.103.219.60 | VIPA |
| z/OS | PRODOR | LPAR | 10.37.222.80 | 10.103.219.80 | VIPA |
| Linux | LETUDES | VM | 10.37.222.130 | 10.103.222.130 | Physique |
| Linux | LCQIF | VM | 10.37.222.150 | 10.103.222.150 | Physique |
| Linux | LPRODAM | VM | 10.37.222.160 | 10.103.222.160 | Physique |
| Linux | LPRODOR | VM | 10.37.222.180 | 10.103.222.180 | Physique |
| Linux | LXOPE | LPAR | 10.37.225.120 | 10.103.235.120 | Physique |
| Linux | LXDSU | LPAR | 10.37.225.210 | 10.103.235.210 | Physique |
| Linux | LXSMB | LPAR | 10.37.225.180 | 10.103.235.180 | Physique |
| Linux | LXSTF | LPAR | 10.37.225.170 | 10.103.235.170 | Physique |
| Linux | STF3SAI1 | VM | 10.37.235.30 | 10.103.235.30 | Physique |
| Linux | STF3SAQ1 | VM | 10.37.235.31 | 10.103.235.31 | Physique |
| Linux | STF3SAPA | VM | 10.37.235.32 | 10.103.235.32 | Physique |
| Linux | STF3SAPO | VM | 10.37.235.33 | 10.103.235.33 | Physique |
| z/OS | PAC1 | LPAR | 10.37.238.10 | 10.103.238.10 | VIPA+RIP |
| z/OS | CHL1 | LPAR | 10.37.238.20 | 10.103.238.20 | VIPA+RIP |
| z/OS | ROU1 | LPAR | 10.37.238.30 | 10.103.238.30 | VIPA+RIP |
| z/OS | TRS1 | LPAR | 10.37.238.50 | 10.103.238.50 | VIPA+RIP |
| z/OS | GRBD | LPAR | 10.37.238.60 | 10.103.238.60 | VIPA+RIP |
| z/OS | BDX3 | LPAR | 10.37.238.70 | 10.103.238.70 | VIPA+RIP |
| z/OS | ROU2 | LPAR | 10.37.238.80 | 10.103.238.80 | VIPA+RIP |
| z/OS | GSIT | LPAR | 10.37.238.90 | 10.103.238.90 | VIPA+RIP |
| z/OS | TRS2 | LPAR | 10.37.238.130 | 10.103.238.130 | VIPA+RIP |
| Linux | OINZ | VM | 10.37.246.9 | 10.103.246.9 | Physique |
| Linux | LXPRDSTF | VM | 10.37.246.16 | 10.103.246.16 | Physique |
| Linux | OPSSAD1 | VM | 10.37.246.29 | 10.103.246.29 | Physique |
| Linux | TSTFSAP1 | VM | 10.37.246.30 | 10.103.246.30 | Physique |
| Linux | SUPESAP1 | VM | 10.37.246.31 | 10.103.246.31 | Physique |
| Linux | OPSRSAP1 | VM | 10.37.246.32 | 10.103.246.32 | Physique |
| Linux | OPSTSAP1 | VM | 10.37.246.33 | 10.103.246.33 | Physique |

## Script de traceroute

Afin d'industrialiser le basculement, le script de traceroute utilise en entrée un fichier contenant toutes les adresses du périmètre (une par ligne):
  - `i=0;` initialisation du compteur de ligne
  - `for word in $(cat tracetrs100421.txt); do ... done` boucle de lecture du fichier contenant les adresses ip
  - `let i+=1;` incrément du compteur de ligne
  - `traceroute -I $word` traceroute ICMP
     - `|grep 10.103.13.` on ne garde que les lignes contenant l'adresse du coeur de réseau (10.37.1 pour Tours et 10.103.13 pour Marseille)
     - `|sed -re "s/^.*(10.103.13.. ).*$/"$i":"$word" - \1/p"` mise en forme de la ligne ( N° de ligne: adresse ip - saut ip)
     - `| uniq -c ;` tri pour ne garder qu'une seule ligne (à cause de la boucle à Tours)

<WRAP important>Suite au pré-test du 9 avril 2021, l'option -I (traceroute ICMP) a été préféré car le traceroute par défaut ne permettait pas de remonter toutes les traces</WRAP>

### Traceroute de Tours (SAN6BR)

```
Traceroute to 10.103.235.110 from IP interface 10.37.225.234 on 0/ge0, 30 hops max
 1  10.37.225.7  0 ms  0 ms  17 ms
 2  10.37.1.20  0 ms  0 ms  0 ms
 3  86.79.4.42  0 ms  0 ms  0 ms
 4  86.79.4.49  4 ms  4 ms  4 ms
 5  100.127.32.2  13 ms  13 ms  13 ms
 6  100.127.32.2  13 ms  13 ms  13 ms
 7  100.127.252.106  35 ms  35 ms  35 ms
 8  100.127.252.21  35 ms  35 ms  35 ms
 9  100.127.252.46  35 ms  35 ms  35 ms
10  100.127.252.66  37 ms  37 ms  37 ms
11  100.127.251.121  32 ms  32 ms  32 ms
12  10.103.13.1  30 ms  53 ms  30 ms
13  10.103.222.33  37 ms  37 ms  37 ms
14  10.103.235.110  30 ms  30 ms  30 ms
Traceroute complete.
```

^ hop ^ adresse ^ équipement ^
| 1 | 10.37.225.7  | |
| @orange:2 | @orange:10.37.1.20 | @orange:coeur TRS |
| @orange:3 | @orange:86.79.4.42 | @orange:routeur TRS |
| 4 | 86.79.4.49  | |
| 5 | 100.127.32.2 | |  
| 6 | 100.127.32.2  | |
| 7 | 100.127.252.106 | |  
| 8 | 100.127.252.21 | |
| 9 | 100.127.252.46 | |  
| 10 | 100.127.252.66  | |
| @lightgreen:11 | @lightgreen:100.127.251.121 | @lightgreen:RT1 |
| @lightgreen:12 | @lightgreen:10.103.13.1 | @lightgreen:fédérateur |
| 13 | 10.103.222.33  | | 
| 14 | 10.103.235.110 | | 


### Traceroute depuis Marseille (snsmutual)

```
[root] # traceroute 10.37.222.50
traceroute to 10.37.222.50 (10.37.222.50), 30 hops max, 60 byte packets
 1  10.103.222.1 (10.103.222.1)  0.699 ms  1.003 ms  1.310 ms
 2  * * *
 3  10.103.13.4 (10.103.13.4)  0.110 ms  0.122 ms  0.128 ms
 4  100.127.251.122 (100.127.251.122)  0.948 ms  1.008 ms  1.076 ms
 5  100.127.252.65 (100.127.252.65)  25.159 ms  25.375 ms  25.482 ms
 6  100.127.252.45 (100.127.252.45)  25.160 ms  25.374 ms  25.502 ms
 7  100.127.252.22 (100.127.252.22)  27.908 ms  27.586 ms  27.626 ms
 8  100.127.252.17 (100.127.252.17)  33.452 ms 
    100.127.252.105 (100.127.252.105)  20.292 ms  21.978 ms
 9  100.127.32.1 (100.127.32.1)  27.219 ms  27.207 ms  27.212 ms
10  86.79.4.46 (86.79.4.46)  32.317 ms  32.327 ms 
    100.127.252.98 (100.127.252.98)  32.434 ms
11  10.37.1.17 (10.37.1.17)  36.535 ms 
    100.127.252.102 (100.127.252.102)  33.123 ms 
    10.37.1.17 (10.37.1.17)  34.938 ms
12  100.127.32.1 (100.127.32.1)  32.028 ms  31.943 ms  31.887 ms
13  cqif-foncier.appli.dgfip (10.37.222.50)  40.156 ms  39.838 ms  39.853 ms
```

^ hop ^ adresse ^ équipement ^
| 1 | 10.103.222.1 (10.103.222.1) | |
| 2 | * * * | |
| @lightgreen:3 | @lightgreen:10.103.13.4 (10.103.13.4) | @lightgreen:fédérateur |
| @lightgreen:4 | @lightgreen:100.127.251.122 (100.127.251.122) | @lightgreen:RT2 |
| 5 | 100.127.252.65 (100.127.252.65) | |
| 6 | 100.127.252.45 (100.127.252.45) | | 
| 7 | 100.127.252.22 (100.127.252.22) | |
| 8 | 100.127.252.17 (100.127.252.17) | |
|   | 100.127.252.105 (100.127.252.105) | |
| 9 | 100.127.32.1 (100.127.32.1) | |
| @orange:10 | @orange:86.79.4.46 (86.79.4.46) | @orange:routeur TRS |
|   | 100.127.252.98 (100.127.252.98) | |
| @orange:11 | @orange:10.37.1.17 (10.37.1.17) | @orange:coeur TRS |
|   | 100.127.252.102 (100.127.252.102) | |
| @orange:  | @orange:10.37.1.17 (10.37.1.17) | @orange:coeur TRS |
| 12 | 100.127.32.1 (100.127.32.1) | |
| 13 | cqif-foncier.appli.dgfip (10.37.222.50) | |


##  Pré-test de Basculement

```
 ip route-static 10.37.235.204 255.255.255.255 192.168.212.33 tag 10 description test new 235
 ip route-static 10.37.246.50 255.255.255.255 192.168.212.33 tag 10 description test new 246
```

### Sous-réseau 10.37.235.0/24

  * Traceroute avant le basculement

```
--(gavpgsa118:/)-
[root] # traceroute 10.37.235.204
traceroute to 10.37.235.204 (10.37.235.204), 30 hops max, 60 byte packets
 1  10.59.154.7 (10.59.154.7)  0.954 ms  0.902 ms  1.511 ms
 2  10.59.2.228 (10.59.2.228)  0.109 ms  0.113 ms  0.105 ms
 3  100.127.251.158 (100.127.251.158)  0.910 ms  0.975 ms  1.034 ms
 4  100.127.252.109 (100.127.252.109)  18.439 ms  18.722 ms  18.841 ms
 5  100.127.252.17 (100.127.252.17)  18.418 ms  19.702 ms 100.127.252.105 (100.127.252.105)  12.526 ms
 6  100.127.252.90 (100.127.252.90)  17.355 ms 100.127.32.1 (100.127.32.1)  13.113 ms  13.078 ms
 7  86.79.4.50 (86.79.4.50)  22.612 ms  22.672 ms  22.652 ms
 8  100.127.252.102 (100.127.252.102)  18.449 ms  18.553 ms  20.067 ms
 9  100.127.32.1 (100.127.32.1)  17.812 ms  17.850 ms *
10  86.79.4.50 (86.79.4.50)  27.418 ms  30.193 ms  30.196 ms
11  10.37.1.17 (10.37.1.17)  32.771 ms  30.166 ms *
```

  * Basculement de l'adresse 10.37.235.204

```
-(Thu Apr 08 10:09:14)--(gavpgsa118:/)-
[root] # traceroute 10.37.235.204
traceroute to 10.37.235.204 (10.37.235.204), 30 hops max, 60 byte packets
 1  10.59.154.7 (10.59.154.7)  1.675 ms  12.070 ms  2.343 ms
 2  10.59.2.228 (10.59.2.228)  0.133 ms  0.128 ms  0.120 ms
 3  100.127.251.158 (100.127.251.158)  1.962 ms  1.958 ms  1.949 ms
 4  100.127.252.1 (100.127.252.1)  17.974 ms  18.079 ms 100.127.252.109 (100.127.252.109)  18.200 ms
 5  100.127.252.21 (100.127.252.21)  22.589 ms  22.573 ms 100.127.252.10 (100.127.252.10)  22.381 ms
 6  100.127.252.46 (100.127.252.46)  25.252 ms  25.477 ms  25.587 ms
 7  100.127.252.57 (100.127.252.57)  25.327 ms 100.127.252.66 (100.127.252.66)  21.828 ms 100.127.252.57 (100.127.252.57)  25.228 ms
 8  100.127.252.54 (100.127.252.54)  28.510 ms 100.127.251.121 (100.127.251.121)  16.306 ms  16.322 ms
 9  10.103.13.1 (10.103.13.1)  50.597 ms  21.316 ms 100.127.252.77 (100.127.252.77)  25.383 ms
10  * 100.127.252.73 (100.127.252.73)  25.397 ms *
11  100.127.251.121 (100.127.251.121)  23.474 ms *  23.467 ms
12  * 10.103.13.1 (10.103.13.1)  28.278 ms  28.763 ms
13  10.37.235.204 (10.37.235.204)  29.645 ms *  29.002 ms
```

  * Retour en nominal

```
-(Thu Apr 08 10:10:56)--(gavpgsa118:/)-
[root] # [root] # traceroute 10.37.235.204
traceroute to 10.37.235.204 (10.37.235.204), 30 hops max, 60 byte packets
 1  10.59.154.7 (10.59.154.7)  0.986 ms  0.941 ms  1.571 ms
 2  10.59.2.228 (10.59.2.228)  0.131 ms  0.131 ms  0.125 ms
 3  100.127.251.158 (100.127.251.158)  0.866 ms  1.032 ms  1.115 ms
 4  100.127.252.109 (100.127.252.109)  18.448 ms  18.734 ms  18.874 ms
 5  100.127.252.17 (100.127.252.17)  18.547 ms  18.547 ms 100.127.252.105 (100.127.252.105)  12.581 ms
 6  100.127.32.1 (100.127.32.1)  13.119 ms  13.033 ms  13.020 ms
 7  86.79.4.50 (86.79.4.50)  22.624 ms 100.127.252.98 (100.127.252.98)  17.421 ms  17.262 ms
 8  10.37.1.17 (10.37.1.17)  34.265 ms 100.127.252.102 (100.127.252.102)  18.374 ms 10.37.1.17 (10.37.1.17)  25.366 ms
 9  100.127.32.1 (100.127.32.1)  17.821 ms *  17.830 ms
10  86.79.4.50 (86.79.4.50)  27.370 ms * *
11  10.37.1.17 (10.37.1.17)  30.037 ms  30.335 ms *
```

### Sous-réseau 10.37.246.0/24

  * Traceroute avant le basculement

```
[root] # traceroute 10.37.246.50 
traceroute to 10.37.246.50 (10.37.246.50), 30 hops max, 60 byte packets
 1  10.59.154.7 (10.59.154.7)  0.863 ms  0.876 ms  1.476 ms
 2  10.59.2.228 (10.59.2.228)  0.113 ms  0.121 ms  0.115 ms
 3  100.127.251.158 (100.127.251.158)  0.867 ms  0.938 ms  1.000 ms
 4  100.127.252.109 (100.127.252.109)  18.360 ms  18.465 ms  18.644 ms
 5  100.127.252.105 (100.127.252.105)  12.710 ms  12.838 ms  12.947 ms
 6  100.127.252.90 (100.127.252.90)  17.536 ms  17.204 ms 100.127.32.1 (100.127.32.1)  13.078 ms
 7  86.79.4.50 (86.79.4.50)  22.651 ms 100.127.252.98 (100.127.252.98)  17.705 ms 86.79.4.50 (86.79.4.50)  22.621 ms
 8  100.127.252.102 (100.127.252.102)  18.878 ms 10.37.1.17 (10.37.1.17)  25.471 ms 100.127.252.102 (100.127.252.102)  18.300 ms
 9  100.127.32.1 (100.127.32.1)  17.847 ms  17.834 ms  17.801 ms^C
```

  * Basculement de l'adresse 10.37.246.50

```
[root] # traceroute 10.37.246.50
traceroute to 10.37.246.50 (10.37.246.50), 30 hops max, 60 byte packets
 1  10.59.154.7 (10.59.154.7)  0.959 ms  0.956 ms  1.606 ms
 2  10.59.2.228 (10.59.2.228)  0.140 ms  0.140 ms  0.131 ms
 3  100.127.251.158 (100.127.251.158)  0.918 ms  0.985 ms  1.045 ms
 4  100.127.252.109 (100.127.252.109)  18.039 ms 100.127.252.1 (100.127.252.1)  18.121 ms  18.257 ms
 5  100.127.252.21 (100.127.252.21)  18.161 ms 100.127.252.10 (100.127.252.10)  17.847 ms 100.127.252.21 (100.127.252.21)  18.194 ms
 6  100.127.252.46 (100.127.252.46)  25.385 ms  26.791 ms  26.781 ms
 7  100.127.252.66 (100.127.252.66)  17.288 ms  16.810 ms  16.904 ms
 8  100.127.252.54 (100.127.252.54)  24.507 ms 100.127.251.121 (100.127.251.121)  16.337 ms 100.127.252.54 (100.127.252.54)  24.508 ms
 9  10.103.13.1 (10.103.13.1)  25.477 ms 100.127.252.77 (100.127.252.77)  25.382 ms 10.103.13.1 (10.103.13.1)  18.177 ms
10  100.127.252.73 (100.127.252.73)  25.314 ms^C
```

  * Retour en Nominal

```
 traceroute 10.37.246.50
traceroute to 10.37.246.50 (10.37.246.50), 30 hops max, 60 byte packets
 1  10.59.154.7 (10.59.154.7)  0.839 ms  3.262 ms  1.565 ms
 2  10.59.2.228 (10.59.2.228)  0.099 ms  0.096 ms  0.121 ms
 3  100.127.251.158 (100.127.251.158)  0.908 ms  0.998 ms  1.062 ms
 4  100.127.252.109 (100.127.252.109)  18.471 ms  18.724 ms  19.028 ms
 5  100.127.252.105 (100.127.252.105)  12.593 ms 100.127.252.17 (100.127.252.17)  18.433 ms 100.127.252.105 (100.127.252.105)  12.675 ms
 6  100.127.252.90 (100.127.252.90)  17.426 ms  17.437 ms  17.473 ms
 7  86.79.4.50 (86.79.4.50)  22.605 ms  22.648 ms  22.586 ms
 8  100.127.252.102 (100.127.252.102)  18.270 ms  18.290 ms 86.79.4.41 (86.79.4.41)  22.470 ms
 9  10.37.1.17 (10.37.1.17)  61.283 ms 100.127.32.1 (100.127.32.1)  17.885 ms  17.862 ms
10  * 86.79.4.50 (86.79.4.50)  27.360 ms  27.361 ms
11  * 86.79.4.41 (86.79.4.41)  27.221 ms *
12  * * 10.37.1.17 (10.37.1.17)  30.159 ms
```

# Feuille de Route

## Présentation générale

La feuille de route présente de manière graphique les étapes importantes:

<WRAP info>Les Etapes essentielles de l'exercice</WRAP>
<WRAP round safety>Les feux verts</WRAP>
<WRAP important> Les informations importantes qui ne conditionnent pas la suite de l'exercice</WRAP>
<WRAP alert>Les informations importantes qui CONDITIONNENT la suite de l'exercice</WRAP>
<WRAP notice>Les points de communication sur le TCHAP DGFIP SNS BGP</WRAP>


## 8h00: Contrôle du routage initial

<WRAP info>10/04 - 8H30: CONTROLE DU ROUTAGE </WRAP>

Jacques serveur FSCURE (lille) traceroute sur les 32 partititions :

```
i=0;for word in $(cat tracetrs100421.txt); do let i+=1;traceroute -I $word|grep 10.37.1.|sed -re "s/^.*(10.37.1... ).*$/"$i":"$word" - \1/p"| uniq -c ; done
```

<WRAP important>Toutes les routes doivent aller vers Tours</WRAP>

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

## 9H00 - Début de l'exercice

<WRAP round info>10/04 - 9H00: DEBUT DE L'EXERCICE</WRAP>

Arrêt des partitions sur Z de tours

<WRAP round safety>Feu vert IBM à PROD</WRAP>

### Etape 1: Vérification de l'arrêt

<WRAP round safety>Feu vert IBM à RESEAU: Basculement</WRAP>

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### Jean-charles sur site

Ping sur les partitions (aucune ne doit répondre):

```
 ping 10.37.222.30
 ping 10.37.222.50
 ping 10.37.222.60
 ping 10.37.222.80
   
 ping 10.37.222.130
 ping 10.37.222.150
 ping 10.37.222.160
 ping 10.37.222.180
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### philippe sur site

Ping sur les partitions (aucune ne doit répondre):

```
 ping 10.37.225.120
 ping 10.37.225.210
 ping 10.37.225.180
 ping 10.37.225.170
   
 ping 10.37.235.30
 ping 10.37.235.31
 ping 10.37.235.32
 ping 10.37.235.33
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### Jacques sur site

Ping sur les partitions (aucune ne doit répondre):

```
 ping -c3 10.37.238.10
 ping -c3 10.37.238.60
 ping -c3 10.37.238.70
 ping -c3 10.37.238.80
 ping -c3 10.37.238.90
 ping -c3 10.37.238.130

 ping -c3 10.37.238.20
 ping -c3 10.37.238.30
 ping -c3 10.37.238.50
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### Patrick VPN0 bastion

Ping sur les partitions (aucune ne doit répondre):

```
 ping 10.37.246.9
 ping 10.37.246.16
 ping 10.37.246.29
 ping 10.37.246.30
 ping 10.37.246.31
 ping 10.37.246.32
 ping 10.37.246.33
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

### Etape 2: Déclaration des routes (basculement réseau)

#### Jean-charles sur site

Au feu vert JACQUES ajouter les routes sur le fédérateur 10.103.222.34

```
 ip route-static 10.37.222.30 255.255.255.255 192.168.212.33 tag 10 description ZOS ETUDES LPAR 
 ip route-static 10.37.222.50 255.255.255.255 192.168.212.33 tag 10 description ZOS CQIF LPAR 
 ip route-static 10.37.222.60 255.255.255.255 192.168.212.33 tag 10 description ZOS PRODAM LPAR 
 ip route-static 10.37.222.80 255.255.255.255 192.168.212.33 tag 10 description ZOS PRODOR LPAR 
   
 ip route-static 10.37.222.130 255.255.255.255 192.168.212.33 tag 10 description Linux LETUDES VM 
 ip route-static 10.37.222.150 255.255.255.255 192.168.212.33 tag 10 description Linux LCQIF VM 
 ip route-static 10.37.222.160 255.255.255.255 192.168.212.33 tag 10 description Linux LPRODAM VM 
 ip route-static 10.37.222.180 255.255.255.255 192.168.212.33 tag 10 description Linux LPRODOR VM
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### philippe sur site

Au feu vert JACQUES ajouter les routes sur le fédérateur 10.103.222.34

```
 ip route-static 10.37.225.120 255.255.255.255 192.168.212.33 tag 10 description Linux LXOPE LPAR 
 ip route-static 10.37.225.210 255.255.255.255 192.168.212.33 tag 10 description Linux LXDSU LPAR 
 ip route-static 10.37.225.180 255.255.255.255 192.168.212.33 tag 10 description Linux LXSMB LPAR 
 ip route-static 10.37.225.170 255.255.255.255 192.168.212.33 tag 10 description Linux LXSTF LPAR 
   
 ip route-static 10.37.235.30 255.255.255.255 192.168.212.33 tag 10 description Linux STF3SAI1 VM 
 ip route-static 10.37.235.31 255.255.255.255 192.168.212.33 tag 10 description Linux STF3SAQ1 VM 
 ip route-static 10.37.235.32 255.255.255.255 192.168.212.33 tag 10 description Linux STF3SAPA VM 
 ip route-static 10.37.235.33 255.255.255.255 192.168.212.33 tag 10 description Linux STF3SAPO VM 
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### Jacques sur site

Au feu vert JACQUES ajouter les routes sur le fédérateur 10.103.222.34

```
 ip route-static 10.37.238.10 255.255.255.255 192.168.212.33 tag 10 description ZOS PAC1 LPAR 
 ip route-static 10.37.238.60 255.255.255.255 192.168.212.33 tag 10 description ZOS GRBD LPAR 
 ip route-static 10.37.238.70 255.255.255.255 192.168.212.33 tag 10 description ZOS BDX3 LPAR 
 ip route-static 10.37.238.80 255.255.255.255 192.168.212.33 tag 10 description ZOS ROU2 LPAR 
 ip route-static 10.37.238.90 255.255.255.255 192.168.212.33 tag 10 description ZOS GSIT LPAR 
 ip route-static 10.37.238.130 255.255.255.255 192.168.212.33 tag 10 description ZOS TRS2 LPAR 

 ip route-static 10.37.238.20 255.255.255.255 192.168.212.33 tag 10 description ZOS CHL1 LPAR 
 ip route-static 10.37.238.30 255.255.255.255 192.168.212.33 tag 10 description ZOS ROU1 LPAR 
 ip route-static 10.37.238.50 255.255.255.255 192.168.212.33 tag 10 description ZOS TRS1 LPAR 
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### Patrick VPN0 bastion

Au feu vert JACQUES ajouter les routes sur le fédérateur 10.103.222.34

```
 ip route-static 10.37.246.9 255.255.255.255 192.168.212.33 tag 10 description Linux OINZ VM 
 ip route-static 10.37.246.16 255.255.255.255 192.168.212.33 tag 10 description Linux LXPRDSTF VM 
 ip route-static 10.37.246.29 255.255.255.255 192.168.212.33 tag 10 description Linux OPSSAD1 VM 
 ip route-static 10.37.246.30 255.255.255.255 192.168.212.33 tag 10 description Linux TSTFSAP1 VM 
 ip route-static 10.37.246.31 255.255.255.255 192.168.212.33 tag 10 description Linux SUPESAP1 VM 
 ip route-static 10.37.246.32 255.255.255.255 192.168.212.33 tag 10 description Linux OPSRSAP1 VM 
 ip route-static 10.37.246.33 255.255.255.255 192.168.212.33 tag 10 description Linux OPSTSAP1 VM 
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

### Etape 3:  Conrôle du Basculement

#### Jacques serveur FSCURE (lille)

Contrôle par traceroute que toutes les routes vont vers Marseille (10.103.13.??):

```
i=0;for word in $(cat tracetrs100421.txt); do let i+=1;traceroute -I $word|grep 10.103.13.|sed -re "s/^.*(10.103.13.. ).*$/"$i":"$word" - \1/p"| uniq -c ; done
```

Contrôle par traceroute que plus aucune route va à tours (10.37.1.??):

```
i=0;for word in $(cat tracetrs100421.txt); do let i+=1;traceroute -I $word|grep 10.37.1.|sed -re "s/^.*(10.37.1... ).*$/"$i":"$word" - \1/p"| uniq -c ; done
```

<WRAP alert>Toutes les routes doivent aller vers Marseille</WRAP>

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### Jean-charles sur site

Contrôle du Basculement ping (toutes les partitions doivent répondre):

```
 ping 10.37.222.30
 ping 10.37.222.50
 ping 10.37.222.60
 ping 10.37.222.80
   
 ping 10.37.222.130
 ping 10.37.222.150
 ping 10.37.222.160
 ping 10.37.222.180
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### philippe sur site

Contrôle du Basculement ping (toutes les partitions doivent répondre):

```
 ping 10.37.225.120
 ping 10.37.225.210
 ping 10.37.225.180
 ping 10.37.225.170
   
 ping 10.37.235.30
 ping 10.37.235.31
 ping 10.37.235.32
 ping 10.37.235.33
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### Jacques sur site

Contrôle du Basculement ping (toutes les partitions doivent répondre):

```
 ping 10.37.238.10
 ping 10.37.238.60
 ping 10.37.238.70
 ping 10.37.238.80
 ping 10.37.238.90
 ping 10.37.238.130

 ping 10.37.238.20
 ping 10.37.238.30
 ping 10.37.238.50
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

#### Patrick VPN0 bastion

Contrôle du Basculement ping (toutes les partitions doivent répondre):

```
 ping 10.37.246.9
 ping 10.37.246.16
 ping 10.37.246.29
 ping 10.37.246.30
 ping 10.37.246.31
 ping 10.37.246.32
 ping 10.37.246.33
```
<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

### Etape 4: Confirmation du basculement

<WRAP round safety>Info RESEAU à IBM: Basculement effectué</WRAP>

## 11H30 Retour en nominal de ROU1, CHL1, TRS1 

<WRAP info>10/04 - 11H30 : RETOUR EN NOMINAL CHL1,ROU1, TRS1</WRAP>

<WRAP round safety>Feu vert IBM à RESEAU: REtour en Nominal ROU1/TRS1/CHL1</WRAP>

### Etape 1: Retrait des routes sur le fédérateur

Se connecter au fédérateur et retirer les routes :

```
undo ip route-static 10.37.238.20 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.238.30 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.238.50 255.255.255.255 192.168.212.33
undo ip route-static 10.37.225.120 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.225.210 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.225.180 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.225.170 255.255.255.255 192.168.212.33 
```

### Etape 2: Contrôle du retour en nominal

Jacques sur serveur FSECURE (Lille):

```
i=0;for word in $(cat tracetrs100421.txt); do let i+=1;traceroute -I $word|grep 10.37.1.|sed -re "s/^.*(10.37.1... ).*$/"$i":"$word" - \1/p"| uniq -c ; done
```

Seules les adresses des 3 partitions de production doivent revenir à Tours

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

### Etape 3: Confirmation du retour en nominal

<WRAP round safety>Info RESEAU à IBM: Retour en Nominal ROU1/TRS1/CHL1</WRAP>

## 15H00 Retour en nominal

<WRAP info>10/04 - 15H00 : RETOUR EN NOMINAL</WRAP>

<WRAP round safety>Feu vert IBM à RESEAU: Retour en Nominal</WRAP>

### Etape 1: Retrait de toutes les routes

```
undo ip route-static 10.37.222.30 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.222.50 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.222.60 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.222.80 255.255.255.255 192.168.212.33 
   
undo ip route-static 10.37.222.130 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.222.150 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.222.160 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.222.180 255.255.255.255 192.168.212.33 
   
undo ip route-static 10.37.235.30 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.235.31 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.235.32 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.235.33 255.255.255.255 192.168.212.33 

undo ip route-static 10.37.238.10 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.238.60 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.238.70 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.238.80 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.238.90 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.238.130 255.255.255.255 192.168.212.33 

undo ip route-static 10.37.246.9 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.246.16 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.246.29 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.246.30 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.246.31 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.246.32 255.255.255.255 192.168.212.33 
undo ip route-static 10.37.246.33 255.255.255.255 192.168.212.33 
```

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

### Etape 2:  Contrôle du retour en nominal

#### Jacques sur serveur FSECURE (Lille)

Contrôle par traceroute que toutes les routes vont vers Tours (10.37.1.??):

```
i=0;for word in $(cat tracetrs100421.txt); do let i+=1; r=0; until [ ${r} -ge 3 ]; do let r+=1;traceroute -I $word|grep 10.37.1.17|sed -re "s/^.*(10.37.1.17 ).*$/"$i":"$word" - \1/p"| uniq -c; done ; sleep 1 ; done
```

Contrôle par traceroute que plus aucune routes ne va vers Marseille (10.103.13.??):

```
 i=0;for word in $(cat tracetrs100421.txt); do let i+=1; r=0; until [ ${r} -ge 3 ]; do let r+=1; traceroute $word|grep 10.103.13.|sed -re "s/^.*(10.103.13.. ).*$/"$i":"$word" - \1/p"| uniq -c; done ; sleep 1 ; done
```

<WRAP alert>Toutes les routes doivent aller vers Tours</WRAP>

<WRAP notice>[[https://www.tchap.gouv.fr/#/room/!uLgEgknQEOOsjzYpwo:agent.finances.tchap.gouv.fr|Informer TCHAP DGFIP SNS BGP]]</WRAP>

### Etape 3: Confirmation du retour en nominal

<WRAP round safety>Info RESEAU à IBM: Retour en Nominal</WRAP>